<?php

// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2011 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list

// This program is free software; you can redistribute it and/or
// modify it under the terms of the  GNU Lesser General Public License
// as published by the Free Software Foundation; version 2

// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.

function postgresql_connect_db($host = null, $db = null, $user = null, $pass = null) {
	global $config;
	
	if ($host === null)
		$host = $config["dbhost"];
	if ($db === null)
		$db = $config["dbname"];
	if ($user === null)
		$user = $config["dbuser"];
	if ($pass === null)
		$pass = $config["dbpass"];
	
	$config['dbconnection'] = pg_connect("host='" . $host . "'" .
		" dbname='" . $db . "'" .
		" user='" . $user . "'" .
		" password='" . $pass . "'");
	
	if (! $config['dbconnection']) {
		include ($config["homedir"]."/general/error_authconfig.php");
		exit;
	}
	
	return $config['dbconnection'];
}

/** 
 * Get the first value of the first row of a table in the database.
 * 
 * @param string Field name to get
 * @param string Table to retrieve the data
 * @param string Field to filter elements
 * @param string Condition the field must have
 *
 * @return mixed Value of first column of the first row. False if there were no row.
 */
function postgresql_get_db_value ($field, $table, $field_search = 1, $condition = 1, $search_history_db = false) {
	if (is_int ($condition)) {
		$sql = sprintf ("SELECT %s FROM %s WHERE %s = %d LIMIT 1",
				$field, $table, $field_search, $condition);
	}
	else if (is_float ($condition) || is_double ($condition)) {
		$sql = sprintf ("SELECT %s FROM %s WHERE %s = %f LIMIT 1",
				$field, $table, $field_search, $condition);
	}
	else {
		$sql = sprintf ("SELECT %s FROM %s WHERE %s = '%s' LIMIT 1",
				$field, $table, $field_search, $condition);
	}
	$result = get_db_all_rows_sql ($sql, $search_history_db);
	
	if ($result === false)
		return false;
	
	if ($field[0] == '`')
		$field = str_replace ('`', '', $field);
		
	if (!isset($result[0][$field])) {
		return reset($result[0]);
	}
	else {
		return $result[0][$field];
	}
}

/** 
 * Get the first row of a database query into a table.
 *
 * The SQL statement executed would be something like:
 * "SELECT (*||$fields) FROM $table WHERE $field_search = $condition"
 *
 * @param string Table to get the row
 * @param string Field to filter elements
 * @param string Condition the field must have.
 * @param mixed Fields to select (array or string or false/empty for *)
 * 
 * @return mixed The first row of a database query or false.
 */
function postgresql_get_db_row ($table, $field_search, $condition, $fields = false) {
	if (empty ($fields)) {
		$fields = '*';
	}
	else {
		if (is_array ($fields))
			$fields = implode (',', $fields);
		else if (! is_string ($fields))
			return false;
	}
	
	if (is_int ($condition)) {
		$sql = sprintf ('SELECT %s FROM "%s" WHERE "%s" = %d LIMIT 1',
			$fields, $table, $field_search, $condition);
	}
	else if (is_float ($condition) || is_double ($condition)) {
		$sql = sprintf ("SELECT %s FROM \"%s\" WHERE \"%s\" = %f LIMIT 1",
			$fields, $table, $field_search, $condition);
	}
	else {
		$sql = sprintf ("SELECT %s FROM \"%s\" WHERE \"%s\" = '%s' LIMIT 1", 
			$fields, $table, $field_search, $condition);
	}
	$result = get_db_all_rows_sql ($sql);
		
	if ($result === false) 
		return false;
	
	return $result[0];
}

function postgresql_get_db_all_rows_sql ($sql, $search_history_db = false, $cache = true) {
	global $config;
	
	$history = array ();
	
	// To disable globally SQL cache depending on global variable.
	// Used in several critical places like Metaconsole trans-server queries
	if (isset($config["dbcache"]))
		$cache = $config["dbcache"];
	
	// Read from the history DB if necessary
	if ($search_history_db) {
		$cache = false;
		$history = false;
		
		if (isset($config['history_db_connection']))
			$history = postgresql_process_sql ($sql, 'affected_rows', $config['history_db_connection'], false);
			
		if ($history === false) {
			$history = array ();
		}
	}
	
	$return = postgresql_process_sql ($sql, 'affected_rows', $config['dbconnection'], $cache);
	if ($return === false) {
		return false;
	}

	// Append result to the history DB data
	if (! empty ($return)) {
		foreach ($return as $row) {
			array_push ($history, $row);
		}
	}

	if (! empty ($history))
		return $history;
	//Return false, check with === or !==
	return false;
}

function postgresql_insert_id($dbconnection = '') {
	global $config;
	
	if ($dbconnection !== '') {
		$insert_query = pg_query($dbconnection, "SELECT lastval();");
		$insert_id = pg_fetch_row($insert_query);
		$result = $insert_id[0];
	}
	else {
		$insert_query = pg_query($config['dbconnection'], "SELECT lastval();");
		$insert_id = pg_fetch_row($insert_query);
		$result = $insert_id[0];
	}
	
	return $result;
}

function postgresql_process_sql($sql, $rettype = "affected_rows", $dbconnection = '', $cache = true) {
	global $config;
	global $sql_cache;
	
	$retval = array();
	
	if ($sql == '')
		return false;
		
	if ($cache && ! empty ($sql_cache[$sql])) {
		$retval = $sql_cache[$sql];
		$sql_cache['saved']++;
		add_database_debug_trace ($sql);
	}
	else {
		$start = microtime (true);
		if ($dbconnection !== '') {
			pg_send_query($dbconnection, $sql);
			$result = pg_get_result($dbconnection);
		}
		else {
			pg_send_query($config['dbconnection'], $sql);
			$result = pg_get_result($config['dbconnection']);
		}
		$time = microtime (true) - $start;
		if ($result === false) {
			$backtrace = debug_backtrace ();
			$error = sprintf ('%s (\'%s\') in <strong>%s</strong> on line %d',
				pg_result_error($result), $sql, $backtrace[0]['file'], $backtrace[0]['line']);
			add_database_debug_trace ($sql, pg_result_error($result));
			set_error_handler ('sql_error_handler');
			trigger_error ($error);
			restore_error_handler ();
			
			return false;
		}
		else {
			$status = pg_result_status($result);
			$rows = pg_affected_rows($result);
			
			if ($status !== 2) { //The query NOT IS a select
				if ($rettype == "insert_id") {
					$result = postgresql_insert_id($dbconnection);
				}
				elseif ($rettype == "info") {
					$result = pg_result_status($result, PGSQL_STATUS_STRING);
				}
				else {
					$rows = pg_affected_rows($result);
					$result = $rows;
				}
				add_database_debug_trace ($sql, $result, $rows,
						array ('time' => $time));
						
				return $result;	
			}
			else { //The query IS a select.
				add_database_debug_trace ($sql, 0, $rows, array ('time' => $time));
				while ($row = pg_fetch_assoc($result)) {
					array_push ($retval, $row);
				}
	
				if ($cache === true)
					$sql_cache[$sql] = $retval;
				pg_free_result ($result);
			}
		}
	}
	
	if (! empty ($retval)) {
		return $retval;
	}
	
	//Return false, check with === or !==
	return false;
}

/**
 * Get all the rows in a table of the database.
 * 
 * @param string Database table name.
 * @param string Field to order by.
 * @param string $order The type of order, by default 'ASC'.
 *
 * @return mixed A matrix with all the values in the table
 */
function postgresql_get_db_all_rows_in_table($table, $order_field = "", $order = 'ASC') {
	if ($order_field != "") {
		return get_db_all_rows_sql ('SELECT * FROM "'.$table.'" ORDER BY "'.$order_field . ' ' . $order);
	}
	else {	
		return get_db_all_rows_sql ('SELECT * FROM "'.$table.'"');
	}
}

/**
 * Inserts strings into database
 *
 * The number of values should be the same or a positive integer multiple as the number of rows
 * If you have an associate array (eg. array ("row1" => "value1")) you can use this function with ($table, array_keys ($array), $array) in it's options
 * All arrays and values should have been cleaned before passing. It's not neccessary to add quotes.
 *
 * @param string Table to insert into
 * @param mixed A single value or array of values to insert (can be a multiple amount of rows)
 *
 * @return mixed False in case of error or invalid values passed. Affected rows otherwise
 */
function postgresql_process_sql_insert($table, $values) {
	 //Empty rows or values not processed
	if (empty ($values))
		return false;
	
	$values = (array) $values;
		
	$query = sprintf ('INSERT INTO "%s" ', $table);
	$fields = array ();
	$values_str = '';
	$i = 1;
	$max = count ($values);
	foreach ($values as $field => $value) {
		//Add the correct escaping to values
		if ($field[0] != '"') {
			$field = '"' . $field . '"';
		}
		
		array_push ($fields, $field);
		
		if (is_null ($value)) {
			$values_str .= "NULL";
		}
		elseif (is_int ($value) || is_bool ($value)) {
			$values_str .= sprintf("%d", $value);
		}
		else if (is_float ($value) || is_double ($value)) {
			$values_str .= sprintf("%f", $value);
		}
		else {
			$values_str .= sprintf("'%s'", $value);
		}
		
		if ($i < $max) {
			$values_str .= ",";
		}
		$i++;
	}
	
	$query .= '(' . implode(', ', $fields) . ')';
	
	$query .= ' VALUES (' . $values_str . ')';
	
	return process_sql($query, 'insert_id');
}

/**
 * 
 * Escape string to set it properly to use in sql queries
 * 
 * @param string String to be cleaned.
 * 
 * @return string String cleaned.
 */
function postgresql_escape_string_sql($string) {
	$str = pg_escape_string($string);

	return $str;
}

/**
 * Get the first value of the first row of a table in the database from an
 * array with filter conditions.
 *
 * Example:
 <code>
 get_db_value_filter ('name', 'talert_templates',
 array ('value' => 2, 'type' => 'equal'));
 // Equivalent to:
 // SELECT name FROM talert_templates WHERE value = 2 AND type = 'equal' LIMIT 1

 get_db_value_filter ('description', 'talert_templates',
 array ('name' => 'My alert', 'type' => 'regex'), 'OR');
 // Equivalent to:
 // SELECT description FROM talert_templates WHERE name = 'My alert' OR type = 'equal' LIMIT 1
 </code>
 *
 * @param string Field name to get
 * @param string Table to retrieve the data
 * @param array Conditions to filter the element. See format_array_to_where_clause_sql()
 * for the format
 * @param string Join operator for the elements in the filter.
 *
 * @return mixed Value of first column of the first row. False if there were no row.
 */
function postgresql_get_db_value_filter ($field, $table, $filter, $where_join = 'AND') {
	if (! is_array ($filter) || empty ($filter))
		return false;

	/* Avoid limit and offset if given */
	unset ($filter['limit']);
	unset ($filter['offset']);

	$sql = sprintf ("SELECT \"%s\" FROM \"%s\" WHERE %s LIMIT 1",
		$field, $table,
		format_array_to_where_clause_sql ($filter, $where_join));
	
	$result = get_db_all_rows_sql ($sql); debugPrint($sql);

	if ($result === false)
		return false;
	
	debugPrint($field);

	$fieldClean = str_replace('`', '', $field);

	return $result[0][$fieldClean];
}

/**
 * Formats an array of values into a SQL where clause string.
 *
 * This function is useful to generate a WHERE clause for a SQL sentence from
 * a list of values. Example code:
 <code>
 $values = array ();
 $values['name'] = "Name";
 $values['description'] = "Long description";
 $values['limit'] = $config['block_size']; // Assume it's 20
 $sql = 'SELECT * FROM table WHERE '.format_array_to_where_clause_sql ($values);
 echo $sql;
 </code>
 * Will return:
 * <code>
 * SELECT * FROM table WHERE `name` = "Name" AND `description` = "Long description" LIMIT 20
 * </code>
 *
 * @param array Values to be formatted in an array indexed by the field name.
 * There are special parameters such as 'limit' and 'offset' that will be used
 * as ORDER, LIMIT and OFFSET clauses respectively. Since LIMIT and OFFSET are
 * numerics, ORDER can receive a field name or a SQL function and a the ASC or
 * DESC clause. Examples:
 <code>
 $values = array ();
 $values['value'] = 10;
 $sql = 'SELECT * FROM table WHERE '.format_array_to_where_clause_sql ($values);
 // SELECT * FROM table WHERE VALUE = 10

 $values = array ();
 $values['value'] = 10;
 $values['order'] = 'name DESC';
 $sql = 'SELECT * FROM table WHERE '.format_array_to_where_clause_sql ($values);
 // SELECT * FROM table WHERE VALUE = 10 ORDER BY name DESC

 </code>
 * @param string Join operator. AND by default.
 * @param string A prefix to be added to the string. It's useful when limit and
 * offset could be given to avoid this cases:
 <code>
 $values = array ();
 $values['limit'] = 10;
 $values['offset'] = 20;
 $sql = 'SELECT * FROM table WHERE '.format_array_to_where_clause_sql ($values);
 // Wrong SQL: SELECT * FROM table WHERE LIMIT 10 OFFSET 20

 $values = array ();
 $values['limit'] = 10;
 $values['offset'] = 20;
 $sql = 'SELECT * FROM table WHERE '.format_array_to_where_clause_sql ($values, 'AND', 'WHERE');
 // Good SQL: SELECT * FROM table LIMIT 10 OFFSET 20

 $values = array ();
 $values['value'] = 5;
 $values['limit'] = 10;
 $values['offset'] = 20;
 $sql = 'SELECT * FROM table WHERE '.format_array_to_where_clause_sql ($values, 'AND', 'WHERE');
 // Good SQL: SELECT * FROM table WHERE value = 5 LIMIT 10 OFFSET 20
 </code>
 *
 * @return string Values joined into an SQL string that can fits into the WHERE
 * clause of an SQL sentence.
 */
function postgresql_format_array_to_where_clause_sql ($values, $join = 'AND', $prefix = false) {

	$fields = array ();

	if (! is_array ($values)) {
		return '';
	}

	$query = '';
	$limit = '';
	$offset = '';
	$order = '';
	$group = '';
	if (isset ($values['limit'])) {
		$limit = sprintf (' LIMIT %d', $values['limit']);
		unset ($values['limit']);
	}

	if (isset ($values['offset'])) {
		$offset = sprintf (' OFFSET %d', $values['offset']);
		unset ($values['offset']);
	}

	if (isset ($values['order'])) {
		if (is_array($values['order'])) {
			if (!isset($values['order']['order'])) {
				$orderTexts = array();
				foreach ($values['order'] as $orderItem) {
					$orderTexts[] = $orderItem['field'] . ' ' . $orderItem['order'];
				}
				$order = ' ORDER BY ' . implode(', ', $orderTexts);
			}
			else {
				$order = sprintf (' ORDER BY %s %s', $values['order']['field'], $values['order']['order']);
			}
		}
		else {
			$order = sprintf (' ORDER BY %s', $values['order']);
		}
		unset ($values['order']);
	}

	if (isset ($values['group'])) {
		$group = sprintf (' GROUP BY %s', $values['group']);
		unset ($values['group']);
	}

	$i = 1;
	$max = count ($values);
	foreach ($values as $field => $value) {
		if (is_numeric ($field)) {
			/* User provide the exact operation to do */
			$query .= $value;
				
			if ($i < $max) {
				$query .= ' '.$join.' ';
			}
			$i++;
			continue;
		}

		if ($field[0] != "\"") {
			$field = "\"".$field."\"";
		}

		if (is_null ($value)) {
			$query .= sprintf ("%s IS NULL", $field);
		}
		elseif (is_int ($value) || is_bool ($value)) {
			$query .= sprintf ("%s = %d", $field, $value);
		}
		else if (is_float ($value) || is_double ($value)) {
			$query .= sprintf ("%s = %f", $field, $value);
		}
		elseif (is_array ($value)) {
			$query .= sprintf ("%s IN ('%s')", $field, implode ("', '", $value));
		}
		else {
			if ($value[0] == ">"){
				$value = substr($value,1,strlen($value)-1);
				$query .= sprintf ("%s > '%s'", $field, $value);
			}
			else if ($value[0] == "<"){
				if ($value[1] == ">"){
					$value = substr($value,2,strlen($value)-2);
					$query .= sprintf ("%s <> '%s'", $field, $value);
				}
				else {
					$value = substr($value,1,strlen($value)-1);
					$query .= sprintf ("%s < '%s'", $field, $value);
				}
			}
			else if ($value[0] == '%') {
				$query .= sprintf ("%s LIKE '%s'", $field, $value);
			}
			else {
				$query .= sprintf ("%s = '%s'", $field, $value);
			}
		}

		if ($i < $max) {
			$query .= ' '.$join.' ';
		}
		$i++;
	}

	return (! empty ($query) ? $prefix: '').$query.$group.$order.$limit.$offset;
}

/**
 * Get the first value of the first row of a table result from query.
 *
 * @param string SQL select statement to execute.
 *
 * @return the first value of the first row of a table result from query.
 *
 */
function postgresql_get_db_value_sql($sql) {	
	$sql .= " LIMIT 1";
	$result = get_db_all_rows_sql ($sql);

	if($result === false)
		return false;

	foreach ($result[0] as $f)
		return $f;
}

/**
 * Get the first row of an SQL database query.
 *
 * @param string SQL select statement to execute.
 *
 * @return mixed The first row of the result or false
 */
function postgresql_get_db_row_sql ($sql, $search_history_db = false) {
	$sql .= " LIMIT 1";
	$result = get_db_all_rows_sql ($sql, $search_history_db);

	if($result === false)
		return false;

	return $result[0];
}

/**
 * Get the row of a table in the database using a complex filter.
 *
 * @param string Table to retrieve the data (warning: not cleaned)
 * @param mixed Filters elements. It can be an indexed array
 * (keys would be the field name and value the expected value, and would be
 * joined with an AND operator) or a string, including any SQL clause (without
 * the WHERE keyword). Example:
 <code>
 Both are similars:
 get_db_row_filter ('table', array ('disabled', 0));
 get_db_row_filter ('table', 'disabled = 0');

 Both are similars:
 get_db_row_filter ('table', array ('disabled' => 0, 'history_data' => 0), 'name, description', 'OR');
 get_db_row_filter ('table', 'disabled = 0 OR history_data = 0', 'name, description');
 get_db_row_filter ('table', array ('disabled' => 0, 'history_data' => 0), array ('name', 'description'), 'OR');
 </code>
 * @param mixed Fields of the table to retrieve. Can be an array or a coma
 * separated string. All fields are retrieved by default
 * @param string Condition to join the filters (AND, OR).
 *
 * @return mixed Array of the row or false in case of error.
 */
function postgresql_get_db_row_filter ($table, $filter, $fields = false, $where_join = 'AND') {
	if (empty ($fields)) {
		$fields = '*';
	}
	else {
		if (is_array ($fields))
		$fields = implode (',', $fields);
		else if (! is_string ($fields))
		return false;
	}

	if (is_array ($filter))
		$filter = format_array_to_where_clause_sql ($filter, $where_join, ' WHERE ');
	else if (is_string ($filter))
		$filter = 'WHERE '.$filter;
	else
		$filter = '';
	
	$sql = sprintf ('SELECT %s FROM %s %s', $fields, $table, $filter);

	return get_db_row_sql ($sql);
}

/**
 * Get all the rows of a table in the database that matches a filter.
 *
 * @param string Table to retrieve the data (warning: not cleaned)
 * @param mixed Filters elements. It can be an indexed array
 * (keys would be the field name and value the expected value, and would be
 * joined with an AND operator) or a string, including any SQL clause (without
 * the WHERE keyword). Example:
 * <code>
 * Both are similars:
 * get_db_all_rows_filter ('table', array ('disabled', 0));
 * get_db_all_rows_filter ('table', 'disabled = 0');
 *
 * Both are similars:
 * get_db_all_rows_filter ('table', array ('disabled' => 0, 'history_data' => 0), 'name', 'OR');
 * get_db_all_rows_filter ('table', 'disabled = 0 OR history_data = 0', 'name');
 * </code>
 * @param mixed Fields of the table to retrieve. Can be an array or a coma
 * separated string. All fields are retrieved by default
 * @param string Condition of the filter (AND, OR).
 * @param bool $returnSQL Return a string with SQL instead the data, by default false.
 *
 * @return mixed Array of the row or false in case of error.
 */
function postgresql_get_db_all_rows_filter ($table, $filter = array(), $fields = false, $where_join = 'AND', $search_history_db = false, $returnSQL = false) {
	//TODO: Validate and clean fields
	if (empty($fields)) {
		$fields = '*';
	}
	elseif (is_array($fields)) {
		$fields = '"' . implode('" , "', $fields) . '"';
	}
	elseif (!is_string($fields)) {
		return false;
	}

	//TODO: Validate and clean filter options
	if (is_array ($filter)) {
		$filter = format_array_to_where_clause_sql ($filter, $where_join, ' WHERE ');
	}
	elseif (is_string ($filter)) {
		$filter = 'WHERE '.$filter;
	}
	else {
		$filter = '';
	}

	$sql = sprintf ('SELECT %s FROM "%s" %s', $fields, $table, $filter);
	
	if ($returnSQL)
		return $sql;
	else
		return get_db_all_rows_sql ($sql, $search_history_db);
}

/**
 * Return the count of rows of query.
 *
 * @param $sql
 * @return integer The count of rows of query.
 */
function postgresql_get_db_num_rows ($sql) {
	$result = pg_query($sql);

	return pg_num_rows($result);
}

/**
 * Get all the rows in a table of the databes filtering from a field.
 *
 * @param string Database table name.
 * @param string Field of the table.
 * @param string Condition the field must have to be selected.
 * @param string Field to order by.
 *
 * @return mixed A matrix with all the values in the table that matches the condition in the field or false
 */
function postgresql_get_db_all_rows_field_filter ($table, $field, $condition, $order_field = "") {
	if (is_int ($condition) || is_bool ($condition)) {
		$sql = sprintf ("SELECT * FROM \"%s\" WHERE \"%s\" = %d", $table, $field, $condition);
	}
	else if (is_float ($condition) || is_double ($condition)) {
		$sql = sprintf ("SELECT * FROM \"%s\" WHERE \"%s\" = %f", $table, $field, $condition);
	}
	else {
		$sql = sprintf ("SELECT * FROM \"%s\" WHERE \"%s\" = '%s'", $table, $field, $condition);
	}

	if ($order_field != "")
		$sql .= sprintf (" ORDER BY %s", $order_field);

	return get_db_all_rows_sql ($sql);
}

/**
 * Get all the rows in a table of the databes filtering from a field.
 *
 * @param string Database table name.
 * @param string Field of the table.
 *
 * @return mixed A matrix with all the values in the table that matches the condition in the field
 */
function postgresql_get_db_all_fields_in_table ($table, $field = '', $condition = '', $order_field = '') {
	$sql = sprintf ("SELECT * FROM \"%s\"", $table);
	
	if ($condition != '') {
		$sql .= sprintf (" WHERE \"%s\" = '%s'", $field, $condition);
	}

	if ($order_field != "")
		$sql .= sprintf (" ORDER BY \"%s\"", $order_field);

	return get_db_all_rows_sql ($sql);
}
?>