Commit 762a62a4 authored by Till Brehm's avatar Till Brehm

Merge branch 'stable-3.1' into 'stable-3.1'

merge db_mysql.inc.php from server/ and interface/

See merge request ispconfig/ispconfig3!815
parents b5d44399 0e8a6d59
...@@ -62,7 +62,11 @@ class app { ...@@ -62,7 +62,11 @@ class app {
$this->_conf = $conf; $this->_conf = $conf;
if($this->_conf['start_db'] == true) { if($this->_conf['start_db'] == true) {
$this->load('db_'.$this->_conf['db_type']); $this->load('db_'.$this->_conf['db_type']);
$this->db = new db; try {
$this->db = new db;
} catch (Exception $e) {
$this->db = false;
}
} }
//* Start the session //* Start the session
......
<?php <?php
/*
* db_mysql.inc.php: ISPConfig mysql db interface
*
* Note! When making changes to this file, put a copy in both locations:
* interface/lib/classes/db_mysql.inc.php
* server/lib/classes/db_mysql.inc.php
*/
/* /*
Copyright (c) 2005, Till Brehm, projektfarm Gmbh Copyright (c) 2005, Till Brehm, projektfarm Gmbh
All rights reserved. All rights reserved.
...@@ -27,7 +35,8 @@ ...@@ -27,7 +35,8 @@
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/ */
class db { class db
{
/**#@+ /**#@+
* @access private * @access private
*/ */
...@@ -40,12 +49,10 @@ class db { ...@@ -40,12 +49,10 @@ class db {
private $dbUser = ''; // database authorized user private $dbUser = ''; // database authorized user
private $dbPass = ''; // user's password private $dbPass = ''; // user's password
private $dbCharset = 'utf8';// Database charset private $dbCharset = 'utf8';// Database charset
private $dbNewLink = false; // Return a new linkID when connect is called again
private $dbClientFlags = 0; // MySQL Client falgs private $dbClientFlags = 0; // MySQL Client falgs
/**#@-*/ /**#@-*/
public $show_error_messages = false; // false in server, true in interface public $show_error_messages = false; // false in server, interface sets true when generating templates
/* old things - unused now //// /* old things - unused now ////
private $linkId = 0; // last result of mysqli_connect() private $linkId = 0; // last result of mysqli_connect()
...@@ -53,8 +60,8 @@ class db { ...@@ -53,8 +60,8 @@ class db {
private $record = array(); // last record fetched private $record = array(); // last record fetched
private $autoCommit = 1; // Autocommit Transactions private $autoCommit = 1; // Autocommit Transactions
private $currentRow; // current row number private $currentRow; // current row number
private $errorNumber = 0; // last error number
*/ */
public $errorNumber = 0; // last error number
public $errorMessage = ''; // last error message public $errorMessage = ''; // last error message
/* /*
private $errorLocation = '';// last error location private $errorLocation = '';// last error location
...@@ -63,34 +70,38 @@ class db { ...@@ -63,34 +70,38 @@ class db {
*/ */
// constructor // constructor
public function __construct($prefix = '') { public function __construct($host = NULL , $user = NULL, $pass = NULL, $database = NULL, $port = NULL, $flags = NULL) {
global $conf; global $app, $conf;
if($prefix != '') $prefix .= '_';
$this->dbHost = $conf[$prefix.'db_host']; $this->dbHost = $host ? $host : $conf['db_host'];
$this->dbPort = $conf[$prefix.'db_port']; $this->dbPort = $port ? $port : $conf['db_port'];
$this->dbName = $conf[$prefix.'db_database']; $this->dbName = $database ? $database : $conf['db_database'];
$this->dbUser = $conf[$prefix.'db_user']; $this->dbUser = $user ? $user : $conf['db_user'];
$this->dbPass = $conf[$prefix.'db_password']; $this->dbPass = $pass ? $pass : $conf['db_password'];
$this->dbCharset = $conf[$prefix.'db_charset']; $this->dbCharset = $conf['db_charset'];
$this->dbNewLink = $conf[$prefix.'db_new_link']; $this->dbClientFlags = ($flags !== NULL) ? $flags : $conf['db_client_flags'];
$this->dbClientFlags = $conf[$prefix.'db_client_flags'];
$this->_iConnId = mysqli_init(); $this->_iConnId = mysqli_init();
mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags);
for($try=0;(!is_object($this->_iConnId) || mysqli_connect_error()) && $try < 5;++$try) { for($try=0;(!is_object($this->_iConnId) || mysqli_connect_errno()) && $try < 5;++$try) {
sleep($try); sleep($try);
mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); if(!is_object($this->_iConnId)) {
$this->_iConnId = mysqli_init();
}
if(!mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags)) {
$this->_sqlerror('Database connection failed');
}
} }
if(!is_object($this->_iConnId) || mysqli_connect_error()) { if(!is_object($this->_iConnId) || mysqli_connect_errno()) {
$this->_iConnId = null; $this->_iConnId = null;
$this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!'); $this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!', '', true); // sets errorMessage
return false; throw new Exception($this->errorMessage);
} }
if(!((bool)mysqli_query( $this->_iConnId, 'USE `' . $this->dbName . '`'))) { if(!((bool)mysqli_query( $this->_iConnId, 'USE `' . $this->dbName . '`'))) {
$this->close(); $this->close();
$this->_sqlerror('Datenbank nicht gefunden / Database not found'); $this->_sqlerror('Datenbank nicht gefunden / Database not found', '', true); // sets errorMessage
return false; throw new Exception($this->errorMessage);
} }
$this->_setCharset(); $this->_setCharset();
...@@ -105,6 +116,23 @@ class db { ...@@ -105,6 +116,23 @@ class db {
$this->_iConnId = null; $this->_iConnId = null;
} }
/*
* Test mysql connection.
*
* @return boolean returns true if db connection is good.
*/
public function testConnection() {
if(mysqli_connect_errno()) {
return false;
}
return (boolean)(is_object($this->_iConnId) && mysqli_ping($this->_iConnId));
}
/* This allows our private variables to be "read" out side of the class */
public function __get($var) {
return isset($this->$var) ? $this->$var : NULL;
}
public function _build_query_string($sQuery = '') { public function _build_query_string($sQuery = '') {
$iArgs = func_num_args(); $iArgs = func_num_args();
if($iArgs > 1) { if($iArgs > 1) {
...@@ -127,7 +155,7 @@ class db { ...@@ -127,7 +155,7 @@ class db {
if($iPos2 !== false && ($iPos === false || $iPos2 <= $iPos)) { if($iPos2 !== false && ($iPos === false || $iPos2 <= $iPos)) {
$sTxt = $this->escape($sValue); $sTxt = $this->escape($sValue);
$sTxt = str_replace('`', '', $sTxt); $sTxt = str_replace('`', '', $sTxt);
if(strpos($sTxt, '.') !== false) { if(strpos($sTxt, '.') !== false) {
$sTxt = preg_replace('/^(.+)\.(.+)$/', '`$1`.`$2`', $sTxt); $sTxt = preg_replace('/^(.+)\.(.+)$/', '`$1`.`$2`', $sTxt);
...@@ -169,33 +197,33 @@ class db { ...@@ -169,33 +197,33 @@ class db {
/**#@+ /**#@+
* @access private * @access private
*/ */
private function _setCharset() { private function _setCharset() {
mysqli_query($this->_iConnId, 'SET NAMES '.$this->dbCharset); $this->query('SET NAMES '.$this->dbCharset);
mysqli_query($this->_iConnId, "SET character_set_results = '".$this->dbCharset."', character_set_client = '".$this->dbCharset."', character_set_connection = '".$this->dbCharset."', character_set_database = '".$this->dbCharset."', character_set_server = '".$this->dbCharset."'"); $this->query("SET character_set_results = '".$this->dbCharset."', character_set_client = '".$this->dbCharset."', character_set_connection = '".$this->dbCharset."', character_set_database = '".$this->dbCharset."', character_set_server = '".$this->dbCharset."'");
} }
private function securityScan($string) { private function securityScan($string) {
global $app, $conf; global $app, $conf;
// get security config // get security config
if(isset($app)) { if(isset($app)) {
$app->uses('getconf'); $app->uses('getconf');
$ids_config = $app->getconf->get_security_config('ids'); $ids_config = $app->getconf->get_security_config('ids');
if($ids_config['sql_scan_enabled'] == 'yes') { if($ids_config['sql_scan_enabled'] == 'yes') {
// Remove whitespace // Remove whitespace
$string = trim($string); $string = trim($string);
if(substr($string,-1) == ';') $string = substr($string,0,-1); if(substr($string,-1) == ';') $string = substr($string,0,-1);
// Save original string // Save original string
$string_orig = $string; $string_orig = $string;
//echo $string; //echo $string;
$chars = array(';', '#', '/*', '*/', '--', '\\\'', '\\"'); $chars = array(';', '#', '/*', '*/', '--', '\\\'', '\\"');
$string = str_replace('\\\\', '', $string); $string = str_replace('\\\\', '', $string);
$string = preg_replace('/(^|[^\\\])([\'"])\\2/is', '$1', $string); $string = preg_replace('/(^|[^\\\])([\'"])\\2/is', '$1', $string);
$string = preg_replace('/(^|[^\\\])([\'"])(.*?[^\\\])\\2/is', '$1', $string); $string = preg_replace('/(^|[^\\\])([\'"])(.*?[^\\\])\\2/is', '$1', $string);
...@@ -239,14 +267,28 @@ class db { ...@@ -239,14 +267,28 @@ class db {
$try = 0; $try = 0;
do { do {
$try++; $try++;
$ok = mysqli_ping($this->_iConnId); $ok = (is_object($this->_iConnId)) ? mysqli_ping($this->_iConnId) : false;
if(!$ok) { if(!$ok) {
if(!mysqli_real_connect(mysqli_init(), $this->dbHost, $this->dbUser, $this->dbPass, $this->dbName, (int)$this->dbPort, NULL, $this->dbClientFlags)) { if(!is_object($this->_iConnId)) {
if($try > 4) { $this->_iConnId = mysqli_init();
$this->_sqlerror('DB::query -> reconnect'); }
if(!mysqli_real_connect($this->_isConnId, $this->dbHost, $this->dbUser, $this->dbPass, $this->dbName, (int)$this->dbPort, NULL, $this->dbClientFlags)) {
if(mysqli_connect_errno() == '111') {
// server is not available
if($try > 9) {
if(isset($app) && isset($app->forceErrorExit)) {
$app->forceErrorExit('Database connection failure!');
}
// if we reach this, the app object is missing or has no exit method, so we continue as normal
}
sleep(30); // additional seconds, please!
}
if($try > 9) {
$this->_sqlerror('db::_query -> reconnect', '', true);
return false; return false;
} else { } else {
sleep(1); sleep(($try > 7 ? 5 : 1));
} }
} else { } else {
$this->_setCharset(); $this->_setCharset();
...@@ -258,7 +300,7 @@ class db { ...@@ -258,7 +300,7 @@ class db {
$aArgs = func_get_args(); $aArgs = func_get_args();
$sQuery = call_user_func_array(array(&$this, '_build_query_string'), $aArgs); $sQuery = call_user_func_array(array(&$this, '_build_query_string'), $aArgs);
$this->securityScan($sQuery); $this->securityScan($sQuery);
$this->_iQueryId = @mysqli_query($this->_iConnId, $sQuery); $this->_iQueryId = mysqli_query($this->_iConnId, $sQuery);
if (!$this->_iQueryId) { if (!$this->_iQueryId) {
$this->_sqlerror('Falsche Anfrage / Wrong Query', 'SQL-Query = ' . $sQuery); $this->_sqlerror('Falsche Anfrage / Wrong Query', 'SQL-Query = ' . $sQuery);
return false; return false;
...@@ -390,7 +432,7 @@ class db { ...@@ -390,7 +432,7 @@ class db {
} }
public function query_all_array($sQuery = '') { public function query_all_array($sQuery = '') {
return $this->queryAllArray($sQuery); return call_user_func_array(array(&$this, 'queryAllArray'), func_get_args());
} }
...@@ -404,13 +446,14 @@ class db { ...@@ -404,13 +446,14 @@ class db {
* @return int id of last inserted row or 0 if none * @return int id of last inserted row or 0 if none
*/ */
public function insert_id() { public function insert_id() {
$iRes = mysqli_query($this->_iConnId, 'SELECT LAST_INSERT_ID() as `newid`'); $oResult = $this->query('SELECT LAST_INSERT_ID() as `newid`');
if(!is_object($iRes)) return false; if(!$oResult) {
$this->_sqlerror('Unable to select last_insert_id()');
$aReturn = mysqli_fetch_assoc($iRes); return false;
mysqli_free_result($iRes); }
$aReturn = $oResult->get();
return $aReturn['newid']; $oResult->free();
return isset($aReturn['newid']) ? $aReturn['newid'] : 0;
} }
...@@ -431,6 +474,7 @@ class db { ...@@ -431,6 +474,7 @@ class db {
} }
/** /**
* check if a utf8 string is valid * check if a utf8 string is valid
* *
...@@ -470,7 +514,7 @@ class db { ...@@ -470,7 +514,7 @@ class db {
public function escape($sString) { public function escape($sString) {
global $app; global $app;
if(!is_string($sString) && !is_numeric($sString)) { if(!is_string($sString) && !is_numeric($sString)) {
$app->log('NON-String given in escape function! (' . gettype($sString) . ')', LOGLEVEL_DEBUG); $app->log('NON-String given in escape function! (' . gettype($sString) . ')', LOGLEVEL_INFO);
//$sAddMsg = getDebugBacktrace(); //$sAddMsg = getDebugBacktrace();
$app->log($sAddMsg, LOGLEVEL_DEBUG); $app->log($sAddMsg, LOGLEVEL_DEBUG);
$sString = ''; $sString = '';
...@@ -479,7 +523,7 @@ class db { ...@@ -479,7 +523,7 @@ class db {
$cur_encoding = mb_detect_encoding($sString); $cur_encoding = mb_detect_encoding($sString);
if($cur_encoding != "UTF-8") { if($cur_encoding != "UTF-8") {
if($cur_encoding != 'ASCII') { if($cur_encoding != 'ASCII') {
if(is_object($app) && method_exists($app, 'log')) $app->log('String ' . substr($sString, 0, 25) . '... is ' . $cur_encoding . '.', LOGLEVEL_DEBUG); if(is_object($app) && method_exists($app, 'log')) $app->log('String ' . substr($sString, 0, 25) . '... is ' . $cur_encoding . '.', LOGLEVEL_INFO);
if($cur_encoding) $sString = mb_convert_encoding($sString, 'UTF-8', $cur_encoding); if($cur_encoding) $sString = mb_convert_encoding($sString, 'UTF-8', $cur_encoding);
else $sString = mb_convert_encoding($sString, 'UTF-8'); else $sString = mb_convert_encoding($sString, 'UTF-8');
} }
...@@ -496,20 +540,27 @@ class db { ...@@ -496,20 +540,27 @@ class db {
* *
* @access private * @access private
*/ */
private function _sqlerror($sErrormsg = 'Unbekannter Fehler', $sAddMsg = '') { private function _sqlerror($sErrormsg = 'Unbekannter Fehler', $sAddMsg = '', $bNoLog = false) {
global $app, $conf; global $app, $conf;
$mysql_error = (is_object($this->_iConnId) ? mysqli_error($this->_iConnId) : mysqli_connect_error()); $mysql_errno = mysqli_connect_errno();
$mysql_errno = (is_object($this->_iConnId) ? mysqli_errno($this->_iConnId) : mysqli_connect_errno()); $mysql_error = mysqli_connect_error();
if ($mysql_errno === 0 && is_object($this->_iConnId)) {
$mysql_errno = mysqli_errno($this->_iConnId);
$mysql_error = mysqli_error($this->_iConnId);
}
$this->errorNumber = $mysql_error;
$this->errorMessage = $mysql_error; $this->errorMessage = $mysql_error;
//$sAddMsg .= getDebugBacktrace(); //$sAddMsg .= getDebugBacktrace();
if($this->show_error_messages && $conf['demo_mode'] === false) { if($this->show_error_messages && $conf['demo_mode'] === false) {
echo $sErrormsg . $sAddMsg; echo $sErrormsg . $sAddMsg;
} else if(is_object($app) && method_exists($app, 'log')) { } elseif(is_object($app) && method_exists($app, 'log') && $bNoLog == false) {
$app->log($sErrormsg . $sAddMsg . ' -> ' . $mysql_errno . ' (' . $mysql_error . ')', LOGLEVEL_WARN); $app->log($sErrormsg . $sAddMsg . ' -> ' . $mysql_errno . ' (' . $mysql_error . ')', LOGLEVEL_WARN, false);
} } elseif(php_sapi_name() == 'cli') {
echo $sErrormsg . $sAddMsg;
}
} }
public function affectedRows() { public function affectedRows() {
...@@ -541,27 +592,27 @@ class db { ...@@ -541,27 +592,27 @@ class db {
} }
return $out; return $out;
} }
public function insertFromArray($tablename, $data) { public function insertFromArray($tablename, $data) {
if(!is_array($data)) return false; if(!is_array($data)) return false;
$k_query = ''; $k_query = '';
$v_query = ''; $v_query = '';
$params = array($tablename); $params = array($tablename);
$v_params = array(); $v_params = array();
foreach($data as $key => $value) { foreach($data as $key => $value) {
$k_query .= ($k_query != '' ? ', ' : '') . '??'; $k_query .= ($k_query != '' ? ', ' : '') . '??';
$v_query .= ($v_query != '' ? ', ' : '') . '?'; $v_query .= ($v_query != '' ? ', ' : '') . '?';
$params[] = $key; $params[] = $key;
$v_params[] = $value; $v_params[] = $value;
} }
$query = 'INSERT INTO ?? (' . $k_query . ') VALUES (' . $v_query . ')'; $query = 'INSERT INTO ?? (' . $k_query . ') VALUES (' . $v_query . ')';
return $this->query($query, true, array_merge($params, $v_params)); return $this->query($query, true, array_merge($params, $v_params));
} }
public function diffrec($record_old, $record_new) { public function diffrec($record_old, $record_new) {
$diffrec_full = array(); $diffrec_full = array();
$diff_num = 0; $diff_num = 0;
...@@ -597,15 +648,36 @@ class db { ...@@ -597,15 +648,36 @@ class db {
} }
/**
* Function to get the database-size
* @param string $database_name
* @return int - database-size in bytes
*/
public function getDatabaseSize($database_name) {
global $app;
require_once 'lib/mysql_clientdb.conf';
$result = $this->_query("SELECT SUM(data_length+index_length) FROM information_schema.TABLES WHERE table_schema='".$this->escape($database_name)."'");
if(!$result) {
$this->_sqlerror('Unable to determine the size of database ' . $database_name);
return;
}
$database_size = $result->getAsRow();
$result->free();
return $database_size[0] ? $database_size[0] : 0;
}
//** Function to fill the datalog with a full differential record. //** Function to fill the datalog with a full differential record.
public function datalogSave($db_table, $action, $primary_field, $primary_id, $record_old, $record_new, $force_update = false) { public function datalogSave($db_table, $action, $primary_field, $primary_id, $record_old, $record_new, $force_update = false) {
global $app, $conf; global $app;
// Check fields // Insert backticks only for incomplete table names.
if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$db_table)) $app->error('Invalid table name '.$db_table); if(stristr($db_table, '.')) {
if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$primary_field)) $app->error('Invalid primary field '.$primary_field.' in table '.$db_table); $escape = '';
} else {
$primary_id = intval($primary_id); $escape = '`';
}
if($force_update == true) { if($force_update == true) {
//* We force a update even if no record has changed //* We force a update even if no record has changed
...@@ -625,12 +697,13 @@ class db { ...@@ -625,12 +697,13 @@ class db {
if($diff_num > 0) { if($diff_num > 0) {
//print_r($diff_num);
//print_r($diffrec_full);
$diffstr = serialize($diffrec_full); $diffstr = serialize($diffrec_full);
$username = $_SESSION['s']['user']['username']; if(isset($_SESSION)) {
$username = $_SESSION['s']['user']['username'];
} else {
$username = 'admin';
}
$dbidx = $primary_field.':'.$primary_id; $dbidx = $primary_field.':'.$primary_id;
if(trim($username) == '') $username = 'none';
if($action == 'INSERT') $action = 'i'; if($action == 'INSERT') $action = 'i';
if($action == 'UPDATE') $action = 'u'; if($action == 'UPDATE') $action = 'u';
...@@ -645,11 +718,11 @@ class db { ...@@ -645,11 +718,11 @@ class db {
//** Inserts a record and saves the changes into the datalog //** Inserts a record and saves the changes into the datalog
public function datalogInsert($tablename, $insert_data, $index_field) { public function datalogInsert($tablename, $insert_data, $index_field) {
global $app; global $app;
// Check fields // Check fields
if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename); if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename);
if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename); if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename);
if(is_array($insert_data)) { if(is_array($insert_data)) {
$key_str = ''; $key_str = '';
$val_str = ''; $val_str = '';
...@@ -688,7 +761,7 @@ class db { ...@@ -688,7 +761,7 @@ class db {
// Check fields // Check fields
if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename); if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename);
if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename); if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename);
$old_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value); $old_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value);
if(is_array($update_data)) { if(is_array($update_data)) {
...@@ -723,7 +796,7 @@ class db { ...@@ -723,7 +796,7 @@ class db {
// Check fields // Check fields
if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename); if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename);
if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename); if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename);
$old_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value); $old_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value);
$this->query("DELETE FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value); $this->query(