paste.chapril.org-privatebin/lib/Data/Database.php

998 lines
32 KiB
PHP
Raw Normal View History

<?php
/**
2016-07-11 11:58:15 +02:00
* PrivateBin
*
* a zero-knowledge paste bin
*
2016-07-11 11:58:15 +02:00
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
2021-04-05 16:44:12 +02:00
* @version 1.3.5
*/
2016-12-12 18:43:23 +01:00
2016-12-12 18:49:08 +01:00
namespace PrivateBin\Data;
2016-07-21 17:09:48 +02:00
use Exception;
use PDO;
use PDOException;
2018-07-29 15:17:35 +02:00
use PrivateBin\Controller;
use PrivateBin\Json;
2016-07-21 17:09:48 +02:00
/**
* Database
*
* Model for database access, implemented as a singleton.
*/
class Database extends AbstractData
{
/**
* cache for select queries
*
* @var array
*/
private static $_cache = array();
/**
* instance of database connection
*
* @access private
* @static
* @var PDO
*/
private static $_db;
/**
* table prefix
*
* @access private
* @static
* @var string
*/
private static $_prefix = '';
/**
* database type
*
* @access private
* @static
* @var string
*/
private static $_type = '';
/**
* get instance of singleton
*
* @access public
* @static
* @param array $options
* @throws Exception
* @return Database
*/
public static function getInstance(array $options)
{
// if needed initialize the singleton
if (!(self::$_instance instanceof self)) {
self::$_instance = new self;
}
// set table prefix if given
if (array_key_exists('tbl', $options)) {
self::$_prefix = $options['tbl'];
}
// initialize the db connection with new options
if (
array_key_exists('dsn', $options) &&
array_key_exists('usr', $options) &&
array_key_exists('pwd', $options) &&
array_key_exists('opt', $options)
) {
// set default options
$options['opt'][PDO::ATTR_ERRMODE] = PDO::ERRMODE_EXCEPTION;
$options['opt'][PDO::ATTR_EMULATE_PREPARES] = false;
$options['opt'][PDO::ATTR_PERSISTENT] = true;
$db_tables_exist = true;
// setup type and dabase connection
self::$_type = strtolower(
substr($options['dsn'], 0, strpos($options['dsn'], ':'))
);
$tableQuery = self::_getTableQuery(self::$_type);
self::$_db = new PDO(
$options['dsn'],
$options['usr'],
$options['pwd'],
$options['opt']
);
// check if the database contains the required tables
$tables = self::$_db->query($tableQuery)->fetchAll(PDO::FETCH_COLUMN, 0);
// create paste table if necessary
if (!in_array(self::_sanitizeIdentifier('paste'), $tables)) {
self::_createPasteTable();
$db_tables_exist = false;
}
// create comment table if necessary
if (!in_array(self::_sanitizeIdentifier('comment'), $tables)) {
self::_createCommentTable();
$db_tables_exist = false;
}
// create config table if necessary
$db_version = Controller::VERSION;
if (!in_array(self::_sanitizeIdentifier('config'), $tables)) {
self::_createConfigTable();
// if we only needed to create the config table, the DB is older then 0.22
if ($db_tables_exist) {
$db_version = '0.21';
}
} else {
$db_version = self::_getConfig('VERSION');
}
// update database structure if necessary
if (version_compare($db_version, Controller::VERSION, '<')) {
self::_upgradeDatabase($db_version);
}
} else {
throw new Exception(
'Missing configuration for key dsn, usr, pwd or opt in the section model_options, please check your configuration file', 6
);
}
return self::$_instance;
}
/**
* Create a paste.
*
* @access public
* @param string $pasteid
* @param array $paste
* @return bool
*/
public function create($pasteid, array $paste)
{
if (
2015-09-21 22:32:52 +02:00
array_key_exists($pasteid, self::$_cache)
) {
if (false !== self::$_cache[$pasteid]) {
return false;
} else {
unset(self::$_cache[$pasteid]);
}
}
$expire_date = 0;
$opendiscussion = $burnafterreading = false;
$attachment = $attachmentname = null;
$meta = $paste['meta'];
$isVersion1 = array_key_exists('data', $paste);
list($createdKey) = self::_getVersionedKeys($isVersion1 ? 1 : 2);
$created = (int) $meta[$createdKey];
unset($meta[$createdKey], $paste['meta']);
if (array_key_exists('expire_date', $meta)) {
$expire_date = (int) $meta['expire_date'];
unset($meta['expire_date']);
}
if (array_key_exists('opendiscussion', $meta)) {
$opendiscussion = $meta['opendiscussion'];
2015-09-21 22:32:52 +02:00
unset($meta['opendiscussion']);
}
if (array_key_exists('burnafterreading', $meta)) {
$burnafterreading = $meta['burnafterreading'];
2015-09-21 22:32:52 +02:00
unset($meta['burnafterreading']);
}
if ($isVersion1) {
if (array_key_exists('attachment', $meta)) {
$attachment = $meta['attachment'];
unset($meta['attachment']);
}
if (array_key_exists('attachmentname', $meta)) {
$attachmentname = $meta['attachmentname'];
unset($meta['attachmentname']);
}
} else {
$opendiscussion = $paste['adata'][2];
$burnafterreading = $paste['adata'][3];
}
2021-06-13 10:44:26 +02:00
try {
2022-01-20 19:33:23 +01:00
$big_string = $isVersion1 ? $paste['data'] : Json::encode($paste);
$metajson = Json::encode($meta);
2022-01-18 02:06:26 +01:00
if (self::$_type === 'oci') {
2022-01-20 19:33:23 +01:00
// It is not possible to execute in the normal way if strlen($big_string) >= 4000
2022-01-18 02:06:26 +01:00
$stmt = self::$_db->prepare(
'INSERT INTO ' . self::_sanitizeIdentifier('paste') .
' VALUES(?,?,?,?,?,?,?,?,?)'
);
$stmt->bindParam(1, $pasteid);
$stmt->bindParam(2, $big_string, PDO::PARAM_STR, strlen($big_string));
$stmt->bindParam(3, $created, PDO::PARAM_INT);
$stmt->bindParam(4, $expire_date, PDO::PARAM_INT);
$stmt->bindParam(5, $opendiscussion, PDO::PARAM_INT);
$stmt->bindParam(6, $burnafterreading, PDO::PARAM_INT);
2022-01-20 19:33:23 +01:00
$stmt->bindParam(7, $metajson);
2022-01-18 02:06:26 +01:00
$stmt->bindParam(8, $attachment, PDO::PARAM_STR, strlen($attachment));
$stmt->bindParam(9, $attachmentname);
return $stmt->execute();
}
2021-06-13 10:44:26 +02:00
return self::_exec(
'INSERT INTO ' . self::_sanitizeIdentifier('paste') .
' VALUES(?,?,?,?,?,?,?,?,?)',
array(
$pasteid,
2022-01-18 02:06:26 +01:00
$big_string,
2021-06-13 10:44:26 +02:00
$created,
$expire_date,
(int) $opendiscussion,
(int) $burnafterreading,
Json::encode($meta),
$attachment,
$attachmentname,
)
);
} catch (Exception $e) {
return false;
}
}
/**
* Read a paste.
*
* @access public
* @param string $pasteid
* @return array|false
*/
public function read($pasteid)
{
if (array_key_exists($pasteid, self::$_cache)) {
return self::$_cache[$pasteid];
}
self::$_cache[$pasteid] = false;
2022-01-20 19:33:23 +01:00
$rawData = '';
2021-06-13 12:40:06 +02:00
try {
$paste = self::_select(
2021-06-13 12:40:06 +02:00
'SELECT * FROM ' . self::_sanitizeIdentifier('paste') .
' WHERE dataid = ?', array($pasteid), true
);
2022-01-18 02:06:26 +01:00
if ($paste !== false) {
$rawData = self::$_type === 'oci' ? self::_clob($paste['DATA']) : $paste['data'];
}
2021-06-13 12:40:06 +02:00
} catch (Exception $e) {
$paste = false;
}
if ($paste === false) {
return false;
}
// create array
2022-01-18 02:06:26 +01:00
$data = Json::decode($rawData);
$isVersion2 = array_key_exists('v', $data) && $data['v'] >= 2;
if ($isVersion2) {
self::$_cache[$pasteid] = $data;
2019-05-10 21:45:34 +02:00
list($createdKey) = self::_getVersionedKeys(2);
} else {
2022-01-18 02:06:26 +01:00
self::$_cache[$pasteid] = array('data' => $paste[self::_sanitizeColumn('data')]);
2019-05-10 21:45:34 +02:00
list($createdKey) = self::_getVersionedKeys(1);
}
try {
2022-01-18 02:06:26 +01:00
$paste['meta'] = Json::decode($paste[self::_sanitizeColumn('meta')]);
} catch (Exception $e) {
2019-05-08 22:11:21 +02:00
$paste['meta'] = array();
}
2019-05-10 21:45:34 +02:00
$paste = self::upgradePreV1Format($paste);
self::$_cache[$pasteid]['meta'] = $paste['meta'];
2022-01-18 02:06:26 +01:00
self::$_cache[$pasteid]['meta'][$createdKey] = (int) $paste[self::_sanitizeColumn('postdate')];
$expire_date = (int) $paste[self::_sanitizeColumn('expiredate')];
if ($expire_date > 0) {
self::$_cache[$pasteid]['meta']['expire_date'] = $expire_date;
}
if ($isVersion2) {
return self::$_cache[$pasteid];
}
// support v1 attachments
2022-01-18 02:06:26 +01:00
if (array_key_exists(self::_sanitizeColumn('attachment'), $paste) && strlen($paste[self::_sanitizeColumn('attachment')])) {
self::$_cache[$pasteid]['attachment'] = $paste[self::_sanitizeColumn('attachment')];
if (array_key_exists(self::_sanitizeColumn('attachmentname'), $paste) && strlen($paste[self::_sanitizeColumn('attachmentname')])) {
self::$_cache[$pasteid]['attachmentname'] = $paste[self::_sanitizeColumn('attachmentname')];
}
}
2022-01-18 02:06:26 +01:00
if ($paste[self::_sanitizeColumn('opendiscussion')]) {
self::$_cache[$pasteid]['meta']['opendiscussion'] = true;
}
2022-01-18 02:06:26 +01:00
if ($paste[self::_sanitizeColumn('burnafterreading')]) {
self::$_cache[$pasteid]['meta']['burnafterreading'] = true;
}
return self::$_cache[$pasteid];
}
/**
* Delete a paste and its discussion.
*
* @access public
* @param string $pasteid
*/
public function delete($pasteid)
{
self::_exec(
2016-07-11 14:15:20 +02:00
'DELETE FROM ' . self::_sanitizeIdentifier('paste') .
' WHERE dataid = ?', array($pasteid)
);
self::_exec(
2016-07-11 14:15:20 +02:00
'DELETE FROM ' . self::_sanitizeIdentifier('comment') .
' WHERE pasteid = ?', array($pasteid)
);
if (
array_key_exists($pasteid, self::$_cache)
) {
unset(self::$_cache[$pasteid]);
}
}
/**
* Test if a paste exists.
*
* @access public
* @param string $pasteid
2016-08-09 13:07:11 +02:00
* @return bool
*/
public function exists($pasteid)
{
if (
!array_key_exists($pasteid, self::$_cache)
) {
self::$_cache[$pasteid] = $this->read($pasteid);
}
return (bool) self::$_cache[$pasteid];
}
/**
* Create a comment in a paste.
*
* @access public
* @param string $pasteid
* @param string $parentid
* @param string $commentid
* @param array $comment
* @return bool
*/
public function createComment($pasteid, $parentid, $commentid, array $comment)
{
if (array_key_exists('data', $comment)) {
$version = 1;
$data = $comment['data'];
} else {
$version = 2;
$data = Json::encode($comment);
}
list($createdKey, $iconKey) = self::_getVersionedKeys($version);
2019-05-10 21:45:34 +02:00
$meta = $comment['meta'];
unset($comment['meta']);
foreach (array('nickname', $iconKey) as $key) {
if (!array_key_exists($key, $meta)) {
$meta[$key] = null;
}
}
2021-06-13 10:44:26 +02:00
try {
2022-01-18 02:06:26 +01:00
if (self::$_type === 'oci') {
2022-01-20 19:33:23 +01:00
// It is not possible to execute in the normal way if strlen($big_string) >= 4000
2022-01-18 02:06:26 +01:00
$stmt = self::$_db->prepare(
'INSERT INTO ' . self::_sanitizeIdentifier('comment') .
' VALUES(?,?,?,?,?,?,?)'
);
$stmt->bindParam(1, $commentid);
$stmt->bindParam(2, $pasteid);
$stmt->bindParam(3, $parentid);
$stmt->bindParam(4, $data, PDO::PARAM_STR, strlen($data));
$stmt->bindParam(5, $meta['nickname']);
$stmt->bindParam(6, $meta[$iconKey]);
$stmt->bindParam(7, $meta[$createdKey], PDO::PARAM_INT);
return $stmt->execute();
}
2021-06-13 10:44:26 +02:00
return self::_exec(
'INSERT INTO ' . self::_sanitizeIdentifier('comment') .
' VALUES(?,?,?,?,?,?,?)',
array(
$commentid,
$pasteid,
$parentid,
$data,
$meta['nickname'],
$meta[$iconKey],
$meta[$createdKey],
)
);
} catch (Exception $e) {
return false;
}
}
/**
* Read all comments of paste.
*
* @access public
* @param string $pasteid
* @return array
*/
public function readComments($pasteid)
{
$rows = self::_select(
2016-07-11 14:15:20 +02:00
'SELECT * FROM ' . self::_sanitizeIdentifier('comment') .
' WHERE pasteid = ?', array($pasteid)
);
// create comment list
$comments = array();
if (count($rows)) {
foreach ($rows as $row) {
2022-01-18 02:06:26 +01:00
$i = $this->getOpenSlot($comments, (int) $row[self::_sanitizeColumn('postdate')]);
$id = $row[self::_sanitizeColumn('dataid')];
if (self::$_type === 'oci') {
$newrow = self::_select(
'SELECT data FROM ' . self::_sanitizeIdentifier('comment') .
' WHERE dataid = ?', array($id), true
);
$rawData = self::_clob($newrow['DATA']);
2022-01-20 19:33:23 +01:00
} else {
2022-01-18 02:06:26 +01:00
$rawData = $row['data'];
}
$data = Json::decode($rawData);
if (array_key_exists('v', $data) && $data['v'] >= 2) {
$version = 2;
$comments[$i] = $data;
} else {
$version = 1;
2022-01-18 02:06:26 +01:00
$comments[$i] = array('data' => $rawData);
}
list($createdKey, $iconKey) = self::_getVersionedKeys($version);
2022-01-18 02:06:26 +01:00
$comments[$i]['id'] = $id;
$comments[$i]['parentid'] = $row[self::_sanitizeColumn('parentid')];
$comments[$i]['meta'] = array($createdKey => (int) $row[self::_sanitizeColumn('postdate')]);
foreach (array('nickname' => 'nickname', 'vizhash' => $iconKey) as $rowKey => $commentKey) {
2022-01-18 02:06:26 +01:00
if (array_key_exists(self::_sanitizeColumn($rowKey), $row) && !empty($row[self::_sanitizeColumn($rowKey)])) {
$comments[$i]['meta'][$commentKey] = $row[self::_sanitizeColumn($rowKey)];
}
}
}
ksort($comments);
}
return $comments;
}
/**
* Test if a comment exists.
*
* @access public
* @param string $pasteid
* @param string $parentid
* @param string $commentid
2016-08-09 13:07:11 +02:00
* @return bool
*/
public function existsComment($pasteid, $parentid, $commentid)
{
2021-06-13 10:44:26 +02:00
try {
return (bool) self::_select(
'SELECT dataid FROM ' . self::_sanitizeIdentifier('comment') .
' WHERE pasteid = ? AND parentid = ? AND dataid = ?',
array($pasteid, $parentid, $commentid), true
);
} catch (Exception $e) {
return false;
}
}
/**
* Save a value.
*
* @access public
* @param string $value
* @param string $namespace
* @param string $key
* @return bool
*/
public function setValue($value, $namespace, $key = '')
{
if ($namespace === 'traffic_limiter') {
2021-06-13 10:53:01 +02:00
self::$_last_cache[$key] = $value;
try {
2021-06-13 10:53:01 +02:00
$value = Json::encode(self::$_last_cache);
} catch (Exception $e) {
return false;
}
}
return self::_exec(
'UPDATE ' . self::_sanitizeIdentifier('config') .
' SET value = ? WHERE id = ?',
array($value, strtoupper($namespace))
);
}
/**
* Load a value.
*
* @access public
* @param string $namespace
* @param string $key
* @return string
*/
public function getValue($namespace, $key = '')
{
$configKey = strtoupper($namespace);
2021-06-09 19:16:22 +02:00
$value = $this->_getConfig($configKey);
if ($value === '') {
// initialize the row, so that setValue can rely on UPDATE queries
self::_exec(
'INSERT INTO ' . self::_sanitizeIdentifier('config') .
' VALUES(?,?)',
array($configKey, '')
);
// migrate filesystem based salt into database
$file = 'data' . DIRECTORY_SEPARATOR . 'salt.php';
if ($namespace === 'salt' && is_readable($file)) {
$value = Filesystem::getInstance(array('dir' => 'data'))->getValue('salt');
$this->setValue($value, 'salt');
@unlink($file);
return $value;
}
}
if ($value && $namespace === 'traffic_limiter') {
try {
2021-06-13 10:53:01 +02:00
self::$_last_cache = Json::decode($value);
} catch (Exception $e) {
2021-06-13 10:53:01 +02:00
self::$_last_cache = array();
}
2021-06-13 10:53:01 +02:00
if (array_key_exists($key, self::$_last_cache)) {
return self::$_last_cache[$key];
}
}
return (string) $value;
}
/**
* Returns up to batch size number of paste ids that have expired
*
* @access private
* @param int $batchsize
* @return array
*/
2019-05-10 21:52:14 +02:00
protected function _getExpiredPastes($batchsize)
{
$pastes = array();
$rows = self::_select(
'SELECT dataid FROM ' . self::_sanitizeIdentifier('paste') .
2022-01-18 02:06:26 +01:00
' WHERE expiredate < ? AND expiredate != ? ' .
(self::$_type === 'oci' ? 'FETCH NEXT ? ROWS ONLY' : 'LIMIT ?'),
array(time(), 0, $batchsize)
);
if (count($rows)) {
foreach ($rows as $row) {
2022-01-18 17:21:25 +01:00
$pastes[] = $row[self::_sanitizeIdentifier('dataid')];
}
}
return $pastes;
}
/**
* execute a statement
*
* @access private
* @static
* @param string $sql
* @param array $params
* @throws PDOException
* @return bool
*/
private static function _exec($sql, array $params)
{
$statement = self::$_db->prepare($sql);
$result = $statement->execute($params);
$statement->closeCursor();
return $result;
}
/**
* run a select statement
*
* @access private
* @static
* @param string $sql
* @param array $params
* @param bool $firstOnly if only the first row should be returned
* @throws PDOException
* @return array|false
*/
private static function _select($sql, array $params, $firstOnly = false)
{
$statement = self::$_db->prepare($sql);
$statement->execute($params);
$result = $firstOnly ?
$statement->fetch(PDO::FETCH_ASSOC) :
$statement->fetchAll(PDO::FETCH_ASSOC);
$statement->closeCursor();
return $result;
}
/**
* get version dependent key names
*
* @access private
* @static
* @param int $version
* @return array
*/
2019-05-10 21:52:14 +02:00
private static function _getVersionedKeys($version)
{
if ($version === 1) {
return array('postdate', 'vizhash');
}
return array('created', 'icon');
}
/**
* get table list query, depending on the database type
*
* @access private
* @static
* @param string $type
* @throws Exception
* @return string
*/
private static function _getTableQuery($type)
{
switch ($type) {
case 'ibm':
$sql = 'SELECT tabname FROM SYSCAT.TABLES ';
break;
case 'informix':
$sql = 'SELECT tabname FROM systables ';
break;
case 'mssql':
$sql = 'SELECT name FROM sysobjects '
. "WHERE type = 'U' ORDER BY name";
break;
case 'mysql':
$sql = 'SHOW TABLES';
break;
case 'oci':
$sql = 'SELECT table_name FROM all_tables';
break;
case 'pgsql':
$sql = 'SELECT c.relname AS table_name '
. 'FROM pg_class c, pg_user u '
. "WHERE c.relowner = u.usesysid AND c.relkind = 'r' "
. 'AND NOT EXISTS (SELECT 1 FROM pg_views WHERE viewname = c.relname) '
. "AND c.relname !~ '^(pg_|sql_)' "
. 'UNION '
. 'SELECT c.relname AS table_name '
. 'FROM pg_class c '
. "WHERE c.relkind = 'r' "
. 'AND NOT EXISTS (SELECT 1 FROM pg_views WHERE viewname = c.relname) '
. 'AND NOT EXISTS (SELECT 1 FROM pg_user WHERE usesysid = c.relowner) '
. "AND c.relname !~ '^pg_'";
break;
case 'sqlite':
$sql = "SELECT name FROM sqlite_master WHERE type='table' "
. 'UNION ALL SELECT name FROM sqlite_temp_master '
. "WHERE type='table' ORDER BY name";
break;
default:
throw new Exception(
"PDO type $type is currently not supported.", 5
);
}
return $sql;
}
/**
* get a value by key from the config table
*
* @access private
* @static
* @param string $key
* @return string
*/
private static function _getConfig($key)
{
2021-06-13 12:40:06 +02:00
try {
$row = self::_select(
'SELECT value FROM ' . self::_sanitizeIdentifier('config') .
' WHERE id = ?', array($key), true
);
} catch (PDOException $e) {
return '';
}
2022-01-18 02:06:26 +01:00
return $row ? $row[self::_sanitizeColumn('value')] : '';
}
2022-01-18 17:21:25 +01:00
/**
* OCI cannot accept semicolons
*
* @access private
* @static
* @return string
*/
private static function _getSemicolon()
{
2022-01-20 19:33:23 +01:00
return self::$_type === 'oci' ? '' : ';';
2022-01-18 17:21:25 +01:00
}
/**
* get the primary key clauses, depending on the database driver
*
* @access private
* @static
2019-05-05 08:53:40 +02:00
* @param string $key
* @return array
*/
private static function _getPrimaryKeyClauses($key = 'dataid')
{
$main_key = $after_key = '';
2022-01-18 17:21:25 +01:00
if (self::$_type === 'mysql' || self::$_type === 'oci') {
$after_key = ", PRIMARY KEY ($key)";
} else {
$main_key = ' PRIMARY KEY';
}
return array($main_key, $after_key);
}
2019-05-05 08:53:40 +02:00
/**
* get the data type, depending on the database driver
*
* PostgreSQL uses a different API for BLOBs then SQL, hence we use TEXT
*
2019-05-05 08:53:40 +02:00
* @access private
* @static
* @return string
*/
private static function _getDataType()
{
2022-01-18 17:21:25 +01:00
return self::$_type === 'pgsql' ? 'TEXT' : (self::$_type === 'oci' ? 'VARCHAR2(4000)' : 'BLOB');
2019-05-05 08:53:40 +02:00
}
/**
* get the attachment type, depending on the database driver
*
2022-01-18 17:21:25 +01:00
* PostgreSQL and OCI use different APIs for BLOBs then SQL, hence we use TEXT and CLOB
*
2019-05-05 08:53:40 +02:00
* @access private
* @static
* @return string
*/
private static function _getAttachmentType()
{
2022-01-18 17:21:25 +01:00
return self::$_type === 'pgsql' ? 'TEXT' : (self::$_type === 'oci' ? 'CLOB' : 'MEDIUMBLOB');
}
/**
* get the meta type, depending on the database driver
*
* OCI can't even accept TEXT so it has to be VARCHAR2(200)
*
* @access private
* @static
* @return string
*/
private static function _getMetaType()
{
return self::$_type === 'oci' ? 'VARCHAR2(4000)' : 'TEXT';
2019-05-05 08:53:40 +02:00
}
/**
* create the paste table
*
* @access private
* @static
*/
private static function _createPasteTable()
{
list($main_key, $after_key) = self::_getPrimaryKeyClauses();
2019-05-05 08:53:40 +02:00
$dataType = self::_getDataType();
$attachmentType = self::_getAttachmentType();
2022-01-18 17:21:25 +01:00
$metaType = self::_getMetaType();
self::$_db->exec(
2016-07-11 14:15:20 +02:00
'CREATE TABLE ' . self::_sanitizeIdentifier('paste') . ' ( ' .
"dataid CHAR(16) NOT NULL$main_key, " .
"data $attachmentType, " .
'postdate INT, ' .
'expiredate INT, ' .
'opendiscussion INT, ' .
'burnafterreading INT, ' .
2022-01-18 17:21:25 +01:00
"meta $metaType, " .
"attachment $attachmentType, " .
2022-01-18 17:21:25 +01:00
"attachmentname $dataType$after_key )" . self::_getSemicolon()
);
}
2022-01-18 17:21:25 +01:00
/**
* get the nullable text type, depending on the database driver
*
* OCI will pad CHAR columns with spaces, hence VARCHAR2
*
* @access private
* @static
* @return string
*/
private static function _getParentType()
{
return self::$_type === 'oci' ? 'VARCHAR2(16)' : 'CHAR(16)';
}
/**
* create the paste table
*
* @access private
* @static
*/
private static function _createCommentTable()
{
list($main_key, $after_key) = self::_getPrimaryKeyClauses();
2019-05-05 08:53:40 +02:00
$dataType = self::_getDataType();
2022-01-18 17:21:25 +01:00
$parentType = self::_getParentType();
$attachmentType = self::_getAttachmentType();
self::$_db->exec(
2016-07-11 14:15:20 +02:00
'CREATE TABLE ' . self::_sanitizeIdentifier('comment') . ' ( ' .
"dataid CHAR(16) NOT NULL$main_key, " .
'pasteid CHAR(16), ' .
2022-01-18 17:21:25 +01:00
"parentid $parentType, " .
"data $attachmentType, " .
"nickname $dataType, " .
"vizhash $dataType, " .
2022-01-18 17:21:25 +01:00
"postdate INT$after_key )" . self::_getSemicolon()
);
self::$_db->exec(
2022-01-18 17:21:25 +01:00
'CREATE INDEX comment_parent ON ' .
self::_sanitizeIdentifier('comment') . '(pasteid)' . self::_getSemicolon()
);
}
/**
* create the paste table
*
* @access private
* @static
*/
private static function _createConfigTable()
{
list($main_key, $after_key) = self::_getPrimaryKeyClauses('id');
2022-01-18 17:21:25 +01:00
$charType = self::$_type === 'oci' ? 'VARCHAR2(16)' : 'CHAR(16)';
$textType = self::$_type === 'oci' ? 'VARCHAR2(4000)' : 'TEXT';
self::$_db->exec(
2016-07-11 14:15:20 +02:00
'CREATE TABLE ' . self::_sanitizeIdentifier('config') .
2022-01-18 17:21:25 +01:00
" ( id $charType NOT NULL$main_key, value $textType$after_key )" . self::_getSemicolon()
);
self::_exec(
2016-07-11 14:15:20 +02:00
'INSERT INTO ' . self::_sanitizeIdentifier('config') .
' VALUES(?,?)',
2018-07-29 15:17:35 +02:00
array('VERSION', Controller::VERSION)
);
}
2016-07-11 14:15:20 +02:00
/**
* sanitizes identifiers
*
* @access private
* @static
* @param string $identifier
* @return string
*/
private static function _sanitizeIdentifier($identifier)
{
2022-01-18 02:06:26 +01:00
$id = preg_replace('/[^A-Za-z0-9_]+/', '', self::$_prefix . $identifier);
return self::_sanitizeColumn($id);
}
/**
* sanitizes column name because OCI
*
* @access private
* @static
* @param string $name
* @return string
*/
private static function _sanitizeColumn($name)
{
return self::$_type === 'oci' ? strtoupper($name) : $name;
2016-07-11 14:15:20 +02:00
}
/**
* upgrade the database schema from an old version
*
* @access private
* @static
* @param string $oldversion
*/
private static function _upgradeDatabase($oldversion)
{
$dataType = self::_getDataType();
$attachmentType = self::_getAttachmentType();
switch ($oldversion) {
case '0.21':
// create the meta column if necessary (pre 0.21 change)
try {
self::$_db->exec('SELECT meta FROM ' . self::_sanitizeIdentifier('paste') . ' LIMIT 1;');
} catch (PDOException $e) {
self::$_db->exec('ALTER TABLE ' . self::_sanitizeIdentifier('paste') . ' ADD COLUMN meta TEXT;');
}
// SQLite only allows one ALTER statement at a time...
self::$_db->exec(
'ALTER TABLE ' . self::_sanitizeIdentifier('paste') .
" ADD COLUMN attachment $attachmentType;"
);
self::$_db->exec(
'ALTER TABLE ' . self::_sanitizeIdentifier('paste') . " ADD COLUMN attachmentname $dataType;"
);
// SQLite doesn't support MODIFY, but it allows TEXT of similar
// size as BLOB, so there is no need to change it there
if (self::$_type !== 'sqlite') {
self::$_db->exec(
'ALTER TABLE ' . self::_sanitizeIdentifier('paste') .
" ADD PRIMARY KEY (dataid), MODIFY COLUMN data $dataType;"
);
self::$_db->exec(
'ALTER TABLE ' . self::_sanitizeIdentifier('comment') .
" ADD PRIMARY KEY (dataid), MODIFY COLUMN data $dataType, " .
"MODIFY COLUMN nickname $dataType, MODIFY COLUMN vizhash $dataType;"
);
} else {
self::$_db->exec(
'CREATE UNIQUE INDEX IF NOT EXISTS paste_dataid ON ' .
self::_sanitizeIdentifier('paste') . '(dataid);'
);
self::$_db->exec(
'CREATE UNIQUE INDEX IF NOT EXISTS comment_dataid ON ' .
self::_sanitizeIdentifier('comment') . '(dataid);'
);
}
self::$_db->exec(
'CREATE INDEX IF NOT EXISTS comment_parent ON ' .
self::_sanitizeIdentifier('comment') . '(pasteid);'
);
// no break, continue with updates for 0.22 and later
case '1.3':
// SQLite doesn't support MODIFY, but it allows TEXT of similar
// size as BLOB and PostgreSQL uses TEXT, so there is no need
// to change it there
if (self::$_type !== 'sqlite' && self::$_type !== 'pgsql') {
self::$_db->exec(
'ALTER TABLE ' . self::_sanitizeIdentifier('paste') .
" MODIFY COLUMN data $attachmentType;"
);
}
2020-01-08 19:31:06 +01:00
// no break, continue with updates for all newer versions
default:
2016-08-25 09:53:31 +02:00
self::_exec(
'UPDATE ' . self::_sanitizeIdentifier('config') .
' SET value = ? WHERE id = ?',
2018-07-29 15:17:35 +02:00
array(Controller::VERSION, 'VERSION')
2016-08-25 09:53:31 +02:00
);
}
}
2022-01-18 02:06:26 +01:00
/**
* read CLOB for OCI
* https://stackoverflow.com/questions/36200534/pdo-oci-into-a-clob-field
*
* @access private
* @static
2022-01-20 19:33:23 +01:00
* @param resource $column
2022-01-18 02:06:26 +01:00
* @return string
*/
private static function _clob($column)
{
2022-01-20 19:33:23 +01:00
if ($column == null) {
return null;
}
$str = '';
while ($tmp = fread($column, 1024)) {
2022-01-18 02:06:26 +01:00
$str .= $tmp;
2022-01-20 19:33:23 +01:00
}
2022-01-18 02:06:26 +01:00
return $str;
}
}