diff options
| author | Kevin Chabowski <kevin@kch42.de> | 2012-01-05 14:43:33 +0100 |
|---|---|---|
| committer | Kevin Chabowski <kevin@kch42.de> | 2012-01-05 14:43:33 +0100 |
| commit | c4cc87d9d1557ddd4cae4b06b79696712f61a2ad (patch) | |
| tree | 081b31be890c484040a63f626063e846ef583680 /r7r_repo/db.php | |
| parent | e99281261767710f96b9967a0ab03a3ea24a05e0 (diff) | |
| download | r7r-repo-c4cc87d9d1557ddd4cae4b06b79696712f61a2ad.tar.gz r7r-repo-c4cc87d9d1557ddd4cae4b06b79696712f61a2ad.tar.bz2 r7r-repo-c4cc87d9d1557ddd4cae4b06b79696712f61a2ad.zip | |
New directory hierachy. index and setup implemented.
Diffstat (limited to 'r7r_repo/db.php')
| -rw-r--r-- | r7r_repo/db.php | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/r7r_repo/db.php b/r7r_repo/db.php new file mode 100644 index 0000000..459a973 --- /dev/null +++ b/r7r_repo/db.php @@ -0,0 +1,106 @@ +<?php +/* + * File: ratatoeskr/sys/db.php + * + * Helper functions for dealing with MySQL. + * + * License: + * This file is part of Ratatöskr. + * Ratatöskr is licensed unter the MIT / X11 License. + * See "ratatoeskr/licenses/ratatoeskr" for more information. + */ + +require_once(dirname(__FILE__) . "/config.php"); +require_once(dirname(__FILE__) . "/utils.php"); + +/* + * Function: db_connect + * + * Establish a connection to the MySQL database. + */ +function db_connect() +{ + global $config; + $db_connection = mysql_pconnect( + $config["mysql"]["server"], + $config["mysql"]["user"], + $config["mysql"]["passwd"]); + if(!$db_connection) + die("Could not connect to database server. " . mysql_error()); + + if(!mysql_select_db($config["mysql"]["db"], $db_connection)) + die("Could not open database. " . mysql_error()); + + mysql_query("SET NAMES 'utf8'", $db_connection); +} + +function sqlesc($str) +{ + return mysql_real_escape_string($str); +} + +/* + * Function: qdb_vfmt + * Like <qdb_fmt>, but needs arguments as single array. + * + * Parameters: + * $args - The arguments as an array. + * + * Returns: + * The formatted string. + */ +function qdb_vfmt($args) +{ + global $config; + + if(count($args) < 1) + throw new InvalidArgumentException('Need at least one parameter'); + + $query = $args[0]; + + $data = array_map(function($x) { return is_string($x) ? sqlesc($x) : $x; }, array_slice($args, 1)); + $query = str_replace("PREFIX_", $config["mysql"]["prefix"], $query); + + return vsprintf($query, $data); +} + +/* + * Function: qdb_fmt + * Formats a string like <qdb>, that means it replaces "PREFIX_" and <sqlesc>'s everything before sends everything to vsprintf. + * + * Returns: + * The formatted string. + */ +function qdb_fmt() +{ + return qdb_vfmt(func_get_args()); +} + + +/* + * Function: qdb + * Query Database. + * + * This function replaces mysql_query and should eliminate SQL-Injections. + * Use it like this: + * + * $result = qdb("SELECT `foo` FROM `bar` WHERE `id` = %d AND `baz` = '%s'", 100, "lol"); + * + * It will also replace "PREFIX_" with the prefix defined in 'config.php'. + */ +function qdb() +{ + $query = qdb_vfmt(func_get_args()); + $rv = mysql_query($query); + if($rv === false) + throw new MySQLException(mysql_errno() . ': ' . mysql_error() . (__DEBUG__ ? ("[[FULL QUERY: " . $query . "]]") : "" )); + return $rv; +} + +/* + * Class: MySQLException + * Will be thrown by qdb*, if the query induced an MySQL error. + */ +class MySQLException extends Exception { } + +?> |