Database.php 20.7 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
<?php
/**
 * Created by PhpStorm.
 * User: crose
 * Date: 1/4/16
 * Time: 7:14 PM
 */

namespace qfq;

use qfq;
12
use qfq\CodeException;
13
use qfq\DbException;
14
use qfq\UserFormException;
15
use qfq\Support;
16
use qfq\Store;
17

18
require_once(__DIR__ . '/exceptions/UserFormException.php');
19
20
require_once(__DIR__ . '/exceptions/CodeException.php');
require_once(__DIR__ . '/exceptions/DbException.php');
21

22
23
require_once(__DIR__ . '/store/Store.php');
require_once(__DIR__ . '/helper/Support.php');
24
require_once(__DIR__ . '/helper/Logger.php');
25
require_once(__DIR__ . '/helper/BindParam.php');
26

Carsten  Rose's avatar
Carsten Rose committed
27
28
29
30
/**
 * Class Database
 * @package qfq
 */
31
32
33
class Database {

    /**
34
     * @var Store
35
36
     */
    private $store = null;
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

    /**
     * @var \mysqli
     */
    private $mysqli = null;

    /**
     * @var \mysqli_stmt
     */
    private $mysqli_stmt = null;

    /**
     * @var \mysqli_result
     */
    private $mysqli_result = null;

53
54
55
    /**
     * @var string
     */
56
    private $sqlLog = '';
57
58
59
60
61
62

    /**
     * Returns current data base handle from Store[System][SYSTEM_DBH].
     * If not exists: open database and store the new dbh in Store[System][SYSTEM_DBH]
     *
     * @throws CodeException
63
     * @throws UserFormException
64
65
     */
    public function __construct() {
66
        $this->store = Store::getInstance();
67

68
69
        if ($this->mysqli === null) {
            $this->mysqli = $this->dbConnect();
70
        }
71
        $this->sqlLog = $this->store->getVar(SYSTEM_SQL_LOG, STORE_SYSTEM);
72
73
74
75
76
77

        // DB Init
        $dbInit = $this->store->getVar(SYSTEM_DB_INIT, STORE_SYSTEM);
        if ($dbInit !== false && $dbInit != '') {
            $this->sql($dbInit);
        }
78
79
    }

80

81
    /**
82
83
84
     * Open mysqli database connection if not already done.
     *
     * @return \mysqli
85
     * @throws UserFormException
86
87
     */
    private function dbConnect() {
88
89
        $mysqli = null;

90
91
92
93
        $dbuser = $this->store->getVar(SYSTEM_DB_USER, STORE_SYSTEM);
        $dbserver = $this->store->getVar(SYSTEM_DB_SERVER, STORE_SYSTEM);
        $dbpw = $this->store->getVar(SYSTEM_DB_PASSWORD, STORE_SYSTEM);
        $db = $this->store->getVar(SYSTEM_DB_NAME, STORE_SYSTEM);
94

95
96
97
        $mysqli = new \mysqli($dbserver, $dbuser, $dbpw, $db);

        if ($mysqli->connect_error) {
98
            throw new UserFormException ("Error open Database 'mysql:host=" . $dbserver . ";dbname=" . $db . ";dbuser=" . $dbuser . "'': " . $mysqli->connect_errno . PHP_EOL . $mysqli->connect_error, ERROR_DB_OPEN);
99
100
        }

101
        return $mysqli;
102
103
104
    }

    /**
105
     * Fires query $sql and fetches result as assoc array (all modes but ROW_KEYS) or as num array (mode: ROW_KEYS). Throws exception.
106
     *
107
     * $mode
108
109
     *  ROW_REGULAR: Return 2-dimensional assoc array. Every query row is one array row.
     *  ROW_IMPLODE_ALL: Return string. All cells of all rows imploded to one string.
110
     *  ROW_EXPECT_0: Return empty string if there is no record row, Else an exception.
111
112
113
     *  ROW_EXPECT_1: Return 1-dimensional assoc array if there are exact one row. Else an exception.
     *  ROW_EXPECT_0_1: Return empty string if there is no row. Return 1- dimensional assoc array if there is one row. Else an exception.
     *  ROW_EXPECT_GE_1: Like 'ROW_REGULAR'. Throws an exception if there is an empty resultset.
114
     *  ROW_KEYS: Return 2-dimensional num(!) array. Every query row is one array row. $keys are the column names.
115
116
     *
     * @param $sql
117
118
119
     * @param string $mode
     * @param array $parameterArray
     * @param string $specificMessage
120
121
122
     * @param array $keys
     * @param array $stat DB_NUM_ROWS | DB_INSERT_ID | DB_AFFECTED_ROWS
     * @return array|int
123
124
125
     *      SELECT | SHOW | DESCRIBE | EXPLAIN:
     *          If no record found: a) ROW_EXPECT_0_1, ROW_EXPECT_1: empty string, b) All other modes: empty array
     *          If record(s) found: a) ROW_EXPECT_0_1, ROW_EXPECT_1: one dimensional array, b) All other modes: 2 dimensional array
126
127
     *      INSERT: last_insert_id
     *      UPDATE | DELETE | REPLACE: affected rows
128
129
     * @throws \qfq\CodeException
     * @throws \qfq\DbException
130
     */
131
    public function sql($sql, $mode = ROW_REGULAR, array $parameterArray = array(), $specificMessage = '', array &$keys = array(), array &$stat = array()) {
132
        $queryType = '';
133
134
        $result = array();
        $this->closeMysqliStmt();
135
136

        // CR often forgets to specify the $mode and use prepared statement with parameter instead.
137
        if (is_array($mode)) {
138
            throw new CodeException("Probably a parameter forgotten: \$mode ?");
139
        }
140

141
        // for error reporting in exception
142
        if ($specificMessage) {
143
            $specificMessage .= " ";
144
        }
145

146
147
        $count = $this->prepareExecute($sql, $parameterArray, $queryType, $stat);

148
        if ($count === false) {
149
            throw new DbException($specificMessage . "No idea why this error happens - please take some time and check this: $sql", ERROR_DB_GENERIC_CHECK);
150
151
        }

152
153
154
        if ($queryType === QUERY_TYPE_SELECT) {
            switch ($mode) {
                case ROW_IMPLODE_ALL:
155
                    $result = $this->fetchAll($mode);
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
                    break;
                case ROW_KEYS:
                case ROW_REGULAR:
                    $result = $this->fetchAll($mode, $keys);
                    break;
                case ROW_EXPECT_0:
                    if ($count === 0)
                        $result = array();
                    else
                        throw new DbException($specificMessage . "Expected no record, got $count rows: $sql", ERROR_DB_TOO_MANY_ROWS);
                    break;
                case ROW_EXPECT_1:
                    if ($count === 1)
                        $result = $this->fetchAll($mode)[0];
                    else
                        throw new DbException($specificMessage . "Expected one record, got $count: $sql", ERROR_DB_COUNT_DO_NOT_MATCH);
                    break;
                case ROW_EXPECT_0_1:
                    if ($count === 1)
                        $result = $this->fetchAll($mode)[0];
                    elseif ($count === 0)
                        $result = array();
                    else
                        throw new DbException($specificMessage . "Expected no record, got $count rows: $sql", ERROR_DB_TOO_MANY_ROWS);
                    break;
                case ROW_EXPECT_GE_1:
                    if ($count > 0)
                        $result = $this->fetchAll($mode);
                    else
                        throw new DbException($specificMessage . "Expected at least one record, got nothing: $sql", ERROR_DB_TOO_FEW_ROWS);
                    break;
187

188
189
190
                default:
                    throw new DbException($specificMessage . "Unknown mode: $mode", ERROR_UNKNOWN_MODE);
            }
191
192
        } elseif ($queryType === QUERY_TYPE_INSERT) {
            $result = $stat[DB_INSERT_ID];
193
194
        } else {
            $result = $count;
195
196
        }

197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
        $this->closeMysqliStmt();

        return $result;
    }

    /**
     * Close an optional open MySQLi Statement.
     *
     * @throws \qfq\DbException
     */
    private function closeMysqliStmt() {

        if ($this->mysqli_result !== null && $this->mysqli_result !== false) {
            $this->mysqli_result->free_result();
        }

        if ($this->mysqli_stmt !== null && $this->mysqli_stmt !== false) {
            $this->mysqli_stmt->free_result();
            if (!$this->mysqli_stmt->close())
216
                throw new DbException('Error closing mysqli_stmt' . ERROR_DB_CLOSE_MYSQLI_STMT);
217
218
219
        }
        $this->mysqli_stmt = null;
        $this->mysqli_result = null;
220
221
222
    }

    /**
223
     * Execute a prepared SQL statement like SELECT, INSERT, UPDATE, DELETE, SHOW, ...
224
     *
225
     * Returns the number of selected rows (SELECT, SHOW, ..) or the affected rows (UPDATE, INSERT). $stat contains appropriate num_rows, insert_id or rows_affected.
226
227
228
     *
     * @param string $sql SQL statement with prepared statement variable.
     * @param array $parameterArray parameter array for prepared statement execution.
229
     * @param string $queryType returns QUERY_TYPE_SELECT | QUERY_TYPE_UPDATE | QUERY_TYPE_INSERT, depending on the query.
230
     * @param array $stat DB_NUM_ROWS | DB_INSERT_ID | DB_AFFECTED_ROWS
231
232
     * @return int|mixed
     * @throws \qfq\CodeException
233
     * @throws \qfq\DbException
234
     * @throws \qfq\UserFormException
235
     */
236
    private function prepareExecute($sql, array $parameterArray = array(), &$queryType, array &$stat) {
237
238

        $sqlLogMode = $this->isSqlModify($sql) ? SQL_LOG_MODE_MODIFY : SQL_LOG_MODE_ALL;;
239
        $result = 0;
240
        $stat = array();
241

242
        $this->store->setVar(SYSTEM_SQL_FINAL, $sql, STORE_SYSTEM);
Carsten  Rose's avatar
Carsten Rose committed
243
        $this->store->setVar(SYSTEM_SQL_PARAM_ARRAY, $parameterArray, STORE_SYSTEM);
244

245
        // Logfile
246
        $this->dbLog($sqlLogMode, $sql, $parameterArray);
247

248
        if (false === ($this->mysqli_stmt = $this->mysqli->prepare($sql))) {
249
250
            $this->dbLog(SQL_LOG_MODE_ERROR, $sql, $parameterArray);
            throw new DbException('[ mysqli: ' . $this->mysqli->errno . ' ] ' . $this->mysqli->error, ERROR_DB_PREPARE);
251
252
253
        }

        if (count($parameterArray) > 0) {
254
            if (false === $this->prepareBindParam($parameterArray)) {
255
256
                $this->dbLog(SQL_LOG_MODE_ERROR, $sql, $parameterArray);
                throw new DbException('[ mysqli: ' . $this->mysqli_stmt->errno . ' ] ' . $this->mysqli_stmt->error, ERROR_DB_BIND);
257
258
259
260
            }
        }

        if (false === $this->mysqli_stmt->execute()) {
261
262
            $this->dbLog(SQL_LOG_MODE_ERROR, $sql, $parameterArray);
            throw new DbException('[ mysqli: ' . $this->mysqli_stmt->errno . ' ] ' . $this->mysqli_stmt->error, ERROR_DB_EXECUTE);
263
264
265
266
267
268
269
270
271
272
273
274
275
        }

        $msg = '';
        $count = 0;
        $command = strtoupper(explode(' ', $sql, 2)[0]);
        switch ($command) {
            case 'SELECT':
            case 'SHOW':
            case 'DESCRIBE':
            case 'EXPLAIN':
                if (false === ($result = $this->mysqli_stmt->get_result())) {
                    throw new DbException('[ mysqli: ' . $this->mysqli_stmt->errno . ' ] ' . $this->mysqli_stmt->error, ERROR_DB_EXECUTE);
                }
276
                $queryType = QUERY_TYPE_SELECT;
277
                $this->mysqli_result = $result;
278
279
280
                $stat[DB_NUM_ROWS] = $this->mysqli_result->num_rows;
                $count = $stat[DB_NUM_ROWS];
                $msg = 'Read rows: ' . $stat[DB_NUM_ROWS];
281
                break;
282
            case 'REPLACE':
283
            case 'INSERT':
284
                $queryType = QUERY_TYPE_INSERT;
285
286
287
                $stat[DB_INSERT_ID] = $this->mysqli->insert_id;
                $stat[DB_AFFECTED_ROWS] = $this->mysqli->affected_rows;
                $count = $stat[DB_AFFECTED_ROWS];
288
            $msg = 'ID: ' . $this->mysqli->insert_id;
289
290
291
                break;
            case 'UPDATE':
            case 'DELETE':
292
            case 'TRUNCATE':
293
294
295
                $queryType = QUERY_TYPE_UPDATE;
                $stat[DB_AFFECTED_ROWS] = $this->mysqli->affected_rows;
                $count = $stat[DB_AFFECTED_ROWS];
296
297
                $msg = 'Affected rows: ' . $count;
                break;
298

299
300
301
302
303
304
305
            case 'SET':
                $queryType = QUERY_TYPE_CONTROL;
                $stat[DB_AFFECTED_ROWS] = 0;
                $count = $stat[DB_AFFECTED_ROWS];
                $msg = '';
                break;

306
            default:
307
                throw new DbException('Unknown comand: "' . $command . '"', ERROR_DB_UNKNOWN_COMMAND);
308
                break;
309
310
311
312
        }

        $this->store->setVar(SYSTEM_SQL_COUNT, $count, STORE_SYSTEM);

313
        // Logfile
314
        $this->dbLog($sqlLogMode, $msg);
315

316
317
318
        return $count;
    }

319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
    /**
     * Check if the given SQL Statement might modify data.
     *
     * @param $sql
     * @return bool  true is the statement might modify data, else: false
     */
    private function isSqlModify($sql) {
        $command = explode(' ', $sql, 2);
        switch (strtoupper($command[0])) {
            case 'INSERT':
            case 'UPDATE':
            case 'DELETE':
            case 'REPLACE':
            case 'TRUNCATE':
                return true;
        }
        return false;
    }

338
    /**
339
     * Decide if the SQL statement has to be logged. If yes, create a timestamp and do the log.
340
     *
341
     * @param $sql
342
343
     * @param array $parameterArray
     * @return string
344
     * @throws \qfq\UserFormException
345
     */
346
347
    private function dbLog($mode = SQL_LOG_MODE_ALL, $sql = '', $parameterArray = array()) {

348
349
        $status = '';

350
        $sqlLogMode = $this->store->getVar(SYSTEM_SQL_LOG_MODE, STORE_SYSTEM);
351
352
353

        switch ($mode) {
            case SQL_LOG_MODE_ALL:
354
355
356
                if ($sqlLogMode != SQL_LOG_MODE_ALL) {
                    return;
                }
357
358
359
                break;

            case SQL_LOG_MODE_MODIFY:
360
361
                break;

362
363
364
            case SQL_LOG_MODE_ERROR:
                break;

365
            default:
366
                throw new UserFormException("Unknown SQL_LOG_MODE: $mode", ERROR_UNKNOWN_SQL_LOG_MODE);
367
368
        }

369
370
371
        // Client IP Address
        $remoteAddress = $this->store->getVar(CLIENT_REMOTE_ADDRESS, STORE_CLIENT);

372
        $msg = '[' . date('Y.m.d H:i:s O') . '][' . $remoteAddress . ']';
373
374
375
376
377

//        // FE User
//        $feUser = $this->sqlLog = $this->store->getVar(TYPO3_FE_USER, STORE_TYPO3);
//        $pageId = $this->sqlLog = $this->store->getVar(TYPO3_PAGE_ID, STORE_TYPO3);
//        $ttcontentId = $this->sqlLog = $this->store->getVar(TYPO3_TT_CONTENT_UID, STORE_TYPO3);
378

379
380
        if (count($parameterArray) > 0) {
            $sql = $this->preparedStatementInsertParameter($sql, $parameterArray);
381
382
        }

383
        if ($sql !== '') {
384
385
386
387
            if ($mode == SQL_LOG_MODE_ERROR) {
                $status = 'FAILED: ';
            }
            $msg .= '[' . $status . $sql . ']';
388
        }
389

390
        Logger::logMessage($msg, $this->sqlLog);
391
392
    }

393
394
    /**
     * @param $sql
395
396
     * @param $parameterArray
     * @return string
397
     */
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
    private function preparedStatementInsertParameter($sql, $parameterArray) {
        $msg = '';

        $sqlArray = explode('?', $sql);
        $ii = 0;
        foreach ($parameterArray as $value) {
            if (isset($sqlArray[$ii])) {
                if (is_array($value)) {
                    $value = OnArray::toString($value);
                }

                $msg .= $sqlArray[$ii++] . "'" . $value . "'";
            } else {
                $msg = '?';
            }
413
        }
414
415
416
417
418
        if (isset($sqlArray[$ii])) {
            $msg .= $sqlArray[$ii];
        }

        return $msg;
419
420
    }

421
    /**
422
     * @param $arr
423
     */
424
    private function prepareBindParam($arr) {
425

426
427
428
429
        $bindParam = new BindParam();

        for ($ii = 0; $ii < count($arr); $ii++) {
            $bindParam->add($arr[$ii]);
430
        }
431
        call_user_func_array([$this->mysqli_stmt, 'bind_param'], $bindParam->get());
432
433
    }

434
435
436
    /**
     * Fetch all rows of the result as associative array.
     *
437
438
     * mode:
     *  ROW_IMPLODE_ALL: Return string. All cells of all rows imploded to one string.
439
     *  ROW_KEYS: Return num array with column names in $keys
440
441
442
443
     *  default: Return 2-dimensional assoc array
     *
     * @param string $mode
     * @param array $keys
444
     * @return array|bool|mixed|string false in case of an error.
445
446
447
448
449
     *              Empty string is returned if the query didn't yield any rows.
     *              All rows as Multi Assoc array if $mode!=IMPLODE_ALL.
     *              All rows and all columns imploded to one string if $mode=IMPLODE_ALL
     *
     */
450
451
    private function fetchAll($mode = '', &$keys = array()) {
        if ($this->mysqli_result == null || $this->mysqli_result == false) {
452
453
454
            return false;
        }

455
        if ($this->mysqli_result->num_rows === 0) {
456
457
458
            return ($mode === ROW_IMPLODE_ALL) ? "" : array();
        }

459
460
461
        switch ($mode) {
            case ROW_IMPLODE_ALL:
                $str = "";
462
                foreach ($this->mysqli_result->fetch_all(MYSQLI_NUM) as $row) {
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
                    $str .= implode($row);
                }
                return $str;
                break;

            case ROW_KEYS:
                $keys = array();

                for ($ii = 0; $ii < $this->mysqli_result->field_count; $ii++) {
                    $keys[$ii] = $this->mysqli_result->fetch_field_direct($ii)->name;
                }
                return $this->mysqli_result->fetch_all(MYSQLI_NUM);
                break;

            default:
                return $this->mysqli_result->fetch_all(MYSQLI_ASSOC);
479
480
481
        }
    }

482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
    /**
     * Return the number of rows returned by the last call to execute().
     *
     * If execute() has never been called, returns FALSE.
     *
     * @return mixed Number of rows returned by last call to execute(). If Database::execute()
     *     has never been called prior a call to this method, false is returned.
     */
    public function getRowCount() {
        if ($this->mysqli_result == null) {
            return false;
        }

        return $this->mysqli_result->num_rows;
    }

    /**
     * Get the values for a given ENUM or SET column
     *
     * @param string $table name of the table
     * @param string $columnName name of the column
     *
     * @throws UserFormException if the table or column does not exist, or is not of type ENUM or SET
     * @return array
     */
    public function getEnumSetValueList($table, $columnName) {

        $columnDefinition = $this->getFieldDefinitionFromTable($table, $columnName);
        $setEnumDefinition = $columnDefinition["Type"];

        // $setEnumDefinition holds now a string like
        // String:  enum('','red','blue','green')
        $len = mb_strlen($setEnumDefinition);

        # "enum('" = 6, "set('" = 5
        $tokenLength = strpos($setEnumDefinition, "'") + 1;

        // count("enum('") == 6, count("')") == 2
        $enumSetString = mb_substr($setEnumDefinition, $tokenLength, $len - (2 + $tokenLength));

        // String: ','red','blue','green

        if (($setEnumValueList = explode("','", $enumSetString)) === false) {
            return array();
        }

        return $setEnumValueList;
    }

    /**
     * Get database column definition.
     *
     * If the column is not found in the table, an exception is thrown.
     *
     * @param string $table name of the table
     *
     * @param string $columnName name of the column
     * @return array the definition of the column as retrieved by Database::getTableDefinition().
     *
     * @throws \qfq\DbException
     */
    private function getFieldDefinitionFromTable($table, $columnName) {
        $tableDefinition = $this->getTableDefinition($table);
        foreach ($tableDefinition AS $row) {
            if ($row["Field"] == $columnName) {
                return $row;
            }
        }
        throw new DbException("Column name '$columnName' not found in table '$table'.", ERROR_DB_COLUMN_NOT_FOUND_IN_TABLE);
    }

    /**
     * Get all column definitions for a table. Return Assoc Array:
     *
     * Field      Type                      Null    Key    Default    Extra
     * --------------------------------------------------------------------------
     * id         bigint(20)                 NO     PRI    NULL    auto_increment
     * name       varchar(128)               YES           NULL
     * firstname  varchar(128)               YES           NULL
     * gender     enum('','male','female')   NO            male
     * groups     set('','a','b','c')        NO            a
     *
     * @param string $table table to retrieve column definition from
     *
     * @return array column definition of table as returned by SHOW FIELDS FROM as associative array.
     */
    public function getTableDefinition($table) {
        return $this->sql("SHOW FIELDS FROM `$table`");
    }

572
    /**
573
574
     * Wrapper for sql(), to simplyfy access.
     *
575
576
     * @param $sql
     * @param array $keys
577
     * @param array $stat
578
     * @return array|bool
579
     * @throws \qfq\CodeException
580
     * @throws \qfq\DbException
581
     */
582
    public function sqlKeys($sql, array &$keys, array &$stat = array()) {
583

584
        return $this->sql($sql, ROW_KEYS, array(), '', $keys, $stat);
585
    }
586

587
588
589
590
591
592
    /**
     * Returns lastInsertId
     *
     * @return string
     */
    public function getLastInsertId() {
593
        // Do not try to use $this->mysqli->lastInsertId - this is not valid at any given time.
594
        return $this->mysqli->insert_id;
595
    }
Carsten  Rose's avatar
Carsten Rose committed
596

597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
    /**
     * Searches for the table '$name'.
     *
     * @param $name
     * @return bool  true if found, else false
     */
    public function existTable($name) {
        $found = false;

        $tables = $this->sql("SHOW tables");

        foreach ($tables as $t) {
            foreach ($t as $key => $value) {
                if ($value === $name) {
                    $found = true;
                    break 2;
                }
            }
        }

        return $found;
    }

620
}