CodeIgniter:所有 $this->db->query() 方法调用的 SQL 审计? [英] CodeIgniter: SQL Audit of all $this->db->query() method calls?

问题描述

我正在使用 CodeIgniter 2+ 并希望审计所有 $this->db->query($sql); 调用.

I'm using CodeIgniter 2+ and would like to Audit all $this->db->query($sql); calls.

我们所有的数据库调用都通过 query() 方法；没有活动记录使用.我需要记录 $sql 查询并将它们输入到自定义表中以进行审计记录.有没有人知道扩展核心系统数据库库以审计查询的方法?

All of our database calls are thru the query() method; no active record usage. I need to record the $sql queries and enter them into an custom table for audit recording purposes. Does any know of a way of extended the core system database library to audit queries?

这看起来应该很容易，但我似乎找不到简单的解决方案.CI 论坛有几个关于旧版本的失败帖子.

It seems like this should be easy, but I can't seem to find a simple solution. The CI forum has a couple of failure posts about old versions.

推荐答案

这取决于您希望如何审核它们.如果您正在寻找每页基础，那么启用分析器就可以了.这显示了在该页面加载时运行的所有查询以及执行它们所花费的时间.请参阅下面的分析器链接.

It depends how you want to audit them. If you are looking for a per page basis then enabling the profiler will be fine. This shows all queries run on that page load as well as the time taken to execute them. See the link below on the profiler.

http://codeigniter.com/user_guide/general/profiling.html

如果您希望在所有查询发生时记录它们，然后再读取日志文件，则必须扩展数据库类.如果是这种情况，请发表评论，我会进一步更新/扩展我的答案.

If you are looking to log all of the queries as they happen and then read the log file later, you will have to extend the database class. If this is the case, comment and I'll update/extend my answer further.

扩展覆盖query()

在/application/core/中扩展MY_Loader.php并插入这个函数

Extend MY_Loader.php in /application/core/ and insert this function

function database($params = '', $return = FALSE, $active_record = NULL)
    {
        // Grab the super object
        $CI =& get_instance();

        // Do we even need to load the database class?
        if (class_exists('CI_DB') AND $return == FALSE AND $active_record == NULL AND isset($CI->db) AND is_object($CI->db)) {
            return FALSE;
        }

        require_once(BASEPATH.'database/DB'.EXT);

        // Load the DB class
        $db =& DB($params, $active_record);

        $my_driver = config_item('subclass_prefix').'DB_'.$db->dbdriver.'_driver';
        $my_driver_file = APPPATH.'core/'.$my_driver.EXT;

        if (file_exists($my_driver_file)) {
            require_once($my_driver_file);
            $db = new $my_driver(get_object_vars($db));
        }

        if ($return === TRUE) {
            return $db;
        }

        // Initialize the db variable.  Needed to prevent
        // reference errors with some configurations
        $CI->db = '';
        $CI->db = $db;
    }

然后创建/application/core/MY_DB_mysql_driver.php

Then create /application/core/MY_DB_mysql_driver.php

然后在里面你可以覆盖 query()

Then inside that you can overwrite query()

function query($sql, $binds = FALSE, $return_object = TRUE) {
    // Do your stuff
    return parent::query( $sql, $binds, $return_object );
}

显然将文件名中的 mysql 替换为您正在使用/尝试扩展的任何数据库驱动程序.

Obviously replace mysql in the filename to whatever database driver you're using/trying to extend.

这也适用于 Active Record，因为所有 get() 方法都调用来自驱动程序的 query() 来运行它们的查询.

This will also work with Active Record as all of the get() methods call upon query() from the driver to run their queries.

这篇关于CodeIgniter:所有 $this->db->query() 方法调用的 SQL 审计?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！