Issues in smartdbupdater.php (master) - Issues in master - XoopsModules25x/smartpartner - Measure and Improve Code Quality continuously with Scrutinizer

Issues (733)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

class/smartdbupdater.php (1 issue)

Labels

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * Detemines if a table exists in the current db
 *
 * @param  string $table the table name (without XOOPS prefix)
 * @return bool   True if table exists, false if not
 *
 * @access public
 * @author xhelp development team
 */

function smart_TableExists($table)
{
    $bRetVal = false;
    //Verifies that a MySQL table exists
    $xoopsDB  = XoopsDatabaseFactory::getDatabaseConnection();
    $realname = $xoopsDB->prefix($table);
    $sql      = 'SHOW TABLES FROM ' . XOOPS_DB_NAME;
    $ret      = $xoopsDB->queryF($sql);
    while (list($m_table) = $xoopsDB->fetchRow($ret)) {
        if ($m_table == $realname) {
            $bRetVal = true;
            break;
        }
    }
    $xoopsDB->freeRecordSet($ret);

    return $bRetVal;
}

/**
 * Contains the classes for updating database tables
 *
 * @license GNU
 * @author  marcan <[email protected]>
 * @link    http://www.smartfactory.ca The SmartFactory
 * @package SmartObject
 */

/**
 * SmartDbTable class
 *
 * Information about an individual table
 *
 * @package SmartObject
 * @author  marcan <[email protected]>
 * @link    http://www.smartfactory.ca The SmartFactory
 */
// defined('XOOPS_ROOT_PATH') || exit('XOOPS root path not defined');

/**
 * Include the language constants for the SmartObjectDBUpdater
 */
global $xoopsConfig;
$common_file = XOOPS_ROOT_PATH . '/modules/smartsection/language/' . $xoopsConfig['language'] . '/smartdbupdater.php';
if (!file_exists($common_file)) {
    $common_file = XOOPS_ROOT_PATH . '/modules/smartsection/language/english/smartdbupdater.php';
}

include($common_file);

/**
 * Class SmartDbTable
 */
class SmartDbTable
{
    /**
     * @var string $_name name of the table
     */
    public $_name;

    /**
     * @var string $_structure structure of the table
     */
    public $_structure;

    /**
     * @var array $_data containing valued of each records to be added
     */
    public $_data;

    /**
     * @var array $_alteredFields containing fields to be altered
     */
    public $_alteredFields;

    /**
     * @var array $_newFields containing new fields to be added
     */
    public $_newFields;

    /**
     * @var array $_droppedFields containing fields to be dropped
     */
    public $_droppedFields;

    /**
     * @var array $_flagForDrop flag table to drop it
     */
    public $_flagForDrop = false;

    /**
     * @var array $_updatedFields containing fields which values will be updated
     */
    public $_updatedFields;

    /**
     * @var array $_updatedFields containing fields which values will be updated
     */ //felix
    public $_updatedWhere;

    /**
     * Constructor
     *
     * @param string $name name of the table
     *
     */
    public function __construct($name)
    {
        $this->_name = $name;
        $this->_data = array();
    }

    /**
     * Return the table name, prefixed with site table prefix
     *
     * @return string table name
     *
     */
    public function name()
    {
        global $xoopsDB;

        return $xoopsDB->prefix($this->_name);
    }

    /**
     * Checks if the table already exists in the database
     *
     * @return bool TRUE if it exists, FALSE if not
     *
     */
    public function exists()
    {
        return smart_TableExists($this->_name);
    }

    /**
     * @return mixed
     */
    public function getExistingFieldsArray()
    {
        global $xoopsDB;
        $result = $xoopsDB->query('SHOW COLUMNS FROM ' . $this->name());
        while ($existing_field = $xoopsDB->fetchArray($result)) {
            $fields[$existing_field['Field']] = $existing_field['Type'];
            if ($existing_field['Null'] !== 'YES') {
                $fields[$existing_field['Field']] .= ' NOT NULL';
            }
            if ($existing_field['Extra']) {
                $fields[$existing_field['Field']] .= ' ' . $existing_field['Extra'];
            }
        }

        return $fields;
    }

    /**
     * @param $field
     * @return bool
     */
    public function fieldExists($field)
    {
        $existingFields = $this->getExistingFieldsArray();

        return isset($existingFields[$field]);
    }

    /**
     * Set the table structure
     *
     * @param string $structure table structure
     *
     */
    public function setStructure($structure)
    {
        $this->_structure = $structure;
    }

    /**
     * Return the table structure
     *
     * @return string table structure
     *
     */
    public function getStructure()
    {
        return sprintf($this->_structure, $this->name());
    }

    /**
     * Add values of a record to be added
     *
     * @param string $data values of a record
     *
     */
    public function setData($data)
    {
        $this->_data[] = $data;
    }

    /**
     * Get the data array
     *
     * @return array containing the records values to be added
     *
     */
    public function getData()
    {
        return $this->_data;
    }

    /**
     * Use to insert data in a table
     *
     * @return bool true if success, false if an error occured
     *
     */
    public function addData()
    {
        global $xoopsDB;

        foreach ($this->getData() as $data) {
            $query = sprintf('INSERT INTO %s VALUES (%s)', $this->name(), $data);
            $ret   = $xoopsDB->query($query);
            if (!$ret) {
                echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_ADD_DATA_ERR, $this->name()) . '<br>';
            } else {
                echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_ADD_DATA, $this->name()) . '<br>';
            }
        }

        return $ret;
    }

    /**
     * Add a field to be added
     *
     * @param string $name       name of the field
     * @param string $properties properties of the field
     * @param bool   $showerror
     */
    public function addAlteredField($name, $properties, $showerror = true)
    {
        $field['name']          = $name;
        $field['properties']    = $properties;
        $field['showerror']     = $showerror;
        $this->_alteredFields[] = $field;
    }

    /**
     * Invert values 0 to 1 and 1 to 0
     *
     * @param string $name name of the field
     * @param        $newValue
     * @param        $oldValue
     * @internal param string $old old propertie
     * @internal param string $new new propertie
     */ //felix
    public function addUpdatedWhere($name, $newValue, $oldValue)
    {
        $field['name']         = $name;
        $field['value']        = $newValue;
        $field['where']        = $oldValue;
        $this->_updatedWhere[] = $field;
    }

    /**
     * Add new field of a record to be added
     *
     * @param string $name       name of the field
     * @param string $properties properties of the field
     *
     */
    public function addNewField($name, $properties)
    {
        $field['name']       = $name;
        $field['properties'] = $properties;
        $this->_newFields[]  = $field;
    }

    /**
     * Get fields that need to be altered
     *
     * @return array fields that need to be altered
     *
     */
    public function getAlteredFields()
    {
        return $this->_alteredFields;
    }

    /**
     * Add field for which the value will be updated
     *
     * @param string $name  name of the field
     * @param string $value value to be set
     *
     */
    public function addUpdatedField($name, $value)
    {
        $field['name']          = $name;
        $field['value']         = $value;
        $this->_updatedFields[] = $field;
    }

    /**
     * Get new fields to be added
     *
     * @return array fields to be added
     *
     */
    public function getNewFields()
    {
        return $this->_newFields;
    }

    /**
     * Get fields which values need to be updated
     *
     * @return array fields which values need to be updated
     *
     */
    public function getUpdatedFields()
    {
        return $this->_updatedFields;
    }

    /**
     * Get fields which values need to be updated
     *
     * @return array fields which values need to be updated
     *
     */ //felix
    public function getUpdatedWhere()
    {
        return $this->_updatedWhere;
    }

    /**
     * Add values of a record to be added
     *
     * @param string $name name of the field
     *
     */
    public function addDroppedField($name)
    {
        $this->_droppedFields[] = $name;
    }

    /**
     * Get fields that need to be dropped
     *
     * @return array fields that need to be dropped
     *
     */
    public function getDroppedFields()
    {
        return $this->_droppedFields;
    }

    /**
     * Set the flag to drop the table
     *
     */
    public function setFlagForDrop()
    {
        $this->_flagForDrop = true;

    }

    /**
     * Use to create a table
     *
     * @return bool true if success, false if an error occured
     *
     */
    public function createTable()
    {
        global $xoopsDB;

        $query = $this->getStructure();

        $ret = $xoopsDB->query($query);
        if (!$ret) {
            echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_CREATE_TABLE_ERR, $this->name()) . '<br>';
        } else {
            echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_CREATE_TABLE, $this->name()) . '<br>';
        }

        return $ret;
    }

    /**
     * Use to drop a table
     *
     * @return bool true if success, false if an error occured
     *
     */
    public function dropTable()
    {
        global $xoopsDB;

        $query = sprintf('DROP TABLE %s', $this->name());
        $ret   = $xoopsDB->query($query);
        if (!$ret) {
            echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_DROP_TABLE_ERR, $this->name()) . '<br>';

            return false;
        } else {
            echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_DROP_TABLE, $this->name()) . '<br>';

            return true;
        }
    }

    /**
     * Use to alter a table
     *
     * @return bool true if success, false if an error occured
     *
     */
    public function alterTable()
    {
        global $xoopsDB;

        $ret = true;

        foreach ($this->getAlteredFields() as $alteredField) {
            $query = sprintf('ALTER TABLE `%s` CHANGE `%s` `%s` %s', $this->name(), $alteredField['name'], $alteredField['name'], $alteredField['properties']);
            //echo $query;
            $ret = $ret && $xoopsDB->query($query);
            if ($alteredField['showerror']) {
                if (!$ret) {
                    echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_CHGFIELD_ERR, $alteredField['name'], $this->name()) . '<br>';
                } else {
                    echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_CHGFIELD, $alteredField['name'], $this->name()) . '<br>';
                }
            }
        }

        return $ret;
    }

    /**
     * Use to add new fileds in the table
     *
     * @return bool true if success, false if an error occured
     *
     */
    public function addNewFields()
    {
        global $xoopsDB;

        $ret = true;
        foreach ($this->getNewFields() as $newField) {
            $query = sprintf('ALTER TABLE `%s` ADD `%s` %s', $this->name(), $newField['name'], $newField['properties']);
            //echo $query;
            $ret = $ret && $xoopsDB->query($query);
            if (!$ret) {
                echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_NEWFIELD_ERR, $newField['name'], $this->name()) . '<br>';
            } else {
                echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_NEWFIELD, $newField['name'], $this->name()) . '<br>';
            }
        }

        return $ret;
    }

    /**
     * Use to update fields values
     *
     * @return bool true if success, false if an error occured
     *
     */
    public function updateFieldsValues()
    {
        global $xoopsDB;

        $ret = true;

        foreach ($this->getUpdatedFields() as $updatedField) {
            $query = sprintf('UPDATE %s SET %s = %s', $this->name(), $updatedField['name'], $updatedField['value']);
            $ret   = $ret && $xoopsDB->query($query);
            if (!$ret) {
                echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_UPDATE_TABLE_ERR, $this->name()) . '<br>';
            } else {
                echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_UPDATE_TABLE, $this->name()) . '<br>';
            }
        }

        return $ret;
    }

    /**
     * Use to update fields values
     *
     * @return bool true if success, false if an error occured
     *
     */ //felix
    public function updateWhereValues()
    {
        global $xoopsDB;

        $ret = true;

        foreach ($this->getUpdatedWhere() as $updatedWhere) {
            $query = sprintf('UPDATE %s SET %s = %s WHERE %s  %s', $this->name(), $updatedWhere['name'], $updatedWhere['value'], $updatedWhere['name'], $updatedWhere['where']);
            //echo $query."<br>";
            $ret = $ret && $xoopsDB->query($query);
            if (!$ret) {
                echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_UPDATE_TABLE_ERR, $this->name()) . '<br>';
            } else {
                echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_UPDATE_TABLE, $this->name()) . '<br>';
            }
        }

        return $ret;
    }

    /**
     * Use to drop fields
     *
     * @return bool true if success, false if an error occured
     *
     */
    public function dropFields()
    {
        global $xoopsDB;

        $ret = true;

        foreach ($this->getDroppedFields() as $droppedField) {
            $query = sprintf('ALTER TABLE %s DROP %s', $this->name(), $droppedField);

            $ret = $ret && $xoopsDB->query($query);
            if (!$ret) {
                echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_DROPFIELD_ERR, $droppedField, $this->name()) . '<br>';
            } else {
                echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_DROPFIELD, $droppedField, $this->name()) . '<br>';
            }
        }

        return $ret;
    }
}

/**
 * SmartobjectDbupdater class
 *
 * Class performing the database update for the module
 *
 * @package SmartObject
 * @author  marcan <[email protected]>
 * @link    http://www.smartfactory.ca The SmartFactory
 */
class SmartobjectDbupdater
{
    /**
     * SmartobjectDbupdater constructor.
     */
    public function __construct()
    {
    }

    /**
     * Use to execute a general query
     *
     * @param string $query   query that will be executed
     * @param string $goodmsg message displayed on success
     * @param string $badmsg  message displayed on error
     *
     * @return bool true if success, false if an error occured
     *
     */
    public function runQuery($query, $goodmsg, $badmsg)
    {
        global $xoopsDB;
        $ret = $xoopsDB->query($query);
        if (!$ret) {
            echo "&nbsp;&nbsp;$badmsg<br>";

            return false;
        } else {
            echo "&nbsp;&nbsp;$goodmsg<br>";

            return true;
        }
    }

    /**
     * Use to rename a table
     *
     * @param string $from name of the table to rename
     * @param string $to   new name of the renamed table
     *
     * @return bool true if success, false if an error occured
     */
    public function renameTable($from, $to)
    {
        global $xoopsDB;

        $from = $xoopsDB->prefix($from);
        $to   = $xoopsDB->prefix($to);

        $query = sprintf('ALTER TABLE %s RENAME %s', $from, $to);
        $ret   = $xoopsDB->query($query);
        if (!$ret) {
            echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_RENAME_TABLE_ERR, $from) . '<br>';

            return false;
        } else {
            echo '&nbsp;&nbsp;' . sprintf(_SDU_MSG_RENAME_TABLE, $from, $to) . '<br>';

            return true;
        }
    }

    /**
     * Use to update a table
     *
     * @param object $table {@link SmartDbTable} that will be updated
     *
     * @see SmartDbTable
     *
     * @return bool true if success, false if an error occured
     */
    public function updateTable($table)
    {
        global $xoopsDB;

        $ret = true;

        // if table has a structure, create the table
        if ($table->getStructure()) {
            $ret = $table->createTable() && $ret;
        }

        // if table is flag for drop, drop it
        if ($table->_flagForDrop) {
            $ret = $table->dropTable() && $ret;
        }

        // if table has data, insert it
        if ($table->getData()) {
            $ret = $table->addData() && $ret;
        }

        // if table has new fields to be added, add them
        if ($table->getNewFields()) {
            $ret = $table->addNewFields() && $ret;
        }

        // if table has altered field, alter the table
        if ($table->getAlteredFields()) {
            $ret = $table->alterTable() && $ret;
        }

        // if table has updated field values, update the table
        if ($table->getUpdatedFields()) {
            $ret = $table->updateFieldsValues($table) && $ret;
        }

        // if table has dropped field, alter the table
        if ($table->getDroppedFields()) {
            $ret = $table->dropFields($table) && $ret;
        }
        //felix
        // if table has updated field values, update the table
        if ($table->getUpdatedWhere()) {
            $ret = $table->UpdateWhereValues($table) && $ret;
        }

        return $ret;
    }
}


1		<?php
2
3		/**
4		* Detemines if a table exists in the current db
5		*
6		* @param string $table the table name (without XOOPS prefix)
7		* @return bool True if table exists, false if not
8		*
9		* @access public
10		* @author xhelp development team
11		*/
12
13	View Code Duplication	function smart_TableExists($table)
14		{
15		$bRetVal = false;
16		//Verifies that a MySQL table exists
17		$xoopsDB = XoopsDatabaseFactory::getDatabaseConnection();
18		$realname = $xoopsDB->prefix($table);
19		$sql = 'SHOW TABLES FROM ' . XOOPS_DB_NAME;
20		$ret = $xoopsDB->queryF($sql);
21		while (list($m_table) = $xoopsDB->fetchRow($ret)) {
22		if ($m_table == $realname) {
23		$bRetVal = true;
24		break;
25		}
26		}
27		$xoopsDB->freeRecordSet($ret);
28
29		return $bRetVal;
30		}
31
32		/**
33		* Contains the classes for updating database tables
34		*
35		* @license GNU
36		* @author marcan <[email protected]>
37		* @link http://www.smartfactory.ca The SmartFactory
38		* @package SmartObject
39		*/
40
41		/**
42		* SmartDbTable class
43		*
44		* Information about an individual table
45		*
46		* @package SmartObject
47		* @author marcan <[email protected]>
48		* @link http://www.smartfactory.ca The SmartFactory
49		*/
50		// defined('XOOPS_ROOT_PATH') \|\| exit('XOOPS root path not defined');
51
52		/**
53		* Include the language constants for the SmartObjectDBUpdater
54		*/
55		global $xoopsConfig;
56		$common_file = XOOPS_ROOT_PATH . '/modules/smartsection/language/' . $xoopsConfig['language'] . '/smartdbupdater.php';
57		if (!file_exists($common_file)) {
58		$common_file = XOOPS_ROOT_PATH . '/modules/smartsection/language/english/smartdbupdater.php';
59		}
60
61		include($common_file);
62
63		/**
64		* Class SmartDbTable
65		*/
66		class SmartDbTable
67		{
68		/**
69		* @var string $_name name of the table
70		*/
71		public $_name;
72
73		/**
74		* @var string $_structure structure of the table
75		*/
76		public $_structure;
77
78		/**
79		* @var array $_data containing valued of each records to be added
80		*/
81		public $_data;
82
83		/**
84		* @var array $_alteredFields containing fields to be altered
85		*/
86		public $_alteredFields;
87
88		/**
89		* @var array $_newFields containing new fields to be added
90		*/
91		public $_newFields;
92
93		/**
94		* @var array $_droppedFields containing fields to be dropped
95		*/
96		public $_droppedFields;
97
98		/**
99		* @var array $_flagForDrop flag table to drop it
100		*/
101		public $_flagForDrop = false;
102
103		/**
104		* @var array $_updatedFields containing fields which values will be updated
105		*/
106		public $_updatedFields;
107
108		/**
109		* @var array $_updatedFields containing fields which values will be updated
110		*/ //felix
111		public $_updatedWhere;
112
113		/**
114		* Constructor
115		*
116		* @param string $name name of the table
117		*
118		*/
119		public function __construct($name)
120		{
121		$this->_name = $name;
122		$this->_data = array();
123		}
124
125		/**
126		* Return the table name, prefixed with site table prefix
127		*
128		* @return string table name
129		*
130		*/
131		public function name()
132		{
133		global $xoopsDB;
134
135		return $xoopsDB->prefix($this->_name);
136		}
137
138		/**
139		* Checks if the table already exists in the database
140		*
141		* @return bool TRUE if it exists, FALSE if not
142		*
143		*/
144		public function exists()
145		{
146		return smart_TableExists($this->_name);
147		}
148
149		/**
150		* @return mixed
151		*/
152		public function getExistingFieldsArray()
153		{
154		global $xoopsDB;
155		$result = $xoopsDB->query('SHOW COLUMNS FROM ' . $this->name());
156		while ($existing_field = $xoopsDB->fetchArray($result)) {
157		$fields[$existing_field['Field']] = $existing_field['Type'];
158		if ($existing_field['Null'] !== 'YES') {
159		$fields[$existing_field['Field']] .= ' NOT NULL';
160		}
161		if ($existing_field['Extra']) {
162		$fields[$existing_field['Field']] .= ' ' . $existing_field['Extra'];
163		}
164		}
165
166		return $fields;
167		}
168
169		/**
170		* @param $field
171		* @return bool
172		*/
173		public function fieldExists($field)
174		{
175		$existingFields = $this->getExistingFieldsArray();
176
177		return isset($existingFields[$field]);
178		}
179
180		/**
181		* Set the table structure
182		*
183		* @param string $structure table structure
184		*
185		*/
186		public function setStructure($structure)
187		{
188		$this->_structure = $structure;
189		}
190
191		/**
192		* Return the table structure
193		*
194		* @return string table structure
195		*
196		*/
197		public function getStructure()
198		{
199		return sprintf($this->_structure, $this->name());
200		}
201
202		/**
203		* Add values of a record to be added
204		*
205		* @param string $data values of a record
206		*
207		*/
208		public function setData($data)
209		{
210		$this->_data[] = $data;
211		}
212
213		/**
214		* Get the data array
215		*
216		* @return array containing the records values to be added
217		*
218		*/
219		public function getData()
220		{
221		return $this->_data;
222		}
223
224		/**
225		* Use to insert data in a table
226		*
227		* @return bool true if success, false if an error occured
228		*
229		*/
230	View Code Duplication	public function addData()
231		{
232		global $xoopsDB;
233
234		foreach ($this->getData() as $data) {
235		$query = sprintf('INSERT INTO %s VALUES (%s)', $this->name(), $data);
236		$ret = $xoopsDB->query($query);
237		if (!$ret) {
238		echo '  ' . sprintf(_SDU_MSG_ADD_DATA_ERR, $this->name()) . '<br>';
239		} else {
240		echo '  ' . sprintf(_SDU_MSG_ADD_DATA, $this->name()) . '<br>';
241		}
242		}
243
244		return $ret;
245		}
246
247		/**
248		* Add a field to be added
249		*
250		* @param string $name name of the field
251		* @param string $properties properties of the field
252		* @param bool $showerror
253		*/
254		public function addAlteredField($name, $properties, $showerror = true)
255		{
256		$field['name'] = $name;
257		$field['properties'] = $properties;
258		$field['showerror'] = $showerror;
259		$this->_alteredFields[] = $field;
260		}
261
262		/**
263		* Invert values 0 to 1 and 1 to 0
264		*
265		* @param string $name name of the field
266		* @param $newValue
267		* @param $oldValue
268		* @internal param string $old old propertie
269		* @internal param string $new new propertie
270		*/ //felix
271		public function addUpdatedWhere($name, $newValue, $oldValue)
272		{
273		$field['name'] = $name;
274		$field['value'] = $newValue;
275		$field['where'] = $oldValue;
276		$this->_updatedWhere[] = $field;
277		}
278
279		/**
280		* Add new field of a record to be added
281		*
282		* @param string $name name of the field
283		* @param string $properties properties of the field
284		*
285		*/
286		public function addNewField($name, $properties)
287		{
288		$field['name'] = $name;
289		$field['properties'] = $properties;
290		$this->_newFields[] = $field;
291		}
292
293		/**
294		* Get fields that need to be altered
295		*
296		* @return array fields that need to be altered
297		*
298		*/
299		public function getAlteredFields()
300		{
301		return $this->_alteredFields;
302		}
303
304		/**
305		* Add field for which the value will be updated
306		*
307		* @param string $name name of the field
308		* @param string $value value to be set
309		*
310		*/
311		public function addUpdatedField($name, $value)
312		{
313		$field['name'] = $name;
314		$field['value'] = $value;
315		$this->_updatedFields[] = $field;
316		}
317
318		/**
319		* Get new fields to be added
320		*
321		* @return array fields to be added
322		*
323		*/
324		public function getNewFields()
325		{
326		return $this->_newFields;
327		}
328
329		/**
330		* Get fields which values need to be updated
331		*
332		* @return array fields which values need to be updated
333		*
334		*/
335		public function getUpdatedFields()
336		{
337		return $this->_updatedFields;
338		}
339
340		/**
341		* Get fields which values need to be updated
342		*
343		* @return array fields which values need to be updated
344		*
345		*/ //felix
346		public function getUpdatedWhere()
347		{
348		return $this->_updatedWhere;
349		}
350
351		/**
352		* Add values of a record to be added
353		*
354		* @param string $name name of the field
355		*
356		*/
357		public function addDroppedField($name)
358		{
359		$this->_droppedFields[] = $name;
360		}
361
362		/**
363		* Get fields that need to be dropped
364		*
365		* @return array fields that need to be dropped
366		*
367		*/
368		public function getDroppedFields()
369		{
370		return $this->_droppedFields;
371		}
372
373		/**
374		* Set the flag to drop the table
375		*
376		*/
377		public function setFlagForDrop()
378		{
379		$this->_flagForDrop = true;
		0 ignored issues – show Documentation Bug introduced 2016-05-31 10:14 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `true` of type `boolean` is incompatible with the declared type `array` of property `$_flagForDrop`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
380		}
381
382		/**
383		* Use to create a table
384		*
385		* @return bool true if success, false if an error occured
386		*
387		*/
388	View Code Duplication	public function createTable()
389		{
390		global $xoopsDB;
391
392		$query = $this->getStructure();
393
394		$ret = $xoopsDB->query($query);
395		if (!$ret) {
396		echo '  ' . sprintf(_SDU_MSG_CREATE_TABLE_ERR, $this->name()) . '<br>';
397		} else {
398		echo '  ' . sprintf(_SDU_MSG_CREATE_TABLE, $this->name()) . '<br>';
399		}
400
401		return $ret;
402		}
403
404		/**
405		* Use to drop a table
406		*
407		* @return bool true if success, false if an error occured
408		*
409		*/
410	View Code Duplication	public function dropTable()
411		{
412		global $xoopsDB;
413
414		$query = sprintf('DROP TABLE %s', $this->name());
415		$ret = $xoopsDB->query($query);
416		if (!$ret) {
417		echo '  ' . sprintf(_SDU_MSG_DROP_TABLE_ERR, $this->name()) . '<br>';
418
419		return false;
420		} else {
421		echo '  ' . sprintf(_SDU_MSG_DROP_TABLE, $this->name()) . '<br>';
422
423		return true;
424		}
425		}
426
427		/**
428		* Use to alter a table
429		*
430		* @return bool true if success, false if an error occured
431		*
432		*/
433		public function alterTable()
434		{
435		global $xoopsDB;
436
437		$ret = true;
438
439		foreach ($this->getAlteredFields() as $alteredField) {
440		$query = sprintf('ALTER TABLE `%s` CHANGE `%s` `%s` %s', $this->name(), $alteredField['name'], $alteredField['name'], $alteredField['properties']);
441		//echo $query;
442		$ret = $ret && $xoopsDB->query($query);
443		if ($alteredField['showerror']) {
444		if (!$ret) {
445		echo '  ' . sprintf(_SDU_MSG_CHGFIELD_ERR, $alteredField['name'], $this->name()) . '<br>';
446		} else {
447		echo '  ' . sprintf(_SDU_MSG_CHGFIELD, $alteredField['name'], $this->name()) . '<br>';
448		}
449		}
450		}
451
452		return $ret;
453		}
454
455		/**
456		* Use to add new fileds in the table
457		*
458		* @return bool true if success, false if an error occured
459		*
460		*/
461	View Code Duplication	public function addNewFields()
462		{
463		global $xoopsDB;
464
465		$ret = true;
466		foreach ($this->getNewFields() as $newField) {
467		$query = sprintf('ALTER TABLE `%s` ADD `%s` %s', $this->name(), $newField['name'], $newField['properties']);
468		//echo $query;
469		$ret = $ret && $xoopsDB->query($query);
470		if (!$ret) {
471		echo '  ' . sprintf(_SDU_MSG_NEWFIELD_ERR, $newField['name'], $this->name()) . '<br>';
472		} else {
473		echo '  ' . sprintf(_SDU_MSG_NEWFIELD, $newField['name'], $this->name()) . '<br>';
474		}
475		}
476
477		return $ret;
478		}
479
480		/**
481		* Use to update fields values
482		*
483		* @return bool true if success, false if an error occured
484		*
485		*/
486	View Code Duplication	public function updateFieldsValues()
487		{
488		global $xoopsDB;
489
490		$ret = true;
491
492		foreach ($this->getUpdatedFields() as $updatedField) {
493		$query = sprintf('UPDATE %s SET %s = %s', $this->name(), $updatedField['name'], $updatedField['value']);
494		$ret = $ret && $xoopsDB->query($query);
495		if (!$ret) {
496		echo '  ' . sprintf(_SDU_MSG_UPDATE_TABLE_ERR, $this->name()) . '<br>';
497		} else {
498		echo '  ' . sprintf(_SDU_MSG_UPDATE_TABLE, $this->name()) . '<br>';
499		}
500		}
501
502		return $ret;
503		}
504
505		/**
506		* Use to update fields values
507		*
508		* @return bool true if success, false if an error occured
509		*
510		*/ //felix
511		public function updateWhereValues()
512		{
513		global $xoopsDB;
514
515		$ret = true;
516
517		foreach ($this->getUpdatedWhere() as $updatedWhere) {
518		$query = sprintf('UPDATE %s SET %s = %s WHERE %s %s', $this->name(), $updatedWhere['name'], $updatedWhere['value'], $updatedWhere['name'], $updatedWhere['where']);
519		//echo $query."<br>";
520		$ret = $ret && $xoopsDB->query($query);
521		if (!$ret) {
522		echo '  ' . sprintf(_SDU_MSG_UPDATE_TABLE_ERR, $this->name()) . '<br>';
523		} else {
524		echo '  ' . sprintf(_SDU_MSG_UPDATE_TABLE, $this->name()) . '<br>';
525		}
526		}
527
528		return $ret;
529		}
530
531		/**
532		* Use to drop fields
533		*
534		* @return bool true if success, false if an error occured
535		*
536		*/
537	View Code Duplication	public function dropFields()
538		{
539		global $xoopsDB;
540
541		$ret = true;
542
543		foreach ($this->getDroppedFields() as $droppedField) {
544		$query = sprintf('ALTER TABLE %s DROP %s', $this->name(), $droppedField);
545
546		$ret = $ret && $xoopsDB->query($query);
547		if (!$ret) {
548		echo '  ' . sprintf(_SDU_MSG_DROPFIELD_ERR, $droppedField, $this->name()) . '<br>';
549		} else {
550		echo '  ' . sprintf(_SDU_MSG_DROPFIELD, $droppedField, $this->name()) . '<br>';
551		}
552		}
553
554		return $ret;
555		}
556		}
557
558		/**
559		* SmartobjectDbupdater class
560		*
561		* Class performing the database update for the module
562		*
563		* @package SmartObject
564		* @author marcan <[email protected]>
565		* @link http://www.smartfactory.ca The SmartFactory
566		*/
567		class SmartobjectDbupdater
568		{
569		/**
570		* SmartobjectDbupdater constructor.
571		*/
572		public function __construct()
573		{
574		}
575
576		/**
577		* Use to execute a general query
578		*
579		* @param string $query query that will be executed
580		* @param string $goodmsg message displayed on success
581		* @param string $badmsg message displayed on error
582		*
583		* @return bool true if success, false if an error occured
584		*
585		*/
586	View Code Duplication	public function runQuery($query, $goodmsg, $badmsg)
587		{
588		global $xoopsDB;
589		$ret = $xoopsDB->query($query);
590		if (!$ret) {
591		echo "  $badmsg<br>";
592
593		return false;
594		} else {
595		echo "  $goodmsg<br>";
596
597		return true;
598		}
599		}
600
601		/**
602		* Use to rename a table
603		*
604		* @param string $from name of the table to rename
605		* @param string $to new name of the renamed table
606		*
607		* @return bool true if success, false if an error occured
608		*/
609	View Code Duplication	public function renameTable($from, $to)
610		{
611		global $xoopsDB;
612
613		$from = $xoopsDB->prefix($from);
614		$to = $xoopsDB->prefix($to);
615
616		$query = sprintf('ALTER TABLE %s RENAME %s', $from, $to);
617		$ret = $xoopsDB->query($query);
618		if (!$ret) {
619		echo '  ' . sprintf(_SDU_MSG_RENAME_TABLE_ERR, $from) . '<br>';
620
621		return false;
622		} else {
623		echo '  ' . sprintf(_SDU_MSG_RENAME_TABLE, $from, $to) . '<br>';
624
625		return true;
626		}
627		}
628
629		/**
630		* Use to update a table
631		*
632		* @param object $table {@link SmartDbTable} that will be updated
633		*
634		* @see SmartDbTable
635		*
636		* @return bool true if success, false if an error occured
637		*/
638		public function updateTable($table)
639		{
640		global $xoopsDB;
641
642		$ret = true;
643
644		// if table has a structure, create the table
645		if ($table->getStructure()) {
646		$ret = $table->createTable() && $ret;
647		}
648
649		// if table is flag for drop, drop it
650		if ($table->_flagForDrop) {
651		$ret = $table->dropTable() && $ret;
652		}
653
654		// if table has data, insert it
655		if ($table->getData()) {
656		$ret = $table->addData() && $ret;
657		}
658
659		// if table has new fields to be added, add them
660		if ($table->getNewFields()) {
661		$ret = $table->addNewFields() && $ret;
662		}
663
664		// if table has altered field, alter the table
665		if ($table->getAlteredFields()) {
666		$ret = $table->alterTable() && $ret;
667		}
668
669		// if table has updated field values, update the table
670		if ($table->getUpdatedFields()) {
671		$ret = $table->updateFieldsValues($table) && $ret;
672		}
673
674		// if table has dropped field, alter the table
675		if ($table->getDroppedFields()) {
676		$ret = $table->dropFields($table) && $ret;
677		}
678		//felix
679		// if table has updated field values, update the table
680		if ($table->getUpdatedWhere()) {
681		$ret = $table->UpdateWhereValues($table) && $ret;
682		}
683
684		return $ret;
685		}
686		}
687

XoopsModules25x / smartpartner

Issues (733)

Security Analysis not enabled

class/smartdbupdater.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like