tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2011-03-01 Miguel de Dios <miguel.dedios@artica.es> 

* include/db/postgresql.php, include/db/mysql.php, include/functions_db.php:
	separate the function "format_array_to_update_sql", "process_sql_update",
	"process_sql_delete" into the two version for MySQL and PostgreSQL engine.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4037 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
mdtrooper 2011-03-01 15:11:08 +00:00
parent 6c2489b4c7
commit e3a2d38033
4 changed files with 331 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pandora_console/ChangeLog
View File

@ -1,3 +1,9 @@
2011-03-01 Miguel de Dios <miguel.dedios@artica.es>
* include/db/postgresql.php, include/db/mysql.php, include/functions_db.php:
separate the function "format_array_to_update_sql", "process_sql_update",
"process_sql_delete" into the two version for MySQL and PostgreSQL engine.
2011-03-01 Miguel de Dios <miguel.dedios@artica.es>
* include/db/postgresql.php, include/db/mysql.php, include/functions_db.php:

149
pandora_console/include/db/mysql.php
View File

@ -746,4 +746,153 @@ function mysql_get_db_all_fields_in_table ($table, $field = '', $condition = '',
return get_db_all_rows_sql ($sql);
}
/**
* Formats an array of values into a SQL string.
*
* This function is useful to generate an UPDATE SQL sentence from a list of
* values. Example code:
*
* <code>
* $values = array ();
* $values['name'] = "Name";
* $values['description'] = "Long description";
* $sql = 'UPDATE table SET '.format_array_to_update_sql ($values).' WHERE id=1';
* echo $sql;
* </code>
* Will return:
* <code>
* UPDATE table SET `name` = "Name", `description` = "Long description" WHERE id=1
* </code>
*
* @param array Values to be formatted in an array indexed by the field name.
*
* @return string Values joined into an SQL string that can fits into an UPDATE
* sentence.
*/
function mysql_format_array_to_update_sql ($values) {
$fields = array ();
foreach ($values as $field => $value) {
if (is_numeric ($field)) {
array_push ($fields, $value);
continue;
}
else if ($field[0] == "`") {
$field = str_replace('`', '', $field);
}
if ($value === NULL) {
$sql = sprintf ("`%s` = NULL", $field);
}
elseif (is_int ($value) || is_bool ($value)) {
$sql = sprintf ("`%s` = %d", $field, $value);
}
elseif (is_float ($value) || is_double ($value)) {
$sql = sprintf ("`%s` = %f", $field, $value);
}
else {
/* String */
if (isset ($value[0]) && $value[0] == '`')
/* Don't round with quotes if it references a field */
$sql = sprintf ("`%s` = %s", $field, $value);
else
$sql = sprintf ("`%s` = '%s'", $field, $value);
}
array_push ($fields, $sql);
}
return implode (", ", $fields);
}
/**
* Updates a database record.
*
* All values should be cleaned before passing. Quoting isn't necessary.
* Examples:
*
* <code>
* process_sql_update ('table', array ('field' => 1), array ('id' => $id));
* process_sql_update ('table', array ('field' => 1), array ('id' => $id, 'name' => $name));
* process_sql_update ('table', array ('field' => 1), array ('id' => $id, 'name' => $name), 'OR');
* process_sql_update ('table', array ('field' => 2), 'id in (1, 2, 3) OR id > 10');
* </code>
*
* @param string Table to insert into
* @param array An associative array of values to update
* @param mixed An associative array of field and value matches. Will be joined
* with operator specified by $where_join. A custom string can also be provided.
* If nothing is provided, the update will affect all rows.
* @param string When a $where parameter is given, this will work as the glue
* between the fields. "AND" operator will be use by default. Other values might
* be "OR", "AND NOT", "XOR"
*
* @return mixed False in case of error or invalid values passed. Affected rows otherwise
*/
function mysql_process_sql_update($table, $values, $where = false, $where_join = 'AND') {
$query = sprintf ("UPDATE `%s` SET %s",
$table,
format_array_to_update_sql ($values));
if ($where) {
if (is_string ($where)) {
// No clean, the caller should make sure all input is clean, this is a raw function
$query .= " WHERE " . $where;
}
else if (is_array ($where)) {
$query .= format_array_to_where_clause_sql ($where, $where_join, ' WHERE ');
}
}
return process_sql ($query);
}
/**
* Delete database records.
*
* All values should be cleaned before passing. Quoting isn't necessary.
* Examples:
*
* <code>
* process_sql_delete ('table', array ('id' => 1));
* // DELETE FROM table WHERE id = 1
* process_sql_delete ('table', array ('id' => 1, 'name' => 'example'));
* // DELETE FROM table WHERE id = 1 AND name = 'example'
* process_sql_delete ('table', array ('id' => 1, 'name' => 'example'), 'OR');
* // DELETE FROM table WHERE id = 1 OR name = 'example'
* process_sql_delete ('table', 'id in (1, 2, 3) OR id > 10');
* // DELETE FROM table WHERE id in (1, 2, 3) OR id > 10
* </code>
*
* @param string Table to insert into
* @param array An associative array of values to update
* @param mixed An associative array of field and value matches. Will be joined
* with operator specified by $where_join. A custom string can also be provided.
* If nothing is provided, the update will affect all rows.
* @param string When a $where parameter is given, this will work as the glue
* between the fields. "AND" operator will be use by default. Other values might
* be "OR", "AND NOT", "XOR"
*
* @return mixed False in case of error or invalid values passed. Affected rows otherwise
*/
function mysql_process_sql_delete($table, $where, $where_join = 'AND') {
if (empty ($where))
/* Should avoid any mistake that lead to deleting all data */
return false;
$query = sprintf ("DELETE FROM `%s` WHERE ", $table);
if ($where) {
if (is_string ($where)) {
/* FIXME: Should we clean the string for sanity?
Who cares if this is deleting data... */
$query .= $where;
}
else if (is_array ($where)) {
$query .= format_array_to_where_clause_sql ($where, $where_join);
}
}
return process_sql ($query);
}
?>

149
pandora_console/include/db/postgresql.php
View File

@ -765,4 +765,153 @@ function postgresql_get_db_all_fields_in_table ($table, $field = '', $condition
return get_db_all_rows_sql ($sql);
}
/**
* Formats an array of values into a SQL string.
*
* This function is useful to generate an UPDATE SQL sentence from a list of
* values. Example code:
*
* <code>
* $values = array ();
* $values['name'] = "Name";
* $values['description'] = "Long description";
* $sql = 'UPDATE table SET '.format_array_to_update_sql ($values).' WHERE id=1';
* echo $sql;
* </code>
* Will return:
* <code>
* UPDATE table SET `name` = "Name", `description` = "Long description" WHERE id=1
* </code>
*
* @param array Values to be formatted in an array indexed by the field name.
*
* @return string Values joined into an SQL string that can fits into an UPDATE
* sentence.
*/
function postgresql_format_array_to_update_sql ($values) {
$fields = array ();
foreach ($values as $field => $value) {
if (is_numeric($field)) {
array_push ($fields, $value);
continue;
}
else if ($field[0] == "`") {
$field = str_replace('`', '', $field);
}
if ($value === NULL) {
$sql = sprintf ("\"%s\" = NULL", $field);
}
elseif (is_int ($value) || is_bool ($value)) {
$sql = sprintf ("\"%s\" = %d", $field, $value);
}
elseif (is_float ($value) || is_double ($value)) {
$sql = sprintf ("\"%s\" = %f", $field, $value);
}
else {
/* String */
if (isset ($value[0]) && $value[0] == '`')
/* Don't round with quotes if it references a field */
$sql = sprintf ("\"%s\" = %s", $field, $value);
else
$sql = sprintf ("\"%s\" = '%s'", $field, $value);
}
array_push ($fields, $sql);
}
return implode (", ", $fields);
}
/**
* Updates a database record.
*
* All values should be cleaned before passing. Quoting isn't necessary.
* Examples:
*
* <code>
* process_sql_update ('table', array ('field' => 1), array ('id' => $id));
* process_sql_update ('table', array ('field' => 1), array ('id' => $id, 'name' => $name));
* process_sql_update ('table', array ('field' => 1), array ('id' => $id, 'name' => $name), 'OR');
* process_sql_update ('table', array ('field' => 2), 'id in (1, 2, 3) OR id > 10');
* </code>
*
* @param string Table to insert into
* @param array An associative array of values to update
* @param mixed An associative array of field and value matches. Will be joined
* with operator specified by $where_join. A custom string can also be provided.
* If nothing is provided, the update will affect all rows.
* @param string When a $where parameter is given, this will work as the glue
* between the fields. "AND" operator will be use by default. Other values might
* be "OR", "AND NOT", "XOR"
*
* @return mixed False in case of error or invalid values passed. Affected rows otherwise
*/
function postgresql_process_sql_update($table, $values, $where = false, $where_join = 'AND') {
$query = sprintf ("UPDATE \"%s\" SET %s",
$table,
format_array_to_update_sql ($values));
if ($where) {
if (is_string ($where)) {
// No clean, the caller should make sure all input is clean, this is a raw function
$query .= " WHERE " . $where;
}
else if (is_array ($where)) {
$query .= format_array_to_where_clause_sql ($where, $where_join, ' WHERE ');
}
}
return process_sql ($query);
}
/**
* Delete database records.
*
* All values should be cleaned before passing. Quoting isn't necessary.
* Examples:
*
* <code>
* process_sql_delete ('table', array ('id' => 1));
* // DELETE FROM table WHERE id = 1
* process_sql_delete ('table', array ('id' => 1, 'name' => 'example'));
* // DELETE FROM table WHERE id = 1 AND name = 'example'
* process_sql_delete ('table', array ('id' => 1, 'name' => 'example'), 'OR');
* // DELETE FROM table WHERE id = 1 OR name = 'example'
* process_sql_delete ('table', 'id in (1, 2, 3) OR id > 10');
* // DELETE FROM table WHERE id in (1, 2, 3) OR id > 10
* </code>
*
* @param string Table to insert into
* @param array An associative array of values to update
* @param mixed An associative array of field and value matches. Will be joined
* with operator specified by $where_join. A custom string can also be provided.
* If nothing is provided, the update will affect all rows.
* @param string When a $where parameter is given, this will work as the glue
* between the fields. "AND" operator will be use by default. Other values might
* be "OR", "AND NOT", "XOR"
*
* @return mixed False in case of error or invalid values passed. Affected rows otherwise
*/
function postgresql_process_sql_delete($table, $where, $where_join = 'AND') {
if (empty ($where))
/* Should avoid any mistake that lead to deleting all data */
return false;
$query = sprintf ("DELETE FROM \"%s\" WHERE ", $table);
if ($where) {
if (is_string ($where)) {
/* FIXME: Should we clean the string for sanity?
Who cares if this is deleting data... */
$query .= $where;
}
else if (is_array ($where)) {
$query .= format_array_to_where_clause_sql ($where, $where_join);
}
}
return process_sql ($query);
}
?>

89
pandora_console/include/functions_db.php
View File

@ -2495,39 +2495,17 @@ function get_db_all_fields_in_table($table, $field = '', $condition = '', $order
* @return string Values joined into an SQL string that can fits into an UPDATE
* sentence.
*/
function format_array_to_update_sql ($values) {
$fields = array ();
function format_array_to_update_sql($values) {
global $config;
foreach ($values as $field => $value) {
if (is_numeric ($field)) {
array_push ($fields, $value);
continue;
}
else if ($field[0] == "`") {
$field = str_replace('`', '', $field);
}
if ($value === NULL) {
$sql = sprintf ("`%s` = NULL", $field);
}
elseif (is_int ($value) || is_bool ($value)) {
$sql = sprintf ("`%s` = %d", $field, $value);
}
elseif (is_float ($value) || is_double ($value)) {
$sql = sprintf ("`%s` = %f", $field, $value);
}
else {
/* String */
if (isset ($value[0]) && $value[0] == '`')
/* Don't round with quotes if it references a field */
$sql = sprintf ("`%s` = %s", $field, $value);
else
$sql = sprintf ("`%s` = '%s'", $field, $value);
}
array_push ($fields, $sql);
switch ($config["dbtype"]) {
case "mysql":
return mysql_format_array_to_update_sql($values);
break;
case "postgresql":
return postgresql_format_array_to_update_sql($values);
break;
}
return implode (", ", $fields);
}
/**
@ -3270,22 +3248,17 @@ function process_sql_insert ($table, $values) {
*
* @return mixed False in case of error or invalid values passed. Affected rows otherwise
*/
function process_sql_update ($table, $values, $where = false, $where_join = 'AND') {
$query = sprintf ("UPDATE `%s` SET %s",
$table,
format_array_to_update_sql ($values));
function process_sql_update($table, $values, $where = false, $where_join = 'AND') {
global $config;
if ($where) {
if (is_string ($where)) {
// No clean, the caller should make sure all input is clean, this is a raw function
$query .= " WHERE ".$where;
}
else if (is_array ($where)) {
$query .= format_array_to_where_clause_sql ($where, $where_join, ' WHERE ');
}
switch ($config["dbtype"]) {
case "mysql":
return mysql_process_sql_update($table, $values, $where, $where_join);
break;
case "postgresql":
return postgresql_process_sql_update($table, $values, $where, $where_join);
break;
}
return process_sql ($query);
}
/**
@ -3316,25 +3289,17 @@ function process_sql_update ($table, $values, $where = false, $where_join = 'AND
*
* @return mixed False in case of error or invalid values passed. Affected rows otherwise
*/
function process_sql_delete ($table, $where, $where_join = 'AND') {
if (empty ($where))
/* Should avoid any mistake that lead to deleting all data */
return false;
function process_sql_delete($table, $where, $where_join = 'AND') {
global $config;
$query = sprintf ("DELETE FROM `%s` WHERE ", $table);
if ($where) {
if (is_string ($where)) {
/* FIXME: Should we clean the string for sanity?
Who cares if this is deleting data... */
$query .= $where;
}
else if (is_array ($where)) {
$query .= format_array_to_where_clause_sql ($where, $where_join);
}
switch ($config["dbtype"]) {
case "mysql":
return mysql_process_sql_delete($table, $where, $where_join);
break;
case "postgresql":
return postgresql_process_sql_delete($table, $where, $where_join);
break;
}
return process_sql ($query);
}
/**