search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
.inc files migration to .inc.php (#5897)
[openemr.git] / src / Common / Database / QueryUtils.php
blobd7b64cc3af1e0e72855d628bd1c10a97c436f387
1 <?php
2
3 /**
4 * QueryUtils.php Is a helper class for commonly used database functions. Eventually everything in the sql.inc.php file
5 * could be migrated to this file or at least contained in this namespace.
6 * @package openemr
7 * @link http://www.open-emr.org
8 * @author Stephen Nielson <stephen@nielson.org>
9 * @copyright Copyright (c) 2021 Stephen Nielson <stephen@nielson.org>
10 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
11 */
12
13 namespace OpenEMR\Common\Database;
14
15 class QueryUtils
16 {
17 /**
18 * Function that will return an array listing
19 * of columns that exist in a table.
20 *
21 * @param string $table sql table
22 * @return array
23 */
24 public static function listTableFields($table)
25 {
26 $sql = "SHOW COLUMNS FROM " . \escape_table_name($table);
27 $field_list = array();
28 $records = self::fetchRecords($sql, [], false);
29 foreach ($records as $record) {
30 $field_list[] = $record["Field"];
31 }
32
33 return $field_list;
34 }
35
36 public static function fetchRecordsNoLog($sqlStatement, $binds)
37 {
38 // Below line is to avoid a nasty bug in windows.
39 if (empty($binds)) {
40 $binds = false;
41 }
42
43 $recordset = $GLOBALS['adodb']['db']->ExecuteNoLog($sqlStatement, $binds);
44
45 if ($recordset === false) {
46 throw new SqlQueryException($sqlStatement, "Failed to execute statement. Error: "
47 . getSqlLastError() . " Statement: " . $sqlStatement);
48 }
49 $list = [];
50 while ($record = sqlFetchArray($recordset)) {
51 $list[] = $record;
52 }
53 return $list;
54 }
55 /**
56 * Executes the SQL statement passed in and returns a list of all of the values contained in the column
57 * @param $sqlStatement
58 * @param $column string column you want returned
59 * @param array $binds
60 * @throws SqlQueryException Thrown if there is an error in the database executing the statement
61 * @return array
62 */
63 public static function fetchTableColumn($sqlStatement, $column, $binds = array())
64 {
65 $recordSet = self::sqlStatementThrowException($sqlStatement, $binds);
66 $list = [];
67 while ($record = sqlFetchArray($recordSet)) {
68 $list[] = $record[$column] ?? null;
69 }
70 return $list;
71 }
72
73 public static function fetchSingleValue($sqlStatement, $column, $binds = array())
74 {
75 $records = self::fetchTableColumn($sqlStatement, $column, $binds);
76 if (!empty($records[0])) {
77 return $records[0];
78 }
79 return null;
80 }
81
82 public static function fetchRecords($sqlStatement, $binds = array(), $noLog = false)
83 {
84 $result = self::sqlStatementThrowException($sqlStatement, $binds, $noLog);
85 $list = [];
86 while ($record = \sqlFetchArray($result)) {
87 $list[] = $record;
88 }
89 return $list;
90 }
91
92 /**
93 * Executes the sql statement and returns an associative array for a single column of a table
94 * @param $sqlStatement The statement to run
95 * @param $column The column you want returned
96 * @param array $binds
97 * @throws SqlQueryException Thrown if there is an error in the database executing the statement
98 * @return array
99 */
100 public static function fetchTableColumnAssoc($sqlStatement, $column, $binds = array())
101 {
102 $recordSet = self::sqlStatementThrowException($sqlStatement, $binds);
103 $list = [];
104 while ($record = sqlFetchArray($recordSet)) {
105 $list[$column] = $record[$column] ?? null;
106 }
107 return $list;
108 }
109
110 /**
111 * Returns a row (as an array) from a sql recordset.
112 *
113 * Function that will allow use of the adodb binding
114 * feature to prevent sql-injection.
115 * It will act upon the object returned from the
116 * sqlStatement() function (and sqlQ() function).
117 *
118 * @param recordset $resultSet
119 * @return array
120 */
121 public static function fetchArrayFromResultSet($resultSet)
122 {
123 return sqlFetchArray($resultSet);
124 }
125
126 /**
127 * Standard sql query in OpenEMR.
128 *
129 * Function that will allow use of the adodb binding
130 * feature to prevent sql-injection. Will continue to
131 * be compatible with previous function calls that do
132 * not use binding.
133 * It will return a recordset object.
134 * The sqlFetchArray() function should be used to
135 * utilize the return object.
136 *
137 * @param string $statement query
138 * @param array $binds binded variables array (optional)
139 * @param noLog boolean if true the sql statement bypasses the database logger, false logs the sql statement
140 * @throws SqlQueryException Thrown if there is an error in the database executing the statement
141 * @return recordset
142 */
143 public static function sqlStatementThrowException($statement, $binds, $noLog = false)
144 {
145 if ($noLog) {
146 return \sqlStatementNoLog($statement, $binds, true);
147 } else {
148 return \sqlStatementThrowException($statement, $binds);
149 }
150 }
151
152 /**
153 * Sql insert query in OpenEMR.
154 * Only use this function if you need to have the
155 * id returned. If doing an insert query and do
156 * not need the id returned, then use the
157 * sqlStatement function instead.
158 *
159 * Function that will allow use of the adodb binding
160 * feature to prevent sql-injection. This function
161 * is specialized for insert function and will return
162 * the last id generated from the insert.
163 *
164 * @param string $statement query
165 * @param array $binds binded variables array (optional)
166 * @throws SqlQueryException Thrown if there is an error in the database executing the statement
167 * @return integer Last id generated from the sql insert command
168 */
169 public static function sqlInsert($statement, $binds = array())
170 {
171 // Below line is to avoid a nasty bug in windows.
172 if (empty($binds)) {
173 $binds = false;
174 }
175
176 //Run a adodb execute
177 // Note the auditSQLEvent function is embedded in the
178 // Execute function.
179 $recordset = $GLOBALS['adodb']['db']->Execute($statement, $binds, true);
180 if ($recordset === false) {
181 throw new SqlQueryException($statement, "Insert failed. SQL error " . getSqlLastError() . " Query: " . $statement);
182 }
183
184 // Return the correct last id generated using function
185 // that is safe with the audit engine.
186 return $GLOBALS['lastidado'] > 0 ? $GLOBALS['lastidado'] : $GLOBALS['adodb']['db']->Insert_ID();
187 }
188
189 /**
190 * Shared getter for SQL selects.
191 *
192 * @param $sqlUpToFromStatement - The sql string up to (and including) the FROM line.
193 * @param $map - Query information (where clause(s), join clause(s), order, data, etc).
194 * @throws SqlQueryException If the query is invalid
195 * @return array of associative arrays | one associative array.
196 */
197 public static function selectHelper($sqlUpToFromStatement, $map)
198 {
199 $where = isset($map["where"]) ? $map["where"] : null;
200 $data = isset($map["data"]) && is_array($map['data']) ? $map["data"] : [];
201 $join = isset($map["join"]) ? $map["join"] : null;
202 $order = isset($map["order"]) ? $map["order"] : null;
203 $limit = isset($map["limit"]) ? intval($map["limit"]) : null;
204
205 $sql = $sqlUpToFromStatement;
206
207 $sql .= !empty($join) ? " " . $join : "";
208 $sql .= !empty($where) ? " " . $where : "";
209 $sql .= !empty($order) ? " " . $order : "";
210 $sql .= !empty($limit) ? " LIMIT " . $limit : "";
211
212 $multipleResults = sqlStatementThrowException($sql, $data);
213
214 $results = array();
215
216 while ($row = sqlFetchArray($multipleResults)) {
217 array_push($results, $row);
218 }
219
220 if ($limit === 1) {
221 return $results[0];
222 }
223
224 return $results;
225 }
226
227 public static function generateId()
228 {
229 return \generate_id();
230 }
231 }
Mirror of official OpenEMR Sourceforge repository