Database.php 20.6 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
<?php
/**
 * Created by PhpStorm.
 * User: crose
 * Date: 1/4/16
 * Time: 7:14 PM
 */

namespace qfq;

use qfq;
12
use qfq\CodeException;
13
use qfq\DbException;
14
use qfq\UserFormException;
15
use qfq\Support;
16
use qfq\Store;
17

18
require_once(__DIR__ . '/exceptions/UserFormException.php');
19
20
require_once(__DIR__ . '/exceptions/CodeException.php');
require_once(__DIR__ . '/exceptions/DbException.php');
21

22
23
require_once(__DIR__ . '/store/Store.php');
require_once(__DIR__ . '/helper/Support.php');
24
require_once(__DIR__ . '/helper/Logger.php');
25
require_once(__DIR__ . '/helper/BindParam.php');
26

Carsten  Rose's avatar
Carsten Rose committed
27
28
29
30
/**
 * Class Database
 * @package qfq
 */
31
32
33
class Database {

    /**
34
     * @var Store
35
36
     */
    private $store = null;
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

    /**
     * @var \mysqli
     */
    private $mysqli = null;

    /**
     * @var \mysqli_stmt
     */
    private $mysqli_stmt = null;

    /**
     * @var \mysqli_result
     */
    private $mysqli_result = null;

53
54
55
    /**
     * @var string
     */
56
    private $sqlLog = '';
57
58
59
60
61
62

    /**
     * Returns current data base handle from Store[System][SYSTEM_DBH].
     * If not exists: open database and store the new dbh in Store[System][SYSTEM_DBH]
     *
     * @throws CodeException
63
     * @throws UserFormException
64
65
     */
    public function __construct() {
66
        $this->store = Store::getInstance();
67

68
69
        if ($this->mysqli === null) {
            $this->mysqli = $this->dbConnect();
70
        }
71
        $this->sqlLog = $this->store->getVar(SYSTEM_SQL_LOG, STORE_SYSTEM);
72
73
74
75
76
77

        // DB Init
        $dbInit = $this->store->getVar(SYSTEM_DB_INIT, STORE_SYSTEM);
        if ($dbInit !== false && $dbInit != '') {
            $this->sql($dbInit);
        }
78
79
    }

80

81
    /**
82
83
84
     * Open mysqli database connection if not already done.
     *
     * @return \mysqli
85
     * @throws UserFormException
86
87
     */
    private function dbConnect() {
88
89
        $mysqli = null;

90
91
92
93
        $dbuser = $this->store->getVar(SYSTEM_DB_USER, STORE_SYSTEM);
        $dbserver = $this->store->getVar(SYSTEM_DB_SERVER, STORE_SYSTEM);
        $dbpw = $this->store->getVar(SYSTEM_DB_PASSWORD, STORE_SYSTEM);
        $db = $this->store->getVar(SYSTEM_DB_NAME, STORE_SYSTEM);
94

95
96
97
        $mysqli = new \mysqli($dbserver, $dbuser, $dbpw, $db);

        if ($mysqli->connect_error) {
98
            throw new UserFormException ("Error open Database 'mysql:host=" . $dbserver . ";dbname=" . $db . ";dbuser=" . $dbuser . "'': " . $mysqli->connect_errno . PHP_EOL . $mysqli->connect_error, ERROR_DB_OPEN);
99
100
        }

101
        return $mysqli;
102
103
104
    }

    /**
105
     * Fires query $sql and fetches result as assoc array (all modes but ROW_KEYS) or as num array (mode: ROW_KEYS). Throws exception.
106
     *
107
     * $mode
108
109
     *  ROW_REGULAR: Return 2-dimensional assoc array. Every query row is one array row.
     *  ROW_IMPLODE_ALL: Return string. All cells of all rows imploded to one string.
110
     *  ROW_EXPECT_0: Return empty string if there is no record row, Else an exception.
111
112
113
     *  ROW_EXPECT_1: Return 1-dimensional assoc array if there are exact one row. Else an exception.
     *  ROW_EXPECT_0_1: Return empty string if there is no row. Return 1- dimensional assoc array if there is one row. Else an exception.
     *  ROW_EXPECT_GE_1: Like 'ROW_REGULAR'. Throws an exception if there is an empty resultset.
114
     *  ROW_KEYS: Return 2-dimensional num(!) array. Every query row is one array row. $keys are the column names.
115
116
     *
     * @param $sql
117
118
119
     * @param string $mode
     * @param array $parameterArray
     * @param string $specificMessage
120
121
122
     * @param array $keys
     * @param array $stat DB_NUM_ROWS | DB_INSERT_ID | DB_AFFECTED_ROWS
     * @return array|int
123
124
125
     *      SELECT | SHOW | DESCRIBE | EXPLAIN:
     *          If no record found: a) ROW_EXPECT_0_1, ROW_EXPECT_1: empty string, b) All other modes: empty array
     *          If record(s) found: a) ROW_EXPECT_0_1, ROW_EXPECT_1: one dimensional array, b) All other modes: 2 dimensional array
126
127
     *      INSERT: last_insert_id
     *      UPDATE | DELETE | REPLACE: affected rows
128
129
     * @throws \qfq\CodeException
     * @throws \qfq\DbException
130
     */
131
    public function sql($sql, $mode = ROW_REGULAR, array $parameterArray = array(), $specificMessage = '', array &$keys = array(), array &$stat = array()) {
132
        $queryType = '';
133
134
        $result = array();
        $this->closeMysqliStmt();
135
136

        // CR often forgets to specify the $mode and use prepared statement with parameter instead.
137
        if (is_array($mode)) {
138
            throw new CodeException("Probably a parameter forgotten: \$mode ?");
139
        }
140

141
        // for error reporting in exception
142
        if ($specificMessage) {
143
            $specificMessage .= " ";
144
        }
145

146
147
        $count = $this->prepareExecute($sql, $parameterArray, $queryType, $stat);

148
        if ($count === false) {
149
            throw new DbException($specificMessage . "No idea why this error happens - please take some time and check this: $sql", ERROR_DB_GENERIC_CHECK);
150
151
        }

152
153
154
        if ($queryType === QUERY_TYPE_SELECT) {
            switch ($mode) {
                case ROW_IMPLODE_ALL:
155
                    $result = $this->fetchAll($mode);
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
                    break;
                case ROW_KEYS:
                case ROW_REGULAR:
                    $result = $this->fetchAll($mode, $keys);
                    break;
                case ROW_EXPECT_0:
                    if ($count === 0)
                        $result = array();
                    else
                        throw new DbException($specificMessage . "Expected no record, got $count rows: $sql", ERROR_DB_TOO_MANY_ROWS);
                    break;
                case ROW_EXPECT_1:
                    if ($count === 1)
                        $result = $this->fetchAll($mode)[0];
                    else
                        throw new DbException($specificMessage . "Expected one record, got $count: $sql", ERROR_DB_COUNT_DO_NOT_MATCH);
                    break;
                case ROW_EXPECT_0_1:
                    if ($count === 1)
                        $result = $this->fetchAll($mode)[0];
                    elseif ($count === 0)
                        $result = array();
                    else
                        throw new DbException($specificMessage . "Expected no record, got $count rows: $sql", ERROR_DB_TOO_MANY_ROWS);
                    break;
                case ROW_EXPECT_GE_1:
                    if ($count > 0)
                        $result = $this->fetchAll($mode);
                    else
                        throw new DbException($specificMessage . "Expected at least one record, got nothing: $sql", ERROR_DB_TOO_FEW_ROWS);
                    break;
187

188
189
190
                default:
                    throw new DbException($specificMessage . "Unknown mode: $mode", ERROR_UNKNOWN_MODE);
            }
191
192
        } elseif ($queryType === QUERY_TYPE_INSERT) {
            $result = $stat[DB_INSERT_ID];
193
194
        } else {
            $result = $count;
195
196
        }

197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
        $this->closeMysqliStmt();

        return $result;
    }

    /**
     * Close an optional open MySQLi Statement.
     *
     * @throws \qfq\DbException
     */
    private function closeMysqliStmt() {

        if ($this->mysqli_result !== null && $this->mysqli_result !== false) {
            $this->mysqli_result->free_result();
        }

        if ($this->mysqli_stmt !== null && $this->mysqli_stmt !== false) {
            $this->mysqli_stmt->free_result();
            if (!$this->mysqli_stmt->close())
216
                throw new DbException('Error closing mysqli_stmt' . ERROR_DB_CLOSE_MYSQLI_STMT);
217
218
219
        }
        $this->mysqli_stmt = null;
        $this->mysqli_result = null;
220
221
222
    }

    /**
223
     * Execute a prepared SQL statement like SELECT, INSERT, UPDATE, DELETE, SHOW, ...
224
     *
225
     * Returns the number of selected rows (SELECT, SHOW, ..) or the affected rows (UPDATE, INSERT). $stat contains appropriate num_rows, insert_id or rows_affected.
226
227
228
     *
     * @param string $sql SQL statement with prepared statement variable.
     * @param array $parameterArray parameter array for prepared statement execution.
229
     * @param string $queryType returns QUERY_TYPE_SELECT | QUERY_TYPE_UPDATE | QUERY_TYPE_INSERT, depending on the query.
230
     * @param array $stat DB_NUM_ROWS | DB_INSERT_ID | DB_AFFECTED_ROWS
231
232
     * @return int|mixed
     * @throws \qfq\CodeException
233
     * @throws \qfq\DbException
234
     * @throws \qfq\UserFormException
235
     */
236
    private function prepareExecute($sql, array $parameterArray = array(), &$queryType, array &$stat) {
237
238

        $sqlLogMode = $this->isSqlModify($sql) ? SQL_LOG_MODE_MODIFY : SQL_LOG_MODE_ALL;;
239
        $result = 0;
240
        $stat = array();
241
        $debugSql = '';
242

243
        $this->store->setVar(SYSTEM_SQL_FINAL, $sql, STORE_SYSTEM);
Carsten  Rose's avatar
Carsten Rose committed
244
        $this->store->setVar(SYSTEM_SQL_PARAM_ARRAY, $parameterArray, STORE_SYSTEM);
245

246
        // Logfile
247
        $this->dbLog($sqlLogMode, $sql, $parameterArray);
248

249
250
251
252
253
254
255
256
        // If BE User is logged in: report the broken SQL as well.

        //TODO: im Fall von delete.php, save.php, kann hier der BE_USER nicht abgefragt werden (laeuft nicht durch T3) - Loesung finden.

        if (true) {
            $debugSql = '[' . $sql . ']';
        }

257
        if (false === ($this->mysqli_stmt = $this->mysqli->prepare($sql))) {
258
            throw new DbException('[ mysqli: ' . $this->mysqli->errno . ' ] ' . $this->mysqli->error . $debugSql, ERROR_DB_PREPARE);
259
260
261
        }

        if (count($parameterArray) > 0) {
262
            if (false === $this->prepareBindParam($parameterArray)) {
263
                throw new DbException('[ mysqli: ' . $this->mysqli_stmt->errno . ' ] ' . $this->mysqli_stmt->error . $debugSql, ERROR_DB_BIND);
264
265
266
267
            }
        }

        if (false === $this->mysqli_stmt->execute()) {
268
            throw new DbException('[ mysqli: ' . $this->mysqli_stmt->errno . ' ] ' . $this->mysqli_stmt->error . $debugSql, ERROR_DB_EXECUTE);
269
270
271
272
273
274
275
276
277
278
279
280
281
        }

        $msg = '';
        $count = 0;
        $command = strtoupper(explode(' ', $sql, 2)[0]);
        switch ($command) {
            case 'SELECT':
            case 'SHOW':
            case 'DESCRIBE':
            case 'EXPLAIN':
                if (false === ($result = $this->mysqli_stmt->get_result())) {
                    throw new DbException('[ mysqli: ' . $this->mysqli_stmt->errno . ' ] ' . $this->mysqli_stmt->error, ERROR_DB_EXECUTE);
                }
282
                $queryType = QUERY_TYPE_SELECT;
283
                $this->mysqli_result = $result;
284
285
286
                $stat[DB_NUM_ROWS] = $this->mysqli_result->num_rows;
                $count = $stat[DB_NUM_ROWS];
                $msg = 'Read rows: ' . $stat[DB_NUM_ROWS];
287
                break;
288
            case 'REPLACE':
289
            case 'INSERT':
290
                $queryType = QUERY_TYPE_INSERT;
291
292
293
                $stat[DB_INSERT_ID] = $this->mysqli->insert_id;
                $stat[DB_AFFECTED_ROWS] = $this->mysqli->affected_rows;
                $count = $stat[DB_AFFECTED_ROWS];
294
            $msg = 'ID: ' . $this->mysqli->insert_id;
295
296
297
                break;
            case 'UPDATE':
            case 'DELETE':
298
            case 'TRUNCATE':
299
300
301
                $queryType = QUERY_TYPE_UPDATE;
                $stat[DB_AFFECTED_ROWS] = $this->mysqli->affected_rows;
                $count = $stat[DB_AFFECTED_ROWS];
302
303
                $msg = 'Affected rows: ' . $count;
                break;
304

305
306
307
308
309
310
311
            case 'SET':
                $queryType = QUERY_TYPE_CONTROL;
                $stat[DB_AFFECTED_ROWS] = 0;
                $count = $stat[DB_AFFECTED_ROWS];
                $msg = '';
                break;

312
            default:
313
                throw new DbException('Unknown comand: "' . $command . '"', ERROR_DB_UNKNOWN_COMMAND);
314
                break;
315
316
317
318
        }

        $this->store->setVar(SYSTEM_SQL_COUNT, $count, STORE_SYSTEM);

319
        // Logfile
320
        $this->dbLog($sqlLogMode, $msg);
321

322
323
324
        return $count;
    }

325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
    /**
     * Check if the given SQL Statement might modify data.
     *
     * @param $sql
     * @return bool  true is the statement might modify data, else: false
     */
    private function isSqlModify($sql) {
        $command = explode(' ', $sql, 2);
        switch (strtoupper($command[0])) {
            case 'INSERT':
            case 'UPDATE':
            case 'DELETE':
            case 'REPLACE':
            case 'TRUNCATE':
                return true;
        }
        return false;
    }

344
    /**
345
     * Decide if the SQL statement has to be logged. If yes, create a timestamp and do the log.
346
     *
347
     * @param $sql
348
349
     * @param array $parameterArray
     * @return string
350
     * @throws \qfq\UserFormException
351
     */
352
353
354
    private function dbLog($mode = SQL_LOG_MODE_ALL, $sql = '', $parameterArray = array()) {

        $sqlLogMode = $this->store->getVar(SYSTEM_SQL_LOG_MODE, STORE_SYSTEM);
355
356
357

        switch ($mode) {
            case SQL_LOG_MODE_ALL:
358
359
360
                if ($sqlLogMode != SQL_LOG_MODE_ALL) {
                    return;
                }
361
362
363
                break;

            case SQL_LOG_MODE_MODIFY:
364
365
                break;

366
            default:
367
                throw new UserFormException("Unknown SQL_LOG_MODE: $mode", ERROR_UNKNOWN_SQL_LOG_MODE);
368
369
        }

370
371
372
        // Client IP Address
        $remoteAddress = $this->store->getVar(CLIENT_REMOTE_ADDRESS, STORE_CLIENT);

373
        $msg = '[' . date('Y.m.d H:i:s O') . '][' . $remoteAddress . ']';
374
375
376
377
378

//        // FE User
//        $feUser = $this->sqlLog = $this->store->getVar(TYPO3_FE_USER, STORE_TYPO3);
//        $pageId = $this->sqlLog = $this->store->getVar(TYPO3_PAGE_ID, STORE_TYPO3);
//        $ttcontentId = $this->sqlLog = $this->store->getVar(TYPO3_TT_CONTENT_UID, STORE_TYPO3);
379

380
381
        if (count($parameterArray) > 0) {
            $sql = $this->preparedStatementInsertParameter($sql, $parameterArray);
382
383
        }

384
385
386
        if ($sql !== '') {
            $msg .= '[' . $sql . ']';
        }
387

388
        Logger::logMessage($msg, $this->sqlLog);
389
390
    }

391
392
    /**
     * @param $sql
393
394
     * @param $parameterArray
     * @return string
395
     */
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
    private function preparedStatementInsertParameter($sql, $parameterArray) {
        $msg = '';

        $sqlArray = explode('?', $sql);
        $ii = 0;
        foreach ($parameterArray as $value) {
            if (isset($sqlArray[$ii])) {
                if (is_array($value)) {
                    $value = OnArray::toString($value);
                }

                $msg .= $sqlArray[$ii++] . "'" . $value . "'";
            } else {
                $msg = '?';
            }
411
        }
412
413
414
415
416
        if (isset($sqlArray[$ii])) {
            $msg .= $sqlArray[$ii];
        }

        return $msg;
417
418
    }

419
    /**
420
     * @param $arr
421
     */
422
    private function prepareBindParam($arr) {
423

424
425
426
427
        $bindParam = new BindParam();

        for ($ii = 0; $ii < count($arr); $ii++) {
            $bindParam->add($arr[$ii]);
428
        }
429
        call_user_func_array([$this->mysqli_stmt, 'bind_param'], $bindParam->get());
430
431
    }

432
433
434
    /**
     * Fetch all rows of the result as associative array.
     *
435
436
     * mode:
     *  ROW_IMPLODE_ALL: Return string. All cells of all rows imploded to one string.
437
     *  ROW_KEYS: Return num array with column names in $keys
438
439
440
441
     *  default: Return 2-dimensional assoc array
     *
     * @param string $mode
     * @param array $keys
442
     * @return array|bool|mixed|string false in case of an error.
443
444
445
446
447
     *              Empty string is returned if the query didn't yield any rows.
     *              All rows as Multi Assoc array if $mode!=IMPLODE_ALL.
     *              All rows and all columns imploded to one string if $mode=IMPLODE_ALL
     *
     */
448
449
    private function fetchAll($mode = '', &$keys = array()) {
        if ($this->mysqli_result == null || $this->mysqli_result == false) {
450
451
452
            return false;
        }

453
        if ($this->mysqli_result->num_rows === 0) {
454
455
456
            return ($mode === ROW_IMPLODE_ALL) ? "" : array();
        }

457
458
459
        switch ($mode) {
            case ROW_IMPLODE_ALL:
                $str = "";
460
                foreach ($this->mysqli_result->fetch_all(MYSQLI_NUM) as $row) {
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
                    $str .= implode($row);
                }
                return $str;
                break;

            case ROW_KEYS:
                $keys = array();

                for ($ii = 0; $ii < $this->mysqli_result->field_count; $ii++) {
                    $keys[$ii] = $this->mysqli_result->fetch_field_direct($ii)->name;
                }
                return $this->mysqli_result->fetch_all(MYSQLI_NUM);
                break;

            default:
                return $this->mysqli_result->fetch_all(MYSQLI_ASSOC);
477
478
479
        }
    }

480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
    /**
     * Return the number of rows returned by the last call to execute().
     *
     * If execute() has never been called, returns FALSE.
     *
     * @return mixed Number of rows returned by last call to execute(). If Database::execute()
     *     has never been called prior a call to this method, false is returned.
     */
    public function getRowCount() {
        if ($this->mysqli_result == null) {
            return false;
        }

        return $this->mysqli_result->num_rows;
    }

    /**
     * Get the values for a given ENUM or SET column
     *
     * @param string $table name of the table
     * @param string $columnName name of the column
     *
     * @throws UserFormException if the table or column does not exist, or is not of type ENUM or SET
     * @return array
     */
    public function getEnumSetValueList($table, $columnName) {

        $columnDefinition = $this->getFieldDefinitionFromTable($table, $columnName);
        $setEnumDefinition = $columnDefinition["Type"];

        // $setEnumDefinition holds now a string like
        // String:  enum('','red','blue','green')
        $len = mb_strlen($setEnumDefinition);

        # "enum('" = 6, "set('" = 5
        $tokenLength = strpos($setEnumDefinition, "'") + 1;

        // count("enum('") == 6, count("')") == 2
        $enumSetString = mb_substr($setEnumDefinition, $tokenLength, $len - (2 + $tokenLength));

        // String: ','red','blue','green

        if (($setEnumValueList = explode("','", $enumSetString)) === false) {
            return array();
        }

        return $setEnumValueList;
    }

    /**
     * Get database column definition.
     *
     * If the column is not found in the table, an exception is thrown.
     *
     * @param string $table name of the table
     *
     * @param string $columnName name of the column
     * @return array the definition of the column as retrieved by Database::getTableDefinition().
     *
     * @throws \qfq\DbException
     */
    private function getFieldDefinitionFromTable($table, $columnName) {
        $tableDefinition = $this->getTableDefinition($table);
        foreach ($tableDefinition AS $row) {
            if ($row["Field"] == $columnName) {
                return $row;
            }
        }
        throw new DbException("Column name '$columnName' not found in table '$table'.", ERROR_DB_COLUMN_NOT_FOUND_IN_TABLE);
    }

    /**
     * Get all column definitions for a table. Return Assoc Array:
     *
     * Field      Type                      Null    Key    Default    Extra
     * --------------------------------------------------------------------------
     * id         bigint(20)                 NO     PRI    NULL    auto_increment
     * name       varchar(128)               YES           NULL
     * firstname  varchar(128)               YES           NULL
     * gender     enum('','male','female')   NO            male
     * groups     set('','a','b','c')        NO            a
     *
     * @param string $table table to retrieve column definition from
     *
     * @return array column definition of table as returned by SHOW FIELDS FROM as associative array.
     */
    public function getTableDefinition($table) {
        return $this->sql("SHOW FIELDS FROM `$table`");
    }

570
    /**
571
572
     * Wrapper for sql(), to simplyfy access.
     *
573
574
     * @param $sql
     * @param array $keys
575
     * @param array $stat
576
     * @return array|bool
577
     * @throws \qfq\CodeException
578
     * @throws \qfq\DbException
579
     */
580
    public function sqlKeys($sql, array &$keys, array &$stat = array()) {
581

582
        return $this->sql($sql, ROW_KEYS, array(), '', $keys, $stat);
583
    }
584

585
586
587
588
589
590
    /**
     * Returns lastInsertId
     *
     * @return string
     */
    public function getLastInsertId() {
591
        // Do not try to use $this->mysqli->lastInsertId - this is not valid at any given time.
592
        return $this->mysqli->insert_id;
593
    }
Carsten  Rose's avatar
Carsten Rose committed
594

595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
    /**
     * Searches for the table '$name'.
     *
     * @param $name
     * @return bool  true if found, else false
     */
    public function existTable($name) {
        $found = false;

        $tables = $this->sql("SHOW tables");

        foreach ($tables as $t) {
            foreach ($t as $key => $value) {
                if ($value === $name) {
                    $found = true;
                    break 2;
                }
            }
        }

        return $found;
    }

618
}