DBConnection::exec() - Code Metrics - Inspection of "the whole point though is NOT to close the stateme..." - GEANT/CAT - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 6b9ef6...4302eb )

by Stefan

created 2019-04-25 14:07 UTC

DBConnection::exec() D

↳ Parent: DBConnection

Complexity

Conditions	18
Paths	117

Size

Total Lines	75
Code Lines	45

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
eloc	45
dl	0
loc	75
rs	4.725
c	0
b	0
f	0
cc	18
nc	117
nop	3

How to fix Long Method Complexity

<?php

/*
 * *****************************************************************************
 * Contributions to this work were made on behalf of the GÉANT project, a 
 * project that has received funding from the European Union’s Framework 
 * Programme 7 under Grant Agreements No. 238875 (GN3) and No. 605243 (GN3plus),
 * Horizon 2020 research and innovation programme under Grant Agreements No. 
 * 691567 (GN4-1) and No. 731122 (GN4-2).
 * On behalf of the aforementioned projects, GEANT Association is the sole owner
 * of the copyright in all material which was developed by a member of the GÉANT
 * project. GÉANT Vereniging (Association) is registered with the Chamber of 
 * Commerce in Amsterdam with registration number 40535155 and operates in the 
 * UK as a branch of GÉANT Vereniging.
 * 
 * Registered office: Hoekenrode 3, 1102BR Amsterdam, The Netherlands. 
 * UK branch address: City House, 126-130 Hills Road, Cambridge CB2 1PQ, UK
 *
 * License: see the web/copyright.inc.php file in the file structure or
 *          <base_url>/copyright.php after deploying the software
 */

/**
 * This file contains the DBConnection singleton.
 * 
 * @author Stefan Winter <[email protected]>
 * @author Tomasz Wolniewicz <[email protected]>
 * 
 * @package Developer
 */

namespace core;

use \Exception;

/**
 * This class is a singleton for establishing a connection to the database
 *
 * @author Stefan Winter <[email protected]>
 * @author Tomasz Wolniewicz <[email protected]>
 *
 * @license see LICENSE file in root directory
 *
 * @package Developer
 */
class DBConnection {

    /**
     * This is the actual constructor for the singleton. It creates a database connection if it is not up yet, and returns a handle to the database connection on every call.
     * 
     * @param string $database the database type to open
     * @return DBConnection the (only) instance of this class
     * @throws Exception
     */
    public static function handle($database) {
        $theDb = strtoupper($database);
        switch ($theDb) {
            case "INST":
            case "USER":
            case "EXTERNAL":
            case "FRONTEND":
            case "DIAGNOSTICS":
                if (!isset(self::${"instance" . $theDb})) {
                    $class = __CLASS__;
                    self::${"instance" . $theDb} = new $class($database);
                    DBConnection::${"instance" . $theDb}->databaseInstance = $theDb;
                }
                return self::${"instance" . $theDb};
            default:
                throw new Exception("This type of database (" . strtoupper($database) . ") is not known!");
        }
    }

    /**
     * Implemented for safety reasons only. Cloning is forbidden and will tell the user so.
     *
     * @return void
     */
    public function __clone() {
        trigger_error('Clone is not allowed.', E_USER_ERROR);
    }

    /**
     * tells the caller if the database is to be accessed read-only
     * @return bool
     */
    public function isReadOnly() {
        return $this->readOnly;
    }

    /**
     * executes a query and triggers logging to the SQL audit log if it's not a SELECT
     * @param string $querystring  the query to be executed
     * @param string $types        for prepared statements, the type list of parameters
     * @param mixed  ...$arguments for prepared statements, the parameters
     * @return mixed the query result as mysqli_result object; or TRUE on non-return-value statements
     * @throws Exception
     */
    public function exec($querystring, $types = NULL, &...$arguments) {
        // log exact query to audit log, if it's not a SELECT
        $isMoreThanSelect = FALSE;
        if (preg_match("/^(SELECT\ |SET\ )/i", $querystring) == 0 && preg_match("/^DESC/i", $querystring) == 0) {
            $isMoreThanSelect = TRUE;
            if ($this->readOnly) { // let's not do this.
                throw new Exception("This is a read-only DB connection, but this is statement is not a SELECT!");
            }
        }
        // log exact query to debug log, if log level is at 5
        $this->loggerInstance->debug(5, "DB ATTEMPT: " . $querystring . "\n");
        if ($types !== NULL) {
            $this->loggerInstance->debug(5, "Argument type sequence: $types, parameters are: " . print_r($arguments, true));
        }

        if ($this->connection->connect_error) {
            throw new Exception("ERROR: Cannot send query to $this->databaseInstance database (no connection, error number" . $this->connection->connect_error . ")!");
        }
        if ($types === NULL) {
            $result = $this->connection->query($querystring);
            if ($result === FALSE) {
                throw new Exception("DB: Unable to execute simple statement! Error was --> " . $this->connection->error . " <--");
            }
        } else {
            // fancy! prepared statement with dedicated argument list
            if (strlen($types) != count($arguments)) {
                throw new Exception("DB: Prepared Statement: Number of arguments and the type list length differ!");
            }
            if (isset($this->preparedStatements[$querystring])) {
                $statementObject = $this->preparedStatements[$querystring];
            } else {
                $statementObject = $this->connection->stmt_init();
                if ($statementObject === FALSE) {
                    throw new Exception("DB: Unable to initialise prepared Statement!");
                }
                $prepResult = $statementObject->prepare($querystring);
                if ($prepResult === FALSE) {
                    throw new Exception("DB: Unable to prepare statement! Statement was --> $querystring <--, error was --> " . $statementObject->error . " <--.");
                }
                $this->preparedStatements[$querystring] = $statementObject;
            }
            // we have a variable number of arguments packed into the ... array
            // but the function needs to be called exactly once, with a series of
            // individual arguments, not an array. The voodoo solution is to call
            // it via call_user_func_array()

            $localArray = $arguments;
            array_unshift($localArray, $types);
            $retval = call_user_func_array([$statementObject, "bind_param"], $localArray);
            if ($retval === FALSE) {
                throw new Exception("DB: Unable to bind parameters to prepared statement! Argument array was --> " . var_export($localArray, TRUE) . " <--. Error was --> " . $statementObject->error . " <--");
            }
            $result = $statementObject->execute();
            if ($result === FALSE) {
                throw new Exception("DB: Unable to execute prepared statement! Error was --> " . $statementObject->error . " <--");
            }
            $selectResult = $statementObject->get_result();
            if ($selectResult !== FALSE) {
                $result = $selectResult;
            }
        }

        // all cases where $result could be FALSE have been caught earlier
        if ($this->connection->errno) {
            throw new Exception("ERROR: Cannot execute query in $this->databaseInstance database - (hopefully escaped) query was '$querystring', errno was " . $this->connection->errno . "!");
        }


        if ($isMoreThanSelect) {
            $this->loggerInstance->writeSQLAudit("[DB: " . strtoupper($this->databaseInstance) . "] " . $querystring);
            if ($types !== NULL) {
                $this->loggerInstance->writeSQLAudit("Argument type sequence: $types, parameters are: " . print_r($arguments, true));
            }
        }
        return $result;
    }

    /**
     * Retrieves the last auto-id of an INSERT. Needs to be called immediately after the corresponding exec() call
     * @return int the last autoincrement-ID
     */
    public function lastID() {
        return $this->connection->insert_id;
    }

    /**
     * Holds the singleton instance reference to USER database
     * 
     * @var DBConnection 
     */
    private static $instanceUSER;

    /**
     * Holds the singleton instance reference to INST database
     * 
     * @var DBConnection 
     */
    private static $instanceINST;

    /**
     * Holds the singleton instance reference to EXTERNAL database
     * 
     * @var DBConnection 
     */
    private static $instanceEXTERNAL;

    /**
     * Holds the singleton instance reference to FRONTEND database
     * 
     * @var DBConnection 
     */
    private static $instanceFRONTEND;

    /**
     * Holds the singleton instance reference to DIAGNOSTICS database
     * 
     * @var DBConnection 
     */
    private static $instanceDIAGNOSTICS;

    /**
     * after instantiation, keep state of which DB *this one* talks to
     * 
     * @var string which database does this instance talk to
     */
    private $databaseInstance;

    /**
     * The connection to the DB server
     * 
     * @var \mysqli
     */
    private $connection;

    /**
     * @var \core\common\Logging
     */
    private $loggerInstance;

    /**
     * Keeps state whether we are a readonly DB instance
     * @var boolean
     */
    private $readOnly;

    /**
     * Class constructor. Cannot be called directly; use handle()
     * 
     * @param string $database the database to open
     * @throws Exception
     */
    private function __construct($database) {
        $this->loggerInstance = new \core\common\Logging();
        $databaseCapitalised = strtoupper($database);
        $this->connection = new \mysqli(\config\Master::DB[$databaseCapitalised]['host'], \config\Master::DB[$databaseCapitalised]['user'], \config\Master::DB[$databaseCapitalised]['pass'], \config\Master::DB[$databaseCapitalised]['db']);
        if ($this->connection->connect_error) {
            throw new Exception("ERROR: Unable to connect to $database database! This is a fatal error, giving up (error number " . $this->connection->connect_errno . ").");
        }
        $this->readOnly = \config\Master::DB[$databaseCapitalised]['readonly'];
    }

    /**
     * keeps all previously prepared statements in memory so we can reuse them
     * later
     * 
     * @var array
     */
    private $preparedStatements = [];

}


1			<?php
2
3			/*
4			* *****************************************************************************
5			* Contributions to this work were made on behalf of the GÉANT project, a
6			* project that has received funding from the European Union’s Framework
7			* Programme 7 under Grant Agreements No. 238875 (GN3) and No. 605243 (GN3plus),
8			* Horizon 2020 research and innovation programme under Grant Agreements No.
9			* 691567 (GN4-1) and No. 731122 (GN4-2).
10			* On behalf of the aforementioned projects, GEANT Association is the sole owner
11			* of the copyright in all material which was developed by a member of the GÉANT
12			* project. GÉANT Vereniging (Association) is registered with the Chamber of
13			* Commerce in Amsterdam with registration number 40535155 and operates in the
14			* UK as a branch of GÉANT Vereniging.
15			*
16			* Registered office: Hoekenrode 3, 1102BR Amsterdam, The Netherlands.
17			* UK branch address: City House, 126-130 Hills Road, Cambridge CB2 1PQ, UK
18			*
19			* License: see the web/copyright.inc.php file in the file structure or
20			* <base_url>/copyright.php after deploying the software
21			*/
22
23			/**
24			* This file contains the DBConnection singleton.
25			*
26			* @author Stefan Winter <[email protected]>
27			* @author Tomasz Wolniewicz <[email protected]>
28			*
29			* @package Developer
30			*/
31
32			namespace core;
33
34			use \Exception;
35
36			/**
37			* This class is a singleton for establishing a connection to the database
38			*
39			* @author Stefan Winter <[email protected]>
40			* @author Tomasz Wolniewicz <[email protected]>
41			*
42			* @license see LICENSE file in root directory
43			*
44			* @package Developer
45			*/
46			class DBConnection {
47
48			/**
49			* This is the actual constructor for the singleton. It creates a database connection if it is not up yet, and returns a handle to the database connection on every call.
50			*
51			* @param string $database the database type to open
52			* @return DBConnection the (only) instance of this class
53			* @throws Exception
54			*/
55			public static function handle($database) {
56			$theDb = strtoupper($database);
57			switch ($theDb) {
58			case "INST":
59			case "USER":
60			case "EXTERNAL":
61			case "FRONTEND":
62			case "DIAGNOSTICS":
63			if (!isset(self::${"instance" . $theDb})) {
64			$class = __CLASS__;
65			self::${"instance" . $theDb} = new $class($database);
66			DBConnection::${"instance" . $theDb}->databaseInstance = $theDb;
67			}
68			return self::${"instance" . $theDb};
69			default:
70			throw new Exception("This type of database (" . strtoupper($database) . ") is not known!");
71			}
72			}
73
74			/**
75			* Implemented for safety reasons only. Cloning is forbidden and will tell the user so.
76			*
77			* @return void
78			*/
79			public function __clone() {
80			trigger_error('Clone is not allowed.', E_USER_ERROR);
81			}
82
83			/**
84			* tells the caller if the database is to be accessed read-only
85			* @return bool
86			*/
87			public function isReadOnly() {
88			return $this->readOnly;
89			}
90
91			/**
92			* executes a query and triggers logging to the SQL audit log if it's not a SELECT
93			* @param string $querystring the query to be executed
94			* @param string $types for prepared statements, the type list of parameters
95			* @param mixed ...$arguments for prepared statements, the parameters
96			* @return mixed the query result as mysqli_result object; or TRUE on non-return-value statements
97			* @throws Exception
98			*/
99			public function exec($querystring, $types = NULL, &...$arguments) {
100			// log exact query to audit log, if it's not a SELECT
101			$isMoreThanSelect = FALSE;
102			if (preg_match("/^(SELECT\ \|SET\ )/i", $querystring) == 0 && preg_match("/^DESC/i", $querystring) == 0) {
103			$isMoreThanSelect = TRUE;
104			if ($this->readOnly) { // let's not do this.
105			throw new Exception("This is a read-only DB connection, but this is statement is not a SELECT!");
106			}
107			}
108			// log exact query to debug log, if log level is at 5
109			$this->loggerInstance->debug(5, "DB ATTEMPT: " . $querystring . "\n");
110			if ($types !== NULL) {
111			$this->loggerInstance->debug(5, "Argument type sequence: $types, parameters are: " . print_r($arguments, true));
112			}
113
114			if ($this->connection->connect_error) {
115			throw new Exception("ERROR: Cannot send query to $this->databaseInstance database (no connection, error number" . $this->connection->connect_error . ")!");
116			}
117			if ($types === NULL) {
118			$result = $this->connection->query($querystring);
119			if ($result === FALSE) {
120			throw new Exception("DB: Unable to execute simple statement! Error was --> " . $this->connection->error . " <--");
121			}
122			} else {
123			// fancy! prepared statement with dedicated argument list
124			if (strlen($types) != count($arguments)) {
125			throw new Exception("DB: Prepared Statement: Number of arguments and the type list length differ!");
126			}
127			if (isset($this->preparedStatements[$querystring])) {
128			$statementObject = $this->preparedStatements[$querystring];
129			} else {
130			$statementObject = $this->connection->stmt_init();
131			if ($statementObject === FALSE) {
132			throw new Exception("DB: Unable to initialise prepared Statement!");
133			}
134			$prepResult = $statementObject->prepare($querystring);
135			if ($prepResult === FALSE) {
136			throw new Exception("DB: Unable to prepare statement! Statement was --> $querystring <--, error was --> " . $statementObject->error . " <--.");
137			}
138			$this->preparedStatements[$querystring] = $statementObject;
139			}
140			// we have a variable number of arguments packed into the ... array
141			// but the function needs to be called exactly once, with a series of
142			// individual arguments, not an array. The voodoo solution is to call
143			// it via call_user_func_array()
144
145			$localArray = $arguments;
146			array_unshift($localArray, $types);
147			$retval = call_user_func_array([$statementObject, "bind_param"], $localArray);
148			if ($retval === FALSE) {
149			throw new Exception("DB: Unable to bind parameters to prepared statement! Argument array was --> " . var_export($localArray, TRUE) . " <--. Error was --> " . $statementObject->error . " <--");
150			}
151			$result = $statementObject->execute();
152			if ($result === FALSE) {
153			throw new Exception("DB: Unable to execute prepared statement! Error was --> " . $statementObject->error . " <--");
154			}
155			$selectResult = $statementObject->get_result();
156			if ($selectResult !== FALSE) {
157			$result = $selectResult;
158			}
159			}
160
161			// all cases where $result could be FALSE have been caught earlier
162			if ($this->connection->errno) {
163			throw new Exception("ERROR: Cannot execute query in $this->databaseInstance database - (hopefully escaped) query was '$querystring', errno was " . $this->connection->errno . "!");
164			}
165
166
167			if ($isMoreThanSelect) {
168			$this->loggerInstance->writeSQLAudit("[DB: " . strtoupper($this->databaseInstance) . "] " . $querystring);
169			if ($types !== NULL) {
170			$this->loggerInstance->writeSQLAudit("Argument type sequence: $types, parameters are: " . print_r($arguments, true));
171			}
172			}
173			return $result;
174			}
175
176			/**
177			* Retrieves the last auto-id of an INSERT. Needs to be called immediately after the corresponding exec() call
178			* @return int the last autoincrement-ID
179			*/
180			public function lastID() {
181			return $this->connection->insert_id;
182			}
183
184			/**
185			* Holds the singleton instance reference to USER database
186			*
187			* @var DBConnection
188			*/
189			private static $instanceUSER;
190
191			/**
192			* Holds the singleton instance reference to INST database
193			*
194			* @var DBConnection
195			*/
196			private static $instanceINST;
197
198			/**
199			* Holds the singleton instance reference to EXTERNAL database
200			*
201			* @var DBConnection
202			*/
203			private static $instanceEXTERNAL;
204
205			/**
206			* Holds the singleton instance reference to FRONTEND database
207			*
208			* @var DBConnection
209			*/
210			private static $instanceFRONTEND;
211
212			/**
213			* Holds the singleton instance reference to DIAGNOSTICS database
214			*
215			* @var DBConnection
216			*/
217			private static $instanceDIAGNOSTICS;
218
219			/**
220			* after instantiation, keep state of which DB this one talks to
221			*
222			* @var string which database does this instance talk to
223			*/
224			private $databaseInstance;
225
226			/**
227			* The connection to the DB server
228			*
229			* @var \mysqli
230			*/
231			private $connection;
232
233			/**
234			* @var \core\common\Logging
235			*/
236			private $loggerInstance;
237
238			/**
239			* Keeps state whether we are a readonly DB instance
240			* @var boolean
241			*/
242			private $readOnly;
243
244			/**
245			* Class constructor. Cannot be called directly; use handle()
246			*
247			* @param string $database the database to open
248			* @throws Exception
249			*/
250			private function __construct($database) {
251			$this->loggerInstance = new \core\common\Logging();
252			$databaseCapitalised = strtoupper($database);
253			$this->connection = new \mysqli(\config\Master::DB[$databaseCapitalised]['host'], \config\Master::DB[$databaseCapitalised]['user'], \config\Master::DB[$databaseCapitalised]['pass'], \config\Master::DB[$databaseCapitalised]['db']);
254			if ($this->connection->connect_error) {
255			throw new Exception("ERROR: Unable to connect to $database database! This is a fatal error, giving up (error number " . $this->connection->connect_errno . ").");
256			}
257			$this->readOnly = \config\Master::DB[$databaseCapitalised]['readonly'];
258			}
259
260			/**
261			* keeps all previously prepared statements in memory so we can reuse them
262			* later
263			*
264			* @var array
265			*/
266			private $preparedStatements = [];
267
268			}
269

GEANT / CAT

Push — master ( 6b9ef6...4302eb )

DBConnection::exec() D

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like