tyzoid
/
Flyers-Elections
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen mit entweder einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
7 Commits
5 Branches
Struktur: 8c8db649bf
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „8c8db649bf“
${ noResults }
Flyers-Elections/web/inc/db.php

db.php 6.2KB
Originalformat Blame Verlauf

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248 
  1. <?php

  2. class MysqlDb {

  3. 	private $mysql;

  4. 

  5. 	private function __construct() {}

  6. 

  7. 	public static function Connect($hostname, $username, $password, $database){

  8. 		$handler = new MysqlDb();

  9. 

  10. 		mysqli_report(MYSQLI_REPORT_OFF);

  11. 		$handler->mysql = mysqli_connect($hostname, $username, $password);

  12. 		if(!$handler->mysql) return false;

  13. 

  14. 		mysqli_select_db($handler->mysql, $database);

  15. 		if (mysqli_error($handler->mysql))

  16. 			return false;

  17. 

  18. 		return $handler;

  19. 	}

  20. 

  21. 	public function sanitize($text){

  22. 		return mysqli_real_escape_string($this->mysql, $text);

  23. 	}

  24. 

  25. 	public function query($query){

  26. 		try {

  27. 			return mysqli_query($this->mysql, $query);

  28. 		} catch (Throwable $err) {

  29. 			return false;

  30. 		}

  31. 	}

  32. 

  33. 	public function insert($table, $fields, $values_assoc, $ignore = false) {

  34. 		$field_list = implode(",", $fields);

  35. 		$values_arr = [];

  36. 		foreach ($values_assoc as $value) {

  37. 			$value_arr = [];

  38. 			foreach ($value as $v) {

  39. 				if ($this->verifyInteger($v))

  40. 					$value_arr[] = $v;

  41. 				else if ($v === "NULL")

  42. 					$value_arr[] = "NULL";

  43. 				else

  44. 					$value_arr[] = "\"{$this->sanitize($v)}\"";

  45. 			}

  46. 

  47. 			$values_arr[] = "(" . implode(',', $value_arr) . ")";

  48. 		}

  49. 		

  50. 		$values_list = implode(',', $values_arr);

  51. 

  52. 		$ignore_str = '';

  53. 		if ($ignore)

  54. 			$ignore_str = 'IGNORE';

  55. 

  56. 		return $this->query("INSERT $ignore_str INTO $table ($field_list) VALUES $values_list");

  57. 	}

  58. 

  59. 	public function exec_multi($query){

  60. 		try {

  61. 			$res = mysqli_multi_query($this->mysql, $query);

  62. 			do {

  63. 				if ($err = $this->getError())

  64. 					return false;

  65. 			} while (mysqli_next_result($this->mysqli) || $this->getError());

  66. 			return true;

  67. 		} catch (Throwable $err) {

  68. 			return false;

  69. 		}

  70. 	}

  71. 

  72. 	public function fetchRow($query){

  73. 		$result = $this->query($query);

  74. 		if($result === false || $result === true) die(mysqli_error($this->mysql));//return $result;

  75. 

  76. 		return mysqli_fetch_assoc($result);

  77. 	}

  78. 

  79. 	public function fetchAssoc($query){

  80. 		$result = $this->query($query);

  81. 		if($result === false || $result === true) die(mysqli_error($this->mysql));//return $result;

  82. 

  83. 		$data = array();

  84. 		while($row = mysqli_fetch_assoc($result)){

  85. 			$data[] = $row;

  86. 		}

  87. 

  88. 		return $data;

  89. 	}

  90. 

  91. 	public function getError() {

  92. 		return mysqli_error($this->mysql);

  93. 	}

  94. 

  95. 	//public function lastInsertId(){

  96. 	//	return mysqli_insert_id($this->mysql);

  97. 	//}

  98. 

  99. 	//public function getAffectedRows() {

  100. 	//	return mysqli_affected_rows($this->mysql);

  101. 	//}

  102. 

  103. 	public function verifyInteger($input, $minimum = 1){

  104. 		/*

  105. 		 * Pretty hacky solution.

  106. 		 *

  107. 		 * First checks if the integer cast of the input is equal to itself.

  108. 		 *     This filters out decimals, alternate bases, and exponents.

  109. 		 * Then checks if the input is numeric, which filters out other strings that slip by the first check.

  110. 		 *     This guarantees that it's in a numeric format, which combined with the first filter, should guarantee that it is an integer

  111. 		 */

  112. 		return (((int) $input == $input) && is_numeric($input) && (($minimum === false) || (int) $input >= $minimum));

  113. 	}

  114. 

  115. 	// Always returns a key of length 40. TODO: Add arbitrary length

  116. 	public function randomKey(){

  117. 		//Cryptographically Secure Key

  118. 		if(function_exists('openssl_random_pseudo_bytes')) return base64_encode(openssl_random_pseudo_bytes(30));

  119. 

  120. 

  121. 		//Fallback (Not cryptographically secure)

  122. 		$str = "";

  123. 		for($i=0; $i<30; $i++){

  124. 			$str .= chr(mt_rand(0,255));

  125. 		}

  126. 

  127. 		return base64_encode($str);

  128. 	}

  129. }

  130. 

  131. class SqliteDb {

  132. 	private $sqlite;

  133. 

  134. 	private function __construct() {}

  135. 

  136. 	public static function Connect(){

  137. 		$handler = new SqliteDb();

  138. 		$handler->sqlite = new Sqlite3(BASE . "/inc/config/sqlite3.db");

  139. 		$handler->sqlite->exec('PRAGMA foreign_keys = ON');

  140. 

  141. 		return $handler;

  142. 	}

  143. 

  144. 	public function sanitize($text){

  145. 		return SQLite3::escapeString($text);

  146. 	}

  147. 

  148. 	public function query($query){

  149. 		try {

  150. 			return $this->sqlite->query($query);

  151. 		} catch (Throwable $err) {

  152. 			return false;

  153. 		}

  154. 	}

  155. 

  156. 	public function insert($table, $fields, $values_assoc, $ignore = false) {

  157. 		$field_list = implode(",", $fields);

  158. 		$values_arr = [];

  159. 		foreach ($values_assoc as $value) {

  160. 			$value_arr = [];

  161. 			foreach ($value as $v) {

  162. 				if ($this->verifyInteger($v))

  163. 					$value_arr[] = $v;

  164. 				else if ($v === "NULL")

  165. 					$value_arr[] = "NULL";

  166. 				else

  167. 					$value_arr[] = "\"{$this->sanitize($v)}\"";

  168. 			}

  169. 

  170. 			$values_arr[] = "(" . implode(',', $value_arr) . ")";

  171. 		}

  172. 		

  173. 		$values_list = implode(',', $values_arr);

  174. 

  175. 		$ignore_str = '';

  176. 		if ($ignore)

  177. 			$ignore_str = 'OR IGNORE';

  178. 

  179. 		return $this->query("INSERT $ignore_str INTO $table ($field_list) VALUES $values_list");

  180. 	}

  181. 

  182. 	public function exec_multi($query){

  183. 		try {

  184. 			return $this->sqlite->exec($query);

  185. 		} catch (Throwable $err) {

  186. 			return false;

  187. 		}

  188. 	}

  189. 

  190. 	public function fetchRow($query){

  191. 		$result = $this->query($query);

  192. 		if ($result === false || $result === true)

  193. 			return $result;

  194. 

  195. 		return $result->fetchArray();

  196. 	}

  197. 

  198. 	public function fetchAssoc($query){

  199. 		$result = $this->query($query);

  200. 		if($result === false || $result === true) die($this->getError());//return $result;

  201. 

  202. 		$data = array();

  203. 		while($row = $result->fetchArray()){

  204. 			$data[] = $row;

  205. 		}

  206. 

  207. 		return $data;

  208. 	}

  209. 

  210. 	public function getError() {

  211. 		return $this->sqlite->lastErrorCode() === 0 ? "" : $this->sqlite->lastErrorMsg();

  212. 	}

  213. 

  214. 	//public function lastInsertId(){

  215. 	//	return mysqli_insert_id($this->mysql);

  216. 	//}

  217. 

  218. 	//public function getAffectedRows() {

  219. 	//	return mysqli_affected_rows($this->mysql);

  220. 	//}

  221. 

  222. 	public function verifyInteger($input, $minimum = 1){

  223. 		/*

  224. 		 * Pretty hacky solution.

  225. 		 *

  226. 		 * First checks if the integer cast of the input is equal to itself.

  227. 		 *     This filters out decimals, alternate bases, and exponents.

  228. 		 * Then checks if the input is numeric, which filters out other strings that slip by the first check.

  229. 		 *     This guarantees that it's in a numeric format, which combined with the first filter, should guarantee that it is an integer

  230. 		 */

  231. 		return (((int) $input == $input) && is_numeric($input) && (($minimum === false) || (int) $input >= $minimum));

  232. 	}

  233. 

  234. 	// Always returns a key of length 40. TODO: Add arbitrary length

  235. 	public function randomKey(){

  236. 		//Cryptographically Secure Key

  237. 		if(function_exists('openssl_random_pseudo_bytes')) return base64_encode(openssl_random_pseudo_bytes(30));

  238. 

  239. 

  240. 		//Fallback (Not cryptographically secure)

  241. 		$str = "";

  242. 		for($i=0; $i<30; $i++){

  243. 			$str .= chr(mt_rand(0,255));

  244. 		}

  245. 

  246. 		return base64_encode($str);

  247. 	}

  248. }