xref: /webtrees/app/Http/Middleware/UseDatabase.php (revision 8447ecc48455c5fa8759225f11de90fd20ad71ba) 
16ccdf4f0SGreg Roach<?php
23976b470SGreg Roach
36ccdf4f0SGreg Roach/**
46ccdf4f0SGreg Roach * webtrees: online genealogy
589f7189bSGreg Roach * Copyright (C) 2021 webtrees development team
66ccdf4f0SGreg Roach * This program is free software: you can redistribute it and/or modify
76ccdf4f0SGreg Roach * it under the terms of the GNU General Public License as published by
86ccdf4f0SGreg Roach * the Free Software Foundation, either version 3 of the License, or
96ccdf4f0SGreg Roach * (at your option) any later version.
106ccdf4f0SGreg Roach * This program is distributed in the hope that it will be useful,
116ccdf4f0SGreg Roach * but WITHOUT ANY WARRANTY; without even the implied warranty of
126ccdf4f0SGreg Roach * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
136ccdf4f0SGreg Roach * GNU General Public License for more details.
146ccdf4f0SGreg Roach * You should have received a copy of the GNU General Public License
1589f7189bSGreg Roach * along with this program. If not, see <https://www.gnu.org/licenses/>.
166ccdf4f0SGreg Roach */
17fcfa147eSGreg Roach
186ccdf4f0SGreg Roachdeclare(strict_types=1);
196ccdf4f0SGreg Roach
206ccdf4f0SGreg Roachnamespace Fisharebest\Webtrees\Http\Middleware;
216ccdf4f0SGreg Roach
226ccdf4f0SGreg Roachuse Fisharebest\Webtrees\Webtrees;
23e16a1bfdSGreg Roachuse Illuminate\Database\Capsule\Manager as DB;
24e16a1bfdSGreg Roachuse Illuminate\Database\Query\Builder;
2560a0fc35SGreg Roachuse PDO;
26b8d46257SGreg Roachuse PDOException;
276ccdf4f0SGreg Roachuse Psr\Http\Message\ResponseInterface;
286ccdf4f0SGreg Roachuse Psr\Http\Message\ServerRequestInterface;
296ccdf4f0SGreg Roachuse Psr\Http\Server\MiddlewareInterface;
306ccdf4f0SGreg Roachuse Psr\Http\Server\RequestHandlerInterface;
316e9f3eb9SGreg Roachuse RuntimeException;
326ccdf4f0SGreg Roach
33b5961194SGreg Roachuse function addcslashes;
34b5961194SGreg Roachuse function trigger_error;
35b5961194SGreg Roach
36b5961194SGreg Roachuse const E_USER_DEPRECATED;
37b5961194SGreg Roach
386ccdf4f0SGreg Roach/**
396ccdf4f0SGreg Roach * Middleware to connect to the database.
406ccdf4f0SGreg Roach */
416ccdf4f0SGreg Roachclass UseDatabase implements MiddlewareInterface
426ccdf4f0SGreg Roach{
436ccdf4f0SGreg Roach    /**
446ccdf4f0SGreg Roach     * @param ServerRequestInterface  $request
456ccdf4f0SGreg Roach     * @param RequestHandlerInterface $handler
466ccdf4f0SGreg Roach     *
476ccdf4f0SGreg Roach     * @return ResponseInterface
486ccdf4f0SGreg Roach     */
496ccdf4f0SGreg Roach    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
506ccdf4f0SGreg Roach    {
51e16a1bfdSGreg Roach        // Earlier versions of webtrees did not have a dbtype config option.  They always used mysql.
52e16a1bfdSGreg Roach        $driver = $request->getAttribute('dbtype', 'mysql');
536ccdf4f0SGreg Roach
54e16a1bfdSGreg Roach        $dbname = $request->getAttribute('dbname');
556ccdf4f0SGreg Roach
56e16a1bfdSGreg Roach        if ($driver === 'sqlite') {
57e16a1bfdSGreg Roach            $dbname = Webtrees::ROOT_DIR . 'data/' . $dbname . '.sqlite';
586ccdf4f0SGreg Roach        }
596ccdf4f0SGreg Roach
60e16a1bfdSGreg Roach        $capsule = new DB();
61e16a1bfdSGreg Roach
62b5961194SGreg Roach        // Newer versions of webtrees support utf8mb4.  Older ones only support 3-byte utf8
63b5961194SGreg Roach        if ($driver === 'mysql' && $request->getAttribute('mysql_utf8mb4') === '1') {
64b5961194SGreg Roach            $charset   = 'utf8mb4';
65b5961194SGreg Roach            $collation = 'utf8mb4_unicode_ci';
66b5961194SGreg Roach        } else {
67b5961194SGreg Roach            $charset   = 'utf8';
68b5961194SGreg Roach            $collation = 'utf8_unicode_ci';
69b5961194SGreg Roach        }
70b5961194SGreg Roach
71*8447ecc4SGreg Roach        $options = [
72*8447ecc4SGreg Roach            // Some drivers do this and some don't.  Make them consistent.
73*8447ecc4SGreg Roach            PDO::ATTR_STRINGIFY_FETCHES => true,
74*8447ecc4SGreg Roach        ];
75*8447ecc4SGreg Roach
76*8447ecc4SGreg Roach        $dbkey    = (string) $request->getAttribute('dbkey');
77*8447ecc4SGreg Roach        $dbcert   = (string) $request->getAttribute('dbcert');
78*8447ecc4SGreg Roach        $dbca     = (string) $request->getAttribute('dbca');
79*8447ecc4SGreg Roach        $dbverify = (bool) $request->getAttribute('dbverify');
80*8447ecc4SGreg Roach
81*8447ecc4SGreg Roach        // MySQL/MariaDB support encrypted connections
82*8447ecc4SGreg Roach        if ($dbkey !== '' && $dbcert !== '' && $dbca !== '') {
83*8447ecc4SGreg Roach            $options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = $dbverify;
84*8447ecc4SGreg Roach            $options[PDO::MYSQL_ATTR_SSL_KEY]                = Webtrees::ROOT_DIR . 'data/' . $dbkey;
85*8447ecc4SGreg Roach            $options[PDO::MYSQL_ATTR_SSL_CERT]               = Webtrees::ROOT_DIR . 'data/' . $dbcert;
86*8447ecc4SGreg Roach            $options[PDO::MYSQL_ATTR_SSL_CA]                 = Webtrees::ROOT_DIR . 'data/' . $dbca;
87*8447ecc4SGreg Roach        }
88*8447ecc4SGreg Roach
89e16a1bfdSGreg Roach        $capsule->addConnection([
90e16a1bfdSGreg Roach            'driver'                  => $driver,
91e16a1bfdSGreg Roach            'host'                    => $request->getAttribute('dbhost'),
92e16a1bfdSGreg Roach            'port'                    => $request->getAttribute('dbport'),
93e16a1bfdSGreg Roach            'database'                => $dbname,
94e16a1bfdSGreg Roach            'username'                => $request->getAttribute('dbuser'),
95e16a1bfdSGreg Roach            'password'                => $request->getAttribute('dbpass'),
96e16a1bfdSGreg Roach            'prefix'                  => $request->getAttribute('tblpfx'),
97e16a1bfdSGreg Roach            'prefix_indexes'          => true,
98*8447ecc4SGreg Roach            'options'                 => $options,
99e16a1bfdSGreg Roach            // For MySQL
100b5961194SGreg Roach            'charset'                 => $charset,
101b5961194SGreg Roach            'collation'               => $collation,
102e16a1bfdSGreg Roach            'timezone'                => '+00:00',
103e16a1bfdSGreg Roach            'engine'                  => 'InnoDB',
104e16a1bfdSGreg Roach            'modes'                   => [
105e16a1bfdSGreg Roach                'ANSI',
1069d1d823fSGreg Roach                'STRICT_ALL_TABLES',
1076c7933f4SGreg Roach                // Use SQL injection(!) to override MAX_JOIN_SIZE and GROUP_CONCAT_MAX_LEN settings.
1086c7933f4SGreg Roach                "', SQL_BIG_SELECTS=1, GROUP_CONCAT_MAX_LEN=1048576, @foobar='"
109e16a1bfdSGreg Roach            ],
110e16a1bfdSGreg Roach            // For SQLite
111e16a1bfdSGreg Roach            'foreign_key_constraints' => true,
112e16a1bfdSGreg Roach        ]);
113e16a1bfdSGreg Roach
114e16a1bfdSGreg Roach        $capsule->setAsGlobal();
115e16a1bfdSGreg Roach
116e16a1bfdSGreg Roach        Builder::macro('whereContains', function ($column, string $search, string $boolean = 'and'): Builder {
1175c98992aSGreg Roach            // Assertion helps static analysis tools understand where we will be using this closure.
11852664097SGreg Roach            assert($this instanceof Builder);
1195c98992aSGreg Roach
120b5961194SGreg Roach            trigger_error('Builder::whereContains() is deprecated. Use LIKE.', E_USER_DEPRECATED);
121e16a1bfdSGreg Roach
122b5961194SGreg Roach            return $this->where($column, 'LIKE', '%' . addcslashes($search, '\\%_') . '%', $boolean);
123e16a1bfdSGreg Roach        });
124e16a1bfdSGreg Roach
125b8d46257SGreg Roach        try {
126ff020ee8SGreg Roach            // Eager-load the connection, to prevent database credentials appearing in error logs.
127ff020ee8SGreg Roach            DB::connection()->getPdo();
128b8d46257SGreg Roach        } catch (PDOException $exception) {
1296e9f3eb9SGreg Roach            throw new RuntimeException($exception->getMessage());
130b8d46257SGreg Roach        }
131b8d46257SGreg Roach
132ff020ee8SGreg Roach        return $handler->handle($request);
1336ccdf4f0SGreg Roach    }
1346ccdf4f0SGreg Roach}
135