Remove all mysql_ functionality and make insertion/updating use PDO instead.

11 years ago · 4aa82d0a86
parent da6ed16c34
commit 4aa82d0a86
4 changed files with 47 additions and 189 deletions
--- a/class.databaserecord.php
+++ b/class.databaserecord.php
@ -113,32 +113,15 @@ abstract class CPHPDatabaseRecordClass extends CPHPBaseClass
 				{
 					$this->sId = (is_numeric($uDataSource)) ? $uDataSource : 0;
-					if(strpos($this->fill_query, " :") === false)
+					/* Use PDO to fetch the object from the database. */
 					if($result = $database->CachedQuery($this->fill_query, array(":Id" => $this->sId), $this->query_cache))
 					{
-						/* Use mysql_* to fetch the object from the database. */
+						$uDataSource = $result->data[0];
 						$query = sprintf($this->fill_query, $uDataSource);
 						if($result = mysql_query_cached($query, $this->query_cache))
 						{
 							$uDataSource = $result->data[0];
 						}
 						else
 						{
 							$classname = get_class($this);
 							throw new NotFoundException("Could not locate {$classname} {$uDataSource} in database.", 0, null, "");
 						}
 					}
 					else
 					{
-						/* Use PDO to fetch the object from the database. */
+						$classname = get_class($this);
-						if($result = $database->CachedQuery($this->fill_query, array(":Id" => $this->sId), $this->query_cache))
+						throw new NotFoundException("Could not locate {$classname} {$uDataSource} in database.", 0, null, "");
 						{
 							$uDataSource = $result->data[0];
 						}
 						else
 						{
 							$classname = get_class($this);
 							throw new NotFoundException("Could not locate {$classname} {$uDataSource} in database.", 0, null, "");
 						}
 					}
 				}
 				else
@ -377,20 +360,18 @@ abstract class CPHPDatabaseRecordClass extends CPHPBaseClass
 		if(!empty($this->verify_query))
 		{
 			if(strpos($this->verify_query, ":Id") === false)
 			{
 				throw new DeprecatedException("Support for mysql_* has been removed from CPHP. Please update your queries to be in CachedPDO-style.");
 			}
 			if($this->sId == 0)
 			{
 				$insert_mode = CPHP_INSERTMODE_INSERT;
 			}
 			else
 			{
-				/* Temporary implementation to make old style queries play nice with PDO code. */
+				if($result = $database->CachedQuery($this->verify_query, array(":Id" => $this->sId), 0))
 				if(strpos($this->verify_query, ":Id") !== false)
 				{
 					$this->verify_query = str_replace(":Id", "'%d'", $this->verify_query);
 				}
 				$query = sprintf($this->verify_query, $this->sId);
 				if($result = mysql_query_cached($query, 0))
 				{
 					$insert_mode = CPHP_INSERTMODE_UPDATE;
 				}
@ -425,7 +406,8 @@ abstract class CPHPDatabaseRecordClass extends CPHPBaseClass
 			}
 			$sKeyList = array();
-			$sValueList = array();
+			$sKeyIdentifierList = array();
 			$uValueList = array();
 			foreach($element_list as $sKey => $value)
 			{				
@ -437,46 +419,46 @@ abstract class CPHPDatabaseRecordClass extends CPHPBaseClass
 					switch($value['type'])
 					{
 						case "none":
-							$sFinalValue = mysql_real_escape_string($this->$variable_name_unsafe);
+							$uFinalValue = $this->$variable_name_unsafe;
 							break;
 						case "numeric":
 							$number = (isset($this->$variable_name_unsafe)) ? $this->$variable_name_unsafe : $this->$variable_name_safe;
-							$sFinalValue = (is_numeric($number)) ? $number : 0;
+							$uFinalValue = (is_numeric($number)) ? $number : 0;
 							break;
 						case "boolean":
 							$bool = (isset($this->$variable_name_unsafe)) ? $this->$variable_name_unsafe : $this->$variable_name_safe;
-							$sFinalValue = ($bool) ? "1" : "0";
+							$uFinalValue = ($bool) ? "1" : "0";
 							break;
 						case "timestamp":
 							if(is_numeric($this->$variable_name_unsafe))
 							{
-								$sFinalValue = mysql_from_unix($this->$variable_name_unsafe);
+								$uFinalValue = mysql_from_unix($this->$variable_name_unsafe);
 							}
 							else
 							{
 								if(isset($this->$variable_name_safe))
 								{
-									$sFinalValue = mysql_from_unix($this->$variable_name_safe);
+									$uFinalValue = mysql_from_unix($this->$variable_name_safe);
 								}
 								else
 								{
-									$sFinalValue = mysql_from_unix(unix_from_local($this->$variable_name_unsafe));
+									$uFinalValue = mysql_from_unix(unix_from_local($this->$variable_name_unsafe));
 								}
 							}
 							break;
 						case "string":
-							$sFinalValue = (isset($this->$variable_name_unsafe)) ? mysql_real_escape_string($this->$variable_name_unsafe) : mysql_real_escape_string($this->$variable_name_safe);
+							$uFinalValue = (isset($this->$variable_name_unsafe)) ? $this->$variable_name_unsafe : $this->$variable_name_safe;
 							break;
 						case "default":
-							$sFinalValue = mysql_real_escape_string($this->$variable_name_unsafe);
+							$uFinalValue = $this->$variable_name_unsafe;
 							break;
 					}
-					$sFinalValue = "'{$sFinalValue}'";
+					$sIdentifier = ":{$sKey}";
 					$sKey = "`{$sKey}`";
-					$sKeyList[] = $sKey;
+					$sKeyList[] = "`{$sKey}`";
-					$sValueList[] = $sFinalValue;
+					$sKeyIdentifierList[] = $sIdentifier;
 					$uValueList[$sIdentifier] = $uFinalValue;
 				}
 				else
 				{
@ -492,48 +474,42 @@ abstract class CPHPDatabaseRecordClass extends CPHPBaseClass
 			if($insert_mode == CPHP_INSERTMODE_INSERT)
 			{
 				$sQueryKeys = implode(", ", $sKeyList);
-				$sQueryValues = implode(", ", $sValueList);
+				$sQueryKeyIdentifiers = implode(", ", $sKeyIdentifierList);
-				$query = "INSERT INTO {$this->table_name} ({$sQueryKeys}) VALUES ({$sQueryValues})";
+				$query = "INSERT INTO {$this->table_name} ({$sQueryKeys}) VALUES ({$sQueryKeyIdentifiers})";
 			}
 			elseif($insert_mode == CPHP_INSERTMODE_UPDATE)
 			{
-				$sKeyValueList = array();
+				$sKeysIdentifiersList = array();
 				for($i = 0; $i < count($sKeyList); $i++)
 				{
 					$sKey = $sKeyList[$i];
-					$sValue = $sValueList[$i];
+					$sValue = $sKeyIdentifierList[$i];
-					$sKeyValueList[] = "{$sKey} = {$sValue}";
+					$sKeysIdentifiersList[] = "{$sKey} = {$sValue}";
 				}
-				$sQueryKeysValues = implode(", ", $sKeyValueList);
+				$sQueryKeysIdentifiers = implode(", ", $sKeysIdentifiersList);
-				$query = "UPDATE {$this->table_name} SET {$sQueryKeysValues} WHERE `{$this->id_field}` = '{$this->sId}'";
+				$query = "UPDATE {$this->table_name} SET {$sQueryKeysIdentifiers} WHERE `{$this->id_field}` = '{$this->sId}'";
 			}
-			if($result = mysql_query_cached($query, 0, "", true))
+			try
 			{
 				$result = $database->CachedQuery($query, $uValueList, 0);
 				if($insert_mode == CPHP_INSERTMODE_INSERT)
 				{
-					/* Temporary PDO implementation. */
+					$this->sId = $database->lastInsertId();
 					if(!empty($cphp_config->database->pdo))
 					{
 						$this->sId = $database->lastInsertId();
 					}
 					else
 					{
 						$this->sId = mysql_insert_id();
 					}
 				}
 				$this->RefreshData();
 				return $result;
 			}
-			else
+			catch (DatabaseException $e)
 			{
 				$classname = get_class($this);
-				var_dump($database->errorInfo());
+				$error = $database->errorInfo();
-				throw new DatabaseException("Database insertion query failed in object of type {$classname}. Error message: " . mysql_error());
+				throw new DatabaseException("Database insertion query failed in object of type {$classname}. Error message: " . $error[3]);
 			}
 		}
 		else
--- a/include.exceptions.php
+++ b/include.exceptions.php
@ -30,6 +30,7 @@ class ConstructorException extends BaseException {}
 class MissingDataException extends BaseException {}
 class DatabaseException extends BaseException {}
 class TypeException extends BaseException {}
 class DeprecatedException extends BaseException {}
 class TemplateException extends Exception
 {
--- a/include.memcache.php
+++ b/include.memcache.php
@ -92,105 +92,7 @@ function mc_delete($key)
 function mysql_query_cached($query, $expiry = 60, $key = "", $exec = false)
 {
-	global $cphp_config, $database;
+	throw new DeprecatedException("All mysql_* functionality in CPHP has been removed. Use CachedPDO syntax instead.");
 	if($key == "")
 	{
 		$key = md5($query) . md5($query . "x");
 	}
 	if($res = mc_get($key))
 	{
 		$return_object->source = "memcache";
 		$return_object->data = $res;
 		return $return_object;
 	}
 	else
 	{
 		if(empty($cphp_config->database->pdo))
 		{
 			if($res = mysql_query($query))
 			{
 				$found = false;
 				while($row = mysql_fetch_assoc($res))
 				{
 					$return_object->data[] = $row;
 					$found = true;
 				}
 				if($found === true)
 				{
 					$return_object->source = "database";
 					mc_set($key, $return_object->data, $expiry);
 					return $return_object;
 				}
 				else
 				{
 					return false;
 				}
 			}
 			else
 			{
 				return null;
 			}
 		}
 		else
 		{
 			/* Transparently use PDO to run the query. */
 			if($exec === false && $statement = $database->query($query))
 			{
 				if($data = $statement->fetchAll(PDO::FETCH_ASSOC))
 				{
 					if(count($data) > 0)
 					{
 						if($expiry != 0)
 						{
 							mc_set($key, $result, $expiry);
 						}
 						$return_object = new stdClass;
 						$return_object->source = "database";
 						$return_object->data = $data;
 						return $return_object;
 					}
 					else
 					{
 						return false;
 					}
 				}
 				else
 				{
 					return null;
 				}
 			}
 			elseif($exec === true)
 			{
 				$statement = $database->exec($query);
 				if(is_null($statement))
 				{
 					return null;
 				}
 				/*elseif($statement == 0)
 				{
 					return false;
 				}*/
 				else
 				{
 					$return_object = new stdClass();
 					$return_object->source = "database";
 					$return_object->data = $statement;
 					return $return_object;
 				}
 			}
 			else
 			{
 				return null;
 			}
 		}
 	}
 }
 function file_get_contents_cached($path, $expiry = 3600)
--- a/include.mysql.php
+++ b/include.mysql.php
@ -22,36 +22,15 @@ if(!empty($cphp_config->database->driver))
 		die("No database was configured. Refer to the CPHP manual for instructions.");
 	}
-	if(empty($cphp_config->database->pdo))
+	try
 	{
-		if(mysql_connect($cphp_config->database->hostname, $cphp_config->database->username, $cphp_config->database->password))
+		$database = new CachedPDO("mysql:host={$cphp_config->database->hostname};dbname={$cphp_config->database->database}", $cphp_config->database->username, $cphp_config->database->password);
-		{
+		$database->setAttribute(PDO::ATTR_ORACLE_NULLS, PDO::NULL_TO_STRING);
-			if(mysql_select_db($cphp_config->database->database))
+		$cphp_mysql_connected = true;
 			{
 				$cphp_mysql_connected = true;
 			}
 			else
 			{
 				die("Could not connect to the specified database. Refer to the CPHP manual for instructions.");
 			}
 		}
 		else
 		{
 			die("Could not connect to the specified database server. Refer to the CPHP manual for instructions.");
 		}
 	}
-	else
+	catch (Exception $e)
 	{
-		try
+		die("Could not connect to the specified database. Refer to the CPHP manual for instructions.");
 		{
 			$database = new CachedPDO("mysql:host={$cphp_config->database->hostname};dbname={$cphp_config->database->database}", $cphp_config->database->username, $cphp_config->database->password);
 			$database->setAttribute(PDO::ATTR_ORACLE_NULLS, PDO::NULL_TO_STRING);
 			$cphp_mysql_connected = true;
 		}
 		catch (Exception $e)
 		{
 			die("Could not connect to the specified database. Refer to the CPHP manual for instructions.");
 		}
 	}
 }