commit | author | age
|
b5a2f8
|
1 |
<?php |
T |
2 |
/* |
f5b0ca
|
3 |
Copyright (c) 2005, Till Brehm, projektfarm Gmbh |
N |
4 |
All rights reserved. |
b5a2f8
|
5 |
|
f5b0ca
|
6 |
Redistribution and use in source and binary forms, with or without modification, |
N |
7 |
are permitted provided that the following conditions are met: |
b5a2f8
|
8 |
|
f5b0ca
|
9 |
* Redistributions of source code must retain the above copyright notice, |
N |
10 |
this list of conditions and the following disclaimer. |
|
11 |
* Redistributions in binary form must reproduce the above copyright notice, |
|
12 |
this list of conditions and the following disclaimer in the documentation |
|
13 |
and/or other materials provided with the distribution. |
|
14 |
* Neither the name of ISPConfig nor the names of its contributors |
|
15 |
may be used to endorse or promote products derived from this software without |
|
16 |
specific prior written permission. |
b5a2f8
|
17 |
|
f5b0ca
|
18 |
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND |
N |
19 |
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
20 |
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
|
21 |
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, |
|
22 |
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
|
23 |
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
|
24 |
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY |
|
25 |
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING |
|
26 |
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, |
|
27 |
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
28 |
*/ |
b5a2f8
|
29 |
|
f5b0ca
|
30 |
class db extends mysqli |
N |
31 |
{ |
7fe908
|
32 |
private $dbHost = ''; // hostname of the MySQL server |
MC |
33 |
private $dbName = ''; // logical database name on that server |
|
34 |
private $dbUser = ''; // database authorized user |
|
35 |
private $dbPass = ''; // user's password |
|
36 |
private $dbCharset = 'utf8';// Database charset |
|
37 |
private $dbNewLink = false; // Return a new linkID when connect is called again |
|
38 |
private $dbClientFlags = 0; // MySQL Client falgs |
|
39 |
private $linkId = 0; // last result of mysqli_connect() |
|
40 |
private $queryId = 0; // last result of mysqli_query() |
|
41 |
private $record = array(); // last record fetched |
|
42 |
private $autoCommit = 1; // Autocommit Transactions |
|
43 |
private $currentRow; // current row number |
|
44 |
private $errorNumber = 0; // last error number |
|
45 |
public $errorMessage = ''; // last error message |
|
46 |
private $errorLocation = '';// last error location |
|
47 |
public $show_error_messages = false; // false in server, true in interface |
|
48 |
private $isConnected = false; // needed to know if we have a valid mysqli object from the constructor |
b5a2f8
|
49 |
|
7fe908
|
50 |
// constructor |
MC |
51 |
public function __construct($prefix = '') { |
|
52 |
global $conf; |
|
53 |
if($prefix != '') $prefix .= '_'; |
|
54 |
$this->dbHost = $conf[$prefix.'db_host']; |
|
55 |
$this->dbName = $conf[$prefix.'db_database']; |
|
56 |
$this->dbUser = $conf[$prefix.'db_user']; |
|
57 |
$this->dbPass = $conf[$prefix.'db_password']; |
|
58 |
$this->dbCharset = $conf[$prefix.'db_charset']; |
|
59 |
$this->dbNewLink = $conf[$prefix.'db_new_link']; |
|
60 |
$this->dbClientFlags = $conf[$prefix.'db_client_flags']; |
|
61 |
parent::__construct($conf[$prefix.'db_host'], $conf[$prefix.'db_user'], $conf[$prefix.'db_password'], $conf[$prefix.'db_database']); |
|
62 |
$try = 0; |
|
63 |
//while(!is_null($this->connect_error) && $try < 5) { |
|
64 |
while(mysqli_connect_error() && $try < 5) { |
|
65 |
if($try > 0) sleep(1); |
f5b0ca
|
66 |
|
7fe908
|
67 |
$try++; |
MC |
68 |
$this->updateError('DB::__construct'); |
f5b0ca
|
69 |
|
7fe908
|
70 |
parent::__construct($conf[$prefix.'db_host'], $conf[$prefix.'db_user'], $conf[$prefix.'db_password'], $conf[$prefix.'db_database']); |
MC |
71 |
} |
f5b0ca
|
72 |
|
7fe908
|
73 |
//if(is_null($this->connect_error)) $this->isConnected = true; |
MC |
74 |
//else return false; |
|
75 |
if(!mysqli_connect_error()) $this->isConnected = true; |
|
76 |
else return false; |
|
77 |
|
|
78 |
$this->setCharacterEncoding(); |
|
79 |
} |
|
80 |
|
|
81 |
public function __destruct() { |
|
82 |
$this->close(); // helps avoid memory leaks, and persitent connections that don't go away. |
|
83 |
} |
|
84 |
|
|
85 |
// error handler |
|
86 |
public function updateError($location) { |
|
87 |
global $app, $conf; |
|
88 |
|
|
89 |
/* |
72695f
|
90 |
if(!is_null($this->connect_error)) { |
f5b0ca
|
91 |
$this->errorNumber = $this->connect_errno; |
N |
92 |
$this->errorMessage = $this->connect_error; |
|
93 |
} else { |
|
94 |
$this->errorNumber = $this->errno; |
|
95 |
$this->errorMessage = $this->error; |
e6c1c4
|
96 |
} |
cc6568
|
97 |
*/ |
7fe908
|
98 |
if(mysqli_connect_error()) { |
MC |
99 |
$this->errorNumber = mysqli_connect_errno(); |
|
100 |
$this->errorMessage = mysqli_connect_error(); |
|
101 |
} else { |
|
102 |
$this->errorNumber = mysqli_errno($this); |
|
103 |
$this->errorMessage = mysqli_error($this); |
|
104 |
} |
cc6568
|
105 |
|
f5b0ca
|
106 |
|
7fe908
|
107 |
$this->errorLocation = $location; |
MC |
108 |
if($this->errorNumber) { |
|
109 |
$error_msg = $this->errorLocation .' '. $this->errorMessage; |
|
110 |
// This right here will allow us to use the same file for server & interface |
|
111 |
if($this->show_error_messages && $conf['demo_mode'] === false) { |
|
112 |
echo $error_msg; |
|
113 |
} else if(is_object($app) && method_exists($app, 'log')) { |
|
114 |
$app->log($error_msg, LOGLEVEL_WARN); |
|
115 |
} |
|
116 |
} |
f5b0ca
|
117 |
} |
7fe908
|
118 |
|
MC |
119 |
private function setCharacterEncoding() { |
|
120 |
if($this->isConnected == false) return false; |
|
121 |
parent::query( 'SET NAMES '.$this->dbCharset); |
|
122 |
parent::query( "SET character_set_results = '".$this->dbCharset."', character_set_client = '".$this->dbCharset."', character_set_connection = '".$this->dbCharset."', character_set_database = '".$this->dbCharset."', character_set_server = '".$this->dbCharset."'"); |
f5b0ca
|
123 |
} |
cb1221
|
124 |
|
TB |
125 |
private function securityScan($string) { |
|
126 |
global $app, $conf; |
|
127 |
|
|
128 |
// get security config |
|
129 |
if(isset($app)) { |
|
130 |
$app->uses('getconf'); |
|
131 |
$ids_config = $app->getconf->get_security_config('ids'); |
|
132 |
|
|
133 |
if($ids_config['sql_scan_enabled'] == 'yes') { |
|
134 |
|
0e34ba
|
135 |
// Remove whitespace |
TB |
136 |
$string = trim($string); |
|
137 |
if(substr($string,-1) == ';') $string = substr($string,0,-1); |
|
138 |
|
|
139 |
// Save original string |
cb1221
|
140 |
$string_orig = $string; |
TB |
141 |
|
|
142 |
//echo $string; |
68b146
|
143 |
$chars = array(';', '#', '/*', '*/', '--', '\\\'', '\\"'); |
cb1221
|
144 |
|
TB |
145 |
$string = str_replace('\\\\', '', $string); |
f986a3
|
146 |
$string = preg_replace('/(^|[^\\\])([\'"])\\2/is', '$1', $string); |
MC |
147 |
$string = preg_replace('/(^|[^\\\])([\'"])(.*?[^\\\])\\2/is', '$1', $string); |
cb1221
|
148 |
$ok = true; |
TB |
149 |
|
|
150 |
if(substr_count($string, "`") % 2 != 0 || substr_count($string, "'") % 2 != 0 || substr_count($string, '"') % 2 != 0) { |
|
151 |
$app->log("SQL injection warning (" . $string_orig . ")",2); |
|
152 |
$ok = false; |
|
153 |
} else { |
|
154 |
foreach($chars as $char) { |
|
155 |
if(strpos($string, $char) !== false) { |
|
156 |
$ok = false; |
|
157 |
$app->log("SQL injection warning (" . $string_orig . ")",2); |
|
158 |
break; |
|
159 |
} |
|
160 |
} |
|
161 |
} |
|
162 |
if($ok == true) { |
|
163 |
return true; |
|
164 |
} else { |
|
165 |
if($ids_config['sql_scan_action'] == 'warn') { |
|
166 |
// we return false in warning level. |
|
167 |
return false; |
|
168 |
} else { |
|
169 |
// if sql action = 'block' or anything else then stop here. |
|
170 |
$app->error('Possible SQL injection. All actions have been logged.'); |
|
171 |
} |
|
172 |
} |
|
173 |
} |
|
174 |
} |
|
175 |
} |
f5b0ca
|
176 |
|
7fe908
|
177 |
public function query($queryString) { |
MC |
178 |
global $conf; |
|
179 |
if($this->isConnected == false) return false; |
|
180 |
$try = 0; |
|
181 |
do { |
|
182 |
$try++; |
|
183 |
$ok = $this->ping(); |
|
184 |
if(!$ok) { |
|
185 |
if(!$this->real_connect($this->dbHost, $this->dbUser, $this->dbPass, $this->dbName)) { |
|
186 |
if($try > 4) { |
|
187 |
$this->updateError('DB::query -> reconnect'); |
|
188 |
return false; |
|
189 |
} else { |
|
190 |
sleep(1); |
|
191 |
} |
|
192 |
} else { |
|
193 |
$this->setCharacterEncoding(); |
|
194 |
$ok = true; |
|
195 |
} |
|
196 |
} |
|
197 |
} while($ok == false); |
cb1221
|
198 |
$this->securityScan($queryString); |
7fe908
|
199 |
$this->queryId = parent::query($queryString); |
MC |
200 |
$this->updateError('DB::query('.$queryString.') -> mysqli_query'); |
|
201 |
if($this->errorNumber && $conf['demo_mode'] === false) debug_print_backtrace(); |
|
202 |
if(!$this->queryId) { |
|
203 |
return false; |
|
204 |
} |
|
205 |
$this->currentRow = 0; |
|
206 |
return $this->queryId; |
|
207 |
} |
f5b0ca
|
208 |
|
7fe908
|
209 |
// returns all records in an array |
MC |
210 |
public function queryAllRecords($queryString) { |
|
211 |
if(!$this->query($queryString)) |
|
212 |
{ |
|
213 |
return false; |
|
214 |
} |
|
215 |
$ret = array(); |
|
216 |
while($line = $this->nextRecord()) |
|
217 |
{ |
|
218 |
$ret[] = $line; |
|
219 |
} |
|
220 |
return $ret; |
|
221 |
} |
f5b0ca
|
222 |
|
7fe908
|
223 |
// returns one record in an array |
MC |
224 |
public function queryOneRecord($queryString) { |
|
225 |
if(!$this->query($queryString) || $this->numRows() == 0) |
|
226 |
{ |
|
227 |
return false; |
|
228 |
} |
|
229 |
return $this->nextRecord(); |
|
230 |
} |
f5b0ca
|
231 |
|
7fe908
|
232 |
// returns the next record in an array |
MC |
233 |
public function nextRecord() { |
|
234 |
$this->record = $this->queryId->fetch_assoc(); |
|
235 |
$this->updateError('DB::nextRecord()-> mysql_fetch_array'); |
|
236 |
if(!$this->record || !is_array($this->record)) |
|
237 |
{ |
|
238 |
return false; |
|
239 |
} |
|
240 |
$this->currentRow++; |
|
241 |
return $this->record; |
|
242 |
} |
|
243 |
|
|
244 |
// returns number of rows returned by the last select query |
|
245 |
public function numRows() { |
|
246 |
return intval($this->queryId->num_rows); |
|
247 |
} |
|
248 |
|
|
249 |
public function affectedRows() { |
|
250 |
return intval($this->queryId->affected_rows); |
|
251 |
} |
|
252 |
|
|
253 |
// returns mySQL insert id |
|
254 |
public function insertID() { |
|
255 |
return $this->insert_id; |
|
256 |
} |
|
257 |
|
|
258 |
|
|
259 |
//* Function to quote strings |
|
260 |
public function quote($formfield) { |
|
261 |
return $this->escape_string($formfield); |
|
262 |
} |
|
263 |
|
|
264 |
//* Function to unquotae strings |
|
265 |
public function unquote($formfield) { |
|
266 |
return stripslashes($formfield); |
|
267 |
} |
|
268 |
|
|
269 |
public function toLower($record) { |
|
270 |
if(is_array($record)) { |
|
271 |
foreach($record as $key => $val) { |
|
272 |
$key = strtolower($key); |
|
273 |
$out[$key] = $val; |
|
274 |
} |
|
275 |
} |
|
276 |
return $out; |
|
277 |
} |
|
278 |
|
|
279 |
public function diffrec($record_old, $record_new) { |
|
280 |
$diffrec_full = array(); |
|
281 |
$diff_num = 0; |
|
282 |
|
|
283 |
if(is_array($record_old) && count($record_old) > 0) { |
|
284 |
foreach($record_old as $key => $val) { |
|
285 |
// if(!isset($record_new[$key]) || $record_new[$key] != $val) { |
|
286 |
if(@$record_new[$key] != $val) { |
|
287 |
// Record has changed |
|
288 |
$diffrec_full['old'][$key] = $val; |
|
289 |
$diffrec_full['new'][$key] = @$record_new[$key]; |
|
290 |
$diff_num++; |
|
291 |
} else { |
|
292 |
$diffrec_full['old'][$key] = $val; |
|
293 |
$diffrec_full['new'][$key] = $val; |
|
294 |
} |
|
295 |
} |
|
296 |
} elseif(is_array($record_new)) { |
|
297 |
foreach($record_new as $key => $val) { |
|
298 |
if(isset($record_new[$key]) && @$record_old[$key] != $val) { |
|
299 |
// Record has changed |
|
300 |
$diffrec_full['new'][$key] = $val; |
|
301 |
$diffrec_full['old'][$key] = @$record_old[$key]; |
|
302 |
$diff_num++; |
|
303 |
} else { |
|
304 |
$diffrec_full['new'][$key] = $val; |
|
305 |
$diffrec_full['old'][$key] = $val; |
|
306 |
} |
|
307 |
} |
|
308 |
} |
|
309 |
|
|
310 |
return array('diff_num' => $diff_num, 'diff_rec' => $diffrec_full); |
|
311 |
|
|
312 |
} |
|
313 |
|
|
314 |
//** Function to fill the datalog with a full differential record. |
|
315 |
public function datalogSave($db_table, $action, $primary_field, $primary_id, $record_old, $record_new, $force_update = false) { |
|
316 |
global $app, $conf; |
|
317 |
|
94b44c
|
318 |
// Check fields |
7272e4
|
319 |
if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$db_table)) $app->error('Invalid table name '.$db_table); |
cd48c7
|
320 |
if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$primary_field)) $app->error('Invalid primary field '.$primary_field.' in table '.$db_table); |
94b44c
|
321 |
|
TB |
322 |
$primary_field = $this->quote($primary_field); |
|
323 |
$primary_id = intval($primary_id); |
f5b0ca
|
324 |
|
b0eb45
|
325 |
if($force_update == true) { |
T |
326 |
//* We force a update even if no record has changed |
7fe908
|
327 |
$diffrec_full = array('new' => $record_new, 'old' => $record_old); |
b0eb45
|
328 |
$diff_num = count($record_new); |
T |
329 |
} else { |
|
330 |
//* get the difference record between old and new record |
|
331 |
$tmp = $this->diffrec($record_old, $record_new); |
|
332 |
$diffrec_full = $tmp['diff_rec']; |
|
333 |
$diff_num = $tmp['diff_num']; |
|
334 |
unset($tmp); |
|
335 |
} |
f5b0ca
|
336 |
|
7fe908
|
337 |
// Insert the server_id, if the record has a server_id |
MC |
338 |
$server_id = (isset($record_old['server_id']) && $record_old['server_id'] > 0)?$record_old['server_id']:0; |
|
339 |
if(isset($record_new['server_id'])) $server_id = $record_new['server_id']; |
e9a57d
|
340 |
$server_id = intval($server_id); |
f5b0ca
|
341 |
|
7fe908
|
342 |
if($diff_num > 0) { |
MC |
343 |
//print_r($diff_num); |
|
344 |
//print_r($diffrec_full); |
|
345 |
$diffstr = $app->db->quote(serialize($diffrec_full)); |
|
346 |
$username = $app->db->quote($_SESSION['s']['user']['username']); |
|
347 |
$dbidx = $primary_field.':'.$primary_id; |
f5b0ca
|
348 |
|
7fe908
|
349 |
if($action == 'INSERT') $action = 'i'; |
MC |
350 |
if($action == 'UPDATE') $action = 'u'; |
|
351 |
if($action == 'DELETE') $action = 'd'; |
|
352 |
$sql = "INSERT INTO sys_datalog (dbtable,dbidx,server_id,action,tstamp,user,data) VALUES ('".$db_table."','$dbidx','$server_id','$action','".time()."','$username','$diffstr')"; |
|
353 |
$app->db->query($sql); |
|
354 |
} |
f5b0ca
|
355 |
|
7fe908
|
356 |
return true; |
MC |
357 |
} |
f5b0ca
|
358 |
|
7fe908
|
359 |
//** Inserts a record and saves the changes into the datalog |
MC |
360 |
public function datalogInsert($tablename, $insert_data, $index_field) { |
|
361 |
global $app; |
e9a57d
|
362 |
|
94b44c
|
363 |
// Check fields |
7272e4
|
364 |
if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename); |
cd48c7
|
365 |
if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename); |
94b44c
|
366 |
|
TB |
367 |
if(strpos($tablename, '.') !== false) { |
7272e4
|
368 |
$tablename_escaped = preg_replace('/^(.+)\.(.+)$/', '`$1`.`$2`', $tablename); |
94b44c
|
369 |
} else { |
7272e4
|
370 |
$tablename_escaped = '`' . $tablename . '`'; |
94b44c
|
371 |
} |
TB |
372 |
|
e9a57d
|
373 |
$index_field = $this->quote($index_field); |
7fe908
|
374 |
|
MC |
375 |
if(is_array($insert_data)) { |
ee260d
|
376 |
$key_str = ''; |
T |
377 |
$val_str = ''; |
|
378 |
foreach($insert_data as $key => $val) { |
|
379 |
$key_str .= "`".$key ."`,"; |
|
380 |
$val_str .= "'".$this->quote($val)."',"; |
|
381 |
} |
7fe908
|
382 |
$key_str = substr($key_str, 0, -1); |
MC |
383 |
$val_str = substr($val_str, 0, -1); |
ee260d
|
384 |
$insert_data_str = '('.$key_str.') VALUES ('.$val_str.')'; |
T |
385 |
} else { |
|
386 |
$insert_data_str = $insert_data; |
|
387 |
} |
f5b0ca
|
388 |
|
7fe908
|
389 |
$old_rec = array(); |
7272e4
|
390 |
$this->query("INSERT INTO $tablename_escaped $insert_data_str"); |
7fe908
|
391 |
$index_value = $this->insertID(); |
7272e4
|
392 |
$new_rec = $this->queryOneRecord("SELECT * FROM $tablename_escaped WHERE $index_field = '$index_value'"); |
7fe908
|
393 |
$this->datalogSave($tablename, 'INSERT', $index_field, $index_value, $old_rec, $new_rec); |
f5b0ca
|
394 |
|
7fe908
|
395 |
return $index_value; |
MC |
396 |
} |
f5b0ca
|
397 |
|
7fe908
|
398 |
//** Updates a record and saves the changes into the datalog |
MC |
399 |
public function datalogUpdate($tablename, $update_data, $index_field, $index_value, $force_update = false) { |
ee260d
|
400 |
global $app; |
e9a57d
|
401 |
|
94b44c
|
402 |
// Check fields |
7272e4
|
403 |
if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename); |
cd48c7
|
404 |
if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename); |
94b44c
|
405 |
|
TB |
406 |
if(strpos($tablename, '.') !== false) { |
7272e4
|
407 |
$tablename_escaped = preg_replace('/^(.+)\.(.+)$/', '`$1`.`$2`', $tablename); |
94b44c
|
408 |
} else { |
7272e4
|
409 |
$tablename_escaped = '`' . $tablename . '`'; |
94b44c
|
410 |
} |
TB |
411 |
|
e9a57d
|
412 |
$index_field = $this->quote($index_field); |
TB |
413 |
$index_value = $this->quote($index_value); |
7fe908
|
414 |
|
7272e4
|
415 |
$old_rec = $this->queryOneRecord("SELECT * FROM $tablename_escaped WHERE $index_field = '$index_value'"); |
7fe908
|
416 |
|
MC |
417 |
if(is_array($update_data)) { |
ee260d
|
418 |
$update_data_str = ''; |
T |
419 |
foreach($update_data as $key => $val) { |
|
420 |
$update_data_str .= "`".$key ."` = '".$this->quote($val)."',"; |
|
421 |
} |
7fe908
|
422 |
$update_data_str = substr($update_data_str, 0, -1); |
ee260d
|
423 |
} else { |
T |
424 |
$update_data_str = $update_data; |
|
425 |
} |
f5b0ca
|
426 |
|
7272e4
|
427 |
$this->query("UPDATE $tablename_escaped SET $update_data_str WHERE $index_field = '$index_value'"); |
TB |
428 |
$new_rec = $this->queryOneRecord("SELECT * FROM $tablename_escaped WHERE $index_field = '$index_value'"); |
7fe908
|
429 |
$this->datalogSave($tablename, 'UPDATE', $index_field, $index_value, $old_rec, $new_rec, $force_update); |
f5b0ca
|
430 |
|
7fe908
|
431 |
return true; |
MC |
432 |
} |
f5b0ca
|
433 |
|
7fe908
|
434 |
//** Deletes a record and saves the changes into the datalog |
MC |
435 |
public function datalogDelete($tablename, $index_field, $index_value) { |
|
436 |
global $app; |
e9a57d
|
437 |
|
94b44c
|
438 |
// Check fields |
7272e4
|
439 |
if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename); |
cd48c7
|
440 |
if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename); |
94b44c
|
441 |
|
TB |
442 |
if(strpos($tablename, '.') !== false) { |
7272e4
|
443 |
$tablename_escaped = preg_replace('/^(.+)\.(.+)$/', '`$1`.`$2`', $tablename); |
94b44c
|
444 |
} else { |
7272e4
|
445 |
$tablename_escaped = '`' . $tablename . '`'; |
94b44c
|
446 |
} |
TB |
447 |
|
e9a57d
|
448 |
$index_field = $this->quote($index_field); |
TB |
449 |
$index_value = $this->quote($index_value); |
f5b0ca
|
450 |
|
7272e4
|
451 |
$old_rec = $this->queryOneRecord("SELECT * FROM $tablename_escaped WHERE $index_field = '$index_value'"); |
TB |
452 |
$this->query("DELETE FROM $tablename_escaped WHERE $index_field = '$index_value'"); |
7fe908
|
453 |
$new_rec = array(); |
MC |
454 |
$this->datalogSave($tablename, 'DELETE', $index_field, $index_value, $old_rec, $new_rec); |
|
455 |
|
|
456 |
return true; |
|
457 |
} |
|
458 |
|
|
459 |
//* get the current datalog status for the specified login (or currently logged in user) |
|
460 |
public function datalogStatus($login = '') { |
|
461 |
global $app; |
|
462 |
|
|
463 |
$return = array('count' => 0, 'entries' => array()); |
|
464 |
if($_SESSION['s']['user']['typ'] == 'admin') return $return; // these information should not be displayed to admin users |
|
465 |
|
|
466 |
if($login == '' && isset($_SESSION['s']['user'])) { |
|
467 |
$login = $_SESSION['s']['user']['username']; |
|
468 |
} |
|
469 |
|
|
470 |
$result = $this->queryAllRecords("SELECT COUNT( * ) AS cnt, sys_datalog.action, sys_datalog.dbtable FROM sys_datalog, server WHERE server.server_id = sys_datalog.server_id AND sys_datalog.user = '" . $this->quote($login) . "' AND sys_datalog.datalog_id > server.updated GROUP BY sys_datalog.dbtable, sys_datalog.action"); |
|
471 |
foreach($result as $row) { |
|
472 |
if(!$row['dbtable'] || in_array($row['dbtable'], array('aps_instances', 'aps_instances_settings', 'mail_access', 'mail_content_filter'))) continue; // ignore some entries, maybe more to come |
|
473 |
$return['entries'][] = array('table' => $row['dbtable'], 'action' => $row['action'], 'count' => $row['cnt'], 'text' => $app->lng('datalog_status_' . $row['action'] . '_' . $row['dbtable'])); |
|
474 |
$return['count'] += $row['cnt']; |
|
475 |
} |
|
476 |
unset($result); |
|
477 |
|
|
478 |
return $return; |
|
479 |
} |
f5b0ca
|
480 |
|
N |
481 |
|
7fe908
|
482 |
public function freeResult($query) |
MC |
483 |
{ |
|
484 |
if(is_object($query) && (get_class($query) == "mysqli_result")) { |
|
485 |
$query->free(); |
|
486 |
return true; |
|
487 |
} else { |
|
488 |
return false; |
|
489 |
} |
|
490 |
} |
12fcb2
|
491 |
|
7fe908
|
492 |
/* TODO: Does anything use this? */ |
MC |
493 |
public function delete() { |
b5a2f8
|
494 |
|
7fe908
|
495 |
} |
f5b0ca
|
496 |
|
7fe908
|
497 |
/* TODO: Does anything use this? */ |
MC |
498 |
public function Transaction($action) { |
|
499 |
//action = begin, commit oder rollback |
f5b0ca
|
500 |
|
7fe908
|
501 |
} |
f5b0ca
|
502 |
|
7fe908
|
503 |
/* |
f5b0ca
|
504 |
$columns = array(action => add | alter | drop |
N |
505 |
name => Spaltenname |
|
506 |
name_new => neuer Spaltenname, nur bei 'alter' belegt |
|
507 |
type => 42go-Meta-Type: int16, int32, int64, double, char, varchar, text, blob |
|
508 |
typeValue => Wert z.B. bei Varchar |
|
509 |
defaultValue => Default Wert |
|
510 |
notNull => true | false |
|
511 |
autoInc => true | false |
|
512 |
option => unique | primary | index) |
|
513 |
|
|
514 |
|
|
515 |
*/ |
|
516 |
|
7fe908
|
517 |
public function createTable($table_name, $columns) { |
MC |
518 |
$index = ''; |
|
519 |
$sql = "CREATE TABLE $table_name ("; |
|
520 |
foreach($columns as $col){ |
|
521 |
$sql .= $col['name'].' '.$this->mapType($col['type'], $col['typeValue']).' '; |
f5b0ca
|
522 |
|
7fe908
|
523 |
if($col['defaultValue'] != '') $sql .= "DEFAULT '".$col['defaultValue']."' "; |
MC |
524 |
if($col['notNull'] == true) { |
|
525 |
$sql .= 'NOT NULL '; |
|
526 |
} else { |
|
527 |
$sql .= 'NULL '; |
|
528 |
} |
|
529 |
if($col['autoInc'] == true) $sql .= 'auto_increment '; |
|
530 |
$sql.= ','; |
|
531 |
// key Definitionen |
|
532 |
if($col['option'] == 'primary') $index .= 'PRIMARY KEY ('.$col['name'].'),'; |
|
533 |
if($col['option'] == 'index') $index .= 'INDEX ('.$col['name'].'),'; |
|
534 |
if($col['option'] == 'unique') $index .= 'UNIQUE ('.$col['name'].'),'; |
|
535 |
} |
|
536 |
$sql .= $index; |
|
537 |
$sql = substr($sql, 0, -1); |
|
538 |
$sql .= ')'; |
|
539 |
$this->query($sql); |
|
540 |
return true; |
f5b0ca
|
541 |
} |
N |
542 |
|
7fe908
|
543 |
/* |
f5b0ca
|
544 |
$columns = array(action => add | alter | drop |
N |
545 |
name => Spaltenname |
|
546 |
name_new => neuer Spaltenname, nur bei 'alter' belegt |
|
547 |
type => 42go-Meta-Type: int16, int32, int64, double, char, varchar, text, blob |
|
548 |
typeValue => Wert z.B. bei Varchar |
|
549 |
defaultValue => Default Wert |
|
550 |
notNull => true | false |
|
551 |
autoInc => true | false |
|
552 |
option => unique | primary | index) |
|
553 |
|
|
554 |
|
|
555 |
*/ |
7fe908
|
556 |
public function alterTable($table_name, $columns) { |
MC |
557 |
$index = ''; |
|
558 |
$sql = "ALTER TABLE $table_name "; |
|
559 |
foreach($columns as $col){ |
|
560 |
if($col['action'] == 'add') { |
|
561 |
$sql .= 'ADD '.$col['name'].' '.$this->mapType($col['type'], $col['typeValue']).' '; |
|
562 |
} elseif ($col['action'] == 'alter') { |
|
563 |
$sql .= 'CHANGE '.$col['name'].' '.$col['name_new'].' '.$this->mapType($col['type'], $col['typeValue']).' '; |
|
564 |
} elseif ($col['action'] == 'drop') { |
|
565 |
$sql .= 'DROP '.$col['name'].' '; |
|
566 |
} |
|
567 |
if($col['action'] != 'drop') { |
|
568 |
if($col['defaultValue'] != '') $sql .= "DEFAULT '".$col['defaultValue']."' "; |
|
569 |
if($col['notNull'] == true) { |
|
570 |
$sql .= 'NOT NULL '; |
|
571 |
} else { |
|
572 |
$sql .= 'NULL '; |
|
573 |
} |
|
574 |
if($col['autoInc'] == true) $sql .= 'auto_increment '; |
|
575 |
$sql.= ','; |
|
576 |
// Index definitions |
|
577 |
if($col['option'] == 'primary') $index .= 'PRIMARY KEY ('.$col['name'].'),'; |
|
578 |
if($col['option'] == 'index') $index .= 'INDEX ('.$col['name'].'),'; |
|
579 |
if($col['option'] == 'unique') $index .= 'UNIQUE ('.$col['name'].'),'; |
|
580 |
} |
|
581 |
} |
|
582 |
$sql .= $index; |
|
583 |
$sql = substr($sql, 0, -1); |
|
584 |
|
|
585 |
//die($sql); |
|
586 |
$this->query($sql); |
|
587 |
return true; |
f5b0ca
|
588 |
} |
7fe908
|
589 |
|
MC |
590 |
public function dropTable($table_name) { |
|
591 |
$this->check($table_name); |
|
592 |
$sql = "DROP TABLE '". $table_name."'"; |
|
593 |
return $this->query($sql); |
f5b0ca
|
594 |
} |
N |
595 |
|
7fe908
|
596 |
// gibt Array mit Tabellennamen zur�ck |
MC |
597 |
public function getTables($database_name = '') { |
|
598 |
if($this->isConnected == false) return false; |
|
599 |
if($database_name == '') $database_name = $this->dbName; |
|
600 |
$result = parent::query("SHOW TABLES FROM $database_name"); |
|
601 |
for ($i = 0; $i < $result->num_rows; $i++) { |
|
602 |
$tb_names[$i] = (($result->data_seek( $i) && (($___mysqli_tmp = $result->fetch_row()) !== NULL)) ? array_shift($___mysqli_tmp) : false); |
|
603 |
} |
|
604 |
return $tb_names; |
|
605 |
} |
f5b0ca
|
606 |
|
7fe908
|
607 |
// gibt Feldinformationen zur Tabelle zur�ck |
MC |
608 |
/* |
f5b0ca
|
609 |
$columns = array(action => add | alter | drop |
N |
610 |
name => Spaltenname |
|
611 |
name_new => neuer Spaltenname, nur bei 'alter' belegt |
|
612 |
type => 42go-Meta-Type: int16, int32, int64, double, char, varchar, text, blob |
|
613 |
typeValue => Wert z.B. bei Varchar |
|
614 |
defaultValue => Default Wert |
|
615 |
notNull => true | false |
|
616 |
autoInc => true | false |
|
617 |
option => unique | primary | index) |
|
618 |
|
|
619 |
|
|
620 |
*/ |
|
621 |
|
7fe908
|
622 |
function tableInfo($table_name) { |
f5b0ca
|
623 |
|
7fe908
|
624 |
global $go_api, $go_info, $app; |
MC |
625 |
// Tabellenfelder einlesen |
f5b0ca
|
626 |
|
7fe908
|
627 |
if($rows = $app->db->queryAllRecords('SHOW FIELDS FROM '.$table_name)){ |
MC |
628 |
foreach($rows as $row) { |
|
629 |
/* |
f5b0ca
|
630 |
$name = $row[0]; |
N |
631 |
$default = $row[4]; |
|
632 |
$key = $row[3]; |
|
633 |
$extra = $row[5]; |
|
634 |
$isnull = $row[2]; |
|
635 |
$type = $row[1]; |
bfcdef
|
636 |
*/ |
7fe908
|
637 |
|
MC |
638 |
$name = $row['Field']; |
|
639 |
$default = $row['Default']; |
|
640 |
$key = $row['Key']; |
|
641 |
$extra = $row['Extra']; |
|
642 |
$isnull = $row['Null']; |
|
643 |
$type = $row['Type']; |
f5b0ca
|
644 |
|
N |
645 |
|
7fe908
|
646 |
$column = array(); |
f5b0ca
|
647 |
|
7fe908
|
648 |
$column['name'] = $name; |
MC |
649 |
//$column['type'] = $type; |
|
650 |
$column['defaultValue'] = $default; |
|
651 |
if(stristr($key, 'PRI')) $column['option'] = 'primary'; |
|
652 |
if(stristr($isnull, 'YES')) { |
|
653 |
$column['notNull'] = false; |
|
654 |
} else { |
|
655 |
$column['notNull'] = true; |
|
656 |
} |
|
657 |
if($extra == 'auto_increment') $column['autoInc'] = true; |
f5b0ca
|
658 |
|
N |
659 |
|
7fe908
|
660 |
// Type in Metatype umsetzen |
f5b0ca
|
661 |
|
7fe908
|
662 |
if(stristr($type, 'int(')) $metaType = 'int32'; |
MC |
663 |
if(stristr($type, 'bigint')) $metaType = 'int64'; |
|
664 |
if(stristr($type, 'char')) { |
|
665 |
$metaType = 'char'; |
|
666 |
$tmp_typeValue = explode('(', $type); |
|
667 |
$column['typeValue'] = substr($tmp_typeValue[1], 0, -1); |
|
668 |
} |
|
669 |
if(stristr($type, 'varchar')) { |
|
670 |
$metaType = 'varchar'; |
|
671 |
$tmp_typeValue = explode('(', $type); |
|
672 |
$column['typeValue'] = substr($tmp_typeValue[1], 0, -1); |
|
673 |
} |
|
674 |
if(stristr($type, 'text')) $metaType = 'text'; |
|
675 |
if(stristr($type, 'double')) $metaType = 'double'; |
|
676 |
if(stristr($type, 'blob')) $metaType = 'blob'; |
f5b0ca
|
677 |
|
N |
678 |
|
7fe908
|
679 |
$column['type'] = $metaType; |
f5b0ca
|
680 |
|
7fe908
|
681 |
$columns[] = $column; |
MC |
682 |
} |
|
683 |
return $columns; |
|
684 |
} else { |
|
685 |
return false; |
|
686 |
} |
f5b0ca
|
687 |
|
N |
688 |
|
7fe908
|
689 |
//$this->createTable('tester',$columns); |
f5b0ca
|
690 |
|
7fe908
|
691 |
/* |
f5b0ca
|
692 |
$result = mysql_list_fields($go_info["server"]["db_name"],$table_name); |
N |
693 |
$fields = mysql_num_fields ($result); |
|
694 |
$i = 0; |
|
695 |
$table = mysql_field_table ($result, $i); |
|
696 |
while ($i < $fields) { |
|
697 |
$name = mysql_field_name ($result, $i); |
|
698 |
$type = mysql_field_type ($result, $i); |
|
699 |
$len = mysql_field_len ($result, $i); |
|
700 |
$flags = mysql_field_flags ($result, $i); |
|
701 |
print_r($flags); |
|
702 |
|
|
703 |
$columns = array(name => $name, |
|
704 |
type => "", |
|
705 |
defaultValue => "", |
|
706 |
isnull => 1, |
|
707 |
option => ""); |
|
708 |
$returnvar[] = $columns; |
|
709 |
|
|
710 |
$i++; |
|
711 |
} |
|
712 |
*/ |
|
713 |
|
|
714 |
|
|
715 |
|
7fe908
|
716 |
} |
f5b0ca
|
717 |
|
7fe908
|
718 |
public function mapType($metaType, $typeValue) { |
MC |
719 |
global $go_api; |
|
720 |
$metaType = strtolower($metaType); |
|
721 |
switch ($metaType) { |
|
722 |
case 'int16': |
|
723 |
return 'smallint'; |
|
724 |
break; |
|
725 |
case 'int32': |
|
726 |
return 'int'; |
|
727 |
break; |
|
728 |
case 'int64': |
|
729 |
return 'bigint'; |
|
730 |
break; |
|
731 |
case 'double': |
|
732 |
return 'double'; |
|
733 |
break; |
|
734 |
case 'char': |
|
735 |
return 'char'; |
|
736 |
break; |
|
737 |
case 'varchar': |
|
738 |
if($typeValue < 1) die('Database failure: Lenght required for these data types.'); |
|
739 |
return 'varchar('.$typeValue.')'; |
|
740 |
break; |
|
741 |
case 'text': |
|
742 |
return 'text'; |
|
743 |
break; |
|
744 |
case 'blob': |
|
745 |
return 'blob'; |
|
746 |
break; |
8748b3
|
747 |
case 'date': |
TB |
748 |
return 'date'; |
|
749 |
break; |
7fe908
|
750 |
} |
MC |
751 |
} |
f5b0ca
|
752 |
|
7fe908
|
753 |
} |
f5b0ca
|
754 |
|
7fe908
|
755 |
?> |