public static function insert($SQL = null, $params = array()) { $start = microtime(true) - self::$inited; $SQL = str_replace("{PREFIX}", self::$db_prefix, $SQL); $SQL = str_replace("{PFX}", self::$prefix, $SQL); $stmt = self::$db_conn->prepare($SQL); if (\Routerunner\Common::isAssoc($params)) { $parameters = array(); // bind valid params foreach ($params as $bind => $param) { if (strpos($SQL, $bind) !== false) { $parameters[$bind] = $param; } } } else { $parameters = $params; } $return = null; // return null if execution fails $stmt_result = $stmt->execute($parameters); if ($stmt_result) { // execute & fetch the last inserted id $return = self::$db_conn->lastInsertId(); if ($return == false) { $return = true; } } else { $log = new \Routerunner\Log(); $log->write($stmt->errorInfo(), 8); //exc::soft(null, $stmt->errorInfo(), array("SQL"=>$SQL, "params"=>$params)); } $end = microtime(true) - self::$inited; if (self::$log) { fwrite(self::$log, $start . "\t" . $end . "\t" . $SQL . PHP_EOL); fwrite(self::$detail, $start . "\t" . $end . PHP_EOL . "SQL:" . $SQL . PHP_EOL . "params:" . print_r($params, true) . PHP_EOL . "return:" . print_r($return, true) . PHP_EOL); } return $return; }
public static function submit($forms, &$errors = array(), &$return_SQL = false, &$return_params = false, &$values = array()) { if (!is_array($forms)) { $forms = array($forms); } foreach ($forms as $frm_name => $form) { $flashed = \Routerunner\Routerunner::$slim->flash($form->path . DIRECTORY_SEPARATOR . $form->formname); $params = \Routerunner\Bootstrap::$params; $halt = false; if (isset($flashed, $flashed['fields'])) { // check form fields $fields = $flashed['fields']; $form_fields = array_keys($form->fields); if (($_routerunner_form_id_index = array_search($form->id_field, $form_fields)) && ($_routerunner_form_nonce_index = array_search('_routerunner_form_nonce', $form_fields))) { unset($form_fields[$_routerunner_form_id_index], $form_fields[$_routerunner_form_nonce_index]); } if (\Routerunner\Common::arrDiff($fields, $form_fields)) { // exception $halt = true; } unset($flashed['fields']); // check form params /* if (\Routerunner\Common::arrDiff($flashed, $form->params)) { // exception $halt = true; } */ $form->params = $flashed; } else { $errors[] = 'Form not exists or the page has been refreshed!'; } $fid = false; if (!empty($form->fields[$form->id_field]['value'])) { $fid = $form->fields[$form->id_field]['value']; } if ($fid && !empty($form->fields['_routerunner_form_nonce']['value'])) { if (!isset($_SESSION['nonce-' . $fid]) || !\Routerunner\Crypt::checker($form->fields['_routerunner_form_nonce']['value'], $_SESSION['nonce-' . $fid])) { $errors[] = 'Error in form submit or data has been sent already!'; $halt = true; } } if (!$halt) { unset($form->fields[$form->id_field]); unset($form->fields['_routerunner_form_nonce']); unset($_SESSION['nonce-' . $fid]); } $succeed = false; if (!$halt) { $error_row = isset($form->params['error_format']) ? $form->params['error_format'] : '<p class="err">%s</p>' . PHP_EOL; $succeed = true; $submit_params = array(); if (isset($form->unset) && is_array($form->unset)) { foreach ($form->unset as $field) { if (isset($form->fields[$field], $form->fields[$field]["value"])) { $values[$field] = $form->fields[$field]["value"]; } elseif (isset($form->fields[$field])) { $values[$field] = $form->fields[$field]["value"]; } unset($form->fields[$field]); } } if (isset($form->set) && is_array($form->set)) { foreach ($form->set as $field => $value) { $values[$field] = $value; $form->fields[$field] = array("field" => $field, "value" => $value); } } foreach ($form->fields as $field => $field_param) { $field_succeed = true; $values[$field] = null; if (!isset($params[$field]) && isset($field_param['value'])) { $params[$field] = $field_param['value']; } $regexps = isset($field_param['regexp']) ? $field_param['regexp'] : false; if ($regexps && !is_array($regexps)) { $regexps = array($regexps); } elseif (!$regexps) { $regexps = array(); } if (!isset($params[$field]) || !$params[$field]) { if (isset($field_param['default_on_fail'], $field_param['default']) && $field_param['default_on_fail']) { $params[$field] = $field_param['default']; } elseif (isset($field_param['errormsg'])) { $errors[$field] = sprintf($error_row, $field_param['errormsg']); if (isset($field_param['mandatory']) && $field_param['mandatory']["value"] === true) { if (isset($field_param['mandatory']['msg']) && !isset($errors[$field])) { $errors[$field] = sprintf($error_row, $field_param['mandatory']['msg']); } $field_succeed = false; $regexps = array(); } } elseif (isset($field_param['mandatory']) && $field_param['mandatory']["value"] === true) { if (isset($field_param['mandatory']['msg']) && !isset($errors[$field])) { $errors[$field] = sprintf($error_row, $field_param['mandatory']['msg']); } $field_succeed = false; $regexps = array(); } } foreach ($regexps as $regexp) { $isOk = false; if (is_array($regexp["value"])) { foreach ($regexp["value"] as $regexp_key => $regexp_value) { $pattern = "~" . trim($regexp_value, "/~ ") . "~"; if (isset($regexp['options'])) { $pattern .= is_array($regexp["options"]) && isset($regexp["options"][$regexp_key]) ? $regexp["options"][$regexp_key] : $regexp["options"]; } if (preg_match($pattern, $params[$field])) { $isOk = true; } } } else { $pattern = "~" . trim($regexp["value"], "~/ ") . "~"; if (isset($regexp['options'])) { $pattern .= $regexp['options']; } $isOk = preg_match($pattern, $params[$field]); } if (isset($params[$field]) && !$isOk) { if (isset($regexp['msg']) && !isset($errors[$field])) { $errors[$field] = sprintf($error_row, $regexp['msg']); } $field_succeed = false; } } if ($field_succeed) { if (isset($params[$field]) && isset($field_param["field"])) { if (isset($field_param['function']) && function_exists($field_param['function'])) { $fn = $field_param['function']; $submit_params[$field] = $fn($params[$field]); } else { $submit_params[$field] = $params[$field]; } $values[$field] = $submit_params[$field]; } } else { $succeed = false; } } } if ($succeed) { $method = isset($form->params['xmethod']) ? $form->params['xmethod'] : $form->params['method']; if (isset($form->params[$method . '_sql'])) { $sql = $form->params[$method . '_sql']; if (preg_match('/\\:[a-z0-9]+/im', $sql)) { // named parameters array_walk($sql_params, function ($value, &$key) { if (substr($key, 0, 1) != ':') { $key = ':' . $key; } }); } } else { $from = isset($form->params['from']) ? $form->params['from'] : $form->class; $from = \Routerunner\Common::dbField($from); $sql_params = array(); if ($method === 'post') { $sql = 'INSERT INTO ' . $from . ' ('; $fields = array(); foreach ($submit_params as $field => $submit_value) { $field_param = $form->fields[$field]; if (isset($params[$field]) && (!isset($field_param['fixed']) || $field_param['fixed'] !== true) && (!isset($field_param['field']) || $field_param['field'] !== false)) { $_field = isset($field_param['field']) ? $field_param['field'] : $field; $fields[] = \Routerunner\Common::dbField($_field); $param_key = \Routerunner\Common::dbField($_field, ':', '', '.', '` .', '.'); $sql_params[$param_key] = $submit_value; /* if (isset($submit_params[$field])) { $sql_params[$param_key] = $submit_params[$field]; } else { $sql_params[$param_key] = $params[$field]; } */ } } $sql .= implode(', ', $fields) . ') VALUES (' . implode(', ', array_keys($sql_params)) . ')'; } elseif ($method == 'put') { $sql = 'UPDATE ' . $from . ' SET '; $fields = array(); foreach ($submit_params as $field => $submit_value) { $field_param = $form->fields[$field]; if (isset($params[$field]) && (!isset($field_param['fixed']) || $field_param['fixed'] !== true) && (!isset($field_param['field']) || $field_param['field'] !== false)) { $_field = isset($field_param['field']) ? $field_param['field'] : $field; $row = \Routerunner\Common::dbField($_field) . ' = '; $param_key = \Routerunner\Common::dbField($_field, ':', '', '.', '` .', '.'); $row .= $param_key; $sql_params[$param_key] = $submit_value; /* if (isset($submit_params[$field])) { $sql_params[$param_key] = $submit_params[$field]; } else { $sql_params[$param_key] = $params[$field]; } */ $fields[] = $row; } } $sql .= implode(', ', $fields) . ' WHERE '; if (isset($form->params['condition'])) { $conditions = $form->params['condition']; while ($condition = array_shift($conditions)) { if (!is_array($condition)) { $condition = array($condition); } $add_condition = true; if (isset($condition[1]) && is_array($condition[1])) { foreach ($condition[1] as $condition_field => $condition_value) { if (isset($form->fields[$condition_value]['value'])) { $sql_params[$condition_field] = $form->fields[$condition_value]['value']; } else { $add_condition = false; } } } elseif (isset($condition[1])) { $sql_params[] = $condition[1]; } else { $add_condition = false; } if ($add_condition) { $sql .= $condition[0]; if (count($conditions) && isset($condition[2])) { $sql .= ' ' . $condition[2] . ' '; } } } } else { // exception } } elseif ($method == 'delete') { $sql = 'DELETE FROM ' . $from . ' WHERE '; if (isset($form->params['condition'])) { $conditions = $form->params['condition']; while ($condition = array_shift($conditions)) { if (!is_array($condition)) { $condition = array($condition); } $add_condition = true; if (isset($condition[1]) && is_array($condition[1])) { foreach ($condition[1] as $condition_field => $condition_value) { if (isset($form->fields[$condition_value]['value'])) { $sql_params[$condition_field] = $form->fields[$condition_value]['value']; } else { $add_condition = false; } } } elseif (isset($condition[1])) { $sql_params[] = $condition[1]; } else { $add_condition = false; } if ($add_condition) { $sql .= $condition[0]; if (count($conditions) && isset($condition[2])) { $sql .= ' ' . $condition[2] . ' '; } } } } elseif (isset($submit_params) && $submit_params) { $fields = array(); foreach ($submit_params as $field => $submit_value) { $field_param = $form->fields[$field]; if (isset($params[$field]) && (!isset($field_param['fixed']) || $field_param['fixed'] !== true) && (!isset($field_param['field']) || $field_param['field'] !== false)) { $_field = isset($field_param['field']) ? $field_param['field'] : $field; $row = \Routerunner\Common::dbField($_field) . ' = '; $param_key = \Routerunner\Common::dbField($_field, ':', '', '.', '` .', '.'); $row .= $param_key; $sql_params[$param_key] = $submit_value; /* if (isset($submit_params[$field])) { $sql_params[$param_key] = $submit_params[$field]; } else { $sql_params[$param_key] = $params[$field]; } */ $fields[] = $row; } } $sql .= implode(' AND ', $fields); } else { // exception } } } if ($return_SQL || $return_params) { $return_SQL = $sql; $return_params = $sql_params; } else { \Routerunner\Db::begin_transaction(); if ($method === 'post') { $succeed = \Routerunner\Db::insert($sql, $sql_params); } else { \Routerunner\Db::query($sql, $sql_params); } \Routerunner\Db::commit(); } } } return $succeed; }
private static function load_breadcrumb() { $root = \Routerunner\Routerunner::$static->config("root"); $second_root = \Routerunner\Routerunner::$static->config("second_root"); if (!self::$bootstrap && (isset($root) || isset($second_root))) { $class = strpos($root, DIRECTORY_SEPARATOR) !== false ? substr($root, strrpos($root, DIRECTORY_SEPARATOR) + 1) : $root; $second_class = $second_root && strpos($second_root, DIRECTORY_SEPARATOR) !== false ? substr($second_root, strrpos($second_root, DIRECTORY_SEPARATOR) + 1) : $second_root; $suffix = strpos($root, DIRECTORY_SEPARATOR) !== false ? substr($root, 0, strrpos($root, DIRECTORY_SEPARATOR) + 1) : ''; $second_suffix = \Routerunner\Routerunner::$static->config("second_suffix"); if (!$second_suffix) { $second_suffix = strpos($second_root, DIRECTORY_SEPARATOR) !== false ? substr($second_root, 0, strrpos($second_root, DIRECTORY_SEPARATOR) + 1) : ''; } if (\Routerunner\Common::inc('bootstrap', $class . '.bootstrap', false, false, true, $suffix)) { $ns_class = '\\' . $class . '\\bootstrap'; self::$bootstrap = new $ns_class(); } elseif (\Routerunner\Common::inc('bootstrap', $second_class . '.bootstrap', false, false, true, $second_suffix)) { $ns_class = '\\' . $second_class . '\\bootstrap'; self::$bootstrap = new $ns_class(); } if (!self::$bootstrap) { $class = 'default'; if (\Routerunner\Common::inc('bootstrap', $class . '.bootstrap', false, false, true, $suffix)) { $ns_class = '\\' . $class . '\\bootstrap'; self::$bootstrap = new $ns_class(); } } } }