From bda7f797b454371769dc5b496837859a606f4b5f Mon Sep 17 00:00:00 2001
From: Carsten Rose <carsten.rose@math.uzh.ch>
Date: Wed, 19 Oct 2016 17:28:32 +0200
Subject: [PATCH] Database.sql: fixed problem that query results are not
logged.
---
extension/qfq/qfq/Database.php | 104 +++++++++++++++++++--------------
1 file changed, 60 insertions(+), 44 deletions(-)
diff --git a/extension/qfq/qfq/Database.php b/extension/qfq/qfq/Database.php
index 336e65c20..31a16a2fb 100644
--- a/extension/qfq/qfq/Database.php
+++ b/extension/qfq/qfq/Database.php
@@ -234,13 +234,16 @@ class Database {
* @throws \qfq\UserFormException
*/
private function prepareExecute($sql, array $parameterArray = array(), &$queryType, array &$stat) {
+
+ $sqlLogMode = $this->isSqlModify($sql) ? SQL_LOG_MODE_MODIFY : SQL_LOG_MODE_ALL;;
$result = 0;
$stat = array();
+
$this->store->setVar(SYSTEM_SQL_FINAL, $sql, STORE_SYSTEM);
$this->store->setVar(SYSTEM_SQL_PARAM_ARRAY, $parameterArray, STORE_SYSTEM);
// Logfile
- $this->dbLog($sql, $parameterArray);
+ $this->dbLog($sqlLogMode, $sql, $parameterArray);
if (false === ($this->mysqli_stmt = $this->mysqli->prepare($sql))) {
throw new DbException('[ mysqli: ' . $this->mysqli->errno . ' ] ' . $this->mysqli->error, ERROR_DB_PREPARE);
@@ -305,11 +308,30 @@ class Database {
$this->store->setVar(SYSTEM_SQL_COUNT, $count, STORE_SYSTEM);
// Logfile
- $this->dbLog($msg);
+ $this->dbLog($sqlLogMode, $msg);
return $count;
}
+ /**
+ * Check if the given SQL Statement might modify data.
+ *
+ * @param $sql
+ * @return bool true is the statement might modify data, else: false
+ */
+ private function isSqlModify($sql) {
+ $command = explode(' ', $sql, 2);
+ switch (strtoupper($command[0])) {
+ case 'INSERT':
+ case 'UPDATE':
+ case 'DELETE':
+ case 'REPLACE':
+ case 'TRUNCATE':
+ return true;
+ }
+ return false;
+ }
+
/**
* Decide if the SQL statement has to be logged. If yes, create a timestamp and do the log.
*
@@ -318,19 +340,20 @@ class Database {
* @return string
* @throws \qfq\UserFormException
*/
- private function dbLog($sql, $parameterArray = array()) {
+ private function dbLog($mode = SQL_LOG_MODE_ALL, $sql = '', $parameterArray = array()) {
+
+ $sqlLogMode = $this->store->getVar(SYSTEM_SQL_LOG_MODE, STORE_SYSTEM);
- $mode = $this->store->getVar(SYSTEM_SQL_LOG_MODE, STORE_SYSTEM);
switch ($mode) {
case SQL_LOG_MODE_ALL:
+ if ($sqlLogMode != SQL_LOG_MODE_ALL) {
+ return;
+ }
break;
case SQL_LOG_MODE_MODIFY:
- if ($this->isSqlModify($sql)) {
- break;
- }
- // nothing to log.
- return;
+ break;
+
default:
throw new UserFormException("Unknown SQL_LOG_MODE: $mode", ERROR_UNKNOWN_SQL_LOG_MODE);
}
@@ -338,57 +361,50 @@ class Database {
// Client IP Address
$remoteAddress = $this->store->getVar(CLIENT_REMOTE_ADDRESS, STORE_CLIENT);
- $msg = '[' . date('Y.m.d H:i:s O') . '][' . $remoteAddress . '][';
-
+ $msg = '[' . date('Y.m.d H:i:s O') . '][' . $remoteAddress . ']';
// // FE User
// $feUser = $this->sqlLog = $this->store->getVar(TYPO3_FE_USER, STORE_TYPO3);
// $pageId = $this->sqlLog = $this->store->getVar(TYPO3_PAGE_ID, STORE_TYPO3);
// $ttcontentId = $this->sqlLog = $this->store->getVar(TYPO3_TT_CONTENT_UID, STORE_TYPO3);
- if (count($parameterArray) === 0) {
- $msg .= $sql;
- } else {
-
- $sqlArray = explode('?', $sql);
- $ii = 0;
- foreach ($parameterArray as $value) {
- if (isset($sqlArray[$ii])) {
- if (is_array($value)) {
- $value = OnArray::toString($value);
- }
-
- $msg .= $sqlArray[$ii++] . "'" . $value . "'";
- } else {
- $msg = '?';
- }
- }
- if (isset($sqlArray[$ii]))
- $msg .= $sqlArray[$ii];
+ if (count($parameterArray) > 0) {
+ $sql = $this->preparedStatementInsertParameter($sql, $parameterArray);
}
- $msg .= ']';
+ if ($sql !== '') {
+ $msg .= '[' . $sql . ']';
+ }
Logger::logMessage($msg, $this->sqlLog);
}
/**
- * Check if the given SQL Statement might modify data.
- *
* @param $sql
- * @return bool true is the statement might modify data, else: false
+ * @param $parameterArray
+ * @return string
*/
- private function isSqlModify($sql) {
- $command = explode(' ', $sql, 2);
- switch (strtoupper($command[0])) {
- case 'INSERT':
- case 'UPDATE':
- case 'DELETE':
- case 'REPLACE':
- case 'TRUNCATE':
- return true;
+ private function preparedStatementInsertParameter($sql, $parameterArray) {
+ $msg = '';
+
+ $sqlArray = explode('?', $sql);
+ $ii = 0;
+ foreach ($parameterArray as $value) {
+ if (isset($sqlArray[$ii])) {
+ if (is_array($value)) {
+ $value = OnArray::toString($value);
+ }
+
+ $msg .= $sqlArray[$ii++] . "'" . $value . "'";
+ } else {
+ $msg = '?';
+ }
}
- return false;
+ if (isset($sqlArray[$ii])) {
+ $msg .= $sqlArray[$ii];
+ }
+
+ return $msg;
}
/**
--
GitLab