MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
***********************************************************************/
+define('DB_DUPLICATE_ERROR', 1062);
+define('SQL_MODE', 'STRICT_ALL_TABLES'); // prevents SQL injection with silent field content truncation
+
+$db_last_inserted_id = 0;
function set_global_connection($company=-1)
{
- global $db, $transaction_level, $path_to_root, $db_connections;
+ global $db, $path_to_root, $db_connections, $SysPrefs;
include ($path_to_root . "/config_db.php");
+
if ($company == -1)
- $company = $_SESSION["wa_current_user"]->company;
+ $company = user_company();
- cancel_transaction(); // cancel all aborted transactions if any
- $transaction_level = 0;
+ cancel_transaction(); // cancel all aborted transactions (if any)
$_SESSION["wa_current_user"]->cur_con = $company;
$connection = $db_connections[$company];
- $db = mysqli_connect($connection["host"], $connection["dbuser"], $connection["dbpassword"]);
- mysqli_select_db($db, $connection["dbname"]);
+ $db = mysqli_connect($connection["host"], $connection["dbuser"], $connection["dbpassword"], "",
+ !empty($connection["port"]) ? $connection["port"] : 3306); // default port in mysql is 3306
+
+ mysqli_select_db($db, $connection["dbname"]);
///// From mysqli release 5.6.6 the sql_mode is no longer empty as it was prior to
///// this release. Just for safety we make it empty for all 5.6 release and higher.
///// This non empty sql_mode values can interphere with FA, so all is set empty during
///// our sessions.
///// We are, however, investigating the existing code to be compatible in the future.
- if (strncmp(db_get_version(), "5.6", 3) >= 0)
- db_query("SET sql_mode = ''");
+ db_query("SET sql_mode = '".SQL_MODE."'");
/////
+ $SysPrefs->refresh();
return $db;
}
-$db_duplicate_error_code = 1062;
-
//DB wrapper functions to change only once for whole application
function db_query($sql, $err_msg=null)
{
- global $db, $show_sql, $sql_trail, $select_trail, $go_debug, $sql_queries, $Ajax,
- $db_connections, $db_last_inserted_id;
-
+ global $db, $SysPrefs, $sql_queries, $Ajax, $db_connections, $db_last_inserted_id;
+
// set current db prefix
$comp = isset($_SESSION["wa_current_user"]->cur_con) ? $_SESSION["wa_current_user"]->cur_con : 0;
- $cur_prefix = $db_connections[$comp]['tbpref'];
+ $cur_prefix = @$db_connections[$comp]['tbpref'];
$sql = str_replace(TB_PREF, $cur_prefix, $sql);
- if ($show_sql)
+ if ($SysPrefs->show_sql)
{
$Ajax->activate('footer_debug');
$sql_queries .= "<pre>$sql</pre>\n<hr>";
}
- // mysql profiling
- global $profile_sql;
- if (@$profile_sql)
- get_usec();
- $result = mysqli_query($db, $sql);
- if (@$profile_sql)
- {
- $profile_sql= false;
- _vd($sql.'<br>:'.db_num_rows($result).'rows, '.get_usec());
- }
-
- if($sql_trail) {
+ db_profile(); // mysql profiling
+
+ $retry = MAX_DEADLOCK_RETRY;
+ do {
+ $result = mysqli_query($db, $sql);
+ if (mysqli_errno($db) == 1213) { // deadlock detected
+ sleep(1); $retry--;
+ } else
+ $retry = 0;
+ } while ($retry);
+
+ db_profile($sql);
+
+ if($SysPrefs->sql_trail) {
$db_last_inserted_id = mysqli_insert_id($db); // preserve in case trail insert is done
- if ($select_trail || (strstr($sql, 'SELECT') === false)) {
+ if ($SysPrefs->select_trail || (strstr($sql, 'SELECT') === false)) {
mysqli_query($db, "INSERT INTO ".$cur_prefix."sql_trail
(`sql`, `result`, `msg`)
VALUES(".db_escape($sql).",".($result ? 1 : 0).",
}
}
- if ($err_msg != null || $go_debug) {
+ if ($err_msg != null || $SysPrefs->go_debug) {
$exit = $err_msg != null;
if (function_exists('xdebug_call_file'))
- check_db_error('<br>At file '.xdebug_call_file().':'.xdebug_call_line().':<br>'.$err_msg, $sql, $exit);
- else
- check_db_error($err_msg, $sql, $exit);
+ $err_msg = '<br>At file '.xdebug_call_file().':'.xdebug_call_line().':<br>'.$err_msg;
+ check_db_error($err_msg, $sql, $exit);
}
return $result;
}
-function db_fetch_row ($result)
+function db_fetch_row($result)
{
$ret = mysqli_fetch_row($result);
return ($ret === null ? false : $ret);
}
-function db_fetch_assoc ($result)
+function db_fetch_assoc($result)
{
$ret = mysqli_fetch_assoc($result);
return ($ret === null ? false : $ret);
}
-function db_fetch ($result)
+function db_fetch($result)
{
$ret = mysqli_fetch_array($result);
return ($ret === null ? false : $ret);
}
-function db_seek (&$result,$record)
+function db_seek(&$result,$record)
{
return mysqli_data_seek($result, $record);
}
-function db_free_result ($result)
+function db_free_result($result)
{
if ($result)
mysqli_free_result($result);
}
-function db_num_rows ($result)
+function db_num_rows($result)
{
return mysqli_num_rows($result);
}
-function db_num_fields ($result)
+function db_num_fields($result)
{
return mysqli_num_fields($result);
}
function db_escape($value = "", $nullify = false)
{
global $db;
-
- $value = @html_entity_decode($value, ENT_QUOTES, $_SESSION['language']->encoding);
- $value = @htmlspecialchars($value, ENT_QUOTES, $_SESSION['language']->encoding);
+
+ $value = @html_entity_decode($value, ENT_QUOTES, $_SESSION['language']->encoding=='iso-8859-2' ? 'ISO-8859-1' : $_SESSION['language']->encoding);
+ $value = html_specials_encode($value);
//reset default if second parameter is skipped
$nullify = ($nullify === null) ? (false) : ($nullify);
return $value;
}
-function db_error_no ()
+function db_error_no()
{
global $db;
return mysqli_errno($db);
function db_insert_id()
{
- global $db_last_inserted_id, $sql_trail, $db;
+ global $db_last_inserted_id, $SysPrefs, $db;
- return $sql_trail ? $db_last_inserted_id : mysqli_insert_id($db);
+ return $SysPrefs->sql_trail ? $db_last_inserted_id : mysqli_insert_id($db);
}
function db_num_affected_rows()
return $fieldinfo->name;
}
+function db_set_collation($db, $fa_collation)
+{
+ return mysqli_query($db, "ALTER DATABASE COLLATE ".get_mysql_collation($fa_collation));
+}
+
+/*
+ Create database for FA company. If database already exists,
+ just set collation to be sure nothing weird will happen later.
+*/
function db_create_db($connection)
{
- $db = mysqli_connect($connection["host"], $connection["dbuser"], $connection["dbpassword"]);
- if (strncmp(db_get_version(), "5.6", 3) >= 0)
- db_query("SET sql_mode = ''");
+ global $db;
+
+ $db = mysqli_connect($connection["host"], $connection["dbuser"], $connection["dbpassword"], "",
+ !empty($connection["port"]) ? $connection["port"] : 3306); // default port in mysql is 3306
+
if (!mysqli_select_db($db, $connection["dbname"]))
{
- $sql = "CREATE DATABASE IF NOT EXISTS " . $connection["dbname"] . "";
- if (!mysqli_query($sql) || !mysqli_select_db($db, $connection["dbname"]))
+ $sql = "CREATE DATABASE IF NOT EXISTS `" . $connection["dbname"] . "`"
+ . " DEFAULT COLLATE '" . get_mysql_collation($connection["collation"]) . "'";
+
+ if (!mysqli_query($db, $sql) || !mysqli_select_db($db, $connection["dbname"]))
+ return 0;
+ } else {
+ if (!db_set_collation($db, $connection["collation"]))
+ {
return 0;
+ }
}
return $db;
}
mysqli_set_charset($db, $mysql_enc);
}
-?>
\ No newline at end of file
+function db_get_charset($db)
+{
+ return mysqli_character_set_name($db);
+}
+
+function db_set_charset($db, $charset)
+{
+ global $db;
+
+ return mysqli_set_charset($db, $charset);
+}
projects / fa-stable.git / blobdiff