/** * The mysql connection. * @return resource */ public static function mysql() { if (is_null(self::$mysql)) { global $CP_PASSWD; self::$mysql = new mysqli('localhost', 'handle_bg', $CP_PASSWD, 'handle_625_beeldengeluid'); if (!self::$mysql) { throw new CP_MySQL_Exception(mysqli_connect_error()); } } return self::$mysql; }
// Check if the right prefix is queried if ($CP_PREFIX != '10574') { REST::error(REST::HTTP_NOT_FOUND); } if ($_SERVER['REQUEST_METHOD'] === 'PUT' || $_SERVER['REQUEST_METHOD'] === 'POST') { // If it's a POST request, the PATH_INFO string contains a "template". We must // convert the template in a proper, unique Handle: if ($_SERVER['REQUEST_METHOD'] === 'POST') { // A template is a Handle containing an asterisk '*' character. // The user can set eir own escape character: // $escape = isset($_GET['escape']) ? $_GET['escape'] : '\\'; // if (strlen($escape) !== 1) // REST::fatal(REST::HTTP_BAD_REQUEST, 'Invalid escape character'); // $escape = preg_quote($escape); // We use mysql's UUID function to create a unique string: $result = CP_MySQL::query('SELECT UUID()'); $row = $result->fetch_row(); // remove all non-hexadecimal characters (mysql adds dashes): $uuid = preg_replace('/[^\\da-f]/i', '', $row[0]); $result->free(); // Parse the template and replace the asterisk with the new $uuid: if (!preg_match("/^((?:[^~]|~.)*)\\*((?:[^~]|~.)*)\$/s", $CP_SUFFIX, $matches)) { REST::fatal(REST::HTTP_BAD_REQUEST, 'Invalid Handle template'); } $CP_SUFFIX = preg_replace("/~(.)/", '$1', $matches[1]) . $uuid . preg_replace("/~(.)/", '$1', $matches[2]); } // OK, let's parse the input. We accept form data... if ($_SERVER['CONTENT_TYPE'] === 'application/x-www-form-urlencoded') { if ($_SERVER['REQUEST_METHOD'] === 'PUT') { $data = ''; $input = REST::inputhandle();
EOS ); $statement->bind_param('ss', $key, $value); foreach ($parampairs as $parampair) { list($key, $value) = $parampair; if ($p_mode == 'LIKE') { preg_match_all('/([^~]|~.|~)/s', $value, $matches); $value = implode(preg_replace(array('/%/', '/_/', '/^\\*/', '/^~(.+)/s'), array('\\%', '\\_', '%', '$1'), $matches[0])); } if (!$statement->execute()) { switch (CP_MySQL::mysql()->errno) { case 1139: REST::fatal(REST::HTTP_BAD_REQUEST, CP_MySQL::mysql()->error); break; default: throw new CP_MySQL_Exception(CP_MySQL::mysql()->error, CP_MySQL::mysql()->errno); } } $r_handle = null; $statement->bind_result($r_handle); $r_handles = array(); while ($statement->fetch()) { $r_handles[$r_handle] = 1; } if ($handles === null) { $handles = $r_handles; } else { $handles = array_intersect_key($handles, $r_handles); } } ksort($handles);
/** * @param $handle string * @return bool * @todo optimization by preparsed statements. */ public function delete() { $eschandle = CP_MySQL::escape_string($this->handle); CP_MySQL::real_query(<<<EOS DELETE FROM `handles` WHERE `handle` = {$eschandle}; EOS ); return CP_MySQL::mysql()->affected_rows > 0; }