These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /********************************************************************** |
||
4 | * Author: Justin Vincent ([email protected]) |
||
5 | * Web...: http://twitter.com/justinvincent |
||
6 | * Name..: ezSQL_pdo |
||
7 | * Desc..: PDO component (part of ezSQL databse abstraction library) |
||
8 | * |
||
9 | */ |
||
10 | |||
11 | /********************************************************************** |
||
12 | * ezSQL error strings - PDO |
||
13 | */ |
||
14 | |||
15 | global $ezsql_pdo_str; |
||
16 | |||
17 | $ezsql_pdo_str = array |
||
18 | ( |
||
19 | 1 => 'Require $dsn and $user and $password to create a connection' |
||
20 | ); |
||
21 | |||
22 | /********************************************************************** |
||
23 | * ezSQL Database specific class - PDO |
||
24 | */ |
||
25 | |||
26 | if ( ! class_exists ('PDO') ) die('<b>Fatal Error:</b> ezSQL_pdo requires PDO Lib to be compiled and or linked in to the PHP engine'); |
||
27 | if ( ! class_exists ('ezSQLcore') ) die('<b>Fatal Error:</b> ezSQL_pdo requires ezSQLcore (ez_sql_core.php) to be included/loaded before it can be used'); |
||
28 | |||
29 | class ezSQL_pdo extends ezSQLcore |
||
30 | { |
||
31 | |||
32 | var $dsn; |
||
33 | var $user; |
||
34 | var $password; |
||
35 | var $rows_affected = false; |
||
36 | |||
37 | /********************************************************************** |
||
38 | * Constructor - allow the user to perform a qucik connect at the |
||
39 | * same time as initialising the ezSQL_pdo class |
||
40 | */ |
||
41 | |||
42 | function __construct($dsn='', $user='', $password='', $ssl=array()) |
||
0 ignored issues
–
show
|
|||
43 | { |
||
44 | // Turn on track errors |
||
45 | ini_set('track_errors',1); |
||
46 | |||
47 | if ( $dsn && $user ) |
||
48 | { |
||
49 | $this->connect($dsn, $user, $password); |
||
50 | } |
||
51 | } |
||
52 | |||
53 | /********************************************************************** |
||
54 | * Try to connect to database server |
||
55 | */ |
||
56 | |||
57 | function connect($dsn='', $user='', $password='', $ssl=array()) |
||
0 ignored issues
–
show
|
|||
58 | { |
||
59 | global $ezsql_pdo_str; $return_val = false; |
||
60 | |||
61 | // Must have a dsn and user |
||
62 | if ( ! $dsn || ! $user ) |
||
63 | { |
||
64 | $this->register_error($ezsql_pdo_str[1].' in '.__FILE__.' on line '.__LINE__); |
||
65 | $this->show_errors ? trigger_error($ezsql_pdo_str[1],E_USER_WARNING) : null; |
||
66 | } |
||
67 | |||
68 | // Establish PDO connection |
||
69 | try |
||
70 | { |
||
71 | if(!empty($ssl)) |
||
72 | { |
||
73 | $this->dbh = new PDO($dsn, $user, $password, $ssl); |
||
0 ignored issues
–
show
The property
dbh does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
74 | } |
||
75 | else |
||
76 | { |
||
77 | $this->dbh = new PDO($dsn, $user, $password); |
||
78 | } |
||
79 | |||
80 | $return_val = true; |
||
81 | } |
||
82 | catch (PDOException $e) |
||
83 | { |
||
84 | $this->register_error($e->getMessage()); |
||
85 | $this->show_errors ? trigger_error($e->getMessage(),E_USER_WARNING) : null; |
||
86 | } |
||
87 | |||
88 | return $return_val; |
||
89 | } |
||
90 | |||
91 | /********************************************************************** |
||
92 | * In the case of PDO quick_connect is not really needed |
||
93 | * because std. connect already does what quick connect does - |
||
94 | * but for the sake of consistency it has been included |
||
95 | */ |
||
96 | |||
97 | function quick_connect($dsn='', $user='', $password='', $ssl=array()) |
||
0 ignored issues
–
show
|
|||
98 | { |
||
99 | return $this->connect($dsn, $user, $password); |
||
100 | } |
||
101 | |||
102 | /********************************************************************** |
||
103 | * No real equivalent of mySQL select in PDO |
||
104 | * once again, function included for the sake of consistency |
||
105 | */ |
||
106 | |||
107 | function select($dsn='', $user='', $password='', $ssl=array()) |
||
0 ignored issues
–
show
|
|||
108 | { |
||
109 | return $this->connect($dsn, $user, $password); |
||
110 | } |
||
111 | |||
112 | /********************************************************************** |
||
113 | * Format a string correctly for safe PDO insert |
||
114 | * (no mater if magic quotes are on or not) |
||
115 | */ |
||
116 | |||
117 | function escape($str) |
||
0 ignored issues
–
show
|
|||
118 | { |
||
119 | switch (gettype($str)) |
||
120 | { |
||
121 | case 'string' : $str = addslashes(stripslashes($str)); |
||
122 | break; |
||
123 | case 'boolean' : $str = ($str === FALSE) ? 0 : 1; |
||
124 | break; |
||
125 | default : $str = ($str === NULL) ? 'NULL' : $str; |
||
126 | break; |
||
127 | } |
||
128 | |||
129 | return $str; |
||
130 | } |
||
131 | |||
132 | /********************************************************************** |
||
133 | * Return specific system date syntax |
||
134 | * i.e. Oracle: SYSDATE Mysql: NOW() |
||
135 | */ |
||
136 | |||
137 | function sysdate() |
||
0 ignored issues
–
show
|
|||
138 | { |
||
139 | return "NOW()"; |
||
140 | } |
||
141 | |||
142 | /********************************************************************** |
||
143 | * Hooks into PDO error system and reports it to user |
||
144 | */ |
||
145 | |||
146 | function catch_error() |
||
0 ignored issues
–
show
|
|||
147 | { |
||
148 | $error_str = 'No error info'; |
||
0 ignored issues
–
show
$error_str is not used, you could remove the assignment.
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value';
$higher = false;
if (rand(1, 6) > 3) {
$higher = true;
} else {
$higher = false;
}
Both the
Loading history...
|
|||
149 | |||
150 | $err_array = $this->dbh->errorInfo(); |
||
151 | |||
152 | // Note: Ignoring error - bind or column index out of range |
||
153 | if ( isset($err_array[1]) && $err_array[1] != 25) |
||
154 | { |
||
155 | |||
156 | $error_str = ''; |
||
157 | foreach ( $err_array as $entry ) |
||
158 | { |
||
159 | $error_str .= $entry . ', '; |
||
160 | } |
||
161 | |||
162 | $error_str = substr($error_str,0,-2); |
||
163 | |||
164 | $this->register_error($error_str); |
||
165 | $this->show_errors ? trigger_error($error_str.' '.$this->last_query,E_USER_WARNING) : null; |
||
166 | |||
167 | return true; |
||
168 | } |
||
169 | |||
170 | } |
||
171 | |||
172 | // ================================================================== |
||
173 | // Basic Query - see docs for more detail |
||
174 | |||
175 | function query($query) |
||
0 ignored issues
–
show
|
|||
176 | { |
||
177 | |||
178 | // For reg expressions |
||
179 | $query = str_replace("/[\n\r]/",'',trim($query)); |
||
180 | |||
181 | // initialise return |
||
182 | $return_val = 0; |
||
0 ignored issues
–
show
$return_val is not used, you could remove the assignment.
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value';
$higher = false;
if (rand(1, 6) > 3) {
$higher = true;
} else {
$higher = false;
}
Both the
Loading history...
|
|||
183 | |||
184 | // Flush cached values.. |
||
185 | $this->flush(); |
||
186 | |||
187 | // Log how the function was called |
||
188 | $this->func_call = "\$db->query(\"$query\")"; |
||
0 ignored issues
–
show
The property
func_call does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
189 | |||
190 | // Keep track of the last query for debug.. |
||
191 | $this->last_query = $query; |
||
192 | |||
193 | $this->num_queries++; |
||
194 | |||
195 | // Start timer |
||
196 | $this->timer_start($this->num_queries); |
||
197 | |||
198 | // Use core file cache function |
||
199 | View Code Duplication | if ( $cache = $this->get_cache($query) ) |
|
0 ignored issues
–
show
This code seems to be duplicated across your project.
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository.
Loading history...
|
|||
200 | { |
||
201 | |||
202 | // Keep tack of how long all queries have taken |
||
203 | $this->timer_update_global($this->num_queries); |
||
204 | |||
205 | // Trace all queries |
||
206 | if ( $this->use_trace_log ) |
||
207 | { |
||
208 | $this->trace_log[] = $this->debug(false); |
||
209 | } |
||
210 | |||
211 | return $cache; |
||
212 | } |
||
213 | |||
214 | // If there is no existing database connection then try to connect |
||
215 | if ( ! isset($this->dbh) || ! $this->dbh ) |
||
216 | { |
||
217 | $this->connect($this->dsn, $this->user, $this->password); |
||
218 | if ( ! isset($this->dbh) || ! $this->dbh ) |
||
219 | return false; |
||
220 | } |
||
221 | |||
222 | // Query was an insert, delete, update, replace |
||
223 | if ( preg_match("/^(insert|delete|update|replace|drop|create)\s+/i",$query) ) |
||
224 | { |
||
225 | |||
226 | // Perform the query and log number of affected rows |
||
227 | $this->rows_affected = $this->dbh->exec($query); |
||
228 | |||
229 | // If there is an error then take note of it.. |
||
230 | if ( $this->catch_error() ) return false; |
||
231 | |||
232 | $is_insert = true; |
||
233 | |||
234 | // Take note of the insert_id |
||
235 | if ( preg_match("/^(insert|replace)\s+/i",$query) ) |
||
236 | { |
||
237 | $this->insert_id = @$this->dbh->lastInsertId(); |
||
0 ignored issues
–
show
The property
insert_id does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
238 | } |
||
239 | |||
240 | // Return number fo rows affected |
||
241 | $return_val = $this->rows_affected; |
||
242 | |||
243 | } |
||
244 | // Query was an select |
||
245 | else |
||
246 | { |
||
247 | |||
248 | // Perform the query and log number of affected rows |
||
249 | $sth = $this->dbh->query($query); |
||
250 | |||
251 | // If there is an error then take note of it.. |
||
252 | if ( $this->catch_error() ) return false; |
||
253 | |||
254 | $is_insert = false; |
||
255 | |||
256 | $col_count = $sth->columnCount(); |
||
257 | |||
258 | for ( $i=0 ; $i < $col_count ; $i++ ) |
||
259 | { |
||
260 | $this->col_info[$i] = new stdClass(); |
||
261 | |||
262 | if ( $meta = $sth->getColumnMeta($i) ) |
||
263 | { |
||
264 | $this->col_info[$i]->name = $meta['name']; |
||
265 | $this->col_info[$i]->type = !empty($meta['native_type']) ? $meta['native_type'] : 'undefined'; |
||
266 | $this->col_info[$i]->max_length = ''; |
||
267 | } |
||
268 | else |
||
269 | { |
||
270 | $this->col_info[$i]->name = 'undefined'; |
||
271 | $this->col_info[$i]->type = 'undefined'; |
||
272 | $this->col_info[$i]->max_length = ''; |
||
273 | } |
||
274 | } |
||
275 | |||
276 | // Store Query Results |
||
277 | $num_rows=0; |
||
278 | while ( $row = @$sth->fetch(PDO::FETCH_ASSOC) ) |
||
279 | { |
||
280 | // Store relults as an objects within main array |
||
281 | $this->last_result[$num_rows] = (object) $row; |
||
0 ignored issues
–
show
The property
last_result does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
282 | $num_rows++; |
||
283 | } |
||
284 | |||
285 | // Log number of rows the query returned |
||
286 | $this->num_rows = $num_rows; |
||
0 ignored issues
–
show
The property
num_rows does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
287 | |||
288 | // Return number of rows selected |
||
289 | $return_val = $this->num_rows; |
||
290 | |||
291 | } |
||
292 | |||
293 | // disk caching of queries |
||
294 | $this->store_cache($query,$is_insert); |
||
295 | |||
296 | // If debug ALL queries |
||
297 | $this->trace || $this->debug_all ? $this->debug() : null ; |
||
298 | |||
299 | // Keep tack of how long all queries have taken |
||
300 | $this->timer_update_global($this->num_queries); |
||
301 | |||
302 | // Trace all queries |
||
303 | if ( $this->use_trace_log ) |
||
304 | { |
||
305 | $this->trace_log[] = $this->debug(false); |
||
306 | } |
||
307 | |||
308 | return $return_val; |
||
309 | |||
310 | } |
||
311 | |||
312 | } |
||
313 |
Adding explicit visibility (
private
,protected
, orpublic
) is generally recommend to communicate to other developers how, and from where this method is intended to be used.