3 # Copyright (C) 2006 Jason Woofenden
5 # This file is part of wfpl.
7 # wfpl is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 2, or (at your option)
12 # wfpl is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 # General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with wfpl; see the file COPYING. If not, write to the
19 # Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
23 require_once('code/wfpl/encode.php');
24 require_once('code/wfpl/format.php');
26 # db_connect() parameters:
28 # database: the name of the database you want to connect to. Defaults to the
29 # second-to-last part of the domain name. eg for foo.example.com it would be
32 # user: username for connecting to the database. Defaults to
33 # $GLOBALS['db_username'] or (if that's not set) "www".
35 # password: password for connecting to the database. Defaults to
36 # $GLOBALS['db_password'] or (if that's not set "".
38 # RETURNS: the database connection handle. You'll only need this if you
39 # want to have multiple databases open at once.
41 function db_connect($database = 'auto', $user = 'auto', $pass = 'auto', $host = 'localhost') {
42 if($database == 'auto') {
43 if(isset($GLOBALS['db_name'])) {
44 $database = $GLOBALS['db_name'];
46 $host = $_SERVER['SERVER_NAME'];
47 $host = explode('.', $host);
49 $database = array_pop($host);
55 if(isset($GLOBALS['db_username'])) {
56 $user = $GLOBALS['db_username'];
63 if(isset($GLOBALS['db_password'])) {
64 $pass = $GLOBALS['db_password'];
70 $GLOBALS['wfpl_db_handle'] = mysql_connect($host, $user, $pass);
71 if(!$GLOBALS['wfpl_db_handle']) {
72 die('Could not connect to the database: ' . mysql_error());
75 if(!mysql_select_db($database, $GLOBALS['wfpl_db_handle'])) {
76 die("Couldn not access database \"$database\": " . mysql_error());
79 return $GLOBALS['wfpl_db_handle'];
82 # Unless you're doing something unusual like an ALTER TABLE don't call this directly
83 function db_send_query($sql) {
84 #echo("Sending query: " . enc_html($sql) . "<br>\n");
85 $result = mysql_query($sql);
87 die(enc_html('DATABASE ERROR: ' . mysql_error() . ' in the following query: ' . $sql));
93 # All select queries use this to generate the where clause, so they can work
94 # like printf. Currently three % codes are supported:
96 # %% put a % in the output
97 # %i put an integer in the output (strips non-numeric digits, and puts in 0 if blank)
98 # %" output double quotes, surrounding the variable which is encoded to be in there.
99 # %s output encoded to be in double quotes, but don't output the quotes
101 # complex example: db_get_rows('mytable', 'id', 'name=%" or company like "%%%s%%"', $name, $company_partial);
103 function db_printf($str) {
104 $args = func_get_args();
105 $args = array_slice($args, 1);
106 _db_printf($str, $args);
109 # This function does the work, but takes the parameters in an array, and backwards.
110 function _db_printf($str, $args) {
111 $args = array_reverse($args); # because array_pop() takes from the end
114 $pos = strpos($str, '%');
115 if($pos === false) { # not found
119 # move everything up to (but not including) % to the output
120 $out .= substr($str, 0, $pos);
122 # grab the character after the %
123 $chr = substr($str, $pos + 1, 1);
125 # remove the stuff we've read from input
126 $str = substr($str, $pos + 2);
129 $out .= '"' . enc_sql(array_pop($args)) . '"';
130 } elseif($chr == 'i') {
131 $int = format_int(array_pop($args));
132 if($int == '') $int = '0';
143 function db_send_get($table, $columns, $where = '', $args) {
144 $sql = "SELECT $columns FROM $table";
146 $sql .= ' WHERE ' . _db_printf($where, $args);
149 return db_send_query($sql);
153 function db_get_rows($table, $columns, $where = '') {
154 $args = func_get_args();
155 $args = array_slice($args, 3);
156 $result = db_send_get($table, $columns, $where, $args);
159 while($row = mysql_fetch_row($result)) {
163 mysql_free_result($result);
168 function db_get_column($table, $columns, $where = '') {
169 $args = func_get_args();
170 $args = array_slice($args, 3);
171 $result = db_send_get($table, $columns, $where, $args);
174 while($row = mysql_fetch_row($result)) {
178 mysql_free_result($result);
183 function db_get_row($table, $columns, $where = '') {
184 $args = func_get_args();
185 $args = array_slice($args, 3);
186 $result = db_send_get($table, $columns, $where, $args);
188 $row = mysql_fetch_row($result);
190 mysql_free_result($result);
195 function db_get_value($table, $columns, $where = '') {
196 $args = func_get_args();
197 $args = array_slice($args, 3);
198 $result = db_send_get($table, $columns, $where, $args);
200 $value = mysql_fetch_row($result);
201 if($value !== false) {
205 mysql_free_result($result);
210 # call either of these ways:
212 # db_insert('people', 'name,company', 'jason', 'widgets ltd');
214 # db_insert('people', 'name,company', array('jason', 'widgets ltd'));
215 function db_insert($table, $columns, $values) {
216 if(!is_array($values)) {
217 $values = func_get_args();
218 $values = array_slice($values, 2);
222 foreach($values as $value) {
223 if($sql) $sql .= ',';
224 $sql .= '"' . enc_sql($value) . '"';
227 $sql = "INSERT INTO $table ($columns) values($sql)";