2 /**********************************************************************
3 Copyright (C) FrontAccounting, LLC.
4 Released under the terms of the GNU General Public License, GPL,
5 as published by the Free Software Foundation, either version 3
6 of the License, or (at your option) any later version.
7 This program is distributed in the hope that it will be useful,
8 but WITHOUT ANY WARRANTY; without even the implied warranty of
9 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10 See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
11 ***********************************************************************/
12 define('DB_DUPLICATE_ERROR', 1062);
13 define('SQL_MODE', 'STRICT_ALL_TABLES'); // prevents SQL injection with silent field content truncation
15 $db_last_inserted_id = 0;
17 function set_global_connection($company=-1)
19 global $db, $path_to_root, $db_connections, $SysPrefs;
21 include ($path_to_root . "/config_db.php");
24 $company = user_company();
26 cancel_transaction(); // cancel all aborted transactions (if any)
28 $_SESSION["wa_current_user"]->cur_con = $company;
30 $connection = $db_connections[$company];
32 $db = mysqli_connect($connection["host"], $connection["dbuser"], $connection["dbpassword"], "",
33 !empty($connection["port"]) ? $connection["port"] : 3306); // default port in mysql is 3306
35 mysqli_select_db($db, $connection["dbname"]);
36 ///// From mysqli release 5.6.6 the sql_mode is no longer empty as it was prior to
37 ///// this release. Just for safety we make it empty for all 5.6 release and higher.
38 ///// This non empty sql_mode values can interphere with FA, so all is set empty during
40 ///// We are, however, investigating the existing code to be compatible in the future.
41 db_query("SET sql_mode = '".SQL_MODE."'");
47 //DB wrapper functions to change only once for whole application
49 function db_query($sql, $err_msg=null)
51 global $db, $SysPrefs, $sql_queries, $Ajax, $db_connections, $db_last_inserted_id;
53 // set current db prefix
54 $comp = isset($_SESSION["wa_current_user"]->cur_con) ? $_SESSION["wa_current_user"]->cur_con : 0;
55 $cur_prefix = $db_connections[$comp]['tbpref'];
56 $sql = str_replace(TB_PREF, $cur_prefix, $sql);
58 if ($SysPrefs->show_sql)
60 $Ajax->activate('footer_debug');
61 $sql_queries .= "<pre>$sql</pre>\n<hr>";
64 db_profile(); // mysql profiling
66 $retry = MAX_DEADLOCK_RETRY;
68 $result = mysqli_query($db, $sql);
69 if (mysqli_errno($db) == 1213) { // deadlock detected
75 if($SysPrefs->db_trail == 1)
76 $db_last_inserted_id = mysqli_insert_id($db); // cache to avoid trail overwrite
80 if ($err_msg != null || $SysPrefs->go_debug) {
81 $exit = $err_msg != null;
82 if (function_exists('xdebug_call_file'))
83 $err_msg = '<br>At file '.xdebug_call_file().':'.xdebug_call_line().':<br>'.$err_msg;
84 check_db_error($err_msg, $sql, $exit);
89 function db_fetch_row($result)
91 $ret = mysqli_fetch_row($result);
92 return ($ret === null ? false : $ret);
95 function db_fetch_assoc($result)
97 $ret = mysqli_fetch_assoc($result);
98 return ($ret === null ? false : $ret);
101 function db_fetch($result)
103 $ret = mysqli_fetch_array($result);
104 return ($ret === null ? false : $ret);
107 function db_seek(&$result,$record)
109 return mysqli_data_seek($result, $record);
112 function db_free_result($result)
115 mysqli_free_result($result);
118 function db_num_rows($result)
120 return mysqli_num_rows($result);
123 function db_num_fields($result)
125 return mysqli_num_fields($result);
128 function db_escape($value = "", $nullify = false)
132 $value = @html_entity_decode($value, ENT_QUOTES, $_SESSION['language']->encoding=='iso-8859-2' ? 'ISO-8859-1' : $_SESSION['language']->encoding);
133 $value = html_specials_encode($value);
135 //reset default if second parameter is skipped
136 $nullify = ($nullify === null) ? (false) : ($nullify);
138 //check for null/unset/empty strings
139 if ((!isset($value)) || (is_null($value)) || ($value === "")) {
140 $value = ($nullify) ? ("NULL") : ("''");
142 if (is_string($value)) {
143 $value = "'" . mysqli_real_escape_string($db, $value) . "'";
144 //value is a string and should be quoted;
145 } else if (!is_numeric($value)) {
146 //value is not a string nor numeric
147 display_error("ERROR: incorrect data type send to sql query");
155 function db_error_no()
158 return mysqli_errno($db);
161 function db_error_msg($conn)
163 return mysqli_error($conn);
166 function db_insert_id()
168 global $db_last_inserted_id, $SysPrefs, $db;
170 return $SysPrefs->db_trail == 1 ? $db_last_inserted_id : mysqli_insert_id($db);
173 function db_num_affected_rows()
176 return mysqli_affected_rows($db);
179 function db_field_name($result, $n)
181 $fieldinfo = mysqli_fetch_field_direct($result, $n);
182 return $fieldinfo->name;
185 function db_set_collation($db, $fa_collation)
187 return mysqli_query($db, "ALTER DATABASE COLLATE ".get_mysql_collation($fa_collation));
191 Create database for FA company. If database already exists,
192 just set collation to be sure nothing weird will happen later.
194 function db_create_db($connection)
198 $db = mysqli_connect($connection["host"], $connection["dbuser"], $connection["dbpassword"], "",
199 !empty($connection["port"]) ? $connection["port"] : 3306); // default port in mysql is 3306
201 if (!mysqli_select_db($db, $connection["dbname"]))
203 $sql = "CREATE DATABASE IF NOT EXISTS `" . $connection["dbname"] . "`"
204 . " DEFAULT COLLATE '" . get_mysql_collation($connection["collation"]) . "'";
206 if (!mysqli_query($db, $sql) || !mysqli_select_db($db, $connection["dbname"]))
209 if (!db_set_collation($db, $connection["collation"]))
217 function db_drop_db($connection)
220 if ($connection["tbpref"] == "")
223 $sql = "DROP DATABASE IF EXISTS " . $connection["dbname"] . "";
224 return mysqli_query($db, $sql);
228 $res = db_query("show table status");
229 $all_tables = array();
230 while($row = db_fetch($res))
231 $all_tables[] = $row;
232 // get table structures
233 foreach ($all_tables as $table)
235 if (strpos($table['Name'], $connection["tbpref"]) === 0)
236 db_query("DROP TABLE `".$table['Name'] . "`");
238 //deleting the tables, how??
243 function db_close($dbase = null)
249 return mysqli_close($dbase);
252 function db_extension_exists()
254 return function_exists('mysqli_connect');
257 function db_escape_function($string)
261 return (mysqli_real_escape_string($db, $string));
265 Set mysql client encoding.
266 Default is is encoding used by default language.
268 function db_set_encoding($ui_encoding=null)
270 global $db, $dflt_lang, $installed_languages;
272 if (!isset($ui_encoding))
274 $lang = array_search_value($dflt_lang, $installed_languages, 'code');
275 $ui_encoding = strtoupper($lang['encoding']);
278 if ($mysql_enc = get_mysql_encoding_name($ui_encoding))
279 mysqli_set_charset($db, $mysql_enc);
282 function db_get_charset($db)
284 return mysqli_character_set_name($db);
287 function db_set_charset($db, $charset)
291 return mysqli_set_charset($db, $charset);