| [ Index ] |
PHP Cross Reference of Drupal 6 (yi-drupal) |
[Summary view] [Print] [Text view]
1 <?php 2 3 /** 4 * @file 5 * Database interface code for MySQL database servers using the mysqli client libraries. mysqli is included in PHP 5 by default and allows developers to use the advanced features of MySQL 4.1.x, 5.0.x and beyond. 6 */ 7 8 // Maintainers of this file should consult: 9 // http://www.php.net/manual/en/ref.mysqli.php 10 11 /** 12 * @ingroup database 13 * @{ 14 */ 15 16 // Include functions shared between mysql and mysqli. 17 require_once './includes/database.mysql-common.inc'; 18 19 /** 20 * Report database status. 21 */ 22 function db_status_report($phase) { 23 $t = get_t(); 24 25 $version = db_version(); 26 27 $form['mysql'] = array( 28 'title' => $t('MySQL database'), 29 'value' => ($phase == 'runtime') ? l($version, 'admin/reports/status/sql') : $version, 30 ); 31 32 if (version_compare($version, DRUPAL_MINIMUM_MYSQL) < 0) { 33 $form['mysql']['severity'] = REQUIREMENT_ERROR; 34 $form['mysql']['description'] = $t('Your MySQL Server is too old. Drupal requires at least MySQL %version.', array('%version' => DRUPAL_MINIMUM_MYSQL)); 35 } 36 37 return $form; 38 } 39 40 /** 41 * Returns the version of the database server currently in use. 42 * 43 * @return Database server version 44 */ 45 function db_version() { 46 global $active_db; 47 list($version) = explode('-', mysqli_get_server_info($active_db)); 48 return $version; 49 } 50 51 /** 52 * Initialise a database connection. 53 * 54 * Note that mysqli does not support persistent connections. 55 */ 56 function db_connect($url) { 57 // Check if MySQLi support is present in PHP 58 if (!function_exists('mysqli_init') && !extension_loaded('mysqli')) { 59 _db_error_page('Unable to use the MySQLi database because the MySQLi extension for PHP is not installed. Check your <code>php.ini</code> to see how you can enable it.'); 60 } 61 62 $url = parse_url($url); 63 64 // Decode url-encoded information in the db connection string 65 $url['user'] = urldecode($url['user']); 66 // Test if database url has a password. 67 $url['pass'] = isset($url['pass']) ? urldecode($url['pass']) : ''; 68 $url['host'] = urldecode($url['host']); 69 $url['path'] = urldecode($url['path']); 70 if (!isset($url['port'])) { 71 $url['port'] = NULL; 72 } 73 74 $connection = mysqli_init(); 75 @mysqli_real_connect($connection, $url['host'], $url['user'], $url['pass'], substr($url['path'], 1), $url['port'], NULL, MYSQLI_CLIENT_FOUND_ROWS); 76 77 if (mysqli_connect_errno() > 0) { 78 _db_error_page(mysqli_connect_error()); 79 } 80 81 // Force MySQL to use the UTF-8 character set. Also set the collation, if a 82 // certain one has been set; otherwise, MySQL defaults to 'utf8_general_ci' 83 // for UTF-8. 84 if (!empty($GLOBALS['db_collation'])) { 85 mysqli_query($connection, 'SET NAMES utf8 COLLATE ' . $GLOBALS['db_collation']); 86 } 87 else { 88 mysqli_query($connection, 'SET NAMES utf8'); 89 } 90 91 return $connection; 92 } 93 94 /** 95 * Helper function for db_query(). 96 */ 97 function _db_query($query, $debug = 0) { 98 global $active_db, $queries, $user; 99 100 if (variable_get('dev_query', 0)) { 101 list($usec, $sec) = explode(' ', microtime()); 102 $timer = (float)$usec + (float)$sec; 103 // If devel.module query logging is enabled, prepend a comment with the username and calling function 104 // to the SQL string. This is useful when running mysql's SHOW PROCESSLIST to learn what exact 105 // code is issueing the slow query. 106 $bt = debug_backtrace(); 107 // t() may not be available yet so we don't wrap 'Anonymous' 108 $name = $user->uid ? $user->name : variable_get('anonymous', 'Anonymous'); 109 // str_replace() to prevent SQL injection via username or anonymous name. 110 $name = str_replace(array('*', '/'), '', $name); 111 $query = '/* '. $name .' : '. $bt[2]['function'] .' */ '. $query; 112 } 113 114 $result = mysqli_query($active_db, $query); 115 116 if (variable_get('dev_query', 0)) { 117 $query = $bt[2]['function'] ."\n". $query; 118 list($usec, $sec) = explode(' ', microtime()); 119 $stop = (float)$usec + (float)$sec; 120 $diff = $stop - $timer; 121 $queries[] = array($query, $diff); 122 } 123 124 if ($debug) { 125 print '<p>query: '. $query .'<br />error:'. mysqli_error($active_db) .'</p>'; 126 } 127 128 if (!mysqli_errno($active_db)) { 129 return $result; 130 } 131 else { 132 // Indicate to drupal_error_handler that this is a database error. 133 $DB_ERROR} = TRUE; 134 trigger_error(check_plain(mysqli_error($active_db) ."\nquery: ". $query), E_USER_WARNING); 135 return FALSE; 136 } 137 } 138 139 /** 140 * Fetch one result row from the previous query as an object. 141 * 142 * @param $result 143 * A database query result resource, as returned from db_query(). 144 * @return 145 * An object representing the next row of the result, or FALSE. The attributes 146 * of this object are the table fields selected by the query. 147 */ 148 function db_fetch_object($result) { 149 if ($result) { 150 $object = mysqli_fetch_object($result); 151 return isset($object) ? $object : FALSE; 152 } 153 } 154 155 /** 156 * Fetch one result row from the previous query as an array. 157 * 158 * @param $result 159 * A database query result resource, as returned from db_query(). 160 * @return 161 * An associative array representing the next row of the result, or FALSE. 162 * The keys of this object are the names of the table fields selected by the 163 * query, and the values are the field values for this result row. 164 */ 165 function db_fetch_array($result) { 166 if ($result) { 167 $array = mysqli_fetch_array($result, MYSQLI_ASSOC); 168 return isset($array) ? $array : FALSE; 169 } 170 } 171 172 /** 173 * Return an individual result field from the previous query. 174 * 175 * Only use this function if exactly one field is being selected; otherwise, 176 * use db_fetch_object() or db_fetch_array(). 177 * 178 * @param $result 179 * A database query result resource, as returned from db_query(). 180 * @return 181 * The resulting field or FALSE. 182 */ 183 function db_result($result) { 184 if ($result && mysqli_num_rows($result) > 0) { 185 // The mysqli_fetch_row function has an optional second parameter $row 186 // but that can't be used for compatibility with Oracle, DB2, etc. 187 $array = mysqli_fetch_row($result); 188 return $array[0]; 189 } 190 return FALSE; 191 } 192 193 /** 194 * Determine whether the previous query caused an error. 195 */ 196 function db_error() { 197 global $active_db; 198 return mysqli_errno($active_db); 199 } 200 201 /** 202 * Determine the number of rows changed by the preceding query. 203 */ 204 function db_affected_rows() { 205 global $active_db; /* mysqli connection resource */ 206 return mysqli_affected_rows($active_db); 207 } 208 209 /** 210 * Runs a limited-range query in the active database. 211 * 212 * Use this as a substitute for db_query() when a subset of the query is to be 213 * returned. 214 * User-supplied arguments to the query should be passed in as separate parameters 215 * so that they can be properly escaped to avoid SQL injection attacks. 216 * 217 * @param $query 218 * A string containing an SQL query. 219 * @param ... 220 * A variable number of arguments which are substituted into the query 221 * using printf() syntax. The query arguments can be enclosed in one 222 * array instead. 223 * Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose 224 * in '') and %%. 225 * 226 * NOTE: using this syntax will cast NULL and FALSE values to decimal 0, 227 * and TRUE values to decimal 1. 228 * 229 * @param $from 230 * The first result row to return. 231 * @param $count 232 * The maximum number of result rows to return. 233 * @return 234 * A database query result resource, or FALSE if the query was not executed 235 * correctly. 236 */ 237 function db_query_range($query) { 238 $args = func_get_args(); 239 $count = array_pop($args); 240 $from = array_pop($args); 241 array_shift($args); 242 243 $query = db_prefix_tables($query); 244 if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax 245 $args = $args[0]; 246 } 247 _db_query_callback($args, TRUE); 248 $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query); 249 $query .= ' LIMIT '. (int)$from .', '. (int)$count; 250 return _db_query($query); 251 } 252 253 /** 254 * Runs a SELECT query and stores its results in a temporary table. 255 * 256 * Use this as a substitute for db_query() when the results need to stored 257 * in a temporary table. Temporary tables exist for the duration of the page 258 * request. 259 * User-supplied arguments to the query should be passed in as separate parameters 260 * so that they can be properly escaped to avoid SQL injection attacks. 261 * 262 * Note that if you need to know how many results were returned, you should do 263 * a SELECT COUNT(*) on the temporary table afterwards. db_affected_rows() does 264 * not give consistent result across different database types in this case. 265 * 266 * @param $query 267 * A string containing a normal SELECT SQL query. 268 * @param ... 269 * A variable number of arguments which are substituted into the query 270 * using printf() syntax. The query arguments can be enclosed in one 271 * array instead. 272 * Valid %-modifiers are: %s, %d, %f, %b (binary data, do not enclose 273 * in '') and %%. 274 * 275 * NOTE: using this syntax will cast NULL and FALSE values to decimal 0, 276 * and TRUE values to decimal 1. 277 * 278 * @param $table 279 * The name of the temporary table to select into. This name will not be 280 * prefixed as there is no risk of collision. 281 * @return 282 * A database query result resource, or FALSE if the query was not executed 283 * correctly. 284 */ 285 function db_query_temporary($query) { 286 $args = func_get_args(); 287 $tablename = array_pop($args); 288 array_shift($args); 289 290 $query = preg_replace('/^SELECT/i', 'CREATE TEMPORARY TABLE '. $tablename .' Engine=HEAP SELECT', db_prefix_tables($query)); 291 if (isset($args[0]) and is_array($args[0])) { // 'All arguments in one array' syntax 292 $args = $args[0]; 293 } 294 _db_query_callback($args, TRUE); 295 $query = preg_replace_callback(DB_QUERY_REGEXP, '_db_query_callback', $query); 296 return _db_query($query); 297 } 298 299 /** 300 * Returns a properly formatted Binary Large Object value. 301 * 302 * @param $data 303 * Data to encode. 304 * @return 305 * Encoded data. 306 */ 307 function db_encode_blob($data) { 308 global $active_db; 309 return "'". mysqli_real_escape_string($active_db, $data) ."'"; 310 } 311 312 /** 313 * Returns text from a Binary Large OBject value. 314 * 315 * @param $data 316 * Data to decode. 317 * @return 318 * Decoded data. 319 */ 320 function db_decode_blob($data) { 321 return $data; 322 } 323 324 /** 325 * Prepare user input for use in a database query, preventing SQL injection attacks. 326 */ 327 function db_escape_string($text) { 328 global $active_db; 329 return mysqli_real_escape_string($active_db, $text); 330 } 331 332 /** 333 * Lock a table. 334 */ 335 function db_lock_table($table) { 336 db_query('LOCK TABLES {'. db_escape_table($table) .'} WRITE'); 337 } 338 339 /** 340 * Unlock all locked tables. 341 */ 342 function db_unlock_tables() { 343 db_query('UNLOCK TABLES'); 344 } 345 346 /** 347 * Check if a table exists. 348 * 349 * @param $table 350 * The name of the table. 351 * 352 * @return 353 * TRUE if the table exists, and FALSE if the table does not exist. 354 */ 355 function db_table_exists($table) { 356 return (bool) db_fetch_object(db_query("SHOW TABLES LIKE '{". db_escape_table($table) ."}'")); 357 } 358 359 /** 360 * Check if a column exists in the given table. 361 * 362 * @param $table 363 * The name of the table. 364 * @param $column 365 * The name of the column. 366 * 367 * @return 368 * TRUE if the column exists, and FALSE if the column does not exist. 369 */ 370 function db_column_exists($table, $column) { 371 return (bool) db_fetch_object(db_query("SHOW COLUMNS FROM {". db_escape_table($table) ."} LIKE '". db_escape_table($column) ."'")); 372 } 373 374 /** 375 * @} End of "ingroup database". 376 */ 377
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Jul 9 18:01:44 2012 | Cross-referenced by PHPXref 0.7 |