This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * php7-mysql-shim |
||
4 | * |
||
5 | * @author Davey Shafik <[email protected]> |
||
6 | * @copyright Copyright (c) 2017 Davey Shafik |
||
7 | * @license MIT License |
||
8 | * @link https://github.com/dshafik/php7-mysql-shim |
||
9 | */ |
||
10 | |||
11 | /** |
||
12 | * A drop-in replacement for ext/mysql in PHP 7+ using ext/mysqli instead |
||
13 | * |
||
14 | * This library is meant to be a _stop-gap_. It will be slower than using |
||
15 | * the native functions directly. |
||
16 | * |
||
17 | * You should switch to ext/pdo_mysql or ext/mysqli, and migrate to prepared |
||
18 | * queries (@see http://php.net/manual/en/pdo.prepared-statements.php) to |
||
19 | * ensure you are securely interacting with your database. |
||
20 | */ |
||
21 | namespace { |
||
22 | |||
23 | if (!extension_loaded('mysql')) { |
||
24 | if (!extension_loaded('mysqli')) { |
||
25 | trigger_error('php7-mysql-shim: ext/mysqli is required', E_USER_ERROR); |
||
26 | } |
||
27 | |||
28 | define('MYSQL_ASSOC', 1); |
||
29 | define('MYSQL_NUM', 2); |
||
30 | define('MYSQL_BOTH', 3); |
||
31 | define('MYSQL_CLIENT_COMPRESS', 32); |
||
32 | define('MYSQL_CLIENT_SSL', 2048); |
||
33 | define('MYSQL_CLIENT_INTERACTIVE', 1024); |
||
34 | define('MYSQL_CLIENT_IGNORE_SPACE', 256); |
||
35 | |||
36 | function mysql_connect( |
||
37 | $hostname = null, |
||
38 | $username = null, |
||
39 | $password = null, |
||
40 | $new = false, |
||
41 | $flags = 0 |
||
42 | ) { |
||
43 | 65 | if ($new !== false) { |
|
44 | 1 | trigger_error('Argument $new is no longer supported in PHP > 7', E_USER_WARNING); |
|
45 | } |
||
46 | |||
47 | 64 | if (null === $hostname) { |
|
48 | 1 | $hostname = ini_get('mysqli.default_host') ?: null; |
|
49 | } |
||
50 | 64 | if (null === $username) { |
|
51 | 1 | $username = ini_get('mysqli.default_user') ?: null; |
|
52 | } |
||
53 | 64 | if (null === $password) { |
|
54 | 61 | $password = ini_get('mysqli.default_pw') ?: null; |
|
55 | } |
||
56 | |||
57 | 64 | $socket = ''; |
|
58 | 64 | if (strpos($hostname, ':/') === 0) { |
|
59 | // it's a unix socket |
||
60 | $socket = $hostname; |
||
61 | $hostname = 'localhost'; |
||
62 | } |
||
63 | |||
64 | 64 | $hash = sha1($hostname . $username . $flags); |
|
65 | /* persistent connections start with p: */ |
||
66 | /* don't use a cached link for those */ |
||
67 | 64 | if ($hostname[1] !== ':' && isset(\Dshafik\MySQL::$connections[$hash])) { |
|
68 | 10 | \Dshafik\MySQL::$last_connection = \Dshafik\MySQL::$connections[$hash]['conn']; |
|
69 | 10 | \Dshafik\MySQL::$connections[$hash]['refcount'] += 1; |
|
70 | 10 | return \Dshafik\MySQL::$connections[$hash]['conn']; |
|
71 | } |
||
72 | |||
73 | /* A custom port can be specified by appending the hostname with :{port} e.g. hostname:3307 */ |
||
74 | 55 | if (preg_match('/^(.+):([\d]+)$/', $hostname, $port_matches) === 1 && $port_matches[1] !== "p") { |
|
75 | $hostname = $port_matches[1]; |
||
76 | $port = (int) $port_matches[2]; |
||
77 | } else { |
||
78 | 55 | $port = null; |
|
79 | } |
||
80 | |||
81 | /* No flags, means we can use mysqli_connect() */ |
||
82 | 55 | if ($flags === 0) { |
|
83 | 53 | $conn = mysqli_connect($hostname, $username, $password, '', $port); |
|
84 | 52 | if (!$conn instanceof mysqli) { |
|
85 | 1 | return false; |
|
86 | } |
||
87 | 51 | \Dshafik\MySQL::$last_connection = $conn; |
|
88 | 51 | $conn->hash = $hash; |
|
89 | 51 | \Dshafik\MySQL::$connections[$hash] = array('refcount' => 1, 'conn' => $conn); |
|
90 | |||
91 | 51 | return $conn; |
|
92 | } |
||
93 | |||
94 | /* Flags means we need to use mysqli_real_connect() instead, and handle exceptions */ |
||
95 | try { |
||
96 | 2 | \Dshafik\MySQL::$last_connection = $conn = mysqli_init(); |
|
97 | |||
98 | 2 | mysqli_real_connect( |
|
99 | 2 | $conn, |
|
100 | 2 | $hostname, |
|
101 | 2 | $username, |
|
102 | 2 | $password, |
|
103 | 2 | '', |
|
104 | 2 | $port, |
|
105 | 2 | $socket, |
|
106 | 2 | $flags |
|
107 | ); |
||
108 | |||
109 | // @codeCoverageIgnoreStart |
||
110 | // PHPUnit turns the warning from mysqli_real_connect into an exception, so this never runs |
||
111 | if ($conn === false) { |
||
112 | return false; |
||
113 | } |
||
114 | // @codeCoverageIgnoreEnd |
||
115 | |||
116 | 1 | $conn->hash = $hash; |
|
117 | 1 | \Dshafik\MySQL::$connections[$hash] = array('refcount' => 1, 'conn' => $conn); |
|
118 | |||
119 | 1 | return $conn; |
|
120 | 1 | } catch (\Throwable $e) { |
|
121 | 1 | trigger_error($e->getMessage(), E_USER_WARNING); |
|
122 | // @codeCoverageIgnoreStart |
||
123 | // PHPUnit turns the warning into an exception, so this never runs |
||
124 | return false; |
||
125 | // @codeCoverageIgnoreEnd |
||
126 | } |
||
127 | } |
||
128 | |||
129 | function mysql_pconnect( |
||
130 | $hostname = null, |
||
131 | $username = null, |
||
132 | $password = null, |
||
133 | $flags = 0 |
||
134 | ) { |
||
135 | 1 | $hostname = 'p:' . $hostname; |
|
136 | 1 | return mysql_connect($hostname, $username, $password, false, $flags); |
|
137 | } |
||
138 | |||
139 | function mysql_close(\mysqli $link = null) |
||
140 | { |
||
141 | 89 | $isDefault = ($link === null); |
|
142 | |||
143 | 89 | $link = \Dshafik\MySQL::getConnection($link, __FUNCTION__); |
|
144 | 89 | if ($link === null) { |
|
145 | // @codeCoverageIgnoreStart |
||
146 | // PHPUnit Warning -> Exception |
||
147 | return false; |
||
148 | // @codeCoverageIgnoreEnd |
||
149 | } |
||
150 | |||
151 | 89 | if (isset(\Dshafik\MySQL::$connections[$link->hash])) { |
|
152 | 61 | \Dshafik\MySQL::$connections[$link->hash]['refcount'] -= 1; |
|
153 | } |
||
154 | |||
155 | 89 | $return = true; |
|
156 | 89 | if (\Dshafik\MySQL::$connections[$link->hash]['refcount'] === 0) { |
|
157 | 52 | $return = mysqli_close($link); |
|
158 | 52 | unset(\Dshafik\MySQL::$connections[$link->hash]); |
|
159 | } |
||
160 | |||
161 | 89 | if ($isDefault) { |
|
162 | 89 | Dshafik\MySQL::$last_connection = null; |
|
163 | } |
||
164 | |||
165 | 89 | return $return; |
|
166 | } |
||
167 | |||
168 | function mysql_select_db($databaseName, \mysqli $link = null) |
||
169 | { |
||
170 | 54 | $link = \Dshafik\MySQL::getConnection($link); |
|
171 | |||
172 | 54 | return mysqli_query( |
|
173 | 54 | $link, |
|
174 | 54 | 'USE `' . mysqli_real_escape_string($link, $databaseName) . '`' |
|
175 | 54 | ) !== false; |
|
176 | } |
||
177 | |||
178 | function mysql_query($query, \mysqli $link = null) |
||
179 | { |
||
180 | 57 | return mysqli_query(\Dshafik\MySQL::getConnection($link), $query); |
|
181 | } |
||
182 | |||
183 | function mysql_unbuffered_query($query, \mysqli $link = null) |
||
184 | { |
||
185 | 4 | $link = \Dshafik\MySQL::getConnection($link); |
|
186 | 4 | if (mysqli_real_query($link, $query)) { |
|
187 | 3 | return mysqli_use_result($link); |
|
188 | } |
||
189 | |||
190 | 1 | return false; |
|
191 | } |
||
192 | |||
193 | function mysql_db_query($databaseName, $query, \mysqli $link = null) |
||
194 | { |
||
195 | 2 | if (mysql_select_db($databaseName, $link)) { |
|
196 | 1 | return mysql_query($query, $link); |
|
197 | } |
||
198 | 1 | return false; |
|
199 | } |
||
200 | |||
201 | function mysql_list_dbs(\mysqli $link = null) |
||
202 | { |
||
203 | 2 | return mysql_query('SHOW DATABASES', $link); |
|
204 | } |
||
205 | |||
206 | function mysql_list_tables($databaseName, \mysqli $link = null) |
||
207 | { |
||
208 | 3 | $link = \Dshafik\MySQL::getConnection($link); |
|
209 | 3 | $query = sprintf( |
|
210 | 3 | 'SHOW TABLES FROM `%s`', |
|
211 | 3 | mysql_real_escape_string($databaseName, $link) |
|
212 | ); |
||
213 | 3 | return mysql_query($query, $link); |
|
214 | } |
||
215 | |||
216 | function mysql_list_fields($databaseName, $tableName, \mysqli $link = null) |
||
217 | { |
||
218 | 3 | $link = \Dshafik\MySQL::getConnection($link); |
|
219 | |||
220 | 3 | $query = sprintf( |
|
221 | 3 | 'SHOW COLUMNS FROM `%s`.`%s`', |
|
222 | 3 | mysqli_real_escape_string($link, $databaseName), |
|
223 | 3 | mysqli_real_escape_string($link, $tableName) |
|
224 | ); |
||
225 | |||
226 | 3 | $result = mysql_query($query, $link); |
|
227 | |||
228 | 3 | if ($result instanceof \mysqli_result) { |
|
229 | 2 | $result->table = $tableName; |
|
230 | 2 | return $result; |
|
231 | } |
||
232 | |||
233 | 1 | trigger_error('mysql_list_fields(): Unable to save MySQL query result', E_USER_WARNING); |
|
234 | // @codeCoverageIgnoreStart |
||
235 | return false; |
||
236 | // @codeCoverageIgnoreEnd |
||
237 | } |
||
238 | |||
239 | function mysql_list_processes(\mysqli $link = null) |
||
240 | { |
||
241 | return mysql_query('SHOW PROCESSLIST', $link); |
||
242 | } |
||
243 | |||
244 | function mysql_error(\mysqli $link = null) |
||
245 | { |
||
246 | 32 | return mysqli_error(\Dshafik\MySQL::getConnection($link)); |
|
247 | } |
||
248 | |||
249 | function mysql_errno(\mysqli $link = null) |
||
250 | { |
||
251 | 1 | return mysqli_errno(\Dshafik\MySQL::getConnection($link)); |
|
252 | } |
||
253 | |||
254 | function mysql_affected_rows(\mysqli $link = null) |
||
255 | { |
||
256 | 1 | return mysqli_affected_rows(\Dshafik\MySQL::getConnection($link)); |
|
257 | } |
||
258 | |||
259 | function mysql_insert_id($link = null) /*|*/ |
||
260 | { |
||
261 | 1 | return mysqli_insert_id(\Dshafik\MySQL::getConnection($link)); |
|
262 | } |
||
263 | |||
264 | function mysql_result($result, $row, $field = 0) |
||
265 | { |
||
266 | 8 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
267 | // @codeCoverageIgnoreStart |
||
268 | return false; |
||
269 | // @codeCoverageIgnoreEnd |
||
270 | } |
||
271 | |||
272 | 7 | if (!mysqli_data_seek($result, $row)) { |
|
273 | 1 | trigger_error( |
|
274 | 1 | sprintf( |
|
275 | 1 | 'mysql_result(): Unable to jump to row %d on MySQL result index %s', |
|
276 | 1 | $row, |
|
277 | 1 | spl_object_hash($result) |
|
278 | ), |
||
279 | 1 | E_USER_WARNING |
|
280 | ); |
||
281 | // @codeCoverageIgnoreStart |
||
282 | return false; |
||
283 | // @codeCoverageIgnoreEnd |
||
284 | } |
||
285 | |||
286 | 6 | $found = true; |
|
287 | 6 | if (strpos($field, '.') !== false) { |
|
288 | 3 | list($table, $name) = explode('.', $field); |
|
289 | 3 | $i = 0; |
|
290 | 3 | $found = false; |
|
291 | 3 | mysqli_field_seek($result, 0); |
|
292 | 3 | while ($column = mysqli_fetch_field($result)) { |
|
293 | 3 | if ($column->table === $table && $column->name === $name) { |
|
294 | 2 | $field = $i; |
|
295 | 2 | $found = true; |
|
296 | 2 | break; |
|
297 | } |
||
298 | 3 | $i++; |
|
299 | } |
||
300 | } |
||
301 | |||
302 | 6 | $row = mysql_fetch_array($result); |
|
303 | 6 | if ($found && array_key_exists($field, $row)) { |
|
304 | 4 | return $row[$field]; |
|
305 | } |
||
306 | |||
307 | 2 | trigger_error( |
|
308 | 2 | sprintf( |
|
309 | 2 | '%s(): %s not found in MySQL result index %s', |
|
310 | 2 | __FUNCTION__, |
|
311 | 2 | $field, |
|
312 | 2 | spl_object_hash($result) |
|
313 | ), |
||
314 | 2 | E_USER_WARNING |
|
315 | ); |
||
316 | // @codeCoverageIgnoreStart |
||
317 | return false; |
||
318 | // @codeCoverageIgnoreEnd |
||
319 | } |
||
320 | |||
321 | function mysql_num_rows($result) |
||
322 | { |
||
323 | 14 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
324 | // @codeCoverageIgnoreStart |
||
325 | return false; |
||
326 | // @codeCoverageIgnoreEnd |
||
327 | } |
||
328 | |||
329 | 13 | $previous = error_reporting(0); |
|
330 | 13 | $rows = mysqli_num_rows($result); |
|
331 | 13 | error_reporting($previous); |
|
332 | |||
333 | 13 | return $rows; |
|
334 | } |
||
335 | |||
336 | function mysql_num_fields($result) |
||
337 | { |
||
338 | 3 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
339 | // @codeCoverageIgnoreStart |
||
340 | return false; |
||
341 | // @codeCoverageIgnoreEnd |
||
342 | } |
||
343 | 1 | return mysqli_num_fields($result); |
|
344 | } |
||
345 | |||
346 | function mysql_fetch_row($result) |
||
347 | { |
||
348 | 6 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
349 | // @codeCoverageIgnoreStart |
||
350 | return false; |
||
351 | // @codeCoverageIgnoreEnd |
||
352 | } |
||
353 | 5 | return mysqli_fetch_row($result) ?: false; |
|
354 | } |
||
355 | |||
356 | function mysql_fetch_array($result, $resultType = MYSQL_BOTH) |
||
357 | { |
||
358 | 11 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
359 | // @codeCoverageIgnoreStart |
||
360 | return false; |
||
361 | // @codeCoverageIgnoreEnd |
||
362 | } |
||
363 | 10 | return mysqli_fetch_array($result, $resultType) ?: false; |
|
364 | } |
||
365 | |||
366 | function mysql_fetch_assoc($result) /* : array|null */ |
||
367 | { |
||
368 | 9 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
369 | // @codeCoverageIgnoreStart |
||
370 | return false; |
||
371 | // @codeCoverageIgnoreEnd |
||
372 | } |
||
373 | |||
374 | 8 | return mysqli_fetch_assoc($result) ?: false; |
|
375 | } |
||
376 | |||
377 | function mysql_fetch_object($result, $class = null, array $params = array()) /* : object|null */ |
||
0 ignored issues
–
show
|
|||
378 | { |
||
379 | 3 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
380 | // @codeCoverageIgnoreStart |
||
381 | return false; |
||
382 | // @codeCoverageIgnoreEnd |
||
383 | } |
||
384 | |||
385 | 2 | if ($class === null) { |
|
386 | 2 | $object = mysqli_fetch_object($result); |
|
387 | } else { |
||
388 | $object = mysqli_fetch_object($result, $class, $params); |
||
389 | } |
||
390 | |||
391 | 2 | return $object ?: false; |
|
392 | } |
||
393 | |||
394 | function mysql_data_seek($result, $offset) |
||
395 | { |
||
396 | 1 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
397 | // @codeCoverageIgnoreStart |
||
398 | return false; |
||
399 | // @codeCoverageIgnoreEnd |
||
400 | } |
||
401 | return mysqli_data_seek($result, $offset); |
||
402 | } |
||
403 | |||
404 | function mysql_fetch_lengths($result) /* : array|*/ |
||
405 | { |
||
406 | 1 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
407 | // @codeCoverageIgnoreStart |
||
408 | return false; |
||
409 | // @codeCoverageIgnoreEnd |
||
410 | } |
||
411 | return mysqli_fetch_lengths($result); |
||
412 | } |
||
413 | |||
414 | function mysql_fetch_field($result) /* : object|*/ |
||
415 | { |
||
416 | 4 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
417 | // @codeCoverageIgnoreStart |
||
418 | return false; |
||
419 | // @codeCoverageIgnoreEnd |
||
420 | } |
||
421 | 2 | $res = mysqli_fetch_field($result); |
|
422 | 2 | if ($res instanceof \stdClass) { |
|
423 | 2 | $res->not_null = ($res->flags & MYSQLI_NOT_NULL_FLAG) ? 1 : 0; |
|
424 | 2 | $res->primary_key = ($res->flags & MYSQLI_PRI_KEY_FLAG ) ? 1 : 0; |
|
425 | 2 | $res->unique_key = ($res->flags & MYSQLI_UNIQUE_KEY_FLAG ) ? 1 : 0; |
|
426 | 2 | $res->multiple_key = ($res->flags & MYSQLI_MULTIPLE_KEY_FLAG ) ? 1 : 0; |
|
427 | 2 | $res->numeric = ($res->flags & MYSQLI_NUM_FLAG ) ? 1 : 0; |
|
428 | 2 | $res->blob = ($res->flags & MYSQLI_BLOB_FLAG ) ? 1 : 0; |
|
429 | 2 | $res->unsigned = ($res->flags & MYSQLI_UNSIGNED_FLAG ) ? 1 : 0; |
|
430 | 2 | $res->zerofill = ($res->flags & MYSQLI_ZEROFILL_FLAG ) ? 1 : 0; |
|
431 | } |
||
432 | 2 | return $res; |
|
433 | } |
||
434 | |||
435 | function mysql_field_seek($result, $field) |
||
436 | { |
||
437 | 1 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
438 | // @codeCoverageIgnoreStart |
||
439 | return false; |
||
440 | // @codeCoverageIgnoreEnd |
||
441 | } |
||
442 | return mysqli_field_seek($result, $field); |
||
443 | } |
||
444 | |||
445 | function mysql_free_result($result) |
||
446 | { |
||
447 | 2 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
448 | // @codeCoverageIgnoreStart |
||
449 | return false; |
||
450 | // @codeCoverageIgnoreEnd |
||
451 | } |
||
452 | 1 | return mysqli_free_result($result); |
|
453 | } |
||
454 | |||
455 | View Code Duplication | function mysql_field_name($result, $field) |
|
456 | { |
||
457 | 4 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
458 | // @codeCoverageIgnoreStart |
||
459 | return false; |
||
460 | // @codeCoverageIgnoreEnd |
||
461 | } |
||
462 | 3 | return \Dshafik\MySQL::mysqlFieldInfo($result, $field, 'name'); |
|
463 | } |
||
464 | |||
465 | function mysql_field_table($result, $field) |
||
466 | { |
||
467 | 4 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
468 | // @codeCoverageIgnoreStart |
||
469 | return false; |
||
470 | // @codeCoverageIgnoreEnd |
||
471 | } |
||
472 | 3 | return \Dshafik\MySQL::mysqlFieldInfo($result, $field, 'table'); |
|
473 | } |
||
474 | |||
475 | function mysql_field_len($result, $field) |
||
476 | { |
||
477 | 4 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
478 | // @codeCoverageIgnoreStart |
||
479 | return false; |
||
480 | // @codeCoverageIgnoreEnd |
||
481 | } |
||
482 | 3 | return \Dshafik\MySQL::mysqlFieldInfo($result, $field, 'length'); |
|
483 | } |
||
484 | |||
485 | View Code Duplication | function mysql_field_type($result, $field) |
|
486 | { |
||
487 | 4 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
488 | // @codeCoverageIgnoreStart |
||
489 | return false; |
||
490 | // @codeCoverageIgnoreEnd |
||
491 | } |
||
492 | 3 | return \Dshafik\MySQL::mysqlFieldInfo($result, $field, 'type'); |
|
493 | } |
||
494 | |||
495 | function mysql_field_flags($result, $field) |
||
496 | { |
||
497 | 4 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
498 | // @codeCoverageIgnoreStart |
||
499 | return false; |
||
500 | // @codeCoverageIgnoreEnd |
||
501 | } |
||
502 | 3 | return \Dshafik\MySQL::mysqlFieldInfo($result, $field, 'flags'); |
|
503 | } |
||
504 | |||
505 | function mysql_escape_string($unescapedString) |
||
506 | { |
||
507 | 2 | if (\Dshafik\MySQL::$last_connection === null) { |
|
508 | 2 | trigger_error( |
|
509 | 2 | sprintf( |
|
510 | 2 | '%s() is insecure; use mysql_real_escape_string() instead!', |
|
511 | 2 | __FUNCTION__ |
|
512 | ), |
||
513 | 2 | E_USER_NOTICE |
|
514 | ); |
||
515 | |||
516 | 1 | return \Dshafik\MySQL::escapeString($unescapedString); |
|
517 | } |
||
518 | return mysql_real_escape_string($unescapedString, null); |
||
519 | } |
||
520 | |||
521 | function mysql_real_escape_string($unescapedString, \mysqli $link = null) |
||
522 | { |
||
523 | 3 | return mysqli_escape_string(\Dshafik\MySQL::getConnection($link), $unescapedString); |
|
524 | } |
||
525 | |||
526 | function mysql_stat(\mysqli $link = null) |
||
527 | { |
||
528 | return mysqli_stat(\Dshafik\MySQL::getConnection($link)); |
||
529 | } |
||
530 | |||
531 | function mysql_thread_id(\mysqli $link = null) |
||
532 | { |
||
533 | return mysqli_thread_id(\Dshafik\MySQL::getConnection($link)); |
||
534 | } |
||
535 | |||
536 | function mysql_client_encoding(\mysqli $link = null) |
||
537 | { |
||
538 | return mysqli_character_set_name(\Dshafik\MySQL::getConnection($link)); |
||
539 | } |
||
540 | |||
541 | function mysql_ping(\mysqli $link = null) |
||
542 | { |
||
543 | return mysqli_ping(\Dshafik\MySQL::getConnection($link)); |
||
544 | } |
||
545 | |||
546 | function mysql_get_client_info(\mysqli $link = null) |
||
547 | { |
||
548 | return mysqli_get_client_info(\Dshafik\MySQL::getConnection($link)); |
||
549 | } |
||
550 | |||
551 | function mysql_get_host_info(\mysqli $link = null) |
||
552 | { |
||
553 | return mysqli_get_host_info(\Dshafik\MySQL::getConnection($link)); |
||
554 | } |
||
555 | |||
556 | function mysql_get_proto_info(\mysqli $link = null) |
||
557 | { |
||
558 | return mysqli_get_proto_info(\Dshafik\MySQL::getConnection($link)); |
||
559 | } |
||
560 | |||
561 | function mysql_get_server_info(\mysqli $link = null) |
||
562 | { |
||
563 | return mysqli_get_server_info(\Dshafik\MySQL::getConnection($link)); |
||
564 | } |
||
565 | |||
566 | function mysql_info(\mysqli $link = null) |
||
567 | { |
||
568 | return mysqli_info(\Dshafik\MySQL::getConnection($link)); |
||
569 | } |
||
570 | |||
571 | function mysql_set_charset($charset, \mysqli $link = null) |
||
572 | { |
||
573 | return mysqli_set_charset(\Dshafik\MySQL::getConnection($link), $charset); |
||
574 | } |
||
575 | |||
576 | function mysql_db_name($result, $row, $field = 0) |
||
577 | { |
||
578 | 2 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
579 | // @codeCoverageIgnoreStart |
||
580 | return false; |
||
581 | // @codeCoverageIgnoreEnd |
||
582 | } |
||
583 | |||
584 | // Alias as per https://github.com/php/php-src/blob/PHP-5.6/ext/mysql/php_mysql.c#L319 |
||
585 | 1 | return mysql_result($result, $row, $field); |
|
586 | } |
||
587 | |||
588 | function mysql_tablename($result, $row) |
||
589 | { |
||
590 | 1 | if (!\Dshafik\MySQL::checkValidResult($result, __FUNCTION__)) { |
|
591 | // @codeCoverageIgnoreStart |
||
592 | return false; |
||
593 | // @codeCoverageIgnoreEnd |
||
594 | } |
||
595 | |||
596 | // Alias as per http://lxr.php.net/xref/PHP_5_6/ext/mysql/php_mysql.c#321 |
||
597 | return mysql_result($result, $row, 'Table'); |
||
598 | } |
||
599 | |||
600 | /* Aliases */ |
||
601 | |||
602 | function mysql_fieldname($result, $field) |
||
603 | { |
||
604 | return mysql_field_name($result, $field); |
||
605 | } |
||
606 | |||
607 | function mysql_fieldtable($result, $field) |
||
608 | { |
||
609 | return mysql_field_table($result, $field); |
||
610 | } |
||
611 | |||
612 | function mysql_fieldlen($result, $field) |
||
613 | { |
||
614 | return mysql_field_len($result, $field); |
||
615 | } |
||
616 | |||
617 | function mysql_fieldtype($result, $field) |
||
618 | { |
||
619 | return mysql_field_type($result, $field); |
||
620 | } |
||
621 | |||
622 | function mysql_fieldflags($result, $field) |
||
623 | { |
||
624 | return mysql_field_flags($result, $field); |
||
625 | } |
||
626 | |||
627 | function mysql_selectdb($databaseName, $link = null) |
||
628 | { |
||
629 | return mysql_select_db($databaseName, $link); |
||
630 | } |
||
631 | |||
632 | function mysql_freeresult($result) |
||
633 | { |
||
634 | return mysql_free_result($result); |
||
635 | } |
||
636 | |||
637 | function mysql_numfields($result) |
||
638 | { |
||
639 | return mysql_num_fields($result); |
||
640 | } |
||
641 | |||
642 | function mysql_numrows($result) |
||
643 | { |
||
644 | return mysql_num_rows($result); |
||
645 | } |
||
646 | |||
647 | function mysql_listdbs($link) |
||
648 | { |
||
649 | return mysql_list_dbs($link); |
||
650 | } |
||
651 | |||
652 | function mysql_listtables($databaseName, $link = null) |
||
653 | { |
||
654 | return mysql_list_tables($databaseName, $link); |
||
655 | } |
||
656 | |||
657 | function mysql_listfields($databaseName, $tableName, $link = null) |
||
658 | { |
||
659 | return mysql_list_fields($databaseName, $tableName, $link); |
||
660 | } |
||
661 | |||
662 | function mysql_dbname($result, $row, $field = 0) |
||
663 | { |
||
664 | return mysql_db_name($result, $row, $field); |
||
665 | } |
||
666 | |||
667 | function mysql_table_name($result, $row) |
||
668 | { |
||
669 | return mysql_tablename($result, $row); |
||
670 | } |
||
671 | } |
||
672 | } |
||
673 | |||
674 | namespace Dshafik { |
||
675 | |||
676 | class MySQL |
||
677 | { |
||
678 | public static $last_connection = null; |
||
679 | public static $connections = array(); |
||
680 | |||
681 | 89 | public static function getConnection($link = null, $func = null) |
|
682 | { |
||
683 | 89 | if ($link !== null) { |
|
684 | 9 | return $link; |
|
685 | } |
||
686 | |||
687 | 89 | if (static::$last_connection === null) { |
|
688 | 28 | $err = 'A link to the server could not be established'; |
|
689 | 28 | if ($func !== null) { |
|
690 | 28 | $err = $func . '(): no MySQL-Link resource supplied'; |
|
691 | } |
||
692 | 28 | trigger_error($err, E_USER_WARNING); |
|
693 | 28 | return false; |
|
694 | } |
||
695 | |||
696 | 62 | return static::$last_connection; |
|
697 | } |
||
698 | |||
699 | 7 | public static function mysqlFieldInfo(\mysqli_result $result, $field, $what) |
|
700 | { |
||
701 | try { |
||
702 | 7 | $field = mysqli_fetch_field_direct($result, $field); |
|
703 | 5 | } catch (\Exception $e) { |
|
704 | 5 | trigger_error( |
|
705 | 5 | sprintf( |
|
706 | 5 | 'mysql_field_%s(): Field %d is invalid for MySQL result index %s', |
|
707 | 5 | ($what !== 'length') ? $what : 'len', |
|
708 | $field, |
||
709 | 5 | spl_object_hash($result) |
|
710 | ), |
||
711 | 5 | E_USER_WARNING |
|
712 | ); |
||
713 | // @codeCoverageIgnoreStart |
||
714 | // PHPUnit turns the warning into an exception, so this never runs |
||
715 | return false; |
||
716 | // @codeCoverageIgnoreEnd |
||
717 | } |
||
718 | |||
719 | 2 | if ($what === 'type') { |
|
720 | 2 | return static::getFieldType($field->type); |
|
721 | } |
||
722 | |||
723 | 2 | if ($what === 'flags') { |
|
724 | 2 | return static::getFieldFlags($field->flags); |
|
725 | } |
||
726 | |||
727 | 2 | if (isset($field->{$what})) { |
|
728 | 2 | return $field->{$what}; |
|
729 | } |
||
730 | |||
731 | return false; |
||
732 | } |
||
733 | |||
734 | 60 | public static function checkValidResult($result, $function) |
|
735 | { |
||
736 | 60 | if (!($result instanceof \mysqli_result)) { |
|
737 | 22 | $type = strtolower(gettype($result)); |
|
738 | 22 | $file = ""; |
|
739 | 22 | $backtrace = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS); |
|
740 | 22 | $backtraceIndex = 0; |
|
741 | |||
742 | /** |
||
743 | * Iterate through backtrace until finding a backtrace with an origin |
||
744 | * Some methods may not leave file and line metadata like call_user_func_array and __call |
||
745 | */ |
||
746 | do { |
||
747 | 22 | $currentBacktrace = $backtrace[$backtraceIndex]; |
|
748 | 22 | $callerHasFileAndLine = isset($currentBacktrace['file'], $currentBacktrace['line']); |
|
749 | |||
750 | 22 | if ($callerHasFileAndLine && $currentBacktrace['file'] != __FILE__) { |
|
751 | 22 | $file = $currentBacktrace['file'] . ':' . $currentBacktrace['line']; |
|
752 | } |
||
753 | 22 | } while ($backtraceIndex++ < count($backtrace) && $file == ""); |
|
754 | |||
755 | 22 | if ($function !== 'mysql_fetch_object') { |
|
756 | 21 | trigger_error( |
|
757 | 21 | "$function() expects parameter 1 to be resource, $type given on $file", |
|
758 | 21 | E_USER_WARNING |
|
759 | ); |
||
760 | } |
||
761 | |||
762 | 1 | if ($function === 'mysql_fetch_object') { |
|
763 | 1 | trigger_error( |
|
764 | 1 | "$function(): supplied argument is not a valid MySQL result resource on $file", |
|
765 | 1 | E_USER_WARNING |
|
766 | ); |
||
767 | } |
||
768 | return false; |
||
769 | } |
||
770 | |||
771 | 38 | return true; |
|
772 | } |
||
773 | |||
774 | 1 | public static function escapeString($unescapedString) |
|
775 | { |
||
776 | 1 | $escapedString = ''; |
|
777 | 1 | for ($i = 0, $max = strlen($unescapedString); $i < $max; $i++) { |
|
778 | 1 | $escapedString .= self::escapeChar($unescapedString[$i]); |
|
779 | } |
||
780 | |||
781 | 1 | return $escapedString; |
|
782 | } |
||
783 | |||
784 | 2 | protected static function getFieldFlags($what) |
|
785 | { |
||
786 | // Order of flags taken from http://lxr.php.net/xref/PHP_5_6/ext/mysql/php_mysql.c#2507 |
||
787 | $flags = array( |
||
788 | 2 | MYSQLI_NOT_NULL_FLAG => 'not_null', |
|
789 | 2 | MYSQLI_PRI_KEY_FLAG => 'primary_key', |
|
790 | 2 | MYSQLI_UNIQUE_KEY_FLAG => 'unique_key', |
|
791 | 2 | MYSQLI_MULTIPLE_KEY_FLAG => 'multiple_key', |
|
792 | 2 | MYSQLI_BLOB_FLAG => 'blob', |
|
793 | 2 | MYSQLI_UNSIGNED_FLAG => 'unsigned', |
|
794 | 2 | MYSQLI_ZEROFILL_FLAG => 'zerofill', |
|
795 | 2 | MYSQLI_BINARY_FLAG => 'binary', |
|
796 | 2 | MYSQLI_ENUM_FLAG => 'enum', |
|
797 | 2 | MYSQLI_SET_FLAG => 'set', |
|
798 | 2 | MYSQLI_AUTO_INCREMENT_FLAG => 'auto_increment', |
|
799 | 2 | MYSQLI_TIMESTAMP_FLAG => 'timestamp', |
|
800 | ); |
||
801 | |||
802 | 2 | $fieldFlags = array(); |
|
803 | 2 | foreach ($flags as $flag => $value) { |
|
804 | 2 | if ($what & $flag) { |
|
805 | 2 | $fieldFlags[] = $value; |
|
806 | } |
||
807 | } |
||
808 | |||
809 | 2 | return implode(' ', $fieldFlags); |
|
810 | } |
||
811 | |||
812 | 2 | protected static function getFieldType($what) |
|
813 | { |
||
814 | $types = array( |
||
815 | 2 | MYSQLI_TYPE_STRING => 'string', |
|
816 | 2 | MYSQLI_TYPE_VAR_STRING => 'string', |
|
817 | 2 | MYSQLI_TYPE_ENUM => 'string', |
|
818 | 2 | MYSQLI_TYPE_SET => 'string', |
|
819 | |||
820 | 2 | MYSQLI_TYPE_LONG => 'int', |
|
821 | 2 | MYSQLI_TYPE_TINY => 'int', |
|
822 | 2 | MYSQLI_TYPE_SHORT => 'int', |
|
823 | 2 | MYSQLI_TYPE_INT24 => 'int', |
|
824 | 2 | MYSQLI_TYPE_CHAR => 'int', |
|
825 | 2 | MYSQLI_TYPE_LONGLONG => 'int', |
|
826 | |||
827 | 2 | MYSQLI_TYPE_DECIMAL => 'real', |
|
828 | 2 | MYSQLI_TYPE_FLOAT => 'real', |
|
829 | 2 | MYSQLI_TYPE_DOUBLE => 'real', |
|
830 | 2 | MYSQLI_TYPE_NEWDECIMAL => 'real', |
|
831 | |||
832 | 2 | MYSQLI_TYPE_TINY_BLOB => 'blob', |
|
833 | 2 | MYSQLI_TYPE_MEDIUM_BLOB => 'blob', |
|
834 | 2 | MYSQLI_TYPE_LONG_BLOB => 'blob', |
|
835 | 2 | MYSQLI_TYPE_BLOB => 'blob', |
|
836 | |||
837 | 2 | MYSQLI_TYPE_NEWDATE => 'date', |
|
838 | 2 | MYSQLI_TYPE_DATE => 'date', |
|
839 | 2 | MYSQLI_TYPE_TIME => 'time', |
|
840 | 2 | MYSQLI_TYPE_YEAR => 'year', |
|
841 | 2 | MYSQLI_TYPE_DATETIME => 'datetime', |
|
842 | 2 | MYSQLI_TYPE_TIMESTAMP => 'timestamp', |
|
843 | |||
844 | 2 | MYSQLI_TYPE_NULL => 'null', |
|
845 | |||
846 | 2 | MYSQLI_TYPE_GEOMETRY => 'geometry', |
|
847 | ); |
||
848 | |||
849 | 2 | return isset($types[$what]) ? $types[$what] : 'unknown'; |
|
850 | } |
||
851 | |||
852 | 1 | protected static function escapeChar($char) |
|
853 | { |
||
854 | 1 | switch ($char) { |
|
855 | 1 | case "\0": |
|
856 | 1 | $esc = "\\0"; |
|
857 | 1 | break; |
|
858 | 1 | case "\n": |
|
859 | 1 | $esc = "\\n"; |
|
860 | 1 | break; |
|
861 | 1 | case "\r": |
|
862 | 1 | $esc = "\\r"; |
|
863 | 1 | break; |
|
864 | 1 | case '\\': |
|
865 | 1 | case '\'': |
|
866 | 1 | case '"': |
|
867 | 1 | $esc = "\\{$char}"; |
|
868 | 1 | break; |
|
869 | 1 | case "\032": |
|
870 | 1 | $esc = "\\Z"; |
|
871 | 1 | break; |
|
872 | default: |
||
873 | 1 | $esc = $char; |
|
874 | 1 | break; |
|
875 | } |
||
876 | |||
877 | 1 | return $esc; |
|
878 | } |
||
879 | } |
||
880 | } |
||
881 |
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it.
The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production.
This check looks for comments that seem to be mostly valid code and reports them.