Just a few guidelines
- Create a class, not set of independent functions
- Whatever real_escape_string function does not protect anything and should not used for this purpose. PDO doesn't have a function like this at all. Applying this function to a whole query will make absolutely no sense.
- Therefore,
qry()
function simply won't work. - It won't work also because $db is out of scope.
- Please don't die()! Throw an exception instead. PDO does it already, no code required
The rest is quite okay, though I would get rid of bnd()
and prep()
functions to make it all in one ex()
call. And also I would make separate functions to get separate result types, like scalar, row, array of rows and resource. Here is an example of what I am talking about: a safeMysql class based on the pretty similar concept