-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdatabase.php
176 lines (145 loc) · 5 KB
/
database.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
<?php
/*
* == Database class ==
* Use this class to create a quick, save and
* stable database connection to mutate.
*
* // Set-up the class. This has to be done only once in the project.
* run::Credentials("basic","root","");
*
* // To run a query after setting the credentials.
* run::Query("{INSERT QUERY}");
*
* // The function will return the data, if data is returned.
* $data = run::Query("{SELECT QUERY}");
*
*/
interface DatabaseConnectionModel {
public function Connect();
public function CloseConnect();
public function writeToLog($write);
}
interface QueryModel {
public function Run($query);
public function Protect($query);
}
class DatabaseConnection implements DatabaseConnectionModel {
//Basic vars
protected $Conn;
protected $DB;
protected $User;
protected $Pass;
public $Host;
public $Port;
public function Connect()
{
// Get the credentials.
$DatCon = json_decode(DatCon,true);
$this->DB = $DatCon["database"];
$this->User = $DatCon["username"];
$this->Pass = $DatCon["password"];
$this->Host = $DatCon["host"];
$this->Port = $DatCon["port"];
// Make the connection.
try {
$this->Conn = new PDO("mysql:host=" . $this->Host . ":" . $this->Port . ";dbname=" . $this->DB, $this->User, $this->Pass, array(PDO::ATTR_PERSISTENT => false, PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8"));
$this->Conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$this->Conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
return true;
} catch (PDOException $e) {
$this->writeToLog($e->getMessage());
return false;
}
}
public function CloseConnect()
{
if ($this->QueryRun != null) {
$this->QueryRun->closeCursor();
}
$this->Conn = null;
$this->QueryRun = null;
}
public function writeToLog($write = "")
{
if($write!="") {
$errorLog = dirname(__FILE__)."/errorlog.txt";
if (!file_exists($errorLog)) {
$fp = fopen($errorLog, "wb");
fclose($fp);
}
file_put_contents($errorLog, date("d-m-Y, H:i:s")." - ".$write . "\n", FILE_APPEND);
}
}
}
class Query extends DatabaseConnection implements QueryModel {
// Process vars
public $LastID;
public $DATA;
public $QueryRun;
/*
* The function to run a quick query.
* Use the DATA var to get the dataresponse out of the object.
*/
public function Run($query = "")
{
$conStatus = $this->Connect();
if($conStatus) {
$this->DATA = null;
// First determine if the query is a GET or a PUSH
if (substr($query, 0, strlen("SELECT")) === "SELECT") {
// It is a GET query
try {
$this->QueryRun = $this->Conn->prepare($this->Protect($query));
$this->QueryRun->execute();
$this->DATA = $this->QueryRun->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
$this->writeToLog($e->getMessage());
}
} else {
// It is a PUSH query
try {
$sendQuery = $this->Conn->prepare($this->Protect($query));
$sendQuery->execute();
$this->LastID = $this->Conn->lastInsertId();
} catch (PDOException $e) {
$this->writeToLog($e->getMessage());
}
}
$this->CloseConnect();
return $this->DATA;
} else {
return [];
}
}
/*
* Protect the given query by checking it on regular faults or attacks.
*/
public function Protect($query = "") {
// Try to find the strings in the query so we can check on ' use in this particular string.
preg_match_all("~'(.*?)'(,* )~", str_replace(array("/*","<?","//","~",'`'),"",$query." "), $returnValue);
$oldFields = $returnValue[1];
$newFields = str_replace("'","\'",$oldFields);
if(!empty($newFields)) {
foreach($newFields as $key => $newField) {
if(substr_count($newField, "'")) {
$query = str_replace($oldFields[$key],$newField,$query);
}
}
}
return $query;
}
}
/*
* Run database mutations by given paths.
*/
class run {
public static function Credentials($dat,$user,$pass,$host = "127.0.0.1",$port = 3306)
{
define("DatCon",json_encode(["database"=>$dat,"username"=>$user,"password"=>$pass,"host"=>$host,"port"=>$port]));
}
public static function Query($query)
{
$databaseQuery = new Query;
return $databaseQuery->Run($query);
}
}