X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fdb%2Flib-mysql3.php;h=0d97094c82d13cc01ddc966b90450e57e7fd62cf;hp=90db1da0b7c895dbf5487ff908f58ba9e5e19394;hb=509ae618cc32ba2b811cf66567d62abc597dc405;hpb=3db876e775c0651ffdf15234f5d5c7a4eae4033c diff --git a/inc/db/lib-mysql3.php b/inc/db/lib-mysql3.php index 90db1da0b7..0d97094c82 100644 --- a/inc/db/lib-mysql3.php +++ b/inc/db/lib-mysql3.php @@ -10,7 +10,12 @@ * -------------------------------------------------------------------- * * Kurzbeschreibung : Datenbankschicht fuer MySQL +3.x Server * * -------------------------------------------------------------------- * - * * + * $Revision:: $ * + * $Date:: $ * + * $Tag:: 0.2.1-FINAL $ * + * $Author:: $ * + * Needs to be in all Files and every File needs "svn propset * + * svn:keywords Date Revision" (autoprobset!) at least!!!!!! * * -------------------------------------------------------------------- * * Copyright (c) 2003 - 2008 by Roland Haeder * * For more information visit: http://www.mxchange.org * @@ -33,32 +38,44 @@ // Some security stuff... if (!defined('__SECURITY')) { - $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; + $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php'; require($INC); } // SQL queries function SQL_QUERY ($sql_string, $F, $L) { - global $link, $CSS, $_CONFIG, $OK; - // Link is up? - if (!is_resource($link)) return false; + if (!SQL_IS_LINK_UP()) { + // We should not quietly ignore this! + trigger_error(sprintf("Cannot query database: sql_string=%s,file=%s,line=%s", + $sql_string, + basename($F), + $L + )); + + // Return 'false' because it has failed + return false; + } // END - if // Remove \t, \n and \r from queries they may confuse some MySQL version I have heard $sql_string = str_replace("\t", " ", str_replace("\n", " ", str_replace("\r", " ", $sql_string))); + // Replace {!_MYSQL_PREFIX!} with constant, closes #84. Thanks to profi-concept + $sql_string = str_replace("{!_MYSQL_PREFIX!}", getConfig('_MYSQL_PREFIX'), $sql_string); + + // Replace {!_TABLE_TYPE!} with constant + $sql_string = str_replace("{!_TABLE_TYPE!}", getConfig('_TABLE_TYPE'), $sql_string); + // Starting time $querytimeBefore = array_sum(explode(' ', microtime())); - // Replace {!_MYSQL_PREFIX!} with constant, closes #84. Thanks to profi-concept - $sql_string = str_replace("{!_MYSQL_PREFIX!}", constant('_MYSQL_PREFIX'), $sql_string); - // Run SQL command - //* DEBUG: */ echo $sql_string."
\n"; - $result = mysql_query($sql_string, $link) - or addFatalMessage($F." (".$L."):".mysql_error()."
+ //* DEBUG: */ print $sql_string."
\n"; + $result = mysql_query($sql_string, SQL_GET_LINK()) + or addFatalMessage(__FUNCTION__, __LINE__, $F." (".$L."):".mysql_error()."
Query string:
".$sql_string); + //* DEBUG: */ print __LINE__ . ': numRows=' . SQL_NUMROWS($result) . ',affected=' . SQL_AFFECTEDROWS() . "
\n"; // Ending time $querytimeAfter = array_sum(explode(' ', microtime())); @@ -67,35 +84,34 @@ Query string:
$queryTime = $querytimeAfter - $querytimeBefore; // Save last successfull query - $_CONFIG['db_last_query'] = $sql_string; + setConfigEntry('db_last_query', $sql_string); // Count this query incrementConfigEntry('sql_count'); // Debug output //* DEBUG: */ print "Query=
".$sql_string."
, affected=".SQL_AFFECTEDROWS().", numrows=".SQL_NUMROWS($result)."
\n"; - - if (($CSS != "1") && ($CSS != "-1") && (isBooleanConstantAndTrue('DEBUG_MODE')) && (isBooleanConstantAndTrue('DEBUG_SQL'))) { + if ((getOutputMode() != '1') && (getOutputMode() != '-1') && (isDebugModeEnabled()) && (getConfig('DEBUG_SQL') == 'Y')) { // // Debugging stuff... // - $fp = @fopen(PATH."inc/cache/mysql.log", 'a') or mxchange_die("Cannot write mysql.log!"); - if (!isset($OK)) { + $fp = fopen(constant('PATH') . 'inc/cache/mysql.log', 'a') or app_die(__FILE__, __LINE__, "Cannot write mysql.log!"); + if (!isset($GLOBALS['sql_first_entry'])) { // Write first entry - fwrite($fp, "Module=".$GLOBALS['module']."\n"); - $OK = true; + fwrite($fp, 'Module=' . getModule() . "\n"); + $GLOBALS['sql_first_entry'] = true; } // END - if - fwrite($fp, $F."(LINE=".$L."|NUM=".SQL_NUMROWS($result)."|AFFECTED=".SQL_AFFECTEDROWS()."|QUERYTIME:".$queryTime."): ".str_replace('\r', "", str_replace('\n', " ", $sql_string))."\n"); + fwrite($fp, $F."(LINE=".$L."|NUM=".SQL_NUMROWS($result)."|AFFECTED=".SQL_AFFECTEDROWS()."|QUERYTIME:".$queryTime."): ".str_replace("\r", '', str_replace("\n", " ", $sql_string))."\n"); fclose($fp); } // END - if // Count DB hits - if (getConfig('db_hits_run') == null) { + if (!isConfigEntrySet('db_hits_run')) { // Count in dummy variable - $_CONFIG['db_hits_run'] = 1; + setConfigEntry('db_hits_run', 1); } else { // Count to config array - $_CONFIG['db_hits_run']++; + incrementConfigEntry('db_hits_run'); } // Return the result @@ -103,7 +119,7 @@ Query string:
} // SQL num rows -function SQL_NUMROWS($result) { +function SQL_NUMROWS ($result) { // Is the result a valid resource? if (is_resource($result)) { // Get the count of rows from database @@ -120,28 +136,23 @@ function SQL_NUMROWS($result) { // SQL affected rows function SQL_AFFECTEDROWS() { - global $link; - // Valid link resource? - if (!is_resource($link)) return false; + if (!SQL_IS_LINK_UP()) return false; // Get affected rows - $lines = mysql_affected_rows($link); + $lines = mysql_affected_rows(SQL_GET_LINK()); // Return it return $lines; } // SQL fetch row -function SQL_FETCHROW($result) { - // Init data - $DATA = array(); - +function SQL_FETCHROW ($result) { // Is a result resource set? if (!is_resource($result)) return false; - $DATA = mysql_fetch_row($result); - return $DATA; + // Fetch the data and return it + return mysql_fetch_row($result); } // SQL fetch array @@ -159,13 +170,13 @@ function SQL_FETCHARRAY($res, $nr=0, $remove_numerical=true) { if (is_array($row)) { // Shall we remove numerical data here automatically? if ($remove_numerical) { - // So let's remove all numerical elements to save memory! + // So let's remove all numerical elements to save memory! $max = count($row); for ($idx = 0; $idx < ($max / 2); $idx++) { // Remove entry unset($row[$idx]); - } - } + } // END - for + } // END - if // Return row return $row; @@ -176,46 +187,58 @@ function SQL_FETCHARRAY($res, $nr=0, $remove_numerical=true) { } // SQL result -function SQL_RESULT($res, $row, $field) { +function SQL_RESULT ($res, $row, $field = 0) { + // Is $res valid? + if (!is_resource($res)) return false; + + // Run the result command and return the result $result = mysql_result($res, $row, $field); return $result; } + // SQL connect -function SQL_CONNECT($host, $login, $password, $F, $L) { - $connect = mysql_connect($host, $login, $password) or addFatalMessage($F." (".$L."):".mysql_error()); - return $connect; +function SQL_CONNECT ($host, $login, $password, $F, $L) { + // Try to connect + $connect = mysql_connect($host, $login, $password) or addFatalMessage(__FUNCTION__, __LINE__, $F." (".$L."):".mysql_error()); + + // Set the link resource + SQL_SET_LINK($connect); } + // SQL select database -function SQL_SELECT_DB($dbName, $link, $F, $L) { - $select = false; - if (is_resource($link)) { - $select = mysql_select_db($dbName, $link) or addFatalMessage($F." (".$L."):".mysql_error()); - } - return $select; +function SQL_SELECT_DB ($dbName, $F, $L) { + // Is there still a valid link? If not, skip it. + if (!SQL_IS_LINK_UP()) return false; + + // Return the result + return mysql_select_db($dbName, SQL_GET_LINK()) or addFatalMessage(__FUNCTION__, __LINE__, $F." (".$L."):".mysql_error()); } -// SQL close link -function SQL_CLOSE(&$link, $F, $L) { - global $_CONFIG, $cacheInstance, $cacheArray; - // Is there still a valid link? - if (!is_resource($link)) { +// SQL close link +function SQL_CLOSE ($F, $L) { + if (!SQL_IS_LINK_UP()) { // Skip double close return false; } // END - if // Do we need to update cache/db counter? //* DEBUG: */ echo "DB=".getConfig('db_hits').",CACHE=".getConfig('cache_hits')."
\n"; - if ((GET_EXT_VERSION("cache") >= "0.0.7") && (getConfig('db_hits') > 0) && (getConfig('cache_hits') > 0) && (is_object($cacheInstance))) { + if ((GET_EXT_VERSION('cache') >= '0.0.7') && (getConfig('db_hits') > 0) && (getConfig('cache_hits') > 0) && (isCacheInstanceValid())) { // Add new hits - $_CONFIG['db_hits'] += getConfig('db_hits_run'); + incrementConfigEntry('db_hits', getConfig('db_hits_run')); // Update counter for db/cache - UPDATE_CONFIG(array("db_hits", "cache_hits"), array(bigintval(getConfig('db_hits')), bigintval(getConfig('cache_hits')))); + updateConfiguration(array('db_hits', 'cache_hits'), array(getConfig('db_hits'), getConfig('cache_hits'))); } // END - if // Close database link and forget the link - $close = mysql_close($link) or addFatalMessage($F." (".$L."):".mysql_error()); - $link = null; + $close = mysql_close(SQL_GET_LINK()) + or addFatalMessage(__FUNCTION__, __LINE__, $F . ' (' . $L . '):'.mysql_error()); + + // Close link + SQL_SET_LINK(null); + + // Return the result return $close; } @@ -231,51 +254,53 @@ function SQL_FREERESULT ($result) { } // SQL string escaping -function SQL_QUERY_ESC ($qstring, $data, $file, $line, $run=true, $strip=true) { - global $link; - +function SQL_QUERY_ESC ($qstring, $data, $F, $L, $run=true, $strip=true, $secure=true) { // Link is there? - if (!is_resource($link)) return false; + if (!SQL_IS_LINK_UP()) return false; // Init variable - $query = "failed"; + $query = 'failed'; + + if ($strip === true) { + $strip = 'true'; + } else { + $strip = 'false'; + } - if ($strip) { - $strip = "true"; + if ($secure === true) { + $secure = 'true'; } else { - $strip = "false"; + $secure = 'false'; } $eval = "\$query = sprintf(\"".$qstring."\""; foreach ($data as $var) { if ((!empty($var)) || ($var === 0)) { - $eval .= ", SQL_ESCAPE(\"".$var."\",true,".$strip.")"; + $eval .= ", SQL_ESCAPE(\"".$var."\", ".$secure.", ".$strip.")"; } else { $eval .= ", ''"; } - } + } // END - foreach $eval .= ");"; - // + // Debugging // - //* DEBUG: */ $fp = fopen(PATH."inc/cache/escape_debug.log", 'a') or mxchange_die("Cannot write debug.log!"); - //* DEBUG: */ fwrite($fp, $file."(".$line."): ".str_replace("\r", "", str_replace("\n", " ", $eval))."\n"); + //* DEBUG: */ $fp = fopen(constant('PATH')."inc/cache/escape_debug.log", 'a') or app_die(__FILE__, __LINE__, "Cannot write debug.log!"); + //* DEBUG: */ fwrite($fp, $F.'('.$L."): ".str_replace("\r", '', str_replace("\n", " ", $eval))."\n"); //* DEBUG: */ fclose($fp); // Run the code eval($eval); // Was the eval() command fine? - if ($query == "failed") { + if ($query == 'failed') { // Something went wrong? - print "eval=".htmlentities($eval)."
";
-		debug_print_backtrace();
-		die("
"); + debug_report_bug('eval=' . $eval); } // END - if - if ($run) { + if ($run === true) { // Run SQL query (default) - return SQL_QUERY($query, $file, $line); + return SQL_QUERY($query, $F, $L); } else { // Return secured string return $query; @@ -284,57 +309,53 @@ function SQL_QUERY_ESC ($qstring, $data, $file, $line, $run=true, $strip=true) { // Get ID from last INSERT command function SQL_INSERTID () { - global $link; - if (!is_resource($link)) return false; + if (!SQL_IS_LINK_UP()) return false; return mysql_insert_id(); } // Escape a string for the database -function SQL_ESCAPE ($str, $secureString=true,$strip=true) { - global $link; - +function SQL_ESCAPE ($str, $secureString=true, $strip=true) { // Secure string first? (which is the default behaviour!) if ($secureString) { // Then do it here $str = secureString($str, $strip); } // END - if - if (!is_resource($link)) { - // Fall-back to addslashes() when there is no link - return addslashes($str); - } // END - if - - if (function_exists('mysql_real_escape_string')) { + if (!SQL_IS_LINK_UP()) { + // Fall-back to smartAddSlashes() when there is no link + return smartAddSlashes($str); + } elseif (function_exists('mysql_real_escape_string')) { // The new and improved version //* DEBUG: */ print __FUNCTION__."(".__LINE__."):str={$str}
\n"; - return mysql_real_escape_string($str, $link); + return mysql_real_escape_string($str, SQL_GET_LINK()); } elseif (function_exists('mysql_escape_string')) { // The obsolete function - return mysql_escape_string($str, $link); + return mysql_escape_string($str, SQL_GET_LINK()); } else { - // If nothing else works - return addslashes($str); + // If nothing else works, fall back to smartAddSlashes() + return smartAddSlashes($str); } } // SELECT query string from table, columns and so on... ;-) function SQL_RESULT_FROM_ARRAY ($table, $columns, $idRow, $id, $F, $L) { // Is columns an array? - if (!is_array($columns) { + if (!is_array($columns)) { // No array trigger_error(sprintf("columns is not array. %s!=array", gettype($columns))); - } + } // END - if // Prepare the SQL statement - $SQL = "SELECT `".implode("`, `", $columns)."` FROM `{!_MYSQL_PREFIX!}_%s` WHERE ``='%s' LIMIT 1"; + $sql = "SELECT `".implode("`,`", $columns)."` FROM `{!_MYSQL_PREFIX!}_%s` WHERE `%s`='%s' LIMIT 1"; // Return the result - return SQL_QUERY_ESC($SQL, + return SQL_QUERY_ESC($sql, array( - bigintval($id), $table, - $idRow - ), $F, $L); + $idRow, + bigintval($id), + ), $F, $L + ); } // ALTER TABLE wrapper function @@ -343,33 +364,132 @@ function SQL_ALTER_TABLE ($sql, $F, $L) { $result = false; // Determine index/fulltext/unique word - $noIndex = ((eregi("INDEX", $sql) == false) && (eregi("FULLTEXT", $sql) == false) && (eregi("UNIQUE", $sql) == false); + $noIndex = ( + ( + strpos($sql, 'INDEX') === false + ) && ( + strpos($sql, 'FULLTEXT') === false + ) && ( + strpos($sql, 'UNIQUE') === false + ) + ); + + // Extract table name + $tableArray = explode(" ", $sql); + $tableName = str_replace('`', '', $tableArray[2]); // Shall we add/drop? - if (((eregi("ADD", $sql) > 0) || (eregi("DROP", $sql) > 0)) && ($noIndex)) { - // Extract table name - $tableArray = explode(" ", $sql); - $tableName = str_replace("`", "", $tableArray[2]); - + if (((strpos($sql, 'ADD') !== false) || (strpos($sql, 'DROP') !== false)) && ($noIndex === true)) { // And column name as well - $columnName = str_replace("`", "", $tableArray[4]); + $columnName = str_replace('`', '', $tableArray[4]); // Get column information - $result = SQL_QUERY_ESC("SHOW COLUMNS FROM %s LIKE '%s'", - array($tableName, $columnName), $F, $L); + $result = SQL_QUERY_ESC("SHOW COLUMNS FROM `%s` LIKE '%s'", + array($tableName, $columnName), __FILE__, __LINE__); // Do we have no entry on ADD or an entry on DROP? - if (((SQL_NUMROWS($result) == 0) && (eregi("ADD", $sql) > 0)) || ((SQL_NUMROWS($result) == 1) && (eregi("DROP", $sql) > 0))) { + // 123 4 4 3 3 4 4 32 23 4 4 3 3 4 4 321 + if (((SQL_NUMROWS($result) == 0) && (strpos($sql, 'ADD') !== false)) || ((SQL_NUMROWS($result) == 1) && (strpos($sql, 'DROP') !== false))) { // Do the query + //* DEBUG: */ print __LINE__.':'.$sql."
\n"; + $result = SQL_QUERY($sql, $F, $L, false); + } // END - if + } elseif ((getConfig('_TABLE_TYPE') == 'InnoDB') && (strpos($sql, 'FULLTEXT') !== false)) { + // Skip this query silently + //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Skipped FULLTEXT: sql=%s,file=%s,line=%s", $sql, $F, $L)); + } elseif (!$noIndex) { + // And column name as well + $columnName = str_replace('`', '', $tableArray[4]); + + // Is this "UNIQUE" or so? FULLTEXT has been handled the elseif() block above + if (in_array(strtoupper($columnName), array('INDEX', 'UNIQUE', 'KEY', 'FULLTEXT'))) { + // Init loop + $begin = 1; $columnName = ','; + while (strpos($columnName, ',') !== false) { + // Use last + $columnName = str_replace('`', '', $tableArray[count($tableArray) - $begin]); + //* DEBUG: */ print __LINE__.':'.$columnName."----------------".$begin."
\n"; + + // Remove brackes + $columnName = str_replace('(', '', str_replace(')', '', $columnName)); + //* DEBUG: */ print __LINE__.':'.$columnName."----------------".$begin."
\n"; + + // Continue + $begin++; + } // END while + } // END - if + + // Show indexes + $result = SQL_QUERY_ESC("SHOW INDEX FROM `%s`", + array($tableName), __FILE__, __LINE__); + + // Walk through all + $skip = false; + while ($content = SQL_FETCHARRAY($result)) { + // Is it found? + //* DEBUG: */ print "
".print_r($content, true)."
"; + if (($content['Column_name'] == $columnName) || ($content['Key_name'] == $columnName)) { + // Skip this query! + //* DEBUG: */ DEBUG_LOG(__FUNCTION__, __LINE__, sprintf("Skiped: %s", $sql)); + $skip = true; + break; + } // END - if + } // END - while + + // Free result + SQL_FREERESULT($result); + + // Shall we run it? + if (!$skip) { + // Send it to the SQL_QUERY() function + //* DEBUG: */ print __LINE__.':'.$sql."
\n"; $result = SQL_QUERY($sql, $F, $L, false); } // END - if } else { - // Send it to the SQL_QUERY() function + // Other ALTER TABLE query + //* DEBUG: */ print __LINE__.':'.$sql."
\n"; $result = SQL_QUERY($sql, $F, $L, false); } // Return result return $result; } + +// Getter for SQL link +function SQL_GET_LINK () { + // Init link + $link = null; + + // Is it in the globals? + if (isset($GLOBALS['sql_link'])) { + // Then take it + $link = $GLOBALS['sql_link']; + } // END - if + + // Return it + return $link; +} + +// Setter for link +function SQL_SET_LINK ($link) { + // Is this a resource or null? + if ((!is_resource($link)) && (!is_null($link))) { + // This should never happen! + trigger_error(sprintf("link is not resource or null. Type: %s", gettype($link))); + } // END - if + + // Set it + $GLOBALS['sql_link'] = $link; +} + +// Checks if the link is up +function SQL_IS_LINK_UP () { + // Get the link + $link = SQL_GET_LINK(); + + // Return the result + return (is_resource($link)); +} + // ?>