forked from TeaBreeze00/MealMate
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathutils.php
253 lines (210 loc) · 6.74 KB
/
utils.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
<?php
include "personalconfig.php";
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
$db_conn = NULL;
$success = true;
$show_debug_alert_messages = False;
function debugAlertMessage($message)
{
global $show_debug_alert_messages;
if ($show_debug_alert_messages) {
echo "<script type='text/javascript'>alert('" . $message . "');</script>";
}
}
function executePlainSQL($cmdstr)
{ //takes a plain (no bound variables) SQL command and executes it
//echo "<br>running ".$cmdstr."<br>";
global $db_conn, $success;
$statement = oci_parse($db_conn, $cmdstr);
//There are a set of comments at the end of the file that describe some of the OCI specific functions and how they work
if (!$statement) {
echo "<br>Cannot parse the following command: " . $cmdstr . "<br>";
$e = OCI_Error($db_conn); // For oci_parse errors pass the connection handle
echo htmlentities($e['message']);
$success = False;
}
$r = oci_execute($statement, OCI_COMMIT_ON_SUCCESS);
if (!$r) {
echo "<br>Cannot execute the following command: " . $cmdstr . "<br>";
$e = oci_error($statement); // For oci_execute errors pass the statementhandle
echo htmlentities($e['message']);
$success = False;
}
return $statement;
}
function connectToDB()
{
global $db_conn;
global $DB_USER;
global $DB_PASS;
global $DB_HOST;
$db_conn = oci_connect($DB_USER, $DB_PASS, $DB_HOST);
if ($db_conn) {
logMessage("Connected to Database");
return true;
} else {
debugAlertMessage("Cannot connect to Database");
$e = OCI_Error(); // For oci_connect errors pass no handle
echo htmlentities($e['message']);
return false;
}
}
function disconnectFromDB()
{
global $db_conn;
logMessage("Disconnected from Database");
logMessage("==========================");
debugAlertMessage("Disconnect from Database");
oci_close($db_conn);
}
function executeBoundSQL($cmdstr, $list)
{
/* Sometimes the same statement will be executed several times with different values for the variables involved in the query.
In this case you don't need to create the statement several times. Bound variables cause a statement to only be
parsed once and you can reuse the statement. This is also very useful in protecting against SQL injection.
See the sample code below for how this function is used */
global $db_conn, $success;
$statement = oci_parse($db_conn, $cmdstr);
if (!$statement) {
echo "<br>Cannot parse the following command: " . $cmdstr . "<br>";
$e = OCI_Error($db_conn);
echo htmlentities($e['message']);
$success = False;
}
foreach ($list as $tuple) {
foreach ($tuple as $bind => $val) {
//echo $val;
//echo "<br>".$bind."<br>";
oci_bind_by_name($statement, $bind, $val);
unset($val); //make sure you do not remove this. Otherwise $val will remain in an array object wrapper which will not be recognized by Oracle as a proper datatype
}
$r = oci_execute($statement, OCI_DEFAULT);
if (!$r) {
echo "<br>Cannot execute the following command: " . $cmdstr . "<br>";
$e = OCI_Error($statement); // For oci_execute errors, pass the statementhandle
echo htmlentities($e['message']);
echo "<br>";
$success = False;
}
}
}
function printQueryResult($result, $header = "") {
// Check if the result has at least one row
$firstRow = oci_fetch_assoc($result);
if (!$firstRow) {
logMessage("No data found.");
return 0;
}
if ($header) {
echo "<h1>". $header . "</h1>";
}
// Start the table and print headers
echo "<table border='1'>";
echo "<tr>";
foreach (array_keys($firstRow) as $header) {
echo "<th>" . htmlspecialchars($header) . "</th>";
}
echo "</tr>";
// Print the first row of data
echo "<tr>";
foreach ($firstRow as $cell) {
echo "<td>" . htmlspecialchars($cell) . "</td>";
}
echo "</tr>";
// Print the rest of the rows
while ($row = oci_fetch_assoc($result)) {
echo "<tr>";
foreach ($row as $cell) {
echo "<td>" . htmlspecialchars($cell) . "</td>";
}
echo "</tr>";
}
echo "</table>";
return 1;
}
function readSQLFile($path)
{// Reads the given file for SQL statements and rerturns an array of SQL sttements
$SQLarr = array();
$line = "";
$myfile = fopen($path, "r") or die("Unable to open SQL file!");
while(!feof($myfile)) {
$char = fread($myfile,1);
if ($char === ";") {
array_push($SQLarr,$line);
$line = "";
} else if ($char != "\n") {
$line .= $char;
}
}
fclose($myfile);
return $SQLarr;
}
function executeSQLFile($path)
{
global $db_conn;
$arr = readSQLFile($path);
foreach ($arr as $index => $statement) {
executePlainSQL($statement);
oci_commit($db_conn);
}
}
function generateRandomString($length) {
$characters = '0123456789';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
function check_data_exists($query)
{ // returns TRUE if the following query returns any result, else false
global $db_conn;
$statement = executePlainSQL($query);
oci_commit($db_conn);
$row = oci_fetch_assoc($statement);
if ($row) {
logMessage("FOUND DATA!");
logMessage(implode(', ', $row));
return true;
} else {
logMessage("NO DATA FOUND!");
return false;
}
}
/**
* Logs a message to a specified file within the logs/ directory.
*
* @param string $message The message to log.
* @param string $logFile The log file name. Defaults to 'application.log'.
*/
function logMessage($message, $logFile = 'application.log') {
$logDirectory = __DIR__ . '/logs';
// Check if the logs directory exists, if not, create it.
if (!file_exists($logDirectory)) {
mkdir($logDirectory, 0755, true);
}
$filePath = $logDirectory . '/' . $logFile;
// Format the message with a timestamp.
$formattedMessage = '[' . date('Y-m-d H:i:s') . '] ' . $message . PHP_EOL;
// Append the message to the log file.
file_put_contents($filePath, $formattedMessage, FILE_APPEND);
}
function separateString($string, $separator) {
// Use PHP explode function to split the string
$parts = explode($separator, $string);
return $parts;
}
function sanitizeString($input) {
$charactersToRemove = array(";", "'","WHERE","SELECT","FROM","GROUP","BY","IN","DROP","CREATE","TYPE");
$sanitizedInput = str_replace($charactersToRemove, "", $input);
return $sanitizedInput;
}
function reducedSanitizeString($input) {
$charactersToRemove = array(";", "'");
$sanitizedInput = str_replace($charactersToRemove, "", $input);
return $sanitizedInput;
}
?>