X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/ff81ee6e8304a1982a3ec4f5b134764a29d502cf..refs/tags/wordpress-2.5.1:/wp-includes/wp-db.php

diff --git a/wp-includes/wp-db.php b/wp-includes/wp-db.php
index 97238c39..216c9cf0 100644
--- a/wp-includes/wp-db.php
+++ b/wp-includes/wp-db.php
@@ -7,6 +7,7 @@
 
 define('EZSQL_VERSION', 'WP1.25');
 define('OBJECT', 'OBJECT', true);
+define('OBJECT_K', 'OBJECT_K', false);
 define('ARRAY_A', 'ARRAY_A', false);
 define('ARRAY_N', 'ARRAY_N', false);
 
@@ -15,11 +16,15 @@ if (!defined('SAVEQUERIES'))
 
 class wpdb {
 
-	var $show_errors = true;
-	var $num_queries = 0;	
+	var $show_errors = false;
+	var $suppress_errors = false;
+	var $last_error = '';
+	var $num_queries = 0;
 	var $last_query;
 	var $col_info;
 	var $queries;
+	var $prefix = '';
+	var $ready = false;
 
 	// Our tables
 	var $posts;
@@ -28,19 +33,41 @@ class wpdb {
 	var $post2cat;
 	var $comments;
 	var $links;
-	var $linkcategories;
 	var $options;
-	var $optiontypes;
-	var $optionvalues;
-	var $optiongroups;
-	var $optiongroup_options;
 	var $postmeta;
+	var $usermeta;
+	var $terms;
+	var $term_taxonomy;
+	var $term_relationships;
+	var $tables = array('users', 'usermeta', 'posts', 'categories', 'post2cat', 'comments', 'links', 'link2cat', 'options',
+			'postmeta', 'terms', 'term_taxonomy', 'term_relationships');
+	var $charset;
+	var $collate;
+
+	/**
+	 * Connects to the database server and selects a database
+	 * @param string $dbuser
+	 * @param string $dbpassword
+	 * @param string $dbname
+	 * @param string $dbhost
+	 */
+	function wpdb($dbuser, $dbpassword, $dbname, $dbhost) {
+		return $this->__construct($dbuser, $dbpassword, $dbname, $dbhost);
+	}
 
-	// ==================================================================
-	//	DB Constructor - connects to the server and selects a database
+	function __construct($dbuser, $dbpassword, $dbname, $dbhost) {
+		register_shutdown_function(array(&$this, "__destruct"));
 
-	function wpdb($dbuser, $dbpassword, $dbname, $dbhost) {
-		$this->dbh = @mysql_connect($dbhost, $dbuser, $dbpassword);
+		if ( defined('WP_DEBUG') and WP_DEBUG == true )
+			$this->show_errors();
+
+		if ( defined('DB_CHARSET') )
+			$this->charset = DB_CHARSET;
+
+		if ( defined('DB_COLLATE') )
+			$this->collate = DB_COLLATE;
+
+		$this->dbh = @mysql_connect($dbhost, $dbuser, $dbpassword, true);
 		if (!$this->dbh) {
 			$this->bail("
 <h1>Error establishing a database connection</h1>
@@ -52,36 +79,99 @@ class wpdb {
 </ul>
 <p>If you're unsure what these terms mean you should probably contact your host. If you still need help you can always visit the <a href='http://wordpress.org/support/'>WordPress Support Forums</a>.</p>
 ");
+			return;
 		}
 
+		$this->ready = true;
+
+		if ( !empty($this->charset) && version_compare(mysql_get_server_info($this->dbh), '4.1.0', '>=') )
+ 			$this->query("SET NAMES '$this->charset'");
+
 		$this->select($dbname);
 	}
 
-	// ==================================================================
-	//	Select a DB (if another one needs to be selected)
+	function __destruct() {
+		return true;
+	}
+
+	function set_prefix($prefix) {
+
+		if ( preg_match('|[^a-z0-9_]|i', $prefix) )
+			return new WP_Error('invalid_db_prefix', 'Invalid database prefix'); // No gettext here
+
+		$old_prefix = $this->prefix;
+		$this->prefix = $prefix;
+
+		foreach ( $this->tables as $table )
+			$this->$table = $this->prefix . $table;
+
+		if ( defined('CUSTOM_USER_TABLE') )
+			$this->users = CUSTOM_USER_TABLE;
+
+		if ( defined('CUSTOM_USER_META_TABLE') )
+			$this->usermeta = CUSTOM_USER_META_TABLE;
+
+		return $old_prefix;
+	}
 
+	/**
+	 * Selects a database using the current class's $this->dbh
+	 * @param string $db name
+	 */
 	function select($db) {
 		if (!@mysql_select_db($db, $this->dbh)) {
+			$this->ready = false;
 			$this->bail("
 <h1>Can&#8217;t select database</h1>
 <p>We were able to connect to the database server (which means your username and password is okay) but not able to select the <code>$db</code> database.</p>
 <ul>
 <li>Are you sure it exists?</li>
+<li>Does the user <code>".DB_USER."</code> have permission to use the <code>$db</code> database?</li>
 <li>On some systems the name of your database is prefixed with your username, so it would be like username_wordpress. Could that be the problem?</li>
 </ul>
 <p>If you don't know how to setup a database you should <strong>contact your host</strong>. If all else fails you may find help at the <a href='http://wordpress.org/support/'>WordPress Support Forums</a>.</p>");
+			return;
 		}
 	}
 
-	// ====================================================================
-	//	Format a string correctly for safe insert under all PHP conditions
-	
+	/**
+	 * Escapes content for insertion into the database, for security
+	 *
+	 * @param string $string
+	 * @return string query safe string
+	 */
 	function escape($string) {
-		return addslashes( $string ); // Disable rest for now, causing problems
+		return addslashes( $string );
+		// Disable rest for now, causing problems
+		/*
 		if( !$this->dbh || version_compare( phpversion(), '4.3.0' ) == '-1' )
 			return mysql_escape_string( $string );
 		else
 			return mysql_real_escape_string( $string, $this->dbh );
+		*/
+	}
+
+	/**
+	 * Escapes content by reference for insertion into the database, for security
+	 * @param string $s
+	 */
+	function escape_by_ref(&$s) {
+		$s = $this->escape($s);
+	}
+
+	/**
+	 * Prepares a SQL query for safe use, using sprintf() syntax
+	 */
+	function prepare($args=NULL) {
+		if ( NULL === $args )
+			return;
+		$args = func_get_args();
+		$query = array_shift($args);
+		$query = str_replace("'%s'", '%s', $query); // in case someone mistakenly already singlequoted it
+		$query = str_replace('"%s"', '%s', $query); // doublequote unquoting
+		$query = str_replace('%s', "'%s'", $query); // quote the strings
+		array_walk($args, array(&$this, 'escape_by_ref'));
+		return @vsprintf($query, $args);
 	}
 
 	// ==================================================================
@@ -89,38 +179,69 @@ class wpdb {
 
 	function print_error($str = '') {
 		global $EZSQL_ERROR;
-		if (!$str) $str = mysql_error();
-		$EZSQL_ERROR[] = 
+
+		if (!$str) $str = mysql_error($this->dbh);
+		$EZSQL_ERROR[] =
 		array ('query' => $this->last_query, 'error_str' => $str);
 
+		if ( $this->suppress_errors )
+			return false;
+
+		$error_str = "WordPress database error $str for query $this->last_query";
+		if ( $caller = $this->get_caller() )
+			$error_str .= " made by $caller";
+
+		$log_error = true;
+		if ( ! function_exists('error_log') )
+			$log_error = false;
+
+		$log_file = @ini_get('error_log');
+		if ( !empty($log_file) && ('syslog' != $log_file) && !is_writable($log_file) )
+			$log_error = false;
+
+		if ( $log_error )
+			@error_log($error_str, 0);
+
 		// Is error output turned on or not..
-		if ( $this->show_errors ) {
-			// If there is an error then take note of it
-			print "<div id='error'>
-			<p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br />
-			<code>$this->last_query</code></p>
-			</div>";
-		} else {
-			return false;	
-		}
+		if ( !$this->show_errors )
+			return false;
+
+		$str = htmlspecialchars($str, ENT_QUOTES);
+		$query = htmlspecialchars($this->last_query, ENT_QUOTES);
+
+		// If there is an error then take note of it
+		print "<div id='error'>
+		<p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br />
+		<code>$query</code></p>
+		</div>";
 	}
 
 	// ==================================================================
 	//	Turn error handling on or off..
 
-	function show_errors() {
-		$this->show_errors = true;
+	function show_errors( $show = true ) {
+		$errors = $this->show_errors;
+		$this->show_errors = $show;
+		return $errors;
 	}
-	
+
 	function hide_errors() {
+		$show = $this->show_errors;
 		$this->show_errors = false;
+		return $show;
+	}
+
+	function suppress_errors( $suppress = true ) {
+		$errors = $this->suppress_errors;
+		$this->suppress_errors = $suppress;
+		return $errors;
 	}
 
 	// ==================================================================
 	//	Kill cached query results
 
 	function flush() {
-		$this->last_result = null;
+		$this->last_result = array();
 		$this->col_info = null;
 		$this->last_query = null;
 	}
@@ -129,6 +250,14 @@ class wpdb {
 	//	Basic Query	- see docs for more detail
 
 	function query($query) {
+		if ( ! $this->ready )
+			return false;
+
+		// filter the query, if filters are available
+		// NOTE: some queries are made before the plugins have been loaded, and thus cannot be filtered with this method
+		if ( function_exists('apply_filters') )
+			$query = apply_filters('query', $query);
+
 		// initialise return
 		$return_val = 0;
 		$this->flush();
@@ -142,24 +271,24 @@ class wpdb {
 		// Perform the query via std mysql_query function..
 		if (SAVEQUERIES)
 			$this->timer_start();
-		
+
 		$this->result = @mysql_query($query, $this->dbh);
 		++$this->num_queries;
 
 		if (SAVEQUERIES)
-			$this->queries[] = array( $query, $this->timer_stop() );
+			$this->queries[] = array( $query, $this->timer_stop(), $this->get_caller() );
 
 		// If there is an error then take note of it..
-		if ( mysql_error() ) {
+		if ( $this->last_error = mysql_error($this->dbh) ) {
 			$this->print_error();
 			return false;
 		}
 
 		if ( preg_match("/^\\s*(insert|delete|update|replace) /i",$query) ) {
-			$this->rows_affected = mysql_affected_rows();
+			$this->rows_affected = mysql_affected_rows($this->dbh);
 			// Take note of the insert_id
 			if ( preg_match("/^\\s*(insert|replace) /i",$query) ) {
-				$this->insert_id = mysql_insert_id($this->dbh);	
+				$this->insert_id = mysql_insert_id($this->dbh);
 			}
 			// Return number of rows affected
 			$return_val = $this->rows_affected;
@@ -179,7 +308,7 @@ class wpdb {
 
 			// Log number of rows the query returned
 			$this->num_rows = $num_rows;
-			
+
 			// Return number of rows selected
 			$return_val = $this->num_rows;
 		}
@@ -187,16 +316,53 @@ class wpdb {
 		return $return_val;
 	}
 
-	// ==================================================================
-	//	Get one variable from the DB - see docs for more detail
+	/**
+	 * Insert an array of data into a table
+	 * @param string $table WARNING: not sanitized!
+	 * @param array $data should not already be SQL-escaped
+	 * @return mixed results of $this->query()
+	 */
+	function insert($table, $data) {
+		$data = add_magic_quotes($data);
+		$fields = array_keys($data);
+		return $this->query("INSERT INTO $table (`" . implode('`,`',$fields) . "`) VALUES ('".implode("','",$data)."')");
+	}
+
+	/**
+	 * Update a row in the table with an array of data
+	 * @param string $table WARNING: not sanitized!
+	 * @param array $data should not already be SQL-escaped
+	 * @param array $where a named array of WHERE column => value relationships.  Multiple member pairs will be joined with ANDs.  WARNING: the column names are not currently sanitized!
+	 * @return mixed results of $this->query()
+	 */
+	function update($table, $data, $where){
+		$data = add_magic_quotes($data);
+		$bits = $wheres = array();
+		foreach ( array_keys($data) as $k )
+			$bits[] = "`$k` = '$data[$k]'";
+
+		if ( is_array( $where ) )
+			foreach ( $where as $c => $v )
+				$wheres[] = "$c = '" . $this->escape( $v ) . "'";
+		else
+			return false;
+		return $this->query( "UPDATE $table SET " . implode( ', ', $bits ) . ' WHERE ' . implode( ' AND ', $wheres ) . ' LIMIT 1' );
+	}
 
+	/**
+	 * Get one variable from the database
+	 * @param string $query (can be null as well, for caching, see codex)
+	 * @param int $x = 0 row num to return
+	 * @param int $y = 0 col num to return
+	 * @return mixed results
+	 */
 	function get_var($query=null, $x = 0, $y = 0) {
 		$this->func_call = "\$db->get_var(\"$query\",$x,$y)";
 		if ( $query )
 			$this->query($query);
 
 		// Extract var out of cached results based x,y vals
-		if ( $this->last_result[$y] ) {
+		if ( !empty( $this->last_result[$y] ) ) {
 			$values = array_values(get_object_vars($this->last_result[$y]));
 		}
 
@@ -204,13 +370,22 @@ class wpdb {
 		return (isset($values[$x]) && $values[$x]!=='') ? $values[$x] : null;
 	}
 
-	// ==================================================================
-	//	Get one row from the DB - see docs for more detail
-
+	/**
+	 * Get one row from the database
+	 * @param string $query
+	 * @param string $output ARRAY_A | ARRAY_N | OBJECT
+	 * @param int $y row num to return
+	 * @return mixed results
+	 */
 	function get_row($query = null, $output = OBJECT, $y = 0) {
 		$this->func_call = "\$db->get_row(\"$query\",$output,$y)";
 		if ( $query )
 			$this->query($query);
+		else
+			return null;
+
+		if ( !isset($this->last_result[$y]) )
+			return null;
 
 		if ( $output == OBJECT ) {
 			return $this->last_result[$y] ? $this->last_result[$y] : null;
@@ -223,14 +398,17 @@ class wpdb {
 		}
 	}
 
-	// ==================================================================
-	//	Function to get 1 column from the cached result set based in X index
-	// se docs for usage and info
-
+	/**
+	 * Gets one column from the database
+	 * @param string $query (can be null as well, for caching, see codex)
+	 * @param int $x col num to return
+	 * @return array results
+	 */
 	function get_col($query = null , $x = 0) {
 		if ( $query )
 			$this->query($query);
 
+		$new_array = array();
 		// Extract the column values
 		for ( $i=0; $i < count($this->last_result); $i++ ) {
 			$new_array[$i] = $this->get_var(null, $x, $i);
@@ -238,40 +416,57 @@ class wpdb {
 		return $new_array;
 	}
 
-	// ==================================================================
-	// Return the the query as a result set - see docs for more details
-
+	/**
+	 * Return an entire result set from the database
+	 * @param string $query (can also be null to pull from the cache)
+	 * @param string $output ARRAY_A | ARRAY_N | OBJECT_K | OBJECT
+	 * @return mixed results
+	 */
 	function get_results($query = null, $output = OBJECT) {
 		$this->func_call = "\$db->get_results(\"$query\", $output)";
 
 		if ( $query )
 			$this->query($query);
+		else
+			return null;
 
-		// Send back array of objects. Each row is an object
 		if ( $output == OBJECT ) {
+			// Return an integer-keyed array of row objects
 			return $this->last_result;
+		} elseif ( $output == OBJECT_K ) {
+			// Return an array of row objects with keys from column 1
+			// (Duplicates are discarded)
+			foreach ( $this->last_result as $row ) {
+				$key = array_shift( get_object_vars( $row ) );
+				if ( !isset( $new_array[ $key ] ) )
+					$new_array[ $key ] = $row;
+			}
+			return $new_array;
 		} elseif ( $output == ARRAY_A || $output == ARRAY_N ) {
+			// Return an integer-keyed array of...
 			if ( $this->last_result ) {
 				$i = 0;
 				foreach( $this->last_result as $row ) {
-					$new_array[$i] = (array) $row;
 					if ( $output == ARRAY_N ) {
-						$new_array[$i] = array_values($new_array[$i]);
+						// ...integer-keyed row arrays
+						$new_array[$i] = array_values( get_object_vars( $row ) );
+					} else {
+						// ...column name-keyed row arrays
+						$new_array[$i] = get_object_vars( $row );
 					}
-					$i++;
+					++$i;
 				}
 				return $new_array;
-			} else {
-				return null;
 			}
 		}
 	}
 
-
-	// ==================================================================
-	// Function to get column meta data info pertaining to the last query
-	// see docs for more info and usage
-
+	/**
+	 * Grabs column metadata from the last query
+	 * @param string $info_type one of name, table, def, max_length, not_null, primary_key, multiple_key, unique_key, numeric, blob, type, unsigned, zerofill
+	 * @param int $col_offset 0: col name. 1: which table the col's in. 2: col's max length. 3: if the col is numeric. 4: col's type
+	 * @return mixed results
+	 */
 	function get_col_info($info_type = 'name', $col_offset = -1) {
 		if ( $this->col_info ) {
 			if ( $col_offset == -1 ) {
@@ -287,14 +482,21 @@ class wpdb {
 		}
 	}
 
+	/**
+	 * Starts the timer, for debugging purposes
+	 */
 	function timer_start() {
 		$mtime = microtime();
 		$mtime = explode(' ', $mtime);
 		$this->time_start = $mtime[1] + $mtime[0];
 		return true;
 	}
-	
-	function timer_stop($precision = 3) {
+
+	/**
+	 * Stops the debugging timer
+	 * @return int total time spent on the query, in milliseconds
+	 */
+	function timer_stop() {
 		$mtime = microtime();
 		$mtime = explode(' ', $mtime);
 		$time_end = $mtime[1] + $mtime[0];
@@ -302,62 +504,73 @@ class wpdb {
 		return $time_total;
 	}
 
+	/**
+	 * Wraps fatal errors in a nice header and footer and dies.
+	 * @param string $message
+	 */
 	function bail($message) { // Just wraps errors in a nice header and footer
-	if ( !$this->show_errors )
-		return false;
-	header( 'Content-Type: text/html; charset=utf-8');		
-	echo <<<HEAD
-	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-	<html xmlns="http://www.w3.org/1999/xhtml">
-	<head>
-		<title>WordPress &rsaquo; Error</title>
-		<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-		<style media="screen" type="text/css">
-		<!--
-		html {
-			background: #eee;
-		}
-		body {
-			background: #fff;
-			color: #000;
-			font-family: Georgia, "Times New Roman", Times, serif;
-			margin-left: 25%;
-			margin-right: 25%;
-			padding: .2em 2em;
-		}
-		
-		h1 {
-			color: #006;
-			font-size: 18px;
-			font-weight: lighter;
-		}
-		
-		h2 {
-			font-size: 16px;
-		}
-		
-		p, li, dt {
-			line-height: 140%;
-			padding-bottom: 2px;
-		}
-	
-		ul, ol {
-			padding: 5px 5px 5px 20px;
+		if ( !$this->show_errors ) {
+			if ( class_exists('WP_Error') )
+				$this->error = new WP_Error('500', $message);
+			else
+				$this->error = $message;
+			return false;
 		}
-		#logo {
-			margin-bottom: 2em;
+		wp_die($message);
+	}
+
+	/**
+	 * Checks wether of not the database version is high enough to support the features WordPress uses
+	 * @global $wp_version
+	 */
+	function check_database_version()
+	{
+		global $wp_version;
+		// Make sure the server has MySQL 4.0
+		$mysql_version = preg_replace('|[^0-9\.]|', '', @mysql_get_server_info($this->dbh));
+		if ( version_compare($mysql_version, '4.0.0', '<') )
+			return new WP_Error('database_version',sprintf(__('<strong>ERROR</strong>: WordPress %s requires MySQL 4.0.0 or higher'), $wp_version));
+	}
+
+	/**
+	 * This function is called when WordPress is generating the table schema to determine wether or not the current database
+	 * supports or needs the collation statements.
+	 */
+	function supports_collation()
+	{
+		return ( version_compare(mysql_get_server_info($this->dbh), '4.1.0', '>=') );
+	}
+
+	/**
+	 * Get the name of the function that called wpdb.
+	 * @return string the name of the calling function
+	 */
+	function get_caller() {
+		// requires PHP 4.3+
+		if ( !is_callable('debug_backtrace') )
+			return '';
+
+		$bt = debug_backtrace();
+		$caller = '';
+
+		foreach ( $bt as $trace ) {
+			if ( @$trace['class'] == __CLASS__ )
+				continue;
+			elseif ( strtolower(@$trace['function']) == 'call_user_func_array' )
+				continue;
+			elseif ( strtolower(@$trace['function']) == 'apply_filters' )
+				continue;
+			elseif ( strtolower(@$trace['function']) == 'do_action' )
+				continue;
+
+			$caller = $trace['function'];
+			break;
 		}
-		-->
-		</style>
-	</head>
-	<body>
-	<h1 id="logo"><img alt="WordPress" src="http://static.wordpress.org/logo.png" /></h1>
-HEAD;
-	echo $message;
-	echo "</body></html>";
-	die();
+		return $caller;
 	}
+
 }
 
-$wpdb = new wpdb(DB_USER, DB_PASSWORD, DB_NAME, DB_HOST);
-?>
\ No newline at end of file
+if ( ! isset($wpdb) )
+	$wpdb = new wpdb(DB_USER, DB_PASSWORD, DB_NAME, DB_HOST);
+?>