common/database/Auditor.php

   1 <?php
   2 /**
   3  * This class is responsible for shuttling SQL queries to the audit table. All
   4  * work is delegated to the existing SQL auditing function `auditSQLEvent` in
   5  * `library/log.inc`.
   6  *
   7  * Copyright (C) 2016 Matthew Vita <matthewvita48@gmail.com>
   8  *
   9  * LICENSE: This program is free software; you can redistribute it and/or
  10  * modify it under the terms of the GNU General Public License
  11  * as published by the Free Software Foundation; either version 2
  12  * of the License, or (at your option) any later version.
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16  * GNU General Public License for more details.
  17  * You should have received a copy of the GNU General Public License
  18  * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>.
  19  *
  20  * @package OpenEMR
  21  * @author  Matthew Vita <matthewvita48@gmail.com>
  22  * @link    http://www.open-emr.org
  23  */
  24
  25 namespace OpenEMR\Common\Database;
  26
  27 use \Doctrine\DBAL\Logging\SQLLogger;
  28 use OpenEMR\Common\Logging\Logger;
  29
  30 final class Auditor implements SQLLogger
  31 {
  32     /**
  33      * Executed SQL queries with the following keys in each inner object:
  34      *
  35      * `params`: The optional param values for the current SQL query.
  36      * `sql`: The raw SQL for the current SQL query (shows `?` for params if given).
  37      *
  38      * @note a query will be removed from the dictionary once complete.
  39      */
  40     public $queries = array();
  41
  42     /**
  43      * Index of the current query in the $queries dictionary.
  44      */
  45     public $currentQueryIndex = 0;
  46
  47     /**
  48      * Logger for noting sql query information.
  49      */
  50     private $logger;
  51
  52     /**
  53      * Default constructor. This is here for completeness, it is
  54      * essentially a no-op.
  55      */
  56     public function __construct()
  57     {
  58         $this->logger = new Logger("\OpenEMR\Common\Database\Auditor");
  59     }
  60
  61     /**
  62      * Intercepts the SQL query to be performed by the ORM.
  63      *
  64      * @param $sql the raw SQL (shows `?` for params if given).
  65      * @param $params the optional param values for the SQL.
  66      * @param $types the optional param types.
  67      */
  68     public function startQuery($sql, array $params = null, array $types = null)
  69     {
  70         $this->queries[++$this->currentQueryIndex] = array('sql' => $sql, 'params' => $params);
  71         $this->logger->trace("sql: " . $sql);
  72     }
  73
  74     /**
  75      * Triggers when an SQL query has been performed and sends
  76      * the information to the audit table.
  77      *
  78      * @note this is only called if the query succeeded.
  79      * @note the query is from the dictionary once complete at this point.
  80      */
  81     public function stopQuery()
  82     {
  83         $sql = $this->queries[$this->currentQueryIndex]['sql'];
  84         $params = $this->queries[$this->currentQueryIndex]['params'];
  85         auditSQLEvent($sql, true, $params);
  86         unset($this->queries[$this->currentQueryIndex]);
  87     }
  88 }