WebSVN – phpLibraryV2 – Diff – //head/DBQuery.class.php

 <?php
+   /*
+    * Class DBQuery
+    *
+    * PHP Class as a wrapper around the PDO class. Allows you to make
+    * the connection and run queries and/or DDL's if needed with the
+    * most common parameters (ie, not as flexible as PDO itself).
-   //require_once "DBDatabase.class.php";
+    * Enhancements include:
+    *
+    * Logs all queries with an optional username except select statements
+    * ie, anything that will change the system ( insert, delete, update,
+    * create, drop, alter, etc... ). Statement are logged with a date/time
+    * stamp, the user who performed the function, and the query executed
-   global $DEBUG;
+    *
+    * Errors are simply trapped and the message is stored in the public
+    * member $error. Functions which find an error return boolean false
+    *
-   define( 'HTML_QUOTE_CHAR', '"' );
+    * Public Functions are:
+    *    __construct   -- creates connection
-   define( 'CONSTANT_NO_VALUE_DROPDOWN', '--------' );
+    *    doSQL         -- executes an SQL query or DDL
+    *    errors        -- returns all errors not yet cleared
+    *                     can also directly access via public member errors
+    *
+    *    public static function makeSafeSQLConstant ( $value, $type='S', $default='null', $falsetrue='10' ) {
+    * Author: R. W. Rodolico (rodo@dailydata.net)
+    * Date: 2018-04-30
+    *
+    */
-   class DBQuery {
+   class DBQuery extends mysqli {
-      // following are used for the class with no instantiation
+      /* everything is in the one $parameters array, which can then
-      protected static $connected = false;
+       * be set/saved/loaded as needed
-      protected static $connectionInfo = null; // connection information for database
+       */
       protected $parameters = array(
-                               // query to be run
+             // query(s) to be run
-                               'query' => '',
+             'query' => '',
+             // additional clause to be added to where on a statement
+             'whereClause' => '',
+             // additional order by clause to be added
+             'orderBy' => '',
-                               // the number of rows 1) affectd by an insert, update or delete or 2) returned by a select
+             // the number of rows 1) affectd by an insert, update or delete or 2) returned by a select
-                               'rowsAffected' => '',
+             'rowsAffected' => '',
-                               // the value of the last row inserted (mysql only)
+             // the value of the last row inserted
-                               'lastInsertKey' => '',
+             'lastInsertKey' => '',
-                               // an array that contains the data retrieved by a query (select only)
+             // an array that contains the data retrieved by a query (select only)
-                               'returnData' => '',
+             'returnData' => '',
-                               // an array that contains the meta data from the query
+             // an array that contains the meta data from the query for each column
-                               'columnMetaData' => '',
+             'columnMetaData' => '',
-                               // if true, $returnData is an array of associative array, with the column names being the key fields
+             // number of columns (fields) returned by query (select only)
-                               'useAssociativeArray' => '',
+             'numfields' => 0,
-                               // if true, will return errors to STDOUT
+             // type of data returned, array of array, array of hash, or both
-                               'showErrors' => '',
+             'fetchType' => MYSQLI_ASSOC,
-                               // set to last error returned
+             // human readable form of fetchType
-                               'error' => '',
+             'returntype' => 'associative',
-                               // Will be instantiation of a  Logging instance if set
+             // array of any errors which occurred
-                               'log' => '',
+             'error' => array(),
-                               // if set to a table name, all queries are written to it
+             // if set to a table name, all modifying queries are written to it
-                               'auditTable' => '',
+             // must contain, at a minimum, columns whenrun timestamp, whoran varchar and query text
-                               'orderBy' => '',
+             // can be created with $this->buildAuditTable
-                             );
+             'auditTable' => '_activity_log'
+           );
-      public static function connect( $connectionInfo = null ) {
-         if ( isset ( $connectionInfo ) ) {
-            DBQuery::$connectionInfo = $connectionInfo;
-            if ( ! isset( DBQuery::$connectionInfo['host'] ) || DBQuery::$connectionInfo['host'] == '' )
-               DBQuery::$connectionInfo['host'] = '127.0.0.1';
-         } // if they passed in a connection string
-         if ( ! DBQuery::$connected ) {
-            try {
-               if ( mysql_connect( DBQuery::$connectionInfo['host'], DBQuery::$connectionInfo['username'], DBQuery::$connectionInfo['password'] ) === false )
-                  throw new Exception( mysql_error() );
-               if ( mysql_select_db( DBQuery::$connectionInfo['name'] ) === false )
-                  throw new Exception(mysql_error());
-               DBQuery::$connected = true;
-            } catch ( Exception $e ) {
-               die( $e->getMessage() );
-            }
-         } // if we are not connected
-      } // static function connect
+      /*
-      protected function logIt ( $level, $message, $file = null, $class = null, $function = null, $line = null ) {
+       * static function which simply parses out an error and returns
+       * a string suitable for printing. NOTE: it includes line returns
+      */
+      public static function error2String( $error ) {
-         global $DEBUG;
+         $return = array();
-         if ( isset( $DEBUG ) ) {
+         for ( $i = 0; $i < count( $error ); $i++ ) {
-            $DEBUG->writeLog( $level, $message, $file, $class, $function, $line );
+            $return[] = implode( "\n", array( 'Error ' . $error[$i]['id'] . ' - ' . $error[$i]['message'], 'while executing query', $error[$i]['query'] ) );
+         }
+         return implode( "\n\n", $return ) . "\n";
-      } // logIt
+      } // error2String
-      public function __construct( $query, $whereClause = null, $orderBy = null, $runImmediate = false ) {
-         $this->parameters['query'] = $query;
-         if ( isset( $whereClause ) ) {
-            $this->parameters[ 'query' ] .= $this->makeWhereClause( $whereClause );
-         } // whereclause
-         if ( isset( $orderBy ) ) {
-            $this->parameters[ 'orderBy' ] .= ' order by ' . implode( ',', $orderBy );
-         } // orderby
-         $this->parameters[ 'rowsAffected' ] = 0;
-         $this->parameters[ 'lastInsertKey' ] = '';
-         $this->parameters[ 'returnData' ] = array();
-         $this->parameters[ 'columnMetaData' ] = array();
-         $this->parameters[ 'useAssociativeArray' ] = true;
+      // simply returns parameters for saving and reloading later
-         $this->parameters[ 'showErrors' ] = true;
-         $this->parameters[ 'error' ] = '';
-         if ( $runImmediate )
-            $this->run();
-         // if (isset( $AUDITTABLE ) ) $this->parameters[ 'auditTable' ) =  new Logging( $LOGFILE );
-      } // __construct
       public function save() {
          return $this->parameters;
       } // function save
+      // loads parameters from $this->save(), or hand built
       public function load( $parameters = array() ) {
          $this->parameters = $parameters;
       } // function load
+      // sets a key/value pair in $this->parameters
+      // returns $value
       public function __set( $name, $value ) {
          $this->parameters[$name] = $value;
          return $value;
+      }
+      // gets the current value of $this->parameters[$name]
       public function __get( $name ) {
          return isset( $this->parameters[$name] ) ? $this->parameters[$name] : null;
+      }
+      // returns true if $parameters[$name] is set
       public function __isset( $name ) {
          return isset( $this->parameters[$name] );
+      }
+      /*
+       * function: buildAuditTable
+       * parameters:
+       *       $tablename - name of table to be built
+       *       $createStatement - SQL DDL to build the table
+       *
+       * If $tablename is set, will use that, otherwise will use
+       * $parameters[auditTable]. In either case, $parameters[auditTable]
+       * is set to the value of the table used
-      /*
+       *
+       * if $createStatement is set, will be run WITHOUT MODIFICATION, and
+       * $parameters[auditTable] is not set to anything (unless $tablename
+       * is set)
+       *
+       * If $createStatement is not set, will use a default to build
+       * a table from $parameters[auditTable].
+       *
+       * Can definitely blow up if the table name is not set both places
+       * or if $createStatement is fubar
+       */
+      public function buildAuditTable( $tablename = '', $createStatement = '' ) {
+         if ( $tablename ) // they sent us one, so set it
+            $this->parameters[ 'auditTable' ] = $tablename;
-         function actually executes the query, populating the members with the results
+         if ( ! $createStatement ) { // they did not set createStatement, so use our default
+            $createStatement = "
+               create table $this->parameters['auditTable'] (
+                  _activity_log_id int unsigned not null auto_increment,
+                  timestamp  timestamp,
+                  user       varchar(64),
+                  query      text,
+                  primary key(_activity_log_id)
+               ) comment 'tracks queries which modify data'";
+         } // if
+         if ( parent::query( $createStatement ) === false ) {
+            // on error, die
+            print "Can not create audit table with query<br />\n$createStatement<br />\n";
-         returns true if no errors, false if errors (see $this->parameters[ 'error' ) for code)
+            die ( printf("Errormessage: %d - %s\n", $this->errno, $this->error ) );
+         } // if error, die
+      } // buildAuditTable
+      /*
+       * log queries to a table, file, or nothing
+       * log contains date/time, username and query
+       * to turn off logginging:
+       * unset( $parameters['auditTable'] )
-      */
+       */
+      private function logIt( $username, $query, $recursion = false ) {
+         if ( ! isset( $this->parameters['auditTable'] ) )
-      function run () {
+            return;
+         $username = $this->real_escape_string( $username );
+         $query = $this->real_escape_string( $query );
+         $logEntry = "insert into $this->parameters['auditTable'] (user, query) values ( '$username', '$query')";
+         //print "Loggging\n$logEntry\n";
+         if ( parent::query( $logEntry ) !== false ) { // good
+            return;
-         if ( ! DBQuery::$connected ) {
+         } else { // we had an error
+            if ( ! $recursion && $this->errno == 1146 ) { // table doesn't exist, so let's create it
+               $result = parent::query( "show tables like '$this->parameters['auditTable']'" );
-            if ( isset( DBQuery::$connectionInfo ) ) {
+               if ( $result->num_rows == 0 ) {
-               DBQuery::connect();
+                  $this->buildAuditTable( );
+                  return $this->logIt( $username, $query, true );
+               }
             } else {
-               throw new Exception( "No Connection Available" );
+               print "Trying to log transaction with query<br />\n$logEntry<br />\n";
-            }
-         }
-         // print "<pre>In Query database\n---------------------\n$query\n---------------------\n</pre>";
-         $this->logIt( 2, $this->parameters['query'] );
-//         if ( isset( $this->parameters[ 'auditTable' )) ) audit( $query );
-         $result = @mysql_query($this->parameters[ 'query' ]);
-         if( mysql_errno() ) {
-            $this->parameters[ 'error' ] = 'MYSQL ERROR #'.mysql_errno().' : <small>' . mysql_error(). "</small><br><VAR>$this->parameters[query]</VAR>";
-            if ( $this->parameters[ 'showErrors' ] ) echo($this->parameters[ 'error' ]);
+               die ( printf("Errormessage: %d - %s\n", $this->errno, $this->error ) );
-            return false;
+            } // if..else
          } // if
+      } // function logIt
+      /*
+       * doSQL
+       * Parameters: $query - string or array of strings to be executed
+       *             $parameters - hash used to pass additional parameters, to include
+       *                           $parameters['username'] = 'fred'; // username for logging
+       *                           $parameters['returntype'] = 'hash'; or array or both
+       *
+       * executes one or more queries
+       *
+       * If the query is one of select, show, describe or explain, it must
+       * be a single string. It will return the data results in a hash
+       * containing
+       *    'data'  - an array of array/hash/both depending on what you asked for
+       *    'count' - number of results (ie, count(data)
+       *    'meta'  - metadata for each column returned
+       *    'numfields' - number of columns in result (ie, count(meta))
+       *    'errors' - normally empty array of errors
+       *
+       * if the query modifies data (ie, NOT above), query may be an array
+       * which will be surrounded by a transaction and rolled back if
+       * anything causes an error.
+       *
+       * These will return a hash containing
+       *    'count' l- number of rows affected by last statement
+       *    'last_insert_id' - last insert id created by BLOCK of queries
+       *    'errors' - normally empty array of errors which occurred (caused a rollback)
+       *
+       */
+      public function doSQL( $query, $parameters = array() ) {
+         $errors = array();
+         // if it is a "selectstatement" it doesn't modify data
+         // if query is an array, assume it modifies something
+         // if it is a single statement, look for the regex
+         $selectStatement = is_array( $query ) ?
+            false :
-         if( preg_match ( '/^\s*select/i', $this->parameters[ 'query' ] ) ) { // this is a select statement
+            ( preg_match( '/^\s*(select)|(show)|(describe)|(explain)/i', $query ) === 1 );
+         // different actions based on whether it modifies data or not
+         if ( $selectStatement ) { // if a select, simply return the rows
+            // dataset is small enough, we just read it into memory all at one time.
+            // NOTE: fetch_all is nice, but tied to mysqlnd, which has reports of problems, so we do it the old way
+            if ( $sth = parent::query( $query, MYSQLI_USE_RESULT  ) ) {
+               if ( $sth === false ) {
+                  $errors[] = array( 'id' => $this->errno, 'message' => $this->error );
+               } else {
-            $this->parameters[ 'rowsAffected' ] = @mysql_num_rows($result);
+                  $this->parameters['columnMetaData'] = $sth->fetch_fields(); // get metadata
+                  $this->parameters['returnData'] = array(); // we'll put all the results in an array
+                  // $fetchtype returns either an array of array, array of hash, or both. Default is array of hash
+                  if ( isset( $this->parameters['returntype'] ) )
+                     $this->parameters[ 'fetchType' ] = $this->parameters['returntype'] == 'array' ? MYSQLI_NUM : (
+                           ( $parameters['both'] == 'both' ) ? MYSQLI_BOTH : MYSQLI_ASSOC
+                           );
+                  } else { // default is associative array (hash)
-            $this->parameters[ 'columnMetaData' ] = array();
+                     $this->parameters[ 'fetchType' ] =  MYSQLI_ASSOC;
-            for ($i = 0; $i < mysql_num_fields( $result ); $i++) {
+                     $this->parameters['returntype'] = 'associative';
+                  }
-               $meta = mysql_fetch_field ( $result );
+                  // slurp all the stuff in
-               $this->parameters[ 'columnMetaData' ][] = array('name' => $meta->name, 'length' => $meta->max_length, 'numeric' => $meta->numeric, 'type' => $meta->type );
+                  while ( $values =  $sth->fetch_array( $this->parameters[ 'fetchType' ] ) ) {
+                     $this->parameters[ 'returnData' ][] = $values;
+                  }
+                  $sth->free(); // cleanup memory, don't need two copies
+               } // if we had no errors
+            }
+            $this->parameters[ 'rowsAffected' ] = count( $this->parameters[ 'returnData' ] );
+            $this->parameters[ 'numfields' ] = count( $this->parameters['columnMetaData'] );
-            if( ! $this->parameters[ 'rowsAffected' ] ) return;
+            $this->parameters[ 'lastInsertKey' ] = 0;
-            $this->parameters[ 'returnData' ] = array();
+            $this->parameters[ 'error' ] = $errors;
+         } else {
+            if ( ! is_array( $this->parameters['query'] ) ) { // not an array, so make it one
-            for( $i = 0; $i < $this->parameters[ 'rowsAffected' ]; $i++ ) {
+               $temp = $this->parameters['query'];
-               $this->parameters[ 'returnData' ][] = $this->parameters[ 'useAssociativeArray' ] ? mysql_fetch_assoc($result) : mysql_fetch_row($result);
+               $this->parameters['query'] = array( $temp );
+            }
+            // do it in a transaction so we can back out on failure
-            mysql_free_result($result);
+            $this->autocommit(false);
+            $allOk = true;
+            for ( $i = 0; $i < count( $this->parameters['query'] ); $i++ ) {
+               $this->logIt( isset( $parameters['username'] ) ? $parameters['username'] : 'unknown', $this->parameters['query'][$i] );
+               if ( parent::query( $this->parameters['query'][$i] ) === false ) { // we had an erorr
+                  // record it
+                  $errors[] = array( 'id' => $this->errno, 'message' => $this->error, 'query' => $this->parameters['query'][$i] );
+                  $allOk = false;
+                  // and bail
+                  break;
+               }
+            }
+            // if we made it through ok, commit, otherwise rollback
+            $allOk ? $this->commit() : $this->rollback();
-         } else { // not a select statement
+            // reset autocommit to true
+            $this->autocommit(true);
+            $this->parameters['query'] = $query;
-            $this->parameters[ 'rowsAffected' ] = mysql_affected_rows();
+            $this->parameters[ 'rowsAffected' ] = $this->affected_rows;
-            $this->parameters[ 'lastInsertKey' ] = mysql_insert_id();
+            $this->parameters[ 'lastInsertKey' ] = $this->insert_id;
+            $this->parameters[ 'error' ] = $errors;
-         }
+         } // if select .. else
-         return true;
+         return $this->parameters;
-      } // function run
+      }  // function doSQL
       /*
        * function will return one and only one row, NOT as an array of array
        * but as a single row array
        * if more than one row is returned by query, error is set and function
          $useAssociativeArray = false;
          $this->run();
          $useAssociativeArray = $save;
          return $this->parameters[ 'rowsAffected' ] ? $this->parameters[ 'returnData' ][0][0] : null;
+      }
-      public function countNumberOfRows ( $sql = null ) {
-         if ( isset( $sql ) )
-            $this->parameters[ 'query' ] = $sql;
-         $save = $this->parameters[ 'useAssociativeArray' ];
-         $this->parameters['useAssociativeArray'] = false;
-         $this->run();
-         $this->parameters['useAssociativeArray'] = $save;
-         return $this->parameters[ 'rowsAffected' ];
-      }
-      public function makeWhereClause ($conditions, $joinedBy = 'and') {
-         $joinedBy = " $joinedBy "; // make sure there are spaces around it
-         $whereClause = ' where ' . implode ( $joinedBy, $conditions );
-         return $whereClause;
-      }
-      /*
-         values is an associative array of name/value pairs
-         function will replace all items of the form <$name> with its values (the less than and greater than symbols around the key)
-      */
-      protected function insertValuesIntoQuery( $values ) {
-         foreach ( $values as $name => $value ) {
-            $this->parameters[ 'query' ] = search_replace_string($this->parameters[ 'query' ], "<$name>", $value );
-         }
-      } // insertValuesIntoQuery
       /*
        * function will attempt to make a constant ($value) safe for SQL depending on the type.
+       *
        * if $value is empty, $default is returned, as will happen if any of the
          switch ( strtolower( $type ) ) {
             case 'string' :
             case 's' :
                      if ( get_magic_quotes_gpc() )
                         $value = stripslashes($value);
-                     $value = mysql_real_escape_string( $value );
+                     $value = $this->real_escape_string( $value );
                      $value = strlen( $value ) > 0 ? "'$value'" : $default;
                      break;
             case 'date' :
             case 'd' :
                      if ( $value != 'null' ) {
+      }
    } // class DBQuery
+   $db = new DBQuery( '127.0.0.1', 'camp', 'camp', 'camp' );
+   if ($db->connect_error) {
+       die('Connect Error (' . $db->connect_errno . ') '  . $db->connect_error);
+   }
+   $result = $db->doSQL(
+               array(
+                     'drop table if exists temp',
+                     'create table temp ( col1 int unsigned )',
+                     "insert into temp values ('mike')"
+                     )
+         );
+   if ( $result['errors'] ) {
+      print_r ( $result );
+      die ( DBQuery::error2String( $result['errors'] ) );
+   } else {
+      print "running select\n";
+      $result = $db->doSQL( 'select * from temp' );
+      print_r( $result );
+   }
+//   $return = $db->doSQL( "select device.device_id 'id',device.name 'name', device_type.name 'type' from device join device_type using (device_type_id) where device.removed_date is null and device_type.show_as_system = 'Y'" );
+//   print_r( $return );
+//   print_r( $db );
 ?>

Subversion Repositories phpLibraryV2

(root)//head/DBQuery.class.php – Rev 10 → 13