From 4faebb957cf95bea63d7af9f960bc98a67dffe3d Mon Sep 17 00:00:00 2001
From: Sergey Tsalkov <stsalkov@gmail.com>
Date: Fri, 8 Apr 2011 13:56:28 -0400
Subject: [PATCH] add DB::sqleval() -- can be used with insert() and update()
 to inject raw sql stuff like NOW()

---
 db.class.php             | 29 ++++++++++++++++++++++++++---
 simpletest/BasicTest.php | 23 +++++++++++++++++++++++
 2 files changed, 49 insertions(+), 3 deletions(-)

diff --git a/db.class.php b/db.class.php
index d2df7b0..86e326a 100644
--- a/db.class.php
+++ b/db.class.php
@@ -133,7 +133,14 @@ class DB
     $buildquery = "UPDATE " . self::formatTableName($table) . " SET ";
     $keyval = array();
     foreach ($params as $key => $value) {
-      $keyval[] = "`" . $key . "`=" . (is_int($value) ? $value : "'" . DB::escape($value) . "'");
+      if (is_object($value) && ($value instanceof MeekroDBEval)) {
+        $value = $value->text;
+      } else {
+        if (is_array($value)) $value = serialize($value);
+        $value = (is_int($value) ? $value : "'" . DB::escape($value) . "'");
+      }
+      
+      $keyval[] = "`" . $key . "`=" . $value;
     }
     
     $buildquery = "UPDATE " . self::formatTableName($table) . " SET " . implode(', ', $keyval) . " WHERE " . $where;
@@ -146,8 +153,12 @@ class DB
     $keys_str = implode(', ', DB::wrapStr(array_keys($data), '`'));
     
     foreach ($data as &$datum) {
-      if (is_array($datum)) $datum = serialize($datum);
-      $datum = "'" . DB::escape($datum) . "'";
+      if (is_object($datum) && ($datum instanceof MeekroDBEval)) { 
+        $datum = $datum->text;
+      } else {
+        if (is_array($datum)) $datum = serialize($datum);
+        $datum = (is_int($datum) ? $datum : "'" . DB::escape($datum) . "'");
+      }
     }
     $values_str = implode(', ', array_values($data));
     
@@ -164,6 +175,10 @@ class DB
     return DB::insertOrReplace('REPLACE', $table, $data);
   }
   
+  public static function sqleval($text) {
+    return new MeekroDBEval($text);
+  }
+  
   public static function columnList($table) {
     return DB::queryOneColumn('Field', "SHOW COLUMNS FROM $table");
   }
@@ -602,4 +617,12 @@ function meekrodb_debugmode_handler($params) {
   }
 }
 
+class MeekroDBEval {
+  public $text = '';
+  
+  function __construct($text) {
+    $this->text = $text;
+  }
+}
+
 ?>
diff --git a/simpletest/BasicTest.php b/simpletest/BasicTest.php
index cfc1276..c233ace 100644
--- a/simpletest/BasicTest.php
+++ b/simpletest/BasicTest.php
@@ -118,6 +118,29 @@ class BasicTest extends SimpleTest {
     $this->assert(count($results) === 2);
   }
   
+  function test_4_1_query() {
+    DB::insert('accounts', array(
+      'username' => 'newguy',
+      'password' => DB::sqleval("REPEAT('blah', 3)"),
+      'age' => 172,
+      'height' => 111.15
+    ));
+    
+    $row = DB::queryOneRow("SELECT * FROM accounts WHERE password=%s", 'blahblahblah');
+    $this->assert($row['username'] === 'newguy');
+    
+    DB::update('accounts', array(
+      'password' => DB::sqleval("REPEAT('blah', 4)"),
+      ), 'username=%s', 'newguy');
+    
+    $row = null;
+    $row = DB::queryOneRow("SELECT * FROM accounts WHERE username=%s", 'newguy');
+    $this->assert($row['password'] === 'blahblahblahblah');
+    
+    DB::query("DELETE FROM accounts WHERE password=%s", 'blahblahblahblah');
+    $this->assert(DB::affectedRows() === 1);
+  }
+  
   function test_5_error_handler() {
     global $error_callback_worked;