2013-06-21 00:32:08 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Connector for MySQL using the MySQLi method
|
|
|
|
* @package framework
|
|
|
|
* @subpackage model
|
|
|
|
*/
|
|
|
|
class MySQLiConnector extends DBConnector {
|
2014-07-25 04:14:59 +02:00
|
|
|
|
2017-08-03 13:37:01 +02:00
|
|
|
/**
|
|
|
|
* Default strong SSL cipher to be used
|
|
|
|
*
|
|
|
|
* @config
|
|
|
|
* @var string
|
|
|
|
*/
|
|
|
|
private static $ssl_cipher_default = 'DHE-RSA-AES256-SHA';
|
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
/**
|
|
|
|
* Connection to the MySQL database
|
2014-07-25 04:14:59 +02:00
|
|
|
*
|
2013-06-21 00:32:08 +02:00
|
|
|
* @var MySQLi
|
|
|
|
*/
|
|
|
|
protected $dbConn = null;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Name of the currently selected database
|
2014-07-25 04:14:59 +02:00
|
|
|
*
|
2013-06-21 00:32:08 +02:00
|
|
|
* @var string
|
|
|
|
*/
|
|
|
|
protected $databaseName = null;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The most recent statement returned from MySQLiConnector->preparedQuery
|
2014-07-25 04:14:59 +02:00
|
|
|
*
|
2013-06-21 00:32:08 +02:00
|
|
|
* @var mysqli_stmt
|
|
|
|
*/
|
|
|
|
protected $lastStatement = null;
|
2014-07-25 04:14:59 +02:00
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
/**
|
|
|
|
* Store the most recent statement for later use
|
2014-07-25 04:14:59 +02:00
|
|
|
*
|
2013-06-21 00:32:08 +02:00
|
|
|
* @param mysqli_stmt $statement
|
|
|
|
*/
|
2015-04-29 07:32:57 +02:00
|
|
|
protected function setLastStatement($statement) {
|
2013-06-21 00:32:08 +02:00
|
|
|
$this->lastStatement = $statement;
|
|
|
|
}
|
2014-07-25 04:14:59 +02:00
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
/**
|
2014-07-25 04:14:59 +02:00
|
|
|
* Retrieve a prepared statement for a given SQL string
|
2013-06-21 00:32:08 +02:00
|
|
|
*
|
|
|
|
* @param string $sql
|
|
|
|
* @param boolean &$success
|
|
|
|
* @return mysqli_stmt
|
|
|
|
*/
|
2014-07-25 04:14:59 +02:00
|
|
|
public function prepareStatement($sql, &$success) {
|
2015-04-29 07:32:57 +02:00
|
|
|
// Record last statement for error reporting
|
2013-06-21 00:32:08 +02:00
|
|
|
$statement = $this->dbConn->stmt_init();
|
2015-04-29 07:32:57 +02:00
|
|
|
$this->setLastStatement($statement);
|
2014-07-25 04:14:59 +02:00
|
|
|
$success = $statement->prepare($sql);
|
2013-06-21 00:32:08 +02:00
|
|
|
return $statement;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function connect($parameters, $selectDB = false) {
|
|
|
|
// Normally $selectDB is set to false by the MySQLDatabase controller, as per convention
|
|
|
|
$selectedDB = ($selectDB && !empty($parameters['database'])) ? $parameters['database'] : null;
|
|
|
|
|
2015-09-05 02:50:26 +02:00
|
|
|
// Connection charset and collation
|
|
|
|
$connCharset = Config::inst()->get('MySQLDatabase', 'connection_charset');
|
|
|
|
$connCollation = Config::inst()->get('MySQLDatabase', 'connection_collation');
|
|
|
|
|
2017-08-03 13:37:01 +02:00
|
|
|
$this->dbConn = mysqli_init();
|
|
|
|
|
|
|
|
// Set SSL parameters if they exist. All parameters are required.
|
|
|
|
|
|
|
|
if(
|
|
|
|
array_key_exists('ssl_key', $parameters) &&
|
|
|
|
array_key_exists('ssl_cert', $parameters) &&
|
|
|
|
array_key_exists('ssl_ca', $parameters)) {
|
|
|
|
|
|
|
|
$this->dbConn->ssl_set(
|
|
|
|
$parameters['ssl_key'],
|
|
|
|
$parameters['ssl_cert'],
|
|
|
|
$parameters['ssl_ca'],
|
|
|
|
dirname($parameters['ssl_ca']),
|
|
|
|
array_key_exists('ssl_cipher', $parameters) ? $parameters['ssl_cipher'] : Config::inst()->get('MySQLiConnector', 'ssl_cipher_default')
|
2013-06-21 00:32:08 +02:00
|
|
|
);
|
2017-08-03 13:37:01 +02:00
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
}
|
|
|
|
|
2017-08-03 13:37:01 +02:00
|
|
|
|
|
|
|
$this->dbConn->real_connect(
|
|
|
|
$parameters['server'],
|
|
|
|
$parameters['username'],
|
|
|
|
$parameters['password'],
|
|
|
|
$selectedDB,
|
|
|
|
!empty($parameters['port']) ? $parameters['port'] : ini_get("mysqli.default_port")
|
|
|
|
|
|
|
|
);
|
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
if ($this->dbConn->connect_error) {
|
|
|
|
$this->databaseError("Couldn't connect to MySQL database | " . $this->dbConn->connect_error);
|
|
|
|
}
|
|
|
|
|
2015-09-05 02:50:26 +02:00
|
|
|
// Set charset and collation if given and not null. Can explicitly set to empty string to omit
|
2013-06-21 00:32:08 +02:00
|
|
|
$charset = isset($parameters['charset'])
|
|
|
|
? $parameters['charset']
|
2015-09-05 02:50:26 +02:00
|
|
|
: $connCharset;
|
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
if (!empty($charset)) $this->dbConn->set_charset($charset);
|
2015-09-05 02:50:26 +02:00
|
|
|
|
|
|
|
$collation = isset($parameters['collation'])
|
|
|
|
? $parameters['collation']
|
|
|
|
: $connCollation;
|
|
|
|
|
|
|
|
if (!empty($collation)) $this->dbConn->query("SET collation_connection = {$collation}");
|
2013-06-21 00:32:08 +02:00
|
|
|
}
|
2014-07-25 04:14:59 +02:00
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
public function __destruct() {
|
2016-07-07 00:01:33 +02:00
|
|
|
if (is_resource($this->dbConn)) {
|
2013-06-21 00:32:08 +02:00
|
|
|
mysqli_close($this->dbConn);
|
|
|
|
$this->dbConn = null;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function escapeString($value) {
|
|
|
|
return $this->dbConn->real_escape_string($value);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function quoteString($value) {
|
|
|
|
$value = $this->escapeString($value);
|
|
|
|
return "'$value'";
|
|
|
|
}
|
|
|
|
|
|
|
|
public function getVersion() {
|
|
|
|
return $this->dbConn->server_info;
|
|
|
|
}
|
2016-01-06 00:34:58 +01:00
|
|
|
|
2015-06-16 05:04:20 +02:00
|
|
|
/**
|
|
|
|
* Invoked before any query is executed
|
2016-01-06 00:34:58 +01:00
|
|
|
*
|
2015-06-16 05:04:20 +02:00
|
|
|
* @param string $sql
|
|
|
|
*/
|
|
|
|
protected function beforeQuery($sql) {
|
2013-06-21 00:32:08 +02:00
|
|
|
// Clear the last statement
|
|
|
|
$this->setLastStatement(null);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function query($sql, $errorLevel = E_USER_ERROR) {
|
2015-06-16 05:04:20 +02:00
|
|
|
$this->beforeQuery($sql);
|
2013-06-21 00:32:08 +02:00
|
|
|
|
|
|
|
// Benchmark query
|
2015-06-16 05:04:20 +02:00
|
|
|
$handle = $this->dbConn->query($sql, MYSQLI_STORE_RESULT);
|
2013-06-21 00:32:08 +02:00
|
|
|
|
|
|
|
if (!$handle || $this->dbConn->error) {
|
|
|
|
$this->databaseError($this->getLastError(), $errorLevel, $sql);
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
2015-04-29 07:32:57 +02:00
|
|
|
// Some non-select queries return true on success
|
|
|
|
return new MySQLQuery($this, $handle);
|
2013-06-21 00:32:08 +02:00
|
|
|
}
|
2014-07-25 04:14:59 +02:00
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
/**
|
|
|
|
* Prepares the list of parameters in preparation for passing to mysqli_stmt_bind_param
|
2014-07-25 04:14:59 +02:00
|
|
|
*
|
2013-06-21 00:32:08 +02:00
|
|
|
* @param array $parameters List of parameters
|
|
|
|
* @param array &$blobs Out parameter for list of blobs to bind separately
|
|
|
|
* @return array List of parameters appropriate for mysqli_stmt_bind_param function
|
|
|
|
*/
|
|
|
|
public function parsePreparedParameters($parameters, &$blobs) {
|
|
|
|
$types = '';
|
|
|
|
$values = array();
|
|
|
|
$blobs = array();
|
|
|
|
for($index = 0; $index < count($parameters); $index++) {
|
|
|
|
$value = $parameters[$index];
|
|
|
|
$phpType = gettype($value);
|
|
|
|
|
|
|
|
// Allow overriding of parameter type using an associative array
|
|
|
|
if($phpType === 'array') {
|
|
|
|
$phpType = $value['type'];
|
|
|
|
$value = $value['value'];
|
|
|
|
}
|
|
|
|
|
|
|
|
// Convert php variable type to one that makes mysqli_stmt_bind_param happy
|
|
|
|
// @see http://www.php.net/manual/en/mysqli-stmt.bind-param.php
|
|
|
|
switch($phpType) {
|
|
|
|
case 'boolean':
|
|
|
|
case 'integer':
|
|
|
|
$types .= 'i';
|
|
|
|
break;
|
|
|
|
case 'float': // Not actually returnable from gettype
|
|
|
|
case 'double':
|
|
|
|
$types .= 'd';
|
|
|
|
break;
|
2017-11-30 18:49:46 +01:00
|
|
|
case 'SS_Object': // Allowed if the object or resource has a __toString method
|
2013-06-21 00:32:08 +02:00
|
|
|
case 'resource':
|
|
|
|
case 'string':
|
|
|
|
case 'NULL': // Take care that a where clause should use "where XX is null" not "where XX = null"
|
|
|
|
$types .= 's';
|
|
|
|
break;
|
|
|
|
case 'blob':
|
|
|
|
$types .= 'b';
|
|
|
|
// Blobs must be sent via send_long_data and set to null here
|
|
|
|
$blobs[] = array(
|
|
|
|
'index' => $index,
|
|
|
|
'value' => $value
|
|
|
|
);
|
|
|
|
$value = null;
|
|
|
|
break;
|
|
|
|
case 'array':
|
|
|
|
case 'unknown type':
|
|
|
|
default:
|
|
|
|
user_error("Cannot bind parameter \"$value\" as it is an unsupported type ($phpType)",
|
|
|
|
E_USER_ERROR);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
$values[] = $value;
|
|
|
|
}
|
|
|
|
return array_merge(array($types), $values);
|
|
|
|
}
|
2014-07-25 04:14:59 +02:00
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
/**
|
|
|
|
* Binds a list of parameters to a statement
|
2014-07-25 04:14:59 +02:00
|
|
|
*
|
2013-06-21 00:32:08 +02:00
|
|
|
* @param mysqli_stmt $statement MySQLi statement
|
|
|
|
* @param array $parameters List of parameters to pass to bind_param
|
|
|
|
*/
|
|
|
|
public function bindParameters(mysqli_stmt $statement, array $parameters) {
|
|
|
|
// Because mysqli_stmt::bind_param arguments must be passed by reference
|
|
|
|
// we need to do a bit of hackery
|
|
|
|
for ($i = 0; $i < count($parameters); $i++)
|
|
|
|
{
|
|
|
|
$boundName = "param$i";
|
|
|
|
$$boundName = $parameters[$i];
|
|
|
|
$boundNames[] = &$$boundName;
|
|
|
|
}
|
|
|
|
call_user_func_array( array($statement, 'bind_param'), $boundNames);
|
|
|
|
}
|
2014-07-25 04:14:59 +02:00
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
public function preparedQuery($sql, $parameters, $errorLevel = E_USER_ERROR) {
|
|
|
|
// Shortcut to basic query when not given parameters
|
2015-06-16 05:04:20 +02:00
|
|
|
if(empty($parameters)) {
|
|
|
|
return $this->query($sql, $errorLevel);
|
|
|
|
}
|
2013-06-21 00:32:08 +02:00
|
|
|
|
2015-06-16 05:04:20 +02:00
|
|
|
$this->beforeQuery($sql);
|
2013-06-21 00:32:08 +02:00
|
|
|
|
|
|
|
// Type check, identify, and prepare parameters for passing to the statement bind function
|
|
|
|
$parsedParameters = $this->parsePreparedParameters($parameters, $blobs);
|
2014-07-25 04:14:59 +02:00
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
// Benchmark query
|
2015-06-16 05:04:20 +02:00
|
|
|
$statement = $this->prepareStatement($sql, $success);
|
|
|
|
if($success) {
|
2015-04-29 07:32:57 +02:00
|
|
|
if($parsedParameters) {
|
2015-06-16 05:04:20 +02:00
|
|
|
$this->bindParameters($statement, $parsedParameters);
|
2015-04-29 07:32:57 +02:00
|
|
|
}
|
2014-07-25 04:14:59 +02:00
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
// Bind any blobs given
|
|
|
|
foreach($blobs as $blob) {
|
|
|
|
$statement->send_long_data($blob['index'], $blob['value']);
|
|
|
|
}
|
2014-07-25 04:14:59 +02:00
|
|
|
|
2013-06-21 00:32:08 +02:00
|
|
|
// Safely execute the statement
|
|
|
|
$statement->execute();
|
2015-06-16 05:04:20 +02:00
|
|
|
}
|
2016-01-06 00:34:58 +01:00
|
|
|
|
2015-06-16 05:04:20 +02:00
|
|
|
if (!$success || $statement->error) {
|
2013-06-21 00:32:08 +02:00
|
|
|
$values = $this->parameterValues($parameters);
|
|
|
|
$this->databaseError($this->getLastError(), $errorLevel, $sql, $values);
|
|
|
|
return null;
|
|
|
|
}
|
2014-07-25 04:14:59 +02:00
|
|
|
|
2015-04-29 07:32:57 +02:00
|
|
|
// Non-select queries will have no result data
|
2015-06-16 05:04:20 +02:00
|
|
|
$metaData = $statement->result_metadata();
|
|
|
|
if($metaData) {
|
|
|
|
return new MySQLStatement($statement, $metaData);
|
2015-04-29 07:32:57 +02:00
|
|
|
} else {
|
|
|
|
// Replicate normal behaviour of ->query() on non-select calls
|
|
|
|
return new MySQLQuery($this, true);
|
2013-06-21 00:32:08 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function selectDatabase($name) {
|
|
|
|
if ($this->dbConn->select_db($name)) {
|
|
|
|
$this->databaseName = $name;
|
|
|
|
return true;
|
|
|
|
} else {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function getSelectedDatabase() {
|
|
|
|
return $this->databaseName;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function unloadDatabase() {
|
|
|
|
$this->databaseName = null;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function isActive() {
|
|
|
|
return $this->databaseName && $this->dbConn && empty($this->dbConn->connect_error);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function affectedRows() {
|
|
|
|
return $this->dbConn->affected_rows;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function getGeneratedID($table) {
|
|
|
|
return $this->dbConn->insert_id;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function getLastError() {
|
|
|
|
// Check if a statement was used for the most recent query
|
|
|
|
if($this->lastStatement && $this->lastStatement->error) {
|
|
|
|
return $this->lastStatement->error;
|
|
|
|
}
|
|
|
|
return $this->dbConn->error;
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|