<?php // WordPress DB Class // ORIGINAL CODE FROM: // Justin Vincent (justin@visunet.ie) // http://php.justinvincent.com define('EZSQL_VERSION', 'WP1.25'); define('OBJECT', 'OBJECT', true); define('ARRAY_A', 'ARRAY_A', false); define('ARRAY_N', 'ARRAY_N', false); if (!defined('SAVEQUERIES')) define('SAVEQUERIES', false); class wpdb { var $show_errors = true; var $num_queries = 0; var $last_query; var $col_info; var $queries; // Our tables var $posts; var $users; var $categories; var $post2cat; var $comments; var $links; var $options; var $optiontypes; var $optionvalues; var $optiongroups; var $optiongroup_options; var $postmeta; var $usermeta; var $terms; var $term_taxonomy; var $term_relationships; var $charset; var $collate; /** * Connects to the database server and selects a database * @param string $dbuser * @param string $dbpassword * @param string $dbname * @param string $dbhost */ function wpdb($dbuser, $dbpassword, $dbname, $dbhost) { return $this->__construct($dbuser, $dbpassword, $dbname, $dbhost); } function __construct($dbuser, $dbpassword, $dbname, $dbhost) { register_shutdown_function(array(&$this, "__destruct")); if ( defined('DB_CHARSET') ) $this->charset = DB_CHARSET; if ( defined('DB_COLLATE') ) $this->collate = DB_COLLATE; $this->dbh = @mysql_connect($dbhost, $dbuser, $dbpassword); if (!$this->dbh) { $this->bail(" <h1>Error establishing a database connection</h1> <p>This either means that the username and password information in your <code>wp-config.php</code> file is incorrect or we can't contact the database server at <code>$dbhost</code>. This could mean your host's database server is down.</p> <ul> <li>Are you sure you have the correct username and password?</li> <li>Are you sure that you have typed the correct hostname?</li> <li>Are you sure that the database server is running?</li> </ul> <p>If you're unsure what these terms mean you should probably contact your host. If you still need help you can always visit the <a href='http://wordpress.org/support/'>WordPress Support Forums</a>.</p> "); } if ( !empty($this->charset) && version_compare(mysql_get_server_info(), '4.1.0', '>=') ) $this->query("SET NAMES '$this->charset'"); $this->select($dbname); } function __destruct() { return true; } /** * Selects a database using the current class's $this->dbh * @param string $db name */ function select($db) { if (!@mysql_select_db($db, $this->dbh)) { $this->bail(" <h1>Can’t select database</h1> <p>We were able to connect to the database server (which means your username and password is okay) but not able to select the <code>$db</code> database.</p> <ul> <li>Are you sure it exists?</li> <li>On some systems the name of your database is prefixed with your username, so it would be like username_wordpress. Could that be the problem?</li> </ul> <p>If you don't know how to setup a database you should <strong>contact your host</strong>. If all else fails you may find help at the <a href='http://wordpress.org/support/'>WordPress Support Forums</a>.</p>"); } } /** * Escapes content for insertion into the database, for security * * @param string $string * @return string query safe string */ function escape($string) { return addslashes( $string ); // Disable rest for now, causing problems if( !$this->dbh || version_compare( phpversion(), '4.3.0' ) == '-1' ) return mysql_escape_string( $string ); else return mysql_real_escape_string( $string, $this->dbh ); } /** * Escapes content by reference for insertion into the database, for security * @param string $s */ function escape_by_ref(&$s) { $s = $this->escape($s); } /** * Prepares a SQL query for safe use, using sprintf() syntax */ function prepare($args=NULL) { if ( NULL === $args ) return; $args = func_get_args(); $query = array_shift($args); $query = str_replace("'%s'", '%s', $query); // in case someone mistakenly already singlequoted it $query = str_replace('"%s"', '%s', $query); // doublequote unquoting $query = str_replace('%s', "'%s'", $query); // quote the strings array_walk($args, array(&$this, 'escape_by_ref')); return @vsprintf($query, $args); } // ================================================================== // Print SQL/DB error. function print_error($str = '') { global $EZSQL_ERROR; if (!$str) $str = mysql_error($this->dbh); $EZSQL_ERROR[] = array ('query' => $this->last_query, 'error_str' => $str); $str = htmlspecialchars($str, ENT_QUOTES); $query = htmlspecialchars($this->last_query, ENT_QUOTES); // Is error output turned on or not.. if ( $this->show_errors ) { // If there is an error then take note of it print "<div id='error'> <p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br /> <code>$query</code></p> </div>"; } else { return false; } } // ================================================================== // Turn error handling on or off.. function show_errors() { $this->show_errors = true; } function hide_errors() { $this->show_errors = false; } // ================================================================== // Kill cached query results function flush() { $this->last_result = array(); $this->col_info = null; $this->last_query = null; } // ================================================================== // Basic Query - see docs for more detail function query($query) { // filter the query, if filters are available // NOTE: some queries are made before the plugins have been loaded, and thus cannot be filtered with this method if ( function_exists('apply_filters') ) $query = apply_filters('query', $query); // initialise return $return_val = 0; $this->flush(); // Log how the function was called $this->func_call = "\$db->query(\"$query\")"; // Keep track of the last query for debug.. $this->last_query = $query; // Perform the query via std mysql_query function.. if (SAVEQUERIES) $this->timer_start(); $this->result = @mysql_query($query, $this->dbh); ++$this->num_queries; if (SAVEQUERIES) $this->queries[] = array( $query, $this->timer_stop() ); // If there is an error then take note of it.. if ( mysql_error($this->dbh) ) { $this->print_error(); return false; } if ( preg_match("/^\\s*(insert|delete|update|replace) /i",$query) ) { $this->rows_affected = mysql_affected_rows($this->dbh); // Take note of the insert_id if ( preg_match("/^\\s*(insert|replace) /i",$query) ) { $this->insert_id = mysql_insert_id($this->dbh); } // Return number of rows affected $return_val = $this->rows_affected; } else { $i = 0; while ($i < @mysql_num_fields($this->result)) { $this->col_info[$i] = @mysql_fetch_field($this->result); $i++; } $num_rows = 0; while ( $row = @mysql_fetch_object($this->result) ) { $this->last_result[$num_rows] = $row; $num_rows++; } @mysql_free_result($this->result); // Log number of rows the query returned $this->num_rows = $num_rows; // Return number of rows selected $return_val = $this->num_rows; } return $return_val; } /** * Insert an array of data into a table * @param string $table WARNING: not sanitized! * @param array $data should not already be SQL-escaped * @return mixed results of $this->query() */ function insert($table, $data) { $data = add_magic_quotes($data); $fields = array_keys($data); return $this->query("INSERT INTO $table (`" . implode('`,`',$fields) . "`) VALUES ('".implode("','",$data)."')"); } /** * Update a row in the table with an array of data * @param string $table WARNING: not sanitized! * @param array $data should not already be SQL-escaped * @param mixed $where_col_or_array if a string, it represents the column of the WHERE statement. If an array (named), it can represent multiple col = 'value' pairs that will be joined with ANDs WARNING: the column names are not sanitized! * @param string $where_val the value of the WHERE statement. Should not already be SQL-escaped. * @return mixed results of $this->query() */ function update($table, $data, $where_col_or_array, $where_val=NULL){ $data = add_magic_quotes($data); $bits = $wheres = array(); foreach ( array_keys($data) as $k ) $bits[] = "`$k` = '$data[$k]'"; if ( is_string( $where_col_or_array ) ) $wheres = array( "$where_col_or_array = '" . $this->escape($where_val) . "'" ); elseif ( is_array( $where_col_or_array ) ) foreach ( $where_col_or_array as $c => $v ) $wheres[] = "$c = '" . $this->escape( $v ) . "'"; else return false; return $this->query( "UPDATE $table SET " . implode( ', ', $bits ) . ' WHERE ' . implode( ' AND ', $wheres ) . ' LIMIT 1' ); } /** * Get one variable from the database * @param string $query (can be null as well, for caching, see codex) * @param int $x = 0 row num to return * @param int $y = 0 col num to return * @return mixed results */ function get_var($query=null, $x = 0, $y = 0) { $this->func_call = "\$db->get_var(\"$query\",$x,$y)"; if ( $query ) $this->query($query); // Extract var out of cached results based x,y vals if ( $this->last_result[$y] ) { $values = array_values(get_object_vars($this->last_result[$y])); } // If there is a value return it else return null return (isset($values[$x]) && $values[$x]!=='') ? $values[$x] : null; } /** * Get one row from the database * @param string $query * @param string $output ARRAY_A | ARRAY_N | OBJECT * @param int $y row num to return * @return mixed results */ function get_row($query = null, $output = OBJECT, $y = 0) { $this->func_call = "\$db->get_row(\"$query\",$output,$y)"; if ( $query ) $this->query($query); else return null; if ( !isset($this->last_result[$y]) ) return null; if ( $output == OBJECT ) { return $this->last_result[$y] ? $this->last_result[$y] : null; } elseif ( $output == ARRAY_A ) { return $this->last_result[$y] ? get_object_vars($this->last_result[$y]) : null; } elseif ( $output == ARRAY_N ) { return $this->last_result[$y] ? array_values(get_object_vars($this->last_result[$y])) : null; } else { $this->print_error(" \$db->get_row(string query, output type, int offset) -- Output type must be one of: OBJECT, ARRAY_A, ARRAY_N"); } } /** * Gets one column from the database * @param string $query (can be null as well, for caching, see codex) * @param int $x col num to return * @return array results */ function get_col($query = null , $x = 0) { if ( $query ) $this->query($query); $new_array = array(); // Extract the column values for ( $i=0; $i < count($this->last_result); $i++ ) { $new_array[$i] = $this->get_var(null, $x, $i); } return $new_array; } /** * Return an entire result set from the database * @param string $query (can also be null to pull from the cache) * @param string $output ARRAY_A | ARRAY_N | OBJECT * @return mixed results */ function get_results($query = null, $output = OBJECT) { $this->func_call = "\$db->get_results(\"$query\", $output)"; if ( $query ) $this->query($query); else return null; // Send back array of objects. Each row is an object if ( $output == OBJECT ) { return $this->last_result; } elseif ( $output == ARRAY_A || $output == ARRAY_N ) { if ( $this->last_result ) { $i = 0; foreach( $this->last_result as $row ) { $new_array[$i] = (array) $row; if ( $output == ARRAY_N ) { $new_array[$i] = array_values($new_array[$i]); } $i++; } return $new_array; } else { return null; } } } /** * Grabs column metadata from the last query * @param string $info_type one of name, table, def, max_length, not_null, primary_key, multiple_key, unique_key, numeric, blob, type, unsigned, zerofill * @param int $col_offset 0: col name. 1: which table the col's in. 2: col's max length. 3: if the col is numeric. 4: col's type * @return mixed results */ function get_col_info($info_type = 'name', $col_offset = -1) { if ( $this->col_info ) { if ( $col_offset == -1 ) { $i = 0; foreach($this->col_info as $col ) { $new_array[$i] = $col->{$info_type}; $i++; } return $new_array; } else { return $this->col_info[$col_offset]->{$info_type}; } } } /** * Starts the timer, for debugging purposes */ function timer_start() { $mtime = microtime(); $mtime = explode(' ', $mtime); $this->time_start = $mtime[1] + $mtime[0]; return true; } /** * Stops the debugging timer * @return int total time spent on the query, in milliseconds */ function timer_stop() { $mtime = microtime(); $mtime = explode(' ', $mtime); $time_end = $mtime[1] + $mtime[0]; $time_total = $time_end - $this->time_start; return $time_total; } /** * Wraps fatal errors in a nice header and footer and dies. * @param string $message */ function bail($message) { // Just wraps errors in a nice header and footer if ( !$this->show_errors ) return false; wp_die($message); } /** * Checks wether of not the database version is high enough to support the features WordPress uses * @global $wp_version */ function check_database_version() { global $wp_version; // Make sure the server has MySQL 4.0 $mysql_version = preg_replace('|[^0-9\.]|', '', @mysql_get_server_info()); if ( version_compare($mysql_version, '4.0.0', '<') ) return new WP_Error('database_version',sprintf(__('<strong>ERROR</strong>: WordPress %s requires MySQL 4.0.0 or higher'), $wp_version)); } /** * This function is called when WordPress is generating the table schema to determine wether or not the current database * supports or needs the collation statements. */ function supports_collation() { return ( version_compare(mysql_get_server_info(), '4.1.0', '>=') ); } } if ( ! isset($wpdb) ) $wpdb = new wpdb(DB_USER, DB_PASSWORD, DB_NAME, DB_HOST); ?>