Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Annotate
Revision Log

Base.php @ 1349

Revision 1349, 10.2 KB checked in by niltonneto, 15 years ago (diff)
Ticket #561 - Inclusão do módulo Workflow faltante nessa versão.
Property svn:executable set to ``*

Line
1	<?php
2	require_once(GALAXIA_LIBRARY.SEP.'src'.SEP.'common'.SEP.'Observable.php');
3	/**
4	* This class is derived by all the API classes so they get the
5	* database connection, database methods and the Observable interface
6	*
7	* @package Galaxia
8	* @license http://www.gnu.org/copyleft/gpl.html GPL
9	*/
10	class Base extends Observable {
11	/**
12	* @var object $db Database abstraction object used to access the database
13	* @access public
14	*/
15	var $db;
16	/**
17	* @var int $num_queries Debugging var
18	* @access private
19	*/
20	var $num_queries = 0;
21	/**
22	* @var int $num_queries_total Debugging var
23	* @access private
24	*/
25	var $num_queries_total = 0;
26	/**
27	* @var array $error Error messages
28	* @access public
29	*/
30	var $error= Array();
31	/**
32	* @var array $warning Warning messages
33	* @access public
34	*/
35	var $warning = array();
36	/**
37	* @var string $child_name Name of the current object
38	* @access public
39	*/
40	var $child_name = 'Base';
41
42	/**
43	* Constructor receiving a database abstraction object
44	* @package Galaxia
45	* @param object &$db ADOdb
46	* @return object Base instance
47	* @access public
48	*/
49	function Base(&$db)
50	{
51	if(!$db) {
52	die('Invalid db object passed to '.$this->child_name.' constructor');
53	}
54	//Force transactionnal mysql (Innodb) -> mysqlt
55	if ($db->databaseType=='mysql')
56	{
57	$GLOBALS['phpgw']->db->disconnect();
58	$db = $GLOBALS['phpgw']->db->connect(
59	$GLOBALS['phpgw_info']['server']['db_name'],
60	$GLOBALS['phpgw_info']['server']['db_host'],
61	$GLOBALS['phpgw_info']['server']['db_port'],
62	$GLOBALS['phpgw_info']['server']['db_user'],
63	$GLOBALS['phpgw_info']['server']['db_pass'],
64	'mysqlt'
65	);
66	}
67	$this->db = &$db;
68	}
69
70	/**
71	* Gets errors recorded by this object
72	* Always call this function after failed operations on a workflow object to obtain messages
73	*
74	* @param bool $as_array if true the result will be send as an array of errors or an empty array. Else, if you do not give any parameter
75	* or give a false parameter you will obtain a single string which can be empty or will contain error messages with <br /> html tags
76	* @param bool $debug is false by default, if true you wil obtain more messages
77	* @param string $prefix string appended to the debug message
78	* @return mixed Error and debug messages or an array of theses messages and empty the error messages
79	* @access public
80	*/
81	function get_error($as_array=false, $debug=false, $prefix='')
82	{
83	//collect errors from used objects
84	$this->collect_errors($debug, $prefix.$this->child_name.'::');
85	if ($as_array)
86	{
87	$result = $this->error;
88	$this->error= Array();
89	return $result;
90	}
91	$result_str = implode('<br />',array_filter($this->error));
92	$this->error= Array();
93	return $result_str;
94	}
95
96	/**
97	* Gets warnings recorded by this object
98	*
99	* @param bool $as_array if true the result will be send as an array of warnings or an empty array. Else, if you do not give any parameter
100	* or give a false parameter you will obtain a single string which can be empty or will contain warning messages with <br /> html tags
101	* @return mixed Warning messages or an array of theses messages and empty the warning messages
102	* @access public
103	*/
104	function get_warning($as_array=false)
105	{
106	if ($as_array)
107	{
108	$result = $this->warning;
109	$this->warning= Array();
110	return $result;
111	}
112	$result_str = implode('<br />',array_filter($this->warning));
113	$this->warning= Array();
114	return $result_str;
115	}
116
117	/**
118	* Collect errors from all linked objects which could have been used by this object
119	* Each child class should instantiate this function with her linked objetcs, calling get_error(true)
120	*
121	* @param bool $debug is false by default, if true debug messages can be added to 'normal' messages
122	* @param string $prefix is a string appended to the debug message
123	* @abstract
124	* @access public
125	* @return void
126	*/
127	function collect_errors($debug=false, $prefix = '')
128	{
129	if ($debug)
130	{
131	$this->num_queries_total += $this->num_queries;
132	$this->error[] = $prefix.': number of queries: new='.$this->num_queries.'/ total='.$this->num_queries_total;
133	$this->num_queries = 0;
134	}
135	}
136
137	/**
138	* Performs a query on the AdoDB database object
139	*
140	* @param string $query sql query, parameters should be replaced with ?
141	* @param array $values array containing the parameters (going in the ?), use it to avoid security problems. If
142	* one of theses values is an array it will be serialized and encoded in Base64
143	* @param int $numrows maximum number of rows to return
144	* @param int $offset starting row number
145	* @param bool $reporterrors is true by default, if false no warning will be generated in the php log
146	* @param string $sort is the sort sql string for the query (without the "order by ")
147	* @param bool $bulk is false by default, if true the $values array parameters could contain arrays vars for bulk statement
148	* (see ADOdb help) theses arrays wont be serialized and encoded in Base64 like current arrays parameters,
149	* it will be checked for security reasons before being appended to the sql
150	* @return mixed false if something went wrong or the resulting recordset array if it was ok
151	* @access public
152	*/
153	function query($query, $values = null, $numrows = -1, $offset = -1, $reporterrors = true, $sort='', $bulk=false)
154	{
155	//clean the parameters
156	$clean_values = Array();
157	if (!($values===null))
158	{
159	if (!(is_array($values)))
160	{
161	$values= array($values);
162	}
163	foreach($values as $value)
164	{
165	$clean_values[] = $this->security_cleanup($value, !($bulk));
166	}
167	}
168	//clean sort order as well and add it to the query
169	if (!(empty($sort)))
170	{
171	$sort = $this->security_cleanup($sort, true, true);
172	$query .= " order by $sort";
173	}
174
175
176	//conversion must be done after oder by is set
177	$this->convert_query($query);
178	// Galaxia needs to be call ADOdb in associative mode
179	$this->db->SetFetchMode(ADODB_FETCH_ASSOC);
180	if ($numrows == -1 && $offset == -1)
181	$result = $this->db->Execute($query, $clean_values);
182	else
183	$result = $this->db->SelectLimit($query, $numrows, $offset, $clean_values);
184	if (empty($result))
185	{
186	$result = false;
187	}
188	$this->num_queries++;
189	if (!$result)
190	{
191	$this->error[] = "there were some SQL errors in the database, please warn your sysadmin.";
192	if ($reporterrors) $this->sql_error($query, $clean_values, $result);
193	}
194	return $result;
195	}
196
197	/**
198	* @see Base::query
199	* @param string $query sql query, parameters should be replaced with ?
200	* @param array $values array containing the parameters (going in the ?), use it to avoid security problems
201	* @param bool $reporterrors is true by default, if false no warning will be generated in the php log
202	* @return mixed NULL if something went wrong or the first value of the first row if it was ok
203	* @access public
204	*/
205	function getOne($query, $values = null, $reporterrors = true) {
206	$this->convert_query($query);
207	$clean_values = Array();
208	if (!($values===null))
209	{
210	if (!(is_array($values)))
211	{
212	$values= array($values);
213	}
214	foreach($values as $value)
215	{
216	$clean_values[] = $this->security_cleanup($value);
217	}
218	}
219	$result = $this->db->SelectLimit($query, 1, 0, $clean_values);
220	if (empty($result))
221	{
222	$result = false;
223	}
224	if (!$result && $reporterrors )
225	$this->sql_error($query, $clean_values, $result);
226	if (!!$result)
227	{
228	$res = $result->fetchRow();
229	}
230	else
231	{
232	$res = false;
233	}
234	$this->num_queries++;
235	if ($res === false)
236	return (NULL); //simulate pears behaviour
237	list($key, $value) = each($res);
238	return $value;
239	}
240
241	/**
242	* Throws error warnings
243	*
244	* @param string $query
245	* @param array $values
246	* @param mixed $result
247	* @access public
248	* @return void
249	*/
250	function sql_error($query, $values, $result) {
251	trigger_error($this->db->databaseType . " error: " . $this->db->ErrorMsg(). " in query:<br/>" . $query . "<br/>", E_USER_WARNING);
252	// DO NOT DIE, if transactions are there, they will do things in a better way
253	}
254
255	/**
256	* Clean the data before it is recorded on the database
257	*
258	* @param $value is a data we want to be stored in the database.
259	* If it is an array we'll make a serialize and then an base64_encode
260	* (you'll have to make an unserialize(base64_decode())
261	* If it is not an array we make an htmlspecialchars() on it
262	* @param bool $flat_arrays is true by default, if false arrays won't be serialized and encoded
263	* @param bool $check_for_injection is false by default, if true we'll perform some modifications
264	* on the string to avoid SQL injection
265	* @return mixed @access public
266	*/
267	function security_cleanup($value, $flat_arrays = true, $check_for_injection = false)
268	{
269	if (is_array($value))
270	{
271	if ($flat_arrays) {
272	//serialize and \' are a big #!%*
273	$res = base64_encode(serialize($value));
274	}
275	else
276	{
277	//recursive cleanup on the array
278	$res = Array();
279	foreach ($value as $key => $item)
280	{
281	$res[$this->security_cleanup($key,$flat_arrays)] = $this->security_cleanup($item, $flat_arrays);
282	}
283	}
284	}
285	else
286	{
287	$res = ($check_for_injection)? addslashes(str_replace(';','',$value)) : $value;
288	}
289	return $res;
290	}
291
292	/**
293	* Supports DB abstraction
294	*
295	* @param string &$query
296	* @return void
297	* @access public
298	*/
299	function convert_query(&$query) {
300
301	switch ($this->db->databaseType) {
302	case "oci8":
303	$query = preg_replace("/`/", "\"", $query);
304	// convert bind variables - adodb does not do that
305	$qe = explode("?", $query);
306	$query = '';
307	for ($i = 0; $i < sizeof($qe) - 1; $i++) {
308	$query .= $qe[$i] . ":" . $i;
309	}
310	$query .= $qe[$i];
311	break;
312	case "postgres7":
313	case "sybase":
314	$query = preg_replace("/`/", "\"", $query);
315	break;
316	}
317	}
318	/**
319	* Supports DB abstraction
320	*
321	* @param string $sort_mode
322	* @return string
323	* @access public
324	*/
325	function convert_sortmode($sort_mode) {
326	$sort_mode = str_replace("__", "` ", $sort_mode);
327	$sort_mode = "`" . $sort_mode;
328	return $sort_mode;
329	}
330	/**
331	* Supports DB abstraction
332	*
333	* @return mixed
334	* @access public
335	*/
336	function convert_binary() {
337
338	switch ($this->db->databaseType) {
339	case "pgsql72":
340	case "oci8":
341	case "postgres7":
342	return;
343	break;
344	case "mysql3":
345	case "mysql":
346	return "binary";
347	break;
348	}
349	}
350
351	}
352	?>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: branches/1.2/workflow/inc/engine/src/common/Base.php @ 1349

Download in other formats: