rlkollman/meekrodb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

modify WhereClause to hold off on evaluating parameters

Browse Source 
preparseQueryParams will now receive full WhereClause object and evaluate there
This commit is contained in:
Sergey Tsalkov
2013-06-02 15:46:46 -07:00
parent 1d61a11098
commit 65ec35c591
1 changed files with 45 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
db.class.php
View File

@@ -372,7 +372,7 @@ class MeekroDB {
return $result; return $result;
} }
public function preparseQueryParams() { protected function preparseQueryParams() {
$args = func_get_args(); $args = func_get_args();
$sql = trim(strval(array_shift($args))); $sql = trim(strval(array_shift($args)));
$args_all = $args; $args_all = $args;
@@ -446,7 +446,16 @@ class MeekroDB {
} }
if ($new_pos > 0) $chunkyQuery[] = substr($sql, 0, $new_pos); if ($new_pos > 0) $chunkyQuery[] = substr($sql, 0, $new_pos);
$chunkyQuery[] = array('type' => $type, 'value' => $arg);
if (is_object($arg) && ($arg instanceof WhereClause)) {
list($clause_sql, $clause_args) = $arg->textAndArgs();
array_unshift($clause_args, $clause_sql);
$preparsed_sql = call_user_func_array(array($this, 'preparseQueryParams'), $clause_args);
$chunkyQuery = array_merge($chunkyQuery, $preparsed_sql);
} else {
$chunkyQuery[] = array('type' => $type, 'value' => $arg);
}
$sql = substr($sql, $new_pos_back + $arg_number_length); $sql = substr($sql, $new_pos_back + $arg_number_length);
$pos_adj -= $new_pos_back + $arg_number_length; $pos_adj -= $new_pos_back + $arg_number_length;
} }
@@ -456,9 +465,9 @@ class MeekroDB {
return $chunkyQuery; return $chunkyQuery;
} }
public function escape($str) { return "'" . $this->get()->real_escape_string(strval($str)) . "'"; } protected function escape($str) { return "'" . $this->get()->real_escape_string(strval($str)) . "'"; }
public function sanitize($value) { protected function sanitize($value) {
if (is_object($value) && ($value instanceof MeekroDBEval)) return $value->text; if (is_object($value) && ($value instanceof MeekroDBEval)) return $value->text;
else if (is_null($value)) return 'NULL'; else if (is_null($value)) return 'NULL';
else if (is_bool($value)) return ($value ? 1 : 0); else if (is_bool($value)) return ($value ? 1 : 0);
@@ -482,7 +491,7 @@ class MeekroDB {
else return $this->escape($value); else return $this->escape($value);
} }
public function parseQueryParams() { protected function parseQueryParams() {
$args = func_get_args(); $args = func_get_args();
$chunkyQuery = call_user_func_array(array($this, 'preparseQueryParams'), $args); $chunkyQuery = call_user_func_array(array($this, 'preparseQueryParams'), $args);
@@ -736,27 +745,21 @@ class WhereClause {
public $type = 'and'; //AND or OR public $type = 'and'; //AND or OR
public $negate = false; public $negate = false;
public $clauses = array(); public $clauses = array();
public $mdb = null;
function __construct($type, $mdb=null) { function __construct($type) {
$type = strtolower($type); $type = strtolower($type);
if ($type != 'or' && $type != 'and') DB::nonSQLError('you must use either WhereClause(and) or WhereClause(or)'); if ($type !== 'or' && $type !== 'and') DB::nonSQLError('you must use either WhereClause(and) or WhereClause(or)');
$this->type = $type; $this->type = $type;
if ($mdb === null) $this->mdb = DB::getMDB();
else if ($mdb instanceof MeekroDB) $this->mdb = $mdb;
else DB::nonSQLError('the second argument to new WhereClause() must be an instance of class MeekroDB');
} }
function add() { function add() {
$args = func_get_args(); $args = func_get_args();
if ($args[0] instanceof WhereClause) { $sql = array_shift($args);
$this->clauses[] = $args[0];
return $args[0]; if ($sql instanceof WhereClause) {
$this->clauses[] = $sql;
} else { } else {
$r = call_user_func_array(array($this->mdb, 'parseQueryParams'), $args); $this->clauses[] = array('sql' => $sql, 'args' => $args);
$this->clauses[] = $r;
return $r;
} }
} }
@@ -767,7 +770,7 @@ class WhereClause {
if ($this->clauses[$i] instanceof WhereClause) { if ($this->clauses[$i] instanceof WhereClause) {
$this->clauses[$i]->negate(); $this->clauses[$i]->negate();
} else { } else {
$this->clauses[$i] = 'NOT (' . $this->clauses[$i] . ')'; $this->clauses[$i]['sql'] = 'NOT (' . $this->clauses[$i]['sql'] . ')';
} }
} }
@@ -785,23 +788,36 @@ class WhereClause {
return count($this->clauses); return count($this->clauses);
} }
function text() { function textAndArgs() {
if (count($this->clauses) == 0) return '(1)'; $sql = '';
$args = array();
$A = array(); if (count($this->clauses) == 0) return array('(1)', $args);
$sql = array();
foreach ($this->clauses as $clause) { foreach ($this->clauses as $clause) {
if ($clause instanceof WhereClause) $clause = $clause->text(); if ($clause instanceof WhereClause) {
$A[] = '(' . $clause . ')'; list($clause_sql, $clause_args) = $clause->textAndArgs();
} else {
$clause_sql = $clause['sql'];
$clause_args = $clause['args'];
}
$sql[] = "($clause_sql)";
$args = array_merge($args, $clause_args);
} }
$A = array_unique($A); $sql = array_unique($sql);
if ($this->type == 'and') $A = implode(' AND ', $A); if ($this->type == 'and') $sql = implode(' AND ', $sql);
else $A = implode(' OR ', $A); else $sql = implode(' OR ', $sql);
if ($this->negate) $A = '(NOT ' . $A . ')'; if ($this->negate) $sql = '(NOT ' . $sql . ')';
return $A; return array($sql, $args);
} }
// backwards compatability
// we now return full WhereClause object here and evaluate it in preparseQueryParams
function text() { return $this; }
function __toString() { return $this->text(); } function __toString() { return $this->text(); }
} }