| Line 129... |
Line 129... |
| 129 |
|
129 |
|
| 130 |
public function buildAuditTable( $tablename = '', $createStatement = '' ) {
|
130 |
public function buildAuditTable( $tablename = '', $createStatement = '' ) {
|
| 131 |
if ( $tablename ) // they sent us one, so set it
|
131 |
if ( $tablename ) // they sent us one, so set it
|
| 132 |
$this->parameters[ 'auditTable' ] = $tablename;
|
132 |
$this->parameters[ 'auditTable' ] = $tablename;
|
| 133 |
if ( ! $createStatement ) { // they did not set createStatement, so use our default
|
133 |
if ( ! $createStatement ) { // they did not set createStatement, so use our default
|
| - |
|
134 |
$auditTable = $this->parameters['auditTable'];
|
| 134 |
$createStatement = "
|
135 |
$createStatement = "
|
| 135 |
create table $this->parameters['auditTable'] (
|
136 |
create table $auditTable (
|
| 136 |
_activity_log_id int unsigned not null auto_increment,
|
137 |
_activity_log_id int unsigned not null auto_increment,
|
| 137 |
timestamp timestamp,
|
138 |
timestamp timestamp,
|
| 138 |
user varchar(64),
|
139 |
user varchar(64),
|
| 139 |
query text,
|
140 |
query text,
|
| 140 |
primary key(_activity_log_id)
|
141 |
primary key(_activity_log_id)
|
| Line 156... |
Line 157... |
| 156 |
private function logIt( $username, $query, $recursion = false ) {
|
157 |
private function logIt( $username, $query, $recursion = false ) {
|
| 157 |
if ( ! isset( $this->parameters['auditTable'] ) )
|
158 |
if ( ! isset( $this->parameters['auditTable'] ) )
|
| 158 |
return;
|
159 |
return;
|
| 159 |
$username = $this->real_escape_string( $username );
|
160 |
$username = $this->real_escape_string( $username );
|
| 160 |
$query = $this->real_escape_string( $query );
|
161 |
$query = $this->real_escape_string( $query );
|
| 161 |
$logEntry = "insert into $this->parameters['auditTable'] (user, query) values ( '$username', '$query')";
|
162 |
$logEntry = "insert into " . $this->parameters['auditTable'] . " (user, query) values ( '$username', '$query')";
|
| 162 |
//print "Loggging\n$logEntry\n";
|
163 |
//print "Loggging\n$logEntry\n";
|
| 163 |
if ( parent::query( $logEntry ) !== false ) { // good
|
164 |
if ( parent::query( $logEntry ) !== false ) { // good
|
| 164 |
return;
|
165 |
return;
|
| 165 |
} else { // we had an error
|
166 |
} else { // we had an error
|
| 166 |
if ( ! $recursion && $this->errno == 1146 ) { // table doesn't exist, so let's create it
|
167 |
if ( ! $recursion && $this->errno == 1146 ) { // table doesn't exist, so let's create it
|
| 167 |
$result = parent::query( "show tables like '$this->parameters['auditTable']'" );
|
168 |
$result = parent::query( "show tables like '" . $this->parameters['auditTable'] . "'" );
|
| 168 |
if ( $result->num_rows == 0 ) {
|
169 |
if ( $result->num_rows == 0 ) {
|
| 169 |
$this->buildAuditTable( );
|
170 |
$this->buildAuditTable( );
|
| 170 |
return $this->logIt( $username, $query, true );
|
171 |
return $this->logIt( $username, $query, true );
|
| 171 |
}
|
172 |
}
|
| 172 |
} else {
|
173 |
} else {
|
| Line 203... |
Line 204... |
| 203 |
* 'count' l- number of rows affected by last statement
|
204 |
* 'count' l- number of rows affected by last statement
|
| 204 |
* 'last_insert_id' - last insert id created by BLOCK of queries
|
205 |
* 'last_insert_id' - last insert id created by BLOCK of queries
|
| 205 |
* 'errors' - normally empty array of errors which occurred (caused a rollback)
|
206 |
* 'errors' - normally empty array of errors which occurred (caused a rollback)
|
| 206 |
*
|
207 |
*
|
| 207 |
*/
|
208 |
*/
|
| 208 |
public function doSQL( $query, $parameters = array() ) {
|
209 |
public function doSQL( $query = null, $parameters = array() ) {
|
| 209 |
$errors = array();
|
210 |
$errors = array();
|
| - |
|
211 |
if ( isset( $query ) ) {
|
| - |
|
212 |
$this->parameters['query'] = $query;
|
| - |
|
213 |
}
|
| 210 |
// if it is a "selectstatement" it doesn't modify data
|
214 |
// if it is a "selectstatement" it doesn't modify data
|
| 211 |
// if query is an array, assume it modifies something
|
215 |
// if query is an array, assume it modifies something
|
| 212 |
// if it is a single statement, look for the regex
|
216 |
// if it is a single statement, look for the regex
|
| 213 |
$selectStatement = is_array( $query ) ?
|
217 |
$selectStatement = is_array( $this->parameters['query'] ) ?
|
| 214 |
false :
|
218 |
false :
|
| 215 |
( preg_match( '/^\s*(select)|(show)|(describe)|(explain)/i', $query ) === 1 );
|
219 |
( preg_match( '/^\s*(select)|(show)|(describe)|(explain)/i', $this->parameters['query'] ) === 1 );
|
| 216 |
|
220 |
|
| 217 |
// different actions based on whether it modifies data or not
|
221 |
// different actions based on whether it modifies data or not
|
| 218 |
if ( $selectStatement ) { // if a select, simply return the rows
|
222 |
if ( $selectStatement ) { // if a select, simply return the rows
|
| 219 |
// dataset is small enough, we just read it into memory all at one time.
|
223 |
// dataset is small enough, we just read it into memory all at one time.
|
| 220 |
// NOTE: fetch_all is nice, but tied to mysqlnd, which has reports of problems, so we do it the old way
|
224 |
// NOTE: fetch_all is nice, but tied to mysqlnd, which has reports of problems, so we do it the old way
|
| 221 |
if ( $sth = parent::query( $query, MYSQLI_USE_RESULT ) ) {
|
225 |
if ( $sth = parent::query( $this->parameters['query'], MYSQLI_USE_RESULT ) ) {
|
| 222 |
if ( $sth === false ) {
|
226 |
if ( $sth === false ) {
|
| 223 |
$errors[] = array( 'id' => $this->errno, 'message' => $this->error );
|
227 |
$errors[] = array( 'id' => $this->errno, 'message' => $this->error );
|
| 224 |
} else {
|
228 |
} else {
|
| 225 |
$this->parameters['columnMetaData'] = $sth->fetch_fields(); // get metadata
|
229 |
$this->parameters['columnMetaData'] = $sth->fetch_fields(); // get metadata
|
| 226 |
$this->parameters['returnData'] = array(); // we'll put all the results in an array
|
230 |
$this->parameters['returnData'] = array(); // we'll put all the results in an array
|
| 227 |
// $fetchtype returns either an array of array, array of hash, or both. Default is array of hash
|
231 |
// $fetchtype returns either an array of array, array of hash, or both. Default is array of hash
|
| 228 |
if ( isset( $this->parameters['returntype'] ) )
|
232 |
if ( isset( $this->parameters['returntype'] ) ) {
|
| 229 |
$this->parameters[ 'fetchType' ] = $this->parameters['returntype'] == 'array' ? MYSQLI_NUM : (
|
233 |
$this->parameters[ 'fetchType' ] = $this->parameters['returntype'] == 'array' ? MYSQLI_NUM : (
|
| 230 |
( $parameters['both'] == 'both' ) ? MYSQLI_BOTH : MYSQLI_ASSOC
|
234 |
( $this->parameters['returntype'] == 'both' ) ? MYSQLI_BOTH : MYSQLI_ASSOC
|
| 231 |
);
|
235 |
);
|
| 232 |
} else { // default is associative array (hash)
|
236 |
} else { // default is associative array (hash)
|
| 233 |
$this->parameters[ 'fetchType' ] = MYSQLI_ASSOC;
|
237 |
$this->parameters[ 'fetchType' ] = MYSQLI_ASSOC;
|
| 234 |
$this->parameters['returntype'] = 'associative';
|
238 |
$this->parameters['returntype'] = 'associative';
|
| 235 |
}
|
239 |
}
|
| Line 251... |
Line 255... |
| 251 |
}
|
255 |
}
|
| 252 |
// do it in a transaction so we can back out on failure
|
256 |
// do it in a transaction so we can back out on failure
|
| 253 |
$this->autocommit(false);
|
257 |
$this->autocommit(false);
|
| 254 |
$allOk = true;
|
258 |
$allOk = true;
|
| 255 |
for ( $i = 0; $i < count( $this->parameters['query'] ); $i++ ) {
|
259 |
for ( $i = 0; $i < count( $this->parameters['query'] ); $i++ ) {
|
| - |
|
260 |
// debugging
|
| - |
|
261 |
//print "$i\t" . $this->parameters['query'][$i] ."\n"; continue;
|
| - |
|
262 |
// debugging
|
| 256 |
$this->logIt( isset( $parameters['username'] ) ? $parameters['username'] : 'unknown', $this->parameters['query'][$i] );
|
263 |
$this->logIt( isset( $parameters['username'] ) ? $parameters['username'] : 'unknown', $this->parameters['query'][$i] );
|
| 257 |
if ( parent::query( $this->parameters['query'][$i] ) === false ) { // we had an erorr
|
264 |
if ( parent::query( $this->parameters['query'][$i] ) === false ) { // we had an erorr
|
| 258 |
// record it
|
265 |
// record it
|
| 259 |
$errors[] = array( 'id' => $this->errno, 'message' => $this->error, 'query' => $this->parameters['query'][$i] );
|
266 |
$errors[] = array( 'id' => $this->errno, 'message' => $this->error, 'query' => $this->parameters['query'][$i] );
|
| 260 |
$allOk = false;
|
267 |
$allOk = false;
|
| Line 386... |
Line 393... |
| 386 |
'drop table if exists temp',
|
393 |
'drop table if exists temp',
|
| 387 |
'create table temp ( col1 int unsigned )',
|
394 |
'create table temp ( col1 int unsigned )',
|
| 388 |
"insert into temp values ('mike')"
|
395 |
"insert into temp values ('mike')"
|
| 389 |
)
|
396 |
)
|
| 390 |
);
|
397 |
);
|
| 391 |
if ( $result['errors'] ) {
|
398 |
if ( $result['error'] ) {
|
| 392 |
print_r ( $result );
|
399 |
print_r ( $result );
|
| 393 |
die ( DBQuery::error2String( $result['errors'] ) );
|
400 |
die ( DBQuery::error2String( $result['error'] ) );
|
| 394 |
} else {
|
401 |
} else {
|
| 395 |
print "running select\n";
|
402 |
print "running select\n";
|
| 396 |
$result = $db->doSQL( 'select * from temp' );
|
403 |
$result = $db->doSQL( 'select * from temp' );
|
| 397 |
print_r( $result );
|
404 |
print_r( $result );
|
| 398 |
}
|
405 |
}
|