include/dba.php

   1 <?php
   2
   3 require_once('include/datetime.php');
   4
   5 /**
   6  *
   7  * MySQL database class
   8  *
   9  * For debugging, insert 'dbg(1);' anywhere in the program flow.
  10  * dbg(0); will turn it off. Logging is performed at LOGGER_DATA level.
  11  * When logging, all binary info is converted to text and html entities are escaped so that
  12  * the debugging stream is safe to view within both terminals and web pages.
  13  *
  14  */
  15
  16 if(! class_exists('dba')) {
  17 class dba {
  18
  19         private $debug = 0;
  20         private $db;
  21         public  $mysqli = true;
  22         public  $connected = false;
  23         public  $error = false;
  24
  25         function __construct($server,$user,$pass,$db,$install = false) {
  26
  27                 $server = trim($server);
  28                 $user = trim($user);
  29                 $pass = trim($pass);
  30                 $db = trim($db);
  31
  32                 if (!(strlen($server) && strlen($user))){
  33                         $this->connected = false;
  34                         $this->db = null;
  35                         return;
  36                 }
  37
  38                 if($install) {
  39                         if(strlen($server) && ($server !== 'localhost') && ($server !== '127.0.0.1')) {
  40                                 if(! dns_get_record($server, DNS_A + DNS_CNAME + DNS_PTR)) {
  41                                         $this->error = sprintf( t('Cannot locate DNS info for database server \'%s\''), $server);
  42                                         $this->connected = false;
  43                                         $this->db = null;
  44                                         return;
  45                                 }
  46                         }
  47                 }
  48
  49                 if(class_exists('mysqli')) {
  50                         $this->db = @new mysqli($server,$user,$pass,$db);
  51                         if(! mysqli_connect_errno()) {
  52                                 $this->connected = true;
  53                         }
  54                 }
  55                 else {
  56                         $this->mysqli = false;
  57                         $this->db = mysql_connect($server,$user,$pass);
  58                         if($this->db && mysql_select_db($db,$this->db)) {
  59                                 $this->connected = true;
  60                         }
  61                 }
  62                 if(! $this->connected) {
  63                         $this->db = null;
  64                         if(! $install)
  65                                 system_unavailable();
  66                 }
  67         }
  68
  69         public function getdb() {
  70                 return $this->db;
  71         }
  72
  73         public function q($sql) {
  74
  75                 if((! $this->db) || (! $this->connected))
  76                         return false;
  77
  78                 $this->error = '';
  79
  80                 if($this->mysqli)
  81                         $result = @$this->db->query($sql);
  82                 else
  83                         $result = @mysql_query($sql,$this->db);
  84
  85                 if($this->mysqli) {
  86                         if($this->db->errno)
  87                                 $this->error = $this->db->error;
  88                 }
  89                 elseif(mysql_errno($this->db))
  90                                 $this->error = mysql_error($this->db);
  91
  92                 if(strlen($this->error)) {
  93                         logger('dba: ' . $this->error);
  94                 }
  95
  96                 if($this->debug) {
  97
  98                         $mesg = '';
  99
 100                         if($result === false)
 101                                 $mesg = 'false';
 102                         elseif($result === true)
 103                                 $mesg = 'true';
 104                         else {
 105                                 if($this->mysqli)
 106                                         $mesg = $result->num_rows . ' results' . EOL;
 107                         else
 108                                         $mesg = mysql_num_rows($result) . ' results' . EOL;
 109                         }
 110
 111                         $str =  'SQL = ' . printable($sql) . EOL . 'SQL returned ' . $mesg
 112                                 . (($this->error) ? ' error: ' . $this->error : '')
 113                                 . EOL;
 114
 115                         logger('dba: ' . $str );
 116                 }
 117
 118                 /**
 119                  * If dbfail.out exists, we will write any failed calls directly to it,
 120                  * regardless of any logging that may or may nor be in effect.
 121                  * These usually indicate SQL syntax errors that need to be resolved.
 122                  */
 123
 124                 if($result === false) {
 125                         logger('dba: ' . printable($sql) . ' returned false.');
 126                         if(file_exists('dbfail.out'))
 127                                 file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND);
 128                 }
 129
 130                 if(($result === true) || ($result === false))
 131                         return $result;
 132
 133                 $r = array();
 134                 if($this->mysqli) {
 135                         if($result->num_rows) {
 136                                 while($x = $result->fetch_array(MYSQLI_ASSOC))
 137                                         $r[] = $x;
 138                                 $result->free_result();
 139                         }
 140                 }
 141                 else {
 142                         if(mysql_num_rows($result)) {
 143                                 while($x = mysql_fetch_array($result, MYSQL_ASSOC))
 144                                         $r[] = $x;
 145                                 mysql_free_result($result);
 146                         }
 147                 }
 148
 149
 150                 if($this->debug)
 151                         logger('dba: ' . printable(print_r($r, true)));
 152                 return($r);
 153         }
 154
 155         public function dbg($dbg) {
 156                 $this->debug = $dbg;
 157         }
 158
 159         public function escape($str) {
 160                 if($this->db && $this->connected) {
 161                         if($this->mysqli)
 162                                 return @$this->db->real_escape_string($str);
 163                         else
 164                                 return @mysql_real_escape_string($str,$this->db);
 165                 }
 166         }
 167
 168         function __destruct() {
 169                 if ($this->db)
 170                         if($this->mysqli)
 171                                 $this->db->close();
 172                         else
 173                                 mysql_close($this->db);
 174         }
 175 }}
 176
 177 if(! function_exists('printable')) {
 178 function printable($s) {
 179         $s = preg_replace("~([\x01-\x08\x0E-\x0F\x10-\x1F\x7F-\xFF])~",".", $s);
 180         $s = str_replace("\x00",'.',$s);
 181         if(x($_SERVER,'SERVER_NAME'))
 182                 $s = escape_tags($s);
 183         return $s;
 184 }}
 185
 186 // Procedural functions
 187 if(! function_exists('dbg')) {
 188 function dbg($state) {
 189         global $db;
 190         if($db)
 191         $db->dbg($state);
 192 }}
 193
 194 if(! function_exists('dbesc')) {
 195 function dbesc($str) {
 196         global $db;
 197         if($db && $db->connected)
 198                 return($db->escape($str));
 199         else
 200                 return(str_replace("'","\\'",$str));
 201 }}
 202
 203
 204
 205 // Function: q($sql,$args);
 206 // Description: execute SQL query with printf style args.
 207 // Example: $r = q("SELECT * FROM `%s` WHERE `uid` = %d",
 208 //                   'user', 1);
 209
 210 if(! function_exists('q')) {
 211 function q($sql) {
 212
 213         global $db;
 214         $args = func_get_args();
 215         unset($args[0]);
 216
 217         if($db && $db->connected) {
 218                 $stmt = vsprintf($sql,$args);
 219                 if($stmt === false)
 220                         logger('dba: vsprintf error: ' . print_r(debug_backtrace(),true));
 221                 return $db->q($stmt);
 222         }
 223
 224         /**
 225          *
 226          * This will happen occasionally trying to store the
 227          * session data after abnormal program termination
 228          *
 229          */
 230         logger('dba: no database: ' . print_r($args,true));
 231         return false;
 232
 233 }}
 234
 235 /**
 236  *
 237  * Raw db query, no arguments
 238  *
 239  */
 240
 241 if(! function_exists('dbq')) {
 242 function dbq($sql) {
 243
 244         global $db;
 245         if($db && $db->connected)
 246                 $ret = $db->q($sql);
 247         else
 248                 $ret = false;
 249         return $ret;
 250 }}
 251
 252
 253 // Caller is responsible for ensuring that any integer arguments to
 254 // dbesc_array are actually integers and not malformed strings containing
 255 // SQL injection vectors. All integer array elements should be specifically
 256 // cast to int to avoid trouble.
 257
 258
 259 if(! function_exists('dbesc_array_cb')) {
 260 function dbesc_array_cb(&$item, $key) {
 261         if(is_string($item))
 262                 $item = dbesc($item);
 263 }}
 264
 265
 266 if(! function_exists('dbesc_array')) {
 267 function dbesc_array(&$arr) {
 268         if(is_array($arr) && count($arr)) {
 269                 array_walk($arr,'dbesc_array_cb');
 270         }
 271 }}