| [ Index ] |
PHP Cross Reference of Drupal 6 (gatewave) |
[Summary view] [Print] [Text view]
1 <?php 2 // $Id: database.mysqli.inc,v 1.54.2.4 2010/12/15 20:41:10 goba Exp $ 3 4 /** 5 * @file 6 * Database interface code for MySQL database servers using the mysqli client libraries. mysqli is included in PHP 5 by default and allows developers to use the advanced features of MySQL 4.1.x, 5.0.x and beyond. 7 */ 8 9 // Maintainers of this file should consult: 10 // http://www.php.net/manual/en/ref.mysqli.php 11 12 /** 13 * @ingroup database 14 * @{ 15 */ 16 17 // Include functions shared between mysql and mysqli. 18 require_once './includes/database.mysql-common.inc'; 19 20 /** 21 * Report database status. 22 */ 23 function db_status_report($phase) { 24 $t = get_t(); 25 26 $version = db_version(); 27 28 $form['mysql'] = array( 29 'title' => $t('MySQL database'), 30 'value' => ($phase == 'runtime') ? l($version, 'admin/reports/status/sql') : $version, 31 ); 32 33 if (version_compare($version, DRUPAL_MINIMUM_MYSQL) < 0) { 34 $form['mysql']['severity'] = REQUIREMENT_ERROR; 35 $form['mysql']['description'] = $t('Your MySQL Server is too old. Drupal requires at least MySQL %version.', array('%version' => DRUPAL_MINIMUM_MYSQL)); 36 } 37 38 return $form; 39 } 40 41 /** 42 * Returns the version of the database server currently in use. 43 * 44 * @return Database server version 45 */ 46 function db_version() { 47 global $active_db; 48 list($version) = explode('-', mysqli_get_server_info($active_db)); 49 return $version; 50 } 51 52 /** 53 * Initialise a database connection. 54 * 55 * Note that mysqli does not support persistent connections. 56 */ 57 function db_connect($url) { 58 // Check if MySQLi support is present in PHP 59 if (!function_exists('mysqli_init') && !extension_loaded('mysqli')) { 60 _db_error_page('Unable to use the MySQLi database because the MySQLi extension for PHP is not installed. Check your <code>php.ini</code> to see how you can enable it.'); 61 } 62 63 $url = parse_url($url); 64 65 // Decode url-encoded information in the db connection string 66 $url['user'] = urldecode($url['user']); 67 // Test if database url has a password. 68 $url['pass'] = isset($url['pass']) ? urldecode($url['pass']) : ''; 69 $url['host'] = urldecode($url['host']); 70 $url['path'] = urldecode($url['path']); 71 if (!isset($url['port'])) { 72 $url['port'] = NULL; 73 } 74 75 $connection = mysqli_init(); 76 @mysqli_real_connect($connection, $url['host'], $url['user'], $url['pass'], substr($url['path'], 1), $url['port'], NULL, MYSQLI_CLIENT_FOUND_ROWS); 77 78 if (mysqli_connect_errno() > 0) { 79 _db_error_page(mysqli_connect_error()); 80 } 81 82 // Force MySQL to use the UTF-8 character set. Also set the collation, if a 83 // certain one has been set; otherwise, MySQL defaults to 'utf8_general_ci' 84 // for UTF-8. 85 if (!empty($GLOBALS['db_collation'])) { 86 mysqli_query($connection, 'SET NAMES utf8 COLLATE ' . $GLOBALS['db_collation']); 87 } 88 else { 89 mysqli_query($connection, 'SET NAMES utf8'); 90 } 91 92 return $connection; 93 } 94 95 /** 96 * Helper function for db_query(). 97 */ 98 function _db_query($query, $debug = 0) { 99 global $active_db, $queries, $user; 100 101 if (variable_get('dev_query', 0)) { 102 list($usec, $sec) = explode(' ', microtime()); 103 $timer = (float)$usec + (float)$sec; 104 // If devel.module query logging is enabled, prepend a comment with the username and calling function 105 // to the SQL string. This is useful when running mysql's SHOW PROCESSLIST to learn what exact 106 // code is issueing the slow query. 107 $bt = debug_backtrace(); 108 // t() may not be available yet so we don't wrap 'Anonymous' 109 $name = $user->uid ? $user->name : variable_get('anonymous', 'Anonymous'); 110 // str_replace() to prevent SQL injection via username or anonymous name. 111 $name = str_replace(array('*', '/'), '', $name); 112 $query = '/* '. $name .' : '. $bt[2]['function'] .' */ '. $query; 113 } 114 115 $result = mysqli_query($active_db, $query); 116 117 if (variable_get('dev_query', 0)) { 118 $query = $bt[2]['function'] ."\n". $query; 119 list($usec, $sec) = explode(' ', microtime()); 120 $stop = (float)$usec + (float)$sec; 121 $diff = $stop - $timer; 122 $queries[] = array($query, $diff); 123 } 124 125 if ($debug) { 126 print '<p>query: '. $query .'<br />error:'. mysqli_error($active_db) .'</p>'; 127 } 128 129 if (!mysqli_errno($active_db)) { 130 return $result; 131 } 132 else { 133 // Indicate to drupal_error_handler that this is a database error. 134 $DB_ERROR} = TRUE; 135 trigger_error(check_plain(mysqli_error($active_db) ."\nquery: ". $query), E_USER_WARNING); 136 return FALSE; 137 } 138 } 139 140 /** 141 * Fetch one result row from the previous query as an object. 142 * 143 * @param $result 144 * A database query result resource, as returned from db_query(). 145 * @return 146 * An object representing the next row of the result, or FALSE. The attributes 147 * of this object are the table fields selected by the query. 148 */ 149 function db_fetch_object($result) { 150 if ($result) { 151 $object = mysqli_fetch_object($result); 152 return isset($object) ? $object : FALSE; 153 } 154 } 155 156 /** 157 * Fetch one result row from the previous query as an array. 158 * 159 * @param $result 160 * A database query result resource, as returned from db_query(). 161 * @return 162 * An associative array representing the next row of the result, or FALSE. 163 * The keys of this object are the names of the table fields selected by the 164 * query, and the values are the field values for this result row. 165 */ 166 function db_fetch_array($result) { 167 if ($result) { 168 $array = mysqli_fetch_array($result, MYSQLI_ASSOC); 169 return isset($array) ? $array : FALSE; 170 } 171 } 172 173 /** 174 * Return an individual result field from the previous query. 175 * 176 * Only use this function if exactly one field is being selected; otherwise, 177 * use db_fetch_object() or db_fetch_array(). 178 * 179 * @param $result 180 * A database query result resource, as returned from db_query(). 181 * @return 182 * The resulting field or FALSE. 183 */ 184 function db_result($result) { 185 if ($result && mysqli_num_rows($result) > 0) { 186 // The mysqli_fetch_row function has an optional second parameter $row 187 // but that can't be used for compatibility with Oracle, DB2, etc. 188 $array = mysqli_fetch_row($result); 189 return $array[0]; 190 } 191 return FALSE; 192 } 193 194 /** 195 * Determine whether the previous query caused an error. 196 */ 197 function db_error() { 198 global $active_db; 199 return mysqli_errno($active_db); 200 } 201 202 /** 203 * Determine the number of rows changed by the preceding query. 204 */ 205 function db_affected_rows() { 206 global $active_db; /* mysqli connection resource */ 207 return mysqli_affected_rows($active_db); 208 } 209 210 /** 211 * Runs a limited-range query in the active database. 212 * 213 * Use this as a substitute for db_query() when a subset of the query is to be 214 * returned. 215 * User-supplied arguments to the query should be passed in as separate parameters 216 * so that they can be properly escaped to avoid SQL injection attacks. 217 * 218 * @param $query 219 * A string containing an SQL query. 220 * @param ... 221 * A variable number of arguments which are substituted into the query 222 * using printf() syntax. The query arguments can be enclosed in one 223 * array instead. 224 * Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose 225 * in '') and %%. 226 * 227 * NOTE: using this syntax will cast NULL and FALSE values to decimal 0, 228 * and TRUE values to decimal 1. 229 * 230 * @param $from 231 * The first result row to return. 232 * @param $count 233 * The maximum number of result rows to return. 234 * @return 235 * A database query result resource, or FALSE if the query was not executed 236 * correctly. 237 */ 238 function db_query_range($query) { 239 $args = func_get_args(); 240 $count = array_pop($args); 241 $from = array_pop($args); 242 array_shift($args); 243 244 $query = db_prefix_tables($query); 245 if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax 246 $args = $args[0]; 247 } 248 _db_query_callback($args, TRUE); 249 $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query); 250 $query .= ' LIMIT '. (int)$from .', '. (int)$count; 251 return _db_query($query); 252 } 253 254 /** 255 * Runs a SELECT query and stores its results in a temporary table. 256 * 257 * Use this as a substitute for db_query() when the results need to stored 258 * in a temporary table. Temporary tables exist for the duration of the page 259 * request. 260 * User-supplied arguments to the query should be passed in as separate parameters 261 * so that they can be properly escaped to avoid SQL injection attacks. 262 * 263 * Note that if you need to know how many results were returned, you should do 264 * a SELECT COUNT(*) on the temporary table afterwards. db_affected_rows() does 265 * not give consistent result across different database types in this case. 266 * 267 * @param $query 268 * A string containing a normal SELECT SQL query. 269 * @param ... 270 * A variable number of arguments which are substituted into the query 271 * using printf() syntax. The query arguments can be enclosed in one 272 * array instead. 273 * Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose 274 * in '') and %%. 275 * 276 * NOTE: using this syntax will cast NULL and FALSE values to decimal 0, 277 * and TRUE values to decimal 1. 278 * 279 * @param $table 280 * The name of the temporary table to select into. This name will not be 281 * prefixed as there is no risk of collision. 282 * @return 283 * A database query result resource, or FALSE if the query was not executed 284 * correctly. 285 */ 286 function db_query_temporary($query) { 287 $args = func_get_args(); 288 $tablename = array_pop($args); 289 array_shift($args); 290 291 $query = preg_replace('/^SELECT/i', 'CREATE TEMPORARY TABLE '. $tablename .' Engine=HEAP SELECT', db_prefix_tables($query)); 292 if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax 293 $args = $args[0]; 294 } 295 _db_query_callback($args, TRUE); 296 $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query); 297 return _db_query($query); 298 } 299 300 /** 301 * Returns a properly formatted Binary Large Object value. 302 * 303 * @param $data 304 * Data to encode. 305 * @return 306 * Encoded data. 307 */ 308 function db_encode_blob($data) { 309 global $active_db; 310 return "'". mysqli_real_escape_string($active_db, $data) ."'"; 311 } 312 313 /** 314 * Returns text from a Binary Large OBject value. 315 * 316 * @param $data 317 * Data to decode. 318 * @return 319 * Decoded data. 320 */ 321 function db_decode_blob($data) { 322 return $data; 323 } 324 325 /** 326 * Prepare user input for use in a database query, preventing SQL injection attacks. 327 */ 328 function db_escape_string($text) { 329 global $active_db; 330 return mysqli_real_escape_string($active_db, $text); 331 } 332 333 /** 334 * Lock a table. 335 */ 336 function db_lock_table($table) { 337 db_query('LOCK TABLES {'. db_escape_table($table) .'} WRITE'); 338 } 339 340 /** 341 * Unlock all locked tables. 342 */ 343 function db_unlock_tables() { 344 db_query('UNLOCK TABLES'); 345 } 346 347 /** 348 * Check if a table exists. 349 * 350 * @param $table 351 * The name of the table. 352 * 353 * @return 354 * TRUE if the table exists, and FALSE if the table does not exist. 355 */ 356 function db_table_exists($table) { 357 return (bool) db_fetch_object(db_query("SHOW TABLES LIKE '{". db_escape_table($table) ."}'")); 358 } 359 360 /** 361 * Check if a column exists in the given table. 362 * 363 * @param $table 364 * The name of the table. 365 * @param $column 366 * The name of the column. 367 * 368 * @return 369 * TRUE if the column exists, and FALSE if the column does not exist. 370 */ 371 function db_column_exists($table, $column) { 372 return (bool) db_fetch_object(db_query("SHOW COLUMNS FROM {". db_escape_table($table) ."} LIKE '". db_escape_table($column) ."'")); 373 } 374 375 /** 376 * @} End of "ingroup database". 377 */ 378
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Mar 24 11:18:33 2011 | Cross-referenced by PHPXref 0.7 |