├── README.md
└── ssp.class.php


/README.md:
--------------------------------------------------------------------------------
1 | # Datatables Server-side Processing
2 | Helps to enable server-side processing for the DataTables plugin and fetch data from the server-side script using PHP and MySQL.
3 | 
4 | Go to [our website](https://www.codexworld.com/datatables-server-side-processing-with-php-mysql/) to get the step-by-step tutorial and download the source code. 
5 | 
6 | 
7 | 


--------------------------------------------------------------------------------
/ssp.class.php:
--------------------------------------------------------------------------------
  1 | <?php
  2 | 
  3 | /*
  4 |  * Helper functions for building a DataTables server-side processing SQL query
  5 |  *
  6 |  * The static functions in this class are just helper functions to help build
  7 |  * the SQL used in the DataTables demo server-side processing scripts. These
  8 |  * functions obviously do not represent all that can be done with server-side
  9 |  * processing, they are intentionally simple to show how it works. More complex
 10 |  * server-side processing operations will likely require a custom script.
 11 |  *
 12 |  * See http://datatables.net/usage/server-side for full details on the server-
 13 |  * side processing requirements of DataTables.
 14 |  *
 15 |  * @license MIT - http://datatables.net/license_mit
 16 |  */
 17 | 
 18 | 
 19 | // Please Remove below 4 lines as this is use in Datatatables test environment for your local or live environment please remove it or else it will not work
 20 | $file = $_SERVER['DOCUMENT_ROOT'].'/datatables/pdo.php';
 21 | if ( is_file( $file ) ) {
 22 | 	include( $file );
 23 | }
 24 | 
 25 | 
 26 | class SSP {
 27 | 	/**
 28 | 	 * Create the data output array for the DataTables rows
 29 | 	 *
 30 | 	 *  @param  array $columns Column information array
 31 | 	 *  @param  array $data    Data from the SQL get
 32 | 	 *  @return array          Formatted data in a row based format
 33 | 	 */
 34 | 	static function data_output ( $columns, $data )
 35 | 	{
 36 | 		$out = array();
 37 | 
 38 | 		for ( $i=0, $ien=count($data) ; $i<$ien ; $i++ ) {
 39 | 			$row = array();
 40 | 
 41 | 			for ( $j=0, $jen=count($columns) ; $j<$jen ; $j++ ) {
 42 | 				$column = $columns[$j];
 43 | 
 44 | 				// Is there a formatter?
 45 | 				if ( isset( $column['formatter'] ) ) {
 46 |                     if(empty($column['db'])){
 47 |                         $row[ $column['dt'] ] = $column['formatter']( $data[$i] );
 48 |                     }
 49 |                     else{
 50 |                         $row[ $column['dt'] ] = $column['formatter']( $data[$i][ $column['db'] ], $data[$i] );
 51 |                     }
 52 | 				}
 53 | 				else {
 54 |                     if(!empty($column['db'])){
 55 |                         $row[ $column['dt'] ] = $data[$i][ $columns[$j]['db'] ];
 56 |                     }
 57 |                     else{
 58 |                         $row[ $column['dt'] ] = "";
 59 |                     }
 60 | 				}
 61 | 			}
 62 | 
 63 | 			$out[] = $row;
 64 | 		}
 65 | 
 66 | 		return $out;
 67 | 	}
 68 | 
 69 | 
 70 | 	/**
 71 | 	 * Database connection
 72 | 	 *
 73 | 	 * Obtain an PHP PDO connection from a connection details array
 74 | 	 *
 75 | 	 *  @param  array $conn SQL connection details. The array should have
 76 | 	 *    the following properties
 77 | 	 *     * host - host name
 78 | 	 *     * db   - database name
 79 | 	 *     * user - user name
 80 | 	 *     * pass - user password
 81 | 	 *  @return resource PDO connection
 82 | 	 */
 83 | 	static function db ( $conn )
 84 | 	{
 85 | 		if ( is_array( $conn ) ) {
 86 | 			return self::sql_connect( $conn );
 87 | 		}
 88 | 
 89 | 		return $conn;
 90 | 	}
 91 | 
 92 | 
 93 | 	/**
 94 | 	 * Paging
 95 | 	 *
 96 | 	 * Construct the LIMIT clause for server-side processing SQL query
 97 | 	 *
 98 | 	 *  @param  array $request Data sent to server by DataTables
 99 | 	 *  @param  array $columns Column information array
100 | 	 *  @return string SQL limit clause
101 | 	 */
102 | 	static function limit ( $request, $columns )
103 | 	{
104 | 		$limit = '';
105 | 
106 | 		if ( isset($request['start']) && $request['length'] != -1 ) {
107 | 			$limit = "LIMIT ".intval($request['start']).", ".intval($request['length']);
108 | 		}
109 | 
110 | 		return $limit;
111 | 	}
112 | 
113 | 
114 | 	/**
115 | 	 * Ordering
116 | 	 *
117 | 	 * Construct the ORDER BY clause for server-side processing SQL query
118 | 	 *
119 | 	 *  @param  array $request Data sent to server by DataTables
120 | 	 *  @param  array $columns Column information array
121 | 	 *  @return string SQL order by clause
122 | 	 */
123 | 	static function order ( $request, $columns )
124 | 	{
125 | 		$order = '';
126 | 
127 | 		if ( isset($request['order']) && count($request['order']) ) {
128 | 			$orderBy = array();
129 | 			$dtColumns = self::pluck( $columns, 'dt' );
130 | 
131 | 			for ( $i=0, $ien=count($request['order']) ; $i<$ien ; $i++ ) {
132 | 				// Convert the column index into the column data property
133 | 				$columnIdx = intval($request['order'][$i]['column']);
134 | 				$requestColumn = $request['columns'][$columnIdx];
135 | 
136 | 				$columnIdx = array_search( $requestColumn['data'], $dtColumns );
137 | 				$column = $columns[ $columnIdx ];
138 | 
139 | 				if ( $requestColumn['orderable'] == 'true' ) {
140 | 					$dir = $request['order'][$i]['dir'] === 'asc' ?
141 | 						'ASC' :
142 | 						'DESC';
143 | 
144 | 					$orderBy[] = '`'.$column['db'].'` '.$dir;
145 | 				}
146 | 			}
147 | 
148 | 			if ( count( $orderBy ) ) {
149 | 				$order = 'ORDER BY '.implode(', ', $orderBy);
150 | 			}
151 | 		}
152 | 
153 | 		return $order;
154 | 	}
155 | 
156 | 
157 | 	/**
158 | 	 * Searching / Filtering
159 | 	 *
160 | 	 * Construct the WHERE clause for server-side processing SQL query.
161 | 	 *
162 | 	 * NOTE this does not match the built-in DataTables filtering which does it
163 | 	 * word by word on any field. It's possible to do here performance on large
164 | 	 * databases would be very poor
165 | 	 *
166 | 	 *  @param  array $request Data sent to server by DataTables
167 | 	 *  @param  array $columns Column information array
168 | 	 *  @param  array $bindings Array of values for PDO bindings, used in the
169 | 	 *    sql_exec() function
170 | 	 *  @return string SQL where clause
171 | 	 */
172 | 	static function filter ( $request, $columns, &$bindings )
173 | 	{
174 | 		$globalSearch = array();
175 | 		$columnSearch = array();
176 | 		$dtColumns = self::pluck( $columns, 'dt' );
177 | 
178 | 		if ( isset($request['search']) && $request['search']['value'] != '' ) {
179 | 			$str = $request['search']['value'];
180 | 
181 | 			for ( $i=0, $ien=count($request['columns']) ; $i<$ien ; $i++ ) {
182 | 				$requestColumn = $request['columns'][$i];
183 | 				$columnIdx = array_search( $requestColumn['data'], $dtColumns );
184 | 				$column = $columns[ $columnIdx ];
185 | 
186 | 				if ( $requestColumn['searchable'] == 'true' ) {
187 | 					if(!empty($column['db'])){
188 | 						$binding = self::bind( $bindings, '%'.$str.'%', PDO::PARAM_STR );
189 | 						$globalSearch[] = "`".$column['db']."` LIKE ".$binding;
190 | 					}
191 | 				}
192 | 			}
193 | 		}
194 | 
195 | 		// Individual column filtering
196 | 		if ( isset( $request['columns'] ) ) {
197 | 			for ( $i=0, $ien=count($request['columns']) ; $i<$ien ; $i++ ) {
198 | 				$requestColumn = $request['columns'][$i];
199 | 				$columnIdx = array_search( $requestColumn['data'], $dtColumns );
200 | 				$column = $columns[ $columnIdx ];
201 | 
202 | 				$str = $requestColumn['search']['value'];
203 | 
204 | 				if ( $requestColumn['searchable'] == 'true' &&
205 | 				 $str != '' ) {
206 | 					if(!empty($column['db'])){
207 | 						$binding = self::bind( $bindings, '%'.$str.'%', PDO::PARAM_STR );
208 | 						$columnSearch[] = "`".$column['db']."` LIKE ".$binding;
209 | 					}
210 | 				}
211 | 			}
212 | 		}
213 | 
214 | 		// Combine the filters into a single string
215 | 		$where = '';
216 | 
217 | 		if ( count( $globalSearch ) ) {
218 | 			$where = '('.implode(' OR ', $globalSearch).')';
219 | 		}
220 | 
221 | 		if ( count( $columnSearch ) ) {
222 | 			$where = $where === '' ?
223 | 				implode(' AND ', $columnSearch) :
224 | 				$where .' AND '. implode(' AND ', $columnSearch);
225 | 		}
226 | 
227 | 		if ( $where !== '' ) {
228 | 			$where = 'WHERE '.$where;
229 | 		}
230 | 
231 | 		return $where;
232 | 	}
233 | 
234 | 
235 | 	/**
236 | 	 * Perform the SQL queries needed for an server-side processing requested,
237 | 	 * utilising the helper functions of this class, limit(), order() and
238 | 	 * filter() among others. The returned array is ready to be encoded as JSON
239 | 	 * in response to an SSP request, or can be modified if needed before
240 | 	 * sending back to the client.
241 | 	 *
242 | 	 *  @param  array $request Data sent to server by DataTables
243 | 	 *  @param  array|PDO $conn PDO connection resource or connection parameters array
244 | 	 *  @param  string $table SQL table to query
245 | 	 *  @param  string $primaryKey Primary key of the table
246 | 	 *  @param  array $columns Column information array
247 | 	 *  @return array          Server-side processing response array
248 | 	 */
249 | 	static function simple ( $request, $conn, $table, $primaryKey, $columns )
250 | 	{
251 | 		$bindings = array();
252 | 		$db = self::db( $conn );
253 | 
254 | 		// Build the SQL query string from the request
255 | 		$limit = self::limit( $request, $columns );
256 | 		$order = self::order( $request, $columns );
257 | 		$where = self::filter( $request, $columns, $bindings );
258 | 
259 | 		// Main query to actually get the data
260 | 		$data = self::sql_exec( $db, $bindings,
261 | 			"SELECT `".implode("`, `", self::pluck($columns, 'db'))."`
262 | 			 FROM `$table`
263 | 			 $where
264 | 			 $order
265 | 			 $limit"
266 | 		);
267 | 
268 | 		// Data set length after filtering
269 | 		$resFilterLength = self::sql_exec( $db, $bindings,
270 | 			"SELECT COUNT(`{$primaryKey}`)
271 | 			 FROM   `$table`
272 | 			 $where"
273 | 		);
274 | 		$recordsFiltered = $resFilterLength[0][0];
275 | 
276 | 		// Total data set length
277 | 		$resTotalLength = self::sql_exec( $db,
278 | 			"SELECT COUNT(`{$primaryKey}`)
279 | 			 FROM   `$table`"
280 | 		);
281 | 		$recordsTotal = $resTotalLength[0][0];
282 | 
283 | 		/*
284 | 		 * Output
285 | 		 */
286 | 		return array(
287 | 			"draw"            => isset ( $request['draw'] ) ?
288 | 				intval( $request['draw'] ) :
289 | 				0,
290 | 			"recordsTotal"    => intval( $recordsTotal ),
291 | 			"recordsFiltered" => intval( $recordsFiltered ),
292 | 			"data"            => self::data_output( $columns, $data )
293 | 		);
294 | 	}
295 | 
296 | 
297 | 	/**
298 | 	 * The difference between this method and the `simple` one, is that you can
299 | 	 * apply additional `where` conditions to the SQL queries. These can be in
300 | 	 * one of two forms:
301 | 	 *
302 | 	 * * 'Result condition' - This is applied to the result set, but not the
303 | 	 *   overall paging information query - i.e. it will not effect the number
304 | 	 *   of records that a user sees they can have access to. This should be
305 | 	 *   used when you want apply a filtering condition that the user has sent.
306 | 	 * * 'All condition' - This is applied to all queries that are made and
307 | 	 *   reduces the number of records that the user can access. This should be
308 | 	 *   used in conditions where you don't want the user to ever have access to
309 | 	 *   particular records (for example, restricting by a login id).
310 | 	 *
311 | 	 *  @param  array $request Data sent to server by DataTables
312 | 	 *  @param  array|PDO $conn PDO connection resource or connection parameters array
313 | 	 *  @param  string $table SQL table to query
314 | 	 *  @param  string $primaryKey Primary key of the table
315 | 	 *  @param  array $columns Column information array
316 | 	 *  @param  string $whereResult WHERE condition to apply to the result set
317 | 	 *  @param  string $whereAll WHERE condition to apply to all queries
318 | 	 *  @return array          Server-side processing response array
319 | 	 */
320 | 	static function complex ( $request, $conn, $table, $primaryKey, $columns, $whereResult=null, $whereAll=null )
321 | 	{
322 | 		$bindings = array();
323 | 		$db = self::db( $conn );
324 | 		$localWhereResult = array();
325 | 		$localWhereAll = array();
326 | 		$whereAllSql = '';
327 | 
328 | 		// Build the SQL query string from the request
329 | 		$limit = self::limit( $request, $columns );
330 | 		$order = self::order( $request, $columns );
331 | 		$where = self::filter( $request, $columns, $bindings );
332 | 
333 | 		$whereResult = self::_flatten( $whereResult );
334 | 		$whereAll = self::_flatten( $whereAll );
335 | 
336 | 		if ( $whereResult ) {
337 | 			$where = $where ?
338 | 				$where .' AND '.$whereResult :
339 | 				'WHERE '.$whereResult;
340 | 		}
341 | 
342 | 		if ( $whereAll ) {
343 | 			$where = $where ?
344 | 				$where .' AND '.$whereAll :
345 | 				'WHERE '.$whereAll;
346 | 
347 | 			$whereAllSql = 'WHERE '.$whereAll;
348 | 		}
349 | 
350 | 		// Main query to actually get the data
351 | 		$data = self::sql_exec( $db, $bindings,
352 | 			"SELECT `".implode("`, `", self::pluck($columns, 'db'))."`
353 | 			 FROM `$table`
354 | 			 $where
355 | 			 $order
356 | 			 $limit"
357 | 		);
358 | 
359 | 		// Data set length after filtering
360 | 		$resFilterLength = self::sql_exec( $db, $bindings,
361 | 			"SELECT COUNT(`{$primaryKey}`)
362 | 			 FROM   `$table`
363 | 			 $where"
364 | 		);
365 | 		$recordsFiltered = $resFilterLength[0][0];
366 | 
367 | 		// Total data set length
368 | 		$resTotalLength = self::sql_exec( $db, $bindings,
369 | 			"SELECT COUNT(`{$primaryKey}`)
370 | 			 FROM   `$table` ".
371 | 			$whereAllSql
372 | 		);
373 | 		$recordsTotal = $resTotalLength[0][0];
374 | 
375 | 		/*
376 | 		 * Output
377 | 		 */
378 | 		return array(
379 | 			"draw"            => isset ( $request['draw'] ) ?
380 | 				intval( $request['draw'] ) :
381 | 				0,
382 | 			"recordsTotal"    => intval( $recordsTotal ),
383 | 			"recordsFiltered" => intval( $recordsFiltered ),
384 | 			"data"            => self::data_output( $columns, $data )
385 | 		);
386 | 	}
387 | 
388 | 
389 | 	/**
390 | 	 * Connect to the database
391 | 	 *
392 | 	 * @param  array $sql_details SQL server connection details array, with the
393 | 	 *   properties:
394 | 	 *     * host - host name
395 | 	 *     * db   - database name
396 | 	 *     * user - user name
397 | 	 *     * pass - user password
398 | 	 * @return resource Database connection handle
399 | 	 */
400 | 	static function sql_connect ( $sql_details )
401 | 	{
402 | 		try {
403 | 			$db = @new PDO(
404 | 				"mysql:host={$sql_details['host']};dbname={$sql_details['db']}",
405 | 				$sql_details['user'],
406 | 				$sql_details['pass'],
407 | 				array( PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION )
408 | 			);
409 | 		}
410 | 		catch (PDOException $e) {
411 | 			self::fatal(
412 | 				"An error occurred while connecting to the database. ".
413 | 				"The error reported by the server was: ".$e->getMessage()
414 | 			);
415 | 		}
416 | 
417 | 		return $db;
418 | 	}
419 | 
420 | 
421 | 	/**
422 | 	 * Execute an SQL query on the database
423 | 	 *
424 | 	 * @param  resource $db  Database handler
425 | 	 * @param  array    $bindings Array of PDO binding values from bind() to be
426 | 	 *   used for safely escaping strings. Note that this can be given as the
427 | 	 *   SQL query string if no bindings are required.
428 | 	 * @param  string   $sql SQL query to execute.
429 | 	 * @return array         Result from the query (all rows)
430 | 	 */
431 | 	static function sql_exec ( $db, $bindings, $sql=null )
432 | 	{
433 | 		// Argument shifting
434 | 		if ( $sql === null ) {
435 | 			$sql = $bindings;
436 | 		}
437 | 
438 | 		$stmt = $db->prepare( $sql );
439 | 		//echo $sql;
440 | 
441 | 		// Bind parameters
442 | 		if ( is_array( $bindings ) ) {
443 | 			for ( $i=0, $ien=count($bindings) ; $i<$ien ; $i++ ) {
444 | 				$binding = $bindings[$i];
445 | 				$stmt->bindValue( $binding['key'], $binding['val'], $binding['type'] );
446 | 			}
447 | 		}
448 | 
449 | 		// Execute
450 | 		try {
451 | 			$stmt->execute();
452 | 		}
453 | 		catch (PDOException $e) {
454 | 			self::fatal( "An SQL error occurred: ".$e->getMessage() );
455 | 		}
456 | 
457 | 		// Return all
458 | 		return $stmt->fetchAll( PDO::FETCH_BOTH );
459 | 	}
460 | 
461 | 
462 | 	/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
463 | 	 * Internal methods
464 | 	 */
465 | 
466 | 	/**
467 | 	 * Throw a fatal error.
468 | 	 *
469 | 	 * This writes out an error message in a JSON string which DataTables will
470 | 	 * see and show to the user in the browser.
471 | 	 *
472 | 	 * @param  string $msg Message to send to the client
473 | 	 */
474 | 	static function fatal ( $msg )
475 | 	{
476 | 		echo json_encode( array( 
477 | 			"error" => $msg
478 | 		) );
479 | 
480 | 		exit(0);
481 | 	}
482 | 
483 | 	/**
484 | 	 * Create a PDO binding key which can be used for escaping variables safely
485 | 	 * when executing a query with sql_exec()
486 | 	 *
487 | 	 * @param  array &$a    Array of bindings
488 | 	 * @param  *      $val  Value to bind
489 | 	 * @param  int    $type PDO field type
490 | 	 * @return string       Bound key to be used in the SQL where this parameter
491 | 	 *   would be used.
492 | 	 */
493 | 	static function bind ( &$a, $val, $type )
494 | 	{
495 | 		$key = ':binding_'.count( $a );
496 | 
497 | 		$a[] = array(
498 | 			'key' => $key,
499 | 			'val' => $val,
500 | 			'type' => $type
501 | 		);
502 | 
503 | 		return $key;
504 | 	}
505 | 
506 | 
507 | 	/**
508 | 	 * Pull a particular property from each assoc. array in a numeric array, 
509 | 	 * returning and array of the property values from each item.
510 | 	 *
511 | 	 *  @param  array  $a    Array to get data from
512 | 	 *  @param  string $prop Property to read
513 | 	 *  @return array        Array of property values
514 | 	 */
515 | 	static function pluck ( $a, $prop )
516 | 	{
517 | 		$out = array();
518 | 
519 | 		for ( $i=0, $len=count($a) ; $i<$len ; $i++ ) {
520 |             if(empty($a[$i][$prop])){
521 |                 continue;
522 | 			}
523 | 			//removing the $out array index confuses the filter method in doing proper binding,
524 | 			//adding it ensures that the array data are mapped correctly
525 | 			$out[$i] = $a[$i][$prop];
526 | 		}
527 | 
528 | 		return $out;
529 | 	}
530 | 
531 | 
532 | 	/**
533 | 	 * Return a string from an array or a string
534 | 	 *
535 | 	 * @param  array|string $a Array to join
536 | 	 * @param  string $join Glue for the concatenation
537 | 	 * @return string Joined string
538 | 	 */
539 | 	static function _flatten ( $a, $join = ' AND ' )
540 | 	{
541 | 		if ( ! $a ) {
542 | 			return '';
543 | 		}
544 | 		else if ( $a && is_array($a) ) {
545 | 			return implode( $join, $a );
546 | 		}
547 | 		return $a;
548 | 	}
549 | }
550 | 


--------------------------------------------------------------------------------