mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-05 14:17:49 +02:00
Code Issues Releases Wiki Activity

Code cleanup

Browse Source 
PDO class accepts bind params with select() method.
This commit is contained in:
Cameron
2019-02-21 17:29:49 -08:00
parent b03611922f
commit 8f19149adf
2 changed files with 64 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
e107_handlers/admin_log_class.php
View File

@@ -415,7 +415,7 @@ class e_admin_log
* @param string $u_name
* both $id and $u_name are left blank except for admin edits and user login, where they specify the id and login name of the 'target' user
*
* @return none
* @return bool
*/
function user_audit($event_type, $event_data, $id = '', $u_name = '')
{
@@ -477,15 +477,6 @@ class e_admin_log
$eventcode = 'USER_'.$event_type;
$title = 'LAN_AUDIT_LOG_0'.$event_type; // This creates a string which will be displayed as a constant
/* $spacer = '';
$detail = '';
foreach ($event_data as $k=>$v)
{
$detail .= $spacer.$k.'=>'.$v;
$spacer = '<br />';
}
*/
$insertQry = array(
'dblog_id' => 0,
@@ -499,10 +490,12 @@ class e_admin_log
'dblog_remarks' => print_r($event_data,true),
);
$this->rldb->insert("audit_log", $insertQry);
if($this->rldb->insert("audit_log", $insertQry))
{
return true;
}
return true;
// $this->rldb->insert("audit_log", "0, ".intval($time_sec).', '.intval($time_usec).", '{$eventcode}', {$userid}, '{$userstring}', '{$userIP}', '{$title}', '{$detail}' ");
return false;
}

86
e107_handlers/e_db_pdo_class.php
View File

@@ -297,18 +297,21 @@ class e_db_pdo implements e_db
/**
* This is the 'core' routine which handles much of the interface between other functions and the DB
*
* If a SELECT query includes SQL_CALC_FOUND_ROWS, the value of FOUND_ROWS() is retrieved and stored in $this->total_results
* @param string|array $query
* @param string $query['PREPARE'] PDO Format query.
*@param array $query['BIND'] eg. array['my_field'] = array('value'=>'whatever', 'type'=>'str');
* @param object $rli
* @return boolean|PDOStatement | resource - as mysql_query() function.
* false indicates an error
* For SELECT, SHOW, DESCRIBE, EXPLAIN and others returning a result set, returns a resource
* TRUE indicates success in other cases
*/
* This is the 'core' routine which handles much of the interface between other functions and the DB
*
* If a SELECT query includes SQL_CALC_FOUND_ROWS, the value of FOUND_ROWS() is retrieved and stored in $this->total_results
*
* @param string|array $query ['BIND'] eg. array['my_field'] = array('value'=>'whatever', 'type'=>'str');
* @param object $rli connection resource.
* @param string $qry_from eg. SELECT, INSERT, UPDATE mode.
* @param bool $debug
* @param string $log_type
* @param string $log_remark
* @return boolean|PDOStatement | resource - as mysql_query() function.
* false indicates an error
* For SELECT, SHOW, DESCRIBE, EXPLAIN and others returning a result set, returns a resource
* TRUE indicates success in other cases
*/
public function db_Query($query, $rli = NULL, $qry_from = '', $debug = false, $log_type = '', $log_remark = '')
{
global $db_time, $queryinfo;
@@ -334,19 +337,25 @@ class e_db_pdo implements e_db
$b = microtime();
if(is_array($query) && !empty($query['PREPARE']) && !empty($query['BIND']))
if(is_array($query) && !empty($query['PREPARE']))
{
/** @var PDOStatement $prep */
$prep = $this->mySQLaccess->prepare($query['PREPARE']);
foreach($query['BIND'] as $k=>$v)
if(!empty($query['BIND']))
{
$prep->bindValue(':'.$k, $v['value'],$v['type']);
foreach($query['BIND'] as $k=>$v)
{
$prep->bindValue(':'.$k, $v['value'],$v['type']);
}
}
$execute = !empty($query['EXECUTE']) ? $query['EXECUTE'] : null;
try
{
$prep->execute();
$sQryRes = $prep->rowCount();
$prep->execute($execute);
$sQryRes = ($qry_from == 'db_Select') ? $prep : $prep->rowCount();
}
catch(PDOException $ex)
{
@@ -619,17 +628,15 @@ class e_db_pdo implements e_db
}
/**
* Perform a mysql_query() using the arguments suplied by calling db::db_Query()<br />
* <br />
* If you need more requests think to call the class.<br />
* <br />
* Example using a unique connection to database:<br />
* <code>e107::getDb()->select("comments", "*", "comment_item_id = '$id' AND comment_type = '1' ORDER BY comment_datestamp");</code><br />
* <br />
* OR as second connection:<br />
* <code>
* e107::getDb('sql2')->select("chatbox", "*", "ORDER BY cb_datestamp DESC LIMIT $from, ".$view, true);</code>
* Perform a SELECT using the arguments suplpied by calling db::db_Query()
*
* @param string $table
* @param string $fields
* @param string|array $arg;
*
* @example e107::getDb()->select("comments", "*", "comment_item_id = '$id' AND comment_type = '1' ORDER BY comment_datestamp");
* @example e107::getDb('sql2')->select("chatbox", "*", "ORDER BY cb_datestamp DESC LIMIT $from, ".$view, true);</code>
* @example select('user', 'user_id, user_name', 'user_id=:id OR user_name=:name ORDER BY user_name', array('id' => 999, 'name'=>'e107')); // bind support.
* @return integer Number of rows or false on error
*/
public function select($table, $fields = '*', $arg = '', $noWhere = false, $debug = false, $log_type = '', $log_remark = '')
@@ -639,7 +646,30 @@ class e_db_pdo implements e_db
$this->mySQLcurTable = $table;
if ($arg != '' && ($noWhere === false || $noWhere === 'default')) // 'default' for BC.
// e107 v2.2 PDO bind params.
if(!empty($arg) && is_array($noWhere))
{
$query = array(
'PREPARE' => 'SELECT '.$fields.' FROM '.$this->mySQLPrefix.$table.' WHERE '.$arg,
'EXECUTE' => $noWhere
);
if ($this->mySQLresult = $this->db_Query($query, null, 'db_Select', $debug, $log_type, $log_remark))
{
$this->dbError('dbQuery');
return $this->rowCount();
}
else
{
$this->dbError('select() with prepare/execute');
return false;
}
}
if (!empty($arg) && ($noWhere === false || $noWhere === 'default')) // 'default' for BC.
{
if ($this->mySQLresult = $this->db_Query('SELECT '.$fields.' FROM '.$this->mySQLPrefix.$table.' WHERE '.$arg, NULL, 'db_Select', $debug, $log_type, $log_remark))
{