Skip to content
Snippets Groups Projects
Unverified Commit 10c33442 authored by Pavel Vyskočil's avatar Pavel Vyskočil Committed by GitHub
Browse files

Merge pull request #3 from BaranekD/prepared_statements 

Prepared statements, saving SourceIdPName, order of rows in tables
parents 599209cf babd6f2a
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
CHANGELOG.md
+ 4
0
View file @ 10c33442
......@@ -7,6 +7,10 @@ All notable changes to this project will be documented in this file.
- Dictionary
- Czech translation
[Changed]
- Database commands use prepared statements
- Saving SourceIdPName instead of EntityId
## [v1.1.0]
[Added]
- Added average and maximal count of logins per day into summary table
......
lib/Auth/Process/DatabaseCommand.php
+ 43
29
View file @ 10c33442
......@@ -14,18 +14,21 @@ class DatabaseCommand
assert($conn != NULL);
$identityProvidersTableName = $databaseConnector->getIdentityProvidersTableName();
$serviceProvidersTableName = $databaseConnector->getServiceProvidersTableName();
$sourceIdp = $request['saml:sp:IdP'];
$sourceIdp = $request['Attributes']['sourceIdPName'][0];
$service = $request['Destination']['name']['en'];
$year = $date->format('Y');
$month = $date->format('m');
$day = $date->format('d');
$sql = "INSERT INTO ".$identityProvidersTableName."(year, month, day, sourceIdp, count) VALUES ('".$date->format('Y')."','".$date->format('m') ."','".$date->format('d')."','".$sourceIdp."','1') ON DUPLICATE KEY UPDATE count = count + 1";
SimpleSAML\Logger::info($sql);
if ($conn->query($sql) === FALSE) {
$stmt = $conn->prepare("INSERT INTO ".$identityProvidersTableName."(year, month, day, sourceIdp, count) VALUES (?, ?, ?, ?, '1') ON DUPLICATE KEY UPDATE count = count + 1");
$stmt->bind_param("iiis", $year, $month, $day, $sourceIdp);
if ($stmt->execute() === FALSE) {
SimpleSAML\Logger::error("The login log wasn't inserted into the database.");
}
$sql = "INSERT INTO ".$serviceProvidersTableName."(year, month, day, service, count) VALUES ('".$date->format('Y')."','".$date->format('m') ."','".$date->format('d')."','".$service."','1') ON DUPLICATE KEY UPDATE count = count + 1";
SimpleSAML\Logger::info($sql);
if ($conn->query($sql) === FALSE) {
$stmt = $conn->prepare("INSERT INTO ".$serviceProvidersTableName."(year, month, day, service, count) VALUES (?, ?, ?, ?, '1') ON DUPLICATE KEY UPDATE count = count + 1");
$stmt->bind_param("iiis", $year, $month, $day, $service);
if ($stmt->execute() === FALSE) {
SimpleSAML\Logger::error("The login log wasn't inserted into the database.");
}
......@@ -38,8 +41,9 @@ class DatabaseCommand
$conn = $databaseConnector->getConnection();
assert($conn != NULL);
$table_name = $databaseConnector->getIdentityProvidersTableName();
$sql = "SELECT year, month, day, SUM(count) AS count FROM ".$table_name." GROUP BY year,month,day";
$result = $conn->query($sql);
$stmt = $conn->prepare("SELECT year, month, day, SUM(count) AS count FROM ".$table_name." GROUP BY year DESC,month DESC,day DESC");
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc()) {
echo "[new Date(".$row["year"].",". ($row["month"] - 1 ). ", ".$row["day"]."), {v:".$row["count"]."}],";
}
......@@ -53,8 +57,9 @@ class DatabaseCommand
$conn = $databaseConnector->getConnection();
assert($conn != NULL);
$table_name = $databaseConnector->getIdentityProvidersTableName();
$sql = "SELECT year, month, sourceIdp, SUM(count) AS count FROM ".$table_name. " GROUP BY year, month, sourceIdp HAVING sourceIdp != ''";
$result = $conn->query($sql);
$stmt = $conn->prepare("SELECT year, month, sourceIdp, SUM(count) AS count FROM ".$table_name. " GROUP BY year, month, sourceIdp HAVING sourceIdp != '' ORDER BY year DESC, month DESC, count DESC");
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc()) {
echo "[new Date(".$row["year"].",".($row["month"] - 1 )."),'".$row["sourceIdp"]."', {v:".$row["count"]."}],";
}
......@@ -67,8 +72,9 @@ class DatabaseCommand
$conn = $databaseConnector->getConnection();
assert($conn != NULL);
$table_name = $databaseConnector->getServiceProvidersTableName();
$sql = "SELECT year, month, service, SUM(count) AS count FROM ".$table_name." GROUP BY year, month, service HAVING service != ''";
$result = $conn->query($sql);
$stmt = $conn->prepare("SELECT year, month, service, SUM(count) AS count FROM ".$table_name." GROUP BY year DESC, month DESC, service HAVING service != '' ORDER BY year DESC, month DESC, count DESC");
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc()) {
echo "[new Date(".$row["year"].",".($row["month"] - 1 )."),'".$row["service"]."', {v:".$row["count"]."}],"; }
$conn->close();
......@@ -80,8 +86,9 @@ class DatabaseCommand
$conn = $databaseConnector->getConnection();
assert($conn != NULL);
$table_name = $databaseConnector->getIdentityProvidersTableName();
$sql = "SELECT SUM(count) AS count FROM " . $table_name;
$result = $conn->query($sql);
$stmt = $conn->prepare("SELECT SUM(count) AS count FROM " . $table_name);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
$count = $row["count"];
}
......@@ -101,8 +108,9 @@ class DatabaseCommand
$conn = $databaseConnector->getConnection();
assert($conn != NULL);
$table_name = $databaseConnector->getIdentityProvidersTableName();
$sql = "SELECT SUM(count) AS count FROM " . $table_name." WHERE year = ".$dateTime->format('Y')." AND month=".$dateTime->format('m')." AND day = ".$dateTime->format('d');
$result = $conn->query($sql);
$stmt = $conn->prepare("SELECT SUM(count) AS count FROM " . $table_name." WHERE year = ".$dateTime->format('Y')." AND month=".$dateTime->format('m')." AND day = ".$dateTime->format('d'));
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
$count = $row["count"];
}
......@@ -121,8 +129,9 @@ class DatabaseCommand
$conn = $databaseConnector->getConnection();
assert($conn != NULL);
$table_name = $databaseConnector->getServiceProvidersTableName();
$sql = "SELECT service, SUM(count) AS count FROM ".$table_name." GROUP BY service HAVING service != ''";
$result = $conn->query($sql);
$stmt = $conn->prepare("SELECT service, SUM(count) AS count FROM ".$table_name." GROUP BY service HAVING service != ''");
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc()) {
echo "['".$row["service"]."', ".$row["count"]."],";
}
......@@ -135,8 +144,9 @@ class DatabaseCommand
$conn = $databaseConnector->getConnection();
assert($conn != NULL);
$table_name = $databaseConnector->getIdentityProvidersTableName();
$sql = "SELECT sourceIdp, SUM(count) AS count FROM ".$table_name." GROUP BY sourceIdp HAVING sourceIdp != ''";
$result = $conn->query($sql);
$stmt = $conn->prepare("SELECT sourceIdp, SUM(count) AS count FROM ".$table_name." GROUP BY sourceIdp HAVING sourceIdp != ''");
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc()) {
echo "['".$row["sourceIdp"]."', ".$row["count"]."],";
}
......@@ -149,8 +159,9 @@ class DatabaseCommand
$conn = $databaseConnector->getConnection();
assert($conn != NULL);
$table_name = $databaseConnector->getIdentityProvidersTableName();
$sql = "SELECT COUNT(*) AS count FROM (SELECT DISTINCT sourceIdp FROM ".$table_name." ) AS idps WHERE sourceIdp != ''";
$result = $conn->query($sql);
$stmt = $conn->prepare("SELECT COUNT(*) AS count FROM (SELECT DISTINCT sourceIdp FROM ".$table_name." ) AS idps WHERE sourceIdp != ''");
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc()) {
$count = $row["count"];
}
......@@ -168,8 +179,9 @@ class DatabaseCommand
$conn = $databaseConnector->getConnection();
assert($conn != NULL);
$table_name = $databaseConnector->getServiceProvidersTableName();
$sql = "SELECT COUNT(*) AS count FROM (SELECT DISTINCT service FROM ".$table_name." ) AS services WHERE service != ''";
$result = $conn->query($sql);
$stmt = $conn->prepare("SELECT COUNT(*) AS count FROM (SELECT DISTINCT service FROM ".$table_name." ) AS services WHERE service != ''");
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc()) {
$count = $row["count"];
}
......@@ -187,8 +199,9 @@ class DatabaseCommand
$conn = $databaseConnector->getConnection();
assert($conn != NULL);
$table_name = $databaseConnector->getServiceProvidersTableName();
$sql = "SELECT AVG(count) as avg_count FROM (SELECT year, month, day, SUM(count) AS count FROM " . $table_name . " GROUP BY year,month,day ) AS average_count;";
$result = $conn->query($sql);
$stmt = $conn->prepare("SELECT AVG(count) as avg_count FROM (SELECT year, month, day, SUM(count) AS count FROM " . $table_name . " GROUP BY year,month,day ) AS average_count;");
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc()) {
$avg_count = $row["avg_count"];
}
......@@ -206,8 +219,9 @@ class DatabaseCommand
$conn = $databaseConnector->getConnection();
assert($conn != NULL);
$table_name = $databaseConnector->getServiceProvidersTableName();
$sql = "SELECT MAX(count) as max_count FROM (SELECT year, month, day, SUM(count) AS count FROM " . $table_name . " GROUP BY year,month,day ) AS maximal_count;";
$result = $conn->query($sql);
$stmt = $conn->prepare("SELECT MAX(count) as max_count FROM (SELECT year, month, day, SUM(count) AS count FROM " . $table_name . " GROUP BY year,month,day ) AS maximal_count;");
$stmt->execute();
$result = $stmt->get_result();
while($row = $result->fetch_assoc()) {
$max_count = $row["max_count"];
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment