2 /**********************************************************************
3 Copyright (C) FrontAccounting, LLC.
4 Released under the terms of the GNU General Public License, GPL,
5 as published by the Free Software Foundation, either version 3
6 of the License, or (at your option) any later version.
7 This program is distributed in the hope that it will be useful,
8 but WITHOUT ANY WARRANTY; without even the implied warranty of
9 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10 See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
11 ***********************************************************************/
12 define('DB_DUPLICATE_ERROR', 1062);
13 define('SQL_MODE', 'STRICT_ALL_TABLES'); // prevents SQL injection with silent field content truncation
15 function set_global_connection($company=-1)
17 global $db, $path_to_root, $db_connections, $SysPrefs;
19 include ($path_to_root . "/config_db.php");
21 $company = user_company();
23 cancel_transaction(); // cancel all aborted transactions if any
25 $_SESSION["wa_current_user"]->cur_con = $company;
27 $connection = $db_connections[$company];
29 $server = $connection["host"];
30 if (!empty($connection["port"]))
31 $server .= ":".$connection["port"];
33 $db = mysql_connect($server, $connection["dbuser"], $connection["dbpassword"]);
34 mysql_select_db($connection["dbname"], $db);
35 ///// From MySql release 5.6.6 the sql_mode is no longer empty as it was prior to
36 ///// this release. Just for safety we make it empty for all 5.6 release and higher.
37 ///// This non empty sql_mode values can interphere with FA, so all is set empty during
39 ///// We are, however, investigating the existing code to be compatible in the future.
40 db_query("SET sql_mode = '".SQL_MODE."'");
46 //DB wrapper functions to change only once for whole application
48 function db_query($sql, $err_msg=null)
50 global $db, $SysPrefs, $sql_queries, $Ajax, $db_connections, $db_last_inserted_id;
52 // set current db prefix
53 $comp = isset($_SESSION["wa_current_user"]->cur_con) ? $_SESSION["wa_current_user"]->cur_con : 0;
54 $cur_prefix = $db_connections[$comp]['tbpref'];
55 $sql = str_replace(TB_PREF, $cur_prefix, $sql);
57 if ($SysPrefs->show_sql)
59 $Ajax->activate('footer_debug');
60 $sql_queries .= "<pre>$sql</pre>\n<hr>";
63 db_profile(); // mysql profiling
65 $retry = MAX_DEADLOCK_RETRY;
67 $result = mysql_query($db, $sql);
68 if (mysql_errno($db) == 1213) { // deadlock detected
76 if($SysPrefs->sql_trail) {
77 $db_last_inserted_id = mysql_insert_id($db); // preserve in case trail insert is done
78 if ($SysPrefs->select_trail || (strstr($sql, 'SELECT') === false)) {
80 "INSERT INTO ".$cur_prefix."sql_trail
81 (`sql`, `result`, `msg`)
82 VALUES(".db_escape($sql).",".($result ? 1 : 0).",
83 ".db_escape($err_msg).")", $db);
87 if ($err_msg != null || $SysPrefs->go_debug) {
88 $exit = $err_msg != null;
89 if (function_exists('xdebug_call_file'))
90 $err_msg = '<br>At file '.xdebug_call_file().':'.xdebug_call_line().':<br>'.$err_msg;
91 check_db_error($err_msg, $sql, $exit);
96 function db_fetch_row($result)
99 return mysql_fetch_row($result);
102 function db_fetch_assoc($result)
105 return mysql_fetch_assoc($result);
108 function db_fetch($result)
111 return mysql_fetch_array($result);
114 function db_seek(&$result,$record)
116 return mysql_data_seek($result, $record);
119 function db_free_result($result)
122 mysql_free_result($result);
125 function db_num_rows($result)
127 return mysql_num_rows($result);
130 function db_num_fields($result)
132 return mysql_num_fields($result);
135 function db_escape($value = "", $nullify = false)
137 $value = @html_entity_decode($value, ENT_QUOTES, $_SESSION['language']->encoding);
138 $value = html_specials_encode($value);
140 //reset default if second parameter is skipped
141 $nullify = ($nullify === null) ? (false) : ($nullify);
143 //check for null/unset/empty strings
144 if ((!isset($value)) || (is_null($value)) || ($value === "")) {
145 $value = ($nullify) ? ("NULL") : ("''");
147 if (is_string($value)) {
148 //value is a string and should be quoted; determine best method based on available extensions
149 if (function_exists('mysql_real_escape_string')) {
150 $value = "'" . mysql_real_escape_string($value) . "'";
152 $value = "'" . mysql_escape_string($value) . "'";
154 } else if (!is_numeric($value)) {
155 //value is not a string nor numeric
156 display_error("ERROR: incorrect data type send to sql query");
164 function db_error_no()
167 return mysql_errno($db);
170 function db_error_msg($conn)
172 return mysql_error($conn);
175 function db_insert_id()
177 global $db_last_inserted_id, $SysPrefs, $db;
179 return $SysPrefs->sql_trail ? $db_last_inserted_id : mysql_insert_id($db);
182 function db_num_affected_rows()
185 return mysql_affected_rows($db);
188 function db_field_name($result, $n)
190 return mysql_field_name($result, $n);
193 function db_set_collation($db, $fa_collation)
195 return mysql_query("ALTER DATABASE COLLATE ".get_mysql_collation($fa_collation), $db);
199 Create database for FA company. If database already exists,
200 just set collation to be sure nothing weird will happen later.
202 function db_create_db($connection)
204 $server = $connection["host"];
205 if (!empty($connection["port"]))
206 $server .= ":".$connection["port"];
207 $db = mysql_connect($server, $connection["dbuser"], $connection["dbpassword"]);
209 if (!mysql_select_db($connection["dbname"], $db))
211 $sql = "CREATE DATABASE IF NOT EXISTS `" . $connection["dbname"] . "`"
212 . " DEFAULT COLLATE '" . get_mysql_collation($connection["collation"]) . "'";
214 if (!mysql_query($sql) || !mysql_select_db($connection["dbname"], $db))
217 if (!db_set_collation($connection["collation"], $db))
223 function db_drop_db($connection)
226 if ($connection["tbpref"] == "")
228 $sql = "DROP DATABASE IF EXISTS " . $connection["dbname"] . "";
229 return mysql_query($sql);
233 $res = db_query("show table status");
234 $all_tables = array();
235 while($row = db_fetch($res))
236 $all_tables[] = $row;
237 // get table structures
238 foreach ($all_tables as $table)
240 if (strpos($table['Name'], $connection["tbpref"]) === 0)
241 db_query("DROP TABLE `".$table['Name'] . "`");
243 //deleting the tables, how??
248 function db_close($dbase = null)
254 return mysql_close($dbase);
257 function db_extension_exists()
259 return function_exists('mysql_connect');
262 function db_escape_function($string)
264 return (function_exists('mysql_real_escape_string') ? mysql_real_escape_string($string) : mysql_escape_string($string));
268 Set mysql client encoding.
269 Default is is encoding used by default language.
271 function db_set_encoding($ui_encoding=null)
273 global $dflt_lang, $installed_languages;
275 if (!isset($ui_encoding))
277 $lang = array_search_value($dflt_lang, $installed_languages, 'code');
278 $ui_encoding = strtoupper($lang['encoding']);
281 if ($mysql_enc = get_mysql_encoding_name($ui_encoding))
282 mysql_set_charset($mysql_enc);
285 function db_get_charset($db)
287 return mysql_client_encoding();
290 function db_set_charset($db, $charset)
292 return mysql_set_charset($charset, $db);