xref: /webtrees/app/Http/Middleware/UseDatabase.php (revision 6f4ec3cadc983f0a7294108c634bef48846b4311) 
16ccdf4f0SGreg Roach<?php
23976b470SGreg Roach
36ccdf4f0SGreg Roach/**
46ccdf4f0SGreg Roach * webtrees: online genealogy
5d11be702SGreg Roach * Copyright (C) 2023 webtrees development team
66ccdf4f0SGreg Roach * This program is free software: you can redistribute it and/or modify
76ccdf4f0SGreg Roach * it under the terms of the GNU General Public License as published by
86ccdf4f0SGreg Roach * the Free Software Foundation, either version 3 of the License, or
96ccdf4f0SGreg Roach * (at your option) any later version.
106ccdf4f0SGreg Roach * This program is distributed in the hope that it will be useful,
116ccdf4f0SGreg Roach * but WITHOUT ANY WARRANTY; without even the implied warranty of
126ccdf4f0SGreg Roach * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
136ccdf4f0SGreg Roach * GNU General Public License for more details.
146ccdf4f0SGreg Roach * You should have received a copy of the GNU General Public License
1589f7189bSGreg Roach * along with this program. If not, see <https://www.gnu.org/licenses/>.
166ccdf4f0SGreg Roach */
17fcfa147eSGreg Roach
186ccdf4f0SGreg Roachdeclare(strict_types=1);
196ccdf4f0SGreg Roach
206ccdf4f0SGreg Roachnamespace Fisharebest\Webtrees\Http\Middleware;
216ccdf4f0SGreg Roach
22*6f4ec3caSGreg Roachuse Fisharebest\Webtrees\DB;
23b55cbc6bSGreg Roachuse Fisharebest\Webtrees\Validator;
246ccdf4f0SGreg Roachuse Fisharebest\Webtrees\Webtrees;
2560a0fc35SGreg Roachuse PDO;
26b8d46257SGreg Roachuse PDOException;
276ccdf4f0SGreg Roachuse Psr\Http\Message\ResponseInterface;
286ccdf4f0SGreg Roachuse Psr\Http\Message\ServerRequestInterface;
296ccdf4f0SGreg Roachuse Psr\Http\Server\MiddlewareInterface;
306ccdf4f0SGreg Roachuse Psr\Http\Server\RequestHandlerInterface;
316e9f3eb9SGreg Roachuse RuntimeException;
326ccdf4f0SGreg Roach
336ccdf4f0SGreg Roach/**
346ccdf4f0SGreg Roach * Middleware to connect to the database.
356ccdf4f0SGreg Roach */
366ccdf4f0SGreg Roachclass UseDatabase implements MiddlewareInterface
376ccdf4f0SGreg Roach{
386ccdf4f0SGreg Roach    /**
396ccdf4f0SGreg Roach     * @param ServerRequestInterface  $request
406ccdf4f0SGreg Roach     * @param RequestHandlerInterface $handler
416ccdf4f0SGreg Roach     *
426ccdf4f0SGreg Roach     * @return ResponseInterface
436ccdf4f0SGreg Roach     */
446ccdf4f0SGreg Roach    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
456ccdf4f0SGreg Roach    {
46e16a1bfdSGreg Roach        // Earlier versions of webtrees did not have a dbtype config option.  They always used mysql.
47b55cbc6bSGreg Roach        $driver = Validator::attributes($request)->string('dbtype', 'mysql');
486ccdf4f0SGreg Roach
49b55cbc6bSGreg Roach        $dbname = Validator::attributes($request)->string('dbname');
506ccdf4f0SGreg Roach
51e16a1bfdSGreg Roach        if ($driver === 'sqlite') {
52e16a1bfdSGreg Roach            $dbname = Webtrees::ROOT_DIR . 'data/' . $dbname . '.sqlite';
536ccdf4f0SGreg Roach        }
546ccdf4f0SGreg Roach
55e16a1bfdSGreg Roach        $capsule = new DB();
56e16a1bfdSGreg Roach
57b5961194SGreg Roach        // Newer versions of webtrees support utf8mb4.  Older ones only support 3-byte utf8
58b55cbc6bSGreg Roach        if ($driver === 'mysql' && Validator::attributes($request)->boolean('mysql_utf8mb4', false)) {
59b5961194SGreg Roach            $charset   = 'utf8mb4';
60b5961194SGreg Roach            $collation = 'utf8mb4_unicode_ci';
61b5961194SGreg Roach        } else {
62b5961194SGreg Roach            $charset   = 'utf8';
63b5961194SGreg Roach            $collation = 'utf8_unicode_ci';
64b5961194SGreg Roach        }
65b5961194SGreg Roach
668447ecc4SGreg Roach        $options = [
678447ecc4SGreg Roach            // Some drivers do this and some don't.  Make them consistent.
688447ecc4SGreg Roach            PDO::ATTR_STRINGIFY_FETCHES => true,
698447ecc4SGreg Roach        ];
708447ecc4SGreg Roach
71b55cbc6bSGreg Roach        $dbkey    = Validator::attributes($request)->string('dbkey', '');
72b55cbc6bSGreg Roach        $dbcert   = Validator::attributes($request)->string('dbcert', '');
73b55cbc6bSGreg Roach        $dbca     = Validator::attributes($request)->string('dbca', '');
74b55cbc6bSGreg Roach        $dbverify = Validator::attributes($request)->boolean('dbverify', false);
758447ecc4SGreg Roach
768447ecc4SGreg Roach        // MySQL/MariaDB support encrypted connections
778447ecc4SGreg Roach        if ($dbkey !== '' && $dbcert !== '' && $dbca !== '') {
788447ecc4SGreg Roach            $options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = $dbverify;
798447ecc4SGreg Roach            $options[PDO::MYSQL_ATTR_SSL_KEY]                = Webtrees::ROOT_DIR . 'data/' . $dbkey;
808447ecc4SGreg Roach            $options[PDO::MYSQL_ATTR_SSL_CERT]               = Webtrees::ROOT_DIR . 'data/' . $dbcert;
818447ecc4SGreg Roach            $options[PDO::MYSQL_ATTR_SSL_CA]                 = Webtrees::ROOT_DIR . 'data/' . $dbca;
828447ecc4SGreg Roach        }
838447ecc4SGreg Roach
84e16a1bfdSGreg Roach        $capsule->addConnection([
85e16a1bfdSGreg Roach            'driver'                  => $driver,
86b55cbc6bSGreg Roach            'host'                    => Validator::attributes($request)->string('dbhost'),
87b55cbc6bSGreg Roach            'port'                    => Validator::attributes($request)->string('dbport'),
88e16a1bfdSGreg Roach            'database'                => $dbname,
89b55cbc6bSGreg Roach            'username'                => Validator::attributes($request)->string('dbuser'),
90b55cbc6bSGreg Roach            'password'                => Validator::attributes($request)->string('dbpass'),
91b55cbc6bSGreg Roach            'prefix'                  => Validator::attributes($request)->string('tblpfx'),
92e16a1bfdSGreg Roach            'prefix_indexes'          => true,
938447ecc4SGreg Roach            'options'                 => $options,
94e16a1bfdSGreg Roach            // For MySQL
95b5961194SGreg Roach            'charset'                 => $charset,
96b5961194SGreg Roach            'collation'               => $collation,
97e16a1bfdSGreg Roach            'timezone'                => '+00:00',
98e16a1bfdSGreg Roach            'engine'                  => 'InnoDB',
99e16a1bfdSGreg Roach            'modes'                   => [
100e16a1bfdSGreg Roach                'ANSI',
1019d1d823fSGreg Roach                'STRICT_ALL_TABLES',
1026c7933f4SGreg Roach                // Use SQL injection(!) to override MAX_JOIN_SIZE and GROUP_CONCAT_MAX_LEN settings.
1036c7933f4SGreg Roach                "', SQL_BIG_SELECTS=1, GROUP_CONCAT_MAX_LEN=1048576, @foobar='"
104e16a1bfdSGreg Roach            ],
105e16a1bfdSGreg Roach            // For SQLite
106e16a1bfdSGreg Roach            'foreign_key_constraints' => true,
107e16a1bfdSGreg Roach        ]);
108e16a1bfdSGreg Roach
109e16a1bfdSGreg Roach        $capsule->setAsGlobal();
110e16a1bfdSGreg Roach
111358baf47SGreg Roach        if ($driver === 'sqlsrv') {
112358baf47SGreg Roach            DB::connection()->unprepared('SET language us_english'); // For timestamp columns
113358baf47SGreg Roach        }
114358baf47SGreg Roach
115b8d46257SGreg Roach        try {
116ff020ee8SGreg Roach            // Eager-load the connection, to prevent database credentials appearing in error logs.
117ff020ee8SGreg Roach            DB::connection()->getPdo();
118b8d46257SGreg Roach        } catch (PDOException $exception) {
1196e9f3eb9SGreg Roach            throw new RuntimeException($exception->getMessage());
120b8d46257SGreg Roach        }
121b8d46257SGreg Roach
122ff020ee8SGreg Roach        return $handler->handle($request);
1236ccdf4f0SGreg Roach    }
1246ccdf4f0SGreg Roach}
125