X-Git-Url: https://jasonwoof.com/gitweb/?p=wfpl.git;a=blobdiff_plain;f=db.php;h=428c1bf007bb42f85b5551e0633695985dd2ce0d;hp=c5683c0e4ee52bf1aeeac90f03f764798eab8630;hb=HEAD;hpb=6d9765bdf97af8351ed09c4187869cf05e74e2af diff --git a/db.php b/db.php index c5683c0..428c1bf 100644 --- a/db.php +++ b/db.php @@ -1,25 +1,16 @@ . - - -require_once('code/wfpl/encode.php'); -require_once('code/wfpl/format.php'); - -# db_connect() -- connect to a mysql database +# This program is in the public domain within the United States. Additionally, +# we waive copyright and related rights in the work worldwide through the CC0 +# 1.0 Universal public domain dedication, which can be found at +# http://creativecommons.org/publicdomain/zero/1.0/ + + +require_once(__DIR__.'/'.'encode.php'); +require_once(__DIR__.'/'.'format.php'); + +# db_connect() -- connect to a mysql database (automatically, later, when/if needed) +# db_connect_now() -- connect to a mysql database immediately # # PARAMETERS: # @@ -37,8 +28,14 @@ require_once('code/wfpl/format.php'); # # the database connection handle. You'll only need this if you want to have # multiple databases open at once. - -function db_connect($database = 'auto', $user = 'auto', $pass = 'auto', $host = 'localhost') { +function db_connect() { + if (isset($GLOBALS['wfpl_db_handle'])) { + mysqli_close($GLOBALS['wfpl_db_handle']); + unset($GLOBALS['wfpl_db_handle']); + } + $GLOBALS['wfpl_db_connect_args'] = func_get_args(); +} +function db_connect_now($database = 'auto', $user = 'auto', $pass = 'auto', $host = 'localhost', $encoding = 'utf8') { if($database == 'auto') { if(isset($GLOBALS['db_name'])) { $database = $GLOBALS['db_name']; @@ -67,24 +64,43 @@ function db_connect($database = 'auto', $user = 'auto', $pass = 'auto', $host = } } - $GLOBALS['wfpl_db_handle'] = mysql_connect($host, $user, $pass); + $GLOBALS['wfpl_db_handle'] = @mysqli_connect($host, $user, $pass); if(!$GLOBALS['wfpl_db_handle']) { - die('Could not connect to the database: ' . mysql_error()); + die('Server error: Database connection failed'); + # to show username and host: mysqli_connect_error() } - if(!mysql_select_db($database, $GLOBALS['wfpl_db_handle'])) { - die("Couldn not access database \"$database\": " . mysql_error($GLOBALS['wfpl_db_handle'])); + mysqli_set_charset($GLOBALS['wfpl_db_handle'], $encoding); + + if(!mysqli_select_db($GLOBALS['wfpl_db_handle'], $database)) { + die("Couldn not access database \"$database\": " . mysqli_error($GLOBALS['wfpl_db_handle'])); } return $GLOBALS['wfpl_db_handle']; } +# for internal use (helps implement the auto-connect feature of db_connect()) +function _db_connection_needed() { + if (isset($GLOBALS['wfpl_db_handle'])) { + return; + } + if (isset($GLOBALS['wfpl_db_connect_args'])) { + return call_user_func_array('db_connect_now', $GLOBALS['wfpl_db_connect_args']); + } + die('Error: you must call db_connect() or db_auto_connect() first!'); +} + +function db_enc_sql($str) { + _db_connection_needed(); + return mysqli_real_escape_string(isset($GLOBALS['wfpl_db_handle']) ? $GLOBALS['wfpl_db_handle'] : null, $str); +} # Unless you're doing something unusual like an ALTER TABLE don't call this directly function db_send_query($sql) { + _db_connection_needed(); #echo("Sending query: " . enc_html($sql) . "
\n"); - $result = mysql_query($sql, $GLOBALS['wfpl_db_handle']); + $result = mysqli_query($GLOBALS['wfpl_db_handle'], $sql); if(!$result) { - die(enc_html('DATABASE ERROR: ' . mysql_error($GLOBALS['wfpl_db_handle']) . ' in the following query: ' . $sql)); + die(enc_html('DATABASE ERROR: ' . mysqli_error($GLOBALS['wfpl_db_handle']) . ' in the following query: ' . $sql)); } return $result; @@ -95,8 +111,11 @@ function db_send_query($sql) { # # %% put a % in the output # %i put an integer in the output (strips non-numeric digits, and puts in 0 if blank) +# %I a list of integers (as %i) separated by commas +# %f put a floating point value in the output (strips non-numeric digits, puts in 0.0 if not valid) # %" output double quotes, surrounding the variable which is encoded to be in there. # %s output encoded to be in double quotes, but don't output the quotes +# %$ output argument as-is, no encoding. Make sure you quote everything from the user! # # complex example: db_get_rows('mytable', 'id', 'where name=%" or company like "%%%s%%"', $name, $company_partial); @@ -125,13 +144,34 @@ function _db_printf($str, $args) { $str = substr($str, $pos + 2); if($chr == '"') { - $out .= '"' . enc_sql(array_shift($args)) . '"'; + $out .= '"' . db_enc_sql(array_shift($args)) . '"'; } elseif($chr == 's') { - $out .= enc_sql(array_shift($args)); + $out .= db_enc_sql(array_shift($args)); } elseif($chr == 'i') { - $int = format_int(array_shift($args)); - if($int == '') $int = '0'; - $out .= $int; + $out .= format_int_0(array_shift($args)); + } elseif($chr == 'I') { + $arg = array_shift($args); + $first = true; + foreach ($arg as $int) { + if ($first) { + $first = false; + } else { + $out .= ','; + } + $out .= format_int_0($int); + } + } elseif($chr == 'f') { + $arg = array_shift($args); + if(is_numeric($arg)) { + $arg = sprintf("%f", $arg); + } + $arg = format_decimal($arg); + if(strlen($arg) < 1) { + $arg = '0.0'; + } + $out .= $arg; + } elseif($chr == '$') { + $out .= array_shift($args); } else { $out .= $chr; } @@ -141,6 +181,7 @@ function _db_printf($str, $args) { } +# helper function function db_send_get($table, $columns, $where, $args) { $sql = "SELECT $columns FROM $table"; if($where) { @@ -151,96 +192,104 @@ function db_send_get($table, $columns, $where, $args) { } +# if no results: returs [] function db_get_rows($table, $columns, $where = '') { $args = func_get_args(); $args = array_slice($args, 3); $result = db_send_get($table, $columns, $where, $args); $rows = array(); - while($row = mysql_fetch_row($result)) { + while($row = mysqli_fetch_row($result)) { $rows[] = $row; } - mysql_free_result($result); + mysqli_free_result($result); return $rows; } # like db_get_rows, but return array of hashes. +# if no results: returs [] function db_get_assocs($table, $columns, $where = '') { $args = func_get_args(); $args = array_slice($args, 3); $result = db_send_get($table, $columns, $where, $args); $rows = array(); - while($row = mysql_fetch_assoc($result)) { + while($row = mysqli_fetch_assoc($result)) { $rows[] = $row; } - mysql_free_result($result); + mysqli_free_result($result); return $rows; } +# if no results: returs [] function db_get_column($table, $columns, $where = '') { $args = func_get_args(); $args = array_slice($args, 3); $result = db_send_get($table, $columns, $where, $args); $column = array(); - while($row = mysql_fetch_row($result)) { + while($row = mysqli_fetch_row($result)) { $column[] = $row[0]; } - mysql_free_result($result); + mysqli_free_result($result); return $column; } +# returns first matching row +# if no results: returns false function db_get_row($table, $columns, $where = '') { $args = func_get_args(); $args = array_slice($args, 3); $result = db_send_get($table, $columns, $where, $args); - $row = mysql_fetch_row($result); + $row = mysqli_fetch_row($result); - mysql_free_result($result); + mysqli_free_result($result); return $row; } # like db_get_row, but return a hash. +# if no results: returns false function db_get_assoc($table, $columns, $where = '') { $args = func_get_args(); $args = array_slice($args, 3); $result = db_send_get($table, $columns, $where, $args); - $row = mysql_fetch_assoc($result); + $row = mysqli_fetch_assoc($result); - mysql_free_result($result); + mysqli_free_result($result); return $row; } -function db_get_value($table, $columns, $where = '') { +# if no results: returns false +function db_get_value($table, $column, $where = '') { $args = func_get_args(); $args = array_slice($args, 3); - $result = db_send_get($table, $columns, $where, $args); + $result = db_send_get($table, $column, $where, $args); - $value = mysql_fetch_row($result); - if($value !== false) { + $value = mysqli_fetch_row($result); + if($value !== NULL) { $value = $value[0]; } - mysql_free_result($result); + mysqli_free_result($result); return $value; } +# returns an integer function db_count($table, $where = '') { $args = func_get_args(); array_splice($args, 1, 0, array('count(*)')); - return call_user_func_array('db_get_value', $args); + return (int) call_user_func_array('db_get_value', $args); } # call either of these ways: @@ -256,6 +305,22 @@ function db_insert($table, $columns, $values) { db_insert_ish('INSERT', $table, $columns, $values); } + +# like db_insert() above, but instead of passing columns and data separately, +# you can pass one array with the column names as keys and the data as values +function db_insert_assoc($table, $data) { + $args = func_get_args(); + $args = array_slice($args, 2); + $columns = array(); + $values = array(); + foreach($data as $key => $value) { + $columns[] = $key; + $values[] = $value; + } + array_unshift($args, $table, join(',', $columns), $values); + call_user_func_array('db_insert', $args); +} + # same as above, except uses the "replace" command instead of "insert" function db_replace($table, $columns, $values) { if(!is_array($values)) { @@ -268,7 +333,8 @@ function db_replace($table, $columns, $values) { # return the value mysql made up for the auto_increment field (for the last insert) function db_auto_id() { - return mysql_insert_id($GLOBALS['wfpl_db_handle']); + _db_connection_needed(); + return mysqli_insert_id($GLOBALS['wfpl_db_handle']); } @@ -278,7 +344,7 @@ function db_insert_ish($command, $table, $columns, $values) { $sql = ''; foreach($values as $value) { if($sql) $sql .= ','; - $sql .= '"' . enc_sql($value) . '"'; + $sql .= '"' . db_enc_sql($value) . '"'; } $sql = "$command INTO $table ($columns) values($sql)"; @@ -328,7 +394,7 @@ function db_update($table, $columns, $values) { if($sql != '') { $sql .= ', '; } - $sql .= $columns[$i] . ' = "' . enc_sql($values[$i]) . '"'; + $sql .= $columns[$i] . ' = "' . db_enc_sql($values[$i]) . '"'; } @@ -352,6 +418,23 @@ function db_update($table, $columns, $values) { db_send_query($sql); } +# like db_update() above, but instead of passing columns and data separately, +# you can pass one array with the column names as keys and the data as values +function db_update_assoc($table, $data) { + $args = func_get_args(); + $args = array_slice($args, 2); + $columns = array(); + $values = array(); + foreach($data as $key => $value) { + $columns[] = $key; + $values[] = $value; + } + array_unshift($args, $values); + array_unshift($args, join(',', $columns)); + array_unshift($args, $table); + call_user_func_array('db_update', $args); +} + # pass args for printf-style where clause as usual function db_delete($table, $where = '') { $sql = "DELETE FROM $table"; @@ -372,18 +455,33 @@ function db_delete($table, $where = '') { define('DB_ORD_MAX', 2000000000); -function db_reposition_respace($table, $field) { - $ids = db_get_column($table, 'id', "where $field != 0 order by $field"); +function db_reposition_respace($table, $field, $where = '') { + if($where) { + $andand = " && ($where) "; + } + $ids = db_get_column($table, 'id', "where $field != 0 $andand order by $field"); $c = count($ids); if(!$c) { # should never happen return; } $inc = floor(DB_ORD_MAX / ($c + 1)); - $cur = $inc; - foreach($ids as $id) { - db_update($table, $field, $cur, 'where id=%i', $id); - $cur += $inc; + $ord = $inc; + $count = count($ids); + for ($i = 0; $i < $count; $i += 1000) { + $values = []; + $j_max = min($count, $i + 1000); + for ($j = $i; $j < $j_max; ++$j) { + $id = $ids[$j]; + $values[] = "($id,$ord)"; + $ord += $inc; + } + $sql = + "insert into $table (id,$field) values " + . implode(',', $values) + . " on duplicate key update $field=VALUES($field)" + ; + db_send_query($sql); } } @@ -392,20 +490,25 @@ function db_reposition_respace($table, $field) { # When editing a particular row, give the user a pulldown, with 0 -> first, 1 -> second, etc, and pass this integer to db_reposition (3rd parameter). The value "ignored" can be passed, and the row will be given a sort value of 0 and ignored for all sorting. # # $pretty is used in error messages to refer to the row, it defaults to whatever you pass for $table. +# +# return value is the "ord" value you should set/insert into your database -function db_reposition($table, $row_id, $new_pos, $field = 'ord', $pretty = 'same as $table', $renumbered_already = false) { - if($pretty = 'same as $table') { +function db_reposition($table, $row_id, $new_pos, $field = 'ord', $pretty = 'same as $table', $where = '', $renumbered_already = false) { + if($pretty == 'same as $table') { $pretty = $table; } + if($where) { + $andand = " && ($where) "; + } - if($new_pos == 'ignored') { + if($new_pos === 'ignored') { # not sorted return '0'; } # strategy: calculate $prev_ord and $next_ord. If there's no space between, renumber and recurse if($new_pos == '0') { - $row = db_get_row($table, "id,$field", "where $field != 0 order by $field limit 1"); + $row = db_get_row($table, "id,$field", "where $field != 0 $andand order by $field limit 1"); if($row) { list($first_row_id, $first_row_ord) = $row; if($first_row_id == $row_id) { @@ -421,10 +524,10 @@ function db_reposition($table, $row_id, $new_pos, $field = 'ord', $pretty = 'sam $prev_ord = 0; } else { $new_pos = format_int_0($new_pos); - $rows = db_get_rows($table, "id,$field", "where $field != 0 order by $field limit %i,2", $new_pos - 1); + $rows = db_get_rows($table, "id,$field", "where $field != 0 $andand order by $field limit %i,2", $new_pos - 1); if(!$rows) { message("Sorry, couldn't find the $pretty you asked to put this $pretty after. Putting it first instead."); - return db_reposition($table, $row_id, '0', $field, $pretty); + return db_reposition($table, $row_id, '0', $field, $pretty, $where); } else { list($prev_id, $prev_ord) = $rows[0]; if($prev_id == $row_id) { @@ -448,9 +551,79 @@ function db_reposition($table, $row_id, $new_pos, $field = 'ord', $pretty = 'sam message("Programmer error in $pretty ordering code. Please tell your website administrator."); return '' . rand(2, DB_ORD_MAX - 2); # reasonably unlikely to be the same as some other ord } - db_reposition_respace($table, $field); - return db_reposition($table, $row_id, $new_pos, $field, $pretty, $renumbered_already = true); + db_reposition_respace($table, $field, $where); + return db_reposition($table, $row_id, $new_pos, $field, $pretty, $where, $renumbered_already = true); } else { return $prev_ord + round(($next_ord - $prev_ord) / 2); } } + +# Call this to upgrade your database (using upgrade functions you define.) +# +# You can call this from config.php right after db_connect() to make sure the +# database is up to date. +# +# When you want to update your schema, define a new function named +# db_upgrade_to_X() where X is the next integer (start at 1). +# +# If there are any page views while your upgrade function is running, they will +# stall until the upgrade function completes. This is often better than running +# while the databse is in a transitional state, and is way way better than +# running the upgrade function multiple times concurrently. +# +# Efficiency: this function is designed to be lean enough that you'd run it on +# every page load, so you never forget to upgrade your schema after uploading +# code changes. If your schema is up to date, this will only execute one +# database query, and that query loads the persistent data store (used by +# persistent_get()), so if you use that, you'll need that query to happen +# anyway (giving this function a zero-query overhead). + +function db_upgrade() { + if (isset($GLOBALS['wfpl_persistent'])) { + $version = persistent_get('wfpl_db_version'); + } else { + # custom version of persistent_init() that creates the table if needed + # instead of dying + $GLOBALS['wfpl_persistent'] = array(); + _db_connection_needed(); + $result = mysqli_query($GLOBALS['wfpl_db_handle'], 'select k,v from wfpl_persistent'); + if ($result) { + while($row = mysqli_fetch_assoc($result)) { + $GLOBALS['wfpl_persistent'][$row['k']] = json_decode($row['v'], true); + } unset($row); + if (isset($GLOBALS['wfpl_persistent']['wfpl_db_version'])) { + $version = $GLOBALS['wfpl_persistent']['wfpl_db_version']; + } else { + $version = -1; + } + } else { + db_send_query('create table if not exists wfpl_persistent (k varchar(30) binary not null default "", v mediumblob, primary key (k)) CHARSET=utf8;'); + $version = -1; + } + } + + if ($version === -1) { + db_send_query('create table if not exists wfpl_mutexes (id int unique auto_increment, name varchar(255) binary, expires int(11)) CHARSET=utf8;'); + $version = 0; + # don't save version now in case another thread is doing this too + } + $next = $version + 1; + if (function_exists("db_upgrade_to_$next")) { + require_once(__DIR__.'/'.'persistent.php'); + require_once(__DIR__.'/'.'mutex.php'); + mutex_lock('wfpl_db_upgrade', 20); + # check version again, in case another thread upgraded the database + # while we waited for a lock just now + persistent_invalidate_cache(); + $version = persistent_get('wfpl_db_version'); + if ($version === null) { + $version = 0; + } + + for ($next = $version + 1; function_exists("db_upgrade_to_$next"); ++$next) { + call_user_func("db_upgrade_to_$next"); + persistent_set('wfpl_db_version', $next); + } + mutex_unlock('wfpl_db_upgrade'); + } +}