/** * @param tablename Optional tablename where record can be inserted. Should have same schema as the main table. */ function _insert(&$record, $tablename = null, $secure = false) { if ($secure && !$record->checkPermission('new')) { // Use security to check to see if we are allowed to delete this // record. return Dataface_Error::permissionDenied(df_translate('scripts.Dataface.IO._insert.PERMISSION_DENIED', 'Could not insert record "' . $record->getTitle() . '" from table "' . $record->_table->tablename . '" because you have insufficient permissions.', array('title' => $record->getTitle(), 'table' => $record->_table->tablename))); } if ($secure) { foreach (array_keys($record->_table->fields()) as $fieldname) { if ($record->valueChanged($fieldname) and !@$record->vetoFields[$fieldname] and !$record->checkPermission('new', array('field' => $fieldname))) { // If this field was changed and the field doesn't have veto power, then // we must subject the change to a security check - the user must havce // edit permission to perform the change. return Dataface_Error::permissionDenied(df_translate('scripts.Dataface.IO._insert.PERMISSION_DENIED_FIELD', 'Could not insert record "' . $record->getTitle() . '" into table "' . $record->_table->tablename . '" because you do not have permission to modify the "' . $fieldname . '" column.', array('title' => $record->getTitle(), 'table' => $record->_table->tablename, 'field' => $fieldname))); } } } if ($tablename === null and $this->_altTablename !== null) { $tablename = $this->_altTablename; } $s =& $this->_table; $delegate =& $s->getDelegate(); if ($this->fireTriggers) { $res = $this->fireBeforeInsert($record); if (PEAR::isError($res)) { return $res; } } $parentIO =& $this->getParentIO(); if (isset($parentIO)) { $parentRecord =& $record->getParentRecord(); $res = $parentIO->write($parentRecord, $parentRecord->snapshotKeys()); if (PEAR::isError($res)) { return $res; } unset($parentRecord); } $qb = new Dataface_QueryBuilder($s->tablename); $sql = $qb->insert($record, $this->tablename($tablename)); if (PEAR::isError($sql)) { //$sql->addUserInfo("Error generating sql for insert in IO::_insert() on line ".__LINE__." of file ".__FILE__); trigger_error(df_translate('scripts.Dataface.IO._insert.ERROR_GENERATING_SQL', "Error generating sql for insert in IO::_insert()") . Dataface_Error::printStackTrace(), E_USER_ERROR); //return $sql; } //$res = mysql_query($sql, $s->db); $res = $this->dbObj->query($sql, $s->db, $this->lang); if (!$res || PEAR::isError($res)) { if (in_array(mysql_errno($this->_table->db), array(MYSQL_ER_DUP_KEY, MYSQL_ER_DUP_ENTRY))) { /* * This is a duplicate entry. We will handle this as an exception rather than an error because * cases may arise in a database application when a duplicate entry will happen and the application * will want to handle it in a graceful way. Eg: If the user is entering a username that is the same * as an existing name. We don't want an ugle FATAL error to be thrown here. Rather we want to * notify the application that it is a duplicate entry. */ return Dataface_Error::duplicateEntry(Dataface_LanguageTool::translate("Failed to insert record because of duplicate entry", "Duplicate entry into table '" . $s->tablename, array('table' => $s->tablename))); } trigger_error(df_translate('scripts.Dataface.IO._insert.ERROR_INSERTING_RECORD', "Error inserting record: ") . (PEAR::isError($res) ? $res->getMessage() : mysql_error(df_db())) . ": SQL: {$sql}" . Dataface_Error::printStackTrace(), E_USER_ERROR); } $id = df_insert_id($s->db); $this->insertIds[$this->_table->tablename] = $id; /* * Now update the record to contain the proper id. */ $autoIncrementField = $s->getAutoIncrementField(); if ($autoIncrementField !== null) { $record->setValue($autoIncrementField, $id); } if ($this->fireTriggers) { $res2 = $this->fireAfterInsert($record); if (PEAR::isError($res2)) { return $res2; } } return true; }
function addExistingRelatedRecord(&$relatedRecord) { $record =& $relatedRecord->_record; $relationshipName =& $relatedRecord->_relationshipName; $values = $relatedRecord->getAbsoluteValues(true); if (!is_a($record, 'Dataface_Record')) { throw new Exception("In Dataface_QueryBuilder::addExistingRelatedRecord() expected first argument to be of type 'Dataface_Record' but received '" . get_class($record) . "'.\n<br>", E_USER_ERROR); } if (!is_array($values)) { throw new Exception("In Dataface_QueryBuilder::addExistingRelatedRecord() expected third argument to be an array but received a scalar.", E_USER_ERROR); } $relationship =& $record->_table->getRelationship($relationshipName); $foreignKeys = $relationship->getForeignKeyValues(); $foreignKeys_withValues = $relatedRecord->getForeignKeyValues(); if (count($this->errors) > 0) { $error = array_pop($this->errors); $error->addUserInfo("Error getting foreign key values for relationship '{$relationship_name}'"); throw new Exception($error->toString()); } $sql = array(); foreach ($foreignKeys as $table => $cols) { $skip = true; foreach ($cols as $field_name => $field_value) { if ($field_value != "__" . $table . "__auto_increment__") { $skip = false; break; } } if ($skip) { continue; } $cols = $foreignKeys_withValues[$table]; if (isset($recordObj)) { unset($recordObj); } $recordObj = new Dataface_Record($table, $cols); $recordVals =& $recordObj->vals(); if (isset($recordVals[$recordObj->_table->getAutoIncrementField()])) { // We don't want the auto-increment field to be inserted - though it may // have a placeholder value. $recordObj->setValue($recordObj->_table->getAutoIncrementField(), null); } $qb = new Dataface_QueryBuilder($table); $sql[$table] = $qb->insert($recordObj); /* $skip = true; // indicator to say whether or not to skip this table // we skip the table if it contains an unresolved autoincrement value foreach ($cols as $field_name=>$field_value){ if ( $field_value != "__".$table."__auto_increment__" ) { $skip = false; break; } } if ( $skip == true ) continue; $cols = $foreignKeys_withValues[$table]; $query = "INSERT INTO `$table`"; $colnames = ""; $colvals = ""; foreach ( $cols as $colname=>$colval){ $colnames .= $colname.','; $colvals .= "'".addslashes($colval)."',"; } $colnames = substr($colnames, 0, strlen($colnames)-1); $colvals = substr($colvals, 0, strlen($colvals)-1); $query .= " ($colnames) VALUES ($colvals)"; $sql[$table] = $query; */ } return $sql; }
function test_query_builder_insert() { $builder = new Dataface_QueryBuilder('Profiles'); // test default update functionality. $s = new Dataface_Record('Profiles', array()); $s->setValues(array('id' => 10, 'fname' => 'John', 'lname' => 'Smith', 'title' => 'President Financial Accounting', 'phone1' => '555-555-5555', 'description' => 'This is a description', 'favtime' => '14:23:56', 'dob' => '1978-12-27', 'datecreated' => '19991224060708', 'lastlogin' => '1978-12-27 14:45:23')); $this->assertEquals($builder->insert($s), "INSERT INTO `Profiles` (`id`,`fname`,`lname`,`title`,`description`,`dob`,`phone1`,`datecreated`,`favtime`,`lastlogin`) VALUES ('10','John','Smith','President Financial Accounting','This is a description','1978-12-27','555-555-5555','19991224060708','14:23:56','1978-12-27 14:45:23')"); }