| [ Index ] |
|
Code source de eGroupWare 1.2.106-2 |
1 <?php 2 require_once(GALAXIA_LIBRARY.SEP.'src'.SEP.'common'.SEP.'Observable.php'); 3 //!! Abstract class representing the base of the API 4 //! An abstract class representing the API base 5 /*! 6 This class is derived by all the API classes so they get the 7 database connection, database methods and the Observable interface. 8 */ 9 class Base extends Observable { 10 var $db; // The database abstraction object used to access the database 11 //2 vars for debugging 12 var $num_queries = 0; 13 var $num_queries_total = 0; 14 var $error= Array(); // the error messages array 15 var $child_name = 'Base'; //name of the current object 16 17 // Constructor receiving a database abstraction object. 18 function Base(&$db) 19 { 20 if(!$db) { 21 die('Invalid db object passed to '.$this->child_name.' constructor'); 22 } 23 //Force transactionnal mysql (Innodb) -> mysqlt 24 if ($db->databaseType=='mysql') 25 { 26 $GLOBALS['egw']->db->disconnect(); 27 $db = $GLOBALS['egw']->db->connect( 28 $GLOBALS['egw_info']['server']['db_name'], 29 $GLOBALS['egw_info']['server']['db_host'], 30 $GLOBALS['egw_info']['server']['db_port'], 31 $GLOBALS['egw_info']['server']['db_user'], 32 $GLOBALS['egw_info']['server']['db_pass'], 33 'mysqlt' 34 ); 35 } 36 $this->db = &$db; 37 } 38 39 //! return errors recorded by this object 40 /*! 41 * You should always call this function after failed operations on a workflow object to obtain messages 42 * @param $as_array if true the result will be send as an array of errors or an empty array. Else, if you do not give any parameter 43 * or give a false parameter you will obtain a single string which can be empty or will contain error messages with <br /> html tags. 44 * @param $debug is false by default, if true you wil obtain more messages 45 * @return a string containing error (and maybe debug) messages or an array of theses messages and empty the error messages 46 * @param $prefix is a string appended to the debug message 47 */ 48 function get_error($as_array=false, $debug=false, $prefix='') 49 { 50 //collect errors from used objects 51 $this->collect_errors($debug, $prefix.$this->child_name.'::'); 52 if ($as_array) 53 { 54 $result = $this->error; 55 $this->error= Array(); 56 return $result; 57 } 58 $result_str = implode('<br />',array_filter($this->error)); 59 $this->error= Array(); 60 return $result_str; 61 } 62 63 /*! 64 * @abstract 65 * Collect errors from all linked objects which could have been used by this object 66 * Each child class should instantiate this function with her linked objetcs, calling get_error(true) 67 * for example if you had a $this->process_manager created in the constructor you shoudl call 68 * $this->error[] = $this->process_manager->get_error(false, $debug, $prefix); 69 * @param $debug is false by default, if true debug messages can be added to 'normal' messages 70 * @param $prefix is a string appended to the debug message 71 */ 72 function collect_errors($debug=false, $prefix = '') 73 { 74 if ($debug) 75 { 76 $this->num_queries_total += $this->num_queries; 77 $this->error[] = $prefix.': number of queries: new='.$this->num_queries.'/ total='.$this->num_queries_total; 78 $this->num_queries = 0; 79 } 80 } 81 82 //! perform a query on the AdoDB database object 83 /*! initially copied from tikilib.php. Modifications for galaxia 84 * @param $query is the sql query, parameters should be replaced with ? 85 * @param $values is an array containing the parameters (going in the ?), use it to avoid security problems. If 86 * one of theses values is an array it will be serialized and encoded in Base64 87 * @param $numrows is the maximum number of rows to return 88 * @param $offset is the starting row number 89 * @param $reporterrors is true by default, if false no warning will be generated in the php log 90 * @param $sort is the sort sql string for the query (without the "order by "), 91 * @param $bulk is false by default, if true the $values array parameters could contain arrays vars for bulk statement 92 * (see ADOdb help) theses arrays wont be serialized and encoded in Base64 like current arrays parameters. 93 * it will be checked for security reasons before being appended to the sql 94 * @return false if something went wrong or the resulting recordset array if it was ok 95 */ 96 function query($query, $values = null, $numrows = -1, $offset = -1, $reporterrors = true, $sort='', $bulk=false) 97 { 98 //clean the parameters 99 $clean_values = Array(); 100 if (!($values===null)) 101 { 102 if (!(is_array($values))) 103 { 104 $values= array($values); 105 } 106 foreach($values as $value) 107 { 108 $clean_values[] = $this->security_cleanup($value, !($bulk)); 109 } 110 } 111 //clean sort order as well and add it to the query 112 if (!(empty($sort))) 113 { 114 $sort = $this->security_cleanup($sort, true, true); 115 $query .= " order by $sort"; 116 } 117 //conversion must be done after oder by is set 118 $this->convert_query($query); 119 // Galaxia needs to be call ADOdb in associative mode 120 $this->db->SetFetchMode(ADODB_FETCH_ASSOC); 121 if ($numrows == -1 && $offset == -1) 122 $result = $this->db->Execute($query, $clean_values); 123 else 124 $result = $this->db->SelectLimit($query, $numrows, $offset, $clean_values); 125 if (empty($result)) 126 { 127 $result = false; 128 } 129 $this->num_queries++; 130 if (!$result) 131 { 132 $this->error[] = "they were some SQL errors in the database, please warn your sysadmin."; 133 if ($reporterrors) $this->sql_error($query, $clean_values, $result); 134 } 135 return $result; 136 } 137 138 /*! initially copied from tikilib.php. Modifications for galaxia 139 * @param $query is the sql query, parameters should be replaced with ? 140 * @param $values is an array containing the parameters (going in the ?), use it to avoid security problems 141 * @param $reporterrors is true by default, if false no warning will be generated in the php log 142 * @return NULL if something went wrong or the first value of the first row if it was ok 143 */ 144 function getOne($query, $values = null, $reporterrors = true) { 145 $this->convert_query($query); 146 $clean_values = Array(); 147 if (!($values===null)) 148 { 149 if (!(is_array($values))) 150 { 151 $values= array($values); 152 } 153 foreach($values as $value) 154 { 155 $clean_values[] = $this->security_cleanup($value); 156 } 157 } 158 $result = $this->db->SelectLimit($query, 1, 0, $clean_values); 159 if (empty($result)) 160 { 161 $result = false; 162 } 163 if (!$result && $reporterrors ) 164 $this->sql_error($query, $clean_values, $result); 165 if (!!$result) 166 { 167 $res = $result->fetchRow(); 168 } 169 else 170 { 171 $res = false; 172 } 173 $this->num_queries++; 174 if ($res === false) 175 return (NULL); //simulate pears behaviour 176 list($key, $value) = each($res); 177 return $value; 178 } 179 180 function sql_error($query, $values, $result) { 181 global $ADODB_LASTDB; 182 183 trigger_error($ADODB_LASTDB . " error: " . $this->db->ErrorMsg(). " in query:<br/>" . $query . "<br/>", E_USER_WARNING); 184 // DO NOT DIE, if transactions are there, they will do things in a better way 185 } 186 187 /*! Clean the data before it is recorded on the database 188 * @param $value is a data we want to be stored in the database. 189 * - If it is an array we'll make a serialize and then an base64_encode 190 * (you'll have to make an unserialize(base64_decode()) 191 * - If it is not an array we make an htmlspecialchars() on it 192 * @param $flat_arrays is true by default, if false arrays won't be serialized and encoded 193 * @param $check_for_injection is false by default, if true we'll perform some modifications 194 * on the string to avoid SQL injection 195 * @return the resulting value, ready for an ADODB query 196 */ 197 function security_cleanup($value, $flat_arrays = true, $check_for_injection = false) 198 { 199 if (is_array($value)) 200 { 201 if ($flat_arrays) { 202 //serialize and \' are a big #!%* 203 $res = base64_encode(serialize($value)); 204 } 205 else 206 { 207 //recursive cleanup on the array 208 $res = Array(); 209 foreach ($value as $key => $item) 210 { 211 $res[$this->security_cleanup($key,$flat_arrays)] = $this->security_cleanup($item, $flat_arrays); 212 } 213 } 214 } 215 else 216 { 217 $res = ($check_for_injection)? addslashes(str_replace(';','',$value)) : $value; 218 } 219 return $res; 220 } 221 222 // functions to support DB abstraction 223 function convert_query(&$query) { 224 global $ADODB_LASTDB; 225 226 switch ($ADODB_LASTDB) { 227 case "oci8": 228 $query = preg_replace("/`/", "\"", $query); 229 // convert bind variables - adodb does not do that 230 $qe = explode("?", $query); 231 $query = ''; 232 for ($i = 0; $i < sizeof($qe) - 1; $i++) { 233 $query .= $qe[$i] . ":" . $i; 234 } 235 $query .= $qe[$i]; 236 break; 237 case "postgres7": 238 case "sybase": 239 $query = preg_replace("/`/", "\"", $query); 240 break; 241 } 242 } 243 244 function convert_sortmode($sort_mode) { 245 global $ADODB_LASTDB; 246 247 $sort_mode = str_replace("__", "` ", $sort_mode); 248 $sort_mode = "`" . $sort_mode; 249 return $sort_mode; 250 } 251 252 function convert_binary() { 253 global $ADODB_LASTDB; 254 255 switch ($ADODB_LASTDB) { 256 case "pgsql72": 257 case "oci8": 258 case "postgres7": 259 return; 260 break; 261 case "mysql3": 262 case "mysql": 263 return "binary"; 264 break; 265 } 266 } 267 268 } //end of class 269 270 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Feb 25 17:20:01 2007 | par Balluche grâce à PHPXref 0.7 |