These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /*************************************************************************** |
||
3 | * for license information see LICENSE.md |
||
4 | * This module includes all database function necessary to do queries from |
||
5 | * the database. |
||
6 | ***************************************************************************/ |
||
7 | |||
8 | use Oc\Util\CBench; |
||
9 | |||
10 | /*************************************************************************** |
||
11 | * Overview: |
||
12 | * sql_enable_debugger() ... enables Sqldebug if not not already done by config |
||
13 | * sql($sql) ... Query SQL and return result |
||
14 | * sql_escape($value) ... Escape parameter for SQL-use |
||
15 | * sql_escape_backtick($value) ... escape $value for use within backticks |
||
16 | * sql_value($sql, $default) ... Query SQL and return first row of first line |
||
17 | * sql_fetch_array($rs) ... mysql_fetch_array with charset conversion |
||
18 | * sql_fetch_assoc($rs) ... mysql_fetch_assoc with charset conversion |
||
19 | * sql_fetch_row($rs) ... mysql_fetch_row with charset conversion |
||
20 | * sql_fetch_column($rs) ... fetch column with charset conversion |
||
21 | * sql_fetch_assoc_table($rs) ... fetch_assoc for all rows |
||
22 | * sql_temp_table($table) ... registers an placeholder for use as temporary |
||
23 | * table and drop's temporary tables if |
||
24 | * mysql_pconnect is used |
||
25 | * sql_drop_temp_table($table) ... unregisters and drops an tmp-table placeholder |
||
26 | * sql_free_result($rs) ... mysql_free_result |
||
27 | * sql_affected_rows() ... mysql_affected_rows |
||
28 | * sql_insert_id() ... mysql_insert_id |
||
29 | * sql_num_rows($rs) ... mysql_num_rows |
||
30 | * sql_export_recordset($f, $rs) ... export recordset to file |
||
31 | * sql_export_table($f, $table) ... export table to file |
||
32 | * sql_export_table_to_file($filename, $table) |
||
33 | * sql_table_exists ... tests if a table exists |
||
34 | * sql_field_exists ... tests if a table and a field in this table exist |
||
35 | * sql_field_type ... queries the type of a field (uppercase letters) |
||
36 | * sql_index_exists ... tests if a table and an index of this table exist |
||
37 | * // slave query functions |
||
38 | * sql_slave_exclude() ... do not use slave servers for the current user |
||
39 | * until the slaves have replicated to this point |
||
40 | * (e.g. after a new cache was hidden) |
||
41 | * sql_slave($sql) |
||
42 | * sql_value_slave($sql, $default) |
||
43 | * sql_temp_table_slave($table) |
||
44 | * sql_drop_temp_table_slave($table) |
||
45 | * sql_affected_rows_slave() |
||
46 | * sql_insert_id_slave() |
||
47 | * sql_connect_anyslave() |
||
48 | * sql_connect_slave($id) |
||
49 | * sqlf_slave($sql) |
||
50 | * // for sqldebugger |
||
51 | * sqlf($sql) ... sql for framwork functions |
||
52 | * sqll($sql) ... sql for business layer functions |
||
53 | * sqlf_value($sql, $default) ... sql_value for framwork functions |
||
54 | * sqll_value($sql, $default) ... sql_value for business layer functions |
||
55 | * // only for internal use ... invoked automatically |
||
56 | * sql_connect() ... connect to the database |
||
57 | * sql_disconnect() ... disconnect database |
||
58 | * sql_disconnect_slave() ... disconnect slave database |
||
59 | * sql_error() ... report an error and stop processing |
||
60 | * sql_warn($warnmessage) ... report a warning and resume processing |
||
61 | * // for maintenance functions |
||
62 | * sql_connect_maintenance() ... connect the database with more privileges |
||
63 | * sql_dropFunction ... drops stored function |
||
64 | * sql_dropProcedure ... drops stored procedure |
||
65 | * sql_dropTrigger ... drops stored trigger |
||
66 | ***************************************************************************/ |
||
67 | |||
68 | $db['connected'] = false; |
||
69 | $db['dblink'] = false; |
||
70 | $db['dblink_slave'] = false; |
||
71 | $db['slave_id'] = -1; |
||
72 | $db['slave_server'] = ''; |
||
73 | $db['temptable_initialized'] = false; |
||
74 | $db['temptables'] = []; |
||
75 | $db['temptables_slave'] = []; |
||
76 | $db['mode'] = DB_MODE_USER; |
||
77 | $db['error'] = false; |
||
78 | |||
79 | $db['debug'] = (($opt['debug'] & DEBUG_SQLDEBUGGER) == DEBUG_SQLDEBUGGER); |
||
80 | if ($db['debug'] === true) { |
||
81 | require_once __DIR__ . '/sqldebugger.class.php'; |
||
82 | } |
||
83 | |||
84 | |||
85 | /** |
||
86 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
87 | * @param $sql |
||
88 | * @return resource |
||
89 | */ |
||
90 | View Code Duplication | function sql($sql) |
|
91 | { |
||
92 | global $db; |
||
93 | |||
94 | // establish db connection |
||
95 | if ($db['connected'] !== true) { |
||
96 | sql_connect(); |
||
97 | } |
||
98 | |||
99 | // prepare args |
||
100 | $args = func_get_args(); |
||
101 | unset($args[0]); |
||
102 | |||
103 | if (isset($args[1]) && is_array($args[1])) { |
||
104 | $tmp_args = $args[1]; |
||
105 | unset($args); |
||
106 | |||
107 | // correct indices |
||
108 | $args = array_merge([0], $tmp_args); |
||
109 | unset($tmp_args, $args[0]); |
||
110 | } |
||
111 | |||
112 | return sql_internal($db['dblink'], $sql, $args); |
||
113 | } |
||
114 | |||
115 | /** |
||
116 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
117 | * @param $sql |
||
118 | * @return resource |
||
119 | */ |
||
120 | View Code Duplication | function sql_slave($sql) |
|
121 | { |
||
122 | global $db; |
||
123 | |||
124 | if ($db['dblink_slave'] === false) { |
||
125 | sql_connect_anyslave(); |
||
126 | } |
||
127 | |||
128 | // prepare args |
||
129 | $args = func_get_args(); |
||
130 | unset($args[0]); |
||
131 | |||
132 | if (isset($args[1]) && is_array($args[1])) { |
||
133 | $tmp_args = $args[1]; |
||
134 | unset($args); |
||
135 | |||
136 | // correct indices |
||
137 | $args = array_merge([0], $tmp_args); |
||
138 | unset($tmp_args, $args[0]); |
||
139 | } |
||
140 | |||
141 | return sql_internal($db['dblink_slave'], $sql, $args); |
||
142 | } |
||
143 | |||
144 | /** |
||
145 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
146 | * @param $dblink |
||
147 | * @param $sql |
||
148 | * @return resource |
||
149 | */ |
||
150 | function sql_internal($dblink, $sql) |
||
151 | { |
||
152 | global $opt, $db, $sqldebugger; |
||
153 | |||
154 | $args = func_get_args(); |
||
155 | unset($args[0], $args[1]); |
||
156 | |||
157 | /* as an option, you can give as second parameter an array |
||
158 | * with all values for the placeholder. The array has to be |
||
159 | * with numeric indices. |
||
160 | */ |
||
161 | if (isset($args[2]) && is_array($args[2])) { |
||
162 | $tmp_args = $args[2]; |
||
163 | unset($args); |
||
164 | |||
165 | // correct indices |
||
166 | $args = array_merge([0], $tmp_args); |
||
167 | unset($tmp_args, $args[0]); |
||
168 | } |
||
169 | |||
170 | $sqlpos = 0; |
||
171 | $filtered_sql = ''; |
||
172 | |||
173 | // replace every &x in $sql with the placeholder or parameter |
||
174 | $nextarg = strpos($sql, '&'); |
||
175 | while ($nextarg !== false) { |
||
176 | // & escaped? |
||
177 | $escapesCount = 0; |
||
178 | while ((($nextarg - $escapesCount - 1) > 0) && (substr($sql, $nextarg - $escapesCount - 1, 1) == '\\')) { |
||
179 | $escapesCount++; |
||
180 | } |
||
181 | if (($escapesCount % 2) === 1) { |
||
182 | $nextarg++; |
||
183 | } else { |
||
184 | $nextchar = substr($sql, $nextarg + 1, 1); |
||
185 | if (is_numeric($nextchar)) { |
||
186 | $arglength = 0; |
||
187 | $arg = ''; |
||
188 | |||
189 | // find next non-digit |
||
190 | View Code Duplication | while (preg_match('/^[0-9]{1}/', $nextchar) === 1) { |
|
191 | $arg .= $nextchar; |
||
192 | |||
193 | $arglength++; |
||
194 | $nextchar = substr($sql, $nextarg + $arglength + 1, 1); |
||
195 | } |
||
196 | |||
197 | // ok ... replace |
||
198 | $filtered_sql .= substr($sql, $sqlpos, $nextarg - $sqlpos); |
||
199 | $sqlpos = $nextarg + $arglength; |
||
200 | |||
201 | View Code Duplication | if (isset($args[$arg])) { |
|
202 | if (is_numeric($args[$arg])) { |
||
203 | $filtered_sql .= $args[$arg]; |
||
204 | } else { |
||
205 | if ((substr($sql, $sqlpos - $arglength - 1, 1) == '\'') && (substr( |
||
206 | $sql, |
||
207 | $sqlpos + 1, |
||
208 | 1 |
||
209 | ) == '\'')) { |
||
210 | $filtered_sql .= sql_escape($args[$arg]); |
||
211 | } elseif ((substr($sql, $sqlpos - $arglength - 1, 1) == '`') && (substr( |
||
212 | $sql, |
||
213 | $sqlpos + 1, |
||
214 | 1 |
||
215 | ) == '`')) { |
||
216 | $filtered_sql .= sql_escape_backtick($args[$arg]); |
||
217 | } else { |
||
218 | sql_error($sql); |
||
219 | } |
||
220 | } |
||
221 | } else { |
||
222 | // NULL |
||
223 | if ((substr($sql, $sqlpos - $arglength - 1, 1) == '\'') && (substr($sql, $sqlpos + 1, 1) == '\'')) { |
||
224 | // strip apostroph and insert NULL |
||
225 | $filtered_sql = substr($filtered_sql, 0, strlen($filtered_sql) - 1); |
||
226 | $filtered_sql .= 'NULL'; |
||
227 | $sqlpos++; |
||
228 | } else { |
||
229 | $filtered_sql .= 'NULL'; |
||
230 | } |
||
231 | } |
||
232 | |||
233 | $sqlpos++; |
||
234 | } else { |
||
235 | $arglength = 0; |
||
236 | $arg = ''; |
||
237 | |||
238 | // find next non-alphanumeric char |
||
239 | // (added '_' - it is used in temptable names - following 2013/07/18) |
||
240 | View Code Duplication | while (preg_match('/^[a-zA-Z0-9_]{1}/', $nextchar) == 1) { |
|
241 | $arg .= $nextchar; |
||
242 | |||
243 | $arglength++; |
||
244 | $nextchar = substr($sql, $nextarg + $arglength + 1, 1); |
||
245 | } |
||
246 | |||
247 | // ok ... replace |
||
248 | $filtered_sql .= substr($sql, $sqlpos, $nextarg - $sqlpos); |
||
249 | |||
250 | if (isset($opt['db']['placeholder'][$arg])) { |
||
251 | if (substr($sql, $nextarg - 1, 1) != '`') { |
||
252 | $filtered_sql .= '`'; |
||
253 | } |
||
254 | |||
255 | $filtered_sql .= sql_escape_backtick($opt['db']['placeholder'][$arg]); |
||
256 | |||
257 | if (substr($sql, $nextarg + $arglength + 1, 1) != '`') { |
||
258 | $filtered_sql .= '`'; |
||
259 | } |
||
260 | } elseif (isset($db['temptables'][$arg])) { |
||
261 | if (substr($sql, $nextarg - 1, 1) != '`') { |
||
262 | $filtered_sql .= '`'; |
||
263 | } |
||
264 | |||
265 | $filtered_sql .= sql_escape_backtick( |
||
266 | $opt['db']['placeholder']['tmpdb'] |
||
267 | ) . '`.`' . sql_escape_backtick($db['temptables'][$arg]); |
||
268 | |||
269 | if (substr($sql, $nextarg + $arglength + 1, 1) != '`') { |
||
270 | $filtered_sql .= '`'; |
||
271 | } |
||
272 | } else { |
||
273 | sql_error($sql); |
||
274 | } |
||
275 | |||
276 | $sqlpos = $nextarg + $arglength + 1; |
||
277 | } |
||
278 | } |
||
279 | |||
280 | $nextarg = strpos($sql, '&', $nextarg + 1); |
||
281 | } |
||
282 | |||
283 | // append the rest |
||
284 | $filtered_sql .= substr($sql, $sqlpos); |
||
285 | |||
286 | // strip escapes of & |
||
287 | $nextarg = strpos($filtered_sql, '\&'); |
||
288 | View Code Duplication | while ($nextarg !== false) { |
|
289 | $escapesCount = 0; |
||
290 | while ((($nextarg - $escapesCount - 1) > 0) |
||
291 | && (substr($filtered_sql, $nextarg - $escapesCount - 1, 1) == '\\')) { |
||
292 | $escapesCount++; |
||
293 | } |
||
294 | if (($escapesCount % 2) == 0) { |
||
295 | // strip escapes of & |
||
296 | $filtered_sql = substr($filtered_sql, 0, $nextarg) . '&' . substr($filtered_sql, $nextarg + 2); |
||
297 | $nextarg--; |
||
298 | } |
||
299 | |||
300 | $nextarg = strpos($filtered_sql, '\&', $nextarg + 2); |
||
301 | } |
||
302 | |||
303 | // |
||
304 | // ok ... filtered_sql is ready for usage |
||
305 | // |
||
306 | |||
307 | /* todo: |
||
308 | - errorlogging |
||
309 | - LIMIT |
||
310 | - block DROP/DELETE |
||
311 | */ |
||
312 | |||
313 | if ($db['debug'] === true) { |
||
314 | $result = $sqldebugger->execute($filtered_sql, $dblink, $dblink === $db['dblink_slave'], $db['slave_server']); |
||
315 | if ($result === false) { |
||
316 | sql_error($filtered_sql); |
||
317 | } |
||
318 | } else { |
||
319 | // measure time |
||
320 | if ($opt['db']['warn']['time'] > 0) { |
||
321 | $cSqlExecution = new CBench; |
||
322 | $cSqlExecution->start(); |
||
323 | } |
||
324 | |||
325 | $result = @mysql_query($filtered_sql, $dblink); |
||
326 | if ($result === false) { |
||
327 | sql_error($filtered_sql); |
||
328 | } |
||
329 | |||
330 | if ($opt['db']['warn']['time'] > 0) { |
||
331 | $cSqlExecution->stop(); |
||
0 ignored issues
–
show
|
|||
332 | |||
333 | if ($cSqlExecution->diff() > $opt['db']['warn']['time']) { |
||
334 | $ua = isset($_SERVER['HTTP_USER_AGENT']) ? "\r\n" . $_SERVER['HTTP_USER_AGENT'] : ''; |
||
335 | sql_warn('execution took ' . $cSqlExecution->diff() . ' seconds' . $ua); |
||
336 | } |
||
337 | } |
||
338 | } |
||
339 | |||
340 | return $result; |
||
341 | } |
||
342 | |||
343 | /** |
||
344 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
345 | * @param string $sql |
||
346 | * @return resource |
||
347 | */ |
||
348 | View Code Duplication | function sqlf($sql) |
|
349 | { |
||
350 | global $db; |
||
351 | $nOldMode = $db['mode']; |
||
352 | $db['mode'] = DB_MODE_FRAMEWORK; |
||
353 | $args = func_get_args(); |
||
354 | unset($args[0]); |
||
355 | $result = sql($sql, $args); |
||
356 | $db['mode'] = $nOldMode; |
||
357 | |||
358 | return $result; |
||
359 | } |
||
360 | |||
361 | /** |
||
362 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
363 | * @param string $sql |
||
364 | * @return resource |
||
365 | */ |
||
366 | View Code Duplication | function sqlf_slave($sql) |
|
367 | { |
||
368 | global $db; |
||
369 | $nOldMode = $db['mode']; |
||
370 | $db['mode'] = DB_MODE_FRAMEWORK; |
||
371 | $args = func_get_args(); |
||
372 | unset($args[0]); |
||
373 | $result = sql_slave($sql, $args); |
||
374 | $db['mode'] = $nOldMode; |
||
375 | |||
376 | return $result; |
||
377 | } |
||
378 | |||
379 | /** |
||
380 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
381 | * @param string $sql |
||
382 | * @return resource |
||
383 | */ |
||
384 | View Code Duplication | function sqll($sql) |
|
385 | { |
||
386 | global $db; |
||
387 | $nOldMode = $db['mode']; |
||
388 | $db['mode'] = DB_MODE_BUSINESSLAYER; |
||
389 | $args = func_get_args(); |
||
390 | unset($args[0]); |
||
391 | $result = sql($sql, $args); |
||
392 | $db['mode'] = $nOldMode; |
||
393 | |||
394 | return $result; |
||
395 | } |
||
396 | |||
397 | /** |
||
398 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
399 | * @param string $sql |
||
400 | * @param int $default |
||
401 | * @return mixed |
||
402 | */ |
||
403 | View Code Duplication | function sqlf_value($sql, $default) |
|
404 | { |
||
405 | global $db; |
||
406 | $nOldMode = $db['mode']; |
||
407 | $db['mode'] = DB_MODE_FRAMEWORK; |
||
408 | $args = func_get_args(); |
||
409 | unset($args[0], $args[1]); |
||
410 | $result = sql_value($sql, $default, $args); |
||
411 | $db['mode'] = $nOldMode; |
||
412 | |||
413 | return $result; |
||
414 | } |
||
415 | |||
416 | /** |
||
417 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
418 | * @param string $sql |
||
419 | * @param int $default |
||
420 | * @return mixed |
||
421 | */ |
||
422 | View Code Duplication | function sqll_value($sql, $default) |
|
423 | { |
||
424 | global $db; |
||
425 | $nOldMode = $db['mode']; |
||
426 | $db['mode'] = DB_MODE_BUSINESSLAYER; |
||
427 | $args = func_get_args(); |
||
428 | unset($args[0], $args[1]); |
||
429 | $result = sql_value($sql, $default, $args); |
||
430 | $db['mode'] = $nOldMode; |
||
431 | |||
432 | return $result; |
||
433 | } |
||
434 | |||
435 | /** |
||
436 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
437 | * @param $value |
||
438 | * @return string |
||
439 | */ |
||
440 | function sql_escape($value) |
||
441 | { |
||
442 | global $db, $opt; |
||
443 | |||
444 | // convert the charset of $value |
||
445 | if ($opt['charset']['iconv'] != 'UTF-8') { |
||
446 | $value = iconv('UTF-8', $opt['charset']['iconv'], $value); |
||
447 | } |
||
448 | |||
449 | // establish db connection |
||
450 | if ($db['connected'] !== true) { |
||
451 | sql_connect(); |
||
452 | } |
||
453 | |||
454 | $value = mysql_real_escape_string($value, $db['dblink']); |
||
455 | $value = str_replace('&', '\&', $value); |
||
456 | |||
457 | return $value; |
||
458 | } |
||
459 | |||
460 | /** |
||
461 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
462 | * @param $value |
||
463 | * @return string |
||
464 | */ |
||
465 | function sql_escape_backtick($value) |
||
466 | { |
||
467 | $value = sql_escape($value); |
||
468 | $value = str_replace('`', '``', $value); |
||
469 | |||
470 | return $value; |
||
471 | } |
||
472 | |||
473 | /** |
||
474 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
475 | * @param $sql |
||
476 | * @param $default |
||
477 | * @return mixed |
||
478 | */ |
||
479 | View Code Duplication | function sql_value($sql, $default) |
|
480 | { |
||
481 | $args = func_get_args(); |
||
482 | unset($args[0], $args[1]); |
||
483 | |||
484 | if (isset($args[2]) && is_array($args[2])) { |
||
485 | $tmp_args = $args[2]; |
||
486 | unset($args); |
||
487 | |||
488 | // correct indices |
||
489 | $args = array_merge([0], $tmp_args); |
||
490 | unset($tmp_args, $args[0]); |
||
491 | } |
||
492 | |||
493 | return sql_value_internal(false, $sql, $default, $args); |
||
494 | } |
||
495 | |||
496 | /** |
||
497 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
498 | * @param $sql |
||
499 | * @param $default |
||
500 | * @return mixed |
||
501 | */ |
||
502 | View Code Duplication | function sql_value_slave($sql, $default) |
|
503 | { |
||
504 | $args = func_get_args(); |
||
505 | unset($args[0], $args[1]); |
||
506 | |||
507 | if (isset($args[2]) && is_array($args[2])) { |
||
508 | $tmp_args = $args[2]; |
||
509 | unset($args); |
||
510 | |||
511 | // correct indices |
||
512 | $args = array_merge([0], $tmp_args); |
||
513 | unset($tmp_args, $args[0]); |
||
514 | } |
||
515 | |||
516 | return sql_value_internal(true, $sql, $default, $args); |
||
517 | } |
||
518 | |||
519 | /** |
||
520 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
521 | * @param bool $bQuerySlave |
||
522 | * @param $sql |
||
523 | * @param $default |
||
524 | * @return mixed |
||
525 | */ |
||
526 | function sql_value_internal($bQuerySlave, $sql, $default) |
||
527 | { |
||
528 | $args = func_get_args(); |
||
529 | unset($args[0], $args[1], $args[2]); |
||
530 | |||
531 | /* as an option, you can give as third parameter an array |
||
532 | * with all values for the placeholder. The array has to be |
||
533 | * with numeric indices. |
||
534 | */ |
||
535 | if (isset($args[3]) && is_array($args[3])) { |
||
536 | $tmp_args = $args[3]; |
||
537 | unset($args); |
||
538 | |||
539 | // correct indices |
||
540 | $args = array_merge([0], $tmp_args); |
||
541 | unset($tmp_args, $args[0]); |
||
542 | } |
||
543 | |||
544 | if ($bQuerySlave == true) { |
||
545 | $rs = sql_slave($sql, $args); |
||
546 | } else { |
||
547 | $rs = sql($sql, $args); |
||
548 | } |
||
549 | |||
550 | $r = sql_fetch_row($rs); |
||
551 | sql_free_result($rs); |
||
552 | |||
553 | if ($r) { |
||
554 | if ($r[0] == null) { |
||
555 | return $default; |
||
556 | } |
||
557 | |||
558 | return $r[0]; |
||
559 | } |
||
560 | |||
561 | return $default; |
||
562 | } |
||
563 | |||
564 | /* |
||
565 | Replacement for builtin MySQL functions |
||
566 | (includes database charset conversion) |
||
567 | */ |
||
568 | /** |
||
569 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
570 | * @param $rs |
||
571 | * @return array |
||
572 | */ |
||
573 | View Code Duplication | function sql_fetch_array($rs) |
|
574 | { |
||
575 | global $opt; |
||
576 | $retval = mysql_fetch_array($rs); |
||
577 | if (is_array($retval)) { |
||
578 | if ($opt['charset']['iconv'] != 'UTF-8') { |
||
579 | foreach ($retval as $k => $v) { |
||
580 | $retval[$k] = iconv($opt['charset']['iconv'], 'UTF-8', $v); |
||
581 | } |
||
582 | } |
||
583 | } |
||
584 | |||
585 | return $retval; |
||
586 | } |
||
587 | |||
588 | /** |
||
589 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
590 | * @param $rs |
||
591 | * @return array |
||
592 | */ |
||
593 | View Code Duplication | function sql_fetch_assoc($rs) |
|
594 | { |
||
595 | global $opt; |
||
596 | $retval = mysql_fetch_assoc($rs); |
||
597 | if (is_array($retval)) { |
||
598 | if ($opt['charset']['iconv'] != 'UTF-8') { |
||
599 | foreach ($retval as $k => $v) { |
||
600 | $retval[$k] = iconv($opt['charset']['iconv'], 'UTF-8', $v); |
||
601 | } |
||
602 | } |
||
603 | } |
||
604 | |||
605 | return $retval; |
||
606 | } |
||
607 | |||
608 | /** |
||
609 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
610 | * @param resource $rs |
||
611 | * @return array |
||
612 | */ |
||
613 | function sql_fetch_assoc_table($rs) |
||
614 | { |
||
615 | $result = []; |
||
616 | while ($r = sql_fetch_assoc($rs)) { |
||
617 | $result[] = $r; |
||
618 | } |
||
619 | sql_free_result($rs); |
||
620 | |||
621 | return $result; |
||
622 | } |
||
623 | |||
624 | // returns false if no more matching rows exist |
||
625 | /** |
||
626 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
627 | * @param resource $rs |
||
628 | * @return array |
||
629 | */ |
||
630 | View Code Duplication | function sql_fetch_row($rs) |
|
631 | { |
||
632 | global $opt; |
||
633 | $retval = mysql_fetch_row($rs); |
||
634 | if (is_array($retval)) { |
||
635 | if ($opt['charset']['iconv'] != 'UTF-8') { |
||
636 | foreach ($retval as $k => $v) { |
||
637 | $retval[$k] = iconv($opt['charset']['iconv'], 'UTF-8', $v); |
||
638 | } |
||
639 | } |
||
640 | } |
||
641 | |||
642 | return $retval; |
||
643 | } |
||
644 | |||
645 | /** |
||
646 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
647 | * @param $rs |
||
648 | * @return array |
||
649 | */ |
||
650 | function sql_fetch_column($rs) |
||
651 | { |
||
652 | global $opt; |
||
653 | $result = []; |
||
654 | while ($r = mysql_fetch_row($rs)) { |
||
655 | if ($opt['charset']['iconv'] != 'UTF-8') { |
||
656 | $result[] = iconv($opt['charset']['iconv'], 'UTF-8', $r[0]); |
||
657 | } else { |
||
658 | $result[] = $r[0]; |
||
659 | } |
||
660 | } |
||
661 | sql_free_result($rs); |
||
662 | |||
663 | return $result; |
||
664 | } |
||
665 | |||
666 | /** |
||
667 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
668 | * @return int |
||
669 | */ |
||
670 | function sql_affected_rows() |
||
671 | { |
||
672 | global $db; |
||
673 | |||
674 | return mysql_affected_rows($db['dblink']); |
||
675 | } |
||
676 | |||
677 | /** |
||
678 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
679 | * @return int |
||
680 | */ |
||
681 | function sql_affected_rows_slave() |
||
682 | { |
||
683 | global $db; |
||
684 | |||
685 | return mysql_affected_rows($db['dblink_slave']); |
||
686 | } |
||
687 | |||
688 | /** |
||
689 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
690 | * @param $rs |
||
691 | * @return bool |
||
692 | */ |
||
693 | function sql_free_result($rs) |
||
694 | { |
||
695 | return mysql_free_result($rs); |
||
696 | } |
||
697 | |||
698 | /** |
||
699 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
700 | * @return int |
||
701 | */ |
||
702 | function sql_insert_id() |
||
703 | { |
||
704 | global $db; |
||
705 | |||
706 | return mysql_insert_id($db['dblink']); |
||
707 | } |
||
708 | |||
709 | /** |
||
710 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
711 | * @return int |
||
712 | */ |
||
713 | function sql_insert_id_slave() |
||
714 | { |
||
715 | global $db; |
||
716 | |||
717 | return mysql_insert_id($db['dblink_slave']); |
||
718 | } |
||
719 | |||
720 | /** |
||
721 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
722 | * @param resource $rs |
||
723 | * @return int |
||
724 | */ |
||
725 | function sql_num_rows($rs) |
||
726 | { |
||
727 | return mysql_num_rows($rs); |
||
728 | } |
||
729 | |||
730 | /** |
||
731 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
732 | * @param string $table |
||
733 | */ |
||
734 | function sql_temp_table($table) |
||
735 | { |
||
736 | global $db, $opt; |
||
737 | |||
738 | if ($db['connected'] == false) { |
||
739 | sql_connect(); |
||
740 | } |
||
741 | |||
742 | if ($opt['db']['pconnect'] == true) { |
||
743 | if ($db['temptable_initialized'] == false) { |
||
744 | $rs = sqlf( |
||
745 | "SELECT `threadid`, `name` FROM &db.`sys_temptables` WHERE `threadid`='&1'", |
||
746 | mysql_thread_id($db['dblink']) |
||
747 | ); |
||
748 | while ($r = sql_fetch_assoc($rs)) { |
||
749 | sqlf('DROP TEMPORARY TABLE IF EXISTS &tmpdb.`&1`', $r['name']); |
||
750 | } |
||
751 | sql_free_result($rs); |
||
752 | sqlf("DELETE FROM &db.`sys_temptables` WHERE `threadid`='&1'", mysql_thread_id($db['dblink'])); |
||
753 | |||
754 | $db['temptable_initialized'] = true; |
||
755 | } |
||
756 | |||
757 | sqlf( |
||
758 | "INSERT IGNORE INTO &db.`sys_temptables` (`threadid`, `name`) VALUES ('&1', '&2')", |
||
759 | mysql_thread_id($db['dblink']), |
||
760 | $table |
||
761 | ); |
||
762 | } |
||
763 | |||
764 | $db['temptables'][$table] = $table; |
||
765 | } |
||
766 | |||
767 | /** |
||
768 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
769 | * @param string $table |
||
770 | */ |
||
771 | View Code Duplication | function sql_temp_table_slave($table) |
|
772 | { |
||
773 | global $db, $opt; |
||
774 | |||
775 | if ($db['dblink_slave'] === false) { |
||
776 | sql_connect_anyslave(); |
||
777 | } |
||
778 | |||
779 | if ($opt['db']['pconnect'] === true) { |
||
780 | sqlf_slave( |
||
781 | "INSERT IGNORE INTO &db.`sys_temptables` (`threadid`, `name`) VALUES ('&1', '&2')", |
||
782 | mysql_thread_id($db['dblink_slave']), |
||
783 | $table |
||
784 | ); |
||
785 | } |
||
786 | |||
787 | $db['temptables'][$table] = $table; |
||
788 | $db['temptables_slave'][$table] = $table; |
||
789 | } |
||
790 | |||
791 | /** |
||
792 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
793 | * @param string $table |
||
794 | */ |
||
795 | View Code Duplication | function sql_drop_temp_table($table) |
|
796 | { |
||
797 | global $db, $opt; |
||
798 | |||
799 | sqlf('DROP TEMPORARY TABLE IF EXISTS &tmpdb.`&1`', $table); |
||
800 | |||
801 | if ($opt['db']['pconnect'] === true) { |
||
802 | sqlf( |
||
803 | "DELETE FROM &db.`sys_temptables` WHERE `threadid`='&1' AND `name`='&2'", |
||
804 | mysql_thread_id($db['dblink']), |
||
805 | $table |
||
806 | ); |
||
807 | } |
||
808 | |||
809 | unset($db['temptables'][$table]); |
||
810 | } |
||
811 | |||
812 | /** |
||
813 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
814 | * @param $table |
||
815 | * @param $newname |
||
816 | */ |
||
817 | View Code Duplication | function sql_rename_temp_table($table, $newname) |
|
818 | { |
||
819 | global $db, $opt; |
||
820 | |||
821 | if ($opt['db']['pconnect'] === true) { |
||
822 | sqlf( |
||
823 | "UPDATE &db.`sys_temptables` SET `name`='&3' WHERE `threadid`='&1' AND `name`='&2'", |
||
824 | mysql_thread_id($db['dblink']), |
||
825 | $table, |
||
826 | $newname |
||
827 | ); |
||
828 | } |
||
829 | |||
830 | sqlf('ALTER TABLE &tmpdb.`&1` RENAME &tmpdb.`&2`', $table, $newname); |
||
831 | |||
832 | unset($db['temptables'][$table]); |
||
833 | $db['temptables'][$newname] = $newname; |
||
834 | } |
||
835 | |||
836 | /** |
||
837 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
838 | * @param string $table |
||
839 | */ |
||
840 | View Code Duplication | function sql_drop_temp_table_slave($table) |
|
841 | { |
||
842 | global $db, $opt; |
||
843 | |||
844 | sqlf_slave('DROP TEMPORARY TABLE IF EXISTS &tmpdb.`&1`', $table); |
||
845 | |||
846 | if ($opt['db']['pconnect'] === true) { |
||
847 | sqlf_slave( |
||
848 | "DELETE FROM &db.`sys_temptables` WHERE `threadid`='&1' AND `name`='&2'", |
||
849 | mysql_thread_id($db['dblink']), |
||
850 | $table |
||
851 | ); |
||
852 | } |
||
853 | |||
854 | unset($db['temptables'][$table], $db['temptables_slave'][$table]); |
||
855 | } |
||
856 | |||
857 | /** |
||
858 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
859 | * @param $table |
||
860 | * @param $newname |
||
861 | */ |
||
862 | function sql_rename_temp_table_slave($table, $newname) |
||
863 | { |
||
864 | global $db, $opt; |
||
865 | |||
866 | if ($opt['db']['pconnect'] === true) { |
||
867 | sqlf( |
||
868 | "UPDATE &db.`sys_temptables` SET `name`='&3' WHERE `threadid`='&1' AND `name`='&2'", |
||
869 | mysql_thread_id($db['dblink']), |
||
870 | $table, |
||
871 | $newname |
||
872 | ); |
||
873 | } |
||
874 | |||
875 | sqlf_slave('ALTER TABLE &tmpdb.`&1` RENAME &tmpdb.`&2`', $table, $newname); |
||
876 | |||
877 | unset($db['temptables'][$table], $db['temptables_slave'][$table]); |
||
878 | $db['temptables'][$newname] = $newname; |
||
879 | $db['temptables_slave'][$newname] = $newname; |
||
880 | } |
||
881 | |||
882 | //database handling |
||
883 | /** |
||
884 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
885 | * @param null $username |
||
886 | * @param null $password |
||
887 | * @param bool $raiseError |
||
888 | */ |
||
889 | function sql_connect($username = null, $password = null, $raiseError = true) |
||
890 | { |
||
891 | global $opt, $db; |
||
892 | |||
893 | if ($username === null) { |
||
894 | $username = $opt['db']['username']; |
||
895 | } |
||
896 | if ($password === null) { |
||
897 | $password = $opt['db']['password']; |
||
898 | } |
||
899 | |||
900 | //connect to the database by the given method - no php error reporting! |
||
901 | View Code Duplication | if ($opt['db']['pconnect'] === true) { |
|
902 | $db['dblink'] = @mysql_pconnect($opt['db']['servername'], $username, $password); |
||
903 | } else { |
||
904 | $db['dblink'] = @mysql_connect($opt['db']['servername'], $username, $password); |
||
905 | } |
||
906 | |||
907 | if ($db['dblink'] !== false) { |
||
908 | mysql_query( |
||
909 | "SET NAMES '" . mysql_real_escape_string($opt['charset']['mysql'], $db['dblink']) . "'", |
||
910 | $db['dblink'] |
||
911 | ); |
||
912 | |||
913 | //database connection established ... set the used database |
||
914 | if (@mysql_select_db($opt['db']['placeholder']['db'], $db['dblink']) === false) { |
||
915 | //error while setting the database ... disconnect |
||
916 | sql_disconnect(); |
||
917 | $db['dblink'] = false; |
||
918 | } |
||
919 | } |
||
920 | |||
921 | // output the error form if there was an error |
||
922 | if ($db['dblink'] === false) { |
||
923 | if ($raiseError === true) { |
||
924 | sql_error(); |
||
925 | } |
||
926 | } else { |
||
927 | $db['connected'] = true; |
||
928 | } |
||
929 | } |
||
930 | |||
931 | /** |
||
932 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
933 | */ |
||
934 | function sql_slave_exclude() |
||
935 | { |
||
936 | global $login; |
||
937 | if ($login->userid == 0) { |
||
938 | return; |
||
939 | } |
||
940 | |||
941 | sql( |
||
942 | "INSERT INTO `sys_repl_exclude` (`user_id`, `datExclude`) VALUES ('&1', NOW()) |
||
943 | ON DUPLICATE KEY UPDATE `datExclude`=NOW()", |
||
944 | $login->userid |
||
945 | ); |
||
946 | } |
||
947 | |||
948 | /** |
||
949 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
950 | */ |
||
951 | function sql_connect_anyslave() |
||
952 | { |
||
953 | global $db, $opt, $login; |
||
954 | |||
955 | if ($db['dblink_slave'] !== false) { |
||
956 | return; |
||
957 | } |
||
958 | |||
959 | $nMaxTimeDiff = $opt['db']['slave']['max_behind']; |
||
960 | if ($login->userid != 0) { |
||
961 | $nMaxTimeDiff = sql_value( |
||
962 | "SELECT TIMESTAMP(NOW())-TIMESTAMP(`datExclude`) |
||
963 | FROM `sys_repl_exclude` |
||
964 | WHERE `user_id`='&1'", |
||
965 | $opt['db']['slave']['max_behind'], |
||
966 | $login->userid |
||
967 | ); |
||
968 | View Code Duplication | if ($nMaxTimeDiff > $opt['db']['slave']['max_behind']) { |
|
969 | $nMaxTimeDiff = $opt['db']['slave']['max_behind']; |
||
970 | } |
||
971 | } |
||
972 | |||
973 | $id = sqlf_value( |
||
974 | "SELECT `id`, `weight`*RAND() AS `w` |
||
975 | FROM `sys_repl_slaves` |
||
976 | WHERE `active`= 1 |
||
977 | AND `online`= 1 |
||
978 | AND (TIMESTAMP(NOW())-TIMESTAMP(`last_check`)+`time_diff`<'&1') |
||
979 | ORDER BY `w` DESC LIMIT 1", |
||
980 | -1, |
||
981 | $nMaxTimeDiff |
||
982 | ); |
||
983 | |||
984 | sql_connect_slave($id); |
||
985 | } |
||
986 | |||
987 | /** |
||
988 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
989 | */ |
||
990 | function sql_connect_master_as_slave() |
||
991 | { |
||
992 | global $db; |
||
993 | |||
994 | // the right slave is connected |
||
995 | if ($db['dblink_slave'] !== false) { |
||
996 | sql_error(); |
||
997 | |||
998 | return; |
||
999 | } |
||
1000 | |||
1001 | // use existing master connection |
||
1002 | $db['slave_id'] = -1; |
||
1003 | $db['dblink_slave'] = $db['dblink']; |
||
1004 | $db['slave_server'] = 'master'; |
||
1005 | } |
||
1006 | |||
1007 | /** |
||
1008 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1009 | * @param $id |
||
1010 | */ |
||
1011 | function sql_connect_slave($id) |
||
1012 | { |
||
1013 | global $opt, $db; |
||
1014 | |||
1015 | if ($id == -1) { |
||
1016 | sql_connect_master_as_slave(); |
||
1017 | |||
1018 | return; |
||
1019 | } |
||
1020 | |||
1021 | // the right slave is connected |
||
1022 | if ($db['dblink_slave'] !== false) { |
||
1023 | // TODO: disconnect if other slave is connected |
||
1024 | if ($db['slave_id'] != $id) { |
||
1025 | sql_error(); |
||
1026 | } |
||
1027 | |||
1028 | return; |
||
1029 | } |
||
1030 | |||
1031 | $db['slave_id'] = $id; |
||
1032 | $slave = $opt['db']['slaves'][$id]; |
||
1033 | |||
1034 | // for display in SQL debugger |
||
1035 | $db['slave_server'] = $slave['server']; |
||
1036 | |||
1037 | View Code Duplication | if ($opt['db']['pconnect'] === true) { |
|
1038 | $db['dblink_slave'] = @mysql_pconnect($slave['server'], $slave['username'], $slave['password']); |
||
1039 | } else { |
||
1040 | $db['dblink_slave'] = @mysql_connect($slave['server'], $slave['username'], $slave['password']); |
||
1041 | } |
||
1042 | |||
1043 | if ($db['dblink_slave'] !== false) { |
||
1044 | if (mysql_select_db($opt['db']['placeholder']['db'], $db['dblink_slave']) === false) { |
||
1045 | sql_error(); |
||
1046 | } |
||
1047 | |||
1048 | mysql_query( |
||
1049 | "SET NAMES '" . mysql_real_escape_string($opt['charset']['mysql'], $db['dblink_slave']) . "'", |
||
1050 | $db['dblink_slave'] |
||
1051 | ); |
||
1052 | |||
1053 | // initialize temp tables on slave server |
||
1054 | $rs = sqlf_slave( |
||
1055 | "SELECT `threadid`, `name` FROM `sys_temptables` WHERE `threadid`='&1'", |
||
1056 | mysql_thread_id($db['dblink_slave']) |
||
1057 | ); |
||
1058 | while ($r = sql_fetch_assoc($rs)) { |
||
1059 | sqlf_slave('DROP TEMPORARY TABLE IF EXISTS &tmpdb.`&1`', $r['name']); |
||
1060 | } |
||
1061 | sql_free_result($rs); |
||
1062 | sqlf_slave("DELETE FROM &db.`sys_temptables` WHERE `threadid`='&1'", mysql_thread_id($db['dblink_slave'])); |
||
1063 | } else { |
||
1064 | sql_error(); |
||
1065 | } |
||
1066 | } |
||
1067 | |||
1068 | /** |
||
1069 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1070 | * @return bool |
||
1071 | */ |
||
1072 | function sql_connect_maintenance() |
||
1073 | { |
||
1074 | global $tpl, $db, $opt; |
||
1075 | |||
1076 | sql_connect($opt['db']['maintenance_user'], $opt['db']['maintenance_password'], false); |
||
1077 | if ($db['dblink'] === false) { |
||
1078 | sql_disconnect(); |
||
1079 | sql_connect(); |
||
1080 | if ($db['connected'] === false) { |
||
1081 | $tpl->error(ERROR_DB_COULD_NOT_RECONNECT); |
||
1082 | } |
||
1083 | |||
1084 | return false; |
||
1085 | } |
||
1086 | |||
1087 | return true; |
||
1088 | } |
||
1089 | |||
1090 | /** |
||
1091 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1092 | * disconnect the database |
||
1093 | */ |
||
1094 | function sql_disconnect() |
||
1095 | { |
||
1096 | global $opt, $db; |
||
1097 | sql_disconnect_slave(); |
||
1098 | |||
1099 | if ($db['dblink'] !== false && $opt['db']['pconnect'] === true) { |
||
1100 | if (count($db['temptables']) > 0) { |
||
1101 | foreach ($db['temptables'] as $table) { |
||
1102 | sqlf('DROP TEMPORARY TABLE IF EXISTS &tmpdb.`&1`', $table); |
||
1103 | } |
||
1104 | |||
1105 | sqlf("DELETE FROM &db.`sys_temptables` WHERE `threadid`='&1'", mysql_thread_id($db['dblink'])); |
||
1106 | $db['temptables'] = []; |
||
1107 | $db['temptables_slave'] = []; |
||
1108 | } |
||
1109 | } |
||
1110 | |||
1111 | if ($db['dblink'] === $db['dblink_slave']) { |
||
1112 | $db['dblink_slave'] = false; |
||
1113 | } |
||
1114 | |||
1115 | //is connected and no persistent connect used? |
||
1116 | if ($db['dblink'] !== false && $opt['db']['pconnect'] === false) { |
||
1117 | mysql_close($db['dblink']); |
||
1118 | $db['dblink'] = false; |
||
1119 | $db['connected'] = false; |
||
1120 | } |
||
1121 | } |
||
1122 | |||
1123 | /** |
||
1124 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1125 | * disconnect the database |
||
1126 | */ |
||
1127 | function sql_disconnect_slave() |
||
1128 | { |
||
1129 | global $opt, $db; |
||
1130 | |||
1131 | if ($db['dblink_slave'] === false) { |
||
1132 | return; |
||
1133 | } |
||
1134 | |||
1135 | if ($db['dblink'] !== false && $opt['db']['pconnect'] === true) { |
||
1136 | if (count($db['temptables']) > 0) { |
||
1137 | foreach ($db['temptables'] as $k => $table) { |
||
1138 | if (isset($db['temptables_slave'][$table])) { |
||
1139 | sqlf_slave('DROP TEMPORARY TABLE IF EXISTS &tmpdb.`&1`', $table); |
||
1140 | unset($db['temptables_slave'][$table], $db['temptables'][$k]); |
||
1141 | } |
||
1142 | } |
||
1143 | |||
1144 | if (count($db['temptables_slave']) > 0) { |
||
1145 | sqlf_slave( |
||
1146 | "DELETE FROM &db.`sys_temptables` WHERE `threadid`='&1'", |
||
1147 | mysql_thread_id($db['dblink_slave']) |
||
1148 | ); |
||
1149 | } |
||
1150 | $db['temptables_slave'] = []; |
||
1151 | } |
||
1152 | } |
||
1153 | |||
1154 | if ($db['dblink'] === $db['dblink_slave']) { |
||
1155 | $db['dblink_slave'] = false; |
||
1156 | |||
1157 | return; |
||
1158 | } |
||
1159 | |||
1160 | //is connected and no persistent connect used? |
||
1161 | if ($db['dblink_slave'] !== false && $opt['db']['pconnect'] === false) { |
||
1162 | mysql_close($db['dblink_slave']); |
||
1163 | } |
||
1164 | $db['dblink_slave'] = false; |
||
1165 | } |
||
1166 | |||
1167 | /** |
||
1168 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1169 | * @param string $sqlstatement |
||
1170 | */ |
||
1171 | function sql_error($sqlstatement = '') |
||
1172 | { |
||
1173 | global $tpl, $opt, $db; |
||
1174 | global $bSmartyNoTranslate; |
||
1175 | |||
1176 | $errno = mysql_errno(); |
||
1177 | $error = mysql_error(); |
||
1178 | if ($sqlstatement !== '') { |
||
1179 | $error .= "\n\nSQL statement: " . $sqlstatement; |
||
1180 | } |
||
1181 | |||
1182 | if ($db['error'] === true) { |
||
1183 | // database error recursion, because another error occurred while trying to |
||
1184 | // build the error template (e.g. because connection was lost, or an error mail |
||
1185 | // could not load translations from database) |
||
1186 | |||
1187 | View Code Duplication | if ($opt['db']['error']['display'] === true) { |
|
1188 | $errmsg = 'MySQL error recursion (' . $errno . '): ' . $error; |
||
1189 | } else { |
||
1190 | $errmsg = ''; |
||
1191 | } |
||
1192 | $errtitle = 'Datenbankfehler'; |
||
1193 | require __DIR__ . '/../html/error.php'; |
||
1194 | exit; |
||
0 ignored issues
–
show
The function sql_error() contains an exit expression.
An exit expression should only be used in rare cases. For example, if you write a short command line script. In most cases however, using an
Loading history...
|
|||
1195 | } |
||
1196 | $db['error'] = true; |
||
1197 | |||
1198 | if ($db['connected'] === false) { |
||
1199 | $bSmartyNoTranslate = true; |
||
1200 | } |
||
1201 | |||
1202 | if ($opt['db']['error']['mail'] != '') { |
||
1203 | $subject = '[' . $opt['page']['domain'] . '] SQL error'; |
||
1204 | if (admin_errormail( |
||
1205 | $opt['db']['error']['mail'], |
||
1206 | $subject, |
||
1207 | str_replace("\n", "\r\n", $error) . "\n" . print_r(debug_backtrace(), true), |
||
1208 | 'From: ' . $opt['mail']['from'] |
||
1209 | )) { |
||
1210 | require_once __DIR__ . '/../lib2/mail.class.php'; |
||
1211 | |||
1212 | $mail = new mail(); |
||
1213 | $mail->subject = $subject; |
||
1214 | $mail->to = $opt['db']['error']['mail']; |
||
1215 | |||
1216 | $mail->name = 'sql_error'; |
||
1217 | |||
1218 | $mail->assign('errno', $errno); |
||
1219 | $mail->assign('error', str_replace("\n", "\r\n", $error)); |
||
1220 | $mail->assign('trace', print_r(debug_backtrace(), true)); |
||
1221 | |||
1222 | $mail->send(); |
||
1223 | $mail = null; |
||
0 ignored issues
–
show
$mail is not used, you could remove the assignment.
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value';
$higher = false;
if (rand(1, 6) > 3) {
$higher = true;
} else {
$higher = false;
}
Both the
Loading history...
|
|||
1224 | } |
||
1225 | } |
||
1226 | |||
1227 | if ($opt['gui'] === GUI_HTML) { |
||
1228 | if (isset($tpl)) { |
||
1229 | View Code Duplication | if ($opt['db']['error']['display'] === true) { |
|
1230 | $tpl->error('MySQL error (' . $errno . '): ' . $error); |
||
1231 | } else { |
||
1232 | $tpl->error('A database command could not be performed.'); |
||
1233 | } |
||
1234 | } else { |
||
1235 | if ($opt['db']['error']['display'] == true) { |
||
1236 | die( |
||
0 ignored issues
–
show
The function sql_error() contains an exit expression.
An exit expression should only be used in rare cases. For example, if you write a short command line script. In most cases however, using an
Loading history...
|
|||
1237 | '<html><body>' . htmlspecialchars( |
||
1238 | 'MySQL error (' . $errno . '): ' . str_replace("\n,", '<br />', $error) |
||
1239 | ) . '</body></html>' |
||
1240 | ); |
||
1241 | } |
||
1242 | die('<html><body>A database command could not be performed</body></html>'); |
||
0 ignored issues
–
show
The function sql_error() contains an exit expression.
An exit expression should only be used in rare cases. For example, if you write a short command line script. In most cases however, using an
Loading history...
|
|||
1243 | } |
||
1244 | } else { |
||
1245 | // CLI script, simple text output |
||
1246 | if ($opt['db']['error']['display'] === true) { |
||
1247 | die('MySQL error (' . $errno . '): ' . $error . "\n"); |
||
0 ignored issues
–
show
The function sql_error() contains an exit expression.
An exit expression should only be used in rare cases. For example, if you write a short command line script. In most cases however, using an
Loading history...
|
|||
1248 | } |
||
1249 | die("A database command could not be performed.\n"); |
||
0 ignored issues
–
show
The function sql_error() contains an exit expression.
An exit expression should only be used in rare cases. For example, if you write a short command line script. In most cases however, using an
Loading history...
|
|||
1250 | } |
||
1251 | } |
||
1252 | |||
1253 | /** |
||
1254 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1255 | * @param $warnmessage |
||
1256 | */ |
||
1257 | function sql_warn($warnmessage) |
||
1258 | { |
||
1259 | global $opt; |
||
1260 | |||
1261 | if ($opt['db']['error']['mail'] != '') { |
||
1262 | $subject = '[' . $opt['page']['domain'] . '] SQL error'; |
||
1263 | if (admin_errormail( |
||
1264 | $opt['db']['error']['mail'], |
||
1265 | $subject, |
||
1266 | $warnmessage . "\n" . print_r(debug_backtrace(), true), |
||
1267 | 'From: ' . $opt['mail']['from'] |
||
1268 | )) { |
||
1269 | require_once __DIR__ . '/../lib2/mail.class.php'; |
||
1270 | $mail = new mail(); |
||
1271 | $mail->name = 'sql_warn'; |
||
1272 | $mail->subject = $subject; |
||
1273 | $mail->to = $opt['db']['warn']['mail']; |
||
1274 | |||
1275 | $mail->assign('warnmessage', $warnmessage); |
||
1276 | $mail->assign('trace', print_r(debug_backtrace(), true)); |
||
1277 | |||
1278 | $mail->send(); |
||
1279 | $mail = null; |
||
0 ignored issues
–
show
$mail is not used, you could remove the assignment.
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value';
$higher = false;
if (rand(1, 6) > 3) {
$higher = true;
} else {
$higher = false;
}
Both the
Loading history...
|
|||
1280 | } |
||
1281 | } |
||
1282 | } |
||
1283 | |||
1284 | /** |
||
1285 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1286 | * @param $f |
||
1287 | * @param resource $rs |
||
1288 | * @param $table |
||
1289 | * @param bool $truncate |
||
1290 | */ |
||
1291 | function sql_export_recordset($f, $rs, $table, $truncate = true) |
||
1292 | { |
||
1293 | fwrite($f, "SET NAMES 'utf8';\n"); |
||
1294 | |||
1295 | if ($truncate == true) { |
||
1296 | fwrite($f, 'TRUNCATE TABLE `' . sql_escape($table) . "`;\n"); |
||
1297 | } |
||
1298 | |||
1299 | while ($r = sql_fetch_assoc($rs)) { |
||
1300 | $fields = []; |
||
1301 | $values = []; |
||
1302 | |||
1303 | foreach ($r as $k => $v) { |
||
1304 | $fields[] = '`' . sql_escape($k) . '`'; |
||
1305 | if ($v === null) { |
||
1306 | $values[] = 'NULL'; |
||
1307 | } else { |
||
1308 | $values[] = "'" . sql_escape($v) . "'"; |
||
1309 | } |
||
1310 | } |
||
1311 | unset($r); |
||
1312 | |||
1313 | fwrite( |
||
1314 | $f, |
||
1315 | 'INSERT INTO `' . sql_escape($table) . '` (' . implode(', ', $fields) . ')' |
||
1316 | . ' VALUES (' . implode(', ', $values) . ");\n" |
||
1317 | ); |
||
1318 | } |
||
1319 | } |
||
1320 | |||
1321 | /** |
||
1322 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1323 | * @param resource $f |
||
1324 | * @param $table |
||
1325 | */ |
||
1326 | function sql_export_table($f, $table) |
||
1327 | { |
||
1328 | $primary = []; |
||
1329 | $rsIndex = sql('SHOW INDEX FROM `&1`', $table); |
||
1330 | while ($r = sql_fetch_assoc($rsIndex)) { |
||
1331 | if ($r['Key_name'] == 'PRIMARY') { |
||
1332 | $primary[] = '`' . sql_escape($r['Column_name']) . '` ASC'; |
||
1333 | } |
||
1334 | } |
||
1335 | sql_free_result($rsIndex); |
||
1336 | |||
1337 | $sql = 'SELECT * FROM `' . sql_escape($table) . '`'; |
||
1338 | if (count($primary) > 0) { |
||
1339 | $sql .= ' ORDER BY ' . implode(', ', $primary); |
||
1340 | } |
||
1341 | |||
1342 | $rs = sql($sql); |
||
1343 | sql_export_recordset($f, $rs, $table); |
||
1344 | sql_free_result($rs); |
||
1345 | } |
||
1346 | |||
1347 | /** |
||
1348 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1349 | * @param string $filename |
||
1350 | * @param string[] $tables |
||
1351 | */ |
||
1352 | function sql_export_tables_to_file($filename, $tables) |
||
1353 | { |
||
1354 | $f = fopen($filename, 'w'); |
||
1355 | |||
1356 | fwrite($f, "-- Content of tables:\n"); |
||
1357 | |||
1358 | foreach ($tables as $t) { |
||
1359 | fwrite($f, "-- $t\n"); |
||
1360 | } |
||
1361 | fwrite($f, "\n"); |
||
1362 | |||
1363 | foreach ($tables as $t) { |
||
1364 | fwrite($f, "-- Table $t\n"); |
||
1365 | sql_export_table($f, $t); |
||
1366 | fwrite($f, "\n"); |
||
1367 | } |
||
1368 | |||
1369 | fclose($f); |
||
1370 | } |
||
1371 | |||
1372 | /** |
||
1373 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1374 | * @param $filename |
||
1375 | * @param $table |
||
1376 | */ |
||
1377 | function sql_export_table_to_file($filename, $table) |
||
1378 | { |
||
1379 | $f = fopen($filename, 'w'); |
||
1380 | sql_export_table($f, $table); |
||
1381 | fclose($f); |
||
1382 | } |
||
1383 | |||
1384 | /** |
||
1385 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1386 | * @param resource $f |
||
1387 | * @param $table |
||
1388 | */ |
||
1389 | function sql_export_structure($f, $table) |
||
1390 | { |
||
1391 | $rs = sql('SHOW CREATE TABLE `&1`', $table); |
||
1392 | $r = sql_fetch_array($rs); |
||
1393 | sql_free_result($rs); |
||
1394 | |||
1395 | $sTableSql = $r[1]; |
||
1396 | $sTableSql = preg_replace('/ AUTO_INCREMENT=[0-9]{1,} /', ' ', $sTableSql); |
||
1397 | $sTableSql = preg_replace("/,\n +?(KEY )?`okapi_syncbase`.+?(,)?\n/", "\\2\n", $sTableSql); |
||
1398 | |||
1399 | fwrite($f, "SET NAMES 'utf8';\n"); |
||
1400 | fwrite($f, 'DROP TABLE IF EXISTS `' . sql_escape($table) . "`;\n"); |
||
1401 | fwrite($f, $sTableSql . " ;\n"); |
||
1402 | } |
||
1403 | |||
1404 | /** |
||
1405 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1406 | * @param string $filename |
||
1407 | * @param $table |
||
1408 | */ |
||
1409 | function sql_export_structure_to_file($filename, $table) |
||
1410 | { |
||
1411 | $f = fopen($filename, 'w'); |
||
1412 | sql_export_structure($f, $table); |
||
1413 | fclose($f); |
||
1414 | } |
||
1415 | |||
1416 | // test if a database table exists |
||
1417 | /** |
||
1418 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1419 | * @param $table |
||
1420 | * @return bool |
||
1421 | */ |
||
1422 | function sql_table_exists($table) |
||
1423 | { |
||
1424 | global $opt; |
||
1425 | |||
1426 | return sql_value( |
||
1427 | "SELECT COUNT(*) |
||
1428 | FROM `information_schema`.`tables` |
||
1429 | WHERE `table_schema`='&1' AND `table_name`='&2'", |
||
1430 | 0, |
||
1431 | $opt['db']['placeholder']['db'], |
||
1432 | $table |
||
1433 | ) > 0; |
||
1434 | } |
||
1435 | |||
1436 | // test if a database field exists |
||
1437 | /** |
||
1438 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1439 | * @param $table |
||
1440 | * @param $field |
||
1441 | * @return bool |
||
1442 | */ |
||
1443 | function sql_field_exists($table, $field) |
||
1444 | { |
||
1445 | global $opt; |
||
1446 | |||
1447 | return sql_value( |
||
1448 | "SELECT COUNT(*) |
||
1449 | FROM `information_schema`.`columns` |
||
1450 | WHERE `table_schema`='&1' AND `table_name`='&2' AND `column_name`='&3'", |
||
1451 | 0, |
||
1452 | $opt['db']['placeholder']['db'], |
||
1453 | $table, |
||
1454 | $field |
||
1455 | ) > 0; |
||
1456 | } |
||
1457 | |||
1458 | // get type of a database field |
||
1459 | /** |
||
1460 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1461 | * @param $table |
||
1462 | * @param $field |
||
1463 | * @return string |
||
1464 | */ |
||
1465 | function sql_field_type($table, $field) |
||
1466 | { |
||
1467 | global $opt; |
||
1468 | |||
1469 | return strtoupper( |
||
1470 | sql_value( |
||
1471 | "SELECT `data_type` |
||
1472 | FROM `information_schema`.`columns` |
||
1473 | WHERE `table_schema`='&1' AND `table_name`='&2' AND `column_name`='&3'", |
||
1474 | '', |
||
1475 | $opt['db']['placeholder']['db'], |
||
1476 | $table, |
||
1477 | $field |
||
1478 | ) |
||
1479 | ); |
||
1480 | } |
||
1481 | |||
1482 | // test if a database index exists |
||
1483 | /** |
||
1484 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1485 | * @param $table |
||
1486 | * @param $index |
||
1487 | * @return bool |
||
1488 | */ |
||
1489 | function sql_index_exists($table, $index) |
||
1490 | { |
||
1491 | global $opt; |
||
1492 | |||
1493 | return sql_value( |
||
1494 | "SELECT COUNT(*) |
||
1495 | FROM `information_schema`.`statistics` |
||
1496 | WHERE `table_schema`='&1' AND `table_name`='&2' AND `index_name`='&3'", |
||
1497 | 0, |
||
1498 | $opt['db']['placeholder']['db'], |
||
1499 | $table, |
||
1500 | $index |
||
1501 | ) > 0; |
||
1502 | } |
||
1503 | |||
1504 | // test if a function or procedure exists |
||
1505 | /** |
||
1506 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1507 | * @param string $type |
||
1508 | * @param $name |
||
1509 | * @return bool |
||
1510 | */ |
||
1511 | function sql_fp_exists($type, $name) |
||
1512 | { |
||
1513 | global $opt; |
||
1514 | |||
1515 | $rs = sql("SHOW $type STATUS LIKE '&1'", $name); |
||
1516 | $r = sql_fetch_assoc($rs); |
||
1517 | sql_free_result($rs); |
||
1518 | |||
1519 | return ($r && |
||
1520 | $r['Db'] == $opt['db']['placeholder']['db'] && |
||
1521 | $r['Name'] == $name && |
||
1522 | $r['Type'] == $type); |
||
1523 | } |
||
1524 | |||
1525 | // test if a function exists |
||
1526 | /** |
||
1527 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1528 | * @param $name |
||
1529 | * @return bool |
||
1530 | */ |
||
1531 | function sql_function_exists($name) |
||
1532 | { |
||
1533 | return sql_fp_exists('FUNCTION', $name); |
||
1534 | } |
||
1535 | |||
1536 | // delete a function |
||
1537 | /** |
||
1538 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1539 | * @param $name |
||
1540 | */ |
||
1541 | function sql_dropFunction($name) |
||
1542 | { |
||
1543 | sql('DROP FUNCTION IF EXISTS `&1`', $name); |
||
1544 | } |
||
1545 | |||
1546 | // test if a procedure exists |
||
1547 | /** |
||
1548 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1549 | * @param $name |
||
1550 | * @return bool |
||
1551 | */ |
||
1552 | function sql_procedure_exists($name) |
||
1553 | { |
||
1554 | return sql_fp_exists('PROCEDURE', $name); |
||
1555 | } |
||
1556 | |||
1557 | // delete a procedure |
||
1558 | /** |
||
1559 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1560 | * @param $name |
||
1561 | */ |
||
1562 | function sql_dropProcedure($name) |
||
1563 | { |
||
1564 | sql('DROP PROCEDURE IF EXISTS `&1`', $name); |
||
1565 | } |
||
1566 | |||
1567 | /** |
||
1568 | * @deprecated use DBAL Conenction instead. See adminreports.php for an example implementation |
||
1569 | * @param $triggername |
||
1570 | */ |
||
1571 | View Code Duplication | function sql_dropTrigger($triggername) |
|
1572 | { |
||
1573 | $rs = sql('SHOW TRIGGERS'); |
||
1574 | while ($r = sql_fetch_assoc($rs)) { |
||
1575 | if ($r['Trigger'] == $triggername) { |
||
1576 | sql('DROP TRIGGER `&1`', $triggername); |
||
1577 | |||
1578 | return; |
||
1579 | } |
||
1580 | } |
||
1581 | sql_free_result($rs); |
||
1582 | } |
||
1583 |
If you define a variable conditionally, it can happen that it is not defined for all execution paths.
Let’s take a look at an example:
In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined.
Available Fixes
Check for existence of the variable explicitly:
Define a default value for the variable:
Add a value for the missing path: