From 2e4dbf98b96adc8731c3101385e47e1f00c21d31 Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Sun, 23 Oct 2016 17:21:16 -0400
Subject: Add database class

---
 app/class/database.class.php | 46 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 app/class/database.class.php

(limited to 'app/class/database.class.php')

diff --git a/app/class/database.class.php b/app/class/database.class.php
new file mode 100644
index 0000000..c791088
--- /dev/null
+++ b/app/class/database.class.php
@@ -0,0 +1,46 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+/*
+ * This class provides a common interface to a database.  Scrott provides
+ * facilities for interacting with any DBMS that we can use in PHP.  To
+ * provide support for a new DBMS, extend this class and implement the
+ * abstract functions.  Additionally, update the getInstance() function
+ * in this class so that the new implementation is used under appropriate
+ * configuration.
+ */
+abstract class Database
+{
+    private static $instance = NULL;
+
+    /*
+     * Return the database instance object, creating it if this is the
+     * first call to this function.  This function will need maintained
+     * as new DBMSs are supported.
+     */
+    public static function getInstance() : Database
+    {
+        // todo
+    }
+
+    /*
+     * These functions are to be implemented by DBMS extensions,
+     * providing a uniform interface to database engines.
+     */
+    public abstract function close();
+    public abstract function query(string $query) : array;
+    public abstract function esc(string $str) : string;
+}
+
+?>
-- 
cgit v1.2.3


From b6f82bb6552517d8bc442a2087c6c37a33bd18bd Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Sun, 23 Oct 2016 19:01:52 -0400
Subject: Add mysql class

---
 app/class/database.class.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'app/class/database.class.php')

diff --git a/app/class/database.class.php b/app/class/database.class.php
index c791088..6c6ecd6 100644
--- a/app/class/database.class.php
+++ b/app/class/database.class.php
@@ -23,6 +23,7 @@
 abstract class Database
 {
     private static $instance = NULL;
+    protected $db;
 
     /*
      * Return the database instance object, creating it if this is the
-- 
cgit v1.2.3


From 33499cb813d6aac2abc649dd8e42a3c97ce306b2 Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Sat, 14 Jan 2017 02:13:07 -0500
Subject: Partial commit of initObj function -- this class needs reworked
 again...

---
 app/class/database.class.php | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

(limited to 'app/class/database.class.php')

diff --git a/app/class/database.class.php b/app/class/database.class.php
index 6c6ecd6..c7ef65b 100644
--- a/app/class/database.class.php
+++ b/app/class/database.class.php
@@ -42,6 +42,32 @@ abstract class Database
     public abstract function close();
     public abstract function query(string $query) : array;
     public abstract function esc(string $str) : string;
+
+    /*
+     * This function will lookup the row from the database on the given
+     * table containing the given GUID and initialize the class properties
+     * on this object based on the given field list.
+     */
+    public function initObj(string $table, array $fields, string $guid = NULL)
+    {
+        if (is_null($guid))
+            return;
+
+        $guid = $this->esc($guid);
+        $query = "SELECT * FROM " . $table . " WHERE guid = '" . $guid . "'";
+        $res = $this->query($query);
+
+        if (!count($res))
+            return;
+
+        $res = $res[0];
+
+        foreach ($fields as $field)
+        {
+            if (isset($res[$field]))
+                $this->$field = $res[$field];
+        }
+    }
 }
 
 ?>
-- 
cgit v1.2.3


From dae3964e7682dcd0d64075dfc28a23c12ef6c52e Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Sat, 14 Jan 2017 02:26:28 -0500
Subject: Reset working directory for clean Scrott implementation

---
 app/class/database.class.php | 73 --------------------------------------------
 1 file changed, 73 deletions(-)
 delete mode 100644 app/class/database.class.php

(limited to 'app/class/database.class.php')

diff --git a/app/class/database.class.php b/app/class/database.class.php
deleted file mode 100644
index c7ef65b..0000000
--- a/app/class/database.class.php
+++ /dev/null
@@ -1,73 +0,0 @@
-<?php
-
-/*
- * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
- * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
- * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
- * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
- * OTHER DEALINGS IN THE SOFTWARE.
- *
- * For more information, please refer to UNLICENSE
- */
-
-/*
- * This class provides a common interface to a database.  Scrott provides
- * facilities for interacting with any DBMS that we can use in PHP.  To
- * provide support for a new DBMS, extend this class and implement the
- * abstract functions.  Additionally, update the getInstance() function
- * in this class so that the new implementation is used under appropriate
- * configuration.
- */
-abstract class Database
-{
-    private static $instance = NULL;
-    protected $db;
-
-    /*
-     * Return the database instance object, creating it if this is the
-     * first call to this function.  This function will need maintained
-     * as new DBMSs are supported.
-     */
-    public static function getInstance() : Database
-    {
-        // todo
-    }
-
-    /*
-     * These functions are to be implemented by DBMS extensions,
-     * providing a uniform interface to database engines.
-     */
-    public abstract function close();
-    public abstract function query(string $query) : array;
-    public abstract function esc(string $str) : string;
-
-    /*
-     * This function will lookup the row from the database on the given
-     * table containing the given GUID and initialize the class properties
-     * on this object based on the given field list.
-     */
-    public function initObj(string $table, array $fields, string $guid = NULL)
-    {
-        if (is_null($guid))
-            return;
-
-        $guid = $this->esc($guid);
-        $query = "SELECT * FROM " . $table . " WHERE guid = '" . $guid . "'";
-        $res = $this->query($query);
-
-        if (!count($res))
-            return;
-
-        $res = $res[0];
-
-        foreach ($fields as $field)
-        {
-            if (isset($res[$field]))
-                $this->$field = $res[$field];
-        }
-    }
-}
-
-?>
-- 
cgit v1.2.3


From a92f8af0f9aed383e4243e5b2b50d248e843cab4 Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Sat, 14 Jan 2017 21:11:31 -0500
Subject: Add database class

---
 app/class/database.class.php | 58 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)
 create mode 100644 app/class/database.class.php

(limited to 'app/class/database.class.php')

diff --git a/app/class/database.class.php b/app/class/database.class.php
new file mode 100644
index 0000000..4f26c45
--- /dev/null
+++ b/app/class/database.class.php
@@ -0,0 +1,58 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+/* Include database configuration file if it exists */
+define("DATABASE_CONFIG_FILE", "dbconfig.php");
+is_file(DATABASE_CONFIG_FILE) && require_once DATABASE_CONFIG_FILE;
+
+/*
+ * This class provides a common interface to various database drivers.
+ * Scrott provides facilities for interacting with any DBMS that we can
+ * use in PHP.  To provide support for a new DBMS, extend this class and
+ * implement the abstract functions.  Additionally, update the getInstance()
+ * function in this class so that the new implementation is used under
+ * appropriate configuration.
+ */
+abstract class database
+{
+    private static $instance = NULL;
+
+    /*
+     * Call this object's close function while being destructed
+     */
+    public function __destruct()
+    {
+        $this->close();
+    }
+
+    /*
+     * Return the database instance object, creating it if this is the
+     * first call to this function.  This function will need maintained
+     * as new DBMSs are supported.
+     */
+    public static function getInstance() : database
+    {
+        // TODO
+    }
+
+    /*
+     * These functions are to be implemented by DBMS extensions,
+     * providing a uniform interface to database engines.
+     */
+    public abstract function close() : void;
+    public abstract function query(string $query) : array;
+    public abstract function esc(string $str) : string;
+}
+
+?>
-- 
cgit v1.2.3


From 56a6dda13bb85b25f590fc8a64535bb53c3c2fd2 Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Mon, 6 Feb 2017 00:47:55 -0500
Subject: Update database API

The abstract functions of database have been made protected and their
names prefixed with '_'.  The database class has been given new static
functions query() and esc(), which call the _query() and _esc() function
from the database instance object.  This change was made to address the
use of db routines from static contexes.  Calls like
`database::get()->query()` which mix static and instance function access
operators, can now be `database::query()`, and all singleton is
abstracted away; the instance's destructor continues to close the db
connection.
---
 app/class/database.class.php | 27 ++++++++++++++++++++++-----
 1 file changed, 22 insertions(+), 5 deletions(-)

(limited to 'app/class/database.class.php')

diff --git a/app/class/database.class.php b/app/class/database.class.php
index 4f26c45..c0f13d7 100644
--- a/app/class/database.class.php
+++ b/app/class/database.class.php
@@ -33,7 +33,7 @@ abstract class database
      */
     public function __destruct()
     {
-        $this->close();
+        $this->_close();
     }
 
     /*
@@ -41,7 +41,7 @@ abstract class database
      * first call to this function.  This function will need maintained
      * as new DBMSs are supported.
      */
-    public static function getInstance() : database
+    private static function getInstance() : database
     {
         // TODO
     }
@@ -50,9 +50,26 @@ abstract class database
      * These functions are to be implemented by DBMS extensions,
      * providing a uniform interface to database engines.
      */
-    public abstract function close() : void;
-    public abstract function query(string $query) : array;
-    public abstract function esc(string $str) : string;
+    protected abstract function _close() : void;
+    protected abstract function _query(string $query) : array;
+    protected abstract function _esc(string $str) : string;
+
+    /*
+     * Perform a database query and return the results as an array
+     * of arrays.
+     */
+    public static function query(string $query) : array
+    {
+        return self::getInstance()->_query($query);
+    }
+
+    /*
+     * Escape a given string for use in a database query
+     */
+    public static function esc(string $str) : string
+    {
+        return self::getInstance()->_esc($str);
+    }
 }
 
 ?>
-- 
cgit v1.2.3


From 30fc005d7cea626184ee57f3dea88881ad6cf6fa Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Mon, 13 Feb 2017 04:15:20 -0500
Subject: Implement function database::getInstance()

---
 app/class/database.class.php | 32 ++++++++++++++++++++++++++++++--
 1 file changed, 30 insertions(+), 2 deletions(-)

(limited to 'app/class/database.class.php')

diff --git a/app/class/database.class.php b/app/class/database.class.php
index c0f13d7..74587f5 100644
--- a/app/class/database.class.php
+++ b/app/class/database.class.php
@@ -16,6 +16,9 @@
 define("DATABASE_CONFIG_FILE", "dbconfig.php");
 is_file(DATABASE_CONFIG_FILE) && require_once DATABASE_CONFIG_FILE;
 
+require_once "class/globals.php";
+require_once "class/mysql.class.php";
+
 /*
  * This class provides a common interface to various database drivers.
  * Scrott provides facilities for interacting with any DBMS that we can
@@ -39,11 +42,36 @@ abstract class database
     /*
      * Return the database instance object, creating it if this is the
      * first call to this function.  This function will need maintained
-     * as new DBMSs are supported.
+     * as new DBMSs are supported.  This function will throw if the
+     * database is not configured.
      */
     private static function getInstance() : database
     {
-        // TODO
+        global $_SCROTT;
+
+        if (self::$instance)
+            return self::$instance;
+
+        if (!isset($_SCROTT['conf']))
+            throw new Exception("Scrott database configuration is missing.");
+
+        switch ($_SCROTT['dbEngine'])
+        {
+            case "mysql":
+                $host   = $_SCROTT['dbHost'];
+                $uname  = $_SCROTT['dbUname'];
+                $passwd = $_SCROTT['dbPasswd'];
+                $dbname = $_SCROTT['dbName'];
+                self::$instance = new mysql($host, $uname, $passwd, $dbname);
+                break;
+
+            default:
+                throw new Exception("Problem with Scrott database configuration.  Invalid " .
+                    "database engine specified.");
+                break;
+        }
+
+        return self::$instance;
     }
 
     /*
-- 
cgit v1.2.3


From a4bdf800e224a64fc704b6d19b668287f030a3e8 Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Mon, 13 Feb 2017 04:23:49 -0500
Subject: Add function database::checkConfig()

---
 app/class/database.class.php | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'app/class/database.class.php')

diff --git a/app/class/database.class.php b/app/class/database.class.php
index 74587f5..cdfdfce 100644
--- a/app/class/database.class.php
+++ b/app/class/database.class.php
@@ -98,6 +98,23 @@ abstract class database
     {
         return self::getInstance()->_esc($str);
     }
+
+    /*
+     * Check whether Scrott's database config is loaded
+     */
+    public static function checkConfig() : bool
+    {
+        try
+        {
+            $db = self::getInstance();
+        }
+        catch (Exception $e)
+        {
+            return false;
+        }
+
+        return true;
+    }
 }
 
 ?>
-- 
cgit v1.2.3


From be0b63cae463f814aa7eef879c0994b8e3ca16ba Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Thu, 6 Jul 2017 23:41:17 -0400
Subject: Add function database::setConfig()

---
 app/class/database.class.php | 51 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)

(limited to 'app/class/database.class.php')

diff --git a/app/class/database.class.php b/app/class/database.class.php
index cdfdfce..3d94e16 100644
--- a/app/class/database.class.php
+++ b/app/class/database.class.php
@@ -115,6 +115,57 @@ abstract class database
 
         return true;
     }
+
+    /*
+     * Test and set new database configuration parameters.
+     * If the given params fail, error's are set and this
+     * function returns false.  On success, parameters are
+     * written to 'dbconfig.php' and true is returned.
+     */
+    public static function setConfig(string $engine, string $host,
+        string $uname, string $passwd, string $name) : bool
+    {
+        global $_SCROTT;
+
+        /* test configuration */
+        $_SCROTT['conf'] = "conf";
+        $_SCROTT['dbEngine'] = $engine;
+        $_SCROTT['dbHost'] = $host;
+        $_SCROTT['dbUname'] = $uname;
+        $_SCROTT['dbPasswd'] = $passwd;
+        $_SCROTT['dbName'] = $name;
+
+        try
+        {
+            $db = self::getInstance();
+        }
+        catch (Exception $e)
+        {
+            logError(ERROR, $e->getMessage());
+            return false;
+        }
+
+        /* write file */
+        $f = fopen(DATABASE_CONFIG_FILE, "w");
+
+        if (!$f)
+        {
+            logError(ERROR, "Can not create configuration file");
+            return false;
+        }
+
+        fwrite($f, "<?php\n");
+        fwrite($f, "\$_SCROTT['conf'] = 'conf';\n");
+        fwrite($f, "\$_SCROTT['dbEngine'] = '" . $engine . "';\n");
+        fwrite($f, "\$_SCROTT['dbHost'] = '" . $host . "';\n");
+        fwrite($f, "\$_SCROTT['dbUname'] = '" . $uname . "';\n");
+        fwrite($f, "\$_SCROTT['dbPasswd'] = '" . $passwd . "';\n");
+        fwrite($f, "\$_SCROTT['dbName'] = '" . $name . "';\n");
+        fwrite($f, "?>\n");
+
+        fclose($f);
+        return true;
+    }
 }
 
 ?>
-- 
cgit v1.2.3


From bc897063c822ee90fb23abf5189cc2b95e1a4f76 Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Sat, 22 Sep 2018 03:15:58 -0400
Subject: database:  Fix bug in function checkConfig()

Because of how this function was implemented, any failure during
database instance construction is treated the same way.  IE. we cannot
tell the difference between 'no db config' (as is the initial default
state) and a 'bad db config' (either bogus data, or the server happens
to be down).

Because of this, if, after the database access is initially set up,
access to the db becomes unavailable or someone makes a bad edit to the
dbconfig.php file, Scrott behaves as if it is being configured for the
first time.  This is *dangerous* behavior! (unexpected, at the least)

The implication of this is that if Scrott's database access is ever
incidentially interrupted, the very next visitor to the site is offered
the chance to (silently) reconfigure the server to point to any database
of his choosing.

This patch updates the checkConfig() function to only 'soft fail'
(return false) in the case where the configuration is _actually_
missing. IE. $_SCROTT['conf'] is not defined.  This function will
otherwise passthrough any and all exceptions which result from
instanciating the database instance and will only return true if both of
these steps succeed.
---
 app/class/database.class.php | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

(limited to 'app/class/database.class.php')

diff --git a/app/class/database.class.php b/app/class/database.class.php
index 3d94e16..a2cab42 100644
--- a/app/class/database.class.php
+++ b/app/class/database.class.php
@@ -104,15 +104,12 @@ abstract class database
      */
     public static function checkConfig() : bool
     {
-        try
-        {
-            $db = self::getInstance();
-        }
-        catch (Exception $e)
-        {
+        global $_SCROTT;
+
+        if (!isset($_SCROTT['conf']))
             return false;
-        }
 
+        $db = self::getInstance();
         return true;
     }
 
-- 
cgit v1.2.3