* When logging, all binary info is converted to text and html entities are escaped so that
* the debugging stream is safe to view within both terminals and web pages.
*
+ * This class is for the low level database stuff that does driver specific things.
*/
class dba {
public $connected = false;
public $error = false;
private $_server_info = '';
+ private static $in_transaction = false;
private static $dbo;
+ private static $relation = array();
- function __construct($server, $user, $pass, $db, $install = false) {
+ function __construct($serveraddr, $user, $pass, $db, $install = false) {
$a = get_app();
$stamp1 = microtime(true);
+ $serveraddr = trim($serveraddr);
+
+ $serverdata = explode(':', $serveraddr);
+ $server = $serverdata[0];
+
+ if (count($serverdata) > 1) {
+ $port = trim($serverdata[1]);
+ }
+
$server = trim($server);
$user = trim($user);
$pass = trim($pass);
if (class_exists('\PDO') && in_array('mysql', PDO::getAvailableDrivers())) {
$this->driver = 'pdo';
$connect = "mysql:host=".$server.";dbname=".$db;
+
+ if (isset($port)) {
+ $connect .= ";port=".$port;
+ }
+
if (isset($a->config["system"]["db_charset"])) {
$connect .= ";charset=".$a->config["system"]["db_charset"];
}
}
} elseif (class_exists('mysqli')) {
$this->driver = 'mysqli';
- $this->db = @new mysqli($server,$user,$pass,$db);
+ $this->db = @new mysqli($server, $user, $pass, $db, $port);
if (!mysqli_connect_errno()) {
$this->connected = true;
}
} elseif (function_exists('mysql_connect')) {
$this->driver = 'mysql';
- $this->db = mysql_connect($server,$user,$pass);
- if ($this->db && mysql_select_db($db,$this->db)) {
+ $this->db = mysql_connect($serveraddr, $user, $pass);
+ if ($this->db && mysql_select_db($db, $this->db)) {
$this->connected = true;
if (isset($a->config["system"]["db_charset"])) {
return $r[0]['db'];
}
- /**
- * @brief Returns the number of rows
- *
- * @return integer
- */
- public function num_rows() {
- if (!$this->result) {
- return 0;
- }
-
- switch ($this->driver) {
- case 'pdo':
- $rows = $this->result->rowCount();
- break;
- case 'mysqli':
- $rows = $this->result->num_rows;
- break;
- case 'mysql':
- $rows = mysql_num_rows($this->result);
- break;
- }
- return $rows;
- }
-
/**
* @brief Analyze a database query and log this if some conditions are met.
*
return($r);
}
- public function qfetch() {
- $x = false;
-
- if ($this->result) {
- switch ($this->driver) {
- case 'pdo':
- $x = $this->result->fetch(PDO::FETCH_ASSOC);
- break;
- case 'mysqli':
- $x = $this->result->fetch_array(MYSQLI_ASSOC);
- break;
- case 'mysql':
- $x = mysql_fetch_array($this->result, MYSQL_ASSOC);
- break;
- }
- }
- return($x);
- }
-
- public function qclose() {
- if ($this->result) {
- switch ($this->driver) {
- case 'pdo':
- $this->result->closeCursor();
- break;
- case 'mysqli':
- $this->result->free_result();
- break;
- case 'mysql':
- mysql_free_result($this->result);
- break;
- }
- }
- }
-
public function dbg($dbg) {
$this->debug = $dbg;
}
}
/**
- * @brief Executes a prepared statement
+ * @brief beautifies the query - useful for "SHOW PROCESSLIST"
+ *
+ * This is safe when we bind the parameters later.
+ * The parameter values aren't part of the SQL.
+ *
+ * @param string $sql An SQL string without the values
+ * @return string The input SQL string modified if necessary.
+ */
+ public function clean_query($sql) {
+ $search = array("\t", "\n", "\r", " ");
+ $replace = array(' ', ' ', ' ', ' ');
+ do {
+ $oldsql = $sql;
+ $sql = str_replace($search, $replace, $sql);
+ } while ($oldsql != $sql);
+
+ return $sql;
+ }
+
+
+ /**
+ * @brief Replaces the ? placeholders with the parameters in the $args array
*
+ * @param string $sql SQL query
+ * @param array $args The parameters that are to replace the ? placeholders
+ * @return string The replaced SQL query
+ */
+ static private function replace_parameters($sql, $args) {
+ $offset = 0;
+ foreach ($args AS $param => $value) {
+ if (is_int($args[$param]) OR is_float($args[$param])) {
+ $replace = intval($args[$param]);
+ } else {
+ $replace = "'".self::$dbo->escape($args[$param])."'";
+ }
+
+ $pos = strpos($sql, '?', $offset);
+ if ($pos !== false) {
+ $sql = substr_replace($sql, $replace, $pos, 1);
+ }
+ $offset = $pos + strlen($replace);
+ }
+ return $sql;
+ }
+
+ /**
+ * @brief Executes a prepared statement that returns data
+ * @usage Example: $r = p("SELECT * FROM `item` WHERE `guid` = ?", $guid);
* @param string $sql SQL statement
* @return object statement object
*/
$args = func_get_args();
unset($args[0]);
+ // When the second function parameter is an array then use this as the parameter array
+ if ((count($args) > 0) AND (is_array($args[1]))) {
+ $params = $args[1];
+ } else {
+ $params = $args;
+ }
+
+ // Renumber the array keys to be sure that they fit
+ $i = 0;
+ $args = array();
+ foreach ($params AS $param) {
+ $args[++$i] = $param;
+ }
+
if (!self::$dbo OR !self::$dbo->connected) {
return false;
}
- $sql = self::$dbo->any_value_fallback($sql);
+ if (substr_count($sql, '?') != count($args)) {
+ // Question: Should we continue or stop the query here?
+ logger('Parameter mismatch. Query "'.$sql.'" - Parameters '.print_r($args, true), LOGGER_DEBUG);
+ }
- $orig_sql = $sql;
+ $sql = self::$dbo->clean_query($sql);
+ $sql = self::$dbo->any_value_fallback($sql);
if (x($a->config,'system') && x($a->config['system'], 'db_callstack')) {
$sql = "/*".$a->callstack()." */ ".$sql;
}
+ self::$dbo->error = '';
+ self::$dbo->errorno = 0;
+
switch (self::$dbo->driver) {
case 'pdo':
if (!$stmt = self::$dbo->db->prepare($sql)) {
}
if (!$stmt->execute()) {
- $errorInfo = self::$dbo->db->errorInfo();
+ $errorInfo = $stmt->errorInfo();
self::$dbo->error = $errorInfo[2];
self::$dbo->errorno = $errorInfo[1];
$retval = false;
$stmt = self::$dbo->db->stmt_init();
if (!$stmt->prepare($sql)) {
- self::$dbo->error = self::$dbo->db->error;
- self::$dbo->errorno = self::$dbo->db->errno;
+ self::$dbo->error = $stmt->error;
+ self::$dbo->errorno = $stmt->errno;
$retval = false;
break;
}
$values[] = &$args[$param];
}
- array_unshift($values, $params);
-
- call_user_func_array(array($stmt, 'bind_param'), $values);
+ if (count($values) > 0) {
+ array_unshift($values, $params);
+ call_user_func_array(array($stmt, 'bind_param'), $values);
+ }
if (!$stmt->execute()) {
self::$dbo->error = self::$dbo->db->error;
self::$dbo->errorno = self::$dbo->db->errno;
$retval = false;
- } elseif (method_exists($stmt, 'get_result')) {
- // Is mysqlnd installed?
- $retval = $stmt->get_result();
} else {
$stmt->store_result();
$retval = $stmt;
break;
case 'mysql':
// For the old "mysql" functions we cannot use prepared statements
- foreach ($args AS $param => $value) {
- if (is_int($args[$param]) OR is_float($args[$param])) {
- $replace = intval($args[$param]);
- } else {
- $replace = "'".dbesc($args[$param])."'";
- }
-
- $pos = strpos($sql, '?');
- if ($pos !== false) {
- $sql = substr_replace($sql, $replace, $pos, 1);
- }
- }
-
- $retval = mysql_query($sql, self::$dbo->db);
+ $retval = mysql_query(self::replace_parameters($sql, $args), self::$dbo->db);
if (mysql_errno(self::$dbo->db)) {
self::$dbo->error = mysql_error(self::$dbo->db);
self::$dbo->errorno = mysql_errno(self::$dbo->db);
break;
}
+ if (self::$dbo->errorno != 0) {
+ logger('DB Error '.self::$dbo->errorno.': '.self::$dbo->error."\n".
+ $a->callstack(8))."\n".self::replace_parameters($sql, $args);
+ }
+
$a->save_timestamp($stamp1, 'database');
- if (x($a->config,'system') && x($a->config['system'], 'db_log')) {
+ if (x($a->config,'system') && x($a->config['system'], 'db_log')) {
$stamp2 = microtime(true);
$duration = (float)($stamp2 - $stamp1);
- if (($duration > $a->config["system"]["db_loglimit"])) {
- $duration = round($duration, 3);
- $backtrace = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS);
- @file_put_contents($a->config["system"]["db_log"], datetime_convert()."\t".$duration."\t".
- basename($backtrace[1]["file"])."\t".
- $backtrace[1]["line"]."\t".$backtrace[2]["function"]."\t".
- substr($sql, 0, 2000)."\n", FILE_APPEND);
- }
- }
+ if (($duration > $a->config["system"]["db_loglimit"])) {
+ $duration = round($duration, 3);
+ $backtrace = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS);
+
+ @file_put_contents($a->config["system"]["db_log"], datetime_convert()."\t".$duration."\t".
+ basename($backtrace[1]["file"])."\t".
+ $backtrace[1]["line"]."\t".$backtrace[2]["function"]."\t".
+ substr(self::replace_parameters($sql, $args), 0, 2000)."\n", FILE_APPEND);
+ }
+ }
return $retval;
}
/**
- * @brief Executes a prepared statement
+ * @brief Executes a prepared statement like UPDATE or INSERT that doesn't return data
*
* @param string $sql SQL statement
- * @return boolean Was the query successfull?
+ * @return boolean Was the query successfull? False is returned only if an error occurred
*/
static public function e($sql) {
$a = get_app();
if (is_bool($stmt)) {
$retval = $stmt;
} else {
- $retval = (self::rows($stmt) > 0);
+ $retval = (self::num_rows($stmt) > 0);
+ }
+
+ self::close($stmt);
+
+ return $retval;
+ }
+
+ /**
+ * @brief Fetches the first row
+ *
+ * @param string $sql SQL statement
+ * @return array first row of query
+ */
+ static public function fetch_first($sql) {
+ $args = func_get_args();
+
+ $stmt = call_user_func_array('self::p', $args);
+
+ if (is_bool($stmt)) {
+ $retval = $stmt;
+ } else {
+ $retval = self::fetch($stmt);
}
self::close($stmt);
}
/**
- * @brief Returnr the number of rows of a statement
+ * @brief Returns the number of rows of a statement
*
* @param object Statement object
* @return int Number of rows
*/
- static public function rows($stmt) {
+ static public function num_rows($stmt) {
+ if (!is_object($stmt)) {
+ return 0;
+ }
switch (self::$dbo->driver) {
case 'pdo':
return $stmt->rowCount();
case 'pdo':
return $stmt->fetch(PDO::FETCH_ASSOC);
case 'mysqli':
- // When mysqlnd is installed, we can use a shortcut
- if (method_exists($stmt, 'fetch_array')) {
- return $stmt->fetch_array(MYSQLI_ASSOC);
- }
-
// This code works, but is slow
// Bind the result to a result array
call_user_func_array(array($stmt, 'bind_result'), $cols);
- $success = $stmt->fetch();
-
- if (!$success) {
+ if (!$stmt->fetch()) {
return false;
}
}
}
+ /**
+ * @brief Insert a row into a table
+ *
+ * @param string $table Table name
+ * @param array $param parameter array
+ *
+ * @return boolean was the insert successfull?
+ */
+ static public function insert($table, $param) {
+ $sql = "INSERT INTO `".self::$dbo->escape($table)."` (`".implode("`, `", array_keys($param))."`) VALUES (".
+ substr(str_repeat("?, ", count($param)), 0, -2).");";
+
+ return self::e($sql, $param);
+ }
+
+ /**
+ * @brief Starts a transaction
+ *
+ * @return boolean Was the command executed successfully?
+ */
+ static public function transaction() {
+ if (!self::e('COMMIT')) {
+ return false;
+ }
+ if (!self::e('START TRANSACTION')) {
+ return false;
+ }
+ self::$in_transaction = true;
+ return true;
+ }
+
+ /**
+ * @brief Does a commit
+ *
+ * @return boolean Was the command executed successfully?
+ */
+ static public function commit() {
+ if (!self::e('COMMIT')) {
+ return false;
+ }
+ self::$in_transaction = false;
+ return true;
+ }
+
+ /**
+ * @brief Does a rollback
+ *
+ * @return boolean Was the command executed successfully?
+ */
+ static public function rollback() {
+ if (!self::e('ROLLBACK')) {
+ return false;
+ }
+ self::$in_transaction = false;
+ return true;
+ }
+
+ /**
+ * @brief Build the array with the table relations
+ *
+ * The array is build from the database definitions in dbstructure.php
+ *
+ * This process must only be started once, since the value is cached.
+ */
+ static private function build_relation_data() {
+ $definition = db_definition();
+
+ foreach ($definition AS $table => $structure) {
+ foreach ($structure['fields'] AS $field => $field_struct) {
+ if (isset($field_struct['relation'])) {
+ foreach ($field_struct['relation'] AS $rel_table => $rel_field) {
+ self::$relation[$rel_table][$rel_field][$table][] = $field;
+ }
+ }
+ }
+ }
+ }
+
+ /**
+ * @brief Delete a row from a table
+ *
+ * @param string $table Table name
+ * @param array $param parameter array
+ * @param boolean $in_process Internal use: Only do a commit after the last delete
+ * @param array $callstack Internal use: prevent endless loops
+ *
+ * @return boolean|array was the delete successfull? When $in_process is set: deletion data
+ */
+ static public function delete($table, $param, $in_process = false, &$callstack = array()) {
+
+ $commands = array();
+
+ // Create a key for the loop prevention
+ $key = $table.':'.implode(':', array_keys($param)).':'.implode(':', $param);
+
+ // We quit when this key already exists in the callstack.
+ if (isset($callstack[$key])) {
+ return $commands;
+ }
+
+ $callstack[$key] = true;
+
+ $table = self::$dbo->escape($table);
+
+ $commands[$key] = array('table' => $table, 'param' => $param);
+
+ // To speed up the whole process we cache the table relations
+ if (count(self::$relation) == 0) {
+ self::build_relation_data();
+ }
+
+ // Is there a relation entry for the table?
+ if (isset(self::$relation[$table])) {
+ // We only allow a simple "one field" relation.
+ $field = array_keys(self::$relation[$table])[0];
+ $rel_def = array_values(self::$relation[$table])[0];
+
+ // Create a key for preventing double queries
+ $qkey = $field.'-'.$table.':'.implode(':', array_keys($param)).':'.implode(':', $param);
+
+ // When the search field is the relation field, we don't need to fetch the rows
+ // This is useful when the leading record is already deleted in the frontend but the rest is done in the backend
+ if ((count($param) == 1) AND ($field == array_keys($param)[0])) {
+ foreach ($rel_def AS $rel_table => $rel_fields) {
+ foreach ($rel_fields AS $rel_field) {
+ $retval = self::delete($rel_table, array($rel_field => array_values($param)[0]), true, $callstack);
+ $commands = array_merge($commands, $retval);
+ }
+ }
+ // We quit when this key already exists in the callstack.
+ } elseif (!isset($callstack[$qkey])) {
+
+ $callstack[$qkey] = true;
+
+ // Fetch all rows that are to be deleted
+ $sql = "SELECT ".self::$dbo->escape($field)." FROM `".$table."` WHERE `".
+ implode("` = ? AND `", array_keys($param))."` = ?";
+
+ $data = self::p($sql, $param);
+ while ($row = self::fetch($data)) {
+ // Now we accumulate the delete commands
+ $retval = self::delete($table, array($field => $row[$field]), true, $callstack);
+ $commands = array_merge($commands, $retval);
+ }
+
+ // Since we had split the delete command we don't need the original command anymore
+ unset($commands[$key]);
+ }
+ }
+
+ if (!$in_process) {
+ // Now we finalize the process
+ $do_transaction = !self::$in_transaction;
+
+ if ($do_transaction) {
+ self::transaction();
+ }
+
+ $compacted = array();
+ $counter = array();
+ foreach ($commands AS $command) {
+ if (count($command['param']) > 1) {
+ $sql = "DELETE FROM `".$command['table']."` WHERE `".
+ implode("` = ? AND `", array_keys($command['param']))."` = ?";
+
+ logger(dba::replace_parameters($sql, $command['param']), LOGGER_DATA);
+
+ if (!self::e($sql, $command['param'])) {
+ if ($do_transaction) {
+ self::rollback();
+ }
+ return false;
+ }
+ } else {
+ $key_table = $command['table'];
+ $key_param = array_keys($command['param'])[0];
+ $value = array_values($command['param'])[0];
+
+ // Split the SQL queries in chunks of 100 values
+ // We do the $i stuff here to make the code better readable
+ $i = $counter[$key_table][$key_param];
+ if (count($compacted[$key_table][$key_param][$i]) > 100) {
+ ++$i;
+ }
+
+ $compacted[$key_table][$key_param][$i][$value] = $value;
+ $counter[$key_table][$key_param] = $i;
+ }
+ }
+ foreach ($compacted AS $table => $values) {
+ foreach ($values AS $field => $field_value_list) {
+ foreach ($field_value_list AS $field_values) {
+ $sql = "DELETE FROM `".$table."` WHERE `".$field."` IN (".
+ substr(str_repeat("?, ", count($field_values)), 0, -2).");";
+
+ logger(dba::replace_parameters($sql, $field_values), LOGGER_DATA);
+
+ if (!self::e($sql, $field_values)) {
+ if ($do_transaction) {
+ self::rollback();
+ }
+ return false;
+ }
+ }
+ }
+ }
+ if ($do_transaction) {
+ self::commit();
+ }
+ return true;
+ }
+
+ return $commands;
+ }
+
+ /**
+ * @brief Updates rows
+ *
+ * Updates rows in the database. When $old_fields is set to an array,
+ * the system will only do an update if the fields in that array changed.
+ *
+ * Attention:
+ * Only the values in $old_fields are compared.
+ * This is an intentional behaviour.
+ *
+ * Example:
+ * We include the timestamp field in $fields but not in $old_fields.
+ * Then the row will only get the new timestamp when the other fields had changed.
+ *
+ * When $old_fields is set to a boolean value the system will do this compare itself.
+ * When $old_fields is set to "true" the system will do an insert if the row doesn't exists.
+ *
+ * Attention:
+ * Only set $old_fields to a boolean value when you are sure that you will update a single row.
+ * When you set $old_fields to "true" then $fields must contain all relevant fields!
+ *
+ * @param string $table Table name
+ * @param array $fields contains the fields that are updated
+ * @param array $condition condition array with the key values
+ * @param array|boolean $old_fields array with the old field values that are about to be replaced
+ *
+ * @return boolean was the update successfull?
+ */
+ static public function update($table, $fields, $condition, $old_fields = array()) {
+
+ /** @todo We may use MySQL specific functions here:
+ * INSERT INTO `config` (`cat`, `k`, `v`) VALUES ('%s', '%s', '%s') ON DUPLICATE KEY UPDATE `v` = '%s'"
+ * But I think that it doesn't make sense here.
+ */
+
+ $table = self::$dbo->escape($table);
+
+ if (is_bool($old_fields)) {
+ $sql = "SELECT * FROM `".$table."` WHERE `".
+ implode("` = ? AND `", array_keys($condition))."` = ? LIMIT 1";
+
+ $params = array();
+ foreach ($condition AS $value) {
+ $params[] = $value;
+ }
+
+ $do_insert = $old_fields;
+
+ $old_fields = self::fetch_first($sql, $params);
+ if (is_bool($old_fields)) {
+ if ($do_insert) {
+ return self::insert($table, $fields);
+ }
+ $old_fields = array();
+ }
+ }
+
+ $do_update = (count($old_fields) == 0);
+
+ foreach ($old_fields AS $fieldname => $content) {
+ if (isset($fields[$fieldname])) {
+ if ($fields[$fieldname] == $content) {
+ unset($fields[$fieldname]);
+ } else {
+ $do_update = true;
+ }
+ }
+ }
+
+ if (!$do_update OR (count($fields) == 0)) {
+ return true;
+ }
+
+ $sql = "UPDATE `".$table."` SET `".
+ implode("` = ?, `", array_keys($fields))."` = ? WHERE `".
+ implode("` = ? AND `", array_keys($condition))."` = ?";
+
+ $params = array();
+ foreach ($fields AS $value) {
+ $params[] = $value;
+ }
+ foreach ($condition AS $value) {
+ $params[] = $value;
+ }
+
+ return self::e($sql, $params);
+ }
+
+ /**
+ * @brief Select rows from a table
+ *
+ * @param string $table Table name
+ * @param array $fields array of selected fields
+ * @param array $condition array of fields for condition
+ * @param array $params array of several parameters
+ *
+ * @return boolean|object If "limit" is equal "1" only a single row is returned, else a query object is returned
+ *
+ * Example:
+ * $table = "item";
+ * $fields = array("id", "uri", "uid", "network");
+ * $condition = array("uid" => 1, "network" => 'dspr');
+ * $params = array("order" => array("id", "received" => true), "limit" => 1);
+ *
+ * $data = dba::select($table, $fields, $condition, $params);
+ */
+ static public function select($table, $fields = array(), $condition = array(), $params = array()) {
+ if ($table == '') {
+ return false;
+ }
+
+ if (count($fields) > 0) {
+ $select_fields = "`".implode("`, `", array_values($fields))."`";
+ } else {
+ $select_fields = "*";
+ }
+
+ if (count($condition) > 0) {
+ $condition_string = " WHERE `".implode("` = ? AND `", array_keys($condition))."` = ?";
+ } else {
+ $condition_string = "";
+ }
+
+ $param_string = '';
+ $single_row = false;
+
+ if (isset($params['order'])) {
+ $param_string .= " ORDER BY ";
+ foreach ($params['order'] AS $fields => $order) {
+ if (!is_int($fields)) {
+ $param_string .= "`".$fields."` ".($order ? "DESC" : "ASC").", ";
+ } else {
+ $param_string .= "`".$order."`, ";
+ }
+ }
+ $param_string = substr($param_string, 0, -2);
+ }
+
+ if (isset($params['limit'])) {
+ if (is_int($params['limit'])) {
+ $param_string .= " LIMIT ".$params['limit'];
+ $single_row =($params['limit'] == 1);
+ }
+ }
+
+ $sql = "SELECT ".$select_fields." FROM `".$table."`".$condition_string.$param_string;
+
+ $result = self::p($sql, $condition);
+
+ if (is_bool($result) OR !$single_row) {
+ return $result;
+ } else {
+ $row = self::fetch($result);
+ self::close($result);
+ return $row;
+ }
+ }
+
/**
* @brief Closes the current statement
*
case 'pdo':
return $stmt->closeCursor();
case 'mysqli':
+ return $stmt->free_result();
return $stmt->close();
case 'mysql':
return mysql_free_result($stmt);
unset($args[0]);
if ($db && $db->connected) {
+ $sql = $db->clean_query($sql);
$sql = $db->any_value_fallback($sql);
$stmt = @vsprintf($sql,$args); // Disabled warnings
//logger("dba: q: $stmt", LOGGER_ALL);
unset($args[0]);
if ($db && $db->connected) {
+ $sql = $db->clean_query($sql);
$sql = $db->any_value_fallback($sql);
$stmt = @vsprintf($sql,$args); // Disabled warnings
if ($stmt === false)
projects / friendica.git / blobdiff