1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
<?php
class db {
protected $db;
public function __construct(){
$this->open();
}
public function open(){
try {
$this->db = new mysqli(DBHOST, DBUSER, DBPASSWORD, DBNAME);
} catch (Exception $e){
failure("<p>".$e->getMessage()."</p>", '500 Server Failure', false, '<h1>Failed to open database connection.</h1>');
}
if ( $this->db->connect_errno ){
failure("<p>Can't connect to the database. MySQL gave this error code: " . $this->db->connect_errno . "</p>", '500 Server Failure', false, '<h1>Connection to MySQL server failed.</h1>');
}
if ( ! $this->db->ping() ){
failure("<p>Can't reach MySQL server. Server says: " . $this->db->error . "</p>", '500 Server Failure', false, "<h1>Can't reach MySQL server!</h1>");
}
if ( ! $this->db->set_charset(DBCHARSET) ){
failure("<p>Can't set " . DBCHARSET . " as the charset on your MySQL server.</p>" , '500 Server Failure', false, "<h1>Setting Charset failed!</h1>");
}
}
public function close(){
$this->db->close();
}
public function check(){
if ( ! $this->db->ping() ){
return false;
}
return true;
}
# does a single MySQL query with output (SELECT, INSERT, UPDATE... )
public function doQuery($string){
if ( ! $this->check() )
return false;
return $this->db->query($string);
}
# does multiple queries WITHOUT output (INSERT, UPDATE, DELETE... )
public function execMultipleQueries($sql){
if ( ! $this->check() )
return false;
$result = $this->db->multi_query($sql);
if ( ! $result )
return false;
do {
if( ! $this->db->more_results() )
break;
if ( ! $this->db->next_result() ){
if ( $this->db->error != "" ){
//$result->free();
return false;
}
}
} while (true);
return true;
}
# code by WordPress. See @link https://core.trac.wordpress.org/browser/branches/4.0/src/wp-includes/wp-db.php#L1154
# syntax like sprintf()
public function prepare( $query, $args ) {
if ( is_null( $query ) )
return;
// This is not meant to be foolproof -- but it will catch obviously incorrect usage.
if ( strpos( $query, '%' ) === false ) {
return false;
}
$args = func_get_args();
array_shift( $args );
// If args were passed as an array (as in vsprintf), move them up
if ( isset( $args[0] ) && is_array($args[0]) )
$args = $args[0];
$query = str_replace( "'%s'", '%s', $query ); // in case someone mistakenly already singlequoted it
$query = str_replace( '"%s"', '%s', $query ); // doublequote unquoting
$query = preg_replace( '|(?<!%)%f|' , '%F', $query ); // Force floats to be locale unaware
$query = preg_replace( '|(?<!%)%s|', "'%s'", $query ); // quote the strings, avoiding escaped strings like %%s
array_walk( $args, array( $this, '_escape_by_ref' ) );
return @vsprintf( $query, $args );
}
private function _escape_by_ref( &$string ){
if ( ! is_float( $string ) )
$string = $this->_real_escape( $string );
}
private function _real_escape( $string ){
return $this->db->real_escape_string($string);
}
# WordPress End
public function createTables(){
$user_table =
'CREATE TABLE IF NOT EXISTS ' . DBPREFIX . 'user
( id INTEGER AUTO_INCREMENT NOT NULL, PRIMARY KEY(id),
name VARCHAR(70), UNIQUE(name),
password VARCHAR(70), UNIQUE(password),
email VARCHAR(70), UNIQUE(email),
register INTEGER
) ENGINE=InnoDB;';
$banned_user_table =
'CREATE TABLE IF NOT EXISTS ' . DBPREFIX . 'banned_user
( banned_id INTEGER AUTO_INCREMENT NOT NULL, PRIMARY KEY(banned_id),
login_attempts INTEGER,
ip TEXT,
session_id TEXT,
time INTEGER,
user INTEGER
)
ENGINE=InnoDB;';
$jg_table =
'CREATE TABLE IF NOT EXISTS ' . DBPREFIX . 'member
( member_id INTEGER AUTO_INCREMENT NOT NULL, PRIMARY KEY(member_id),
name varchar(70), UNIQUE(name),
adresse TEXT,
telefonnummer TEXT,
handynummer TEXT,
email varchar(70), UNIQUE(email),
geburtstag TEXT
)
ENGINE=InnoDB;';
if ( ! $this->execMultipleQueries('BEGIN; '. $user_table . ' ' . $banned_user_table . ' ' . $jg_table . ' COMMIT;') )
failure("<p>There was a problem during bootstrapping the database schema. " . $this->db->error . "</p>", '500 Server Failure', false, "<h1>CREATE TABLE FAILED</h1>");
}
public function __destruct(){
$this->close();
}
}
|
