Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

283 lines
6.2 KiB

11 years ago
10 years ago
10 years ago
11 years ago
10 years ago
10 years ago
10 years ago
11 years ago
10 years ago
10 years ago
11 years ago
10 years ago
11 years ago
11 years ago
11 years ago
10 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
  1. <?php
  2. require_once('include/datetime.php');
  3. /**
  4. *
  5. * MySQL database class
  6. *
  7. * For debugging, insert 'dbg(1);' anywhere in the program flow.
  8. * dbg(0); will turn it off. Logging is performed at LOGGER_DATA level.
  9. * When logging, all binary info is converted to text and html entities are escaped so that
  10. * the debugging stream is safe to view within both terminals and web pages.
  11. *
  12. */
  13. if(! class_exists('dba')) {
  14. class dba {
  15. private $debug = 0;
  16. private $db;
  17. public $mysqli = true;
  18. public $connected = false;
  19. public $error = false;
  20. function __construct($server,$user,$pass,$db,$install = false) {
  21. $server = trim($server);
  22. $user = trim($user);
  23. $pass = trim($pass);
  24. $db = trim($db);
  25. if (!(strlen($server) && strlen($user))){
  26. $this->connected = false;
  27. $this->db = null;
  28. return;
  29. }
  30. if($install) {
  31. if(strlen($server) && ($server !== 'localhost') && ($server !== '127.0.0.1')) {
  32. if(! dns_get_record($server, DNS_A + DNS_CNAME + DNS_PTR)) {
  33. $this->error = sprintf( t('Cannot locate DNS info for database server \'%s\''), $server);
  34. $this->connected = false;
  35. $this->db = null;
  36. return;
  37. }
  38. }
  39. }
  40. if(class_exists('mysqli')) {
  41. $this->db = @new mysqli($server,$user,$pass,$db);
  42. if(! mysqli_connect_errno()) {
  43. $this->connected = true;
  44. }
  45. }
  46. else {
  47. $this->mysqli = false;
  48. $this->db = mysql_connect($server,$user,$pass);
  49. if($this->db && mysql_select_db($db,$this->db)) {
  50. $this->connected = true;
  51. }
  52. }
  53. if(! $this->connected) {
  54. $this->db = null;
  55. if(! $install)
  56. system_unavailable();
  57. }
  58. }
  59. public function getdb() {
  60. return $this->db;
  61. }
  62. public function q($sql) {
  63. if((! $this->db) || (! $this->connected))
  64. return false;
  65. $this->error = '';
  66. //if (get_config("system", "db_log") != "")
  67. // @file_put_contents(get_config("system", "db_log"), datetime_convert().':'.session_id(). ' Start '.$sql."\n", FILE_APPEND);
  68. if($this->mysqli)
  69. $result = @$this->db->query($sql);
  70. else
  71. $result = @mysql_query($sql,$this->db);
  72. //if (get_config("system", "db_log") != "")
  73. // @file_put_contents(get_config("system", "db_log"), datetime_convert().':'.session_id(). ' Stop '."\n", FILE_APPEND);
  74. if($this->mysqli) {
  75. if($this->db->errno)
  76. $this->error = $this->db->error;
  77. }
  78. elseif(mysql_errno($this->db))
  79. $this->error = mysql_error($this->db);
  80. if(strlen($this->error)) {
  81. logger('dba: ' . $this->error);
  82. }
  83. if($this->debug) {
  84. $mesg = '';
  85. if($result === false)
  86. $mesg = 'false';
  87. elseif($result === true)
  88. $mesg = 'true';
  89. else {
  90. if($this->mysqli)
  91. $mesg = $result->num_rows . ' results' . EOL;
  92. else
  93. $mesg = mysql_num_rows($result) . ' results' . EOL;
  94. }
  95. $str = 'SQL = ' . printable($sql) . EOL . 'SQL returned ' . $mesg
  96. . (($this->error) ? ' error: ' . $this->error : '')
  97. . EOL;
  98. logger('dba: ' . $str );
  99. }
  100. /**
  101. * If dbfail.out exists, we will write any failed calls directly to it,
  102. * regardless of any logging that may or may nor be in effect.
  103. * These usually indicate SQL syntax errors that need to be resolved.
  104. */
  105. if($result === false) {
  106. logger('dba: ' . printable($sql) . ' returned false.' . "\n" . $this->error);
  107. if(file_exists('dbfail.out'))
  108. file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND);
  109. }
  110. if(($result === true) || ($result === false))
  111. return $result;
  112. $r = array();
  113. if($this->mysqli) {
  114. if($result->num_rows) {
  115. while($x = $result->fetch_array(MYSQLI_ASSOC))
  116. $r[] = $x;
  117. $result->free_result();
  118. }
  119. }
  120. else {
  121. if(mysql_num_rows($result)) {
  122. while($x = mysql_fetch_array($result, MYSQL_ASSOC))
  123. $r[] = $x;
  124. mysql_free_result($result);
  125. }
  126. }
  127. if($this->debug)
  128. logger('dba: ' . printable(print_r($r, true)));
  129. return($r);
  130. }
  131. public function dbg($dbg) {
  132. $this->debug = $dbg;
  133. }
  134. public function escape($str) {
  135. if($this->db && $this->connected) {
  136. if($this->mysqli)
  137. return @$this->db->real_escape_string($str);
  138. else
  139. return @mysql_real_escape_string($str,$this->db);
  140. }
  141. }
  142. function __destruct() {
  143. if ($this->db)
  144. if($this->mysqli)
  145. $this->db->close();
  146. else
  147. mysql_close($this->db);
  148. }
  149. }}
  150. if(! function_exists('printable')) {
  151. function printable($s) {
  152. $s = preg_replace("~([\x01-\x08\x0E-\x0F\x10-\x1F\x7F-\xFF])~",".", $s);
  153. $s = str_replace("\x00",'.',$s);
  154. if(x($_SERVER,'SERVER_NAME'))
  155. $s = escape_tags($s);
  156. return $s;
  157. }}
  158. // Procedural functions
  159. if(! function_exists('dbg')) {
  160. function dbg($state) {
  161. global $db;
  162. if($db)
  163. $db->dbg($state);
  164. }}
  165. if(! function_exists('dbesc')) {
  166. function dbesc($str) {
  167. global $db;
  168. if($db && $db->connected)
  169. return($db->escape($str));
  170. else
  171. return(str_replace("'","\\'",$str));
  172. }}
  173. // Function: q($sql,$args);
  174. // Description: execute SQL query with printf style args.
  175. // Example: $r = q("SELECT * FROM `%s` WHERE `uid` = %d",
  176. // 'user', 1);
  177. if(! function_exists('q')) {
  178. function q($sql) {
  179. global $db;
  180. $args = func_get_args();
  181. unset($args[0]);
  182. if($db && $db->connected) {
  183. $stmt = vsprintf($sql,$args);
  184. if($stmt === false)
  185. logger('dba: vsprintf error: ' . print_r(debug_backtrace(),true));
  186. return $db->q($stmt);
  187. }
  188. /**
  189. *
  190. * This will happen occasionally trying to store the
  191. * session data after abnormal program termination
  192. *
  193. */
  194. logger('dba: no database: ' . print_r($args,true));
  195. return false;
  196. }}
  197. /**
  198. *
  199. * Raw db query, no arguments
  200. *
  201. */
  202. if(! function_exists('dbq')) {
  203. function dbq($sql) {
  204. global $db;
  205. if($db && $db->connected)
  206. $ret = $db->q($sql);
  207. else
  208. $ret = false;
  209. return $ret;
  210. }}
  211. // Caller is responsible for ensuring that any integer arguments to
  212. // dbesc_array are actually integers and not malformed strings containing
  213. // SQL injection vectors. All integer array elements should be specifically
  214. // cast to int to avoid trouble.
  215. if(! function_exists('dbesc_array_cb')) {
  216. function dbesc_array_cb(&$item, $key) {
  217. if(is_string($item))
  218. $item = dbesc($item);
  219. }}
  220. if(! function_exists('dbesc_array')) {
  221. function dbesc_array(&$arr) {
  222. if(is_array($arr) && count($arr)) {
  223. array_walk($arr,'dbesc_array_cb');
  224. }
  225. }}
  226. function dba_timer() {
  227. return microtime(true);
  228. }