/**
* Get the error description from the last query
*
* @return string
*/
protected function _lastError()
{
$error = '';
if ($this->connection) {
$error = $this->connection->errorInfo();
}
return $error;
}
/**
* 直接查询Sql
*
* @param String $SQL
* @return Mix
*/
function query($sql)
{
if (!$this->conn) {
$this->connect();
}
if (strtolower(substr(ltrim($sql), 0, 5)) == 'alter') {
$queryparts = preg_split("/[\\s]+/", $sql, 4, PREG_SPLIT_NO_EMPTY);
$tablename = $queryparts[2];
$alterdefs = $queryparts[3];
$result = $this->alterTable($tablename, $alterdefs);
} else {
if ($this->type == "SQLite2") {
$result = sqlite_query($sql, $this->conn);
} else {
$result = $this->conn->query($sql);
}
}
if (!$result) {
if ($this->type == "SQLite2") {
$this->lasterr = sqlite_last_error($this->conn);
$this->lasterrcode = sqlite_error_string($this->lasterr);
} elseif ($this->type == "SQLite3") {
$this->lasterr = $this->conn->lastErrorCode();
$this->lasterrcode = $this->conn->lastErrorMsg();
} elseif ($this->type == 'PDO') {
$this->lasterr = $this->conn->errorCode();
$this->lasterrcode = implode(',', $this->conn->errorInfo());
}
if ($this->_transflag) {
$this->_transErrors[]['sql'] = $sql;
$this->_transErrors[]['errcode'] = $this->lasterrcode;
$this->_transErrors[]['err'] = $this->lasterr;
} else {
exit('SQL:' . $sql . ' ERROR_INFO:' . $this->lasterrcode . ',' . $this->lasterr);
return false;
}
} else {
$this->query_num++;
$this->lastResult = $result;
return $result;
}
}
/**
* 执行一个查询,返回一个 resource 或者 boolean 值
*
* @param string $sql
* @param array $inputarr
* @param boolean $throw 指示查询出错时是否抛出异常
* @return resource |boolean
*/
function execute($sql, $inputarr = null, $throw = true)
{
if (substr($sql, 0, 11) == "INSERT INTO") {
// 删除SQL中的指定的表,SQLITE不支持在插入中语句有表名在前面
$len1 = strpos($sql, '(');
$len2 = strpos($sql, ')');
$len3 = strpos($sql, 'VALUES');
$temp = array();
if ($len2 < $len3) {
$temp[] = substr($sql, 0, $len1);
$temp[] = substr($sql, $len1, $len2 - $len1);
$temp[] = substr($sql, $len2);
$temp[1] = eregi_replace("[a-z_0-9]+\\.", "", $temp[1]);
$sql = implode($temp);
}
}
if (is_array($inputarr)) {
$sql = $this->_prepareSql($sql, $inputarr);
}
if ($this->enableLog) {
$this->log[] = $sql;
log_message("sql:\n{$sql}", 'debug');
}
$result = $this->conn->query($sql);
if ($result !== false) {
$this->lasterr = null;
$this->lasterrcode = null;
return $result;
}
$this->lasterrcode = $this->conn->errorCode();
$this->lasterr = $this->conn->errorInfo();
if (!$throw) {
return false;
}
FLEA::loadClass('FLEA_Db_Exception_SqlQuery');
__THROW(new FLEA_Db_Exception_SqlQuery($sql, $this->lasterr[2], $this->lasterrcode));
return false;
}
/**
* Get a code from the sqlite database for ip address/captchaId.
*
* @return string|array Empty string if no code was found or has expired,
* otherwise returns the stored captcha code. If a captchaId is set, this
* returns an array with indices "code" and "code_disp"
*/
protected function getCodeFromDatabase()
{
$code = '';
if ($this->use_database == true && $this->pdo_conn) {
if (Securimage::$_captchaId !== null) {
$query = "SELECT * FROM {$this->database_table} WHERE id = ?";
$stmt = $this->pdo_conn->prepare($query);
$result = $stmt->execute(array(Securimage::$_captchaId));
} else {
$ip = $_SERVER['REMOTE_ADDR'];
$ns = $this->namespace;
// ip is stored in id column when no captchaId
$query = "SELECT * FROM {$this->database_table} WHERE id = ? AND namespace = ?";
$stmt = $this->pdo_conn->prepare($query);
$result = $stmt->execute(array($ip, $ns));
}
if (!$result) {
$err = $this->pdo_conn->errorInfo();
trigger_error("Failed to select code from database. {$err[0]}: {$err[1]}", E_USER_WARNING);
} else {
if (($row = $stmt->fetch()) !== false) {
if (false == $this->isCodeExpired($row['created'])) {
if (Securimage::$_captchaId !== null) {
// return an array when using captchaId
$code = array('code' => $row['code'], 'code_disp' => $row['code_display']);
} else {
$code = $row['code'];
}
}
}
}
}
return $code;
}
/**
* Returns the text of the error message from previous MySQL operation
*
* @return bool Returns the error text from the last MySQL function,
* or '' (the empty string) if no error occurred.
* @deprecated since version 2.6.0 - alpha 3. Switch to doctrine connector.
*/
public function error()
{
$this->deprecated();
return $this->conn->errorInfo();
}
/**
* Tell the database to execute the query
*/
function Execute()
{
global $c;
if (!isset($this->connection)) {
_awl_connect_configured_database();
$this->connection = $GLOBALS['_awl_dbconn'];
}
if (isset($c->expand_pdo_parameters) && $c->expand_pdo_parameters) {
$this->bound_querystring = $this->querystring;
if (isset($this->bound_parameters)) {
$this->bound_querystring = $this->connection->ReplaceParameters($this->querystring, $this->bound_parameters);
// printf( "\n=============================================================== OQ\n%s\n", $this->querystring);
// printf( "\n=============================================================== QQ\n%s\n", $this->bound_querystring);
// print_r( $this->bound_parameters );
}
$t1 = microtime(true);
// get start time
$this->sth = $this->connection->query($this->bound_querystring);
} else {
$t1 = microtime(true);
// get start time
$this->sth = $this->connection->prepare($this->querystring);
if ($this->sth) {
$this->sth->execute($this->bound_parameters);
}
// printf( "\n=============================================================== OQ\n%s\n", $this->querystring);
// print_r( $this->bound_parameters );
}
$this->bound_querystring = null;
if (!$this->sth) {
$this->error_info = $this->connection->errorInfo();
return false;
}
$this->rows = $this->sth->rowCount();
$i_took = microtime(true) - $t1;
$c->total_query_time += $i_took;
$this->execution_time = sprintf("%2.06lf", $i_took);
$this->error_info = null;
return true;
}
