Source of file api.mysql.php
Size: 16,024 Bytes - Last Modified: 2024-04-27T15:26:05+03:00
/tmp/current_snapshot/api/libs/api.mysql.php
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520 | <?php //////////////////////////////////////////////////////////////////////////////// // // // This program is distributed in the hope that it will be useful, // // but WITHOUT ANY WARRANTY, without even the implied warranty of // // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // // // // This product released under GNU General Public License v2 // //////////////////////////////////////////////////////////////////////////////// /** * Debug mode on/off here */ define('SQL_DEBUG_LOG', 'exports/sqldebug.log'); $mysqlDatabaseConfig = @parse_ini_file('config/mysql.ini'); $mysqlDebugBuffer = array(); $query_counter = 0; $ubillingDatabaseDriver = 'none'; define('SQL_DEBUG_QUERY_EOL', 'UBSQEOL'); if (@$mysqlDatabaseConfig['debug']) { switch ($mysqlDatabaseConfig['debug']) { case 1: define('SQL_DEBUG', 1); break; case 2: define('SQL_DEBUG', 2); break; } } else { define('SQL_DEBUG', 0); } if (!extension_loaded('mysql')) { $ubillingDatabaseDriver = 'mysqli'; /** * MySQLi database layer */ if (!($db_config = @parse_ini_file('config/mysql.ini'))) { print('Cannot load mysql configuration'); exit; } $dbport = (empty($db_config['port'])) ? 3306 : $db_config['port']; $loginDB = new mysqli($db_config['server'], $db_config['username'], $db_config['password'], $db_config['db'], $dbport); if ($loginDB->connect_error) { die('Connection error (' . $loginDB->connect_errno . ') ' . $loginDB->connect_error); } else { $loginDB->query("set character_set_client='" . $db_config['character'] . "'"); $loginDB->query("set character_set_results='" . $db_config['character'] . "'"); $loginDB->query("set collation_connection='" . $db_config['character'] . "_general_ci'"); } /** * Escapes special characters in a string for use in an SQL statement, taking into account the current charset of the connection * * @global object $loginDB * @param string $parametr data to filter * * @return string */ function loginDB_real_escape_string($parametr) { global $loginDB; $result = $loginDB->real_escape_string($parametr); return($result); } if (!function_exists('mysql_real_escape_string')) { /** * Escapes special characters in a string for use in an SQL statement, taking into account the current charset of the connection * * @param string $data * * @return string */ function mysql_real_escape_string($data) { return(loginDB_real_escape_string($data)); } } /** * Executing query and returns result as array * * @global int $query_counter * @param string $query * * @return array */ function simple_queryall($query) { global $loginDB, $query_counter; if (SQL_DEBUG) { zb_SqlDebugOutput($query); } $result = array(); $queried = $loginDB->query($query) or die('wrong data input: ' . $query); while ($row = mysqli_fetch_assoc($queried)) { $result[] = $row; } $query_counter++; return($result); } /** * Executing query and returns array of first result * * @global int $query_counter * @param string $query * @return array */ function simple_query($query) { global $loginDB, $query_counter; if (SQL_DEBUG) { zb_SqlDebugOutput($query); } $queried = $loginDB->query($query) or die('wrong data input: ' . $query); $result = mysqli_fetch_assoc($queried); $query_counter++; return($result); } /** * Updates single field in table with where expression * * @param string $tablename * @param string $field * @param string $value * @param string $where * @param bool $NoQuotesAroundValue * * @return void */ function simple_update_field($tablename, $field, $value, $where = '', $NoQuotesAroundValue = false) { $tablename = loginDB_real_escape_string($tablename); $value = loginDB_real_escape_string($value); $field = loginDB_real_escape_string($field); if ($NoQuotesAroundValue) { $query = "UPDATE `" . $tablename . "` SET `" . $field . "` = " . $value . " " . $where . ""; } else { $query = "UPDATE `" . $tablename . "` SET `" . $field . "` = '" . $value . "' " . $where . ""; } nr_query($query); } /** * Returns last used `id` field available in some table * * @param string $tablename * * @return int */ function simple_get_lastid($tablename) { $tablename = loginDB_real_escape_string($tablename); $query = "SELECT `id` from `" . $tablename . "` ORDER BY `id` DESC LIMIT 1"; $result = simple_query($query); return($result['id']); } /** * Just executing single query * * @global int $query_counter * @param string $query * * @return mixed */ function nr_query($query) { global $loginDB, $query_counter; if (SQL_DEBUG) { zb_SqlDebugOutput($query); } $queried = $loginDB->query($query) or die('wrong data input: ' . $query); $query_counter++; return($queried); } } else { $ubillingDatabaseDriver = 'mysql'; /** * MySQL database old driver abstraction class. Used for PHP <7 legacy. */ class MySQLDB { var $connection; var $last_query_num = 0; var $db_config = array(); /** * last query result id * * @var MySQL result */ var $lastresult; /** * last query assoc value * * @var bool */ var $assoc = true; /** * Initialises connection with MySQL database server and selects needed db * * @param MySQL Connection Id $connection * @return MySQLDB */ public function __construct($connection = false) { if ($connection) $this->connection = $connection; else { if (!($this->db_config = @parse_ini_file('config/' . 'mysql.ini'))) { print(('Cannot load mysql configuration')); return false; } if (!extension_loaded('mysql')) { print(('Unable to load module for database server "mysql": PHP mysql extension not available!')); return false; } $dbport = (empty($this->db_config['port'])) ? 3306 : $this->db_config['port']; $this->connection = @mysql_connect($this->db_config['server'] . ':' . $dbport, $this->db_config['username'], $this->db_config['password']); } if (empty($this->connection)) { print(('Unable to connect to database server!')); return false; } else if (!@mysql_select_db($this->db_config['db'], $this->connection)) { $this->db_error(); return false; } mysql_query("set character_set_client='" . $this->db_config['character'] . "'"); mysql_query("set character_set_results='" . $this->db_config['character'] . "'"); mysql_query("set collation_connection='" . $this->db_config['character'] . "_general_ci'"); return true; } /** * Executes query and returns result identifier * * @param string $query * @return MySQL result */ public function query($query) { // use escape/vf function for input data. $result = @mysql_query($query, $this->connection) or $this->db_error(0, $query); $this->last_query_num++; return $result; } /** * Executes query and makes abstract data read available * * @param string $query * @param bool $assoc */ public function ExecuteReader($query, $assoc = true) { $this->lastresult = $this->query($query); $this->assoc = $assoc; } /** * Link to query method * * @param string $query * @return MySQL result */ public function ExecuteNonQuery($query) { $result = $this->query($query); return (mysql_affected_rows() == 0 ? false : $result); } /** * Returns array with from the current query result * * @return array */ public function Read() { if ($this->assoc) { $result = @mysql_fetch_assoc($this->lastresult) or false; } else { $result = @mysql_fetch_row($this->lastresult) or false; } return $result; } /** * Returns one row from the current query result * * @param int $row * * @return string */ public function ReadSingleRow($row) { return mysql_result($this->lastresult, $row) or false; } /** * Prints MySQL error message; switching DEBUG, prints MySQL error description or sends it to administrator * * @return void */ public function db_error($show = 0, $query = '') { global $system; if (!in_array(mysql_errno(), array(1062, 1065, 1191))) { // Errcodes in array are handled at another way :) if (SQL_DEBUG == 1 || $show == 1) { $warning = '<br><b>' . ('MySQL Error') . ':</b><br><i>'; $warning .= mysql_errno() . ' : ' . mysql_error() . (empty($query) ? '</i>' : '<br>In query: <textarea cols="50" rows="7">' . $query . '</textarea></i>'); print($warning) or print($warning); } else { print('An error occured. Please, try again later. Thank You !'); @$message .= mysql_errno() . ':' . mysql_error() . "\r\n"; $message .= (empty($query) ? '' : "In query: \r\n" . $query . "\r\n"); die('MySQL error ' . $message); } } } /** * Escapes string to use in SQL query * * @param string $string * * @return string */ public function escape($string) { if (!get_magic_quotes_gpc()) return mysql_real_escape_string($string, $this->connection); else return mysql_real_escape_string(stripslashes($string), $this->connection); } /** * Disconnects from database server * * @return void */ public function disconnect() { @mysql_close($this->connection); } } /** * Executing query and returns result as array * * @global int $query_counter * @param string $query * * @return array */ function simple_queryall($query) { global $query_counter; if (SQL_DEBUG) { zb_SqlDebugOutput($query); } $result = ''; $queried = mysql_query($query) or die('wrong data input: ' . $query); while ($row = mysql_fetch_assoc($queried)) { $result[] = $row; } $query_counter++; return($result); } /** * Executing query and returns array of first result * * @global int $query_counter * @param string $query * * @return array */ function simple_query($query) { global $query_counter; if (SQL_DEBUG) { zb_SqlDebugOutput($query); } $queried = mysql_query($query) or die('wrong data input: ' . $query); $result = mysql_fetch_assoc($queried); $query_counter++; return($result); } /** * Updates single field in table with where expression * * @param string $tablename * @param string $field * @param string $value * @param string $where * @param bool $NoQuotesAroundValue * * @return void */ function simple_update_field($tablename, $field, $value, $where = '', $NoQuotesAroundValue = false) { $tablename = mysql_real_escape_string($tablename); $value = mysql_real_escape_string($value); $field = mysql_real_escape_string($field); if ($NoQuotesAroundValue) { $query = "UPDATE `" . $tablename . "` SET `" . $field . "` = " . $value . " " . $where . ""; } else { $query = "UPDATE `" . $tablename . "` SET `" . $field . "` = '" . $value . "' " . $where . ""; } nr_query($query); } /** * Returns last used `id` field available in some table * * @param string $tablename * * @return int */ function simple_get_lastid($tablename) { $tablename = mysql_real_escape_string($tablename); $query = "SELECT `id` from `" . $tablename . "` ORDER BY `id` DESC LIMIT 1"; $result = simple_query($query); return ($result['id']); } /** * Just executing single query * * @global int $query_counter * @param string $query * * @return mixed */ function nr_query($query) { global $query_counter; if (SQL_DEBUG) { zb_SqlDebugOutput($query); } $queried = mysql_query($query) or die('wrong data input: ' . $query); $query_counter++; return($queried); } //creating mysql connection object instance $db = new MySQLDB(); } /** * Returns cutted down data entry * Available modes: * 1 - digits, letters * 2 - only letters * 3 - only digits * 4 - digits, letters, "-", "_", "." * 5 - current lang alphabet + digits + punctuation * default - filter only blacklist chars * * @param string $data * @param int $mode * * @return string */ function vf($data, $mode = 0) { switch ($mode) { case 1: return preg_replace("#[^a-z0-9A-Z]#Uis", '', $data); // digits, letters break; case 2: return preg_replace("#[^a-zA-Z]#Uis", '', $data); // letters break; case 3: return preg_replace("#[^0-9]#Uis", '', $data); // digits break; case 4: return preg_replace("#[^a-z0-9A-Z\-_\.]#Uis", '', $data); // digits, letters, "-", "_", "." break; case 5: return preg_replace("#[^ [:punct:]" . ('a-zA-Z') . "0-9]#Uis", '', $data); // current lang alphabet + digits + punctuation break; default: return preg_replace("#[~@\+\?\%\/\;=\*\>\<\"\'\-]#Uis", '', $data); // black list anyway break; } } /** * Performs MySQL API debug output if enabled * * @param string $data * * @return void */ function zb_SqlDebugOutput($data) { global $mysqlDebugBuffer; if (SQL_DEBUG) { switch (SQL_DEBUG) { case 1: $timestamp = curdatetime(); $cleanData = trim($data); $logData = $timestamp . ' ' . $cleanData; $mysqlDebugBuffer[] = $logData; file_put_contents(SQL_DEBUG_LOG, $logData . SQL_DEBUG_QUERY_EOL . PHP_EOL, FILE_APPEND); break; case 2: print($data . PHP_EOL); break; } } } |