Issues in DB.php (main) - Issues in main - fisharebest/webtrees - Measure and Improve Code Quality continuously with Scrutinizer

Issues (2559)

app/DB.php (1 issue)

Labels

Bug 1

Severity

Major 1

<?php

/**
 * webtrees: online genealogy
 * Copyright (C) 2025 webtrees development team
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <https://www.gnu.org/licenses/>.
 */

declare(strict_types=1);

namespace Fisharebest\Webtrees;

use Closure;
use Illuminate\Database\Capsule\Manager;
use Illuminate\Database\Query\Builder;
use Illuminate\Database\Query\Expression;
use PDO;
use PDOException;
use RuntimeException;
use SensitiveParameter;

/**
 * Database abstraction
 */
class DB extends Manager
{
    // Supported drivers
    public const string MYSQL      = 'mysql';

    public const string POSTGRES   = 'pgsql';
    public const string SQLITE     = 'sqlite';
    public const string SQL_SERVER = 'sqlsrv';

    private const array COLLATION_ASCII = [
        self::MYSQL      => 'ascii_bin',
        self::POSTGRES   => 'C',
        self::SQLITE     => 'BINARY',
        self::SQL_SERVER => 'Latin1_General_Bin',
    ];

    private const array COLLATION_UTF8 = [
        self::MYSQL      => 'utf8mb4_unicode_ci',
        self::POSTGRES   => 'und-x-icu',
        self::SQLITE     => 'NOCASE',
        self::SQL_SERVER => 'utf8_CI_AI',
    ];

    private const array REGEX_OPERATOR = [
        self::MYSQL      => 'REGEXP',
        self::POSTGRES   => '~',
        self::SQLITE     => 'REGEXP',
        self::SQL_SERVER => 'REGEXP',
    ];

    private const array DRIVER_INITIALIZATION = [
        self::MYSQL      => "SET NAMES utf8mb4, sql_mode := 'ANSI,STRICT_ALL_TABLES', TIME_ZONE := '+00:00', SQL_BIG_SELECTS := 1, GROUP_CONCAT_MAX_LEN := 1048576",
        self::POSTGRES   => '',
        self::SQLITE     => 'PRAGMA foreign_keys = ON',
        self::SQL_SERVER => 'SET language us_english', // For timestamp columns
    ];

    public static function connect(
        #[SensitiveParameter]
        string $driver,
        #[SensitiveParameter]
        string $host,
        #[SensitiveParameter]
        string $port,
        #[SensitiveParameter]
        string $database,
        #[SensitiveParameter]
        string $username,
        #[SensitiveParameter]
        string $password,
        #[SensitiveParameter]
        string $prefix,
        #[SensitiveParameter]
        string $key,
        #[SensitiveParameter]
        string $certificate,
        #[SensitiveParameter]
        string $ca,
        #[SensitiveParameter]
        bool $verify_certificate,
    ): void {
        $options = [
            // Some drivers do this and some don't. Make them consistent.
            PDO::ATTR_STRINGIFY_FETCHES => true,
        ];

        // MySQL/MariaDB support encrypted connections
        if ($driver === self::MYSQL && $key !== '' && $certificate !== '' && $ca !== '') {
            $options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = $verify_certificate;
            $options[PDO::MYSQL_ATTR_SSL_KEY]                = Webtrees::ROOT_DIR . 'data/' . $key;
            $options[PDO::MYSQL_ATTR_SSL_CERT]               = Webtrees::ROOT_DIR . 'data/' . $certificate;
            $options[PDO::MYSQL_ATTR_SSL_CA]                 = Webtrees::ROOT_DIR . 'data/' . $ca;
        }

        if ($driver === self::SQLITE && $database !== ':memory:') {
            $database = Webtrees::ROOT_DIR . 'data/' . $database . '.sqlite';
        }

        $capsule = new self();
        $capsule->addConnection([
            'driver'                   => $driver,
            'host'                     => $host,
            'port'                     => $port,
            'database'                 => $database,
            'username'                 => $username,
            'password'                 => $password,
            'prefix'                   => $prefix,
            'prefix_indexes'           => true,
            'options'                  => $options,
            'trust_server_certificate' => true, // For SQL-Server - #5246
        ]);
        $capsule->setAsGlobal();

        // Eager-load the connection, to prevent database credentials appearing in error logs.
        try {
            self::pdo();
        } catch (PDOException $exception) {
            throw new RuntimeException($exception->getMessage());
        }

        $sql = self::DRIVER_INITIALIZATION[$driver];

        if ($sql !== '') {
            self::exec($sql);
        }
    }

    public static function driverName(): string
    {
        return self::pdo()->getAttribute(PDO::ATTR_DRIVER_NAME);
    }

    public static function exec(string $sql): int|false
    {
        return self::pdo()->exec($sql);
    }

    public static function lastInsertId(): int
    {
        $return = self::pdo()->lastInsertId();

        if ($return === false) {
            throw new RuntimeException('Unable to retrieve last insert ID');
        }

        // All IDs are integers in our schema.
        return (int) $return;
    }

    private static function pdo(): PDO
    {
        return parent::connection()->getPdo();
    }

    public static function prefix(string $identifier): string
    {
        return parent::connection()->getTablePrefix() . $identifier;
    }

    /**
     * SQL-Server needs to be told that we are going to insert into an identity column.
     *
     * @param Closure(): void $callback
     */
    public static function identityInsert(string $table, Closure $callback): void
    {
        if (self::driverName() === self::SQL_SERVER) {
            self::exec('SET IDENTITY_INSERT [' . self::prefix(identifier: $table) . '] ON');
        }

        $callback();

        if (self::driverName() === self::SQL_SERVER) {
            self::exec('SET IDENTITY_INSERT [' . self::prefix(identifier: $table) . '] OFF');
        }
    }

    public static function rollBack(): void
    {
        parent::connection()->rollBack();
    }

    /**
     * @internal
     *
     * @param list<string> $expressions
     */
    public static function concat(array $expressions): string
    {
        if (self::driverName() === self::SQL_SERVER) {
            return 'CONCAT(' . implode(', ', $expressions) . ')';
        }

        // ANSI standard.  MySQL uses this with ANSI mode
        return '(' . implode(' || ', $expressions) . ')';
    }

    /**
     * @internal
     */
    public static function iLike(): string
    {
        if (self::driverName() === self::POSTGRES) {
            return 'ILIKE';
        }

        return 'LIKE';
    }

    /**
     * @internal
     */
    public static function groupConcat(string $column): string
    {
        switch (self::driverName()) {
            case self::POSTGRES:
            case self::SQL_SERVER:
                return 'STRING_AGG(' . $column . ", ',')";

            case self::MYSQL:
            case self::SQLITE:
            default:
                return 'GROUP_CONCAT(' . $column . ')';
        }
    }

    /**
     * @return Expression<string>
     */
    public static function binaryColumn(string $column, string|null $alias = null): Expression
    {
        if (self::driverName() === self::MYSQL) {
            $sql = 'CAST(' . $column . ' AS binary)';
        } else {
            $sql = $column;
        }

        if ($alias !== null) {
            $sql .= ' AS ' . $alias;
        }

        return new Expression($sql);
    }

    public static function regexOperator(): string
    {
        return self::REGEX_OPERATOR[self::driverName()];
    }

    /**
     * PHPSTAN can't detect the magic methods in the parent class.
     */
    public static function query(): Builder
    {
        return parent::connection()->query();
    }
}


1			<?php
2
3			/**
4			* webtrees: online genealogy
5			* Copyright (C) 2025 webtrees development team
6			* This program is free software: you can redistribute it and/or modify
7			* it under the terms of the GNU General Public License as published by
8			* the Free Software Foundation, either version 3 of the License, or
9			* (at your option) any later version.
10			* This program is distributed in the hope that it will be useful,
11			* but WITHOUT ANY WARRANTY; without even the implied warranty of
12			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13			* GNU General Public License for more details.
14			* You should have received a copy of the GNU General Public License
15			* along with this program. If not, see <https://www.gnu.org/licenses/>.
16			*/
17
18			declare(strict_types=1);
19
20			namespace Fisharebest\Webtrees;
21
22			use Closure;
23			use Illuminate\Database\Capsule\Manager;
24			use Illuminate\Database\Query\Builder;
25			use Illuminate\Database\Query\Expression;
26			use PDO;
27			use PDOException;
28			use RuntimeException;
29			use SensitiveParameter;
30
31			/**
32			* Database abstraction
33			*/
34			class DB extends Manager
35			{
36			// Supported drivers
37			public const string MYSQL = 'mysql';
			0 ignored issues – show Bug introduced 2025-01-16 17:13 UTC by Report Bug Copy Issue Report Show Similar Issues like this A parse error occurred: Syntax error, unexpected T_STRING, expecting '=' on line 37 at column 24 Loading history...
38			public const string POSTGRES = 'pgsql';
39			public const string SQLITE = 'sqlite';
40			public const string SQL_SERVER = 'sqlsrv';
41
42			private const array COLLATION_ASCII = [
43			self::MYSQL => 'ascii_bin',
44			self::POSTGRES => 'C',
45			self::SQLITE => 'BINARY',
46			self::SQL_SERVER => 'Latin1_General_Bin',
47			];
48
49			private const array COLLATION_UTF8 = [
50			self::MYSQL => 'utf8mb4_unicode_ci',
51			self::POSTGRES => 'und-x-icu',
52			self::SQLITE => 'NOCASE',
53			self::SQL_SERVER => 'utf8_CI_AI',
54			];
55
56			private const array REGEX_OPERATOR = [
57			self::MYSQL => 'REGEXP',
58			self::POSTGRES => '~',
59			self::SQLITE => 'REGEXP',
60			self::SQL_SERVER => 'REGEXP',
61			];
62
63			private const array DRIVER_INITIALIZATION = [
64			self::MYSQL => "SET NAMES utf8mb4, sql_mode := 'ANSI,STRICT_ALL_TABLES', TIME_ZONE := '+00:00', SQL_BIG_SELECTS := 1, GROUP_CONCAT_MAX_LEN := 1048576",
65			self::POSTGRES => '',
66			self::SQLITE => 'PRAGMA foreign_keys = ON',
67			self::SQL_SERVER => 'SET language us_english', // For timestamp columns
68			];
69
70			public static function connect(
71			#[SensitiveParameter]
72			string $driver,
73			#[SensitiveParameter]
74			string $host,
75			#[SensitiveParameter]
76			string $port,
77			#[SensitiveParameter]
78			string $database,
79			#[SensitiveParameter]
80			string $username,
81			#[SensitiveParameter]
82			string $password,
83			#[SensitiveParameter]
84			string $prefix,
85			#[SensitiveParameter]
86			string $key,
87			#[SensitiveParameter]
88			string $certificate,
89			#[SensitiveParameter]
90			string $ca,
91			#[SensitiveParameter]
92			bool $verify_certificate,
93			): void {
94			$options = [
95			// Some drivers do this and some don't. Make them consistent.
96			PDO::ATTR_STRINGIFY_FETCHES => true,
97			];
98
99			// MySQL/MariaDB support encrypted connections
100			if ($driver === self::MYSQL && $key !== '' && $certificate !== '' && $ca !== '') {
101			$options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = $verify_certificate;
102			$options[PDO::MYSQL_ATTR_SSL_KEY] = Webtrees::ROOT_DIR . 'data/' . $key;
103			$options[PDO::MYSQL_ATTR_SSL_CERT] = Webtrees::ROOT_DIR . 'data/' . $certificate;
104			$options[PDO::MYSQL_ATTR_SSL_CA] = Webtrees::ROOT_DIR . 'data/' . $ca;
105			}
106
107			if ($driver === self::SQLITE && $database !== ':memory:') {
108			$database = Webtrees::ROOT_DIR . 'data/' . $database . '.sqlite';
109			}
110
111			$capsule = new self();
112			$capsule->addConnection([
113			'driver' => $driver,
114			'host' => $host,
115			'port' => $port,
116			'database' => $database,
117			'username' => $username,
118			'password' => $password,
119			'prefix' => $prefix,
120			'prefix_indexes' => true,
121			'options' => $options,
122			'trust_server_certificate' => true, // For SQL-Server - #5246
123			]);
124			$capsule->setAsGlobal();
125
126			// Eager-load the connection, to prevent database credentials appearing in error logs.
127			try {
128			self::pdo();
129			} catch (PDOException $exception) {
130			throw new RuntimeException($exception->getMessage());
131			}
132
133			$sql = self::DRIVER_INITIALIZATION[$driver];
134
135			if ($sql !== '') {
136			self::exec($sql);
137			}
138			}
139
140			public static function driverName(): string
141			{
142			return self::pdo()->getAttribute(PDO::ATTR_DRIVER_NAME);
143			}
144
145			public static function exec(string $sql): int\|false
146			{
147			return self::pdo()->exec($sql);
148			}
149
150			public static function lastInsertId(): int
151			{
152			$return = self::pdo()->lastInsertId();
153
154			if ($return === false) {
155			throw new RuntimeException('Unable to retrieve last insert ID');
156			}
157
158			// All IDs are integers in our schema.
159			return (int) $return;
160			}
161
162			private static function pdo(): PDO
163			{
164			return parent::connection()->getPdo();
165			}
166
167			public static function prefix(string $identifier): string
168			{
169			return parent::connection()->getTablePrefix() . $identifier;
170			}
171
172			/**
173			* SQL-Server needs to be told that we are going to insert into an identity column.
174			*
175			* @param Closure(): void $callback
176			*/
177			public static function identityInsert(string $table, Closure $callback): void
178			{
179			if (self::driverName() === self::SQL_SERVER) {
180			self::exec('SET IDENTITY_INSERT [' . self::prefix(identifier: $table) . '] ON');
181			}
182
183			$callback();
184
185			if (self::driverName() === self::SQL_SERVER) {
186			self::exec('SET IDENTITY_INSERT [' . self::prefix(identifier: $table) . '] OFF');
187			}
188			}
189
190			public static function rollBack(): void
191			{
192			parent::connection()->rollBack();
193			}
194
195			/**
196			* @internal
197			*
198			* @param list<string> $expressions
199			*/
200			public static function concat(array $expressions): string
201			{
202			if (self::driverName() === self::SQL_SERVER) {
203			return 'CONCAT(' . implode(', ', $expressions) . ')';
204			}
205
206			// ANSI standard. MySQL uses this with ANSI mode
207			return '(' . implode(' \|\| ', $expressions) . ')';
208			}
209
210			/**
211			* @internal
212			*/
213			public static function iLike(): string
214			{
215			if (self::driverName() === self::POSTGRES) {
216			return 'ILIKE';
217			}
218
219			return 'LIKE';
220			}
221
222			/**
223			* @internal
224			*/
225			public static function groupConcat(string $column): string
226			{
227			switch (self::driverName()) {
228			case self::POSTGRES:
229			case self::SQL_SERVER:
230			return 'STRING_AGG(' . $column . ", ',')";
231
232			case self::MYSQL:
233			case self::SQLITE:
234			default:
235			return 'GROUP_CONCAT(' . $column . ')';
236			}
237			}
238
239			/**
240			* @return Expression<string>
241			*/
242			public static function binaryColumn(string $column, string\|null $alias = null): Expression
243			{
244			if (self::driverName() === self::MYSQL) {
245			$sql = 'CAST(' . $column . ' AS binary)';
246			} else {
247			$sql = $column;
248			}
249
250			if ($alias !== null) {
251			$sql .= ' AS ' . $alias;
252			}
253
254			return new Expression($sql);
255			}
256
257			public static function regexOperator(): string
258			{
259			return self::REGEX_OPERATOR[self::driverName()];
260			}
261
262			/**
263			* PHPSTAN can't detect the magic methods in the parent class.
264			*/
265			public static function query(): Builder
266			{
267			return parent::connection()->query();
268			}
269			}
270

fisharebest / webtrees

Issues (2559)

app/DB.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like