Newer
Older
Copyright (c) 2005, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
class db extends mysqli
{
/**#@+
* @access private
*/
private $_iQueryId;
private $_iConnId;
private $dbHost = ''; // hostname of the MySQL server
Michel Käser
committed
private $dbPort = ''; // port of the MySQL server
private $dbName = ''; // logical database name on that server
private $dbUser = ''; // database authorized user
private $dbPass = ''; // user's password
private $dbCharset = 'utf8';// Database charset
private $dbNewLink = false; // Return a new linkID when connect is called again
private $dbClientFlags = 0; // MySQL Client falgs
/**#@-*/
public $show_error_messages = false; // false in server, true in interface
/* old things - unused now ////
private $linkId = 0; // last result of mysqli_connect()
private $queryId = 0; // last result of mysqli_query()
private $record = array(); // last record fetched
private $autoCommit = 1; // Autocommit Transactions
private $currentRow; // current row number
private $errorNumber = 0; // last error number
public $errorMessage = ''; // last error message
private $errorLocation = '';// last error location
private $isConnected = false; // needed to know if we have a valid mysqli object from the constructor
// constructor
public function __construct($prefix = '') {
global $conf;
if($prefix != '') $prefix .= '_';
$this->dbHost = $conf[$prefix.'db_host'];
Michel Käser
committed
$this->dbPort = $conf[$prefix.'db_port'];
$this->dbName = $conf[$prefix.'db_database'];
$this->dbUser = $conf[$prefix.'db_user'];
$this->dbPass = $conf[$prefix.'db_password'];
$this->dbCharset = $conf[$prefix.'db_charset'];
$this->dbNewLink = $conf[$prefix.'db_new_link'];
$this->dbClientFlags = $conf[$prefix.'db_client_flags'];
Michel Käser
committed
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, (int)$this->dbPort);
while((!is_object($this->_iConnId) || mysqli_connect_error()) && $try < 5) {
if($try > 0) sleep(1);
$try++;
Michel Käser
committed
$this->_iConnId = mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, (int)$this->dbPort);
if(!is_object($this->_iConnId) || mysqli_connect_error()) {
$this->_iConnId = null;
$this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!');
return false;
}
if(!((bool)mysqli_query( $this->_iConnId, 'USE `' . $this->dbName . '`'))) {
$this->close();
$this->_sqlerror('Datenbank nicht gefunden / Database not found');
return false;
}
}
public function __destruct() {
if($this->_iConnId) mysqli_close($this->_iConnId);
public function close() {
if($this->_iConnId) mysqli_close($this->_iConnId);
$this->_iConnId = null;
}
public function _build_query_string($sQuery = '') {
$iArgs = func_num_args();
if($iArgs > 1) {
$aArgs = func_get_args();
if($iArgs == 3 && $aArgs[1] === true && is_array($aArgs[2])) {
$aArgs = $aArgs[2];
$iArgs = count($aArgs);
} else {
array_shift($aArgs); // delete the query string that is the first arg!
}
$iPos = 0;
$iPos2 = 0;
foreach($aArgs as $sKey => $sValue) {
$iPos2 = strpos($sQuery, '??', $iPos2);
$iPos = strpos($sQuery, '?', $iPos);
if($iPos === false && $iPos2 === false) break;
if($iPos2 !== false && ($iPos === false || $iPos2 <= $iPos)) {
$sTxt = $this->escape($sValue);
$sTxt = str_replace('`', '', $sTxt);
if(strpos($sTxt, '.') !== false) {
$sTxt = preg_replace('/^(.+)\.(.+)$/', '`$1`.`$2`', $sTxt);
$sTxt = str_replace('.`*`', '.*', $sTxt);
} else $sTxt = '`' . $sTxt . '`';
$sQuery = substr_replace($sQuery, $sTxt, $iPos2, 2);
$iPos2 += strlen($sTxt);
$iPos = $iPos2;
} else {
if(is_int($sValue) || is_float($sValue)) {
$sTxt = $sValue;
Marius Cramer
committed
} elseif(is_null($sValue) || (is_string($sValue) && (strcmp($sValue, '#NULL#') == 0))) {
$sTxt = 'NULL';
} elseif(is_array($sValue)) {
Marius Cramer
committed
if(isset($sValue['SQL'])) {
$sTxt = $sValue['SQL'];
} else {
$sTxt = '';
foreach($sValue as $sVal) $sTxt .= ',\'' . $this->escape($sVal) . '\'';
$sTxt = '(' . substr($sTxt, 1) . ')';
if($sTxt == '()') $sTxt = '(0)';
}
} else {
$sTxt = '\'' . $this->escape($sValue) . '\'';
}
$sQuery = substr_replace($sQuery, $sTxt, $iPos, 1);
$iPos += strlen($sTxt);
$iPos2 = $iPos;
}
/**#@-*/
/**#@+
* @access private
*/
private function _setCharset() {
mysqli_query($this->_iConnId, 'SET NAMES '.$this->dbCharset);
mysqli_query($this->_iConnId, "SET character_set_results = '".$this->dbCharset."', character_set_client = '".$this->dbCharset."', character_set_connection = '".$this->dbCharset."', character_set_database = '".$this->dbCharset."', character_set_server = '".$this->dbCharset."'");
tbrehm
committed
}
private function securityScan($string) {
global $app, $conf;
// get security config
if(isset($app)) {
$app->uses('getconf');
$ids_config = $app->getconf->get_security_config('ids');
if($ids_config['sql_scan_enabled'] == 'yes') {
// Remove whitespace
$string = trim($string);
if(substr($string,-1) == ';') $string = substr($string,0,-1);
// Save original string
$string_orig = $string;
//echo $string;
$chars = array(';', '#', '/*', '*/', '--', '\\\'', '\\"');
$string = str_replace('\\\\', '', $string);
$string = preg_replace('/(^|[^\\\])([\'"])\\2/is', '$1', $string);
$string = preg_replace('/(^|[^\\\])([\'"])(.*?[^\\\])\\2/is', '$1', $string);
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
$ok = true;
if(substr_count($string, "`") % 2 != 0 || substr_count($string, "'") % 2 != 0 || substr_count($string, '"') % 2 != 0) {
$app->log("SQL injection warning (" . $string_orig . ")",2);
$ok = false;
} else {
foreach($chars as $char) {
if(strpos($string, $char) !== false) {
$ok = false;
$app->log("SQL injection warning (" . $string_orig . ")",2);
break;
}
}
}
if($ok == true) {
return true;
} else {
if($ids_config['sql_scan_action'] == 'warn') {
// we return false in warning level.
return false;
} else {
// if sql action = 'block' or anything else then stop here.
$app->error('Possible SQL injection. All actions have been logged.');
}
}
}
}
}
private function _query($sQuery = '') {
global $app;
if ($sQuery == '') {
$this->_sqlerror('Keine Anfrage angegeben / No query given');
return false;
}
$try = 0;
do {
$try++;
Michel Käser
committed
if(!mysqli_connect($this->dbHost, $this->dbUser, $this->dbPass, $this->dbName, (int)$this->dbPort)) {
$this->_sqlerror('DB::query -> reconnect');
return false;
} else {
sleep(1);
}
} else {
$ok = true;
}
}
} while($ok == false);
$aArgs = func_get_args();
$sQuery = call_user_func_array(array(&$this, '_build_query_string'), $aArgs);
Falko Timme
committed
$this->_iQueryId = @mysqli_query($this->_iConnId, $sQuery);
if (!$this->_iQueryId) {
$this->_sqlerror('Falsche Anfrage / Wrong Query', false, 'SQL-Query = ' . $sQuery);
return is_bool($this->_iQueryId) ? $this->_iQueryId : new db_result($this->_iQueryId, $this->_iConnId);
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
/**#@-*/
/**
* Executes a query
*
* Executes a given query string, has a variable amount of parameters:
* - 1 parameter
* executes the given query
* - 2 parameters
* executes the given query, replaces the first ? in the query with the second parameter
* - 3 parameters
* if the 2nd parameter is a boolean true, the 3rd parameter has to be an array containing all the replacements for every occuring ? in the query, otherwise the second parameter replaces the first ?, the third parameter replaces the second ? in the query
* - 4 or more parameters
* all ? in the query are replaced from left to right by the parameters 2 to x
*
* @access public
* @param string $sQuery query string
* @param mixed ... one or more parameters
* @return db_result the result object of the query
*/
public function query($sQuery = '') {
$aArgs = func_get_args();
return call_user_func_array(array(&$this, '_query'), $aArgs);
}
/**
* Execute a query and get first result array
*
* Executes a query and returns the first result row as an array
* This is like calling $result = $db->query(), $result->get(), $result->free()
* Use of this function @see query
*
* @access public
* @param string $sQuery query to execute
* @param ... further params (see query())
* @return array result row or NULL if none found
*/
public function queryOneRecord($sQuery = '') {
if(!preg_match('/limit \d+\s*,\s*\d+$/i', $sQuery)) $sQuery .= ' LIMIT 0,1';
$aArgs = func_get_args();
$oResult = call_user_func_array(array(&$this, 'query'), $aArgs);
if(!$oResult) return null;
$aReturn = $oResult->get();
$oResult->free();
return $aReturn;
}
public function queryOne($sQuery = '') {
return call_user_func_array(array(&$this, 'queryOneRecord'), func_get_args());
}
public function query_one($sQuery = '') {
return call_user_func_array(array(&$this, 'queryOneRecord'), func_get_args());
}
/**
* Execute a query and return all rows
*
* Executes a query and returns all result rows in an array
* <strong>Use this with extreme care!!!</strong> Uses lots of memory on big result sets.
*
* @access public
* @param string $sQuery query to execute
* @param ... further params (see query())
* @return array all the rows in the result set
*/
public function queryAllRecords($sQuery = '') {
$aArgs = func_get_args();
$oResult = call_user_func_array(array(&$this, 'query'), $aArgs);
if(!$oResult) return array();
$aResults = array();
while($aRow = $oResult->get()) {
$aResults[] = $aRow;
$oResult->free();
return $aResults;
public function queryAll($sQuery = '') {
return call_user_func_array(array(&$this, 'queryAllRecords'), func_get_args());
}
public function query_all($sQuery = '') {
return call_user_func_array(array(&$this, 'queryAllRecords'), func_get_args());
}
/**
* Execute a query and return all rows as simple array
*
* Executes a query and returns all result rows in an array with elements
* <strong>Only first column is returned</strong> Uses lots of memory on big result sets.
*
* @access public
* @param string $sQuery query to execute
* @param ... further params (see query())
* @return array all the rows in the result set
*/
public function queryAllArray($sQuery = '') {
$aArgs = func_get_args();
$oResult = call_user_func_array(array(&$this, 'query'), $aArgs);
if(!$oResult) return array();
$aResults = array();
while($aRow = $oResult->get()) {
$aResults[] = reset($aRow);
$oResult->free();
return $aResults;
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
public function query_all_array($sQuery = '') {
return $this->queryAllArray($sQuery);
}
/**
* Get id of last inserted row
*
* Gives you the id of the last inserted row in a table with an auto-increment primary key
*
* @access public
* @return int id of last inserted row or 0 if none
*/
public function insert_id() {
$iRes = mysqli_query($this->_iConnId, 'SELECT LAST_INSERT_ID() as `newid`');
if(!is_object($iRes)) return false;
$aReturn = mysqli_fetch_assoc($iRes);
mysqli_free_result($iRes);
return $aReturn['newid'];
}
/**
* get affected row count
*
* Gets the amount of rows affected by the previous query
*
* @access public
* @return int affected rows
*/
public function affected() {
if(!is_object($this->_iConnId)) return 0;
$iRows = mysqli_affected_rows($this->_iConnId);
if(!$iRows) $iRows = 0;
return $iRows;
}
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
/**
* check if a utf8 string is valid
*
* @access public
* @param string $string the string to check
* @return bool true if it is valid utf8, false otherwise
*/
private function check_utf8($str) {
$len = strlen($str);
for($i = 0; $i < $len; $i++){
$c = ord($str[$i]);
if ($c > 128) {
if (($c > 247)) return false;
elseif ($c > 239) $bytes = 4;
elseif ($c > 223) $bytes = 3;
elseif ($c > 191) $bytes = 2;
else return false;
if (($i + $bytes) > $len) return false;
while ($bytes > 1) {
$i++;
$b = ord($str[$i]);
if ($b < 128 || $b > 191) return false;
$bytes--;
}
}
}
return true;
} // end of check_utf8
/**
* Escape a string for usage in a query
*
* @access public
* @param string $sString query string to escape
* @return string escaped string
*/
public function escape($sString) {
global $app;
if(!is_string($sString) && !is_numeric($sString)) {
$app->log('NON-String given in escape function! (' . gettype($sString) . ')', LOGLEVEL_INFO);
//$sAddMsg = getDebugBacktrace();
$app->log($sAddMsg, LOGLEVEL_DEBUG);
$sString = '';
$cur_encoding = mb_detect_encoding($sString);
if($cur_encoding != "UTF-8") {
if($cur_encoding != 'ASCII') {
$app->log('String ' . substr($sString, 0, 25) . '... is ' . $cur_encoding . '.', LOGLEVEL_INFO);
if($cur_encoding) $sString = mb_convert_encoding($sString, 'UTF-8', $cur_encoding);
else $sString = mb_convert_encoding($sString, 'UTF-8');
}
} elseif(!$this->check_utf8($sString)) {
if($this->_iConnId) return mysqli_real_escape_string($this->_iConnId, $sString);
else return addslashes($sString);
/**
*
*
* @access private
*/
private function _sqlerror($sErrormsg = 'Unbekannter Fehler', $sAddMsg = '') {
global $app, $conf;
$mysql_error = (is_object($this->_iConnId) ? mysqli_error($this->_iConnId) : mysqli_connect_error());
$mysql_errno = (is_object($this->_iConnId) ? mysqli_errno($this->_iConnId) : mysqli_connect_errno());
//$sAddMsg .= getDebugBacktrace();
if($this->show_error_messages && $conf['demo_mode'] === false) {
echo $sErrormsg . $sAddMsg;
} else if(is_object($app) && method_exists($app, 'log')) {
$app->log($sErrormsg . $sAddMsg . ' -> ' . $mysql_errno . ' (' . $mysql_error . ')', LOGLEVEL_WARN);
}
public function affectedRows() {
// returns mySQL insert id
public function insertID() {
}
//* Function to quote strings
public function quote($formfield) {
//* Function to unquotae strings
public function unquote($formfield) {
return stripslashes($formfield);
}
public function toLower($record) {
if(is_array($record)) {
foreach($record as $key => $val) {
$key = strtolower($key);
$out[$key] = $val;
}
}
return $out;
}
public function insertFromArray($tablename, $data) {
if(!is_array($data)) return false;
$k_query = '';
$v_query = '';
$params = array($tablename);
$v_params = array();
foreach($data as $key => $value) {
$k_query .= ($k_query != '' ? ', ' : '') . '??';
$v_query .= ($v_query != '' ? ', ' : '') . '?';
$params[] = $key;
$v_params[] = $value;
}
$query = 'INSERT INTO ?? (' . $k_query . ') VALUES (' . $v_query . ')';
return $this->query($query, true, $params + $v_params);
}
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
public function diffrec($record_old, $record_new) {
$diffrec_full = array();
$diff_num = 0;
if(is_array($record_old) && count($record_old) > 0) {
foreach($record_old as $key => $val) {
// if(!isset($record_new[$key]) || $record_new[$key] != $val) {
if(@$record_new[$key] != $val) {
// Record has changed
$diffrec_full['old'][$key] = $val;
$diffrec_full['new'][$key] = @$record_new[$key];
$diff_num++;
} else {
$diffrec_full['old'][$key] = $val;
$diffrec_full['new'][$key] = $val;
}
}
} elseif(is_array($record_new)) {
foreach($record_new as $key => $val) {
if(isset($record_new[$key]) && @$record_old[$key] != $val) {
// Record has changed
$diffrec_full['new'][$key] = $val;
$diffrec_full['old'][$key] = @$record_old[$key];
$diff_num++;
} else {
$diffrec_full['new'][$key] = $val;
$diffrec_full['old'][$key] = $val;
}
}
}
return array('diff_num' => $diff_num, 'diff_rec' => $diffrec_full);
}
//** Function to fill the datalog with a full differential record.
public function datalogSave($db_table, $action, $primary_field, $primary_id, $record_old, $record_new, $force_update = false) {
global $app, $conf;
if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$db_table)) $app->error('Invalid table name '.$db_table);
if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$primary_field)) $app->error('Invalid primary field '.$primary_field.' in table '.$db_table);
$primary_id = intval($primary_id);
if($force_update == true) {
//* We force a update even if no record has changed
$diffrec_full = array('new' => $record_new, 'old' => $record_old);
$diff_num = count($record_new);
} else {
//* get the difference record between old and new record
$tmp = $this->diffrec($record_old, $record_new);
$diffrec_full = $tmp['diff_rec'];
$diff_num = $tmp['diff_num'];
unset($tmp);
}
// Insert the server_id, if the record has a server_id
$server_id = (isset($record_old['server_id']) && $record_old['server_id'] > 0)?$record_old['server_id']:0;
if(isset($record_new['server_id'])) $server_id = $record_new['server_id'];
if($diff_num > 0) {
//print_r($diff_num);
//print_r($diffrec_full);
$diffstr = serialize($diffrec_full);
$username = $_SESSION['s']['user']['username'];
$dbidx = $primary_field.':'.$primary_id;
if($action == 'INSERT') $action = 'i';
if($action == 'UPDATE') $action = 'u';
if($action == 'DELETE') $action = 'd';
$sql = "INSERT INTO sys_datalog (dbtable,dbidx,server_id,action,tstamp,user,data) VALUES (?, ?, ?, ?, ?, ?, ?)";
$app->db->query($sql, $db_table, $dbidx, $server_id, $action, time(), $username, $diffstr);
//** Inserts a record and saves the changes into the datalog
public function datalogInsert($tablename, $insert_data, $index_field) {
global $app;
if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename);
if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename);
if(is_array($insert_data)) {
$key_str = '';
$val_str = '';
$params = array($tablename);
$v_params = array();
foreach($insert_data as $key => $val) {
$params[] = $key;
$val_str .= '?,';
$v_params[] = $val;
}
$key_str = substr($key_str, 0, -1);
$val_str = substr($val_str, 0, -1);
$insert_data_str = '('.$key_str.') VALUES ('.$val_str.')';
$this->query("INSERT INTO ?? $insert_data_str", true, $params + $v_params);
} else {
/* TODO: deprecate this method! */
$insert_data_str = $insert_data;
$this->query("INSERT INTO ?? $insert_data_str", $tablename);
Marius Cramer
committed
$app->log("deprecated use of passing values to datalogInsert() - table " . $tablename, 1);
}
$old_rec = array();
$index_value = $this->insertID();
$new_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ? = ?", $tablename, $index_field, $index_value);
$this->datalogSave($tablename, 'INSERT', $index_field, $index_value, $old_rec, $new_rec);
//** Updates a record and saves the changes into the datalog
public function datalogUpdate($tablename, $update_data, $index_field, $index_value, $force_update = false) {
global $app;
if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename);
if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename);
$old_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value);
if(is_array($update_data)) {
$update_data_str = '';
foreach($update_data as $key => $val) {
$update_data_str .= '?? = ?,';
$params[] = $key;
$params[] = $val;
}
$params[] = $index_field;
$params[] = $index_value;
$update_data_str = substr($update_data_str, 0, -1);
$this->query("UPDATE ?? SET $update_data_str WHERE ?? = ?", true, $params);
} else {
/* TODO: deprecate this method! */
$update_data_str = $update_data;
$this->query("UPDATE ?? SET $update_data_str WHERE ?? = ?", $tablename, $index_field, $index_value);
Marius Cramer
committed
$app->log("deprecated use of passing values to datalogUpdate() - table " . $tablename, 1);
}
$new_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value);
$this->datalogSave($tablename, 'UPDATE', $index_field, $index_value, $old_rec, $new_rec, $force_update);
//** Deletes a record and saves the changes into the datalog
public function datalogDelete($tablename, $index_field, $index_value) {
global $app;
if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename);
if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename);
$old_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value);
$this->query("DELETE FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value);
$new_rec = array();
$this->datalogSave($tablename, 'DELETE', $index_field, $index_value, $old_rec, $new_rec);
//* get the current datalog status for the specified login (or currently logged in user)
public function datalogStatus($login = '') {
global $app;
$return = array('count' => 0, 'entries' => array());
if($_SESSION['s']['user']['typ'] == 'admin') return $return; // these information should not be displayed to admin users
if($login == '' && isset($_SESSION['s']['user'])) {
$login = $_SESSION['s']['user']['username'];
}
$result = $this->queryAllRecords("SELECT COUNT( * ) AS cnt, sys_datalog.action, sys_datalog.dbtable FROM sys_datalog, server WHERE server.server_id = sys_datalog.server_id AND sys_datalog.user = ? AND sys_datalog.datalog_id > server.updated GROUP BY sys_datalog.dbtable, sys_datalog.action", $login);
foreach($result as $row) {
if(!$row['dbtable'] || in_array($row['dbtable'], array('aps_instances', 'aps_instances_settings', 'mail_access', 'mail_content_filter'))) continue; // ignore some entries, maybe more to come
$return['entries'][] = array('table' => $row['dbtable'], 'action' => $row['action'], 'count' => $row['cnt'], 'text' => $app->lng('datalog_status_' . $row['action'] . '_' . $row['dbtable']));
$return['count'] += $row['cnt'];
}
unset($result);
return $return;
}
/*
$columns = array(action => add | alter | drop
name => Spaltenname
name_new => neuer Spaltenname, nur bei 'alter' belegt
type => 42go-Meta-Type: int16, int32, int64, double, char, varchar, text, blob
typeValue => Wert z.B. bei Varchar
defaultValue => Default Wert
notNull => true | false
autoInc => true | false
option => unique | primary | index)
*/
public function createTable($table_name, $columns) {
$index = '';
foreach($columns as $col){
$sql .= $col['name'].' '.$this->mapType($col['type'], $col['typeValue']).' ';
if($col['defaultValue'] != '') $sql .= "DEFAULT '".$col['defaultValue']."' ";
if($col['notNull'] == true) {
$sql .= 'NOT NULL ';
} else {
$sql .= 'NULL ';
}
if($col['autoInc'] == true) $sql .= 'auto_increment ';
$sql.= ',';
// key Definitionen
if($col['option'] == 'primary') $index .= 'PRIMARY KEY ('.$col['name'].'),';
if($col['option'] == 'index') $index .= 'INDEX ('.$col['name'].'),';
if($col['option'] == 'unique') $index .= 'UNIQUE ('.$col['name'].'),';
}
$sql .= $index;
$sql = substr($sql, 0, -1);
$sql .= ')';
/* TODO: secure parameters */
$this->query($sql, $table_name);
$columns = array(action => add | alter | drop
name => Spaltenname
name_new => neuer Spaltenname, nur bei 'alter' belegt
type => 42go-Meta-Type: int16, int32, int64, double, char, varchar, text, blob
typeValue => Wert z.B. bei Varchar
defaultValue => Default Wert
notNull => true | false
autoInc => true | false
option => unique | primary | index)
*/
public function alterTable($table_name, $columns) {
$index = '';
foreach($columns as $col){
if($col['action'] == 'add') {
$sql .= 'ADD '.$col['name'].' '.$this->mapType($col['type'], $col['typeValue']).' ';
} elseif ($col['action'] == 'alter') {
$sql .= 'CHANGE '.$col['name'].' '.$col['name_new'].' '.$this->mapType($col['type'], $col['typeValue']).' ';
} elseif ($col['action'] == 'drop') {
$sql .= 'DROP '.$col['name'].' ';
}
if($col['action'] != 'drop') {
if($col['defaultValue'] != '') $sql .= "DEFAULT '".$col['defaultValue']."' ";
if($col['notNull'] == true) {
$sql .= 'NOT NULL ';
} else {
$sql .= 'NULL ';
}
if($col['autoInc'] == true) $sql .= 'auto_increment ';
$sql.= ',';
// Index definitions
if($col['option'] == 'primary') $index .= 'PRIMARY KEY ('.$col['name'].'),';
if($col['option'] == 'index') $index .= 'INDEX ('.$col['name'].'),';
if($col['option'] == 'unique') $index .= 'UNIQUE ('.$col['name'].'),';
}
}
$sql .= $index;
$sql = substr($sql, 0, -1);
public function dropTable($table_name) {
$this->check($table_name);
$sql = "DROP TABLE ??";
return $this->query($sql, $table_name);
// gibt Array mit Tabellennamen zur�ck
public function getTables($database_name = '') {
if(!is_object($this->_iConnId)) return false;
if($database_name == '') $database_name = $this->dbName;
$tb_names = $this->queryAllArray("SHOW TABLES FROM ??", $database_name);
// gibt Feldinformationen zur Tabelle zur�ck
/*
$columns = array(action => add | alter | drop
name => Spaltenname
name_new => neuer Spaltenname, nur bei 'alter' belegt
type => 42go-Meta-Type: int16, int32, int64, double, char, varchar, text, blob
typeValue => Wert z.B. bei Varchar
defaultValue => Default Wert
notNull => true | false
autoInc => true | false
option => unique | primary | index)
*/
function tableInfo($table_name) {
global $go_api, $go_info, $app;
// Tabellenfelder einlesen
if($rows = $app->db->queryAllRecords('SHOW FIELDS FROM ??', $table_name)){
foreach($rows as $row) {
/*
$name = $row[0];
$default = $row[4];
$key = $row[3];
$extra = $row[5];
$isnull = $row[2];
$type = $row[1];
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
$name = $row['Field'];
$default = $row['Default'];
$key = $row['Key'];
$extra = $row['Extra'];
$isnull = $row['Null'];
$type = $row['Type'];
$column = array();
$column['name'] = $name;
//$column['type'] = $type;
$column['defaultValue'] = $default;
if(stristr($key, 'PRI')) $column['option'] = 'primary';
if(stristr($isnull, 'YES')) {
$column['notNull'] = false;
} else {
$column['notNull'] = true;
}
if($extra == 'auto_increment') $column['autoInc'] = true;
// Type in Metatype umsetzen
if(stristr($type, 'int(')) $metaType = 'int32';
if(stristr($type, 'bigint')) $metaType = 'int64';
if(stristr($type, 'char')) {
$metaType = 'char';
$tmp_typeValue = explode('(', $type);
$column['typeValue'] = substr($tmp_typeValue[1], 0, -1);
}
if(stristr($type, 'varchar')) {
$metaType = 'varchar';
$tmp_typeValue = explode('(', $type);
$column['typeValue'] = substr($tmp_typeValue[1], 0, -1);
}
if(stristr($type, 'text')) $metaType = 'text';
if(stristr($type, 'double')) $metaType = 'double';
if(stristr($type, 'blob')) $metaType = 'blob';
$column['type'] = $metaType;
$columns[] = $column;
}
return $columns;
} else {
return false;
}
//$this->createTable('tester',$columns);
/*
$result = mysql_list_fields($go_info["server"]["db_name"],$table_name);
$fields = mysql_num_fields ($result);
$i = 0;
$table = mysql_field_table ($result, $i);
while ($i < $fields) {
$name = mysql_field_name ($result, $i);
$type = mysql_field_type ($result, $i);
$len = mysql_field_len ($result, $i);
$flags = mysql_field_flags ($result, $i);
print_r($flags);
$columns = array(name => $name,
type => "",
defaultValue => "",
isnull => 1,
option => "");
$returnvar[] = $columns;
$i++;
}
*/
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
}
public function mapType($metaType, $typeValue) {
global $go_api;
$metaType = strtolower($metaType);
switch ($metaType) {
case 'int16':
return 'smallint';
break;
case 'int32':
return 'int';
break;
case 'int64':
return 'bigint';
break;
case 'double':
return 'double';
break;
case 'char':
return 'char';
break;
case 'varchar':
if($typeValue < 1) die('Database failure: Lenght required for these data types.');
return 'varchar('.$typeValue.')';
break;
case 'text':
return 'text';
break;
case 'blob':
return 'blob';
break;
Till Brehm
committed
case 'date':
return 'date';