/** * Function zQuery * All DB Transactions take place * * @param String $sql SQL Query Statment * @param array $params SQL Parameters * @param boolean $log Logging True / False * @param boolean $error Error Display True / False * @return type */ public function zQuery($sql, $params = '', $log = TRUE, $error = TRUE) { $return = false; $result = false; try { $statement = $this->adapter->query($sql); $return = $statement->execute($params); $result = true; } catch (\Zend\Db\Adapter\ExceptionInterface $e) { if ($error) { $this->errorHandler($e, $sql, $params); } } catch (\Exception $e) { if ($error) { $this->errorHandler($e, $sql, $params); } } /** * Function auditSQLEvent * Logging Mechanism * * using OpenEMR log function (auditSQLEvent) * Path /library/log.inc * Logging, if the $log is true */ if ($log) { auditSQLEvent($sql, $result, $params); } return $return; }
/** * Execute SQL * * @param sql SQL statement to execute, or possibly an array holding prepared statement ($sql[0] will hold sql text) * @param [inputarr] holds the input data to bind to. Null elements will be set to null. * @return RecordSet or false */ function &Execute($sql, $inputarr = false) { include_once dirname(__FILE__) . "/../log.inc"; if ($this->fnExecute) { $fn = $this->fnExecute; $ret =& $fn($this, $sql, $inputarr); if (isset($ret)) { return $ret; } } if ($inputarr && is_array($inputarr)) { $element0 = reset($inputarr); # is_object check is because oci8 descriptors can be passed in $array_2d = is_array($element0) && !is_object(reset($element0)); if (!is_array($sql) && !$this->_bindInputArray) { $sqlarr = explode('?', $sql); if (!$array_2d) { $inputarr = array($inputarr); } foreach ($inputarr as $arr) { $sql = ''; $i = 0; foreach ($arr as $v) { $sql .= $sqlarr[$i]; // from Ron Baldwin <*****@*****.**> // Only quote string types if (gettype($v) == 'string') { $sql .= $this->qstr($v); } else { if ($v === null) { $sql .= 'NULL'; } else { $sql .= $v; } } $i += 1; } $sql .= $sqlarr[$i]; if ($i + 1 != sizeof($sqlarr)) { ADOConnection::outp("Input Array does not match ?: " . htmlspecialchars($sql)); } $ret =& $this->_Execute($sql, false); if (!$ret) { return $ret; } } } else { if ($array_2d) { $stmt = $this->Prepare($sql); foreach ($inputarr as $arr) { $ret =& $this->_Execute($stmt, $arr); if (!$ret) { return $ret; } } } else { $ret =& $this->_Execute($sql, $inputarr); } } } else { $ret =& $this->_Execute($sql, false); } // Added for the OpenEMR audit engine if ($ret === false) { auditSQLEvent($sql, false); } else { auditSQLEvent($sql, true); } return $ret; }