Merge pull request #3 from MatrixCrawler/PDO-SQL

Pdo sql

Merge pull request #3 from MatrixCrawler/PDO-SQL
Pdo sql
b34c791c · MatrixCrawler · 966bdea2 · 3db62464 · b34c791c · b34c791c
Commit b34c791c authored Mar 10, 2014 by MatrixCrawler
13 changed files
--- a/api.php
+++ b/api.php
 <?php
-//Copyright (c) 2011, David Morley. This file is licensed under the Affero General Public License version 3 or later. See the COPYRIGHT file.
-if ($_GET['key'] != "4r45tg") {exit;}
- include('db/config.php');
- $dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
- if (!$dbh) {
-     die("Error in connection: " . pg_last_error());
- }  
-if ($_GET['format'] == "georss") {
-echo <<<EOF
-<?xml version="1.0" encoding="utf-8"?>
-<feed xmlns="http://www.w3.org/2005/Atom" 
-  xmlns:georss="http://www.georss.org/georss">
-  <title>Diaspora Pods</title>
-  <subtitle>IP Locations of Diaspora pods on podupti.me</subtitle>
-  <link href="http://podupti.me/"/>
-EOF;
- $sql = "SELECT * FROM pods WHERE hidden <> 'yes'";
- $result = pg_query($dbh, $sql);
- if (!$result) {
-     die("Error in SQL query: " . pg_last_error());
- }
- $numrows = pg_num_rows($result);
-while ($row = pg_fetch_array($result)) {
-if ($row["secure"] == "true") {$method = "https://";} else {$method = "http://";}
-echo <<<EOF
-  <entry>
-    <title>{$method}{$row['domain']}</title>
-    <link href="{$method}{$row['domain']}"/>
-    <id>urn:{$row['domain']}</id>
-    <summary>Location {$row['city']}, {$row['state']}<![CDATA[<br/>]]>Status {$row['status']}<![CDATA[<br/>]]>Uptime last 7 days {$row['uptimelast7']}<![CDATA[<br/>]]>Response Time {$row['responsetimelast7']}<![CDATA[<br/>]]>Last Git Update {$row['hgitdate']}<![CDATA[<br/>]]>Listed for {$row['monthsmonitored']} months<![CDATA[<br/>]]>Pingdom URL <![CDATA[<A href="{$row['pingdomurl']}">{$row['pingdomurl']}</a>]]></summary>
-    <georss:point>{$row['lat']} {$row['long']}</georss:point>
-    <georss:featureName>{$row['domain']}</georss:featureName>
-  </entry>
+/**
+ * Copyright (c) 2011, David Morley. 
+ * This file is licensed under the Affero General Public License version 3 or later. 
+ * See the COPYRIGHT file.
+ */

-EOF;
-}
-echo "</feed>";
+if ($_GET['key'] != "4r45tg") {
+	exit;
+} 

+require_once 'db/config.inc.php';
+require_once 'db/db.class.php';
+ 
+$dbConnection = DB::connectDB();
+if (!$dbConnection) {
+	die("Error in connection: " . $dbConnection->errorInfo()[2]);
 }

-elseif ($_GET['format'] == "json") {
- $sql = "SELECT id,domain,status,secure,score,userrating,adminrating,city,state,country,lat,long,ip,ipv6,hgitdate,hgitref,pingdomurl,pingdomlast,monthsmonitored,uptimelast7,responsetimelast7,hruntime,hencoding,dateCreated,dateUpdated,dateLaststats,hidden FROM pods";
- $result = pg_query($dbh, $sql);
- if (!$result) {
-     die("Error in SQL query: " . pg_last_error());
- }
- $numrows = pg_num_rows($result);
-//json output, thx Vipul A M for fixing this
- header('Content-type: application/json');
- $rows=array_values(pg_fetch_all($result));
- $obj->podcount          = $numrows;
- $obj->pods             = $rows;
- if ($_GET['method'] == "jsonp") {
-     print $_GET['callback'] . '(' . json_encode($obj) . ')';
- } else {
-     print json_encode($obj);
- }
+if (isset($_GET['format'])) {
+	if ($_GET['format'] == "georss") {
+		echo '
+		<?xml version="1.0" encoding="utf-8"?>
+		<feed xmlns="http://www.w3.org/2005/Atom" 
+		  xmlns:georss="http://www.georss.org/georss">
+		  <title>Diaspora Pods</title>
+		  <subtitle>IP Locations of Diaspora pods on podupti.me</subtitle>
+		  <link href="http://podupti.me/"/>
+		';
+		 $sql = "SELECT * FROM pods WHERE hidden <> 'yes'";
+	 
+		 $result = $dbConnection->query($sql); 
+	 	if (!$result) {
+	    	die("Error in SQL query: " . $dbConnection->errorInfo()[2]);
+	 	}
+		
+		foreach ($result->fetchAll() as $row) {
+			if ($row["secure"] == "true") {
+				$method = "https://";
+			} else {
+				$method = "http://";
+			}
+			echo '
+			  <entry>
+			    <title>{'.$method.'}{'.$row['domain'].'}</title>
+			    <link href="{'.$method.'}{'.$row['domain'].'}"/>
+			    <id>urn:{'.$row['domain'].'}</id>
+			    <summary>Location {'.$row['city'].'}, {'.$row['state'].'}<![CDATA[<br/>]]>Status {'.$row['status'].'}<![CDATA[<br/>]]>Uptime last 7 days {'.$row['uptimelast7'].'}<![CDATA[<br/>]]>Response Time {'.$row['responsetimelast7'].'}<![CDATA[<br/>]]>Last Git Update {'.$row['hgitdate'].'}<![CDATA[<br/>]]>Listed for {'.$row['monthsmonitored'].'} months<![CDATA[<br/>]]>Pingdom URL <![CDATA[<A href="{'.$row['pingdomurl'].'}">{'.$row['pingdomurl'].'}</a>]]></summary>
+			    <georss:point>{'.$row['lat'].'} {'.$row['long'].'}</georss:point>
+			    <georss:featureName>{'.$row['domain'].'}</georss:featureName>
+			  </entry>
+			
+			';
+		}
+		
+		echo "</feed>";
+	} elseif ($_GET['format'] == "json") {
+		$obj = new stdClass();
+		$sql = "SELECT id,domain,status,secure,score,userrating,adminrating,city,state,country,lat,long,ip,ipv6,hgitdate,hgitref,pingdomurl,pingdomlast,monthsmonitored,uptimelast7,responsetimelast7,hruntime,hencoding,dateCreated,dateUpdated,dateLaststats,hidden FROM pods";
+		$result = $dbConnection->query($sql);
+	 	if (!$result) {
+	    	die("Error in SQL query: " . $dbConnection->errorInfo()[2]);
+	 	}
+		
+		//json output, thx Vipul A M for fixing this
+	 	header('Content-type: application/json');
+	 	$rows = array_values($result->fetchAll());
+	 	
+	 	$obj->podcount = count($rows);
+	 	$obj->pods = $rows;
+	 	
+	 	if (isset($_GET['method']) && $_GET['method'] == "jsonp") {
+	 		if (isset($_GET['callback'])) {
+	    		print $_GET['callback'] . '(' . json_encode($obj) . ')';
+	 		} else {
+	 			die("Parameter callback is missing.");
+	 		}
+	 	} else {
+	   		print json_encode($obj);
+	 	}
+	}
 } else {
- $i=0;
- $sql = "SELECT * FROM pods WHERE hidden <> 'yes' ORDER BY uptimelast7 DESC";
- $result = pg_query($dbh, $sql);
- if (!$result) {
-     die("Error in SQL query: " . pg_last_error());
- }
- $numrows = pg_num_rows($result);
- while ($row = pg_fetch_array($result)) {
-  if ($row["status"] == "up"){$status="Online";}else{$status="Offline";} 
-  if ($row["secure"] == "true") {$method = "https://";$class="green";} else {$method = "http://";$class="red";}
-  echo $row["domain"] ." Up ".$row["uptimelast7"]."% This Month - Located in: ".$row["country"];
-  if ($i < ($numrows -1)) {
-    echo ",";
-  }
-$i++;
- }
+ 	$sql = "SELECT * FROM pods WHERE hidden <> 'yes' ORDER BY uptimelast7 DESC";
+ 	$result = $dbConnection->query($sql);
+ 	if (!$result) {
+	 	die("Error in SQL query: " . $dbConnection->errorInfo()[2]);
+ 	}
+	foreach ($result->fetchAll() as $row) {
+		if ($row["status"] == "up"){
+			$status="Online";
+		} else {
+			$status="Offline";
+		} 
+  		if ($row["secure"] == "true") {
+  			$method = "https://";$class="green";
+  		} else {
+  			$method = "http://";$class="red";
+  		}
+  		echo $row["domain"] ." Up ".$row["uptimelast7"]."% This Month - Located in: ".$row["country"];
+  		echo ",";
+ 	}
 }

-
- pg_free_result($result);       
- pg_close($dbh);
 ?>
--- a/db/add.php
+++ b/db/add.php
-<!-- /* Copyright (c) 2011, David Morley. This file is licensed under the Affero General Public License version 3 or later. See the COPYRIGHT file. */ -->
 <?php
-$valid=0;
- include('config.php');
-if (!$_POST['url']){
-  echo "no url given";
- die;
-}
-if (!$_POST['email']){
-  echo "no email given";
- die;
-}
-if (!$_POST['domain']){
-  echo "no pod domain given";
- die;
-}
-if (!$_POST['url']){
-  echo "no API key for your stats";
- die;
-}
-if (strlen($_POST['url']) < 14){
-  echo "API key bad needs to be like m58978-80abdb799f6ccf15e3e3787ee";
- die;
-}
+/**
+ * Copyright (c) 2011, David Morley. 
+ * This file is licensed under the Affero General Public License version 3 or later. 
+ * See the COPYRIGHT file. 
+ */

- $dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
-     if (!$dbh) {
-         die("Error in connection: " . pg_last_error());
-     }
- $sql = "SELECT domain,pingdomurl FROM pods";
- $result = pg_query($dbh, $sql);
- if (!$result) {
-     die("Error in SQL query: " . pg_last_error());
- }
- while ($row = pg_fetch_array($result)) {
-if ($row["domain"] == $_POST['domain']) {
-echo "domain already exists";die;
-}
-if ($row["pingdomurl"] == $_POST['url']) {
-echo "API key already exists";die;
-}
- }
-
-     //curl the header of pod with and without https
-
-        $chss = curl_init();
-        curl_setopt($chss, CURLOPT_URL, "https://".$_POST['domain']."/users/sign_in");
-        curl_setopt($chss, CURLOPT_POST, 1);
-        curl_setopt($chss, CURLOPT_HEADER, 1);
-        curl_setopt($chss, CURLOPT_CONNECTTIMEOUT, 5);
-        curl_setopt($chss, CURLOPT_RETURNTRANSFER, 1);
-        curl_setopt($chss, CURLOPT_NOBODY, 1);
-        $outputssl = curl_exec($chss);
-        curl_close($chss);
-
-        $ch = curl_init();
-        curl_setopt($ch, CURLOPT_URL, "http://".$_POST['domain']."/users/sign_in");
-        curl_setopt($ch, CURLOPT_POST, 1);
-        curl_setopt($ch, CURLOPT_HEADER, 1);
-        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
-        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
-        curl_setopt($ch, CURLOPT_NOBODY, 1);
-        $output = curl_exec($ch);
-        curl_close($ch);
-
-if (stristr($outputssl, 'Set-Cookie: _diaspora_session=')) {
-  echo "Your pod has ssl and is valid<br>";
-  $valid=1;
-}
-if (stristr($output, 'Set-Cookie: _diaspora_session=')) {
-  echo "Your pod does not have ssl but is a valid pod<br>";
-  $valid=1;
-}
+require_once 'config.inc.php';
+require_once 'db.class.php';
+require_once 'pull.class.php';
+
+$valid = 0;
+if (! $_POST ['url']) {
+	echo "no url given";
+	die ();
+}
+if (! $_POST ['email']) {
+	echo "no email given";
+	die ();
+}
+if (! $_POST ['domain']) {
+	echo "no pod domain given";
+	die ();
+}
+if (! $_POST ['url']) {
+	echo "no API key for your stats";
+	die ();
+}
+if (strlen ( $_POST ['url'] ) < 14) {
+	echo "API key bad needs to be like m58978-80abdb799f6ccf15e3e3787ee";
+	die ();
+}

-if ($valid=="1") {    
-     $sql = "INSERT INTO pods (domain, pingdomurl, email) VALUES($1, $2, $3)";
-     $result = pg_query_params($dbh, $sql, array($_POST['domain'], $_POST['url'], $_POST['email']));
-     if (!$result) {
-         die("Error in SQL query: " . pg_last_error());
-     }
-     $to = $adminemail;
-     $subject = "New pod added to poduptime ";
-     $message = "http://podupti.me\n\n Pingdom Url:" . $_POST["url"] . "\n\n Pod:" . $_POST["domain"] . "\n\n";
-     $headers = "From: ".$_POST["email"]."\r\nReply-To: ".$_POST["email"]."\r\n";
-     @mail( $to, $subject, $message, $headers );    
+$dbConnection = DB::connectDB();
+if (!$dbConnection) {
+	die ( "Error in connection: " . $dbConnection->errorInfo()[2] );
+}
+$sql = "SELECT domain,pingdomurl FROM pods";

-     echo "Data successfully inserted! Your pod will be reviewed and live on the list soon! You will get a support ticket, no need to do anything if your pod is listed in the next few hours.";
-    
-     pg_free_result($result);
-    
-     pg_close($dbh);
-} else {
-echo "Could not validate your pod on http or https, check your setup!";
+$result = $dbConnection->query($sql);
+if (! $result) {
+	die ( "Error in SQL query: " . $dbConnection->errorInfo()[2] );
 }

+foreach ($result->fetchAll() as $row) {
+	if ($row ["domain"] == $_POST ['domain']) {
+		echo "domain already exists";
+		die ();
+	}
+	if ($row ["pingdomurl"] == $_POST ['url']) {
+		echo "API key already exists";
+		die ();
+	}
+}
+
+// curl the header of pod with and without https
+$outputssl = Pull::getCurlResult("https://" . $_POST ['domain'] . "/users/sign_in");
+$output = Pull::getCurlResult("http://" . $_POST ['domain'] . "/users/sign_in");
+
+if (stristr ( $outputssl, 'Set-Cookie: _diaspora_session=' )) {
+	echo "Your pod has ssl and is valid<br>";
+	$valid = 1;
+}
+if (stristr ( $output, 'Set-Cookie: _diaspora_session=' )) {
+	echo "Your pod does not have ssl but is a valid pod<br>";
+	$valid = 1;
+}
+
+if ($valid == "1") {
+	$sql = "INSERT INTO pods (domain, pingdomurl, email) VALUES(".$dbConnection->quote($_POST['domain']).", ".$dbConnection->quote($_POST['url']).", ".$dbConnection->quote($_POST['email']).")";
+	$result = $dbConnection->query($sql);
+	if (! $result) {
+		die ( "Error in SQL query: " . $dbConnection->errorInfo()[2]);
+	}
+	$subject = "New pod added to poduptime ";
+	$message = "http://podupti.me\n\n Pingdom Url:" . $_POST ["url"] . "\n\n Pod:" . $_POST ["domain"] . "\n\n";
+	$headers = "From: " . $_POST ["email"] . "\r\nReply-To: " . $_POST ["email"] . "\r\n";
+	@mail ( ADMIN_EMAIL, $subject, $message, $headers );
+	
+	echo "Data successfully inserted! Your pod will be reviewed and live on the list soon! You will get a support ticket, no need to do anything if your pod is listed in the next few hours.";
+	
+} else {
+	echo "Could not validate your pod on http or https, check your setup!";
+}
+
 ?>
--- a/db/api-more.php
+++ b/db/api-more.php
 <?php
-//Copyright (c) 2011, David Morley. This file is licensed under the Affero General Public License version 3 or later. See the COPYRIGHT file.
+/**
+ * Copyright (c) 2011, David Morley. 
+ * This file is licensed under the Affero General Public License version 3 or later. 
+ * See the COPYRIGHT file.
+ */
+
 //this is just a single api for a pod for the android app to get data
- include('config.php');
- $dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
- if (!$dbh) {
-     die("Error in connection: " . pg_last_error());
- }  
- $sql = "SELECT * FROM pods WHERE domain = $1";
- $result = pg_query_params($dbh, $sql, array($_GET['url']));
- if (!$result) {
-     die("Error in SQL query: " . pg_last_error());
- }   
- while ($row = pg_fetch_array($result)) {
-     echo "Status: " . $row["status"] . "<br>";
-     echo "Last Git Pull: " . $row["hgitdate"] . "<br>";
-     echo "Uptime This Month " . $row["uptimelast7"] . "<br>";
-     echo "Months Monitored: " . $row["monthsmonitored"] . "<br>";
-     echo "Response Time: " . $row["responsetimelast7"] . "<br>";
-     echo "User Rating: ". $row["userrating"] . "<br>";
-     echo "Server Location: ". $row["country"] . "<br>";
- }
- pg_free_result($result);       
- pg_close($dbh);
+require_once 'config.inc.php';
+require_once 'db.class.php';
+
+if (isset($_GET['url'])) {
+	$dbConnection = DB::connectDB();
+	if (!$dbConnection) {
+		die("Error in connection: " . $dbConnection->errorInfo()[2]);
+	}  
+	
+	$sql = "SELECT * FROM pods WHERE domain = ".$dbConnection->quote($_GET['url']);
+	$result = $dbConnection->query($sql);
+	if (!$result) {
+		die("Error in SQL query: " . $dbConnection->errorInfo()[2]);
+	}
+	
+	foreach ($result->fetchAll() as $row) {
+		echo "Status: " . $row["status"] . "<br>";
+	    echo "Last Git Pull: " . $row["hgitdate"] . "<br>";
+	    echo "Uptime This Month " . $row["uptimelast7"] . "<br>";
+	    echo "Months Monitored: " . $row["monthsmonitored"] . "<br>";
+	    echo "Response Time: " . $row["responsetimelast7"] . "<br>";
+	    echo "User Rating: ". $row["userrating"] . "<br>";
+	    echo "Server Location: ". $row["country"] . "<br>";
+	}
+	unset($dbConnection);
+} else {
+	echo "url parameter is missing";
+}
 ?>
--- a/db/backup.php
+++ b/db/backup.php
 <?php
-include('config.php');
-$keep = (60 * 60 * 12) * 3; 
-$dump_date = date("Ymd_Hs");
-$file_name = $backup_dir . "/dump_" . $dump_date . ".sql";
-system("export PGPASSWORD=$pgpass && $pg_dump_dir/pg_dump --username=$pguser $pgdb >> $file_name");
-echo "pg backup of $pgdb made";
-$dirh = dir($backup_dir);
-while($entry = $dirh->read()) {
-$old_file_time = (date("U") - $keep);
-$file_created = filectime("$backup_dir/$entry");
-if ($file_created < $old_file_time && !is_dir($entry)) {
-if(unlink("$backup_dir/$entry")) {
-echo "Cleaned up old backups";
-}
-}
+/**
+ * Copyright (c) 2011, David Morley. 
+ * This file is licensed under the Affero General Public License version 3 or later. 
+ * See the COPYRIGHT file.
+ * 
+ * @todo Add mysql backup support
+ * @todo Add backup to cronjob
+ */
+
+require_once 'config.inc.php';
+
+if (BACKUP) {
+	$keep = (60 * 60 * 12) * 3; 
+	$dump_date = date("Ymd_Hs");
+	$file_name = BACKUPDIR . "/dump_" . $dump_date . ".sql";
+	
+	if (DB_DRIVER == 'pgsql') {
+		system("export PGPASSWORD=".DB_PASSWORD." && $pg_dump_dir/pg_dump --username=".DB_USER." ".DB_NAME." >> $file_name");
+		echo "Backup of ".DB_NAME." made";
+		
+	}
+
+	// Check if there are any Backups to deleted
+	$dirh = dir($backup_dir);
+	while($entry = $dirh->read()) {
+		$old_file_time = (date("U") - $keep);
+		$file_created = filectime(BACKUPDIR."/$entry");
+		if ($file_created < $old_file_time && !is_dir($entry)) {
+			if(unlink(BACKUPDIR."/$entry")) {
+				echo "Cleaned up old backups";
+			}
+		}
+	}
 }
 ?>
--- a/db/config.php.example
+++ b/db/config.php.example
--- a/db/db.class.php
+++ b/db/db.class.php
+<?php
+
+/**
+ * Copyright (c) 2014, Johannes Brunswicker.
+ * This file is licensed under the Affero General Public License version 3 or later.
+ * See the COPYRIGHT file.
+ */
+
+require_once "config.inc.php";
+
+/**
+ * Connects to database and returns the PDO Object or false
+ * @author J. Brunswicker
+ * @return Ambigous <boolean, PDO>
+ *
+ */
+class DB {
+	
+	/**
+	 * Connects to the DB
+	 * @return PDO|boolean
+	 */
+	public static function connectDB() { 
+		$dsn = DB_DRIVER.":dbname=".DB_NAME.";host=".DB_HOST;
+	
+		if (DB_DRIVER == 'mysql') {
+			$dsn .= ";charset=UTF8";
+		}
+	
+		try {
+			$connection = new PDO($dsn, DB_USER, DB_PASSWORD);
+			return $connection;
+		} catch (PDOException $e) {
+			if (DEBUG) {
+				echo ("User: ".DB_USER."<br />");
+				echo ('Connection to database with dsn '.$dsn.' failed: ' . $e->getMessage().'<br />');
+			}
+			return false;
+		}
+	}
+	
+}
+?>
\ No newline at end of file
--- a/db/pull.class.php
+++ b/db/pull.class.php
+<?php
+/**
+ * Copyright (c) 2014, Johannes Brunswicker
+ * This file is licensed under the Affero General Public License version 3 or later.
+ * See the COPYRIGHT file.
+ */
+
+/**
+ * Class collecting functions for pulling data from Pods
+ * @author J. Brunswicker
+ * @version 1.0
+ * @todo Evaluate if it is still required to pull the http header from the pod, as there is a statistics.json now
+ */
+
+require_once "Net/GeoIP.php";
+require_once 'config.inc.php';
+
+class Pull {
+
+	/**
+	 * issues a cUrl request and sends back the result AND the http_info
+	 * @param string $url
+	 * @param string $result
+	 * @param array $info
+	 */
+	public static function getCurlResultAndInfo($url, &$result, &$info) {
+		$curl = curl_init();
+
+		curl_setopt($curl, CURLOPT_URL, $url);
+		curl_setopt($curl, CURLOPT_POST, CURL_POST);
+		curl_setopt($curl, CURLOPT_HEADER, 1);
+		curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, CURL_CONNECTTIMEOUT);
+		curl_setopt($curl, CURLOPT_RETURNTRANSFER, CURL_RETURNTRANSFER);
+		curl_setopt($curl, CURLOPT_NOBODY, CURL_NOBODY);
+
+		$result = curl_exec($curl);
+		$info = curl_getinfo($curl);
+		curl_close($curl);
+	}
+
+	/**
+	 * Issues a cUrl request to $url and returns the result
+	 * @param string $url
+	 * @return string
+	 */
+	public static function getCurlResult($url, $withoutHeader=false) {
+		$curl = curl_init();
+
+		if (DEBUG) {
+			echo "Curl-Target: ".$url."<br />";
+		}
+
+		curl_setopt($curl, CURLOPT_URL, $url);
+		if ($withoutHeader) {
+			curl_setopt($curl, CURLOPT_HEADER, 0);
+		} else {
+			curl_setopt($curl, CURLOPT_HEADER, 1);
+		}
+		curl_setopt($curl, CURLOPT_POST, CURL_POST);
+		curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, CURL_CONNECTTIMEOUT);
+		curl_setopt($curl, CURLOPT_RETURNTRANSFER, CURL_RETURNTRANSFER);
+		curl_setopt($curl, CURLOPT_NOBODY, CURL_NOBODY);
+
+		$result = curl_exec($curl);
+		curl_close($curl);
+
+		if (VERBOSE_CURL) {
+			echo "Curl-Result: ".$result."<br />";
+		}
+
+		return $result;
+	}
+
+	/**
+	 * returns a database Connection
+	 * @return PDO
+	 */
+	public static function getDatabaseConnection() {
+		$dsn = DB_DRIVER.":dbname=".DB_NAME.";host=".DB_HOST;
+
+		if (DB_DRIVER == 'mysql') {
+			$dsn .= ";charset=UTF8";
+		}
+
+		try {
+			$connection = new PDO($dsn, DB_USER, DB_PASSWORD);
+			return $connection;
+		} catch (PDOException $e) {
+			echo ("User: ".DB_USER."<br />");
+			die('Connection to database with dsn '.$dsn.' failed: ' . $e->getMessage());
+		}
+	}
+
+	/**
+	 * Calculates the adminRating and userRating for the given Pod
+	 * @param number $adminRating
+	 * @param number $userRating
+	 * @param string $podUrl
+	 * @param PDO $db
+	 */
+	public static function getRatings(&$adminRating=0, &$userRating=0, $podUrl, PDO $db) {
+		$adminRatingCounter = 0;
+		$userRatingCounter = 0;
+		$adminRatingTemp = 0;
+		$userRatingTemp = 0;