<?php require_once "class/framework.class.php"; /* * Base class for Scrott database objects */ abstract class Object extends Framework { /* * Constructor */ function __construct($childTable = "object", $childCols = null) { $this->db = $this->getDbConnection(); $this->table = "object"; $this->cols = array( "guid", "perms", "owner", "parent", "name", "timeCreated", "timeUpdated", "type" ); $this->childTable = $this->db->esc($childTable); $this->childCols = array(); if (is_array($childCols)) { foreach ($childCols as $col) $this->childCols[] = $this->db->esc($col); } } /* * Populate this object with data from the DB with a given GUID */ function loadObj($guid = null) { if (is_null($guid)) return; if (!$this->isGUID($guid)) return; $escdGuid = $this->db->esc($guid); /* Base fields */ $query = "SELECT * FROM `" . $this->table . "` WHERE `guid` = '" . $escdGuid . "'"; $result = $this->db->query($query)[0]; foreach ($this->cols as $col) { if (isset($result[$col])) $this->$col = $result[$col]; } /* Child Table fields */ $query = "SELECT * FROM `" . $this->childTable . "` WHERE `guid` = '" . $escdGuid . "'"; $result = $this->db->query($query)[0]; foreach ($this->childCols as $col) { if (isset($result[$col])) $this->$col = $result[$col]; } } /* * Write this object to the database */ function saveObj() { if (isset($this->guid)) { $this->timeUpdated = $this->getCurrentTimestamp(); /* Update Base */ $updateStr = ""; foreach ($this->cols as $col) { if (!isset($this->$col)) continue; $updateStr .= "`" . $col . "` = '" . $this->db->esc($this->$col) . "', "; } if (strlen($updateStr) > 0) { $updateStr = substr($updateStr, 0, -2); // remove ", " from the end $query = "UPDATE `" . $this->table . "` SET " . $updateStr . " WHERE `guid` = '" . $this->db->esc($this->guid) . "'"; $this->db->query($query); } /* Update Child */ $updateStr = ""; foreach ($this->childCols as $col) { if (!isset($this->$col)) continue; $updateStr .= "`" . $col . "` = '" . $this->db->esc($this->$col) . "', "; } if (strlen($updateStr) > 0) { $updateStr = substr($updateStr, 0, -2); // remove ", " from the end $query = "UPDATE `" . $this->childTable . "` SET " . $updateStr . " WHERE `guid` = '" . $this->db->esc($this->guid) . "'"; $this->db->query($query); } } else { $this->guid = $this->getNewGUID(); $this->timeCreated = $this->getCurrentTimestamp(); $this->timeUpdated = $this->timeCreated; /* Insert Base */ $colsStr = ""; $valsStr = ""; foreach ($this->cols as $col) { if (!isset($this->$col)) continue; $colsStr .= "`" . $col . "`, "; $valsStr .= "'" . $this->db->esc($this->$col) . "', "; } if (strlen($colsStr) > 0) { $colsStr = substr($colsStr, 0, -2); // remove ", " $valsStr = substr($valsStr, 0, -2); $query = "INSERT INTO `" . $this->table . "` (" . $colsStr . ") VALUES (" . $valsStr . ")"; $this->db->query($query); } /* Insert Child */ $colsStr = ""; $valsStr = ""; foreach ($this->childCols as $col) { if (!isset($this->$col)) continue; $colsStr .= "`" . $col . "`, "; $valsStr .= "'" . $this->db->esc($this->$col) . "', "; } if (strlen($colsStr) > 0) { $colsStr = substr($colsStr, 0, -2); // remove ", " $valsStr = substr($valsStr, 0, -2); $query = "INSERT INTO `" . $this->childTable . "` (" . $colsStr . ") VALUES (" . $valsStr . ")"; $this->db->query($query); } } } /* * Remove this object from the database */ function delObj() { if (!isset($this->guid)) return; /* Delete Base */ $query = "DELETE FROM `" . $this->table . "` WHERE `guid` = '" . $this->db->esc($this->guid) . "'"; $this->db->query($query); /* Delete Child */ $query = "DELETE FROM `" . $this->childTable . "` WHERE `guid` = '" . $this->db->esc($this->guid) . "'"; $this->db->query($query); /* obj_member garbage collection */ $query = "DELETE FROM `obj_member` WHERE `guid` = '" . $this->db->esc($this->guid) . "' OR `member` = '" . $this->db->esc($this->guid) . "'"; $this->db->query($query); /* msg_read garbage collection */ $query = "DELETE FROM `msg_read` WHERE `guid` = '" . $this->db->esc($this->guid) . "' OR `user` = '" . $this->db->esc($this->guid) . "'"; $this->db->query($query); } /* * Get current timestamp for object database purposes */ function getCurrentTimestamp() { $query = "SELECT now() AS stamp"; $result = $this->db->query($query); return $result[0]['stamp']; } /* * Check whether given GUID exists */ function isGUID($guid) { $query = "SELECT `guid` FROM `object` WHERE `guid` = '" . $this->db->esc($guid) . "'"; $result = $this->db->query($query); if (count($result) > 0) return true; return false; } /* * Get a new, unique GUID for a new system object */ function getNewGUID() { do { $guid = substr($this->getBlob(), 0, 8); } while ($this->isGUID($guid)); return $guid; } /* * Get a random sha256 blob */ function getBlob() { return hash("sha256", openssl_random_pseudo_bytes(64)); } } /* * Concrete Database Object which can be used in a polymorphic way */ class DBObject extends Object { /* * Constructor */ function __construct($guid = null) { parent::__construct(); $this->loadObj($guid); } } ?>