<?php
  /**
	* This class encapsulates all of the functions for interacting with a database.
	* @author Richard Sharp
	* @copyright 2006-2010 
	* @version 3.0
	* @package Database
*/
class DataBaseConnector
{
	
	/********************************* Public Variables **********************************************/
	
	/**
	 * Gets or sets whether or not to automaticllay update the Modified and Created fields in the  table (must be those exact names).
	 *	@var boolean
	 */
	var $bUpdateTimestamps=true;
	
	/**
	 * Gets or sets the name of the database.
	 *	@var string
	 */
	var $sDatabase="";
	
	/**
	 * Gets or sets the hostname of the database. If not provided, localhost will be assumed.
	 *	@var string
	 */
	var $sHost="";
	
	/**
	* If a value is provided, all errors will be written to this filename if possible.
	* @var string
	*/
	var $sErrorLog="";
	
	/**
	 * Gets the SQL text of the last query processed.
	 *	@var string
	 */
	var $sLastQuery="";
	
	/**
	 * Gets or sets the database password.
	 *	@var string
	 */
	var $sPassword="";
	
	/**
	 * Gets or sets the database username.
	 *	@var string
	 */
	var $sUser="";
	
	/********************************* Private Variables **********************************************/
	/**
	* @access private
	*/
	var $_objConnection;
	
	
	/********************************* Public Methods **********************************************/
	
	 /**
     * Constructor for the class.
	 * @param string The database username.
	 * @param string The database password.
	 * @param string The database name.
	 * @param string The database host.
     * @return void
     */ 
	function DataBaseConnector($User="",$Password="",$Database="",$Host="")
	{
		if($Host!="") $this->sHost=$Host;
		elseif(defined("DBHost")) $this->sHost=DBHost;
		else $this->sHost="localhost";
		if($User!="") $this->sUser=$User;
		elseif(defined("DBUser")) $this->sUser=DBUser;
		if($Password!="") $this->sPassword=$Password;
		elseif(defined("DBPass")) $this->sPassword=DBPass;
		if($Database!="") $this->sDatabase=$Database;
		elseif(defined("DBase")) $this->sDatabase=DBase;
	}
	
	
	/**
	* Escapes the value to be placed in a field. This helps prevent problems with quotes, and also prevents
	* SQL injection attacks.
	* @param string The value to escape.
	* @return string Escapped string.
	*/
	function Escape($value)
	{
		if($this->TestConnection())
		{
			return(mysql_real_escape_string($value,$this->_objConnection));
		}
		else return(false);
	}
	
	/**
	* Returns the number of rows affected by the last query
	* @return int The number of affected rows.
	*/
	function GetAffectedRows()
	{
		if($this->TestConnection())
		{
			return(@mysql_affected_rows($this->_objConnection));
		}
	}
	
	 /**
     * Gets the text of the last error, if any.
     * @return string The text of the last error, if any.
     */ 
	function GetLastError()
	{
		if($this->TestConnection())
		{
			return(mysql_error($this->_objConnection));
		}
	}
	
	/**
     * Inserts a record into the database.
	 * @param string The name of the table. Returns the insert auto-incremented ID.
	 * @param array An array of the fields/values to insert. Each element key is the column name for the table, and the value is the value to insert. Ex: $fields["FirstName"]="John";
     * @return mixed The inserted row ID on success, false on fail.
     */ 
	function Insert($sTable,$aFields)
	{
		//validate the passed information
		if(!$sTable || ($sTable==''))
		{
			$this->_logError("Attempted to insert record with missing table name.");
			return false;
		}
		if(!is_array($aFields)) 
		{
			$this->_logError("Attempted to insert record with missing fields.");
			return(false);
		}
		if($this->TestConnection())
		{
			foreach($aFields as $sKey => $sValue)
			{
				$aKeys[]=$sKey;
				
				//if this is a password value, don't escape
				if(substr_count($sValue,"password(")>0) $aValues[]=$sValue;
				//if the value is NULL, use "NULL"
				elseif(strtolower($sValue)=="null") $aValues[]="NULL";
				//escape the value
				else $aValues[]='"'.mysql_real_escape_string($sValue,$this->_objConnection).'"';
			}
			
			//build the query
			$sQuery='INSERT INTO '.$sTable.' ('.implode(",",$aKeys);
			if($this->bUpdateTimestamps) $sQuery.=',Modified,Created';
			$sQuery.=') VALUES ('.implode(',',$aValues);
			if($this->bUpdateTimestamps) $sQuery.=',now(),now()';
			$sQuery.=')';
			$this->sLastQuery=$sQuery;
			
			//run the query
			$ok=mysql_query($sQuery,$this->_objConnection);
			if($ok) return(mysql_insert_id($this->_objConnection));
			else 
			{
				$this->_logError();
				return(false);
			}
		}
		else return(false);
	}
	
	 /**
     * Runs a query on the database that does not expect any return.
	 * @param string The query to run.
     * @return mixed The result object of the query.
     */ 
	function Query($sQuery)
	{
		
		if(!$sQuery || ($sQuery==''))
		{
			$this->_logError("Attempted to run a blank raw query.");
			return false;
		}
		if($this->TestConnection())
		{
			$this->sLastQuery=$sQuery;
			$oResult=mysql_query($sQuery,$this->_objConnection);
			if(!$oResult) $this->_logError();
			return($oResult);
		}
	}
	
	 /**
     * Performs an Update query on the database. Returns success or failure.
	 * @param string The name of the table.
	 * @param array An associative array of the fields to update. Each element's key is the column name in the table, and the value of the element is the value to update.
	 * @param boolean Whether or not to use delayed replace. Default false.
     * @return bool Returns true on success, false on failure.
     */ 
	function Replace($sTable,$aFields,$bDelayed=false)
	{
		//check for required information
		if(!$sTable || ($sTable==''))
		{
			$this->_logError("Attempted to replace records with missing table name.");
			return false;
		}
		if(!is_array($aFields)) 
		{
			$this->_logError("Attempted to replace records with missing fields.");
			return(false);
		}
		
		if($this->TestConnection())
		{
			foreach($aFields as $sKey => $sValue)
			{
				$aKeys[]=$sKey;
				
				//if this is a password value, don't escape
				if(substr_count($sValue,"password(")>0) $aValues[]=$sValue;
				//if the value is NULL, use "NULL"
				elseif(strtolower($sValue)=="null") $aValues[]="NULL";
				//escape the value
				else $aValues[]='"'.mysql_real_escape_string($sValue,$this->_objConnection).'"';
			}
			
			//build the query
			$sQuery='REPLACE'.($bDelayed?" DELAYED":"").' INTO '.$sTable.' ('.implode(",",$aKeys);
			if($this->bUpdateTimestamps) $sQuery.=',Modified,Created';
			$sQuery.=') VALUES ('.implode(',',$aValues);
			if($this->bUpdateTimestamps) $sQuery.=',now(),now()';
			$sQuery.=')';
			$this->sLastQuery=$sQuery;
			
			//return the query
			$ok=mysql_query($sQuery,$this->_objConnection);
			if($ok) return(true);
			else 
			{
				$this->_logError();
				return(false);
			}
		}
		else return(false);
	}
	
	 /**
     * Runs a Select query on the database. Returns an associative array of rows.
	 * @param string The SQL query to run.
     * @return mixed On success, a numbered array of result rows. Each array element is an associative array of the results. False on failure.
     */ 
	function Select($sQuery)
	{
		//check that a query was sent
		if(!$sQuery || ($sQuery==''))
		{
			$this->_logError("Attempted to run a Select with no query.");
			return false;
		}
		
		if($this->TestConnection())
		{
			$this->sLastQuery=$sQuery;
			$oResult=mysql_query($sQuery,$this->_objConnection);
			if($oResult)
			{
				while($aRow=mysql_fetch_array($oResult,MYSQL_ASSOC))
				{
					//loop through each value and strip out slashes
					unset($this_row);
					foreach($aRow as $sKey => $sValue) $this_row[$sKey]=stripslashes($sValue);
					$aReturn[]=$this_row;
				}
			}
			else $this->_logError();
		}
		else return(false);
		return($aReturn);
	}
	
	 /**
     * Tests to make sure the connection to the database is open, and if not, attempts to re-open the connection. This prevents unnecessary connections to the database.
     * @return bool
     */ 
	function TestConnection()
	{
		//if no connection resource, attempt to connect
		if(!$this->_objConnection) $this->_connect();
		
		//if still no conenction resource, connection failed
		if(!$this->_objConnection) return false;
		
		//ping the conection to test and reactivate if necessary
		if(!mysql_ping($this->_objConnection)) return(false);
		
		return(true);
	}
	
	 /**
     * Performs an Update query on the database. Returns success or failure.
	 * @param string The name of the table.
	 * @param array An associative array of the fields to update. Each element's key is the column name in the table, and the value of the element is the value to update.
	 * @param string The WHERE clause of the query. Required. Use "1=1" to update all fields.
	 * @param int Optional. The limit to the number of rows that should be affected.
     * @return bool True on success, false on failure.
     */ 
	function Update($sTable,$aFields,$sCondition,$iLimit=0)
	{
		//check for required information
		if(!$sTable || ($sTable==''))
		{
			$this->_logError("Attempted to update records with missing table name.");
			return false;
		}
		if(!is_array($aFields)) 
		{
			$this->_logError("Attempted to update records with missing fields.");
			return(false);
		}
		if(!$sCondition || ($sCondition==''))
		{
			$this->_logError("Attempted to update records with missing condition.");
			return false;
		}
		
		if($this->TestConnection())
		{
			foreach($aFields as $sKey => $sValue) 
			{				
				//if this is a password value, don't escape
				if(substr_count($sValue,"password(")>0) $aUpdates[]=$sKey.'='.$sValue;
				//if the value is NULL, use "NULL"
				elseif(strtolower($sValue)=="null") $aValues[]="NULL"; 
				//escape the value
				else $aUpdates[]=$sKey.'="'.mysql_real_escape_string($sValue,$this->_objConnection).'"';
			}
			
			//build the query
			$sQuery='UPDATE '.$sTable.' SET '.implode(",",$aUpdates);
			if($this->bUpdateTimestamps) $sQuery.=',Modified=now() ';
			$sQuery.=' WHERE '.$sCondition;
			if($iLimit) $sQuery.=' LIMIT '.$iLimit;
			$this->sLastQuery=$sQuery;
			
			//run the query
			$ok=mysql_query($sQuery,$this->_objConnection);
			if(!$ok) $this->_logError();
			return($ok);
		}
	}
	
	/************ Private Functions *************/
	
	/**
     * Connects to the database.
	 * @access private
     * @return boolean True if successful, otherwise false.
     */ 
	function _connect()
	{
		//make sure that the connection authentication values have been set
		if(	!$this->sHost ||
			!$this->sUser ||
			!$this->sPassword ||
			!$this->sDatabase)
		{
			$this->_logError("Attempted to connect with missing authentication information.");
			return false;
		}
		
		//connect to the database
		$_objConnection=mysql_connect($this->sHost,$this->sUser,$this->sPassword);
		
		//if connected, select the database
		if($_objConnection)
		{
			$bDatabase=mysql_select_db($this->sDatabase,$_objConnection);
			if($bDatabase)
			{
				$this->_objConnection=$_objConnection;
				return true;
			}
			else return false;
		}
		else return false;
	}
	
	/**
     * Logs errors to an external text error log. Only if sErrorLog is set
	 * @access private
	 * @param string The message to store. If not set, the last query and database error will be stored.
     * @return void
     */ 
	function _logError($message)
	{
		if(!$this->sErrorLog) return(true);
		$file=@fopen($this->sErrorLog,"a");
		if($file)
		{
			if(!$message) $message=$this->sLastQuery."\n".$this->GetLastError();
			$message=date("m/d/y H:i:s")."\n".$message."\n--------------------------------------------------------------------\n";
			fputs($file,$message,strlen($message));
			fclose($file);
		}
	}
}
?>