2 /* Copyright (c) 2009 Arnaud Renevier, Inc, published under the modified BSD
5 require_once ("./inc/db/anydb.php");
7 class mysqlConnection implements anydbConnection {
11 public function connect ($host, $user, $pwd, $dbname, $dbprefix) {
12 if (!function_exists ("mysql_connect")) {
13 throw new Exception (anydbConnection::err_driver_unavailable);
15 if ($this->link) { // connection has already been opened
18 $this->link = @mysql_connect ($host,$user,$pwd,true);
20 throw new Exception (anydbConnection::err_connection);
22 if (!mysql_select_db ($dbname, $this->link)) {
23 throw new Exception (anydbConnection::err_unknown_database);
25 $this->dbprefix = $dbprefix;
28 public function users_table_exists () {
29 return $this->_tblexists ("users");
31 public function create_users_table () {
32 $query = sprintf ("CREATE TABLE " .
34 name VARCHAR(255) NOT NULL, pwd CHAR(32),
35 PRIMARY KEY (name));", $this->dbprefix);
36 $this->_execute_query ($query);
39 public function items_table_exists () {
40 return $this->_tblexists ("items");
42 public function create_items_table () {
43 $query = sprintf ("CREATE TABLE " .
45 id MEDIUMINT NOT NULL AUTO_INCREMENT,
53 );", $this->dbprefix);
54 $this->_execute_query ($query);
57 public function setpwd ($user_name, $pwd, $create_if_not_exists) {
58 $usrname_escaped = mysql_real_escape_string ($user_name);
59 $query = sprintf ("SELECT COUNT(*) FROM %susers WHERE name LIKE '%s';",
60 $this->dbprefix, $usrname_escaped);
61 $res = mysql_fetch_array ($this->_execute_query ($query), MYSQL_NUM);
63 if ($create_if_not_exists) {
64 $query = sprintf ("UPDATE %susers SET pwd='%s' WHERE name like '%s';",
65 $this->dbprefix, md5 ($pwd), $usrname_escaped);
67 throw new Exception (anydbConnection::err_query);
70 $query = sprintf ("INSERT INTO %susers VALUES ('%s', '%s');",
71 $this->dbprefix, $usrname_escaped, md5 ($pwd));
73 $this->_execute_query ($query);
76 public function checkpwdmd5 ($user_name, $pwd_md5) {
77 $query = sprintf ("SELECT COUNT(*) FROM %susers WHERE name LIKE '%s'
80 mysql_real_escape_string ($user_name),
81 mysql_real_escape_string ($pwd_md5));
82 $res = mysql_fetch_array ($this->_execute_query ($query), MYSQL_NUM);
90 public function save_feature ($feature) {
93 } catch (Exception $e) {}
95 $query = sprintf ("UPDATE %sitems SET
99 location=GeomFromText('POINT(%s %s)')
102 mysql_real_escape_string ($feature->imgpath),
103 mysql_real_escape_string ($feature->title),
104 mysql_real_escape_string ($feature->description),
108 $this->_execute_query ($query);
111 $query = sprintf ("INSERT INTO %sitems
112 (imgpath, title, description, location, date, user)
113 VALUES ('%s', '%s', '%s',
114 GeomFromText('POINT(%s %s)'), NOW(), '%s')",
116 mysql_real_escape_string ($feature->imgpath),
117 mysql_real_escape_string ($feature->title),
118 mysql_real_escape_string ($feature->description),
121 mysql_real_escape_string ($feature->user)
124 $this->_execute_query ($query);
125 $id = mysql_insert_id ();
126 return new feature ($id, $feature->lon, $feature->lat,
127 $feature->imgpath, $feature->title,
128 $feature->description, $feature->date,
133 public function delete_feature ($feature) {
134 $query = sprintf ("DELETE from %sitems WHERE id = '%s'",
136 mysql_real_escape_string ($feature->id));
137 $this->_execute_query ($query);
141 public function getfeature ($id) {
142 $query = sprintf ("SELECT id, imgpath, title, description, AsText(location)
143 AS location, UNIX_TIMESTAMP(date) AS date, user
144 FROM %sitems WHERE id = '%s';",
145 $this->dbprefix, mysql_real_escape_string ($id));
146 $row = mysql_fetch_assoc ($this->_execute_query ($query));
147 if ($row === false) {
150 return $this->_feature_frow_row ($row);
153 public function listfeatures ($user) {
154 if ($user && ($user != "admin")) {
155 $from_user_query = sprintf (" WHERE user = '%s' ",
156 mysql_real_escape_string ($user));
158 $from_user_query = "";
161 $query = sprintf ("SELECT id, imgpath, title, description, AsText(location)
162 AS location, UNIX_TIMESTAMP(date) AS date, user
164 $this->dbprefix, $from_user_query);
166 $features = array ();
167 $res = $this->_execute_query ($query);
168 while ($row = mysql_fetch_assoc ($res)) {
169 $feature = $this->_feature_frow_row ($row);
170 if (isset ($feature)) {
171 $features[] = $feature;
177 public function mostrecentfeatures ($num_features) {
178 $query = sprintf ("SELECT id, imgpath, title, description,
179 AsText(location) AS location, UNIX_TIMESTAMP(date)
180 AS date, user FROM %sitems ORDER BY date DESC",
183 $query .= sprintf (" LIMIT %d", $num_features);
185 $features = array ();
186 $res = $this->_execute_query ($query);
187 while ($row = mysql_fetch_assoc ($res)) {
188 $feature = $this->_feature_frow_row ($row);
189 if (isset ($feature)) {
190 $features[] = $feature;
196 public function imgpath_exists ($imgpath) {
197 $query = sprintf ("SELECT COUNT(*) FROM %sitems WHERE imgpath LIKE '%s';",
198 $this->dbprefix, mysql_real_escape_string ($imgpath));
199 $res = mysql_fetch_array ($this->_execute_query ($query), MYSQL_NUM);
200 return ($res [0] >= 1) ? true : false;
203 public function getdbname () {
207 private function _tblexists ($tblname) {
208 $query = sprintf ("SHOW TABLES LIKE '%s%s';",
209 $this->dbprefix, $tblname);
210 return mysql_num_rows ($this->_execute_query ($query)) == 1;
213 private function _feature_frow_row ($row) {
214 // XXX: should I remove invalid features from database ?
215 if (!preg_match ('/^POINT\(([0-9\-\.]+)\s+([0-9\-\.]+)\)$/',
216 $row ["location"], $matches)) {
222 $feature = new feature ($row ["id"], $lon, $lat, $row ["imgpath"],
223 $row ["title"], $row ["description"],
224 $row ["date"], $row ["user"]);
225 } catch (Exception $e) {
231 private function _execute_query ($query) {
232 if (!function_exists ("mysql_query")) {
233 throw new Exception (anydbConnection::err_driver_unavailable);
236 throw new Exception (anydbConnection::err_query);
238 $res = mysql_query ($query, $this->link);
240 throw new Exception (anydbConnection::err_query);
246 $connection = new mysqlConnection();