2 /* Copyright (c) 2009 Arnaud Renevier, Inc, published under the modified BSD
5 require_once ("./inc/db/anydb.php");
7 class mysqlConnection implements anydbConnection {
11 public function connect ($host, $user, $pwd, $dbname, $dbprefix) {
12 if (!function_exists ("mysql_connect")) {
13 throw new Exception (anydbConnection::err_driver_unavailable);
15 if ($this->link) { // connection has already been opened
18 $this->link = @mysql_connect ($host,$user,$pwd,true);
20 throw new Exception (anydbConnection::err_connection);
22 if (!mysql_select_db ($dbname, $this->link)) {
23 throw new Exception (anydbConnection::err_unknown_database);
25 $this->dbprefix = $dbprefix;
28 public function users_table_exists () {
29 return $this->_tblexists ("users");
31 public function create_users_table () {
32 $query = sprintf ("CREATE TABLE " .
34 name VARCHAR(255) NOT NULL, pwd CHAR(32),
35 PRIMARY KEY (name));", $this->dbprefix);
36 $this->_execute_query ($query);
39 public function items_table_exists () {
40 return $this->_tblexists ("items");
42 public function create_items_table () {
43 $query = sprintf ("CREATE TABLE " .
45 id MEDIUMINT NOT NULL AUTO_INCREMENT,
53 );", $this->dbprefix);
54 $this->_execute_query ($query);
57 public function setpwd ($user_name, $pwd) {
58 $usrname_escaped = mysql_real_escape_string ($user_name);
59 $query = sprintf ("SELECT COUNT(*) FROM %susers WHERE name LIKE '%s';",
60 $this->dbprefix, $usrname_escaped);
61 $res = mysql_fetch_array ($this->_execute_query ($query), MYSQL_NUM);
63 $query = sprintf ("UPDATE %susers SET pwd='%s' WHERE name like '%s';",
64 $this->dbprefix, md5 ($pwd), $usrname_escaped);
66 $query = sprintf ("INSERT INTO %susers VALUES ('%s', '%s');",
67 $this->dbprefix, $usrname_escaped, md5 ($pwd));
69 $this->_execute_query ($query);
72 public function checkpwdmd5 ($user_name, $pwd_md5) {
73 $query = sprintf ("SELECT COUNT(*) FROM %susers WHERE name LIKE '%s'
76 mysql_real_escape_string ($user_name),
77 mysql_real_escape_string ($pwd_md5));
78 $res = mysql_fetch_array ($this->_execute_query ($query), MYSQL_NUM);
86 public function save_feature ($feature) {
89 } catch (Exception $e) {}
91 $query = sprintf ("UPDATE %sitems SET
95 location=GeomFromText('POINT(%s %s)')
98 mysql_real_escape_string ($feature->imgpath),
99 mysql_real_escape_string ($feature->title),
100 mysql_real_escape_string ($feature->description),
104 $this->_execute_query ($query);
107 $query = sprintf ("INSERT INTO %sitems
108 (imgpath, title, description, location, date, user)
109 VALUES ('%s', '%s', '%s',
110 GeomFromText('POINT(%s %s)'), NOW(), '%s')",
112 mysql_real_escape_string ($feature->imgpath),
113 mysql_real_escape_string ($feature->title),
114 mysql_real_escape_string ($feature->description),
117 mysql_real_escape_string ($feature->user)
120 $this->_execute_query ($query);
121 $id = mysql_insert_id ();
122 return new feature ($id, $feature->lon, $feature->lat,
123 $feature->imgpath, $feature->title,
124 $feature->description, $feature->date,
129 public function delete_feature ($feature) {
130 $query = sprintf ("DELETE from %sitems WHERE id = '%s'",
132 mysql_real_escape_string ($feature->id));
133 $this->_execute_query ($query);
137 public function getfeature ($id) {
138 $query = sprintf ("SELECT id, imgpath, title, description, AsText(location)
139 AS location, UNIX_TIMESTAMP(date) AS date, user
140 FROM %sitems WHERE id = '%s';",
141 $this->dbprefix, mysql_real_escape_string ($id));
142 $row = mysql_fetch_assoc ($this->_execute_query ($query));
143 if ($row === false) {
146 return $this->_feature_frow_row ($row);
149 public function listfeatures ($user) {
150 if ($user && ($user != "admin")) {
151 $from_user_query = sprintf (" WHERE user = '%s' ",
152 mysql_real_escape_string ($user));
154 $from_user_query = "";
157 $query = sprintf ("SELECT id, imgpath, title, description, AsText(location)
158 AS location, UNIX_TIMESTAMP(date) AS date, user
160 $this->dbprefix, $from_user_query);
162 $features = array ();
163 $res = $this->_execute_query ($query);
164 while ($row = mysql_fetch_assoc ($res)) {
165 $feature = $this->_feature_frow_row ($row);
166 if (isset ($feature)) {
167 $features[] = $feature;
173 public function mostrecentfeatures ($num_features) {
174 $query = sprintf ("SELECT id, imgpath, title, description,
175 AsText(location) AS location, UNIX_TIMESTAMP(date)
176 AS date, user FROM %sitems ORDER BY date DESC",
179 $query .= sprintf (" LIMIT %d", $num_features);
181 $features = array ();
182 $res = $this->_execute_query ($query);
183 while ($row = mysql_fetch_assoc ($res)) {
184 $feature = $this->_feature_frow_row ($row);
185 if (isset ($feature)) {
186 $features[] = $feature;
192 public function imgpath_exists ($imgpath) {
193 $query = sprintf ("SELECT COUNT(*) FROM %sitems WHERE imgpath LIKE '%s';",
194 $this->dbprefix, mysql_real_escape_string ($imgpath));
195 $res = mysql_fetch_array ($this->_execute_query ($query), MYSQL_NUM);
196 return ($res [0] >= 1) ? true : false;
199 public function getdbname () {
203 private function _tblexists ($tblname) {
204 $query = sprintf ("SHOW TABLES LIKE '%s%s';",
205 $this->dbprefix, $tblname);
206 return mysql_num_rows ($this->_execute_query ($query)) == 1;
209 private function _feature_frow_row ($row) {
210 // XXX: should I remove invalid features from database ?
211 if (!preg_match ('/^POINT\(([0-9\-\.]+)\s+([0-9\-\.]+)\)$/',
212 $row ["location"], $matches)) {
218 $feature = new feature ($row ["id"], $lon, $lat, $row ["imgpath"],
219 $row ["title"], $row ["description"],
220 $row ["date"], $row ["user"]);
221 } catch (Exception $e) {
227 private function _execute_query ($query) {
228 if (!function_exists ("mysql_query")) {
229 throw new Exception (anydbConnection::err_driver_unavailable);
232 throw new Exception (anydbConnection::err_query);
234 $res = mysql_query ($query, $this->link);
236 throw new Exception (anydbConnection::err_query);
242 $connection = new mysqlConnection();