* @license LGPL */ // some constanst for pre php4.3 if (!defined('PHP_SHLIB_SUFFIX')) { define('PHP_SHLIB_SUFFIX',strtoupper(substr(PHP_OS, 0,3)) == 'WIN' ? 'dll' : 'so'); } if (!defined('PHP_SHLIB_PREFIX')) { define('PHP_SHLIB_PREFIX',PHP_SHLIB_SUFFIX == 'dll' ? 'php_' : ''); } if(empty($GLOBALS['egw_info']['server']['db_type'])) { $GLOBALS['egw_info']['server']['db_type'] = 'mysql'; } include_once(EGW_API_INC.'/adodb/adodb.inc.php'); class egw_db { /** * @var string $type translated database type: mysqlt+mysqli ==> mysql, same for odbc-types */ var $Type = ''; /** * @var string $type database type as defined in the header.inc.php, eg. mysqlt */ var $setupType = ''; /** * @var string $Host database host to connect to */ var $Host = ''; /** * @var string $Port port number of database to connect to */ var $Port = ''; /** * @var string $Database name of database to use */ var $Database = ''; /** * @var string $User name of database user */ var $User = ''; /** * @var string $Password password for database user */ var $Password = ''; /** * @var int $Auto_Free automatically free results - 0 no, 1 yes */ var $Auto_Free = 0; /** * @var int $Debug enable debuging - 0 no, 1 yes */ var $Debug = 0; /** * @var string $Halt_On_Error "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore errror, but spit a warning) */ var $Halt_On_Error = 'yes'; /** * @var array $Record current record */ var $Record = array(); /** * @var int row number for current record */ var $Row; /** * @var int $Errno internal rdms error number for last error */ var $Errno = 0; /** * @var string descriptive text from last error */ var $Error = ''; /** * eGW's own query log, independent of the db-type, eg. /tmp/query.log * * @var string */ var $query_log; //i am not documenting private vars - skwashd :) var $xmlrpc = False; var $soap = False; /** * ADOdb connection * * @var ADOConnection */ var $Link_ID = 0; /** * ADOdb connection * * @var ADOConnection */ var $privat_Link_ID = False; // do we use a privat Link_ID or a reference to the global ADOdb object /** * ADOdb record set of the current query * * @var ADORecordSet */ var $Query_ID = 0; /** * @var array $capabilities, defaults will be changed be method set_capabilities($ado_driver,$db_version) */ var $capabilities = array( 'sub_queries' => true, // will be set to false for mysql < 4.1 'union' => true, // will be set to false for mysql < 4.0 'outer_join' => false, // does the DB has an outer join, will be set eg. for postgres 'distinct_on_text' => true, // is the DB able to use DISTINCT with a text or blob column 'like_on_text' => true, // is the DB able to use LIKE with text columns 'name_case' => 'upper', // case of returned column- and table-names: upper, lower(pgSql), preserv(MySQL) 'client_encoding' => false, // db uses a changeable clientencoding 'case_insensitive_like' => 'LIKE', // case insensitive version of like, eg. ILIKE for postgres 'require_truncate_varchar' => false,// DB requires varchar columns to be truncated to the max. size (eg. Postgres) 'order_on_text' => true, // is the DB able to order by a given text column, boolean or ); // string for sprintf for a cast (eg. 'CAST(%s AS varchar)') var $prepared_sql = array(); // sql is the index /** * @param string $query query to be executed (optional) */ function db($query = '') { $this->query($query); } /** * @return int current connection id */ function link_id() { return $this->Link_ID; } /** * @return int id of current query */ function query_id() { return $this->Query_ID; } /** * Open a connection to a database * * @param string $Database name of database to use (optional) * @param string $Host database host to connect to (optional) * @param string $Port database port to connect to (optional) * @param string $User name of database user (optional) * @param string $Password password for database user (optional) * @param string $Type type of database (optional) * @return ADONewConnection */ function connect($Database = NULL, $Host = NULL, $Port = NULL, $User = NULL, $Password = NULL,$Type = NULL) { /* Handle defaults */ if (!is_null($Database) && $Database) { $this->Database = $Database; } if (!is_null($Host) && $Host) { $this->Host = $Host; } if (!is_null($Port) && $Port) { $this->Port = $Port; } if (!is_null($User) && $User) { $this->User = $User; } if (!is_null($Password) && $Password) { $this->Password = $Password; } if (!is_null($Type) && $Type) { $this->Type = $Type; } elseif (!$this->Type) { $this->Type = $GLOBALS['egw_info']['server']['db_type']; } if (!$this->Link_ID) { foreach(array('Host','Database','User','Password') as $name) { $$name = $this->$name; } $this->setupType = $php_extension = $type = $this->Type; switch($this->Type) // convert to ADO db-type-names { case 'pgsql': $type = 'postgres'; // name in ADOdb // create our own pgsql connection-string, to allow unix domain soccets if !$Host $Host = "dbname=$this->Database".($this->Host ? " host=$this->Host".($this->Port ? " port=$this->Port" : '') : ''). " user=$this->User".($this->Password ? " password='".addslashes($this->Password)."'" : ''); $User = $Password = $Database = ''; // to indicate $Host is a connection-string break; case 'odbc_mssql': $php_extension = 'odbc'; $this->Type = 'mssql'; // fall through case 'mssql': if ($this->Port) $Host .= ','.$this->Port; break; case 'odbc_oracle': $php_extension = 'odbc'; $this->Type = 'oracle'; break; case 'oracle': $php_extension = $type = 'oci8'; break; case 'sapdb': $this->Type = 'maxdb'; // fall through case 'maxdb': $type ='sapdb'; // name in ADOdb $php_extension = 'odbc'; break; case 'mysqlt': $php_extension = 'mysql'; // you can use $this->setupType to determine if it's mysqlt or mysql // fall through case 'mysqli': $this->Type = 'mysql'; // fall through default: if ($this->Port) $Host .= ':'.$this->Port; break; } if (!is_object($GLOBALS['egw']->ADOdb) || // we have no connection so far (is_object($GLOBALS['egw']->db) && // we connect to a different db, then the global one ($this->Type != $GLOBALS['egw']->db->Type || $this->Database != $GLOBALS['egw']->db->Database || $this->User != $GLOBALS['egw']->db->User || $this->Host != $GLOBALS['egw']->db->Host || $this->Port != $GLOBALS['egw']->db->Port))) { if (!extension_loaded($php_extension) && (!function_exists('dl') || !dl(PHP_SHLIB_PREFIX.$php_extension.'.'.PHP_SHLIB_SUFFIX))) { $this->halt("Necessary php database support for $this->Type (".PHP_SHLIB_PREFIX.$php_extension.'.'.PHP_SHLIB_SUFFIX.") not loaded and can't be loaded, exiting !!!"); return null; // in case error-reporting = 'no' } if (!is_object($GLOBALS['egw']->ADOdb)) // use the global object to store the connection { $this->Link_ID = &$GLOBALS['egw']->ADOdb; } else { $this->privat_Link_ID = True; // remember that we use a privat Link_ID for disconnect } $this->Link_ID = ADONewConnection($type); if (!$this->Link_ID) { $this->halt("No ADOdb support for '$type' ($this->Type) !!!"); return null; // in case error-reporting = 'no' } $connect = $GLOBALS['egw_info']['server']['db_persistent'] ? 'PConnect' : 'Connect'; if (($Ok = $this->Link_ID->$connect($Host, $User, $Password))) { $this->ServerInfo = $this->Link_ID->ServerInfo(); $this->set_capabilities($type,$this->ServerInfo['version']); if($Database) { $Ok = $this->Link_ID->SelectDB($Database); } } if (!$Ok) { $Host = preg_replace('/password=[^ ]+/','password=$Password',$Host); // eg. postgres dsn contains password $this->halt("ADOdb::$connect($Host, $User, \$Password, $Database) failed."); return null; // in case error-reporting = 'no' } if ($this->Debug) { echo function_backtrace(); echo "
new ADOdb connection to $this->Type://$this->Host/$this->Database: Link_ID".($this->Link_ID === $GLOBALS['egw']->ADOdb ? '===' : '!==')."\$GLOBALS[egw]->ADOdb
"; //echo "".print_r($this->Link_ID->ServerInfo(),true)."
\n"; _debug_array($this); echo "\$GLOBALS[egw]->db="; _debug_array($GLOBALS[egw]->db); } if ($this->Type == 'mssql') { // this is the format ADOdb expects $this->Link_ID->Execute('SET DATEFORMAT ymd'); // sets the limit to the maximum ini_set('mssql.textlimit',2147483647); ini_set('mssql.sizelimit',2147483647); } } else { $this->Link_ID = &$GLOBALS['egw']->ADOdb; } } // next ADOdb version: if (!$this->Link_ID->isConnected()) $this->Link_ID->Connect(); if (!$this->Link_ID->_connectionID) $this->Link_ID->Connect(); //echo "".print_r($this->Link_ID->ServerInfo(),true)."
\n"; return $this->Link_ID; } /** * changes defaults set in class-var $capabilities depending on db-type and -version * * @param string $ado_driver mysql, postgres, mssql, sapdb, oci8 * @param string $db_version version-number of connected db-server, as reported by ServerInfo */ function set_capabilities($adodb_driver,$db_version) { switch($adodb_driver) { case 'mysql': case 'mysqlt': case 'mysqli': $this->capabilities['sub_queries'] = (float) $db_version >= 4.1; $this->capabilities['union'] = (float) $db_version >= 4.0; $this->capabilities['name_case'] = 'preserv'; $this->capabilities['client_encoding'] = (float) $db_version >= 4.1; break; case 'postgres': $this->capabilities['name_case'] = 'lower'; $this->capabilities['client_encoding'] = (float) $db_version >= 7.4; $this->capabilities['outer_join'] = true; $this->capabilities['case_insensitive_like'] = 'ILIKE'; $this->capabilities['require_truncate_varchar'] = true; break; case 'mssql': $this->capabilities['distinct_on_text'] = false; $this->capabilities['order_on_text'] = 'CAST (%s AS varchar)'; break; case 'maxdb': // if Lim ever changes it to maxdb ;-) case 'sapdb': $this->capabilities['distinct_on_text'] = false; $this->capabilities['like_on_text'] = $db_version >= 7.6; $this->capabilities['order_on_text'] = false; break; } //echo "db::set_capabilities('$adodb_driver',$db_version)"; _debug_array($this->capabilities); } /** * Close a connection to a database */ function disconnect() { if (!$this->privat_Link_ID) { unset($GLOBALS['egw']->ADOdb); } unset($this->Link_ID); $this->Link_ID = 0; } /** * Escape strings before sending them to the database * * @deprecated use quote($value,$type='') instead * @param string $str the string to be escaped * @return string escaped sting */ function db_addslashes($str) { if (!isset($str) || $str == '') { return ''; } if (!$this->Link_ID && !$this->connect()) { return False; } return $this->Link_ID->addq($str); } /** * Convert a unix timestamp to a rdms specific timestamp * * @param int unix timestamp * @return string rdms specific timestamp */ function to_timestamp($epoch) { if (!$this->Link_ID && !$this->connect()) { return False; } // the substring is needed as the string is already in quotes return substr($this->Link_ID->DBTimeStamp($epoch),1,-1); } /** * Convert a rdms specific timestamp to a unix timestamp * * @param string rdms specific timestamp * @return int unix timestamp */ function from_timestamp($timestamp) { if (!$this->Link_ID && !$this->connect()) { return False; } return $this->Link_ID->UnixTimeStamp($timestamp); } /** * convert a rdbms specific boolean value * * @param string $val boolean value in db-specfic notation * @return boolean */ function from_bool($val) { return $val && $val{0} !== 'f'; // everthing other then 0 or f[alse] is returned as true } /** * Discard the current query result */ function free() { unset($this->Query_ID); // else copying of the db-object does not work $this->Query_ID = 0; } /** * Execute a query * * @param string $Query_String the query to be executed * @param int $line the line method was called from - use __LINE__ * @param string $file the file method was called from - use __FILE__ * @param int $offset row to start from, default 0 * @param int $num_rows number of rows to return (optional), default -1 = all, 0 will use $GLOBALS['egw_info']['user']['preferences']['common']['maxmatchs'] * @param array/boolean $inputarr array for binding variables to parameters or false (default) * @return ADORecordSet or false, if the query fails */ function query($Query_String, $line = '', $file = '', $offset=0, $num_rows=-1,$inputarr=false) { if ($Query_String == '') { return 0; } if (!$this->Link_ID && !$this->connect()) { return False; } # New query, discard previous result. if ($this->Query_ID) { $this->free(); } if ($this->Link_ID->fetchMode != ADODB_FETCH_BOTH) { $this->Link_ID->SetFetchMode(ADODB_FETCH_BOTH); } if (!$num_rows) { $num_rows = $GLOBALS['egw_info']['user']['preferences']['common']['maxmatchs']; } if ($num_rows > 0) { $this->Query_ID = $this->Link_ID->SelectLimit($Query_String,$num_rows,(int)$offset,$inputarr); } else { $this->Query_ID = $this->Link_ID->Execute($Query_String,$inputarr); } $this->Row = 0; $this->Errno = $this->Link_ID->ErrorNo(); $this->Error = $this->Link_ID->ErrorMsg(); if ($this->query_log && ($f = @fopen($this->query_log,'a+'))) { fwrite($f,'['.(isset($GLOBALS['egw_setup']) ? $GLOBALS['egw_setup']->ConfigDomain : $GLOBALS['egw_info']['user']['domain']).'] '); fwrite($f,date('Y-m-d H:i:s ').$Query_String.($inputarr ? "\n".print_r($inputarr,true) : '')."\n"); if (!$this->Query_ID) { fwrite($f,"*** Error $this->Errno: $this->Error\n".function_backtrace()."\n"); } fclose($f); } if (!$this->Query_ID) { $this->halt("Invalid SQL: ".(is_array($Query_String)?$Query_String[0]:$Query_String). ($inputarr ? "db::get_last_insert_id(table='$table',field='$field') not yet implemented for db-type '$this->Type' OR no insert operation before
\n"; function_backtrace(); return -1; } return $id; } /** * Lock a table * * @deprecated not used anymore as it costs to much performance, use transactions if needed * @param string $table name of table to lock * @param string $mode type of lock required (optional), default write * @return bool True if sucessful, False if fails */ function lock($table, $mode='write') {} /** * Unlock a table * * @deprecated not used anymore as it costs to much performance, use transactions if needed * @return bool True if sucessful, False if fails */ function unlock() {} /** * Get the number of rows affected by last update or delete * * @return int number of rows */ function affected_rows() { if (!$this->Link_ID && !$this->connect()) { return False; } return $this->Link_ID->Affected_Rows(); } /** * Number of rows in current result set * * @return int number of rows */ function num_rows() { return $this->Query_ID ? $this->Query_ID->RecordCount() : False; } /** * Number of fields in current row * * @return int number of fields */ function num_fields() { return $this->Query_ID ? $this->Query_ID->FieldCount() : False; } /** * @deprecated use num_rows() */ function nf() { return $this->num_rows(); } /** * @deprecated use print num_rows() */ function np() { print $this->num_rows(); } /** * Return the value of a column * * @param string/integer $Name name of field or positional index starting from 0 * @param bool $strip_slashes string escape chars from field(optional), default false * depricated param, as correctly quoted values dont need any stripslashes! * @return string the field value */ function f($Name, $strip_slashes = False) { if ($strip_slashes) { return stripslashes($this->Record[$Name]); } return $this->Record[$Name]; } /** * Print the value of a field * * @param string $Name name of field to print * @param bool $strip_slashes string escape chars from field(optional), default false * depricated param, as correctly quoted values dont need any stripslashes! */ function p($Name, $strip_slashes = True) { print $this->f($Name, $strip_slashes); } /** * Returns a query-result-row as an associative array (no numerical keys !!!) * * @param bool $do_next_record should next_record() be called or not (default not) * @param string $strip='' string to strip of the column-name, default '' * @return array/bool the associative array or False if no (more) result-row is availible */ function row($do_next_record=False,$strip='') { if ($do_next_record && !$this->next_record(ADODB_FETCH_ASSOC) || !is_array($this->Record)) { return False; } $result = array(); foreach($this->Record as $column => $value) { if (!is_numeric($column)) { if ($strip) $column = str_replace($strip,'',$column); $result[$column] = $value; } } return $result; } /** * Error handler * * @param string $msg error message * @param int $line line of calling method/function (optional) * @param string $file file of calling method/function (optional) */ function halt($msg, $line = '', $file = '') { if ($this->Link_ID) // only if we have a link, else infinite loop { $this->Error = $this->Link_ID->ErrorMsg(); // need to be BEFORE unlock, $this->Errno = $this->Link_ID->ErrorNo(); // else we get its error or none $this->unlock(); /* Just in case there is a table currently locked */ } if ($this->Halt_On_Error == "no") { return; } if ($this->Halt_On_Error == 'yes') { throw new egw_exception_db($msg.($this->Error?":\n".$this->Error:''),$this->Errno); } $this->haltmsg($msg); if ($file) { printf("Session halted.
"; if (is_object($GLOBALS['egw']->common)) { $GLOBALS['egw']->common->egw_exit(True); } else // happens eg. in setup { exit(); } } } function haltmsg($msg) { printf("Database error: %s
\n", $msg);
if (($this->Errno || $this->Error) && $this->Error != "()")
{
printf("$this->Type Error: %s (%s)
\n",$this->Errno,$this->Error);
}
}
/**
* Get description of a table
*
* Beside the column-name all other data depends on the db-type !!!
*
* @param string $table name of table to describe
* @param bool $full optional, default False summary information, True full information
* @return array table meta data
*/
function metadata($table='',$full=false)
{
if (!$this->Link_ID && !$this->connect())
{
return False;
}
$columns = $this->Link_ID->MetaColumns($table);
//$columns = $this->Link_ID->MetaColumnsSQL($table);
//echo "metadata('$table')=
\n".print_r($columns,True)."\n"; $metadata = array(); $i = 0; foreach($columns as $column) { // for backwards compatibilty (depreciated) unset($flags); if($column->auto_increment) $flags .= "auto_increment "; if($column->primary_key) $flags .= "primary_key "; if($column->binary) $flags .= "binary "; // _debug_array($column); $metadata[$i] = array( 'table' => $table, 'name' => $column->name, 'type' => $column->type, 'len' => $column->max_length, 'flags' => $flags, // for backwards compatibilty (depreciated) used by JiNN atm 'not_null' => $column->not_null, 'auto_increment' => $column->auto_increment, 'primary_key' => $column->primary_key, 'binary' => $column->binary, 'has_default' => $column->has_default, 'default' => $column->default_value, ); $metadata[$i]['table'] = $table; if ($full) { $metadata['meta'][$column->name] = $i; } ++$i; } if ($full) { $metadata['num_fields'] = $i; } return $metadata; } /** * Get a list of table names in the current database * * @return array list of the tables */ function table_names() { if (!$this->Link_ID) $this->connect(); if (!$this->Link_ID) { return False; } $result = array(); $tables = $this->Link_ID->MetaTables('TABLES'); if (is_array($tables)) { foreach($tables as $table) { if ($this->capabilities['name_case'] == 'upper') { $table = strtolower($table); } $result[] = array( 'table_name' => $table, 'tablespace_name' => $this->Database, 'database' => $this->Database ); } } return $result; } /** * Return a list of indexes in current database * * @return array list of indexes */ function index_names() { $indices = array(); if ($this->Type != 'pgsql') { echo "
db::index_names() not yet implemented for db-type '$this->Type'
\n"; return $indices; } $this->query("SELECT relname FROM pg_class WHERE NOT relname ~ 'pg_.*' AND relkind ='i' ORDER BY relname"); while ($this->next_record()) { $indices[] = array( 'index_name' => $this->f(0), 'tablespace_name' => $this->Database, 'database' => $this->Database, ); } return $indices; } /** * Returns an array containing column names that are the primary keys of $tablename. * * @return array of columns */ function pkey_columns($tablename) { if (!$this->Link_ID && !$this->connect()) { return False; } return $this->Link_ID->MetaPrimaryKeys($tablename); } /** * Create a new database * * @param string $adminname name of database administrator user (optional) * @param string $adminpasswd password for the database administrator user (optional) * @param string $charset default charset for the database */ function create_database($adminname = '', $adminpasswd = '', $charset='') { $currentUser = $this->User; $currentPassword = $this->Password; $currentDatabase = $this->Database; $sqls = array(); $set_charset = ''; switch ($this->Type) { case 'pgsql': $meta_db = 'template1'; $sqls[] = "CREATE DATABASE $currentDatabase"; break; case 'mysql': $create = "CREATE DATABASE `$currentDatabase`"; if ($charset && isset($this->Link_ID->charset2mysql[$charset]) && (float) $this->ServerInfo['version'] >= 4.1) { $create .= ' DEFAULT CHARACTER SET '.$this->Link_ID->charset2mysql[$charset].';'; } $sqls[] = $create; $sqls[] = "GRANT ALL ON `$currentDatabase`.* TO $currentUser@localhost IDENTIFIED BY ".$this->quote($currentPassword); $meta_db = 'mysql'; break; default: echo "db::create_database(user='$adminname',\$pw) not yet implemented for DB-type '$this->Type'
\n"; break; } if ($adminname != '') { $this->User = $adminname; $this->Password = $adminpasswd; $this->Database = $meta_db; } $this->disconnect(); foreach($sqls as $sql) { $this->query($sql,__LINE__,__FILE__); } $this->disconnect(); $this->User = $currentUser; $this->Password = $currentPassword; $this->Database = $currentDatabase; $this->connect(); } /** * concat a variable number of strings together, to be used in a query * * Example: $db->concat($db->quote('Hallo '),'username') would return * for mysql "concat('Hallo ',username)" or "'Hallo ' || username" for postgres * @param string $str1 already quoted stringliteral or column-name, variable number of arguments * @return string to be used in a query */ function concat($str1) { $args = func_get_args(); if (!$this->Link_ID && !$this->connect()) { return False; } return call_user_func_array(array(&$this->Link_ID,'concat'),$args); } /** * Convert a unix timestamp stored as integer in the db into a db timestamp, like MySQL: FROM_UNIXTIME(ts) * * @param string $expr name of an integer column or integer expression * @return string SQL expression of type timestamp */ function from_unixtime($expr) { switch($this->Type) { case 'mysql': return "FROM_UNIXTIME($expr)"; case 'pgsql': // we use date(,0) as we store server-time return "(timestamp '".date('Y-m-d H:i:s',0)."' + ($expr) * interval '1 sec')"; case 'mssql': // we use date(,0) as we store server-time return "DATEADD(second,($expr),'".date('Y-m-d H:i:s',0)."')"; } return false; } /** * format a timestamp as string, like MySQL: DATE_FORMAT(ts) * * Please note: only a subset of the MySQL formats are implemented * * @param string $expr name of a timestamp column or timestamp expression * @param string $format format specifier like '%Y-%m-%d %H:%i:%s' or '%V%X' ('%v%x') weeknumber & year with Sunday (Monday) as first day * @return string SQL expression of type timestamp */ function date_format($expr,$format) { switch($this->Type) { case 'mysql': return "DATE_FORMAT($expr,'$format')"; case 'pgsql': $format = str_replace( array('%Y', '%y','%m','%d','%H', '%h','%i','%s','%V','%v','%X', '%x'), array('YYYY','YY','MM','DD','HH24','HH','MI','SS','IW','IW','YYYY','YYYY'), $format); return "TO_CHAR($expr,'$format')"; case 'mssql': $from = $to = array(); foreach(array('%Y'=>'yyyy','%y'=>'yy','%m'=>'mm','%d'=>'dd','%H'=>'hh','%i'=>'mi','%s'=>'ss','%V'=>'wk','%v'=>'wk','%X'=>'yyyy','%x'=>'yyyy') as $f => $t) { $from[] = $f; $to[] = "'+DATEPART($t,($expr))+'"; } $from[] = "''+"; $to[] = ''; $from[] = "+''"; $to[] = ''; return str_replace($from,$to,$format); } return false; } /** * Correctly Quote Identifiers like table- or colmnnames for use in SQL-statements * * This is mostly copy & paste from adodb's datadict class * @param $name string * @return string quoted string */ function name_quote($name = NULL) { if (!is_string($name)) { return FALSE; } $name = trim($name); if (!$this->Link_ID && !$this->connect()) { return False; } $quote = $this->Link_ID->nameQuote; // if name is of the form `name`, quote it if ( preg_match('/^`(.+)`$/', $name, $matches) ) { return $quote . $matches[1] . $quote; } // if name contains special characters, quote it if ( preg_match('/\W/', $name) ) { return $quote . $name . $quote; } return $name; } /** * Escape values before sending them to the database - prevents SQL injunction and SQL errors ;-) * * Please note that the quote function already returns necessary quotes: quote('Hello') === "'Hello'". * Int and Auto types are casted to int: quote('1','int') === 1, quote('','int') === 0, quote('Hello','int') === 0 * * @param mixed $value the value to be escaped * @param string/boolean $type=false string the type of the db-column, default False === varchar * @param boolean $not_null=true is column NOT NULL, default true, else php null values are written as SQL NULL * @param int $length=null length of the varchar column, to truncate it if the database requires it (eg. Postgres) * @return string escaped sting */ function quote($value,$type=False,$not_null=true,$length=null) { if ($this->Debug) echo "db::quote(".(is_null($value)?'NULL':"'$value'").",'$type','$not_null')
\n"; if (!$not_null && is_null($value)) // writing unset php-variables and those set to NULL now as SQL NULL { return 'NULL'; } switch($type) { case 'int': case 'auto': // atm. (php5.2) php has only 32bit integers, it converts everything else to float. // Casting it to int gives a negative number instead of the big 64bit integer! // There for we have to keep it as float by using round instead the int cast. return is_float($value) ? round($value) : (int) $value; case 'bool': if ($this->Type == 'mysql') // maybe it's not longer necessary with mysql5 { return $value ? 1 : 0; } return $value ? 'true' : 'false'; case 'float': case 'decimal': return (double) $value; } if (!$this->Link_ID && !$this->connect()) { return False; } switch($type) { case 'blob': switch ($this->Link_ID->blobEncodeType) { case 'C': // eg. postgres return "'" . $this->Link_ID->BlobEncode($value) . "'"; case 'I': return $this->Link_ID->BlobEncode($value); } break; // handled like strings case 'date': return $this->Link_ID->DBDate($value); case 'timestamp': return $this->Link_ID->DBTimeStamp($value); } if (!is_null($length) && strlen($value) > $length) { $value = substr($value,0,$length); } return $this->Link_ID->qstr($value); } /** * Implodes an array of column-value pairs for the use in sql-querys. * All data is run through quote (does either addslashes() or (int)) - prevents SQL injunction and SQL errors ;-). * * @author RalfBeckerdb::column_data_implode('$glue',".print_r($array,True).",'$use_key',".print_r($only,True).",
".print_r($column_definitions,True)."\n"; // do we need to truncate varchars to their max length (INSERT and UPDATE on Postgres) $truncate_varchar = $glue == ',' && $this->capabilities['require_truncate_varchar']; $keys = $values = array(); foreach($array as $key => $data) { if (is_int($key) || !$only || $only === True && isset($column_definitions[$key]) || is_array($only) && in_array($key,$only)) { $keys[] = $this->name_quote($key); if (!is_int($key) && is_array($column_definitions) && !isset($column_definitions[$key])) { // give a warning that we have no column-type $this->halt("db::column_data_implode('$glue',".print_r($array,True).",'$use_key',".print_r($only,True).",
".print_r($column_definitions,True)."nothing known about column '$key'!"); } $column_type = is_array($column_definitions) ? @$column_definitions[$key]['type'] : False; $not_null = is_array($column_definitions) && isset($column_definitions[$key]['nullable']) ? !$column_definitions[$key]['nullable'] : false; if ($truncate_varchar) { $maxlength = $column_definitions[$key]['type'] == 'varchar' ? $column_definitions[$key]['precision'] : null; } if (is_array($data)) { $or_null = ''; foreach($data as $k => $v) { if (!$not_null && $use_key===True && is_null($v)) { $or_null = $this->name_quote($key).' IS NULL)'; unset($data[$k]); continue; } $data[$k] = $this->quote($v,$column_type,$not_null,$maxlength); } $values[] = ($or_null?'(':'').(!count($data) ? '' : ($use_key===True ? $this->name_quote($key).' IN ' : '') . '('.implode(',',$data).')'.($or_null ? ' OR ' : '')).$or_null; } elseif (is_int($key) && $use_key===True) { $values[] = $data; } elseif ($glue != ',' && $use_key === True && !$not_null && is_null($data)) { $values[] = $this->name_quote($key) .' IS NULL'; } else { $values[] = ($use_key===True ? $this->name_quote($key) . '=' : '') . $this->quote($data,$column_type,$not_null,$maxlength); } } } return ($use_key==='VALUES' ? '('.implode(',',$keys).') VALUES (' : ''). implode($glue,$values) . ($use_key==='VALUES' ? ')' : ''); } /** * Sets the default column-definitions for use with column_data_implode() * * @author RalfBecker
db::insert('$table',".print_r($data,True).",".print_r($where,True).",$line,$file,'$app')
\n"; if (!$table_def) $table_def = $this->get_table_definitions($app,$table); $sql_append = ''; $cmd = 'INSERT'; if (is_array($where) && count($where)) { switch($this->Type) { case 'sapdb': case 'maxdb': $sql_append = ' UPDATE DUPLICATES'; break; case 'mysql': // use replace if primary keys are included if (count(array_intersect(array_keys($where),(array)$table_def['pk'])) == count($table_def['pk'])) { $cmd = 'REPLACE'; break; } // fall through !!! default: $this->select($table,'count(*)',$where,$line,$file); if ($this->next_record() && $this->f(0)) { return !!$this->update($table,$data,$where,$line,$file,$app); } break; } // the checked values need to be inserted too, value in data has precedence, also cant insert sql strings (numerical id) foreach($where as $column => $value) { if (!is_numeric($column) && !isset($data[$column])) { $data[$column] = $value; } } } $inputarr = false; if ($use_prepared_statement && $this->Link_ID->_bindInputArray) // eg. MaxDB { $this->Link_ID->Param(false); // reset param-counter $cols = array_keys($data); foreach($cols as $k => $col) { if (!isset($table_def['fd'][$col])) // ignore columns not in this table { unset($cols[$k]); continue; } $params[] = $this->Link_ID->Param($col); } $sql = "$cmd INTO $table (".implode(',',$cols).') VALUES ('.implode(',',$params).')'.$sql_append; // check if we already prepared that statement if (!isset($this->prepared_sql[$sql])) { $this->prepared_sql[$sql] = $this->Link_ID->Prepare($sql); } $sql = $this->prepared_sql[$sql]; $inputarr = &$data; } else { $sql = "$cmd INTO $table ".$this->column_data_implode(',',$data,'VALUES',true,$table_def['fd']).$sql_append; } if ($this->Debug) echo "db::insert('$table',".print_r($data,True).",".print_r($where,True).",$line,$file,'$app') sql='$sql'
\n"; return $this->query($sql,$line,$file,0,-1,$inputarr); } /** * Updates the data of one or more rows in a table, all data is quoted according to it's type * * @author RalfBeckerdb::update('$table',".print_r($data,true).','.print_r($where,true).",$line,$file,'$app')
\n"; if (!$table_def) $table_def = $this->get_table_definitions($app,$table); $blobs2update = array(); // SapDB/MaxDB cant update LONG columns / blob's: if a blob-column is included in the update we remember it in $blobs2update // and remove it from $data switch ($this->Type) { case 'sapdb': case 'maxdb': if ($use_prepared_statement) break; // check if data contains any LONG columns foreach($data as $col => $val) { switch ($table_def['fd'][$col]['type']) { case 'text': case 'longtext': case 'blob': $blobs2update[$col] = &$data[$col]; unset($data[$col]); break; } } break; } $where = $this->column_data_implode(' AND ',$where,True,true,$table_def['fd']); if (count($data)) { $inputarr = false; if ($use_prepared_statement && $this->Link_ID->_bindInputArray) // eg. MaxDB { $this->Link_ID->Param(false); // reset param-counter foreach($data as $col => $val) { if (!isset($table_def['fd'][$col])) continue; // ignore columns not in this table $params[] = $this->name_quote($col).'='.$this->Link_ID->Param($col); } $sql = "UPDATE $table SET ".implode(',',$params).' WHERE '.$where; // check if we already prepared that statement if (!isset($this->prepared_sql[$sql])) { $this->prepared_sql[$sql] = $this->Link_ID->Prepare($sql); } $sql = $this->prepared_sql[$sql]; $inputarr = &$data; } else { $sql = "UPDATE $table SET ". $this->column_data_implode(',',$data,True,true,$table_def['fd']).' WHERE '.$where; } $ret = $this->query($sql,$line,$file,0,-1,$inputarr); if ($this->Debug) echo "db::query('$sql',$line,$file) = '$ret'
\n"; } // if we have any blobs to update, we do so now if (($ret || !count($data)) && count($blobs2update)) { foreach($blobs2update as $col => $val) { $ret = $this->Link_ID->UpdateBlob($table,$col,$val,$where,$table_def['fd'][$col]['type'] == 'blob' ? 'BLOB' : 'CLOB'); if ($this->Debug) echo "adodb::UpdateBlob('$table','$col','$val','$where') = '$ret'
\n"; if (!$ret) $this->halt("Error in UpdateBlob($table,$col,\$val,$where)",$line,$file); } } return $ret; } /** * Deletes one or more rows in table, all data is quoted according to it's type * * @author RalfBeckerdb::expression($table,
".print_r(func_get_args(),True).") ='$sql'\n"; return $sql; } /** * Selects one or more rows in table depending on where, all data is quoted according to it's type * * @author RalfBecker
db::select('$table',".print_r($cols,True).",".print_r($where,True).",$line,$file,$offset,'$app',$num_rows,'$join')
\n"; if (!$table_def) $table_def = $this->get_table_definitions($app,$table); if (is_array($cols)) { $cols = implode(',',$cols); } if (is_array($where)) { $where = $this->column_data_implode(' AND ',$where,True,False,$table_def['fd']); } $sql = "SELECT $cols FROM $table $join"; // if we have a where clause, we need to add it together with the WHERE statement, if thats not in the join if ($where) $sql .= (strpos($join,"WHERE")!==false) ? ' AND ('.$where.')' : ' WHERE '.$where; if ($append) $sql .= ' '.$append; if ($this->Debug) echo "sql='$sql'
"; if ($line === false && $file === false) // call by union, to return the sql rather then run the query { return $sql; } return $this->query($sql,$line,$file,$offset,$offset===False ? -1 : (int)$num_rows); } /** * Does a union over multiple selects * * @author RalfBeckerdb::union(".print_r($selects,True).",$line,$file,$order_by,$offset,$num_rows)
\n"; $sql = array(); foreach($selects as $select) { $sql[] = call_user_func_array(array($this,'select'),array( $select['table'], $select['cols'], $select['where'], false, // line false, // file false, // offset $select['append'], $select['app'], 0, // num_rows, $select['join'], $select['table_def'], )); } $sql = count($sql) > 1 ? '(' . implode(")\nUNION\n(",$sql).')' : $sql[0]; if ($order_by) $sql .= (!stristr($order_by,'ORDER BY') ? "\nORDER BY " : '').$order_by; if ($this->Debug) echo "sql='$sql'
"; return $this->query($sql,$line,$file,$offset,$offset===False ? -1 : (int)$num_rows); } }