From 29f7c5ea41d36509d8e5961f40a7af0a934a7ca1 Mon Sep 17 00:00:00 2001 From: Freya Murphy Date: Mon, 20 May 2024 19:26:59 -0400 Subject: [PATCH] aaaa --- src/shim/shim.php | 13 +++ src/web/_model/main.php | 23 +++- src/web/core/database.php | 179 ++++++++++++++++++++++------- src/web/lang/en_US/common_lang.php | 2 +- 4 files changed, 171 insertions(+), 46 deletions(-) diff --git a/src/shim/shim.php b/src/shim/shim.php index a1a3eca..318d825 100755 --- a/src/shim/shim.php +++ b/src/shim/shim.php @@ -266,6 +266,18 @@ function migrate_user_media($type) { } } +function migrate_seq() { + echo "migrating sequences\n"; + extract($GLOBALS); + + $tables = array('user', 'post', 'like', 'comment', 'follow', 'user_media'); + + foreach ($tables as $table) { + $sql = "SELECT setval('sys.{$table}_id_seq', (SELECT MAX(id) FROM admin.{$table}), true);"; + $psql->exec($sql); + } +} + try { wait_until_ready(); clear_all(); @@ -276,6 +288,7 @@ try { migrate_follow(); migrate_user_media('avatar'); migrate_user_media('banner'); + migrate_seq(); } catch (Exception $ex) { echo "$ex\n"; $psql->rollBack(); diff --git a/src/web/_model/main.php b/src/web/_model/main.php index 6d8b708..58ae307 100644 --- a/src/web/_model/main.php +++ b/src/web/_model/main.php @@ -13,6 +13,9 @@ class Main_model { // stores the current request info public $info; + // tthe logged in user + private $user; + /** * Loads the main model * @param Loader $load - the main loader object @@ -28,6 +31,7 @@ class Main_model { }; /// init other vars $this->users = array(); + $this->user = NULL; } /** @@ -36,14 +40,20 @@ class Main_model { */ private function get_session($jwt) { $query = $this->db - ->select("_api.verify_jwt('" . $jwt . "') AS user_id;"); - $result = $query->row(); + ->select("_api.verify_jwt(?) AS user_id;"); + $result = $query->row($jwt); $user_id = $result['user_id']; if ($user_id) { $this->session = array( 'id' => $user_id, 'jwt' => $jwt ); + $user = $this->user(); + if ($user === FALSE) { + /// valid jwt for invalid user!!! + $this->session = NULL; + $this->user = NULL; + } } } @@ -79,16 +89,19 @@ class Main_model { * Gets the current user */ public function user() { + if ($this->user) { + return $this->user; + } if ($this->session) { - return $this->db + $this->user = $this->db ->select('*') ->from('api.user') ->where('id') ->eq($this->session['id']) ->row(); - } else { - return NULL; + return $this->user; } + return NULL; } } diff --git a/src/web/core/database.php b/src/web/core/database.php index e9b8109..25cb5ba 100644 --- a/src/web/core/database.php +++ b/src/web/core/database.php @@ -19,6 +19,89 @@ class DatabaseQuery { $this->param = array(); } + /// + /// ARBITRARY QUERY + /// + + public function query($query) { + $this->query .= $query; + return $this; + } + + /// + /// SELECT + /// + + public function select($select) { + $this->query .= "SELECT $select\n"; + return $this; + } + + public function from($from) { + $this->query .= "FROM $from\n"; + return $this; + } + + /// + /// INSERT + /// + + public function insert_into($insert, ...$columns) { + $this->query .= "INSERT INTO $insert\n ("; + foreach ($columns as $idx => $column) { + if ($idx !== 0) { + $this->query .= ","; + } + $this->query .= $column; + } + $this->query .= ")\n"; + return $this; + } + + public function values(...$values) { + $this->query .= "VALUES ("; + foreach ($values as $idx => $value) { + if ($idx !== 0) { + $this->query .= ","; + } + $this->query .= "?"; + array_push($this->param, $value); + } + $this->query .= ")\n"; + return $this; + } + + /// + /// WHERE + /// + + public function where($cond) { + if (!$this->where) { + $this->where = TRUE; + $this->query .= "WHERE "; + } else { + $this->query .= "AND "; + } + $this->query .= "$cond "; + return $this; + } + + public function where_in($column, $array) { + if (!$this->where) { + $this->where = TRUE; + $this->query .= "WHERE "; + } else { + $this->query .= "AND "; + } + if (empty($array)) { + $this->query .= "FALSE\n"; + return $this; + } + $in = $this->in($array); + $this->query .= "$column $in\n"; + return $this; + } + private function in($array) { $in = 'IN ('; foreach ($array as $idx => $item) { @@ -32,26 +115,9 @@ class DatabaseQuery { return $in; } - public function select($select) { - $this->query .= "SELECT $select\n"; - return $this; - } - - public function from($from) { - $this->query .= "FROM $from\n"; - return $this; - } - - public function where($cond) { - if (!$this->where) { - $this->where = TRUE; - $this->query .= "WHERE "; - } else { - $this->query .= "AND "; - } - $this->query .= "$cond "; - return $this; - } + /// + /// OPERATORS + /// public function like($item) { $this->query .= "LIKE ?\n"; @@ -83,27 +149,19 @@ class DatabaseQuery { return $this; } - public function where_in($column, $array) { - if (!$this->where) { - $this->where = TRUE; - $this->query .= "WHERE "; - } else { - $this->query .= "AND "; - } - if (empty($array)) { - $this->query .= "FALSE\n"; - return $this; - } - $in = $this->in($array); - $this->query .= "$column $in\n"; - return $this; - } + /// + /// JOINS + /// public function join($table, $on, $type = 'LEFT') { $this->query .= "$type JOIN $table ON $on\n"; return $this; } + /// + /// LIMIT, OFFSET, ORDER + /// + public function limit($limit) { $this->query .= "LIMIT ?\n"; array_push($this->param, $limit); @@ -121,10 +179,18 @@ class DatabaseQuery { return $this; } - public function rows() { + /// + /// COLLECT + /// + + public function rows(...$params) { + $args = $this->param; + foreach ($params as $param) { + array_push($args, $param); + } $stmt = $this->conn->prepare($this->query); try { - $stmt->execute($this->param); + $stmt->execute($args); } catch (Exception $ex) { echo $ex; echo '
>> caused by <<
'; @@ -133,17 +199,38 @@ class DatabaseQuery { return $stmt->fetchAll(PDO::FETCH_ASSOC); } - public function row() { + public function row(...$params) { + $args = $this->param; + foreach ($params as $param) { + array_push($args, $param); + } $stmt = $this->conn->prepare($this->query); - $stmt->execute($this->param); + $stmt->execute($args); return $stmt->fetch(PDO::FETCH_ASSOC); } + + public function execute(...$params) { + $args = $this->param; + foreach ($params as $param) { + array_push($args, $param); + } + $stmt = $this->conn->prepare($this->query); + try { + $stmt->execute($args); + return TRUE; + } catch (Exception $_e) { + echo $_e; + echo '
>> caused by <<
'; + echo str_replace("\n", "
", $this->query); + return FALSE; + } + } } /** * DatabaseHelper * allows queries on the - * xssbook postgres database + * postgres database */ class DatabaseHelper { @@ -180,4 +267,16 @@ class DatabaseHelper { return $query->select($select); } + public function insert_into($insert, ...$columns) { + $conn = $this->connect(); + $query = new DatabaseQuery($conn); + return $query->insert_into($insert, ...$columns); + } + + public function query($query_str) { + $conn = $this->connect(); + $query = new DatabaseQuery($conn); + return $query->query($query_str); + } } + diff --git a/src/web/lang/en_US/common_lang.php b/src/web/lang/en_US/common_lang.php index ef93ce8..22e1c89 100644 --- a/src/web/lang/en_US/common_lang.php +++ b/src/web/lang/en_US/common_lang.php @@ -1,6 +1,6 @@