Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

- Patch #9287 by JonBob: made the code style in the three database include files consistent with Drupal standards, and adds a wealth of Doxygen-style comments to aid developers in writing solid database access code using the API.

4.5.x
Dries Buytaert 2004-07-14 19:15:25 +00:00
parent ce8e264382
commit 63a327db97
3 changed files with 339 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

111
includes/database.inc
View File

@ -1,69 +1,128 @@
<?php
// $Id$
/**
* @file
* Wrapper for database interface code.
*/
/**
* @defgroup database Database abstraction layer
* @{
*
* Drupal provides a slim database abstraction layer to provide developers with
* the ability to support multiple database servers easily. The intent of this
* layer is to preserve the syntax and power of SQL as much as possible, while
* letting Drupal control the pieces of queries that need to be written
* differently for different servers and provide basic security checks.
*
* Most Drupal database queries are performed by a call to db_query() or
* db_query_range(). Module authors should also consider using pager_query() for
* queries that return results that need to be presented on multiple pages, and
* tablesort_sql() for generating appropriate queries for sortable tables.
*
* For example, one might wish to return a list of the most recent 10 nodes
* authored by a given user. Instead of directly issuing the SQL query
* @code
* SELECT n.title, n.body, n.created FROM node n WHERE n.uid = $uid LIMIT 0, 10;
* @endcode
* one would instead call the Drupal functions:
* @code
* $result = db_query_range('SELECT n.title, n.body, n.created
* FROM {node} n WHERE n.uid = %d', $uid, 0, 10);
* while ($node = db_fetch_object($result)) {
* // Perform operations on $node->body, etc. here.
* }
* @endcode
* Curly braces are used around "node" to provide table prefixing via
* db_prefix_tables(). The explicit use of a user ID is pulled out into an
* argument passed to db_query() so that SQL injection attacks from user input
* can be caught and nullified. The LIMIT syntax varies between database servers,
* so that is abstracted into db_query_range() arguments. Finally, note the
* common pattern of iterating over the result set using db_fetch_object().
*/
/**
* Append a database prefix to all tables in a query.
*
* Queries sent to Drupal should wrap all table names in curly brackets. This
* function searches for this syntax and adds Drupal's table prefix to all
* tables, allowing Drupal to coexist with other systems in the same database if
* necessary.
*
* @param $sql
* A string containing a partial or entire SQL query.
* @return
* The properly-prefixed string.
*/
function db_prefix_tables($sql) {
global $db_prefix;
if (is_array($db_prefix)) {
$prefix = $db_prefix["default"];
$prefix = $db_prefix['default'];
foreach ($db_prefix as $key => $val) {
if ($key !== "default") {
$sql = strtr($sql, array("{". $key. "}" => $val. $key));
if ($key !== 'default') {
$sql = strtr($sql, array('{'. $key. '}' => $val. $key));
}
}
}
else {
$prefix = $db_prefix;
}
return strtr($sql, array("{" => $prefix, "}" => ""));
return strtr($sql, array('{' => $prefix, '}' => ''));
}
/**
* Use the specified database connection for queries. Initialize the connection if it does not already exist,
* and if no such member exists, a duplicate of the default connection is made.
* Be very careful to switch the connection back to the default connection, so as to avoid errors. As the $name
* parameter defaults to 'default', you only need to run db_set_active() without any arguments to use
* the default database
*
* @param $name The named connection specified in the $db_url variable.
*/
* Activate a database for future queries.
*
* If it is necessary to use external databases in a project, this function can
* be used to change where database queries are sent. If the database has not
* yet been used, it is initialized using the URL specified for that name in
* Drupal's configuration file. If this name is not defined, a duplicate of the
* default connection is made instead.
*
* Be sure to change the connection back to the default when done with custom
* code.
*
* @param $name
* The name assigned to the newly active database connection. If omitted, the
* default connection will be made active.
*/
function db_set_active($name = 'default') {
global $db_url, $db_type, $active_db;
static $db_conns;
if (!isset($db_conns[$name])) {
//Initiate a new connection, using the named db url specified
// Initiate a new connection, using the named DB URL specified.
if (is_array($db_url)) {
$connect_url = ($db_url[$name]) ? $db_url[$name] : $db_url['default'];
$connect_url = array_key_exists($name, $db_url) ? $db_url[$name] : $db_url['default'];
}
else {
$connect_url = $db_url;
}
$db_type = substr($connect_url, 0, strpos($connect_url, '://'));
$db_type = substr($connect_url, 0, strpos($connect_url, "://"));
//TODO : Allow more than one database api to be present. ie: pgsl and mysql
if ($db_type == "mysql") {
include_once "includes/database.mysql.inc";
// TODO: Allow more than one database API to be present.
if ($db_type == 'mysql') {
include_once 'includes/database.mysql.inc';
}
else {
include_once "includes/database.pear.inc";
include_once 'includes/database.pear.inc';
}
$db_conns[$name] = db_connect($connect_url);
}
//set the active connection
// Set the active connection.
$active_db = $db_conns[$name];
}
/**
* @} end of defgroup database
*/
// initialize the default db_url
// Initialize the default database.
db_set_active();
?>

181
includes/database.mysql.inc
View File

@ -1,34 +1,53 @@
<?php
// $Id$
/**
* @file
* Database interface code for MySQL database servers.
*/
/**
* @addtogroup database
* @{
*/
/**
* Initialize a database connection.
*
* Note that you can change the mysql_connect() call to mysql_pconnect() if you
* want to use persistent connections. This is not recommended on shared hosts,
* and might require additional database/webserver tuning. It can increase
* performance, however, when the overhead to connect to your database is high
* (e.g. your database and web server live on different machines).
*/
function db_connect($url) {
$url = parse_url($url);
// Allow for non-standard MySQL port.
if (isset($url["port"])) {
$url["host"] = $url["host"] . ":" . $url["port"];
if (isset($url['port'])) {
$url['host'] = $url['host'] .':'. $url['port'];
}
$connection = mysql_connect($url["host"], $url["user"], $url["pass"]) or die(mysql_error());
mysql_select_db(substr($url["path"], 1)) or die("unable to select database");
$connection = mysql_connect($url['host'], $url['user'], $url['pass']) or die(mysql_error());
mysql_select_db(substr($url['path'], 1)) or die('unable to select database');
return $connection;
/*
** Note that you can change the 'mysql_connect' statement to 'mysql_pconnect'
** if you want to use persistent connections. This is not recommended on
** shared hosts, might require additional database/webserver tuning but
** increases performance when the overhead to connect to your database is
** high (eg. your database and webserver live on different machines).
*/
}
/**
* Runs a query in the database.
* Runs a basic query in the active database.
*
* @param $query SQL query, followed by a variable number of arguments which
* are substituted into query by sprintf.
* @return a MySQL result or FALSE if the query was not executed correctly.
* User-supplied arguments to the query should be passed in as separate parameters
* so that they can be properly escaped to avoid SQL injection attacks.
*
* @param $query
* A string containing an SQL query.
* @param ...
* A variable number of arguments which are substituted into the query using
* printf() syntax.
* @return
* A database query result resource, or FALSE if the query was not executed
* correctly.
*/
function db_query($query) {
$args = func_get_args();
@ -36,61 +55,67 @@ function db_query($query) {
$query = db_prefix_tables($query);
if (count($args) > 1) {
if(is_array($args[1])){
$args1 = array_map("check_query", $args[1]);
$args1 = array_map('check_query', $args[1]);
$nargs = array_merge(array($query), $args1);
}
else {
$nargs = array_map("check_query", $args);
$nargs = array_map('check_query', $args);
$nargs[0] = $query;
}
return _db_query(call_user_func_array("sprintf", $nargs));
return _db_query(call_user_func_array('sprintf', $nargs));
}
else {
return _db_query($query);
}
}
// debug version
/**
* Debugging version of db_query().
*
* Echoes the query to the browser.
*/
function db_queryd($query) {
$args = func_get_args();
$query = db_prefix_tables($query);
if (count($args) > 1) {
if(is_array($args[1])){
$args1 = array_map("check_query", $args[1]);
$args1 = array_map('check_query', $args[1]);
$nargs = array_merge(array($query), $args1);
}
else {
$nargs = array_map("check_query", $args);
$nargs = array_map('check_query', $args);
$nargs[0] = $query;
}
return _db_query(call_user_func_array("sprintf", $nargs), 1);
return _db_query(call_user_func_array('sprintf', $nargs), 1);
}
else {
return _db_query($query, 1);
}
}
// private
/**
* Helper function for db_query().
*/
function _db_query($query, $debug = 0) {
global $active_db;
global $queries;
if (variable_get("dev_query", 0)) {
list($usec, $sec) = explode(" ", microtime());
if (variable_get('dev_query', 0)) {
list($usec, $sec) = explode(' ', microtime());
$timer = (float)$usec + (float)$sec;
}
$result = mysql_query($query, $active_db);
if (variable_get("dev_query", 0)) {
list($usec, $sec) = explode(" ", microtime());
if (variable_get('dev_query', 0)) {
list($usec, $sec) = explode(' ', microtime());
$stop = (float)$usec + (float)$sec;
$diff = $stop - $timer;
$queries[] = array($query, $diff);
}
if ($debug) {
print "<p>query: $query<br />error:". mysql_error() ."</p>";
print '<p>query: '. $query .'<br />error:'. mysql_error() .'</p>';
}
if (!mysql_errno()) {
@ -101,79 +126,143 @@ function _db_query($query, $debug = 0) {
}
}
/**
* Fetch one result row from the previous query as an object.
*
* @param $result
* A database query result resource, as returned from db_query().
* @return
* An object representing the next row of the result. The attributes of this
* object are the table fields selected by the query.
*/
function db_fetch_object($result) {
if ($result) {
return mysql_fetch_object($result);
}
}
/**
* Fetch one result row from the previous query as an array.
*
* @param $result
* A database query result resource, as returned from db_query().
* @return
* An associative array representing the next row of the result. The keys of
* this object are the names of the table fields selected by the query, and
* the values are the field values for this result row.
*/
function db_fetch_array($result) {
if ($result) {
return mysql_fetch_array($result, MYSQL_ASSOC);
}
}
/**
* Determine how many result rows were found by the preceding query.
*
* @param $result
* A database query result resource, as returned from db_query().
* @return
* The number of result rows.
*/
function db_num_rows($result) {
if ($result) {
return mysql_num_rows($result);
}
}
/**
* Return an individual result field from the previous query.
*
* Only use this function if exactly one field is being selected; otherwise,
* use db_fetch_object() or db_fetch_array().
*
* @param $result
* A database query result resource, as returned from db_query().
* @param $row
* The index of the row whose result is needed.
* @return
* The resulting field.
*/
function db_result($result, $row = 0) {
if ($result && mysql_num_rows($result) > $row) {
return mysql_result($result, $row);
}
}
/**
* Determine whether the previous query caused an error.
*/
function db_error() {
return mysql_errno();
}
/**
* Return a new unique ID in the given sequence.
*
* For compatibility reasons, Drupal does not use auto-numbered fields in its
* database tables. Instead, this function is used to return a new unique ID
* of the type requested. If necessary, a new sequence with the given name
* will be created.
*/
function db_next_id($name) {
/*
** Note that REPLACE query below correctly creates a new sequence
** when needed
*/
$name = db_prefix_tables($name);
db_query("LOCK TABLES {sequences} WRITE");
db_query('LOCK TABLES {sequences} WRITE');
$id = db_result(db_query("SELECT id FROM {sequences} WHERE name = '%s'", $name)) + 1;
db_query("REPLACE INTO {sequences} VALUES ('%s', %d)", $name, $id);
db_query("UNLOCK TABLES");
db_query('UNLOCK TABLES');
return $id;
}
/**
* Determine the number of rows changed by the preceding query.
*/
function db_affected_rows() {
return mysql_affected_rows();
}
/**
* Runs a LIMIT query in the database.
* Runs a limited-range query in the active database.
*
* @param $query SQL query, followed by a variable number of arguments which
* are substituted into query by sprintf, followed by 'from' and 'count'
* parameters. 'from' is the row to start fetching, 'count' the numbers of
* rows to fetch.
* @return a MySQL result or FALSE if the query was not executed correctly.
* Use this as a substitute for db_query() when a subset of the query is to be
* returned.
* User-supplied arguments to the query should be passed in as separate parameters
* so that they can be properly escaped to avoid SQL injection attacks.
*
* @param $query
* A string containing an SQL query.
* @param ...
* A variable number of arguments which are substituted into the query using
* printf() syntax.
* @param $from
* The first result row to return.
* @param $count
* The maximum number of result rows to return.
* @return
* A database query result resource, or FALSE if the query was not executed
* correctly.
*/
function db_query_range($query) {
$args = func_get_args();
$count = array_pop($args);
$from = array_pop($args);
if (count(func_get_args()) > 3) {
$args = array_map("check_query", $args);
$args = array_map('check_query', $args);
$query = db_prefix_tables($query);
$args[0] = $query;
$query = call_user_func_array("sprintf", $args);
$query = call_user_func_array('sprintf', $args);
}
else {
$query = func_get_arg(0);
$query = db_prefix_tables($query);
}
$query .= " LIMIT $from, $count";
$query .= ' LIMIT '. $from .', '. $count;
return _db_query($query);
}
/**
* @} end of addtogroup database
*/
?>

150
includes/database.pear.inc
View File

@ -1,13 +1,21 @@
<?php
// $Id$
/**
* @file
* Database interface code for database servers using PEAR, including PostgreSQL.
*/
require_once 'DB.php';
/**
* Initialize a database connection.
*/
function db_connect($url) {
$db_handle = DB::connect($url);
if (DB::isError($db_handle)) {
die("Database problem: ". $db_handle->getMessage());
die('Database problem: '. $db_handle->getMessage());
}
$db_handle->setFetchMode(DB_FETCHMODE_ASSOC);
@ -16,11 +24,19 @@ function db_connect($url) {
}
/**
* Runs a query in the database.
* Runs a basic query in the active database.
*
* @param $query SQL query, followed by a variable number of arguments which
* are substituted into query by sprintf.
* @return a DB_Result object or a DB_Error
* User-supplied arguments to the query should be passed in as separate parameters
* so that they can be properly escaped to avoid SQL injection attacks.
*
* @param $query
* A string containing an SQL query.
* @param ...
* A variable number of arguments which are substituted into the query using
* printf() syntax.
* @return
* A database query result resource, or FALSE if the query was not executed
* correctly.
*/
function db_query($query) {
@ -29,60 +45,66 @@ function db_query($query) {
$query = db_prefix_tables($query);
if (count($args) > 1) {
if(is_array($args[1])){
$args1 = array_map("check_query", $args[1]);
$args1 = array_map('check_query', $args[1]);
$nargs = array_merge(array($query), $args1);
}
else {
$nargs = array_map("check_query", $args);
$nargs = array_map('check_query', $args);
$nargs[0] = $query;
}
return _db_query(call_user_func_array("sprintf", $nargs));
return _db_query(call_user_func_array('sprintf', $nargs));
}
else {
return _db_query($query);
}
}
// debug version
/**
* Debugging version of db_query().
*
* Echoes the query to the browser.
*/
function db_queryd($query) {
$args = func_get_args();
$query = db_prefix_tables($query);
if (count($args) > 1) {
if(is_array($args[1])){
$args1 = array_map("check_query", $args[1]);
$args1 = array_map('check_query', $args[1]);
$nargs = array_merge(array($query), $args1);
}
else {
$nargs = array_map("check_query", $args);
$nargs = array_map('check_query', $args);
$nargs[0] = $query;
}
return _db_query(call_user_func_array("sprintf", $nargs), 1);
return _db_query(call_user_func_array('sprintf', $nargs), 1);
}
else {
return _db_query($query, 1);
}
}
// private
/**
* Helper function for db_query().
*/
function _db_query($query, $debug = 0) {
global $active_db, $queries;
if (variable_get("dev_query", 0)) {
list($usec, $sec) = explode(" ", microtime());
if (variable_get('dev_query', 0)) {
list($usec, $sec) = explode(' ', microtime());
$timer = (float)$usec + (float)$sec;
}
$result = $active_db->query($query);
if (variable_get("dev_query", 0)) {
list($usec, $sec) = explode(" ", microtime());
if (variable_get('dev_query', 0)) {
list($usec, $sec) = explode(' ', microtime());
$stop = (float)$usec + (float)$sec;
$diff = $stop - $timer;
$queries[] = array($query, $diff);
}
if ($debug) {
print "<p>query: $query</p>";
print '<p>query: '. $query .'</p>';
}
if (DB::isError($result)) {
@ -93,24 +115,64 @@ function _db_query($query, $debug = 0) {
}
}
/**
* Fetch one result row from the previous query as an object.
*
* @param $result
* A database query result resource, as returned from db_query().
* @return
* An object representing the next row of the result. The attributes of this
* object are the table fields selected by the query.
*/
function db_fetch_object($result) {
if ($result) {
return $result->fetchRow(DB_FETCHMODE_OBJECT);
}
}
/**
* Fetch one result row from the previous query as an array.
*
* @param $result
* A database query result resource, as returned from db_query().
* @return
* An associative array representing the next row of the result. The keys of
* this object are the names of the table fields selected by the query, and
* the values are the field values for this result row.
*/
function db_fetch_array($result) {
if ($result) {
return $result->fetchRow(DB_FETCHMODE_ASSOC);
}
}
/**
* Determine how many result rows were found by the preceding query.
*
* @param $result
* A database query result resource, as returned from db_query().
* @return
* The number of result rows.
*/
function db_num_rows($result) {
if ($result) {
return $result->numRows($result);
}
}
/**
* Return an individual result field from the previous query.
*
* Only use this function if exactly one field is being selected; otherwise,
* use db_fetch_object() or db_fetch_array().
*
* @param $result
* A database query result resource, as returned from db_query().
* @param $row
* The index of the row whose result is needed.
* @return
* The resulting field.
*/
function db_result($result, $row = 0) {
if ($result && $result->numRows($result) > $row) {
$tmp = $result->fetchRow(DB_FETCHMODE_ORDERED);
@ -118,12 +180,23 @@ function db_result($result, $row = 0) {
}
}
/**
* Determine whether the previous query caused an error.
*/
function db_error() {
global $active_db;
return DB::isError($active_db);
}
/**
* Return a new unique ID in the given sequence.
*
* For compatibility reasons, Drupal does not use auto-numbered fields in its
* database tables. Instead, this function is used to return a new unique ID
* of the type requested. If necessary, a new sequence with the given name
* will be created.
*/
function db_next_id($name) {
global $active_db;
@ -137,6 +210,9 @@ function db_next_id($name) {
}
}
/**
* Determine the number of rows changed by the preceding query.
*/
function db_affected_rows() {
global $active_db;
@ -144,19 +220,31 @@ function db_affected_rows() {
}
/**
* Runs a LIMIT query in the database.
* Runs a limited-range query in the active database.
*
* @param $query SQL query followed by a variable number of arguments which
* are substituted into query by sprintf, followed by 'from' and 'count'
* parameters. 'from' is the row to start fetching, 'count' the numbers of
* rows to fetch.
* @return a DB_Result object or a DB_Error
* Use this as a substitute for db_query() when a subset of the query is to be
* returned.
* User-supplied arguments to the query should be passed in as separate parameters
* so that they can be properly escaped to avoid SQL injection attacks.
*
* @param $query
* A string containing an SQL query.
* @param ...
* A variable number of arguments which are substituted into the query using
* printf() syntax.
* @param $from
* The first result row to return.
* @param $count
* The maximum number of result rows to return.
* @return
* A database query result resource, or FALSE if the query was not executed
* correctly.
*/
function db_query_range($query) {
global $active_db, $queries;
if (variable_get("dev_query", 0)) {
list($usec, $sec) = explode(" ", microtime());
if (variable_get('dev_query', 0)) {
list($usec, $sec) = explode(' ', microtime());
$timer = (float)$usec + (float)$sec;
}
@ -164,10 +252,10 @@ function db_query_range($query) {
$count = array_pop($args);
$from = array_pop($args);
if (count(func_get_args()) > 3) {
$args = array_map("check_query", $args);
$args = array_map('check_query', $args);
$query = db_prefix_tables($query);
$args[0] = $query;
$result = $active_db->limitQuery(call_user_func_array("sprintf", $args), $from, $count);
$result = $active_db->limitQuery(call_user_func_array('sprintf', $args), $from, $count);
}
else {
$query = func_get_arg(0);
@ -175,11 +263,11 @@ function db_query_range($query) {
$result = $active_db->limitQuery( $query, $from, $count);
}
if (variable_get("dev_query", 0)) {
list($usec, $sec) = explode(" ", microtime());
if (variable_get('dev_query', 0)) {
list($usec, $sec) = explode(' ', microtime());
$stop = (float)$usec + (float)$sec;
$diff = $stop - $timer;
$queries[] = array($query. " [LIMIT $from, $count]", $diff);
$queries[] = array($query. ' [LIMIT '. $from .', '. $count .']', $diff);
}
if (DB::isError($result)) {