diff options
Diffstat (limited to 'system/database/DB_driver.php')
| -rw-r--r-- | system/database/DB_driver.php | 1676 |
1 files changed, 1126 insertions, 550 deletions
diff --git a/system/database/DB_driver.php b/system/database/DB_driver.php index c342aacbd..3eb51f734 100644 --- a/system/database/DB_driver.php +++ b/system/database/DB_driver.php @@ -1,19 +1,41 @@ -<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); +<?php /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP * - * @package CodeIgniter - * @author ExpressionEngine Dev Team - * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. - * @license http://codeigniter.com/user_guide/license.html - * @link http://codeigniter.com - * @since Version 1.0 + * This content is released under the MIT License (MIT) + * + * Copyright (c) 2014 - 2017, British Columbia Institute of Technology + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) + * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link https://codeigniter.com + * @since Version 1.0.0 * @filesource */ - -// ------------------------------------------------------------------------ +defined('BASEPATH') OR exit('No direct script access allowed'); /** * Database Driver Class @@ -25,60 +47,322 @@ * @package CodeIgniter * @subpackage Drivers * @category Database - * @author ExpressionEngine Dev Team - * @link http://codeigniter.com/user_guide/database/ + * @author EllisLab Dev Team + * @link https://codeigniter.com/user_guide/database/ */ -class CI_DB_driver { - - var $username; - var $password; - var $hostname; - var $database; - var $dbdriver = 'mysql'; - var $dbprefix = ''; - var $char_set = 'utf8'; - var $dbcollat = 'utf8_general_ci'; - var $autoinit = TRUE; // Whether to automatically initialize the DB - var $swap_pre = ''; - var $port = ''; - var $pconnect = FALSE; - var $conn_id = FALSE; - var $result_id = FALSE; - var $db_debug = FALSE; - var $benchmark = 0; - var $query_count = 0; - var $bind_marker = '?'; - var $save_queries = TRUE; - var $queries = array(); - var $query_times = array(); - var $data_cache = array(); - var $trans_enabled = TRUE; - var $trans_strict = TRUE; - var $_trans_depth = 0; - var $_trans_status = TRUE; // Used with transactions to determine if a rollback should occur - var $cache_on = FALSE; - var $cachedir = ''; - var $cache_autodel = FALSE; - var $CACHE; // The cache class object - - // Private variables - var $_protect_identifiers = TRUE; - var $_reserved_identifiers = array('*'); // Identifiers that should NOT be escaped - - // These are use with Oracle - var $stmt_id; - var $curs_id; - var $limit_used; - - - - /** - * Constructor. Accepts one parameter containing the database - * connection settings. - * - * @param array - */ - function __construct($params) +abstract class CI_DB_driver { + + /** + * Data Source Name / Connect string + * + * @var string + */ + public $dsn; + + /** + * Username + * + * @var string + */ + public $username; + + /** + * Password + * + * @var string + */ + public $password; + + /** + * Hostname + * + * @var string + */ + public $hostname; + + /** + * Database name + * + * @var string + */ + public $database; + + /** + * Database driver + * + * @var string + */ + public $dbdriver = 'mysqli'; + + /** + * Sub-driver + * + * @used-by CI_DB_pdo_driver + * @var string + */ + public $subdriver; + + /** + * Table prefix + * + * @var string + */ + public $dbprefix = ''; + + /** + * Character set + * + * @var string + */ + public $char_set = 'utf8'; + + /** + * Collation + * + * @var string + */ + public $dbcollat = 'utf8_general_ci'; + + /** + * Encryption flag/data + * + * @var mixed + */ + public $encrypt = FALSE; + + /** + * Swap Prefix + * + * @var string + */ + public $swap_pre = ''; + + /** + * Database port + * + * @var int + */ + public $port = ''; + + /** + * Persistent connection flag + * + * @var bool + */ + public $pconnect = FALSE; + + /** + * Connection ID + * + * @var object|resource + */ + public $conn_id = FALSE; + + /** + * Result ID + * + * @var object|resource + */ + public $result_id = FALSE; + + /** + * Debug flag + * + * Whether to display error messages. + * + * @var bool + */ + public $db_debug = FALSE; + + /** + * Benchmark time + * + * @var int + */ + public $benchmark = 0; + + /** + * Executed queries count + * + * @var int + */ + public $query_count = 0; + + /** + * Bind marker + * + * Character used to identify values in a prepared statement. + * + * @var string + */ + public $bind_marker = '?'; + + /** + * Save queries flag + * + * Whether to keep an in-memory history of queries for debugging purposes. + * + * @var bool + */ + public $save_queries = TRUE; + + /** + * Queries list + * + * @see CI_DB_driver::$save_queries + * @var string[] + */ + public $queries = array(); + + /** + * Query times + * + * A list of times that queries took to execute. + * + * @var array + */ + public $query_times = array(); + + /** + * Data cache + * + * An internal generic value cache. + * + * @var array + */ + public $data_cache = array(); + + /** + * Transaction enabled flag + * + * @var bool + */ + public $trans_enabled = TRUE; + + /** + * Strict transaction mode flag + * + * @var bool + */ + public $trans_strict = TRUE; + + /** + * Transaction depth level + * + * @var int + */ + protected $_trans_depth = 0; + + /** + * Transaction status flag + * + * Used with transactions to determine if a rollback should occur. + * + * @var bool + */ + protected $_trans_status = TRUE; + + /** + * Transaction failure flag + * + * Used with transactions to determine if a transaction has failed. + * + * @var bool + */ + protected $_trans_failure = FALSE; + + /** + * Cache On flag + * + * @var bool + */ + public $cache_on = FALSE; + + /** + * Cache directory path + * + * @var bool + */ + public $cachedir = ''; + + /** + * Cache auto-delete flag + * + * @var bool + */ + public $cache_autodel = FALSE; + + /** + * DB Cache object + * + * @see CI_DB_cache + * @var object + */ + public $CACHE; + + /** + * Protect identifiers flag + * + * @var bool + */ + protected $_protect_identifiers = TRUE; + + /** + * List of reserved identifiers + * + * Identifiers that must NOT be escaped. + * + * @var string[] + */ + protected $_reserved_identifiers = array('*'); + + /** + * Identifier escape character + * + * @var string + */ + protected $_escape_char = '"'; + + /** + * ESCAPE statement string + * + * @var string + */ + protected $_like_escape_str = " ESCAPE '%s' "; + + /** + * ESCAPE character + * + * @var string + */ + protected $_like_escape_chr = '!'; + + /** + * ORDER BY random keyword + * + * @var array + */ + protected $_random_keyword = array('RAND()', 'RAND(%d)'); + + /** + * COUNT string + * + * @used-by CI_DB_driver::count_all() + * @used-by CI_DB_query_builder::count_all_results() + * + * @var string + */ + protected $_count_string = 'SELECT COUNT(*) AS '; + + // -------------------------------------------------------------------- + + /** + * Class constructor + * + * @param array $params + * @return void + */ + public function __construct($params) { if (is_array($params)) { @@ -88,7 +372,7 @@ class CI_DB_driver { } } - log_message('debug', 'Database Driver Class Initialized'); + log_message('info', 'Database Driver Class Initialized'); } // -------------------------------------------------------------------- @@ -96,15 +380,17 @@ class CI_DB_driver { /** * Initialize Database Settings * - * @access private Called by the constructor - * @param mixed - * @return void + * @return bool */ - function initialize() + public function initialize() { - // If an existing connection resource is available - // there is no need to connect and select the database - if (is_resource($this->conn_id) OR is_object($this->conn_id)) + /* If an established connection is available, then there's + * no need to connect and select the database. + * + * Depending on the database driver, conn_id can be either + * boolean TRUE, a resource or an object. + */ + if ($this->conn_id) { return TRUE; } @@ -112,69 +398,139 @@ class CI_DB_driver { // ---------------------------------------------------------------- // Connect to the database and set the connection ID - $this->conn_id = ($this->pconnect == FALSE) ? $this->db_connect() : $this->db_pconnect(); + $this->conn_id = $this->db_connect($this->pconnect); - // No connection resource? Throw an error + // No connection resource? Check if there is a failover else throw an error if ( ! $this->conn_id) { - log_message('error', 'Unable to connect to the database'); - - if ($this->db_debug) + // Check if there is a failover set + if ( ! empty($this->failover) && is_array($this->failover)) { - $this->display_error('db_unable_to_connect'); - } - return FALSE; - } + // Go over all the failovers + foreach ($this->failover as $failover) + { + // Replace the current settings with those of the failover + foreach ($failover as $key => $val) + { + $this->$key = $val; + } - // ---------------------------------------------------------------- + // Try to connect + $this->conn_id = $this->db_connect($this->pconnect); - // Select the DB... assuming a database name is specified in the config file - if ($this->database != '') - { - if ( ! $this->db_select()) - { - log_message('error', 'Unable to select database: '.$this->database); - - if ($this->db_debug) - { - $this->display_error('db_unable_to_select', $this->database); + // If a connection is made break the foreach loop + if ($this->conn_id) + { + break; + } } - return FALSE; } - else + + // We still don't have a connection? + if ( ! $this->conn_id) { - // We've selected the DB. Now we set the character set - if ( ! $this->db_set_charset($this->char_set, $this->dbcollat)) + log_message('error', 'Unable to connect to the database'); + + if ($this->db_debug) { - return FALSE; + $this->display_error('db_unable_to_connect'); } - return TRUE; + return FALSE; } } + // Now we set the character set and that's all + return $this->db_set_charset($this->char_set); + } + + // -------------------------------------------------------------------- + + /** + * DB connect + * + * This is just a dummy method that all drivers will override. + * + * @return mixed + */ + public function db_connect() + { return TRUE; } // -------------------------------------------------------------------- /** + * Persistent database connection + * + * @return mixed + */ + public function db_pconnect() + { + return $this->db_connect(TRUE); + } + + // -------------------------------------------------------------------- + + /** + * Reconnect + * + * Keep / reestablish the db connection if no queries have been + * sent for a length of time exceeding the server's idle timeout. + * + * This is just a dummy method to allow drivers without such + * functionality to not declare it, while others will override it. + * + * @return void + */ + public function reconnect() + { + } + + // -------------------------------------------------------------------- + + /** + * Select database + * + * This is just a dummy method to allow drivers without such + * functionality to not declare it, while others will override it. + * + * @return bool + */ + public function db_select() + { + return TRUE; + } + + // -------------------------------------------------------------------- + + /** + * Last error + * + * @return array + */ + public function error() + { + return array('code' => NULL, 'message' => NULL); + } + + // -------------------------------------------------------------------- + + /** * Set client character set * - * @access public - * @param string * @param string - * @return resource + * @return bool */ - function db_set_charset($charset, $collation) + public function db_set_charset($charset) { - if ( ! $this->_db_set_charset($this->char_set, $this->dbcollat)) + if (method_exists($this, '_db_set_charset') && ! $this->_db_set_charset($charset)) { - log_message('error', 'Unable to set database connection charset: '.$this->char_set); + log_message('error', 'Unable to set database connection charset: '.$charset); if ($this->db_debug) { - $this->display_error('db_unable_to_set_charset', $this->char_set); + $this->display_error('db_unable_to_set_charset', $charset); } return FALSE; @@ -188,10 +544,9 @@ class CI_DB_driver { /** * The name of the platform in use (mysql, mssql, etc...) * - * @access public * @return string */ - function platform() + public function platform() { return $this->dbdriver; } @@ -199,36 +554,39 @@ class CI_DB_driver { // -------------------------------------------------------------------- /** - * Database Version Number. Returns a string containing the - * version of the database being used + * Database version number + * + * Returns a string containing the version of the database being used. + * Most drivers will override this method. * - * @access public * @return string */ - function version() + public function version() { - if (FALSE === ($sql = $this->_version())) + if (isset($this->data_cache['version'])) { - if ($this->db_debug) - { - return $this->display_error('db_unsupported_function'); - } - return FALSE; + return $this->data_cache['version']; } - // Some DBs have functions that return the version, and don't run special - // SQL queries per se. In these instances, just return the result. - $driver_version_exceptions = array('oci8', 'sqlite', 'cubrid'); - - if (in_array($this->dbdriver, $driver_version_exceptions)) - { - return $sql; - } - else + if (FALSE === ($sql = $this->_version())) { - $query = $this->query($sql); - return $query->row('ver'); + return ($this->db_debug) ? $this->display_error('db_unsupported_function') : FALSE; } + + $query = $this->query($sql)->row(); + return $this->data_cache['version'] = $query->ver; + } + + // -------------------------------------------------------------------- + + /** + * Version number query string + * + * @return string + */ + protected function _version() + { + return 'SELECT VERSION() AS ver'; } // -------------------------------------------------------------------- @@ -237,32 +595,32 @@ class CI_DB_driver { * Execute the query * * Accepts an SQL string as input and returns a result object upon - * successful execution of a "read" type query. Returns boolean TRUE + * successful execution of a "read" type query. Returns boolean TRUE * upon successful execution of a "write" type query. Returns boolean * FALSE upon failure, and if the $db_debug variable is set to TRUE * will raise an error. * - * @access public - * @param string An SQL query string - * @param array An array of binding data + * @param string $sql + * @param array $binds = FALSE An array of binding data + * @param bool $return_object = NULL * @return mixed */ - function query($sql, $binds = FALSE, $return_object = TRUE) + public function query($sql, $binds = FALSE, $return_object = NULL) { - if ($sql == '') + if ($sql === '') { - if ($this->db_debug) - { - log_message('error', 'Invalid query: '.$sql); - return $this->display_error('db_invalid_query'); - } - return FALSE; + log_message('error', 'Invalid query: '.$sql); + return ($this->db_debug) ? $this->display_error('db_invalid_query') : FALSE; + } + elseif ( ! is_bool($return_object)) + { + $return_object = ! $this->is_write_type($sql); } // Verify table prefix and replace if necessary - if ( ($this->dbprefix != '' AND $this->swap_pre != '') AND ($this->dbprefix != $this->swap_pre) ) + if ($this->dbprefix !== '' && $this->swap_pre !== '' && $this->dbprefix !== $this->swap_pre) { - $sql = preg_replace("/(\W)".$this->swap_pre."(\S+?)/", "\\1".$this->dbprefix."\\2", $sql); + $sql = preg_replace('/(\W)'.$this->swap_pre.'(\S+?)/', '\\1'.$this->dbprefix.'\\2', $sql); } // Compile binds if needed @@ -271,87 +629,88 @@ class CI_DB_driver { $sql = $this->compile_binds($sql, $binds); } - // Is query caching enabled? If the query is a "read type" + // Is query caching enabled? If the query is a "read type" // we will load the caching class and return the previously // cached query if it exists - if ($this->cache_on == TRUE AND stristr($sql, 'SELECT')) + if ($this->cache_on === TRUE && $return_object === TRUE && $this->_cache_init()) { - if ($this->_cache_init()) + $this->load_rdriver(); + if (FALSE !== ($cache = $this->CACHE->read($sql))) { - $this->load_rdriver(); - if (FALSE !== ($cache = $this->CACHE->read($sql))) - { - return $cache; - } + return $cache; } } - // Save the query for debugging - if ($this->save_queries == TRUE) + // Save the query for debugging + if ($this->save_queries === TRUE) { $this->queries[] = $sql; } // Start the Query Timer - $time_start = list($sm, $ss) = explode(' ', microtime()); + $time_start = microtime(TRUE); // Run the Query if (FALSE === ($this->result_id = $this->simple_query($sql))) { - if ($this->save_queries == TRUE) + if ($this->save_queries === TRUE) { $this->query_times[] = 0; } // This will trigger a rollback if transactions are being used - $this->_trans_status = FALSE; + if ($this->_trans_depth !== 0) + { + $this->_trans_status = FALSE; + } + + // Grab the error now, as we might run some additional queries before displaying the error + $error = $this->error(); + + // Log errors + log_message('error', 'Query error: '.$error['message'].' - Invalid query: '.$sql); if ($this->db_debug) { - // grab the error number and message now, as we might run some - // additional queries before displaying the error - $error_no = $this->_error_number(); - $error_msg = $this->_error_message(); - // We call this function in order to roll-back queries - // if transactions are enabled. If we don't call this here + // if transactions are enabled. If we don't call this here // the error message will trigger an exit, causing the // transactions to remain in limbo. - $this->trans_complete(); - - // Log and display errors - log_message('error', 'Query error: '.$error_msg); - return $this->display_error( - array( - 'Error Number: '.$error_no, - $error_msg, - $sql - ) - ); + while ($this->_trans_depth !== 0) + { + $trans_depth = $this->_trans_depth; + $this->trans_complete(); + if ($trans_depth === $this->_trans_depth) + { + log_message('error', 'Database: Failure during an automated transaction commit/rollback!'); + break; + } + } + + // Display errors + return $this->display_error(array('Error Number: '.$error['code'], $error['message'], $sql)); } return FALSE; } // Stop and aggregate the query time results - $time_end = list($em, $es) = explode(' ', microtime()); - $this->benchmark += ($em + $es) - ($sm + $ss); + $time_end = microtime(TRUE); + $this->benchmark += $time_end - $time_start; - if ($this->save_queries == TRUE) + if ($this->save_queries === TRUE) { - $this->query_times[] = ($em + $es) - ($sm + $ss); + $this->query_times[] = $time_end - $time_start; } // Increment the query counter $this->query_count++; - // Was the query a "write" type? - // If so we'll simply return true - if ($this->is_write_type($sql) === TRUE) + // Will we have a result object instantiated? If not - we'll simply return TRUE + if ($return_object !== TRUE) { - // If caching is enabled we'll auto-cleanup any - // existing files related to this particular URI - if ($this->cache_on == TRUE AND $this->cache_autodel == TRUE AND $this->_cache_init()) + // If caching is enabled we'll auto-cleanup any existing files related to this particular URI + if ($this->cache_on === TRUE && $this->cache_autodel === TRUE && $this->_cache_init()) { $this->CACHE->delete(); } @@ -359,35 +718,13 @@ class CI_DB_driver { return TRUE; } - // Return TRUE if we don't need to create a result object - // Currently only the Oracle driver uses this when stored - // procedures are used - if ($return_object !== TRUE) - { - return TRUE; - } - // Load and instantiate the result driver + $driver = $this->load_rdriver(); + $RES = new $driver($this); - $driver = $this->load_rdriver(); - $RES = new $driver(); - $RES->conn_id = $this->conn_id; - $RES->result_id = $this->result_id; - - if ($this->dbdriver == 'oci8') - { - $RES->stmt_id = $this->stmt_id; - $RES->curs_id = NULL; - $RES->limit_used = $this->limit_used; - $this->stmt_id = FALSE; - } - - // oci8 vars must be set before calling this - $RES->num_rows = $RES->num_rows(); - - // Is query caching enabled? If so, we'll serialize the + // Is query caching enabled? If so, we'll serialize the // result object and save it to a cache file. - if ($this->cache_on == TRUE AND $this->_cache_init()) + if ($this->cache_on === TRUE && $this->_cache_init()) { // We'll create a new instance of the result object // only without the platform specific driver since @@ -395,10 +732,10 @@ class CI_DB_driver { // resource ID won't be any good once we've cached the // result object, so we'll have to compile the data // and save it) - $CR = new CI_DB_result(); - $CR->num_rows = $RES->num_rows(); + $CR = new CI_DB_result($this); $CR->result_object = $RES->result_object(); $CR->result_array = $RES->result_array(); + $CR->num_rows = $RES->num_rows(); // Reset these since cached objects can not utilize resource IDs. $CR->conn_id = NULL; @@ -415,17 +752,16 @@ class CI_DB_driver { /** * Load the result drivers * - * @access public * @return string the name of the result class */ - function load_rdriver() + public function load_rdriver() { $driver = 'CI_DB_'.$this->dbdriver.'_result'; - if ( ! class_exists($driver)) + if ( ! class_exists($driver, FALSE)) { - include_once(BASEPATH.'database/DB_result.php'); - include_once(BASEPATH.'database/drivers/'.$this->dbdriver.'/'.$this->dbdriver.'_result.php'); + require_once(BASEPATH.'database/DB_result.php'); + require_once(BASEPATH.'database/drivers/'.$this->dbdriver.'/'.$this->dbdriver.'_result.php'); } return $driver; @@ -435,19 +771,21 @@ class CI_DB_driver { /** * Simple Query - * This is a simplified version of the query() function. Internally + * This is a simplified version of the query() function. Internally * we only use it when running transaction commands since they do * not require all the features of the main query() function. * - * @access public * @param string the sql query * @return mixed */ - function simple_query($sql) + public function simple_query($sql) { if ( ! $this->conn_id) { - $this->initialize(); + if ( ! $this->initialize()) + { + return FALSE; + } } return $this->_execute($sql); @@ -459,10 +797,9 @@ class CI_DB_driver { * Disable Transactions * This permits transactions to be disabled at run-time. * - * @access public * @return void */ - function trans_off() + public function trans_off() { $this->trans_enabled = FALSE; } @@ -471,15 +808,18 @@ class CI_DB_driver { /** * Enable/disable Transaction Strict Mode + * * When strict mode is enabled, if you are running multiple groups of - * transactions, if one group fails all groups will be rolled back. - * If strict mode is disabled, each group is treated autonomously, meaning - * a failure of one group will not affect any others + * transactions, if one group fails all subsequent groups will be + * rolled back. * - * @access public + * If strict mode is disabled, each group is treated autonomously, + * meaning a failure of one group will not affect any others + * + * @param bool $mode = TRUE * @return void */ - function trans_strict($mode = TRUE) + public function trans_strict($mode = TRUE) { $this->trans_strict = is_bool($mode) ? $mode : TRUE; } @@ -489,24 +829,17 @@ class CI_DB_driver { /** * Start Transaction * - * @access public - * @return void + * @param bool $test_mode = FALSE + * @return bool */ - function trans_start($test_mode = FALSE) + public function trans_start($test_mode = FALSE) { if ( ! $this->trans_enabled) { return FALSE; } - // When transactions are nested we only begin/commit/rollback the outermost ones - if ($this->_trans_depth > 0) - { - $this->_trans_depth += 1; - return; - } - - $this->trans_begin($test_mode); + return $this->trans_begin($test_mode); } // -------------------------------------------------------------------- @@ -514,31 +847,23 @@ class CI_DB_driver { /** * Complete Transaction * - * @access public * @return bool */ - function trans_complete() + public function trans_complete() { if ( ! $this->trans_enabled) { return FALSE; } - // When transactions are nested we only begin/commit/rollback the outermost ones - if ($this->_trans_depth > 1) - { - $this->_trans_depth -= 1; - return TRUE; - } - // The query() function will set this flag to FALSE in the event that a query failed - if ($this->_trans_status === FALSE) + if ($this->_trans_status === FALSE OR $this->_trans_failure === TRUE) { $this->trans_rollback(); // If we are NOT running in strict mode, we will reset - // the _trans_status flag so that subsequent groups of transactions - // will be permitted. + // the _trans_status flag so that subsequent groups of + // transactions will be permitted. if ($this->trans_strict === FALSE) { $this->_trans_status = TRUE; @@ -548,8 +873,7 @@ class CI_DB_driver { return FALSE; } - $this->trans_commit(); - return TRUE; + return $this->trans_commit(); } // -------------------------------------------------------------------- @@ -557,10 +881,9 @@ class CI_DB_driver { /** * Lets you retrieve the transaction flag to determine if it has failed * - * @access public * @return bool */ - function trans_status() + public function trans_status() { return $this->_trans_status; } @@ -568,44 +891,147 @@ class CI_DB_driver { // -------------------------------------------------------------------- /** + * Begin Transaction + * + * @param bool $test_mode + * @return bool + */ + public function trans_begin($test_mode = FALSE) + { + if ( ! $this->trans_enabled) + { + return FALSE; + } + // When transactions are nested we only begin/commit/rollback the outermost ones + elseif ($this->_trans_depth > 0) + { + $this->_trans_depth++; + return TRUE; + } + + // Reset the transaction failure flag. + // If the $test_mode flag is set to TRUE transactions will be rolled back + // even if the queries produce a successful result. + $this->_trans_failure = ($test_mode === TRUE); + + if ($this->_trans_begin()) + { + $this->_trans_depth++; + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Commit Transaction + * + * @return bool + */ + public function trans_commit() + { + if ( ! $this->trans_enabled OR $this->_trans_depth === 0) + { + return FALSE; + } + // When transactions are nested we only begin/commit/rollback the outermost ones + elseif ($this->_trans_depth > 1 OR $this->_trans_commit()) + { + $this->_trans_depth--; + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Rollback Transaction + * + * @return bool + */ + public function trans_rollback() + { + if ( ! $this->trans_enabled OR $this->_trans_depth === 0) + { + return FALSE; + } + // When transactions are nested we only begin/commit/rollback the outermost ones + elseif ($this->_trans_depth > 1 OR $this->_trans_rollback()) + { + $this->_trans_depth--; + return TRUE; + } + + return FALSE; + } + + // -------------------------------------------------------------------- + + /** * Compile Bindings * - * @access public * @param string the sql statement * @param array an array of bind data * @return string */ - function compile_binds($sql, $binds) + public function compile_binds($sql, $binds) { - if (strpos($sql, $this->bind_marker) === FALSE) + if (empty($this->bind_marker) OR strpos($sql, $this->bind_marker) === FALSE) { return $sql; } - - if ( ! is_array($binds)) + elseif ( ! is_array($binds)) { $binds = array($binds); + $bind_count = 1; + } + else + { + // Make sure we're using numeric keys + $binds = array_values($binds); + $bind_count = count($binds); } - // Get the sql segments around the bind markers - $segments = explode($this->bind_marker, $sql); + // We'll need the marker length later + $ml = strlen($this->bind_marker); - // The count of bind should be 1 less then the count of segments - // If there are more bind arguments trim it down - if (count($binds) >= count($segments)) { - $binds = array_slice($binds, 0, count($segments)-1); + // Make sure not to replace a chunk inside a string that happens to match the bind marker + if ($c = preg_match_all("/'[^']*'|\"[^\"]*\"/i", $sql, $matches)) + { + $c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', + str_replace($matches[0], + str_replace($this->bind_marker, str_repeat(' ', $ml), $matches[0]), + $sql, $c), + $matches, PREG_OFFSET_CAPTURE); + + // Bind values' count must match the count of markers in the query + if ($bind_count !== $c) + { + return $sql; + } + } + elseif (($c = preg_match_all('/'.preg_quote($this->bind_marker, '/').'/i', $sql, $matches, PREG_OFFSET_CAPTURE)) !== $bind_count) + { + return $sql; } - // Construct the binded query - $result = $segments[0]; - $i = 0; - foreach ($binds as $bind) + do { - $result .= $this->escape($bind); - $result .= $segments[++$i]; + $c--; + $escaped_value = $this->escape($binds[$c]); + if (is_array($escaped_value)) + { + $escaped_value = '('.implode(',', $escaped_value).')'; + } + $sql = substr_replace($sql, $escaped_value, $matches[0][$c][1], $ml); } + while ($c !== 0); - return $result; + return $sql; } // -------------------------------------------------------------------- @@ -613,17 +1039,12 @@ class CI_DB_driver { /** * Determines if a query is a "write" type. * - * @access public * @param string An SQL query string - * @return boolean + * @return bool */ - function is_write_type($sql) + public function is_write_type($sql) { - if ( ! preg_match('/^\s*"?(SET|INSERT|UPDATE|DELETE|REPLACE|CREATE|DROP|TRUNCATE|LOAD DATA|COPY|ALTER|GRANT|REVOKE|LOCK|UNLOCK)\s+/i', $sql)) - { - return FALSE; - } - return TRUE; + return (bool) preg_match('/^\s*"?(SET|INSERT|UPDATE|DELETE|REPLACE|CREATE|DROP|TRUNCATE|LOAD|COPY|ALTER|RENAME|GRANT|REVOKE|LOCK|UNLOCK|REINDEX)\s/i', $sql); } // -------------------------------------------------------------------- @@ -631,11 +1052,10 @@ class CI_DB_driver { /** * Calculate the aggregate query elapsed time * - * @access public - * @param integer The number of decimal places - * @return integer + * @param int The number of decimal places + * @return string */ - function elapsed_time($decimals = 6) + public function elapsed_time($decimals = 6) { return number_format($this->benchmark, $decimals); } @@ -645,10 +1065,9 @@ class CI_DB_driver { /** * Returns the total number of queries * - * @access public - * @return integer + * @return int */ - function total_queries() + public function total_queries() { return $this->query_count; } @@ -658,10 +1077,9 @@ class CI_DB_driver { /** * Returns the last query that was executed * - * @access public - * @return void + * @return string */ - function last_query() + public function last_query() { return end($this->queries); } @@ -674,23 +1092,63 @@ class CI_DB_driver { * Escapes data based on type * Sets boolean and null types * - * @access public * @param string * @return mixed */ - function escape($str) + public function escape($str) { - if (is_string($str)) + if (is_array($str)) { - $str = "'".$this->escape_str($str)."'"; + $str = array_map(array(&$this, 'escape'), $str); + return $str; + } + elseif (is_string($str) OR (is_object($str) && method_exists($str, '__toString'))) + { + return "'".$this->escape_str($str)."'"; } elseif (is_bool($str)) { - $str = ($str === FALSE) ? 0 : 1; + return ($str === FALSE) ? 0 : 1; + } + elseif ($str === NULL) + { + return 'NULL'; } - elseif (is_null($str)) + + return $str; + } + + // -------------------------------------------------------------------- + + /** + * Escape String + * + * @param string|string[] $str Input string + * @param bool $like Whether or not the string will be used in a LIKE condition + * @return string + */ + public function escape_str($str, $like = FALSE) + { + if (is_array($str)) + { + foreach ($str as $key => $val) + { + $str[$key] = $this->escape_str($val, $like); + } + + return $str; + } + + $str = $this->_escape_str($str); + + // escape LIKE condition wildcards + if ($like === TRUE) { - $str = 'NULL'; + return str_replace( + array($this->_like_escape_chr, '%', '_'), + array($this->_like_escape_chr.$this->_like_escape_chr, $this->_like_escape_chr.'%', $this->_like_escape_chr.'_'), + $str + ); } return $str; @@ -704,11 +1162,10 @@ class CI_DB_driver { * Calls the individual driver for platform * specific escaping for LIKE conditions * - * @access public - * @param string + * @param string|string[] * @return mixed */ - function escape_like_str($str) + public function escape_like_str($str) { return $this->escape_str($str, TRUE); } @@ -716,25 +1173,60 @@ class CI_DB_driver { // -------------------------------------------------------------------- /** + * Platform-dependent string escape + * + * @param string + * @return string + */ + protected function _escape_str($str) + { + return str_replace("'", "''", remove_invisible_characters($str, FALSE)); + } + + // -------------------------------------------------------------------- + + /** * Primary * - * Retrieves the primary key. It assumes that the row in the first + * Retrieves the primary key. It assumes that the row in the first * position is the primary key * - * @access public - * @param string the table name + * @param string $table Table name * @return string */ - function primary($table = '') + public function primary($table) { $fields = $this->list_fields($table); + return is_array($fields) ? current($fields) : FALSE; + } + + // -------------------------------------------------------------------- + + /** + * "Count All" query + * + * Generates a platform-specific query string that counts all records in + * the specified database + * + * @param string + * @return int + */ + public function count_all($table = '') + { + if ($table === '') + { + return 0; + } - if ( ! is_array($fields)) + $query = $this->query($this->_count_string.$this->escape_identifiers('numrows').' FROM '.$this->protect_identifiers($table, TRUE, NULL, FALSE)); + if ($query->num_rows() === 0) { - return FALSE; + return 0; } - return current($fields); + $query = $query->row(); + $this->_reset_select(); + return (int) $query->numrows; } // -------------------------------------------------------------------- @@ -742,10 +1234,10 @@ class CI_DB_driver { /** * Returns an array of table names * - * @access public + * @param string $constrain_by_prefix = FALSE * @return array */ - function list_tables($constrain_by_prefix = FALSE) + public function list_tables($constrain_by_prefix = FALSE) { // Is there a cached result? if (isset($this->data_cache['table_names'])) @@ -755,32 +1247,40 @@ class CI_DB_driver { if (FALSE === ($sql = $this->_list_tables($constrain_by_prefix))) { - if ($this->db_debug) - { - return $this->display_error('db_unsupported_function'); - } - return FALSE; + return ($this->db_debug) ? $this->display_error('db_unsupported_function') : FALSE; } - $retval = array(); + $this->data_cache['table_names'] = array(); $query = $this->query($sql); - if ($query->num_rows() > 0) + foreach ($query->result_array() as $row) { - foreach ($query->result_array() as $row) + // Do we know from which column to get the table name? + if ( ! isset($key)) { - if (isset($row['TABLE_NAME'])) + if (isset($row['table_name'])) { - $retval[] = $row['TABLE_NAME']; + $key = 'table_name'; + } + elseif (isset($row['TABLE_NAME'])) + { + $key = 'TABLE_NAME'; } else { - $retval[] = array_shift($row); + /* We have no other choice but to just get the first element's key. + * Due to array_shift() accepting its argument by reference, if + * E_STRICT is on, this would trigger a warning. So we'll have to + * assign it first. + */ + $key = array_keys($row); + $key = array_shift($key); } } + + $this->data_cache['table_names'][] = $row[$key]; } - $this->data_cache['table_names'] = $retval; return $this->data_cache['table_names']; } @@ -788,24 +1288,24 @@ class CI_DB_driver { /** * Determine if a particular table exists - * @access public - * @return boolean + * + * @param string $table_name + * @return bool */ - function table_exists($table_name) + public function table_exists($table_name) { - return ( ! in_array($this->_protect_identifiers($table_name, TRUE, FALSE, FALSE), $this->list_tables())) ? FALSE : TRUE; + return in_array($this->protect_identifiers($table_name, TRUE, FALSE, FALSE), $this->list_tables()); } // -------------------------------------------------------------------- /** - * Fetch MySQL Field Names + * Fetch Field Names * - * @access public - * @param string the table name + * @param string $table Table name * @return array */ - function list_fields($table = '') + public function list_fields($table) { // Is there a cached result? if (isset($this->data_cache['field_names'][$table])) @@ -813,40 +1313,37 @@ class CI_DB_driver { return $this->data_cache['field_names'][$table]; } - if ($table == '') - { - if ($this->db_debug) - { - return $this->display_error('db_field_param_missing'); - } - return FALSE; - } - if (FALSE === ($sql = $this->_list_columns($table))) { - if ($this->db_debug) - { - return $this->display_error('db_unsupported_function'); - } - return FALSE; + return ($this->db_debug) ? $this->display_error('db_unsupported_function') : FALSE; } $query = $this->query($sql); + $this->data_cache['field_names'][$table] = array(); - $retval = array(); foreach ($query->result_array() as $row) { - if (isset($row['COLUMN_NAME'])) + // Do we know from where to get the column's name? + if ( ! isset($key)) { - $retval[] = $row['COLUMN_NAME']; - } - else - { - $retval[] = current($row); + if (isset($row['column_name'])) + { + $key = 'column_name'; + } + elseif (isset($row['COLUMN_NAME'])) + { + $key = 'COLUMN_NAME'; + } + else + { + // We have no other choice but to just get the first element's key. + $key = key($row); + } } + + $this->data_cache['field_names'][$table][] = $row[$key]; } - $this->data_cache['field_names'][$table] = $retval; return $this->data_cache['field_names'][$table]; } @@ -854,14 +1351,14 @@ class CI_DB_driver { /** * Determine if a particular field exists - * @access public + * * @param string * @param string - * @return boolean + * @return bool */ - function field_exists($field_name, $table_name) + public function field_exists($field_name, $table_name) { - return ( ! in_array($field_name, $this->list_fields($table_name))) ? FALSE : TRUE; + return in_array($field_name, $this->list_fields($table_name)); } // -------------------------------------------------------------------- @@ -869,24 +1366,75 @@ class CI_DB_driver { /** * Returns an object with field data * - * @access public - * @param string the table name - * @return object + * @param string $table the table name + * @return array */ - function field_data($table = '') + public function field_data($table) { - if ($table == '') + $query = $this->query($this->_field_data($this->protect_identifiers($table, TRUE, NULL, FALSE))); + return ($query) ? $query->field_data() : FALSE; + } + + // -------------------------------------------------------------------- + + /** + * Escape the SQL Identifiers + * + * This function escapes column and table names + * + * @param mixed + * @return mixed + */ + public function escape_identifiers($item) + { + if ($this->_escape_char === '' OR empty($item) OR in_array($item, $this->_reserved_identifiers)) { - if ($this->db_debug) + return $item; + } + elseif (is_array($item)) + { + foreach ($item as $key => $value) { - return $this->display_error('db_field_param_missing'); + $item[$key] = $this->escape_identifiers($value); } - return FALSE; + + return $item; + } + // Avoid breaking functions and literal values inside queries + elseif (ctype_digit($item) OR $item[0] === "'" OR ($this->_escape_char !== '"' && $item[0] === '"') OR strpos($item, '(') !== FALSE) + { + return $item; } - $query = $this->query($this->_field_data($this->_protect_identifiers($table, TRUE, NULL, FALSE))); + static $preg_ec = array(); - return $query->field_data(); + if (empty($preg_ec)) + { + if (is_array($this->_escape_char)) + { + $preg_ec = array( + preg_quote($this->_escape_char[0], '/'), + preg_quote($this->_escape_char[1], '/'), + $this->_escape_char[0], + $this->_escape_char[1] + ); + } + else + { + $preg_ec[0] = $preg_ec[1] = preg_quote($this->_escape_char, '/'); + $preg_ec[2] = $preg_ec[3] = $this->_escape_char; + } + } + + foreach ($this->_reserved_identifiers as $id) + { + if (strpos($item, '.'.$id) !== FALSE) + { + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?\./i', $preg_ec[2].'$1'.$preg_ec[3].'.', $item); + } + } + + return preg_replace('/'.$preg_ec[0].'?([^'.$preg_ec[1].'\.]+)'.$preg_ec[1].'?(\.)?/i', $preg_ec[2].'$1'.$preg_ec[3].'$2', $item); } // -------------------------------------------------------------------- @@ -894,23 +1442,38 @@ class CI_DB_driver { /** * Generate an insert string * - * @access public * @param string the table upon which the query will be performed * @param array an associative array data of key/values * @return string */ - function insert_string($table, $data) + public function insert_string($table, $data) { - $fields = array(); - $values = array(); + $fields = $values = array(); foreach ($data as $key => $val) { - $fields[] = $this->_escape_identifiers($key); + $fields[] = $this->escape_identifiers($key); $values[] = $this->escape($val); } - return $this->_insert($this->_protect_identifiers($table, TRUE, NULL, FALSE), $fields, $values); + return $this->_insert($this->protect_identifiers($table, TRUE, NULL, FALSE), $fields, $values); + } + + // -------------------------------------------------------------------- + + /** + * Insert statement + * + * Generates a platform-specific insert string from the supplied data + * + * @param string the table name + * @param array the insert keys + * @param array the insert values + * @return string + */ + protected function _insert($table, $keys, $values) + { + return 'INSERT INTO '.$table.' ('.implode(', ', $keys).') VALUES ('.implode(', ', $values).')'; } // -------------------------------------------------------------------- @@ -918,51 +1481,53 @@ class CI_DB_driver { /** * Generate an update string * - * @access public * @param string the table upon which the query will be performed * @param array an associative array data of key/values * @param mixed the "where" statement * @return string */ - function update_string($table, $data, $where) + public function update_string($table, $data, $where) { - if ($where == '') + if (empty($where)) { - return false; + return FALSE; } + $this->where($where); + $fields = array(); foreach ($data as $key => $val) { - $fields[$this->_protect_identifiers($key)] = $this->escape($val); + $fields[$this->protect_identifiers($key)] = $this->escape($val); } - if ( ! is_array($where)) - { - $dest = array($where); - } - else - { - $dest = array(); - foreach ($where as $key => $val) - { - $prefix = (count($dest) == 0) ? '' : ' AND '; - - if ($val !== '') - { - if ( ! $this->_has_operator($key)) - { - $key .= ' ='; - } + $sql = $this->_update($this->protect_identifiers($table, TRUE, NULL, FALSE), $fields); + $this->_reset_write(); + return $sql; + } - $val = ' '.$this->escape($val); - } + // -------------------------------------------------------------------- - $dest[] = $prefix.$key.$val; - } + /** + * Update statement + * + * Generates a platform-specific update string from the supplied data + * + * @param string the table name + * @param array the update data + * @return string + */ + protected function _update($table, $values) + { + foreach ($values as $key => $val) + { + $valstr[] = $key.' = '.$val; } - return $this->_update($this->_protect_identifiers($table, TRUE, NULL, FALSE), $fields, $dest); + return 'UPDATE '.$table.' SET '.implode(', ', $valstr) + .$this->_compile_wh('qb_where') + .$this->_compile_order_by() + .($this->qb_limit ? ' LIMIT '.$this->qb_limit : ''); } // -------------------------------------------------------------------- @@ -970,19 +1535,50 @@ class CI_DB_driver { /** * Tests whether the string has an SQL operator * - * @access private * @param string * @return bool */ - function _has_operator($str) + protected function _has_operator($str) { - $str = trim($str); - if ( ! preg_match("/(\s|<|>|!|=|is null|is not null)/i", $str)) - { - return FALSE; - } + return (bool) preg_match('/(<|>|!|=|\sIS NULL|\sIS NOT NULL|\sEXISTS|\sBETWEEN|\sLIKE|\sIN\s*\(|\s)/i', trim($str)); + } - return TRUE; + // -------------------------------------------------------------------- + + /** + * Returns the SQL string operator + * + * @param string + * @return string + */ + protected function _get_operator($str) + { + static $_operators; + + if (empty($_operators)) + { + $_les = ($this->_like_escape_str !== '') + ? '\s+'.preg_quote(trim(sprintf($this->_like_escape_str, $this->_like_escape_chr)), '/') + : ''; + $_operators = array( + '\s*(?:<|>|!)?=\s*', // =, <=, >=, != + '\s*<>?\s*', // <, <> + '\s*>\s*', // > + '\s+IS NULL', // IS NULL + '\s+IS NOT NULL', // IS NOT NULL + '\s+EXISTS\s*\(.*\)', // EXISTS(sql) + '\s+NOT EXISTS\s*\(.*\)', // NOT EXISTS(sql) + '\s+BETWEEN\s+', // BETWEEN value AND value + '\s+IN\s*\(.*\)', // IN(list) + '\s+NOT IN\s*\(.*\)', // NOT IN (list) + '\s+LIKE\s+\S.*('.$_les.')?', // LIKE 'expr'[ ESCAPE '%s'] + '\s+NOT LIKE\s+\S.*('.$_les.')?' // NOT LIKE 'expr'[ ESCAPE '%s'] + ); + + } + + return preg_match('/'.implode('|', $_operators).'/i', $str, $match) + ? $match[0] : FALSE; } // -------------------------------------------------------------------- @@ -990,14 +1586,12 @@ class CI_DB_driver { /** * Enables a native PHP function to be run, using a platform agnostic wrapper. * - * @access public - * @param string the function name - * @param mixed any parameters needed by the function + * @param string $function Function name * @return mixed */ - function call_function($function) + public function call_function($function) { - $driver = ($this->dbdriver == 'postgre') ? 'pg_' : $this->dbdriver.'_'; + $driver = ($this->dbdriver === 'postgre') ? 'pg_' : $this->dbdriver.'_'; if (FALSE === strpos($driver, $function)) { @@ -1006,24 +1600,12 @@ class CI_DB_driver { if ( ! function_exists($function)) { - if ($this->db_debug) - { - return $this->display_error('db_unsupported_function'); - } - return FALSE; - } - else - { - $args = (func_num_args() > 1) ? array_splice(func_get_args(), 1) : null; - if (is_null($args)) - { - return call_user_func($function); - } - else - { - return call_user_func_array($function, $args); - } + return ($this->db_debug) ? $this->display_error('db_unsupported_function') : FALSE; } + + return (func_num_args() > 1) + ? call_user_func_array($function, array_slice(func_get_args(), 1)) + : call_user_func($function); } // -------------------------------------------------------------------- @@ -1031,11 +1613,10 @@ class CI_DB_driver { /** * Set Cache Directory Path * - * @access public * @param string the path to the cache directory * @return void */ - function cache_set_path($path = '') + public function cache_set_path($path = '') { $this->cachedir = $path; } @@ -1045,13 +1626,11 @@ class CI_DB_driver { /** * Enable Query Caching * - * @access public - * @return void + * @return bool cache_on value */ - function cache_on() + public function cache_on() { - $this->cache_on = TRUE; - return TRUE; + return $this->cache_on = TRUE; } // -------------------------------------------------------------------- @@ -1059,31 +1638,27 @@ class CI_DB_driver { /** * Disable Query Caching * - * @access public - * @return void + * @return bool cache_on value */ - function cache_off() + public function cache_off() { - $this->cache_on = FALSE; - return FALSE; + return $this->cache_on = FALSE; } - // -------------------------------------------------------------------- /** * Delete the cache files associated with a particular URI * - * @access public - * @return void + * @param string $segment_one = '' + * @param string $segment_two = '' + * @return bool */ - function cache_delete($segment_one = '', $segment_two = '') + public function cache_delete($segment_one = '', $segment_two = '') { - if ( ! $this->_cache_init()) - { - return FALSE; - } - return $this->CACHE->delete($segment_one, $segment_two); + return $this->_cache_init() + ? $this->CACHE->delete($segment_one, $segment_two) + : FALSE; } // -------------------------------------------------------------------- @@ -1091,17 +1666,13 @@ class CI_DB_driver { /** * Delete All cache files * - * @access public - * @return void + * @return bool */ - function cache_delete_all() + public function cache_delete_all() { - if ( ! $this->_cache_init()) - { - return FALSE; - } - - return $this->CACHE->delete_all(); + return $this->_cache_init() + ? $this->CACHE->delete_all() + : FALSE; } // -------------------------------------------------------------------- @@ -1109,22 +1680,17 @@ class CI_DB_driver { /** * Initialize the Cache Class * - * @access private - * @return void + * @return bool */ - function _cache_init() + protected function _cache_init() { - if (is_object($this->CACHE) AND class_exists('CI_DB_Cache')) + if ( ! class_exists('CI_DB_Cache', FALSE)) { - return TRUE; + require_once(BASEPATH.'database/DB_cache.php'); } - - if ( ! class_exists('CI_DB_Cache')) + elseif (is_object($this->CACHE)) { - if ( ! @include(BASEPATH.'database/DB_cache.php')) - { - return $this->cache_off(); - } + return TRUE; } $this->CACHE = new CI_DB_Cache($this); // pass db object to support multiple db connections and returned db objects @@ -1136,15 +1702,28 @@ class CI_DB_driver { /** * Close DB Connection * - * @access public * @return void */ - function close() + public function close() { - if (is_resource($this->conn_id) OR is_object($this->conn_id)) + if ($this->conn_id) { - $this->_close($this->conn_id); + $this->_close(); + $this->conn_id = FALSE; } + } + + // -------------------------------------------------------------------- + + /** + * Close DB Connection + * + * This method would be overridden by most of the drivers. + * + * @return void + */ + protected function _close() + { $this->conn_id = FALSE; } @@ -1153,49 +1732,54 @@ class CI_DB_driver { /** * Display an error message * - * @access public * @param string the error message * @param string any "swap" values - * @param boolean whether to localize the message - * @return string sends the application/error_db.php template + * @param bool whether to localize the message + * @return string sends the application/views/errors/error_db.php template */ - function display_error($error = '', $swap = '', $native = FALSE) + public function display_error($error = '', $swap = '', $native = FALSE) { $LANG =& load_class('Lang', 'core'); $LANG->load('db'); $heading = $LANG->line('db_error_heading'); - if ($native == TRUE) + if ($native === TRUE) { - $message = $error; + $message = (array) $error; } else { - $message = ( ! is_array($error)) ? array(str_replace('%s', $swap, $LANG->line($error))) : $error; + $message = is_array($error) ? $error : array(str_replace('%s', $swap, $LANG->line($error))); } // Find the most likely culprit of the error by going through // the backtrace until the source file is no longer in the // database folder. - $trace = debug_backtrace(); - foreach ($trace as $call) { - if (isset($call['file']) && strpos($call['file'], BASEPATH.'database') === FALSE) + if (isset($call['file'], $call['class'])) { - // Found it - use a relative path for safety - $message[] = 'Filename: '.str_replace(array(BASEPATH, APPPATH), '', $call['file']); - $message[] = 'Line Number: '.$call['line']; + // We'll need this on Windows, as APPPATH and BASEPATH will always use forward slashes + if (DIRECTORY_SEPARATOR !== '/') + { + $call['file'] = str_replace('\\', '/', $call['file']); + } - break; + if (strpos($call['file'], BASEPATH.'database') === FALSE && strpos($call['class'], 'Loader') === FALSE) + { + // Found it - use a relative path for safety + $message[] = 'Filename: '.str_replace(array(APPPATH, BASEPATH), '', $call['file']); + $message[] = 'Line Number: '.$call['line']; + break; + } } } $error =& load_class('Exceptions', 'core'); echo $error->show_error($heading, $message, 'error_db'); - exit; + exit(8); // EXIT_DATABASE } // -------------------------------------------------------------------- @@ -1203,29 +1787,13 @@ class CI_DB_driver { /** * Protect Identifiers * - * This function adds backticks if appropriate based on db type - * - * @access private - * @param mixed the item to escape - * @return mixed the item with backticks - */ - function protect_identifiers($item, $prefix_single = FALSE) - { - return $this->_protect_identifiers($item, $prefix_single); - } - - // -------------------------------------------------------------------- - - /** - * Protect Identifiers - * - * This function is used extensively by the Active Record class, and by + * This function is used extensively by the Query Builder class, and by * a couple functions in this class. * It takes a column or table name (optionally with an alias) and inserts - * the table prefix onto it. Some logic is necessary in order to deal with - * column names that include the path. Consider a query like this: + * the table prefix onto it. Some logic is necessary in order to deal with + * column names that include the path. Consider a query like this: * - * SELECT * FROM hostname.database.table.column AS c FROM hostname.database.table + * SELECT hostname.database.table.column AS c FROM hostname.database.table * * Or a query with aliasing: * @@ -1236,14 +1804,13 @@ class CI_DB_driver { * insert the table prefix (if it exists) in the proper position, and escape only * the correct identifiers. * - * @access private * @param string * @param bool * @param mixed * @param bool * @return string */ - function _protect_identifiers($item, $prefix_single = FALSE, $protect_identifiers = NULL, $field_exists = TRUE) + public function protect_identifiers($item, $prefix_single = FALSE, $protect_identifiers = NULL, $field_exists = TRUE) { if ( ! is_bool($protect_identifiers)) { @@ -1253,37 +1820,48 @@ class CI_DB_driver { if (is_array($item)) { $escaped_array = array(); - foreach ($item as $k => $v) { - $escaped_array[$this->_protect_identifiers($k)] = $this->_protect_identifiers($v); + $escaped_array[$this->protect_identifiers($k)] = $this->protect_identifiers($v, $prefix_single, $protect_identifiers, $field_exists); } return $escaped_array; } + // This is basically a bug fix for queries that use MAX, MIN, etc. + // If a parenthesis is found we know that we do not need to + // escape the data or add a prefix. There's probably a more graceful + // way to deal with this, but I'm not thinking of it -- Rick + // + // Added exception for single quotes as well, we don't want to alter + // literal strings. -- Narf + if (strcspn($item, "()'") !== strlen($item)) + { + return $item; + } + // Convert tabs or multiple spaces into single spaces - $item = preg_replace('/[\t ]+/', ' ', $item); + $item = preg_replace('/\s+/', ' ', trim($item)); // If the item has an alias declaration we remove it and set it aside. - // Basically we remove everything to the right of the first space - if (strpos($item, ' ') !== FALSE) + // Note: strripos() is used in order to support spaces in table names + if ($offset = strripos($item, ' AS ')) { - $alias = strstr($item, ' '); - $item = substr($item, 0, - strlen($alias)); + $alias = ($protect_identifiers) + ? substr($item, $offset, 4).$this->escape_identifiers(substr($item, $offset + 4)) + : substr($item, $offset); + $item = substr($item, 0, $offset); } - else + elseif ($offset = strrpos($item, ' ')) { - $alias = ''; + $alias = ($protect_identifiers) + ? ' '.$this->escape_identifiers(substr($item, $offset + 1)) + : substr($item, $offset); + $item = substr($item, 0, $offset); } - - // This is basically a bug fix for queries that use MAX, MIN, etc. - // If a parenthesis is found we know that we do not need to - // escape the data or add a prefix. There's probably a more graceful - // way to deal with this, but I'm not thinking of it -- Rick - if (strpos($item, '(') !== FALSE) + else { - return $item.$alias; + $alias = ''; } // Break the string apart if it contains periods, then insert the table prefix @@ -1291,12 +1869,15 @@ class CI_DB_driver { // with an alias. While we're at it, we will escape the components if (strpos($item, '.') !== FALSE) { - $parts = explode('.', $item); + $parts = explode('.', $item); // Does the first segment of the exploded item match - // one of the aliases previously identified? If so, + // one of the aliases previously identified? If so, // we have nothing more to do other than escape the item - if (in_array($parts[0], $this->ar_aliased_tables)) + // + // NOTE: The ! empty() condition prevents this method + // from breaking when QB isn't enabled. + if ( ! empty($this->qb_aliased_tables) && in_array($parts[0], $this->qb_aliased_tables)) { if ($protect_identifiers === TRUE) { @@ -1304,17 +1885,18 @@ class CI_DB_driver { { if ( ! in_array($val, $this->_reserved_identifiers)) { - $parts[$key] = $this->_escape_identifiers($val); + $parts[$key] = $this->escape_identifiers($val); } } $item = implode('.', $parts); } + return $item.$alias; } - // Is there a table prefix defined in the config file? If not, no need to do anything - if ($this->dbprefix != '') + // Is there a table prefix defined in the config file? If not, no need to do anything + if ($this->dbprefix !== '') { // We now add the table prefix based on some logic. // Do we have 4 segments (hostname.database.table.column)? @@ -1338,19 +1920,18 @@ class CI_DB_driver { // This flag is set when the supplied $item does not contain a field name. // This can happen when this function is being called from a JOIN. - if ($field_exists == FALSE) + if ($field_exists === FALSE) { $i++; } // Verify table prefix and replace if necessary - if ($this->swap_pre != '' && strncmp($parts[$i], $this->swap_pre, strlen($this->swap_pre)) === 0) + if ($this->swap_pre !== '' && strpos($parts[$i], $this->swap_pre) === 0) { - $parts[$i] = preg_replace("/^".$this->swap_pre."(\S+?)/", $this->dbprefix."\\1", $parts[$i]); + $parts[$i] = preg_replace('/^'.$this->swap_pre.'(\S+?)/', $this->dbprefix.'\\1', $parts[$i]); } - // We only add the table prefix if it does not already exist - if (substr($parts[$i], 0, strlen($this->dbprefix)) != $this->dbprefix) + elseif (strpos($parts[$i], $this->dbprefix) !== 0) { $parts[$i] = $this->dbprefix.$parts[$i]; } @@ -1361,31 +1942,30 @@ class CI_DB_driver { if ($protect_identifiers === TRUE) { - $item = $this->_escape_identifiers($item); + $item = $this->escape_identifiers($item); } return $item.$alias; } - // Is there a table prefix? If not, no need to insert it - if ($this->dbprefix != '') + // Is there a table prefix? If not, no need to insert it + if ($this->dbprefix !== '') { // Verify table prefix and replace if necessary - if ($this->swap_pre != '' && strncmp($item, $this->swap_pre, strlen($this->swap_pre)) === 0) + if ($this->swap_pre !== '' && strpos($item, $this->swap_pre) === 0) { - $item = preg_replace("/^".$this->swap_pre."(\S+?)/", $this->dbprefix."\\1", $item); + $item = preg_replace('/^'.$this->swap_pre.'(\S+?)/', $this->dbprefix.'\\1', $item); } - // Do we prefix an item with no segments? - if ($prefix_single == TRUE AND substr($item, 0, strlen($this->dbprefix)) != $this->dbprefix) + elseif ($prefix_single === TRUE && strpos($item, $this->dbprefix) !== 0) { $item = $this->dbprefix.$item; } } - if ($protect_identifiers === TRUE AND ! in_array($item, $this->_reserved_identifiers)) + if ($protect_identifiers === TRUE && ! in_array($item, $this->_reserved_identifiers)) { - $item = $this->_escape_identifiers($item); + $item = $this->escape_identifiers($item); } return $item.$alias; @@ -1394,9 +1974,8 @@ class CI_DB_driver { // -------------------------------------------------------------------- /** - * Dummy method that allows Active Record class to be disabled - * - * This function is used extensively by every db driver. + * Dummy method that allows Query Builder class to be disabled + * and keep count_all() working. * * @return void */ @@ -1405,6 +1984,3 @@ class CI_DB_driver { } } - -/* End of file DB_driver.php */ -/* Location: ./system/database/DB_driver.php */
\ No newline at end of file |