Rewrote database support to classes, Fixed strict warning in sanitizedummy.php

This commit is contained in:
Markus Birth 2013-03-15 10:51:33 +01:00
parent 22890cceca
commit 65d0cc64a2
7 changed files with 271 additions and 126 deletions

56
classes/Db/Abstract.php Normal file
View File

@ -0,0 +1,56 @@
<?php
abstract class Db_Abstract implements Db_Interface
{
private $dbconn;
protected static $instance;
private function __construct() { }
public static function instance()
{
if (is_null(static::$instance)) {
static::$instance = new static();
}
return static::$instance;
}
public function connect($host, $user, $pass, $db) { }
public function getLink()
{
return $this->dbconn;
}
public function init() { }
public function escape_string($s, $strip_tags = true) { }
public function query($query, $die_on_error = true) { }
public function fetch_assoc($result) { }
public function num_rows($result) { }
public function fetch_result($result, $row, $param) { }
public function unescape_string($str)
{
$tmp = str_replace("\\\"", "\"", $str);
$tmp = str_replace("\\'", "'", $tmp);
return $tmp;
}
public function close() { }
public function affected_rows($result) { }
public function last_error() { }
public function quote($str)
{
return("'$str'");
}
}

18
classes/Db/Interface.php Normal file
View File

@ -0,0 +1,18 @@
<?php
interface Db_Interface
{
public function connect($host, $user, $pass, $db);
public function getLink();
public function init();
public function escape_string($s, $strip_tags = true);
public function query($query, $die_on_error = true);
public function fetch_assoc($result);
public function num_rows($result);
public function fetch_result($result, $row, $param);
public function unescape_string($str);
public function close();
public function affected_rows($result);
public function last_error();
public function quote($str);
}

71
classes/Db/Mysql.php Normal file
View File

@ -0,0 +1,71 @@
<?php
class Db_Mysql extends Db_Abstract
{
public function connect($host, $user, $pass, $db)
{
$link = mysql_connect($host, $user, $pass);
if ($link) {
$result = mysql_select_db($db, $link);
if (!$result) {
die("Can't select DB: " . mysql_error($link));
}
$this->dbconn = $link;
return $link;
} else {
die("Unable to connect to database (as $user to $host, database $db): " . mysql_error());
}
}
public function init()
{
db_query($this->dbconn, "SET time_zone = '+0:0'");
if (defined('MYSQL_CHARSET') && MYSQL_CHARSET) {
db_query($this->dbconn, "SET NAMES " . MYSQL_CHARSET);
}
}
public function escape_string($s, $strip_tags = true)
{
if ($strip_tags) $s = strip_tags($s);
return mysql_real_escape_string($s);
}
public function query($query, $die_on_error = true)
{
$result = mysql_query($query, $this->dbconn);
if (!$result) {
$query = htmlspecialchars($query);
if ($die_on_error) {
die("Query <i>$query</i> failed: " . ($this->dbconn ? mysql_error($this->dbconn) : "No connection"));
}
}
return $result;
}
public function fetch_assoc($result) {
return mysql_fetch_assoc($result);
}
public function num_rows($result) {
return mysql_num_rows($result);
}
public function fetch_result($result, $row, $param) {
// I hate incoherent naming of PHP functions
return mysql_result($result, $row, $param);
}
public function close() {
return mysql_close($this->dbconn);
}
public function affected_rows($result) {
return mysql_affected_rows($this->dbconn);
}
public function last_error() {
return mysql_error($this->dbconn);
}
}

80
classes/Db/Pgsql.php Normal file
View File

@ -0,0 +1,80 @@
<?php
class Db_Pgsql extends Db_Abstract
{
public function connect($host, $user, $pass, $db)
{
$string = "dbname=$db user=$user";
if ($pass) {
$string .= " password=$pass";
}
if ($host) {
$string .= " host=$host";
}
if (defined('DB_PORT')) {
$string = "$string port=" . DB_PORT;
}
$link = pg_connect($string);
if (!$link) {
die("Unable to connect to database (as $user to $host, database $db):" . pg_last_error());
}
$this->dbconn = $link;
return $link;
}
public function init()
{
pg_query($this->dbconn, "set client_encoding = 'UTF-8'");
pg_set_client_encoding("UNICODE");
pg_query($this->dbconn, "set datestyle = 'ISO, european'");
pg_query($this->dbconn, "set TIME ZONE 0");
}
public function escape_string($s, $strip_tags = true)
{
if ($strip_tags) $s = strip_tags($s);
return pg_escape_string($s);
}
public function query($query, $die_on_error = true)
{
$result = pg_query($this->dbconn, $query);
if (!$result) {
$query = htmlspecialchars($query); // just in case
if ($die_on_error) {
die("Query <i>$query</i> failed [$result]: " . ($this->dbconn ? pg_last_error($this->dbconn) : "No connection"));
}
}
return $result;
}
public function fetch_assoc($result) {
return pg_fetch_assoc($result);
}
public function num_rows($result) {
return pg_num_rows($result);
}
public function fetch_result($result, $row, $param) {
return pg_fetch_result($result, $row, $param);
}
public function close() {
return pg_close($this->dbconn);
}
public function affected_rows($result) {
return pg_affected_rows($result);
}
public function last_error() {
return pg_last_error($this->dbconn);
}
}

View File

@ -1,6 +1,6 @@
<?php
class SanitizeDummy extends SimplePie_Sanitize {
function sanitize($data, $type, $base) {
function sanitize($data, $type, $base = '') {
return $data;
}
}

View File

@ -2,137 +2,68 @@
require_once "config.php";
function db_connect($host, $user, $pass, $db) {
if (DB_TYPE == "pgsql") {
$db_class = 'Db_'.ucfirst(DB_TYPE);
$db_class_file = 'classes/' . str_replace('_', '/', $db_class) . '.php';
$string = "dbname=$db user=$user";
require_once "classes/Db/Interface.php";
require_once "classes/Db/Abstract.php";
require_once $db_class_file;
if ($pass) {
$string .= " password=$pass";
}
$db = $db_class::instance(); // call_user_func(array($db_class, 'instance'));
if ($host) {
$string .= " host=$host";
}
if (defined('DB_PORT')) {
$string = "$string port=" . DB_PORT;
}
$link = pg_connect($string);
if (!$link) {
die("Unable to connect to database (as $user to $host, database $db):" . pg_last_error());
}
return $link;
} else if (DB_TYPE == "mysql") {
$link = mysql_connect($host, $user, $pass);
if ($link) {
$result = mysql_select_db($db, $link);
if (!$result) {
die("Can't select DB: " . mysql_error($link));
}
return $link;
} else {
die("Unable to connect to database (as $user to $host, database $db): " . mysql_error());
}
}
function db_connect($host, $user, $pass, $db_name) {
global $db;
return $db->connect($host, $user, $pass, $db_name);
}
function db_escape_string($s, $strip_tags = true) {
if ($strip_tags) $s = strip_tags($s);
if (DB_TYPE == "pgsql") {
return pg_escape_string($s);
} else {
return mysql_real_escape_string($s);
}
global $db;
return $db->escape_string($s, $strip_tags);
}
function db_query($link, $query, $die_on_error = true) {
if (DB_TYPE == "pgsql") {
$result = pg_query($link, $query);
if (!$result) {
$query = htmlspecialchars($query); // just in case
if ($die_on_error) {
die("Query <i>$query</i> failed [$result]: " . ($link ? pg_last_error($link) : "No connection"));
}
}
return $result;
} else if (DB_TYPE == "mysql") {
$result = mysql_query($query, $link);
if (!$result) {
$query = htmlspecialchars($query);
if ($die_on_error) {
die("Query <i>$query</i> failed: " . ($link ? mysql_error($link) : "No connection"));
}
}
return $result;
}
global $db;
return $db->query($query, $die_on_error);
}
function db_fetch_assoc($result) {
if (DB_TYPE == "pgsql") {
return pg_fetch_assoc($result);
} else if (DB_TYPE == "mysql") {
return mysql_fetch_assoc($result);
}
global $db;
return $db->fetch_assoc($result);
}
function db_num_rows($result) {
if (DB_TYPE == "pgsql") {
return pg_num_rows($result);
} else if (DB_TYPE == "mysql") {
return mysql_num_rows($result);
}
global $db;
return $db->num_rows($result);
}
function db_fetch_result($result, $row, $param) {
if (DB_TYPE == "pgsql") {
return pg_fetch_result($result, $row, $param);
} else if (DB_TYPE == "mysql") {
// I hate incoherent naming of PHP functions
return mysql_result($result, $row, $param);
}
global $db;
return $db->fetch_result($result, $row, $param);
}
function db_unescape_string($str) {
$tmp = str_replace("\\\"", "\"", $str);
$tmp = str_replace("\\'", "'", $tmp);
return $tmp;
global $db;
return $db->unescape_string($str);
}
function db_close($link) {
if (DB_TYPE == "pgsql") {
return pg_close($link);
} else if (DB_TYPE == "mysql") {
return mysql_close($link);
}
global $db;
return $db->close();
}
function db_affected_rows($link, $result) {
if (DB_TYPE == "pgsql") {
return pg_affected_rows($result);
} else if (DB_TYPE == "mysql") {
return mysql_affected_rows($link);
}
global $db;
return $db->affected_rows($result);
}
function db_last_error($link) {
if (DB_TYPE == "pgsql") {
return pg_last_error($link);
} else if (DB_TYPE == "mysql") {
return mysql_error($link);
}
global $db;
return $db->last_error();
}
function db_quote($str){
return("'$str'");
global $db;
return $db->quote($str);
}
?>
?>

View File

@ -6,14 +6,17 @@
$pluginhost = false;
function __autoload($class) {
$class_file = str_replace("_", "/", strtolower(basename($class)));
$class_file1 = str_replace("_", "/", basename($class)); // PSR-0
$class_file2 = str_replace("_", "/", strtolower(basename($class)));
$file = dirname(__FILE__)."/../classes/$class_file.php";
$file1 = dirname(__FILE__)."/../classes/$class_file1.php";
$file2 = dirname(__FILE__)."/../classes/$class_file2.php";
if (file_exists($file)) {
require $file;
if (file_exists($file1)) {
require $file1;
} elseif (file_exists($file2)) {
require $file2;
}
}
mb_internal_encoding("UTF-8");
@ -199,8 +202,6 @@
ttrss_entries.date_updated < NOW() - INTERVAL '$purge_interval days'");
}
$rows = pg_affected_rows($result);
} else {
/* $result = db_query($link, "DELETE FROM ttrss_user_entries WHERE
@ -216,9 +217,8 @@
$query_limit
ttrss_entries.date_updated < DATE_SUB(NOW(), INTERVAL $purge_interval DAY)");
$rows = mysql_affected_rows($link);
}
$rows = db_affected_rows($link, $result);
ccache_update($link, $feed_id, $owner_uid);
@ -952,7 +952,7 @@
}
function sql_random_function() {
if (DB_TYPE == "mysql") {
if (DB_TYPE == "mysql") {
return "RAND()";
} else {
return "RANDOM()";
@ -3208,24 +3208,13 @@
}
function init_connection($link) {
if ($link) {
if (DB_TYPE == "pgsql") {
pg_query($link, "set client_encoding = 'UTF-8'");
pg_set_client_encoding("UNICODE");
pg_query($link, "set datestyle = 'ISO, european'");
pg_query($link, "set TIME ZONE 0");
} else {
db_query($link, "SET time_zone = '+0:0'");
if (defined('MYSQL_CHARSET') && MYSQL_CHARSET) {
db_query($link, "SET NAMES " . MYSQL_CHARSET);
}
}
global $db;
if ($db) {
$db->init();
global $pluginhost;
$pluginhost = new PluginHost($link);
$pluginhost = new PluginHost($db->getLink());
$pluginhost->load(PLUGINS, $pluginhost::KIND_ALL);
return true;
@ -3914,4 +3903,4 @@
return in_array($interface, class_implements($class));
}
?>
?>