X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fdb%2Flib-mysql3.php;h=61aaa980cd7a7498ee0e30e7c1f8abb78fca6a4a;hb=7770a9545292d628afd2be4f58f86da5c9139619;hp=03e2d736f210b345261d705945717c45062c1a9e;hpb=c7f21c9eb494d8466447c1a199ec5621440d7ac8;p=mailer.git
diff --git a/inc/db/lib-mysql3.php b/inc/db/lib-mysql3.php
index 03e2d736f2..fd86300e36 100644
--- a/inc/db/lib-mysql3.php
+++ b/inc/db/lib-mysql3.php
@@ -1,19 +1,23 @@
-".MYSQL_QUERY_STRING."
-".$sql_string);
-
- // Count this query
- if (!isset($CONFIG['sql_count'])) $CONFIG['sql_count'] = 0;
- $CONFIG['sql_count']++;
-
- // Debug output
- //* DEBUG: */ print "Query=".$sql_string.", affected=".SQL_AFFECTEDROWS().", numrows=".SQL_NUMROWS($result)."
\n";
-
- if (($CSS != "1") && ($CSS != "-1") && (DEBUG_MODE) && (DEBUG_SQL))
- {
- //
- // Debugging stuff...
- //
- $fp = @fopen(PATH."debug.log", 'a') or mxchange_die("Cannot write debug.log!");
- if (!isset($OK)) {
- // Write first entry
- fwrite($fp, "Module=".$GLOBALS['module']."\n");
- $OK = true;
+ // Trim SQL string
+ $sqlStringModified = trim($sqlString);
+
+ // Empty query string or link is not up?
+ if (empty($sqlStringModified)) {
+ // Empty SQL string!
+ reportBug(__FUNCTION__, __LINE__, sprintf('SQL string is empty, please fix this: file=%s, line=%s',
+ basename($file),
+ $line
+ ));
+ } elseif (!isSqlLinkUp()) {
+ // We should not quietly ignore this
+ reportBug(__FUNCTION__, __LINE__, sprintf('Cannot query database: sqlString=%s,file=%s,line=%s',
+ $sqlStringModified,
+ basename($file),
+ $line
+ ));
}
- fwrite($fp, $F."(LINE=".$L."|NUM=".SQL_NUMROWS($result)."|AFFECTED=".SQL_AFFECTEDROWS()."): ".str_replace('\r', '', str_replace('\n', " ", $sql_string))."\n");
- fclose($fp);
- }
- // Count DB hits
- if (!isset($CONFIG['db_hits']))
- {
- // Count in dummy variable
- $CONFIG['db_hits'] = 0;
- }
- else
- {
- // Count to config array
- $CONFIG['db_hits']++;
+ // Remove \t, \n and \r from queries they may confuse some MySQL versions
+ $sqlStringModified = str_replace(array(chr(9), PHP_EOL, chr(13)), array(' ', ' ', ' '), $sqlStringModified);
+
+ // Compile config entries out
+ $sqlStringModified = sqlPrepareQueryString($sqlStringModified, $enableCodes);
+
+ // Cache it and remember as last SQL query
+ $GLOBALS[__FUNCTION__][$sqlString] = $sqlStringModified;
+ $GLOBALS['last_sql'] = $sqlStringModified;
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Stored cache: ' . $sqlStringModified);
+ } elseif (!isSqlLinkUp()) {
+ // Link went down while using cached SQL
+ reportBug(__FUNCTION__, __LINE__, 'Link went down while using cached SQL: sqlString=' . $sqlString . ',file=' . basename($file) . ',line=' . $line . ',enableCodes=' . intval($enableCodes));
+ } else {
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Cache used: ' . $sqlString);
+
+ // Use cache (to save a lot function calls
+ $GLOBALS['last_sql'] = $GLOBALS[__FUNCTION__][$sqlString];
+
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Cache is: ' . $sqlString);
}
+
+ // Starting time
+ $querytimeBefore = microtime(TRUE);
+
+ // Run SQL command
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'file=' . basename($file) . ',line=' . $line . ',sql=' . $GLOBALS['last_sql']);
+ $result = mysql_query($GLOBALS['last_sql'], getSqlLink())
+ or sqlError($file, $line, 'file='. basename($file) . ',line=' . $line . ':mysql_error()=' . mysql_error() . ',last_query=' . $GLOBALS['last_sql']);
+ //* DEBUG: */ logDebugMessage($file, $line, 'sql=' . $GLOBALS['last_sql'] . ',affected=' . sqlAffectedRows() . ',numRows='.(isValidSqlLink($result) ? sqlNumRows($result) : gettype($result)));
+
+ // Calculate query time
+ $queryTime = microtime(TRUE) - $querytimeBefore;
+
+ // Add this query to array including timing
+ addSqlToDebug($result, $GLOBALS['last_sql'], $queryTime, $file, $line);
+
+ // Save last successfull query
+ setConfigEntry('db_last_query', $GLOBALS['last_sql']);
+
+ // Count all query times
+ incrementConfigEntry('sql_time', $queryTime);
+
+ // Count this query
+ incrementConfigEntry('sql_count');
+
+ // Debug output
+ if (isSqlDebugEnabled()) {
+ // Is this the first call?
+ if (!isset($GLOBALS['sql_first_entry'])) {
+ // Write first entry
+ appendLineToFile(getCachePath() . 'mysql.log', 'Module=' . getModule());
+ $GLOBALS['sql_first_entry'] = TRUE;
+ } // END - if
+
+ // Append debug line
+ appendLineToFile(getCachePath() . 'mysql.log', basename($file) . '|LINE=' . $line . '|NUM=' . (isValidSqlLink($result) ? sqlNumRows($result) : 'false') . '|AFFECTED=' . sqlAffectedRows() . '|QUERYTIME:' . ($queryTime * 1000) . 'ms): ' . str_replace(array(chr(13), PHP_EOL), array('', ' '), $GLOBALS['last_sql']));
+ } // END - if
+
+ // Increment stats entry
+ incrementStatsEntry('db_hits');
+
+ // Return the result
return $result;
}
// SQL num rows
-function SQL_NUMROWS($result)
-{
- if ($result != false)
- {
- $lines = @mysql_num_rows($result);
- if (empty($lines)) $lines = "0";
+function sqlNumRows ($resource) {
+ // Valid link resource?
+ if (!isSqlLinkUp()) return FALSE;
+ // Link is not up, no rows by default
+ $lines = FALSE;
+
+ // Is the result a valid resource?
+ if (isset($GLOBALS['sql_numrows'][intval($resource)])) {
+ // Use cache
+ $lines = $GLOBALS['sql_numrows'][intval($resource)];
+ } elseif (isValidSqlLink($resource)) {
+ // Get the count of rows from database
+ $lines = mysql_num_rows($resource);
+
+ // Remember it in cache
+ $GLOBALS['sql_numrows'][intval($resource)] = $lines;
+ } else {
+ // No resource given, please fix this
+ reportBug(__FUNCTION__, __LINE__, 'No resource given! result[]=' . gettype($resource) . ',last_sql=' . $GLOBALS['last_sql']);
}
- else
- {
- // No resource given, no lines found!
- $lines = "0";
- }
+
+ // Return lines
return $lines;
}
// SQL affected rows
-function SQL_AFFECTEDROWS($lnk="x", $F="dummy", $L="dummy")
-{
- global $link;
- // $lnk will be ignored for now!
- $lines = @mysql_affected_rows($link);
+function sqlAffectedRows () {
+ // Valid link resource?
+ if (!isSqlLinkUp()) return FALSE;
+
+ // Get affected rows
+ $lines = mysql_affected_rows(getSqlLink());
+
+ // Return it
return $lines;
}
// SQL fetch row
-function SQL_FETCHROW($result)
-{
- $DATA = array();
- $DATA = @mysql_fetch_row($result);
- return $DATA;
+function sqlFetchRow ($resource) {
+ // Is $resource valid?
+ if ((!isValidSqlLink($resource)) || (!isSqlLinkUp())) return FALSE;
+
+ // Fetch the data and return it
+ return mysql_fetch_row($resource);
}
// SQL fetch array
-function SQL_FETCHARRAY($res=false, $nr=0, $remove_numerical=true)
-{
- // Is a result resource set?
- if (!$res) return false;
-
- // Initialize array
- $row = array();
+function sqlFetchArray ($resource) {
+ // Is $resource valid?
+ if ((!isValidSqlLink($resource)) || (!isSqlLinkUp())) return FALSE;
- // Load row from database
- $row = @mysql_fetch_array($res);
+ // Load row as array from database
+ $row = mysql_fetch_assoc($resource);
// Return only arrays here
- if (is_array($row))
- {
- // Shall we remove numerical data here automatically?
- if ($remove_numerical)
- {
- // So let's remove all numerical elements to save memory!
- $max = count($row);
- for ($idx = 0; $idx < ($max / 2); $idx++)
- {
- // Remove entry
- unset($row[$idx]);
- }
- }
-
+ if (is_array($row)) {
// Return row
return $row;
- }
- else
- {
- // Return a false here...
- return false;
+ } else {
+ // Return a false, else some loops would go endless...
+ return FALSE;
}
}
// SQL result
-function SQL_RESULT($res, $row, $field)
-{
- $result = @mysql_result($res, $row, $field);
+function sqlResult ($resource, $row, $field = '0') {
+ // Is $resource valid?
+ if ((!isValidSqlLink($resource)) || (!isSqlLinkUp())) return FALSE;
+
+ // Run the result command
+ $result = mysql_result($resource, $row, $field);
+
+ // ... and return the result
return $result;
}
+
// SQL connect
-function SQL_CONNECT($host, $login, $password, $F, $L)
-{
- $connect = @mysql_connect($host, $login, $password) or ADD_FATAL($F." (".$L."):".mysql_error());
- return $connect;
+function sqlConnectToDatabase ($host, $login, $password, $file, $line) {
+ // Try to connect
+ $linkResource = mysql_connect($host, $login, $password) or sqlError($file, $line, mysql_error());
+
+ // Set the link resource
+ if (isValidSqlLink($linkResource)) {
+ /*
+ * A non-resource (boolean) may happen on installation phase which
+ * shall not be set here. Only valid link resources shall be set so
+ * isSqlLinkUp() will only return 'true' if there is really a
+ * working database link.
+ */
+ setSqlLink($file . ':' . __FUNCTION__, $line . ':' . __LINE__, $linkResource);
+
+ // Init charsets (UTF-8 is default now)
+ sqlQuery("SET
+ `character_set_results`='utf8',
+ `character_set_client`='utf8',
+ `character_set_connection`='utf8',
+ `character_set_database`='utf8',
+ `character_set_server`='utf8'", $file . ':' . __FUNCTION__, $line . ':' . __LINE__);
+
+ // Disallow subtraction for unsigned columns
+ sqlQuery("SET `sql_mode`='NO_UNSIGNED_SUBTRACTION'", $file . ':' . __FUNCTION__, $line . ':' . __LINE__);
+ } // END - if
+
+ // Return the resource
+ //* DEBUG: */ logDebugMessage($file . ':' . __FUNCTION__, $line . ':' . __LINE__, 'linkResource[]=' . gettype($linkResource));
+ return $linkResource;
}
+
// SQL select database
-function SQL_SELECT_DB($DB, $link, $F, $L)
-{
- $DB = @mysql_select_db($DB, $link) or ADD_FATAL($F." (".$L."):".mysql_error());
- return $DB;
+function sqlSelectDatabase ($dbName, $file, $line) {
+ // Is there still a valid link? If not, skip it.
+ if (!isSqlLinkUp()) return FALSE;
+
+ // Return the result
+ //* DEBUG: */ logDebugMessage($file . ':' . __FUNCTION__, $line . ':' . __LINE__, 'Selecting database ' . $dbName);
+ return mysql_select_db($dbName, getSqlLink()) or sqlError($file, $line, mysql_error());
}
+
// SQL close link
-function SQL_CLOSE($link, $F, $L)
-{
- global $CONFIG, $CACHE, $CFG_CACHE;
- if ((GET_EXT_VERSION("cache") >= "0.0.7") && (isset($CONFIG['db_hits'])) && (isset($CONFIG['cache_hits'])) && (is_object($CACHE)))
- {
- // Update counter for db/cache
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_config SET db_hits=%d, cache_hits=%d WHERE config='0' LIMIT 1",
- array(bigintval($CONFIG['db_hits']), bigintval($CONFIG['cache_hits'])), __FILE__, __LINE__);
-
- // Update cache here
- if (GET_EXT_VERSION("cache") >= "0.1.2")
- {
- if ($CACHE->cache_file("config", true))
- {
- // Replace data
- $CACHE->cache_replace("cache_hits", $CONFIG['cache_hits'], "0", $CFG_CACHE);
- $CACHE->cache_replace("db_hits" , $CONFIG['db_hits'] , "0", $CFG_CACHE);
- }
- }
- }
+function sqlCloseLink ($file, $line) {
+ // Is the link up?
+ if (!isSqlLinkUp()) {
+ // Skip double close
+ //* DEBUG: */ logDebugMessage($file . ':' . __FUNCTION__, $line . ':' . __LINE__, 'Called but no link is open.');
+ return FALSE;
+ } // END - if
+
+ // Close database link and forget the link
+ $close = mysql_close(getSqlLink()) or sqlError($file . ':' . __FUNCTION__, $line . ':' . __LINE__, mysql_error());
- // Close database link
- $close = @mysql_close($link) or ADD_FATAL($F." (".$L."):".mysql_error());
+ // Close link in this layer
+ unsetSqlLinkUp(__FUNCTION__, __LINE__);
+
+ // Return the result
+ //* DEBUG: */ logDebugMessage($file . ':' . __FUNCTION__, $line . ':' . __LINE__, 'close[' . gettype($close) . ']=' . intval($close));
return $close;
}
+
// SQL free result
-function SQL_FREERESULT($result)
-{
- $res = @mysql_free_result($result);
+function sqlFreeResult ($resource) {
+ if ((!isValidSqlLink($resource)) || (!isSqlLinkUp())) {
+ // Abort here
+ return FALSE;
+ } // END - if
+
+ // Free result
+ $res = mysql_free_result($resource);
+
+ // And return that result of freeing it...
return $res;
}
-// SQL string escaping
-function SQL_QUERY_ESC($qstring, $data, $file, $line, $run=true, $strip=true)
-{
- global $link;
- $eval = "\$query = sprintf(\"".$qstring."\"";
- foreach ($data as $var)
- {
- if (!empty($var))
- {
- if ($strip) {
- $eval .= ", SQL_ESCAPE(\"".strip_tags($var)."\")";
- } else {
- $eval .= ", SQL_ESCAPE(\"".$var."\")";
- }
- }
- else
- {
- $eval .= ", ''";
- }
- }
- $eval .= ");";
- //
- // Debugging
- //
- //$fp = fopen(PATH."escape_debug.log", 'a') or mxchange_die("Cannot write debug.log!");
- //fwrite($fp, $file."(".$line."): ".str_replace('\r', '', str_replace('\n', " ", $eval))."\n");
- //fclose($fp);
- eval($eval);
- if ($run)
- {
- // Run SQL query (default)
- return SQL_QUERY($query, $file, $line);
- }
- else
- {
- // Return secured string
- return $query;
- }
-}
-// Get ID from last INSERT command
-function SQL_INSERTID()
-{
- return @mysql_insert_id();
+
+// Get id from last INSERT command and secure id
+function getSqlInsertId () {
+ if (!isSqlLinkUp()) return FALSE;
+ return bigintval(mysql_insert_id());
}
+
// Escape a string for the database
-function SQL_ESCAPE($str)
-{
- global $link;
- if (!is_resource($link)) {
- // Fall-back to addslashes() when there is no link
- return addslashes($str);
- }
+function sqlEscapeString ($str, $secureString = TRUE, $strip = TRUE) {
+ // Is there cache?
+ if (!isset($GLOBALS['sql_escapes']['' . $str . ''])) {
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str . ' - BEFORE!');
+
+ // Prepare the string here
+ $str = sqlPrepareQueryString($str);
+
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str . ' - AFTER!');
+
+ // Secure string first? (which is the default behaviour!)
+ if ($secureString === TRUE) {
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str . ',strip=' . intval($strip) . ' - BEFORE!');
+
+ // Then do it here
+ $str = secureString($str, $strip);
+
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str . ',strip=' . intval($strip) . ' - AFTER!');
+ } // END - if
+
+ // Init (invalid) value
+ $ret = '!INVALID!';
+
+ if (!isSqlLinkUp()) {
+ // Fall-back to escapeQuotes() when there is no link
+ $ret = escapeQuotes($str);
+ } elseif (function_exists('mysql_real_escape_string')) {
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str);
+
+ // The new and improved version
+ $ret = mysql_real_escape_string($str, getSqlLink());
+
+ // Debug message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str . ',ret=' . $ret);
+ } elseif (function_exists('mysql_escape_string')) {
+ // The obsolete function
+ $ret = mysql_escape_string($str, getSqlLink());
+ } else {
+ // If nothing else works, fall back to escapeQuotes() again
+ $ret = escapeQuotes($str);
+ }
- if (function_exists('mysql_real_escape_string')) {
- // The new and improved version
- return mysql_real_escape_string($str, $link);
- } elseif (function_exists('mysql_escape_string')) {
- // The obsulete function
- return mysql_escape_string($str, $link);
+ // Log message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str . ',ret=' . $ret);
+
+ // Cache result
+ $GLOBALS['sql_escapes']['' . $str . ''] = $ret;
+ } // END - if
+
+ // Log message
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str=' . $str . ',sql_escapes=' . $GLOBALS['sql_escapes']['' . $str . '']);
+
+ // Return it
+ return $GLOBALS['sql_escapes']['' . $str . ''];
+}
+
+// Log SQL errors to debug.log in installation phase or call reportBug()
+function sqlError ($file, $line, $message) {
+ // Remember plain error in last_sql_error
+ $GLOBALS['last_sql_error'] = mysql_error();
+
+ // Is login set?
+ if (!empty($GLOBALS['mysql']['login'])) {
+ // Secure login name in message
+ $message = str_replace($GLOBALS['mysql']['login'], '***', $message);
+ } // END - if
+
+ // Is database password set?
+ if (!empty($GLOBALS['mysql']['password'])) {
+ // Secure password in message
+ $message = str_replace($GLOBALS['mysql']['password'], '***', $message);
+ } // END - if
+
+ // Is database name set?
+ if (!empty($GLOBALS['mysql']['dbase'])) {
+ // Secure database name in message
+ $message = str_replace($GLOBALS['mysql']['dbase'], '***', $message);
+ } // END - if
+
+ // Is there installation phase?
+ if (isInstaller()) {
+ /*
+ * In installation phase, we don't want SQL errors abort e.g. connection
+ * tests, so just log it away.
+ */
+ logDebugMessage($file, $line, $message);
} else {
- // If nothing else works
- return addslashes($str);
+ // Regular mode, then call reportBug()
+ reportBug($file, $line, $message);
}
}
-// SELECT query string from table, columns and so on... ;-)
-function SQL_RESULT_FROM_ARRAY ($table, $columns, $idRow, $id) {
- // Prepare the SQL statement
- $SQL = "SELECT ".implode(", ", $columns)." FROM "._MYSQL_PREFIX."_".$table." WHERE ".$idRow."=%d LIMIT 1";
- // Return the result
- return SQL_QUERY_ESC($SQL, array(bigintval($id)), __FILE__, __LINE__);
+// Checks whether given link is a valid SQL link
+function isValidSqlLink ($linkResource) {
+ // Is it a resource?
+ return is_resource($linkResource);
}
-//
+
+// [EOF]
?>