PageRenderTime 43ms CodeModel.GetById 8ms RepoModel.GetById 0ms app.codeStats 1ms

/core/engines/mysql.engine.php

http://snowcms.googlecode.com/
PHP | 555 lines | 369 code | 100 blank | 86 comment | 50 complexity | 2f4c5de3533c397f14f84c5da453a0c5 MD5 | raw file
Possible License(s): CC-BY-SA-3.0 
    

  1. <?php

    2. 

  2. ////////////////////////////////////////////////////////////////////////////

    3. 

  3. //                              SnowCMS v2.0                              //

    4. 

  4. //                           By the SnowCMS Team                          //

    5. 

  5. //                             www.snowcms.com                            //

    6. 

  6. //            Released under the Microsoft Reciprocal License             //

    7. 

  7. //                 www.opensource.org/licenses/ms-rl.html                 //

    8. 

  8. ////////////////////////////////////////////////////////////////////////////

    9. 

  9. //                                                                        //

    10. 

  10. //       SnowCMS originally pawned by soren121 started in early 2008      //

    11. 

  11. //                                                                        //

    12. 

  12. ////////////////////////////////////////////////////////////////////////////

    13. 

  13. //                                                                        //

    14. 

  14. //                  SnowCMS v2.0 began in November 2009                   //

    15. 

  15. //                                                                        //

    16. 

  16. ////////////////////////////////////////////////////////////////////////////

    17. 

  17. //                       File version: SnowCMS 2.0                        //

    18. 

  18. ////////////////////////////////////////////////////////////////////////////

    19. 

  19. 

    20. 

  20. if(!defined('INSNOW'))

    21. 

  21. {

    22. 

  22. 	die('Nice try...');

    23. 

  23. }

    24. 

  24. 

    25. 

  25. class MySQL extends Database

    26. 

  26. {

    27. 

  27. 	public function connect()

    28. 

  28. 	{

    29. 

  29. 		// Persistent connection or not?

    30. 

  30. 		if(!defined('dbpersist') || !dbpersist)

    31. 

  31. 		{

    32. 

  32. 			$this->con = @mysql_connect(dbhost, dbuser, dbpass);

    33. 

  33. 		}

    34. 

  34. 		else

    35. 

  35. 		{

    36. 

  36. 			$this->con = @mysql_pconnect(dbhost, dbuser, dbpass);

    37. 

  37. 		}

    38. 

  38. 

    39. 

  39. 		// Fail to connect?

    40. 

  40. 		if(empty($this->con))

    41. 

  41. 		{

    42. 

  42. 			// Show the message.

    43. 

  43. 			$this->log_error(1, true);

    44. 

  44. 			return false;

    45. 

  45. 		}

    46. 

  46. 

    47. 

  47. 		// Select the database now ;)

    48. 

  48. 		$select_db = @mysql_select_db(dbname, $this->con);

    49. 

  49. 

    50. 

  50. 		// Failed to select the database..? That isn't good!

    51. 

  51. 		if(empty($select_db))

    52. 

  52. 		{

    53. 

  53. 			$this->log_error(2, true);

    54. 

  54. 		}

    55. 

  55. 

    56. 

  56. 		// Sweet, everything seems to be in order so far, set a couple other things others

    57. 

  57. 		// may need to use at a later time.

    58. 

  58. 		$this->prefix = tblprefix;

    59. 

  59. 		$this->type = 'MySQL';

    60. 

  60. 		$this->case_sensitive = false;

    61. 

  61. 		$this->drop_if_exists = true;

    62. 

  62. 		$this->if_not_exists = true;

    63. 

  63. 		$this->extended_inserts = true;

    64. 

  64. 

    65. 

  65. 		// Alright, we are done here.

    66. 

  66. 		return true;

    67. 

  67. 	}

    68. 

  68. 

    69. 

  69. 	public function close()

    70. 

  70. 	{

    71. 

  71. 		return @mysql_close($this->con);

    72. 

  72. 	}

    73. 

  73. 

    74. 

  74. 	public function errno()

    75. 

  75. 	{

    76. 

  76. 		return @mysql_errno($this->con);

    77. 

  77. 	}

    78. 

  78. 

    79. 

  79. 	public function error()

    80. 

  80. 	{

    81. 

  81. 		return @mysql_error($this->con);

    82. 

  82. 	}

    83. 

  83. 

    84. 

  84. 	public function escape($str, $htmlspecialchars = false)

    85. 

  85. 	{

    86. 

  86. 		global $func;

    87. 

  87. 

    88. 

  88. 		return @mysql_real_escape_string(!empty($htmlspecialchars) ? $func['htmlspecialchars']($str) : $str, $this->con);

    89. 

  89. 	}

    90. 

  90. 

    91. 

  91. 	public function unescape($str, $htmlspecialchars_decode = false)

    92. 

  92. 	{

    93. 

  93. 		global $func;

    94. 

  94. 

    95. 

  95. 		return !empty($htmlspecialchars_decode) ? $func['htmlspecialchars_decode'](stripslashes($str)) : stripslashes($str);

    96. 

  96. 	}

    97. 

  97. 

    98. 

  98. 	public function version()

    99. 

  99. 	{

    100. 

  100. 		if(empty($this->con))

    101. 

  101. 		{

    102. 

  102. 			return false;

    103. 

  103. 		}

    104. 

  104. 

    105. 

  105. 		// The VERSION() function will give us what we need :-)

    106. 

  106. 		$result = $this->query('

    107. 

  107. 			SELECT VERSION()');

    108. 

  108. 

    109. 

  109. 		// Fetch it and return it!

    110. 

  110. 		list($version) = $result->fetch_row();

    111. 

  111. 

    112. 

  112. 		return $version;

    113. 

  113. 	}

    114. 

  114. 

    115. 

  115. 	public function tables()

    116. 

  116. 	{

    117. 

  117. 		if(empty($this->con))

    118. 

  118. 		{

    119. 

  119. 			return false;

    120. 

  120. 		}

    121. 

  121. 

    122. 

  122. 		// Get a listing of all the tables, simpler than SQLite...

    123. 

  123. 		$result = $db->query('

    124. 

  124. 			SHOW TABLES', array(), null, 'show_tables');

    125. 

  125. 

    126. 

  126. 		// Load'em up, otherwise, what's the point, right..?

    127. 

  127. 		$tables = array();

    128. 

  128. 		while($row = $result->fetch_row())

    129. 

  129. 		{

    130. 

  130. 			$tables[] = $row[0];

    131. 

  131. 		}

    132. 

  132. 

    133. 

  133. 		return $tables;

    134. 

  134. 	}

    135. 

  135. 

    136. 

  136. 	public function columns($table)

    137. 

  137. 	{

    138. 

  138. 		// Check to see if the table exists, if it does not, we cannot get the columns :P

    139. 

  139. 		if(empty($this->con) || !in_array($table, $this->tables()))

    140. 

  140. 		{

    141. 

  141. 			return false;

    142. 

  142. 		}

    143. 

  143. 

    144. 

  144. 		// Simple query, really.

    145. 

  145. 		$result = $db->query('

    146. 

  146. 			SHOW COLUMNS IN {raw:table}',

    147. 

  147. 			array(

    148. 

  148. 				'table' => $table,

    149. 

  149. 			), null, 'show_columns');

    150. 

  150. 

    151. 

  151. 		// Now get ready to load'em up.

    152. 

  152. 		$columns = array();

    153. 

  153. 		while($row = $result->fetch_row())

    154. 

  154. 		{

    155. 

  155. 			$columns[] = $row[0];

    156. 

  156. 		}

    157. 

  157. 

    158. 

  158. 		return $columns;

    159. 

  159. 	}

    160. 

  160. 

    161. 

  161. 	public function query($db_query, $db_vars = array(), $hook_name = null, $db_compat = null, $file = null, $line = 0)

    162. 

  162. 	{

    163. 

  163. 		// We can't make a query if we aren't connected.

    164. 

  164. 		if(empty($this->con))

    165. 

  165. 		{

    166. 

  166. 			return false;

    167. 

  167. 		}

    168. 

  168. 

    169. 

  169. 		// Something for all queries before they are parsed.

    170. 

  170. 		$return = null;

    171. 

  171. 		api()->run_hooks('pre_parse_query', array(&$db_query, &$db_vars, &$hook_name, &$db_compat, &$file, &$line, &$return));

    172. 

  172. 

    173. 

  173. 		if($return !== null)

    174. 

  174. 		{

    175. 

  175. 			return $return;

    176. 

  176. 		}

    177. 

  177. 

    178. 

  178. 		// Just incase, for some odd reason :P

    179. 

  179. 		if(!empty($hook_name))

    180. 

  180. 		{

    181. 

  181. 			$return = null;

    182. 

  182. 			api()->run_hooks($hook_name, array(&$db_query, &$db_vars, &$hook_name, &$db_compat, &$file, &$line, &$return));

    183. 

  183. 

    184. 

  184. 			if($return !== null)

    185. 

  185. 			{

    186. 

  186. 				return $return;

    187. 

  187. 			}

    188. 

  188. 		}

    189. 

  189. 

    190. 

  190. 		// debug set?

    191. 

  191. 		if(isset($db_vars['debug']))

    192. 

  192. 		{

    193. 

  193. 			$prev_debug = $this->debug;

    194. 

  194. 

    195. 

  195. 			$this->debug = !empty($db_vars['debug']);

    196. 

  196. 			unset($db_vars['debug']);

    197. 

  197. 		}

    198. 

  198. 

    199. 

  199. 		/*

    200. 

  200. 

    201. 

  201. 			In other databases such as SQLite, PostgreSQL, SQL Server, etc. anything that isn't

    202. 

  202. 			MySQL at this time would do any query fixing to make it parse right upon execution.

    203. 

  203. 

    204. 

  204. 		*/

    205. 

  205. 

    206. 

  206. 		// Let's use debug_backtrace() to find where this was called and what not ;)

    207. 

  207. 		// Only if file and line aren't set already ;)

    208. 

  208. 		if(empty($file) || empty($line))

    209. 

  209. 		{

    210. 

  210. 			$backtrace = debug_backtrace();

    211. 

  211. 			$file = $backtrace[0]['file'];

    212. 

  212. 			$line = (int)$backtrace[0]['line'];

    213. 

  213. 		}

    214. 

  214. 

    215. 

  215. 		// Replace {db->prefix} and {db_prefix} with $this->prefix... :P

    216. 

  216. 		$db_query = strtr($db_query, array('{db->prefix}' => $this->prefix, '{db_prefix}' => $this->prefix));

    217. 

  217. 

    218. 

  218. 		// Any possible variables that may need replacing? (Don't do this if it is an insert, or things could get ugly,

    219. 

  219. 		// or don't do it if you said no_parse ;-))

    220. 

  220. 		if(strpos($db_query, '{') !== false && ($db_compat != 'insert' || $db_compat == 'no_parse'))

    221. 

  221. 		{

    222. 

  222. 			// Find all the variables.

    223. 

  223. 			preg_match_all('~{[\w-]+:\w+}~', $db_query, $matches);

    224. 

  224. 

    225. 

  225. 			if(count($matches[0]))

    226. 

  226. 			{

    227. 

  227. 				// Holds all our soon-to-be replaced variables.

    228. 

  228. 				$replacements = array();

    229. 

  229. 

    230. 

  230. 				// Holds onto any undefined variables, you never know ;)

    231. 

  231. 				$undefined = array();

    232. 

  232. 

    233. 

  233. 				// Let's figure out which variables are defined.

    234. 

  234. 				$defined = array();

    235. 

  235. 				foreach($db_vars as $var_name => $value)

    236. 

  236. 				{

    237. 

  237. 					$defined[] = $var_name;

    238. 

  238. 				}

    239. 

  239. 

    240. 

  240. 				// No need to parse the same variables multiple times, is there?

    241. 

  241. 				$matches[0] = array_unique($matches[0]);

    242. 

  242. 

    243. 

  243. 				foreach($matches[0] as $variable)

    244. 

  244. 				{

    245. 

  245. 					list($datatype, $variable_name) = explode(':', substr($variable, 1, strlen($variable) - 2));

    246. 

  246. 

    247. 

  247. 					// Let's just be safe, shall we?

    248. 

  248. 					$datatype = trim($datatype);

    249. 

  249. 					$variable_name = trim($variable_name);

    250. 

  250. 

    251. 

  251. 					// Has it been defined or not?

    252. 

  252. 					if(!in_array($variable_name, $defined))

    253. 

  253. 					{

    254. 

  254. 						$undefined[] = $variable_name;

    255. 

  255. 

    256. 

  256. 						continue;

    257. 

  257. 					}

    258. 

  258. 

    259. 

  259. 					// Sanitize that value to how it should be!!!

    260. 

  260. 					$replacements[$variable] = $this->var_sanitize($variable_name, $datatype, $db_vars[$variable_name], $file, $line);

    261. 

  261. 				}

    262. 

  262. 

    263. 

  263. 				// Did we get any undefined variables? :/

    264. 

  264. 				if(count($undefined) > 0)

    265. 

  265. 				{

    266. 

  266. 					$this->log_error('Undefined database variables <em>'. implode('</em>, <em>', $undefined). '</em>', true, $file, $line);

    267. 

  267. 				}

    268. 

  268. 

    269. 

  269. 				// Maybe replace the variables in the query?

    270. 

  270. 				if(count($replacements) > 0)

    271. 

  271. 				{

    272. 

  272. 					$db_query = strtr($db_query, $replacements);

    273. 

  273. 				}

    274. 

  274. 			}

    275. 

  275. 		}

    276. 

  276. 

    277. 

  277. 		// For every query...

    278. 

  278. 		$return = null;

    279. 

  279. 		api()->run_hooks('pre_query_exec', array(&$db_query, &$db_vars, &$db_compat, &$hook_name, &$return));

    280. 

  280. 

    281. 

  281. 		if(!empty($return))

    282. 

  282. 		{

    283. 

  283. 			return $return;

    284. 

  284. 		}

    285. 

  285. 

    286. 

  286. 		// Woo!!! QUERY THAT DATABASE!

    287. 

  287. 		$query_start = microtime(true);

    288. 

  288. 		$query_result = mysql_query(trim($db_query), $this->con);

    289. 

  289. 		$query_took = round(microtime(true) - $query_start, 5);

    290. 

  290. 

    291. 

  291. 		// That is one more query!

    292. 

  292. 		$this->num_queries++;

    293. 

  293. 

    294. 

  294. 		// Let's not call on it multiple times, mmk?

    295. 

  295. 		$mysql_errno = $this->errno();

    296. 

  296. 		$mysql_error = $this->error();

    297. 

  297. 

    298. 

  298. 		// Debug this query, perhaps?

    299. 

  299. 		if(!empty($this->debug))

    300. 

  300. 		{

    301. 

  301. 			$this->debug_text .= "Query:\r\n$db_query\r\nFile: $file\r\nLine: $line\r\nExecuted in $query_took seconds.\r\nError: ". (empty($query_result) ? '['. $mysql_errno. '] '. $mysql_error : 'None'). "\r\n\r\n";

    302. 

  302. 			$this->debug = isset($prev_debug) ? $prev_debug : $this->debug;

    303. 

  303. 		}

    304. 

  304. 

    305. 

  305. 		// An error occur?

    306. 

  306. 		if(empty($query_result))

    307. 

  307. 		{

    308. 

  308. 			$this->log_error('['. $mysql_errno. '] '. $mysql_error, true, $file, $line);

    309. 

  309. 		}

    310. 

  310. 

    311. 

  311. 		// Put it in a MySQLResult Object ;)

    312. 

  312. 		$result = new $this->result_class($query_result, mysql_affected_rows($this->con), $db_compat == 'insert' ? mysql_insert_id($this->con) : 0, $mysql_errno, $mysql_error, $this->num_queries - 1);

    313. 

  313. 

    314. 

  314. 		api()->run_hooks('post_query_exec', array(&$result, $db_query, $query_result, $this->result_class, $db_compat, $hook_name, $query_took, $mysql_errno, $mysql_error));

    315. 

  315. 

    316. 

  316. 		return $result;

    317. 

  317. 	}

    318. 

  318. 

    319. 

  319. 	protected function var_sanitize($var_name, $datatype, $value, $file, $line)

    320. 

  320. 	{

    321. 

  321. 		$datatype = strtolower($datatype);

    322. 

  322. 

    323. 

  323. 		// Is it a string? It could have a length :)

    324. 

  324. 		if(substr($datatype, 0, 6) == 'string' && strpos($datatype, '-') !== false)

    325. 

  325. 		{

    326. 

  326. 			list(, $length) = explode('-', $datatype);

    327. 

  327. 

    328. 

  328. 			$datatype = 'string';

    329. 

  329. 			$value = substr($value, 0, (int)$length);

    330. 

  330. 		}

    331. 

  331. 

    332. 

  332. 		$datatypes = array(

    333. 

  333. 			'float' => 'sanitize_float',

    334. 

  334. 			'float_array' => 'sanitize_float_array',

    335. 

  335. 			'array_float' => 'sanitize_float_array',

    336. 

  336. 			'identifier' => 'sanitize_identifier',

    337. 

  337. 			'identifier_array' => 'sanitize_identifier_array',

    338. 

  338. 			'array_identifier' => 'sanitize_identifier_array',

    339. 

  339. 			'int' => 'sanitize_int',

    340. 

  340. 			'int_array' => 'sanitize_int_array',

    341. 

  341. 			'array_int' => 'sanitize_int_array',

    342. 

  342. 			'raw' => 'sanitize_raw',

    343. 

  343. 			'string' => 'sanitize_string',

    344. 

  344. 			'string_array' => 'sanitize_string_array',

    345. 

  345. 			'array_string' => 'sanitize_string_array',

    346. 

  346. 			'text' => 'sanitize_string',

    347. 

  347. 			'text_array' => 'sanitize_string_array',

    348. 

  348. 			'array_text' => 'sanitize_string_array',

    349. 

  349. 		);

    350. 

  350. 

    351. 

  351. 		api()->run_hooks('database_types', array(&$datatypes));

    352. 

  352. 

    353. 

  353. 		// Is the datatype defined?

    354. 

  354. 		if(!isset($datatypes[$datatype]))

    355. 

  355. 		{

    356. 

  356. 			$this->log_error('Undefined data type <string>'. strtoupper($datatype). '</strong>.', true, $file, $line);

    357. 

  357. 		}

    358. 

  358. 

    359. 

  359. 		// Return the sanitized value...

    360. 

  360. 		return is_callable(array($this, $datatypes[$datatype])) ? $this->$datatypes[$datatype]($var_name, $value, $file, $line) : $datatypes[$datatype]($var_name, $value, $file, $line);

    361. 

  361. 	}

    362. 

  362. 

    363. 

  363. 	protected function sanitize_float($var_name, $value, $file, $line)

    364. 

  364. 	{

    365. 

  365. 		// Make sure it is of the right type :)

    366. 

  366. 		if((string)$value !== (string)(float)$value)

    367. 

  367. 		{

    368. 

  368. 			$this->log_error('Wrong data type, float expected ('. $var_name. ')', true, $file, $line);

    369. 

  369. 		}

    370. 

  370. 

    371. 

  371. 		return (string)(float)$value;

    372. 

  372. 	}

    373. 

  373. 

    374. 

  374. 	protected function sanitize_float_array($var_name, $value, $file, $line)

    375. 

  375. 	{

    376. 

  376. 		// Not an array? Well, it can't be an array of floats then can it?

    377. 

  377. 		if(!is_array($value))

    378. 

  378. 		{

    379. 

  379. 			$this->log_error('Wrong data type, array expected ('. $var_name. ')', true, $file, $line);

    380. 

  380. 		}

    381. 

  381. 

    382. 

  382. 		$new_value = array();

    383. 

  383. 		if(count($value))

    384. 

  384. 		{

    385. 

  385. 			foreach($value as $v)

    386. 

  386. 			{

    387. 

  387. 				$new_value[] = $this->sanitize_float($var_name, $v, $file, $line);

    388. 

  388. 			}

    389. 

  389. 		}

    390. 

  390. 

    391. 

  391. 		return implode(', ', $new_value);

    392. 

  392. 	}

    393. 

  393. 

    394. 

  394. 	protected function sanitize_identifier($var_name, $value, $file, $line)

    395. 

  395. 	{

    396. 

  396. 		// No sanitization here, actually.

    397. 

  397. 		return '`'. $value. '`';

    398. 

  398. 	}

    399. 

  399. 

    400. 

  400. 	protected function sanitize_identifier_array($var_name, $value, $file, $line)

    401. 

  401. 	{

    402. 

  402. 		if(!is_array($value))

    403. 

  403. 		{

    404. 

  404. 			$this->log_error('Wrong data type, array expected ('. $var_name. ')', true, $file, $line);

    405. 

  405. 		}

    406. 

  406. 

    407. 

  407. 		$new_value = array();

    408. 

  408. 		if(count($value))

    409. 

  409. 		{

    410. 

  410. 			foreach($value as $v)

    411. 

  411. 			{

    412. 

  412. 				$new_value[] = $this->sanitize_identifier($var_name, $v, $file, $line);

    413. 

  413. 			}

    414. 

  414. 		}

    415. 

  415. 

    416. 

  416. 		return implode(', ', $new_value);

    417. 

  417. 	}

    418. 

  418. 

    419. 

  419. 	protected function sanitize_int($var_name, $value, $file, $line)

    420. 

  420. 	{

    421. 

  421. 		// Mmmm, inty!

    422. 

  422. 		if((string)$value !== (string)(int)$value)

    423. 

  423. 		{

    424. 

  424. 			$this->log_error('Wrong data type, integer expected ('. $var_name. ')', true, $file, $line);

    425. 

  425. 		}

    426. 

  426. 

    427. 

  427. 		return (string)(int)$value;

    428. 

  428. 	}

    429. 

  429. 

    430. 

  430. 	protected function sanitize_int_array($var_name, $value, $file, $line)

    431. 

  431. 	{

    432. 

  432. 		if(!is_array($value))

    433. 

  433. 		{

    434. 

  434. 			$this->log_error('Wrong data type, array expected ('. $var_name. ')', true, $file, $line);

    435. 

  435. 		}

    436. 

  436. 

    437. 

  437. 		$new_value = array();

    438. 

  438. 		if(count($value))

    439. 

  439. 		{

    440. 

  440. 			foreach($value as $v)

    441. 

  441. 			{

    442. 

  442. 				$new_value[] = $this->sanitize_int($var_name, $v, $file, $line);

    443. 

  443. 			}

    444. 

  444. 		}

    445. 

  445. 

    446. 

  446. 		return implode(', ', $new_value);

    447. 

  447. 	}

    448. 

  448. 

    449. 

  449. 	protected function sanitize_string($var_name, $value, $file, $line)

    450. 

  450. 	{

    451. 

  451. 		// No need to see if it is a string P:

    452. 

  452. 		return '\''. $this->escape($value). '\'';

    453. 

  453. 	}

    454. 

  454. 

    455. 

  455. 	protected function sanitize_string_array($var_name, $value, $file, $line)

    456. 

  456. 	{

    457. 

  457. 		if(!is_array($value))

    458. 

  458. 		{

    459. 

  459. 			$this->log_error('Wrong data type, array expected ('. $var_name. ')', true, $file, $line);

    460. 

  460. 		}

    461. 

  461. 

    462. 

  462. 		$new_value = array();

    463. 

  463. 		if(count($value))

    464. 

  464. 		{

    465. 

  465. 			foreach($value as $v)

    466. 

  466. 			{

    467. 

  467. 				$new_value[] = $this->sanitize_string($var_name, $v, $file, $line);

    468. 

  468. 			}

    469. 

  469. 		}

    470. 

  470. 

    471. 

  471. 		return implode(', ', $new_value);

    472. 

  472. 	}

    473. 

  473. 

    474. 

  474. 	public function insert($type, $tbl_name, $columns, $data, $keys = array(), $hook_name = null)

    475. 

  475. 	{

    476. 

  476. 		if(empty($this->con))

    477. 

  477. 		{

    478. 

  478. 			return false;

    479. 

  479. 		}

    480. 

  480. 

    481. 

  481. 		// Something for all inserts.

    482. 

  482. 		api()->run_hooks('pre_insert_exec', array(&$type, &$tbl_name, &$columns, &$data, &$keys, &$hook_name));

    483. 

  483. 

    484. 

  484. 		if(!empty($hook_name))

    485. 

  485. 		{

    486. 

  486. 			api()->run_hooks($hook_name, array(&$type, &$tbl_name, &$columns, &$data, &$keys, &$hook_name));

    487. 

  487. 		}

    488. 

  488. 

    489. 

  489. 		// Let's get where you called us from!

    490. 

  490. 		$backtrace = debug_backtrace();

    491. 

  491. 		$file = realpath($backtrace[0]['file']);

    492. 

  492. 		$line = (int)$backtrace[0]['line'];

    493. 

  493. 		unset($backtrace);

    494. 

  494. 

    495. 

  495. 		$type = strtolower($type);

    496. 

  496. 

    497. 

  497. 		// We only support insert, ignore and replace.

    498. 

  498. 		if(!in_array($type, array('insert', 'ignore', 'replace')))

    499. 

  499. 		{

    500. 

  500. 			$this->log_error('Unknown insert type '. $type, true, $file, $line);

    501. 

  501. 		}

    502. 

  502. 

    503. 

  503. 		// Replace {db->prefix} and {db_prefix} with $this->prefix

    504. 

  504. 		$tbl_name = strtr($tbl_name, array('{db->prefix}' => $this->prefix, '{db_prefix}' => $this->prefix));

    505. 

  505. 

    506. 

  506. 		// Just an array, and not an array inside an array? We'll fix that...

    507. 

  507. 		if(!isset($data[0]) || !is_array($data[0]))

    508. 

  508. 		{

    509. 

  509. 			$data = array($data);

    510. 

  510. 		}

    511. 

  511. 

    512. 

  512. 		// The number of columns :)

    513. 

  513. 		$num_columns = count($columns);

    514. 

  514. 

    515. 

  515. 		// Now get the column names, quite useful you know :)

    516. 

  516. 		$column_names = array_keys($columns);

    517. 

  517. 

    518. 

  518. 		// Now we can get all the rows ready :)

    519. 

  519. 		$rows = array();

    520. 

  520. 		foreach($data as $row_index => $row)

    521. 

  521. 		{

    522. 

  522. 			// Not enough data?

    523. 

  523. 			if($num_columns != count($row))

    524. 

  524. 			{

    525. 

  525. 				$this->log_error('Number of columns doesn\'t match the number of supplied columns in row //'. ($row_index + 1), true, $file, $line);

    526. 

  526. 			}

    527. 

  527. 

    528. 

  528. 			// Save the values to an array, all sanitized and what not, of course!

    529. 

  529. 			$values = array();

    530. 

  530. 			foreach($row as $index => $value)

    531. 

  531. 			{

    532. 

  532. 				$values[] = $this->var_sanitize($column_names[$index], $columns[$column_names[$index]], $value, $file, $line);

    533. 

  533. 			}

    534. 

  534. 

    535. 

  535. 			// Add those values to our rows now :)

    536. 

  536. 			$rows[] = '('. implode(', ', $values). ')';

    537. 

  537. 		}

    538. 

  538. 

    539. 

  539. 		$inserts = array(

    540. 

  540. 			'insert' => 'INSERT',

    541. 

  541. 			'ignore' => 'INSERT IGNORE',

    542. 

  542. 			'replace' => 'REPLACE',

    543. 

  543. 		);

    544. 

  544. 

    545. 

  545. 		// Construct the query, MySQL suports extended inserts! Hip hip! HURRAY!

    546. 

  546. 		$db_query = $inserts[$type]. ' INTO `'. $tbl_name. '` (`'. implode('`, `', $column_names). '`) VALUES'. implode(', ', $rows);

    547. 

  547. 

    548. 

  548. 		// Let query handle it XD! (passes insert in db compat to let you know

    549. 

  549. 		// if you don't have to do anything at all, which you shouldn't!!!

    550. 

  550. 		return $this->query($db_query, array(), null, 'insert');

    551. 

  551. 	}

    552. 

  552. }

    553. 

  553. 

    554. 

  554. $db_class = 'MySQL';

    555. 

  555. ?>
    556.