+// SQL string escaping
+function sqlQueryEscaped ($sqlString, $data, $file, $line, $run = TRUE, $strip = TRUE, $secure = TRUE) {
+ // Link is there?
+ if ((!isSqlLinkUp()) || (!is_array($data))) {
+ // Link is down or data is not an array
+ //* DEBUG: */ logDebugMessage($file, $line, 'isSqlLinkUp()=' . intval(isSqlLinkUp()) . ',data[]=' . gettype($data) . ',sqlString=' . $sqlString . ': ABORTING!');
+ return FALSE;
+ } // END - if
+
+ // Init array for escape'd data with SQL string
+ $dataSecured = array(
+ '__sql_string' => $sqlString
+ );
+
+ // Escape all data
+ foreach ($data as $key => $value) {
+ $dataSecured[$key] = sqlEscapeString($value, $secure, $strip);
+ } // END - foreach
+
+ // Generate query
+ $query = call_user_func_array('sprintf', $dataSecured);
+
+ if ($run === TRUE) {
+ // Run SQL query (default)
+ return sqlQuery($query, $file, $line);
+ } else {
+ // Return secured string
+ return $query;
+ }
+}
+
+// SELECT query string from table, columns and so on... ;-)
+function getSqlResultFromArray ($table, $columns, $idRow, $id, $file, $line) {
+ // Is columns an array?
+ if (!is_array($columns)) {
+ // No array
+ reportBug(__FUNCTION__, __LINE__, sprintf('columns is not an array. %s != array, file=%s, line=%s',
+ gettype($columns),
+ basename($file),
+ $line
+ ));
+
+ // Abort here with 'false'
+ return FALSE;
+ } // END - if
+
+ // Is this is a simple array?
+ if ((is_array($columns[0])) && (isset($columns[0]['column']))) {
+ // Begin with SQL query
+ $sql = 'SELECT ';
+
+ // No, it comes from XML, so get it back from it
+ $sql .= getSqlPartFromXmlArray($columns);
+
+ // Finalize it
+ $sql .= " FROM `{?_MYSQL_PREFIX?}_%s` WHERE `%s`='%s' LIMIT 1";
+ } else {
+ // Yes, prepare the SQL statement
+ $sql = 'SELECT `' . implode('`, `', $columns) . "` FROM `{?_MYSQL_PREFIX?}_%s` WHERE `%s`='%s' LIMIT 1";
+ }
+
+ // Return the result
+ return sqlQueryEscaped($sql,
+ array(
+ $table,
+ $idRow,
+ bigintval($id),
+ ), $file, $line
+ );
+}
+
+// ALTER TABLE wrapper function
+function sqlQueryAlterTable ($sql, $file, $line, $enableCodes = TRUE) {
+ // Abort if link is down
+ if (!isSqlLinkUp()) return FALSE;
+
+ // This is the default result...
+ $result = FALSE;
+
+ // Determine index/fulltext/unique word
+ $isAlterIndex = (
+ (
+ isInString('INDEX', $sql)
+ ) || (
+ isInString('KEY', $sql)
+ ) || (
+ isInString('FULLTEXT', $sql)
+ ) || (
+ isInString('UNIQUE', $sql)
+ )
+ );
+
+ // Extract table name
+ $tableArray = explode(' ', $sql);
+ $tableName = str_replace('`', '', $tableArray[2]);
+
+ // Debug log
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'sql=' . $sql . ',tableName=' . $tableName . ',tableArray=<pre>' . print_r($tableArray, TRUE) . '</pre>,isAlterIndex=' . intval($isAlterIndex));
+
+ // Shall we add/drop?
+ if (((isInString('ADD', $sql)) || (isInString('DROP', $sql)) || (isInString('CHANGE', $sql))) && ($isAlterIndex === FALSE)) {
+ // Try two columns, one should fix
+ foreach (array(4,5) as $idx) {
+ // If an entry is not set, abort here
+ if (!isset($tableArray[$idx])) {
+ // Debug log this
+ logDebugMessage(__FUNCTION__, __LINE__, 'columnName=' . $columnName . ',idx=' . $idx . ',sql=' . $sql . ' is missing!');
+ break;
+ } // END - if
+
+ // And column name as well
+ $columnName = $tableArray[$idx];
+
+ // Debug log
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'columnName=' . $columnName . ',idx=' . $idx . ',sql=' . $sql . ',hasZeroNums=' . intval(ifSqlTableColumnExists($tableName, $columnName)));
+
+ // Is there no entry on ADD or an entry on DROP/CHANGE?
+ if (((!ifSqlTableColumnExists($tableName, $columnName)) && (isInString('ADD', $sql))) || ((ifSqlTableColumnExists($tableName, $columnName)) && ((isInString('DROP', $sql)) || ((isInString('CHANGE', $sql)) && ($idx == 4) && ((!ifSqlTableColumnExists($tableName, $tableArray[5])) || ($columnName == $tableArray[5])))))) {
+ // Do the query
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Executing: ' . $sql);
+ $result = sqlQuery($sql, $file, $line, FALSE);
+
+ // Skip further attempt(s)
+ break;
+ } elseif ((((ifSqlTableColumnExists($tableName, $columnName)) && (isInString('ADD', $sql))) || ((!ifSqlTableColumnExists($tableName, $columnName)) && ((isInString('DROP', $sql))) || (isInString('CHANGE', $sql)))) && ($columnName != 'KEY')) {
+ // Abort here because it is alreay there
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Skipped: sql=' . $sql . ',columnName=' . $columnName . ',idx=' . $idx);
+ break;
+ } elseif ((!ifSqlTableColumnExists($tableName, $columnName)) && (isInString('DROP', $sql))) {
+ // Abort here because we tried to drop a column which is not there (never created maybe)
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'No drop: ' . $sql);
+ break;
+ } elseif ($columnName != 'KEY') {
+ // Something didn't fit, we better log it
+ logDebugMessage(__FUNCTION__, __LINE__, 'Possible problem: ' . $sql . ',hasZeroNums=' . intval(ifSqlTableColumnExists($tableName, $columnName)) . '');
+ }
+ } // END - foreach
+ } elseif ((getTableType() == 'InnoDB') && (isInString('FULLTEXT', $sql))) {
+ // Skip this query silently because InnoDB does not understand fulltext indexes
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, sprintf('Skipped FULLTEXT: sql=%s,tableName=%s,hasZeroNums=%d,file=%s,line=%s', $sql, $tableName, intval((is_bool($result)) ? 0 : ifSqlTableColumnExists($columnName)), $file, $line));
+ } elseif ($isAlterIndex === TRUE) {
+ // And column name as well without backticks
+ $keyName = str_replace('`', '', $tableArray[5]);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'keyName=' . $keyName . ',tableArray=<pre>' . print_r($tableArray, TRUE) . '</pre>');
+
+ // Is this "UNIQUE" or so? FULLTEXT has been handled the elseif() block above
+ if (in_array(strtoupper($tableArray[4]), array('INDEX', 'UNIQUE', 'KEY', 'FULLTEXT'))) {
+ // Init loop
+ $begin = 1;
+ $keyName = ',';
+ while (isInString(',', $keyName)) {
+ // Use last
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'keyName=' . $keyName . 'begin=' . $begin . ' - BEFORE');
+ $keyName = str_replace('`', '', $tableArray[count($tableArray) - $begin]);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'keyName=' . $keyName . 'begin=' . $begin . ' - BETWEEN');
+
+ // Remove brackes
+ $keyName = str_replace(array('(', ')'), array('', ''), $keyName);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'keyName=' . $keyName . 'begin=' . $begin . ' - AFTER');
+
+ // Continue
+ $begin++;
+ } // END while
+ } // END - if
+
+ // Shall we run it?
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'tableName=' . $tableName . ', tableArray[3]=' . $tableArray[3] . ',keyName=' . $keyName);
+ if (($tableArray[3] == 'ADD') && (!ifSqlTableIndexExist($tableName, $keyName))) {
+ // Send it to the sqlQuery() function to add it
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'sql=' . $sql . ' - ADDING!');
+ $result = sqlQuery($sql, $file, $line, $enableCodes);
+ } elseif (($tableArray[3] == 'DROP') && (ifSqlTableIndexExist($tableName, $keyName))) {
+ // Send it to the sqlQuery() function to drop it
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'sql=' . $sql . ' - DROPPING!');
+ $result = sqlQuery($sql, $file, $line, $enableCodes);
+ } else {
+ // Not executed
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Not executed: ' . $sql);
+ }
+ } else {
+ // Other ALTER TABLE query
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, $sql);
+ $result = sqlQuery($sql, $file, $line, $enableCodes);
+ }
+
+ // Return result
+ return $result;
+}
+
+// Getter for SQL link
+function getSqlLink () {
+ // Init link
+ $link = NULL;
+
+ // Is it in the globals?
+ if (isset($GLOBALS['__sql_link'])) {
+ // Then take it
+ $link = $GLOBALS['__sql_link'];
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'link[]=' . gettype($link) . ' - FROM GLOBALS!');
+ } // END - if
+
+ // Return it
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'link[]=' . gettype($link) . ' - EXIT!');
+ return $link;
+}
+
+// Setter for link
+// Do *not* add debug lines here. This will cause and endless loop
+function setSqlLink ($file, $line, $link) {
+ // Is this a resource or null?
+ if ((ifFatalErrorsDetected()) && (isInstaller())) {
+ // This may happen in installation phase
+ return;
+ } elseif ((!is_resource($link)) && (!is_null($link)) && (!$link instanceof mysqli)) {
+ // This should never happen!
+ reportBug($file . ':' . __FUNCTION__, $line . ':' . __LINE__, sprintf('Type of link is not resource, null or mysqli class, type=%s', gettype($link)));
+ } // END - if
+
+ // Set it
+ $GLOBALS['__sql_link'] = $link;
+
+ // Re-init cache
+ $GLOBALS['__is_sql_link_up'] = isValidSqlLink($link);
+}
+
+// Checks if the link is up
+function isSqlLinkUp () {
+ // Is there cached this?
+ if (!isset($GLOBALS['__is_sql_link_up'])) {
+ // Something bad went wrong
+ reportBug(__FUNCTION__, __LINE__, 'Called before setSqlLink() was called!');
+ } // END - if
+
+ // Return the result
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, '__is_sql_link_up=' . intval($GLOBALS['__is_sql_link_up']) . ' - EXIT!');
+ return $GLOBALS['__is_sql_link_up'];
+}
+
+// Wrapper function to make code more readable
+function ifSqlHasZeroNums ($result) {
+ // Just pass it through
+ return (sqlNumRows($result) === 0);
+}
+
+// Wrapper function to make code more readable
+function ifSqlHasZeroAffectedRows () {
+ // Just pass it through
+ return (sqlAffectedRows() === 0);
+}
+
+// Private function to prepare the SQL query string
+function sqlPrepareQueryString ($sqlString, $enableCodes = TRUE) {
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'sqlString=' . $sqlString . ',enableCodes=' . intval($enableCodes) . ' - ENTERED!');
+
+ // Is it already cached?
+ if (!isset($GLOBALS['sql_strings']['' . $sqlString . ''])) {
+ // Preserve escaping and compile URI codes+config+expression code
+ $sqlString2 = FILTER_COMPILE_EXPRESSION_CODE(FILTER_COMPILE_CONFIG($sqlString));
+
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'sqlString2=' . $sqlString2);
+
+ // Do final compilation and revert {ESCAPE}
+ $GLOBALS['sql_strings']['' . $sqlString . ''] = doFinalCompilation($sqlString2, FALSE, $enableCodes);
+ } else {
+ // Log message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'sqlString=' . $sqlString . ' - CACHE!');
+ }
+
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'sqlString=' . $sqlString . ',enableCodes=' . intval($enableCodes) . ',sql_strings=' . $GLOBALS['sql_strings']['' . $sqlString . ''] . ' - EXIT!');
+
+ // Return it
+ return $GLOBALS['sql_strings']['' . $sqlString . ''];
+}
+
+// Creates a MySQL TIMESTAMP compatible string from given Uni* timestamp
+function getSqlTimestampFromUnix ($timestamp) {
+ return generateDateTime($timestamp, '7');
+}
+
+// Check if there is a SQL table created
+function ifSqlTableExists ($tableName) {
+ // Make sure double-prefixes are being removed
+ $tableName = str_replace('{?_MYSQL_PREFIX?}_', '', $tableName);
+
+ // Log message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'tableName=' . $tableName . ' - ENTERED!');
+
+ // Is there cache?
+ if (!isset($GLOBALS[__FUNCTION__][$tableName])) {
+ // Check if the table is there
+ $result = sqlQueryEscaped("SHOW TABLES FROM `{?__DB_NAME?}` WHERE `Tables_in_{?__DB_NAME?}`='{?_MYSQL_PREFIX?}_%s'",
+ array($tableName), __FUNCTION__, __LINE__);
+
+ // Is a link there?
+ if (!is_resource($result)) {
+ // Is installation phase?
+ if (isInstaller()) {
+ // Then silently abort here
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'result[]=' . gettype($result) . ',isLinkUp=' . intval(isSqlLinkUp()) . ',tableName=' . $tableName . ' - Returning FALSE ...');
+ return FALSE;
+ } else {
+ // Please report this
+ reportBug(__FUNCTION__, __LINE__, 'result[]=' . gettype($result) . ' is not a resource.');
+ }
+ } // END - if
+
+ // Is there an entry?
+ $GLOBALS[__FUNCTION__][$tableName] = (sqlNumRows($result) == 1);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'tableName=' . $tableName . ',numRows=' . intval($GLOBALS[__FUNCTION__][$tableName]));
+ } // END - if
+
+ // Return cache
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'tableName=' . $tableName . ',result=' . intval($GLOBALS[__FUNCTION__][$tableName]) . ' - EXIT!');
+ return $GLOBALS[__FUNCTION__][$tableName];
+}
+
+// Is a table column there?
+function ifSqlTableColumnExists ($tableName, $columnName, $forceFound = FALSE) {
+ // Remove back-ticks
+ $columnName = str_replace('`', '', $columnName);
+
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'tableName=' . $tableName . ',columnName=' . $columnName . ' - ENTERED!');
+
+ // If the table is not there, it is okay
+ if (!ifSqlTableExists($tableName)) {
+ // Then abort here
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Table ' . $tableName . ' does not exist, columnName=' . $columnName . ',forceFound=' . intval($forceFound));
+ return (($forceFound === FALSE) && (isInstaller()));
+ } // END - if
+
+ // Get column information
+ $result = sqlQueryEscaped("SHOW COLUMNS FROM `%s` LIKE '%s'",
+ array(
+ $tableName,
+ $columnName
+ ), __FUNCTION__, __LINE__);
+
+ // Is a link there?
+ if (!is_resource($result)) {
+ // Is installation phase?
+ if (isInstaller()) {
+ // Then silently abort here
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'result[]=' . gettype($result) . ',isLinkUp=' . intval(isSqlLinkUp()) . ',tableName=' . $tableName . ',columnName=' . $columnName . ' - Returning FALSE ...');
+ return $forceFound;
+ } else {
+ // Please report this
+ reportBug(__FUNCTION__, __LINE__, 'result[]=' . gettype($result) . ' is not a resource.');
+ }
+ } // END - if
+
+ // Determine it
+ $doesExist = (!ifSqlHasZeroNums($result));
+
+ // Free result
+ sqlFreeResult($result);
+
+ // Return cache
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'tableName=' . $tableName . ',columnName=' . $columnName . ',doesExist=' . intval($doesExist) . ' - EXIT!');
+ return $doesExist;
+}
+
+// Checks depending on the mode if the index is there
+function ifSqlTableIndexExist ($tableName, $keyName, $forceFound = FALSE) {
+ // Remove back-ticks
+ $keyName = str_replace('`', '', $keyName);
+
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'tableName=' . $tableName . ',keyName=' . $keyName . ' - ENTERED!');
+
+ // If the table is not there, it is okay
+ if (!ifSqlTableExists($tableName)) {
+ // Then abort here
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Table ' . $tableName . ' does not exist, keyName=' . $keyName . ',forceFound=' . intval($forceFound));
+ return (($forceFound === FALSE) && (isInstaller()));
+ } // END - if
+
+ // Show indexes
+ $result = sqlQueryEscaped("SHOW INDEX FROM `%s`", array($tableName), __FUNCTION__, __LINE__);
+
+ // Is a link there?
+ if (!is_resource($result)) {
+ // Is installation phase?
+ if (isInstaller()) {
+ // Then silently abort here
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'result[]=' . gettype($result) . ',isLinkUp=' . intval(isSqlLinkUp()) . ',tableName=' . $tableName . ',keyName=' . $keyName . ' - Returning FALSE ...');
+ return $forceFound;
+ } else {
+ // Please report this
+ reportBug(__FUNCTION__, __LINE__, 'result[]=' . gettype($result) . ' is not a resource.');
+ }
+ } // END - if
+
+ // The key is not found by default
+ $doesExist = FALSE;
+
+ // Walk through all
+ while ($content = sqlFetchArray($result)) {
+ // Is it the requested one?
+ if ($content['Key_name'] == $keyName) {
+ // Then it is found and exit
+ $doesExist = TRUE;
+ break;
+ } // END - if
+ } // END - while
+
+ // Free result
+ sqlFreeResult($result);
+
+ // Return cache
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'tableName=' . $tableName . ',keyName=' . $keyName . ',doesExist=' . intval($doesExist) . ' - EXIT!');
+ return $doesExist;
+}
+
+// Init database layer
+function initDatabaseLayer () {
+ // Set all required variables:
+ $GLOBALS['last_sql_error'] = '';
+}
+
+// Get last SQL error
+function getLastSqlError () {
+ return $GLOBALS['last_sql_error'];
+}
+
+// Gets an array (or false if none is found) from all supported engines
+function getArrayFromSupportedSqlEngines ($requestedEngine = 'ALL') {
+ // Init array
+ $engines = array();
+
+ // This also worked, now we need to check if the selected database type is supported
+ $result = sqlQuery('SHOW ENGINES', __FUNCTION__, __LINE__);
+
+ // Are there entries? (Bad if not)
+ if (!ifSqlHasZeroNums($result)) {
+ // Load all and check for active entries
+ while ($content = sqlFetchArray($result)) {
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'support=' . $requestedEngine . ',Engine=' . $content['Engine'] . ',Support=' . $content['Support']);
+
+ // Is this supported?
+ if ((($requestedEngine == 'ALL') || ($content['Engine'] == $requestedEngine)) && (in_array($content['Support'], array('YES', 'DEFAULT')))) {
+ // Add it
+ array_push($engines, $content);
+ } elseif (isDebugModeEnabled()) {
+ // Log it away in debug mode
+ logDebugMessage(__FUNCTION__, __LINE__, 'Engine ' . $content['Engine'] . ' is not supported (' . $content['Supported'] . ' - ' . $requestedEngine . ')');
+ }
+ } // END - if
+ } else {
+ // No engines! :(
+ $engines = FALSE;
+ }
+
+ // Free result
+ sqlFreeResult($result);
+
+ // Return result
+ return $engines;
+}
+
+// "Getter" for result from given table and field/type LIKEs
+function sqlGetResultFromLikeColumnsType ($tableName, $field, $type) {
+ // The table should be there
+ assert(ifSqlTableExists($tableName));
+
+ // Default no field set
+ $fieldSql = '';
+ if (!empty($field)) {
+ // Then use it
+ $fieldSql = "`Field` LIKE '" . $field . "' AND";
+ } // END - if
+
+ // Show them
+ return sqlQueryEscaped("SHOW COLUMNS FROM
+ `{?_MYSQL_PREFIX?}_%s`
+WHERE
+ " . $fieldSql . "
+ `Type` LIKE '%s%%'",
+ array(
+ $tableName,
+ $type
+ ), __FUNCTION__, __LINE__
+ );
+}
+