<?php
/***************************************************************************
- * Copyright (C) 2003-2009 Polytechnique.org *
+ * Copyright (C) 2003-2010 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
**************************************************************************/
+class XDBException extends PlException {
+ public function __construct($query, $error) {
+ if (strpos($query, 'INSERT') === false && strpos($query, 'UPDATE') === false
+ && strpos($query, 'REPLACE') === false && strpos($query, 'DELETE') === false) {
+ $text = 'Erreur lors de l\'interrogation de la base de données';
+ } else {
+ $text = 'Erreur lors de l\'écriture dans la base de données';
+ }
+ parent::__construct($text, $query . "\n" . $error);
+ }
+}
+
class XDB
{
private static $mysqli = null;
{
global $globals;
$query = array_map(Array('XDB', 'escape'), $args);
- $query[0] = preg_replace('/#([a-z0-9]*)#/', $globals->dbprefix . '$1', $args[0]);
+ $query[0] = preg_replace('/#([a-z0-9]+)#/', $globals->dbprefix . '$1', $args[0]);
$query[0] = str_replace('%', '%%', $query[0]);
$query[0] = str_replace('{?}', '%s', $query[0]);
return call_user_func_array('sprintf', $query);
}
if ($res === false) {
- header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error');
- if (strpos($query, 'INSERT') === false && strpos($query, 'UPDATE') === false
- && strpos($query, 'REPLACE') === false && strpos($query, 'DELETE') === false) {
- $text = 'Erreur lors de l\'interrogation de la base de données';
- } else {
- $text = 'Erreur lors de l\'écriture dans la base de données';
- }
- if ($globals->debug) {
- $text .= '<pre>' . pl_entities(XDB::_reformatQuery($query)) . '</pre>';
- } else {
- $file = fopen($globals->spoolroot . '/spool/tmp/query_errors', 'a');
- fwrite($file, '<pre>' . pl_entities(XDB::_reformatQuery($query)) . '</pre>'
- . '<pre>' . XDB::$mysqli->error . '</pre>' . "\n");
- fclose($file);
- }
- Platal::page()->kill($text);
- exit;
+ throw new XDBException(XDB::_reformatQuery($query), XDB::$mysqli->error);
}
return $res;
}
// Produce the SQL statement representing an array
public static function formatArray(array $array)
{
- return '(' . implode(', ', array_map(array('XDB', 'escape'), $array)) . ')';
+ return self::escape($array);
+ }
+
+ const WILDCARD_EXACT = 0x00;
+ const WILDCARD_PREFIX = 0x01;
+ const WILDCARD_SUFFIX = 0x02;
+ const WILDCARD_CONTAINS = 0x03; // WILDCARD_PREFIX | WILDCARD_SUFFIX
+
+ // Returns the SQL statement for a wildcard search.
+ public static function formatWildcards($mode, $text)
+ {
+ if ($mode == self::WILDCARD_EXACT) {
+ return XDB::format(' = {?}', $text);
+ } else {
+ $text = str_replace(array('%', '_'), array('\%', '\_'), $text);
+ if ($mode & self::WILDCARD_PREFIX) {
+ $text = $text . '%';
+ }
+ if ($mode & self::WILDCARD_SUFFIX) {
+ $text = '%' . $text;
+ }
+ return XDB::format(" LIKE {?}", $text);
+ }
+ }
+
+ // Returns a FIELD(blah, 3, 1, 2) for use in an order with custom orders
+ public static function formatCustomOrder($field, $values)
+ {
+ return 'FIELD( ' . $field . ', ' . implode(', ', array_map(array('XDB', 'escape'), $values)) . ')';
}
public static function execute()
case 'object':
if ($var instanceof PlFlagSet) {
return "'" . addslashes($var->flags()) . "'";
+ } else {
+ return "'".addslashes(serialize($var))."'";
}
+
case 'array':
- return "'".addslashes(serialize($var))."'";
+ return '(' . implode(', ', array_map(array('XDB', 'escape'), $var)) . ')';
default:
die(var_export($var, true).' is not a valid for a database entry');