Using try / catch inside the constructor no longer looks good and even using return
in it, this will not work, you'd better use try / catch outside of the class, because at least it will have a sensible use for they, since using a try / catch just to check the PDO and not stop the rest of what should be part of the "same" block does not make much sense
So to explain it better, I think the problem is occurring in the connection and how you used try / catch does not emit anything or finish the script and as I said
return
"does not work" in
__construct
, then in then you try to use the
consulta
method, but the
$this->conexao
variable did not go through
try
because of some failure in the
new PDO
call, so it was still
NULL
.
You also passed bindParam
on the connection instead of using prepare
and execute
:
$this->conexao->prepare("SELECT :campos FROM :tabela"); //erro nessa linha
$this->conexao->BindParam(':campos', $campos);
$this->conexao->BindParam(':tabela', $tabela);
It should be this:
$prepare = $this->conexao->prepare("SELECT :campos FROM :tabela"); //erro nessa linha
$prepare->BindParam(...);
$prepare->BindParam(...);
Another problem that Rray addressed to me was the use of the parameters for FROM
and columns, there is no way this works the way you did, bindParam
and bindValue
function as character escapes, in fact the parameters after processing would look something like:
SELECT 'id, nome, senha' FROM 'minhatabela'
In other words, query will not look for minhatabela
in the database, it will look for 'minhatabela'
with the included apostrophes and instead of searching the 3 columns it will look for generate a column with the name id, nome, senha
, as if it were all one thing.
I suggest switching to this:
<?php
class model {
private $conexao;
public function __construct ($db, $host, $dbname, $charset, $usuario, $senha){
$this->conexao = new PDO ("$db:host=$host; dbname=$dbname; charset=$charset","$usuario","$senha");
}
public function consulta (array $campos, $tabela){
$prepare = $this->conexao->prepare("SELECT ' . $campos . ' FROM " . $tabela);
$prepare->execute();
$resultado = $prepare->fetchAll(PDO::FETCH_ASSOC);
print_r($resultado);
}
}
And in the call:
require_once 'model.php';
try{
$conn = new model("mysql","localhost", "teocratico", "UTF8","root","");
$conn->consulta("descricao","desafios");
} catch (PDOException $erro){
echo $erro->getmessage();
}
Of course, you should not pass control of $campos
and $tabela
to the end user by GET and POST, otherwise use bindParam
remembering that it always "escapes" the characters and "adds the apostrophes" in the processing