public function update(Entity $entity) { $tag = "EntityDAO: update()"; Log::notice("{$tag}"); $entity_id = $entity->getId(); if (empty($entity_id)) { Log::error("{$tag}: Entity id is not set"); throw new Exception("Entity id is not set"); } $errs = EntityValidator::validate($entity); if (count($errs) > 0) { Log::error("{$tag}: Entity has validation errors"); throw new Exception("Entity has validation errors"); } $blueprint = $this->blueprint; $timezone_offset = $this->timezone_offset_modify; $query = "UPDATE " . $this->tableName() . " SET "; foreach ($blueprint->fields() as $field) { $key = $field->getKey(); $value = $entity->get($key); $encType = $field->getEncType(); if (!empty($value) || $value == "0") { // Handle encoded fields if (!empty($encType) && $encType != "plain") { // Determine if encoded field value should be replaced // Load the existing entity to compare to the updated entity try { $existingEntity = $this->load($entity_id); $currentEncodedValue = $existingEntity->get("{$key}"); if ($currentEncodedValue == $value) { // Do not update this already encoded value $value = $value; // does nothing Log::debug("{$tag}: Leaving encrypted value for {$key} alone"); } else { $value = hash($encType, $value); Log::debug("{$tag}: Encrypted value for {$key}: {$value}"); } } catch (Exception $e) { Log::error("{$tag}: Exception: " . $e->getMessage()); throw $e; } } switch ($field->getDataType()) { case "int": $query .= "{$key}={$value}"; break; case "decimal": case "date": $query .= "{$key}='{$value}'"; break; case "datetime": case "time": $query .= "{$key}=CONVERT_TZ('{$value}', '{$timezone_offset}', '" . BPTimezone::UTC . "')"; break; case "enum": $query .= "{$key}='{$value}'"; break; case "string": case "text": case "binary": $value = DatabaseSanitizer::sanitize($value); $query .= "{$key}='{$value}'"; break; } } else { $query .= "{$key}=NULL"; } $query .= ", "; } // END: foreach($blueprint->fields() as $field) $query = substr($query, 0, strlen($query) - 2); // remove trailing comma and space (", ") $query .= " WHERE id=" . $entity_id; $sql = new DatabaseUpdate($query, "update"); try { $sql->doUpdate(); return $entity_id; } catch (Exception $e) { Log::error("{$tag}: [" . $sql->err_code . "] " . $sql->err_message); throw $e; } }
public static function session_handler_write($session_id, $session_data) { $tag = "Session::session_handler_write({$session_id})"; Log::debug($tag); try { // For maximum performace, query the database directly (do not use EntityDAO) $session_table_name = substr(BPConfig::$session_blueprint, 0, strpos(BPConfig::$session_blueprint, ".")); $session_field_id = BPConfig::$session_field_id; $session_field_data = BPConfig::$session_field_data; // Prepare session_data //Log::debug("$session_data"); $session_data = DatabaseSanitizer::sanitize($session_data); $session_data = base64_encode($session_data); $query = "SELECT id FROM {$session_table_name} WHERE " . $session_field_id . "='{$session_id}'"; $sql = new DatabaseQuery($query); $sql->doQuery(); if ($sql->get_num_rows() == 0) { // Insert a new session $insert = "INSERT INTO {$session_table_name} ({$session_field_id},{$session_field_data}) " . "VALUES ('" . DatabaseSanitizer::sanitize($session_id) . "','" . $session_data . "')"; $sql = new DatabaseUpdate($insert, "insert"); $sql->doUpdate(); return true; } else { // Update an existing session $update = "UPDATE {$session_table_name} SET {$session_field_data}='" . $session_data . "'" . " WHERE {$session_field_id}='" . DatabaseSanitizer::sanitize($session_id) . "'"; $sql = new DatabaseUpdate($update, "insert"); $sql->doUpdate(); return true; } } catch (Exception $e) { Log::error("{$tag}: Caught: " . $e->getMessage()); return false; } }