Context Navigation

source: trunk/lib/Version.inc.php @ 601

Last change on this file since 601 was 601, checked in by anonymous, 7 years ago
Updated every instance of 'zero' date 0000-00-00 to use 1000-01-01 if mysql version >= 5.7.4
File size: 21.4 KB

Line
1	<?php
2	/**
3	* The Strangecode Codebase - a general application development framework for PHP
4	* For details visit the project site: <http://trac.strangecode.com/codebase/>
5	* Copyright 2001-2012 Strangecode, LLC
6	*
7	* This file is part of The Strangecode Codebase.
8	*
9	* The Strangecode Codebase is free software: you can redistribute it and/or
10	* modify it under the terms of the GNU General Public License as published by the
11	* Free Software Foundation, either version 3 of the License, or (at your option)
12	* any later version.
13	*
14	* The Strangecode Codebase is distributed in the hope that it will be useful, but
15	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
16	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
17	* details.
18	*
19	* You should have received a copy of the GNU General Public License along with
20	* The Strangecode Codebase. If not, see <http://www.gnu.org/licenses/>.
21	*/
22
23	/**
24	* Version.inc.php
25	*
26	* The Version class provides a system for saving, reviewing, and
27	* restoring versions of a record of any DB table. All the data in the record is
28	* serialized, compressed, and saved in a blob in the version_tbl. Restoring a
29	* version simply does a REPLACE INTO of the data. It is very simple, and works
30	* with multiple database tables, but the drawback is that relationships for
31	* a record cannot be retained. For example, an article from an article_tbl can
32	* be saved, but not categories associated to the record in a category_article_tbl.
33	* The restored article will simple retain the relationships that the previous
34	* current article had.
35	*
36	* @author Quinn Comendant <quinn@strangecode.com>
37	* @version 2.1
38	*/
39	class Version
40	{
41
42	// A place to keep an object instance for the singleton pattern.
43	protected static $instance = null;
44
45	// Configuration of this object.
46	protected $_params = array(
47	'max_qty' => 100, // Never have more than this many versions of each record.
48	'min_qty' => 25, // Keep at least this many versions of each record.
49	'min_days' => 7, // Keep ALL versions within this many days, even if MORE than min_qty.
50	'db_table' => 'version_tbl',
51
52	// Automatically create table and verify columns. Better set to false after site launch.
53	// This value is overwritten by the $app->getParam('db_create_tables') setting if it is available.
54	'create_table' => true,
55
56	// If true, makes an exact comparison of saved vs. live table schemas. If false, just checks that the saved columns are available.
57	'db_schema_strict' => true,
58
59	// Serialization method.
60	// Legacy installations will have been using 'phpserialize' but these should migrate to use 'json' to avoid PHP object injection https://www.owasp.org/index.php/PHP_Object_Injection
61	'serialization_method' => 'phpserialize', // Or 'json'
62	);
63
64	// Auth_SQL object from which to access a current user_id.
65	protected $_auth;
66
67	/**
68	* This method enforces the singleton pattern for this class.
69	*
70	* @return object Reference to the global Lock object.
71	* @access public
72	* @static
73	*/
74	public static function &getInstance($auth_object=null)
75	{
76	if (self::$instance === null) {
77	self::$instance = new self($auth_object);
78	}
79
80	return self::$instance;
81	}
82
83	/**
84	* Constructor. Pass an Auth object on which to perform user lookups.
85	*
86	* @param mixed $auth_object An Auth_SQL object.
87	*/
88	public function __construct($auth_object=null)
89	{
90	$app =& App::getInstance();
91
92	if (!is_null($auth_object) \|\| is_null($this->_auth)) {
93	if (!method_exists($auth_object, 'get') \|\| !method_exists($auth_object, 'getUsername')) {
94	trigger_error('Constructor not provided a valid Auth_* object.', E_USER_ERROR);
95	}
96
97	$this->_auth = $auth_object;
98	}
99
100	// Get create tables config from global context.
101	if (!is_null($app->getParam('db_create_tables'))) {
102	$this->setParam(array('create_table' => $app->getParam('db_create_tables')));
103	}
104	}
105
106	/**
107	* Setup the database table for this class.
108	*
109	* @access public
110	* @author Quinn Comendant <quinn@strangecode.com>
111	* @since 26 Aug 2005 17:09:36
112	*/
113	public function initDB($recreate_db=false)
114	{
115	$app =& App::getInstance();
116	$db =& DB::getInstance();
117
118	static $_db_tested = false;
119
120	if ($recreate_db \|\| !$_db_tested && $this->getParam('create_table')) {
121	if ($recreate_db) {
122	$db->query("DROP TABLE IF EXISTS " . $this->getParam('db_table'));
123	$app->logMsg(sprintf('Dropping and recreating table %s.', $this->getParam('db_table')), LOG_INFO, __FILE__, __LINE__);
124	}
125	$db->query(sprintf("CREATE TABLE IF NOT EXISTS %s (
126	version_id INT UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT,
127	record_table VARCHAR(255) NOT NULL DEFAULT '',
128	record_key VARCHAR(255) NOT NULL DEFAULT '',
129	record_val VARCHAR(255) NOT NULL DEFAULT '',
130	version_data MEDIUMBLOB NOT NULL,
131	version_title VARCHAR(255) NOT NULL DEFAULT '',
132	version_number SMALLINT(11) UNSIGNED NOT NULL DEFAULT '0',
133	version_notes VARCHAR(255) NOT NULL DEFAULT '',
134	saved_by_user_id SMALLINT(11) NOT NULL DEFAULT '0',
135	version_datetime DATETIME NOT NULL DEFAULT '%s 00:00:00',
136	KEY record_table (record_table),
137	KEY record_key (record_key),
138	KEY record_val (record_val)
139	)", $db->escapeString($this->getParam('db_table')), $db->getParam('zero_date')));
140
141	if (!$db->columnExists($this->getParam('db_table'), array(
142	'version_id',
143	'record_table',
144	'record_key',
145	'record_val',
146	'version_data',
147	'version_title',
148	'version_number',
149	'version_notes',
150	'saved_by_user_id',
151	'version_datetime',
152	), false, false)) {
153	$app->logMsg(sprintf('Database table %s has invalid columns. Please update this table manually.', $this->getParam('db_table')), LOG_ALERT, __FILE__, __LINE__);
154	trigger_error(sprintf('Database table %s has invalid columns. Please update this table manually.', $this->getParam('db_table')), E_USER_ERROR);
155	}
156	}
157	$_db_tested = true;
158	}
159
160	/**
161	* Set the params of this object.
162	*
163	* @param array $params Array of param keys and values to set.
164	*/
165	public function setParam($params=null)
166	{
167	$app =& App::getInstance();
168
169	if (isset($params['serialization_method']) && !in_array($params['serialization_method'], ['phpserialize', 'json'])) {
170	trigger_error(sprintf('Invalid serialization_method: %s', $params['serialization_method']), E_USER_ERROR);
171	}
172	if (isset($params) && is_array($params)) {
173	// Merge new parameters with old overriding only those passed.
174	$this->_params = array_merge($this->_params, $params);
175	}
176	}
177
178	/**
179	* Return the value of a parameter, if it exists.
180	*
181	* @access public
182	* @param string $param Which parameter to return.
183	* @return mixed Configured parameter value.
184	*/
185	public function getParam($param)
186	{
187	$app =& App::getInstance();
188
189	if (array_key_exists($param, $this->_params)) {
190	return $this->_params[$param];
191	} else {
192	$app->logMsg(sprintf('Parameter is not set: %s', $param), LOG_DEBUG, __FILE__, __LINE__);
193	return null;
194	}
195	}
196
197	/**
198	* Saves a version of the current record into the version table.
199	*
200	* @param string $record_table The table containing the record.
201	* @param string $record_key The key column for the record.
202	* @param string $record_val The value of the key column for the record.
203	* @param string $title The title of this record. Only used for human presentation.
204	*
205	* @return int The id for the version (mysql last insert id).
206	*/
207	public function create($record_table, $record_key, $record_val, $title='', $notes='')
208	{
209	$app =& App::getInstance();
210	$db =& DB::getInstance();
211
212	$this->initDB();
213
214	// Get current record.
215	if (!$record = $this->getCurrent($record_table, $record_key, $record_val)) {
216	$app->logMsg(sprintf('Could not create %s version, record not found: %s, %s, %s.', $title, $record_table, $record_key, $record_val), LOG_ERR, __FILE__, __LINE__);
217	return false;
218	}
219
220	// Get previous version_number.
221	$qid = $db->query("
222	SELECT MAX(version_number) FROM " . $db->escapeString($this->getParam('db_table')) . "
223	WHERE record_table = '" . $db->escapeString($record_table) . "'
224	AND record_key = '" . $db->escapeString($record_key) . "'
225	AND record_val = '" . $db->escapeString($record_val) . "'
226	");
227	list($last_version_number) = mysql_fetch_row($qid);
228
229	// Clean-up old versions.
230	$this->deleteOld($record_table, $record_key, $record_val);
231
232	// Serialize the DB record.
233	switch ($this->getParam('serialization_method')) {
234	case 'phpserialize':
235	$data = gzcompress(serialize($record), 9);
236	break;
237
238	case 'json':
239	$data = gzcompress(json_encode($record), 9);
240	break;
241	}
242
243	// Save as new version.
244	// TODO: after MySQL 5.0.23 is released this query could benefit from INSERT DELAYED.
245	$db->query("
246	INSERT INTO " . $db->escapeString($this->getParam('db_table')) . " (
247	record_table,
248	record_key,
249	record_val,
250	version_data,
251	version_title,
252	version_number,
253	version_notes,
254	saved_by_user_id,
255	version_datetime
256	) VALUES (
257	'" . $db->escapeString($record_table) . "',
258	'" . $db->escapeString($record_key) . "',
259	'" . $db->escapeString($record_val) . "',
260	'" . $db->escapeString($data) . "',
261	'" . $db->escapeString($title) . "',
262	'" . $db->escapeString($last_version_number + 1) . "',
263	'" . $db->escapeString($notes) . "',
264	'" . $db->escapeString($this->_auth->get('user_id')) . "',
265	NOW()
266	)
267	");
268
269	return mysql_insert_id($db->getDBH());
270	}
271
272	/**
273	* Copy a version back into it's original table.
274	*
275	* @param string $version_id The id of the version to restore.
276	*
277	* @return int The id for the version (mysql last insert id).
278	*/
279	public function restore($version_id)
280	{
281	$app =& App::getInstance();
282	$db =& DB::getInstance();
283
284	$this->initDB();
285
286	// Get version data.
287	$qid = $db->query("
288	SELECT *
289	FROM " . $db->escapeString($this->getParam('db_table')) . "
290	WHERE version_id = '" . $db->escapeString($version_id) . "'
291	");
292	if (!$record = mysql_fetch_assoc($qid)) {
293	$app->raiseMsg(sprintf(_("Version %s%s not found."), $version_id, (empty($record['version_title']) ? '' : ' (' . $record['version_title'] . ')')), MSG_WARNING, __FILE__, __LINE__);
294	$app->logMsg(sprintf('Version %s%s not found.', $version_id, (empty($record['version_title']) ? '' : ' (' . $record['version_title'] . ')')), LOG_WARNING, __FILE__, __LINE__);
295	return false;
296	}
297
298	// Unserialize the DB record.
299	switch ($this->getParam('serialization_method')) {
300	case 'phpserialize':
301	$data = unserialize(gzuncompress($record['version_data']));
302	break;
303
304	case 'json':
305	$data = json_decode(gzuncompress($record['version_data']), true);
306	break;
307	}
308
309	// Ensure saved db columns match current table schema.
310	if (!$db->columnExists($record['record_table'], array_keys($data), $this->getParam('db_schema_strict'))) {
311	$app->raiseMsg(sprintf(_("Version %s%s is not compatible with the current database table."), $version_id, (empty($record['version_title']) ? '' : ' (' . $record['version_title'] . ')')), MSG_ERR, __FILE__, __LINE__);
312	$app->logMsg(sprintf('Version %s%s restoration failed, DB schema does not match for table %s.', $version_id, (empty($record['version_title']) ? '' : ' (' . $record['version_title'] . ')'), $record['record_table']), LOG_ALERT, __FILE__, __LINE__);
313	return false;
314	}
315
316	// SQLize the keys of the specified versioned record.
317	$replace_keys = join(",\n", array_map(array($db, 'escapeString'), array_keys($data)));
318
319	// SQLize the keys of the values of the specified versioned record. (These are more complex because we need to account for SQL null values.)
320	$replace_values = '';
321	$comma = '';
322	foreach ($data as $v) {
323	$replace_values .= is_null($v) ? "$comma\nNULL" : "$comma\n'" . $db->escapeString($v) . "'";
324	$comma = ',';
325	}
326
327	// Disable foreign_key_checks to prevent ON DELETE triggers or restrictions.
328	$db->query("SET SESSION foreign_key_checks = 0");
329	// Replace current record with specified versioned record. Consider converting this SQL to use INSERT âŠ ON DUPLICATE KEY UPDATE âŠ
330	$db->query("
331	REPLACE INTO " . $record['record_table'] . " (
332	$replace_keys
333	) VALUES (
334	$replace_values
335	);
336	");
337	// Re-enable foreign_key_checks.
338	$db->query("SET SESSION foreign_key_checks = 1");
339
340	return $record;
341	}
342
343	/**
344	* Version garbage collection. Deletes versions older than min_days
345	* when quantity of versions exceeds min_qty. If quantity
346	* exceeds 100 within min_days, the oldest are deleted to bring the
347	* quantity back down to min_qty.
348	*
349	* @param string $record_table The table containing the record.
350	* @param string $record_key The key column for the record.
351	* @param string $record_val The value of the key column for the record.
352	*
353	* @return mixed Array of versions, or false if none.
354	*/
355	public function deleteOld($record_table, $record_key, $record_val)
356	{
357	$db =& DB::getInstance();
358
359	$this->initDB();
360
361	// Get total number of versions for this record.
362	$qid = $db->query("
363	SELECT COUNT(*) FROM " . $db->escapeString($this->getParam('db_table')) . "
364	WHERE record_table = '" . $db->escapeString($record_table) . "'
365	AND record_key = '" . $db->escapeString($record_key) . "'
366	AND record_val = '" . $db->escapeString($record_val) . "'
367	");
368	list($v_count) = mysql_fetch_row($qid);
369
370	if ($v_count > $this->getParam('min_qty')) {
371	if ($v_count > $this->getParam('max_qty')) {
372	// To prevent a record bomb, limit max number of versions to max_qty.
373	// First query for oldest records, selecting enough to bring total number down to min_qty.
374	$qid = $db->query("
375	SELECT version_id
376	FROM " . $db->escapeString($this->getParam('db_table')) . "
377	WHERE record_table = '" . $db->escapeString($record_table) . "'
378	AND record_key = '" . $db->escapeString($record_key) . "'
379	AND record_val = '" . $db->escapeString($record_val) . "'
380	ORDER BY version_datetime ASC
381	LIMIT " . $db->escapeString($v_count - $this->getParam('min_qty')) . "
382	");
383	$old_versions = array();
384	while (list($old_id) = mysql_fetch_row($qid)) {
385	$old_versions[] = $old_id;
386	}
387	$db->query("
388	DELETE FROM " . $db->escapeString($this->getParam('db_table')) . "
389	WHERE version_id IN ('" . join("','", $old_versions) . "')
390	");
391	} else {
392	// Delete versions older than min_days, while still keeping min_qty.
393	$qid = $db->query("
394	SELECT version_id
395	FROM " . $db->escapeString($this->getParam('db_table')) . "
396	WHERE record_table = '" . $db->escapeString($record_table) . "'
397	AND record_key = '" . $db->escapeString($record_key) . "'
398	AND record_val = '" . $db->escapeString($record_val) . "'
399	AND DATE_ADD(version_datetime, INTERVAL '" . $this->getParam('min_days') . "' DAY) < NOW()
400	ORDER BY version_datetime ASC
401	LIMIT " . ($v_count - $this->getParam('min_qty')) . "
402	");
403	$old_versions = array();
404	while (list($old_id) = mysql_fetch_row($qid)) {
405	$old_versions[] = $old_id;
406	}
407	if (sizeof($old_versions) > 0) {
408	$db->query("
409	DELETE FROM " . $db->escapeString($this->getParam('db_table')) . "
410	WHERE version_id IN ('" . join("','", $old_versions) . "')
411	");
412	}
413	}
414	}
415	}
416
417	/**
418	* Get a list of versions of specified record.
419	*
420	* @param string $record_table The table containing the record.
421	* @param string $record_key The key column for the record.
422	* @param string $record_val The value of the key column for the record.
423	*
424	* @return mixed Array of versions, or false if none.
425	*/
426	public function getList($record_table, $record_key, $record_val)
427	{
428	$db =& DB::getInstance();
429
430	$this->initDB();
431
432	// Get versions of this record.
433	$qid = $db->query("
434	SELECT
435	version_id,
436	saved_by_user_id,
437	version_datetime,
438	version_title,
439	version_number,
440	version_notes
441	FROM " . $db->escapeString($this->getParam('db_table')) . "
442	WHERE record_table = '" . $db->escapeString($record_table) . "'
443	AND record_key = '" . $db->escapeString($record_key) . "'
444	AND record_val = '" . $db->escapeString($record_val) . "'
445	ORDER BY version_datetime DESC
446	");
447	$versions = array();
448	while ($row = mysql_fetch_assoc($qid)) {
449	// Get admin usernames.
450	$row['editor'] = $this->_auth->getUsername($row['saved_by_user_id']);
451	$versions[] = $row;
452	}
453	return $versions;
454	}
455
456	/**
457	* Get the version record for a specified version id.
458	*
459	* @param string $version_id The id of the version to restore.
460	*
461	* @return mixed Array of data saved in version, or false if none.
462	*/
463	public function getVerson($version_id)
464	{
465	$db =& DB::getInstance();
466
467	$this->initDB();
468
469	// Get version data.
470	$qid = $db->query("
471	SELECT * FROM " . $db->escapeString($this->getParam('db_table')) . "
472	WHERE version_id = '" . $db->escapeString($version_id) . "'
473	");
474	return mysql_fetch_assoc($qid);
475	}
476
477	/**
478	* Get the data stored for a specified version id.
479	*
480	* @param string $version_id The id of the version to restore.
481	*
482	* @return mixed Array of data saved in version, or false if none.
483	*/
484	public function getData($version_id)
485	{
486	$db =& DB::getInstance();
487
488	$this->initDB();
489
490	// Get version data.
491	$qid = $db->query("
492	SELECT *
493	FROM " . $db->escapeString($this->getParam('db_table')) . "
494	WHERE version_id = '" . $db->escapeString($version_id) . "'
495	");
496	$record = mysql_fetch_assoc($qid);
497	if (isset($record['version_data'])) {
498	// Unserialize the DB record.
499	switch ($this->getParam('serialization_method')) {
500	case 'phpserialize':
501	return unserialize(gzuncompress($record['version_data']));
502
503	case 'json':
504	return json_decode(gzuncompress($record['version_data']));
505	}
506	} else {
507	return false;
508	}
509	}
510
511	/**
512	* Get the current record data from the original table.
513	*
514	* @param string $version_id The id of the version to restore.
515	*
516	* @return mixed Array of data saved in version, or false if none.
517	*/
518	public function getCurrent($record_table, $record_key, $record_val)
519	{
520	$db =& DB::getInstance();
521	$app =& App::getInstance();
522
523	$this->initDB();
524
525	if (!$record_table \|\| !$record_key \|\| !$record_val) {
526	$app->logMsg(sprintf('Invalid current version args: %s, %s, %s.', $record_table, $record_key, $record_val), LOG_ERR, __FILE__, __LINE__);
527	return false;
528	}
529
530	$qid = $db->query("
531	SELECT * FROM " . $db->escapeString($record_table) . "
532	WHERE " . $db->escapeString($record_key) . " = '" . $db->escapeString($record_val) . "'
533	");
534	if ($record = mysql_fetch_assoc($qid)) {
535	return $record;
536	} else {
537	return false;
538	}
539	}
540
541
542	} // End of class.

Note: See TracBrowser for help on using the repository browser.

Download in other formats: