xref: /webtrees/app/Http/Middleware/UseDatabase.php (revision 1792ff1cf1956b41f3e3c853cfb279a803a71ed2)
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2019 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees\Http\Middleware;
21
22use Fisharebest\Webtrees\Webtrees;
23use Illuminate\Database\Capsule\Manager as DB;
24use Illuminate\Database\Query\Builder;
25use LogicException;
26use PDO;
27use Psr\Http\Message\ResponseInterface;
28use Psr\Http\Message\ServerRequestInterface;
29use Psr\Http\Server\MiddlewareInterface;
30use Psr\Http\Server\RequestHandlerInterface;
31
32/**
33 * Middleware to connect to the database.
34 */
35class UseDatabase implements MiddlewareInterface
36{
37    /**
38     * @param ServerRequestInterface  $request
39     * @param RequestHandlerInterface $handler
40     *
41     * @return ResponseInterface
42     */
43    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
44    {
45        // Earlier versions of webtrees did not have a dbtype config option.  They always used mysql.
46        $driver = $request->getAttribute('dbtype', 'mysql');
47
48        $dbname = $request->getAttribute('dbname');
49
50        if ($driver === 'sqlite') {
51            $dbname = Webtrees::ROOT_DIR . 'data/' . $dbname . '.sqlite';
52        }
53
54        $capsule = new DB();
55
56        $capsule->addConnection([
57            'driver'                  => $driver,
58            'host'                    => $request->getAttribute('dbhost'),
59            'port'                    => $request->getAttribute('dbport'),
60            'database'                => $dbname,
61            'username'                => $request->getAttribute('dbuser'),
62            'password'                => $request->getAttribute('dbpass'),
63            'prefix'                  => $request->getAttribute('tblpfx'),
64            'prefix_indexes'          => true,
65            'options'                 => [
66                // Some drivers do this and some don't.  Make them consistent.
67                PDO::ATTR_STRINGIFY_FETCHES => true,
68            ],
69            // For MySQL
70            'charset'                 => 'utf8',
71            'collation'               => 'utf8_unicode_ci',
72            'timezone'                => '+00:00',
73            'engine'                  => 'InnoDB',
74            'modes'                   => [
75                'ANSI',
76                'STRICT_ALL_TABLES',
77                // Use SQL injection(!) to override MAX_JOIN_SIZE setting.
78                "', SQL_BIG_SELECTS=1, @dummy='"
79            ],
80            // For SQLite
81            'foreign_key_constraints' => true,
82        ]);
83
84        $capsule->setAsGlobal();
85
86        Builder::macro('whereContains', function ($column, string $search, string $boolean = 'and'): Builder {
87            // Assertion helps static analysis tools understand where we will be using this closure.
88            assert($this instanceof Builder, new LogicException());
89
90            $search = strtr($search, ['\\' => '\\\\', '%' => '\\%', '_' => '\\_', ' ' => '%']);
91
92            return $this->where($column, 'LIKE', '%' . $search . '%', $boolean);
93        });
94
95        return $handler->handle($request);
96    }
97}
98