db abstraction layer

3 files changed, 285 insertions, 0 deletions

diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php
new file mode 100644
index 000000000..2f0555718
--- /dev/null
+++ b/include/dba/dba_driver.php
@@ -0,0 +1,160 @@
+<?php /** @file */
+
+function dba_factory($server,$user,$pass,$db,$install = false) {
+	$dba = null;
+
+	if(class_exists('mysqli')) {
+		require_once('include/dba/dba_mysqli.php');
+		$dba = new dba_mysqli($server,$user,$pass,$db,$install);
+	}
+	else {
+		require_once('include/dba/dba_mysql.php');
+		$dba = new dba_mysql($server,$user,$pass,$db,$install);
+	}
+	$dba->connect($server,$user,$pass,$db);
+
+	return $dba;
+}
+
+
+abstract class dba_driver {
+
+	protected $debug = 0;
+	protected $driver;
+	protected $db;
+	public  $connected = false;
+	public  $error = false;
+
+	abstract function connect($server,$user,$pass,$db);
+	abstract function q($sql);
+	abstract function escape($str);
+	abstract function close();
+
+	function __construct($server,$user,$pass,$db,$install = false) {
+		if($install)
+			$this->install($server,$user,$pass,$db);
+		$this->connect($server,$user,$pass,$db);
+	}
+
+
+	function install($server,$user,$pass,$db) {
+		$server = trim($server);
+		$user = trim($user);
+		$pass = trim($pass);
+		$db = trim($db);
+
+		if (!(strlen($server) && strlen($user))){
+			$this->connected = false;
+			$this->db = null;
+			return;
+		}
+
+		if(strlen($server) && ($server !== 'localhost') && ($server !== '127.0.0.1')) {
+			if(! dns_get_record($server, DNS_A + DNS_CNAME + DNS_PTR)) {
+				$this->error = sprintf( t('Cannot locate DNS info for database server \'%s\''), $server);
+				$this->connected = false;
+				$this->db = null;
+				return;
+			}
+		}
+	}
+
+
+}
+
+
+
+function printable($s) {
+	$s = preg_replace("~([\x01-\x08\x0E-\x0F\x10-\x1F\x7F-\xFF])~",".", $s);
+	$s = str_replace("\x00",'.',$s);
+	if(x($_SERVER,'SERVER_NAME'))
+		$s = escape_tags($s);
+	return $s;
+}
+
+// Procedural functions
+
+function dbg($state) {
+	global $db;
+	if($db)
+	$db->dbg($state);
+}
+
+
+function dbesc($str) {
+	global $db;
+	if($db && $db->connected)
+		return($db->escape($str));
+	else
+		return(str_replace("'","\\'",$str));
+}
+
+
+
+// Function: q($sql,$args);
+// Description: execute SQL query with printf style args.
+// Example: $r = q("SELECT * FROM `%s` WHERE `uid` = %d",
+//                   'user', 1);
+
+
+function q($sql) {
+
+	global $db;
+	$args = func_get_args();
+	unset($args[0]);
+
+	if($db && $db->connected) {
+		$stmt = vsprintf($sql,$args);
+		if($stmt === false)
+			logger('dba: vsprintf error: ' . print_r(debug_backtrace(),true));
+		return $db->q($stmt);
+	}
+
+	/**
+	 *
+	 * This will happen occasionally trying to store the 
+	 * session data after abnormal program termination 
+	 *
+	 */
+	logger('dba: no database: ' . print_r($args,true));
+	return false; 
+
+}
+
+/**
+ *
+ * Raw db query, no arguments
+ *
+ */
+
+
+function dbq($sql) {
+
+	global $db;
+	if($db && $db->connected)
+		$ret = $db->q($sql);
+	else
+		$ret = false;
+	return $ret;
+}
+
+
+// Caller is responsible for ensuring that any integer arguments to 
+// dbesc_array are actually integers and not malformed strings containing
+// SQL injection vectors. All integer array elements should be specifically 
+// cast to int to avoid trouble. 
+
+
+
+function dbesc_array_cb(&$item, $key) {
+	if(is_string($item))
+		$item = dbesc($item);
+}
+
+
+
+function dbesc_array(&$arr) {
+	if(is_array($arr) && count($arr)) {
+		array_walk($arr,'dbesc_array_cb');
+	}
+}
diff --git a/include/dba/dba_mysql.php b/include/dba/dba_mysql.php
new file mode 100644
index 000000000..05e19903d
--- /dev/null
+++ b/include/dba/dba_mysql.php
@@ -0,0 +1,63 @@
+<?php
+
+require_once('include/dba/dba_driver.php');
+
+
+class dba_mysql extends dba_driver {
+
+	function connect($server,$user,$pass,$db) {
+		$this->db = mysql_connect($server,$user,$pass);
+		if($this->db && mysql_select_db($db,$this->db)) {
+			$this->connected = true;
+		}
+		if($this->connected) {
+			return true;
+		}
+		return false;
+	}
+
+
+	function q($sql) {
+		if((! $this->db) || (! $this->connected))
+			return false;
+
+		$this->error = '';
+		$result = @mysql_query($sql,$this->db);
+
+
+		if(mysql_errno($this->db))
+			$this->error = mysql_error($this->db);
+
+		if($result === false || $this->error) {
+			logger('dba_mysql: ' . printable($sql) . ' returned false.' . "\n" . $this->error);
+			if(file_exists('dbfail.out'))
+				file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND);
+		}
+
+		if(($result === true) || ($result === false))
+			return $result;
+
+		$r = array();
+		if(mysql_num_rows($result)) {
+			while($x = mysql_fetch_array($result,MYSQL_ASSOC))
+				$r[] = $x;
+			mysql_free_result($result);
+			if($this->debug)
+				logger('dba_mysql: ' . printable(print_r($r,true)));
+		}
+		return $r;
+	}
+
+	function escape($str) {
+		if($this->db && $this->connected) {
+			return @mysql_real_escape_string($str,$this->db);
+		}
+	}
+
+	function close() {
+		if($this->db)
+			mysql_close($this->db);
+		$this->connected = false;
+	}
+
+}	
diff --git a/include/dba/dba_mysqli.php b/include/dba/dba_mysqli.php
new file mode 100644
index 000000000..10a0a05c2
--- /dev/null
+++ b/include/dba/dba_mysqli.php
@@ -0,0 +1,62 @@
+<?php /** @file */
+
+require_once('include/dba/dba_driver.php');
+
+class dba_mysqli extends dba_driver {
+
+	function connect($server,$user,$pass,$db) {
+		$this->db = new mysqli($server,$user,$pass,$db);
+		if(! mysqli_connect_errno()) {
+			$this->connected = true;
+		}
+		if($this->connected) {
+			return true;
+		}
+		return false;
+	}
+
+	function q($sql) {
+		if((! $this->db) || (! $this->connected))
+			return false;
+
+		$this->error = '';
+		$result = $this->db->query($sql);
+
+		if($this->db->errno)
+			$this->error = $this->db->error;
+
+		if($result === false || $this->error) {
+			logger('dba_mysqli: ' . printable($sql) . ' returned false.' . "\n" . $this->error);
+			if(file_exists('dbfail.out'))
+				file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND);
+		}
+
+		if(($result === true) || ($result === false))
+			return $result;
+
+		$r = array();
+		if($result->num_rows) {
+			while($x = $result->fetch_array(MYSQLI_ASSOC))
+				$r[] = $x;
+			$result->free_result();
+			if($this->debug) {
+				logger('dba_mysqli: query: ' . printable($sql) . ' returned ' . $result->num_rows . ' results.'); 
+				logger('dba_mysqli: ' . printable(print_r($r,true)));
+			}
+		}
+		return $r;
+	}
+
+	function escape($str) {
+		if($this->db && $this->connected) {
+			return @$this->db->real_escape_string($str);
+		}
+	}
+
+	function close() {
+		if($this->db)
+			$this->db->close();
+		$this->connected = flase;
+	}
+
+}
\ No newline at end of file