Enano CMS (1.0.x): includes/dbal.php@f6454d5fec7a (annotated)

1 fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1	<?php
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	2
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	3	/*
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	4	* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
21 663fcf528726 Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs Dan parents: 16 diff changeset	5	* Version 1.0 (Banshee)
1 fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	6	* Copyright (C) 2006-2007 Dan Fuhry
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	7	*
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	8	* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	9	* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	10	*
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	11	* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	12	* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	13	*/
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	14
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	15	function db_error_handler($errno, $errstr, $errfile = false, $errline = false, $errcontext = Array() )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	16	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	17	if ( !defined('ENANO_DEBUG') )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	18	return;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	19	$e = error_reporting(0);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	20	error_reporting($e);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	21	if ( $e < $errno )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	22	return;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	23	$errtype = 'Notice';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	24	switch ( $errno )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	25	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	26	case E_ERROR: case E_USER_ERROR: case E_CORE_ERROR: case E_COMPILE_ERROR: $errtype = 'Error'; break;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	27	case E_WARNING: case E_USER_WARNING: case E_CORE_WARNING: case E_COMPILE_WARNING: $errtype = 'Warning'; break;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	28	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	29	$debug = debug_backtrace();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	30	$debug = $debug[2]['file'] . ', line ' . $debug[2]['line'];
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	31	echo "<b>$errtype:</b> $errstr<br />Error source:<pre>$debug</pre>";
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	32	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	33
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	34	class mysql {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	35	var $num_queries, $query_backtrace, $latest_result, $latest_query, $_conn, $sql_stack_fields, $sql_stack_values;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	36	var $row = array();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	37	var $rowset = array();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	38	var $errhandler;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	39
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	40	function enable_errorhandler()
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	41	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	42	if ( function_exists('debug_backtrace') )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	43	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	44	$this->errhandler = set_error_handler('db_error_handler');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	45	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	46	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	47
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	48	function disable_errorhandler()
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	49	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	50	if ( $this->errhandler )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	51	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	52	set_error_handler($this->errhandler);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	53	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	54	else
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	55	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	56	restore_error_handler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	57	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	58	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	59
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	60	function sql_backtrace() {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	61	$qb = explode("\n", $this->query_backtrace);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	62	$bt = '';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	63	//for($i=sizeof($qb)-1;$i>=0;$i--) {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	64	for($i=0;$i<sizeof($qb);$i++) {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	65	$bt .= $qb[$i]."\n";
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	66	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	67	return $bt;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	68	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	69
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	70	function ensure_connection()
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	71	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	72	if(!$this->_conn)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	73	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	74	$this->connect();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	75	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	76	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	77
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	78	function _die($t = '') {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	79	if(defined('ENANO_HEADERS_SENT')) {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	80	ob_clean();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	81	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	82	header('HTTP/1.1 500 Internal Server Error');
15 ad5986a53197 Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability Dan parents: 1 diff changeset	83	$bt = $this->latest_query; // $this->sql_backtrace();
1 fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	84	$e = htmlspecialchars(mysql_error());
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	85	if($e=='') $e='<none>';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	86	if(defined('ENANO_CONFIG_FETCHED')) die_semicritical('Database error', '<h3>An error occurred during a database query.</h3><p>'.$t.'<br />Error returned by MySQL: '.$e.'<br />SQL Backtrace:</p><pre>'.$bt.'</pre>');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	87	else grinding_halt('Database error', '<h3>An error occurred during a database query.</h3><p>'.$t.'<br />Error returned by MySQL: '.$e.'<br />SQL Backtrace:</p><pre>'.$bt.'</pre>');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	88	exit;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	89	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	90
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	91	function die_json()
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	92	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	93	$e = addslashes(htmlspecialchars(mysql_error()));
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	94	$q = addslashes($this->latest_query);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	95	$t = "{'mode':'error','error':'An error occurred during database query.\nQuery was:\n $q\n\nError returned by MySQL: $e'}";
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	96	die($t);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	97	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	98
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	99	function get_error($t = '') {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	100	header('HTTP/1.1 500 Internal Server Error');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	101	$bt = $this->sql_backtrace();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	102	$e = htmlspecialchars(mysql_error());
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	103	if($e=='') $e='<none>';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	104	$text = '<h3>An error occurred during a database query.</h3><p>'.$t.'<br />Error returned by MySQL: '.$e.'<br />SQL Backtrace:</p><pre>'.$bt.'</pre>';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	105	return $text;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	106	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	107
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	108	function connect() {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	109	$this->enable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	110	dc_here('dbal: trying to connect....');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	111	@include(ENANO_ROOT.'/config.php');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	112	if(isset($crypto_key))
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	113	unset($crypto_key); // Get this sucker out of memory fast
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	114	if(!defined('ENANO_INSTALLED') && !defined('MIDGET_INSTALLED') && !defined('IN_ENANO_INSTALL') )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	115	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	116	dc_here('dbal: oops, looks like Enano isn\'t set up. Constants ENANO_INSTALLED, MIDGET_INSTALLED, and IN_ENANO_INSTALL are all undefined.');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	117	header('Location: install.php');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	118	exit;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	119	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	120	$this->_conn = @mysql_connect($dbhost, $dbuser, $dbpasswd);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	121	unset($dbuser);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	122	unset($dbpasswd); // Security
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	123	if(!$this->_conn) { dc_here('dbal: uhoh!<br />'.mysql_error()); grinding_halt('Enano is having a problem', '<p>Error: couldn\'t connect to MySQL.<br />'.mysql_error().'</p>'); }
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	124	$this->query_backtrace = '';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	125	$this->num_queries = 0;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	126	dc_here('dbal: we\'re in, selecting database...');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	127	$q = $this->sql_query('USE '.$dbname.';');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	128	if(!$q) $this->_die('The database could not be selected.');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	129	dc_here('dbal: connected to MySQL');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	130	$this->disable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	131	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	132
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	133	function sql_query($q) {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	134	$this->enable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	135	$this->num_queries++;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	136	$this->query_backtrace .= $q."\n";
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	137	$this->latest_query = $q;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	138	dc_here('dbal: making SQL query:<br /><tt>'.$q.'</tt>');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	139	if(!$this->_conn) $this->_die('A database connection has not yet been established.');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	140	if(!$this->check_query($q))
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	141	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	142	$this->report_query($q);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	143	grinding_halt('SQL Injection attempt', '<p>Enano has caught and prevented an SQL injection attempt. Your IP address has been recorded and the administrator has been notified.</p><p>Query was:</p><pre>'.htmlspecialchars($q).'</pre>');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	144	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	145	$r = mysql_query($q, $this->_conn);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	146	$this->latest_result = $r;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	147	$this->disable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	148	return $r;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	149	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	150
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	151	function sql_unbuffered_query($q) {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	152	$this->enable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	153	$this->num_queries++;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	154	$this->query_backtrace .= '(UNBUFFERED) ' . $q."\n";
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	155	$this->latest_query = $q;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	156	dc_here('dbal: making SQL query:<br /><tt>'.$q.'</tt>');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	157	if(!$this->_conn) $this->_die('A database connection has not yet been established.');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	158	if(!$this->check_query($q))
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	159	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	160	$this->report_query($q);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	161	grinding_halt('SQL Injection attempt', '<p>Enano has caught and prevented an SQL injection attempt. Your IP address has been recorded and the administrator has been notified.</p><p>Query was:</p><pre>'.htmlspecialchars($q).'</pre>');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	162	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	163	$r = mysql_unbuffered_query($q, $this->_conn);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	164	$this->latest_result = $r;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	165	$this->disable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	166	return $r;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	167	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	168
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	169	/**
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	170	* Checks a SQL query for possible signs of injection attempts
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	171	* @param string $q the query to check
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	172	* @return bool true if query passed check, otherwise false
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	173	*/
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	174
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	175	function check_query($q, $debug = false)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	176	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	177	if($debug) echo "\$db->check_query(): checking query: ".htmlspecialchars($q).'<br />'."\n";
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	178	$sz = strlen($q);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	179	$quotechar = false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	180	$quotepos = 0;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	181	$prev_is_quote = false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	182	$just_started = false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	183	for($i=0;$i<strlen($q);$i++,$c=substr($q, $i, 1))
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	184	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	185	$next = substr($q, $i+1, 1);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	186	$next2 = substr($q, $i+2, 1);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	187	$prev = substr($q, $i-1, 1);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	188	$prev2 = substr($q, $i-2, 1);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	189	if(isset($c) && in_array($c, Array('"', "'", '`')))
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	190	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	191	if($quotechar)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	192	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	193	if(
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	194	( $quotechar == $c && $quotechar != $next && ( $quotechar != $prev \|\| $just_entered ) && $prev != '\\') \|\|
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	195	( $prev2 == '\\' && $prev == $quotechar && $quotechar == $c )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	196	)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	197	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	198	$quotechar = false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	199	if($debug) echo('$db->check_query(): just finishing a quote section, quoted string: '.htmlspecialchars(substr($q, $quotepos, $i - $quotepos + 1)) . '<br />');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	200	$q = substr($q, 0, $quotepos) . 'SAFE_QUOTE' . substr($q, $i + 1, strlen($q));
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	201	if($debug) echo('$db->check_query(): Filtered query: '.$q.'<br />');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	202	$i = $quotepos;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	203	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	204	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	205	else
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	206	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	207	$quotechar = $c;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	208	$quotepos = $i;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	209	$just_entered = true;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	210	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	211	if($debug) echo '$db->check_query(): found quote char as pos: '.$i.'<br />';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	212	continue;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	213	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	214	$just_entered = false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	215	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	216	if(substr(trim($q), strlen(trim($q))-1, 1) == ';') $q = substr(trim($q), 0, strlen(trim($q))-1);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	217	for($i=0;$i<strlen($q);$i++,$c=substr($q, $i, 1))
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	218	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	219	if( ( $c == ';' && $i != $sz-1 ) \|\| $c . substr($q, $i+1, 1) == '--') // Don't permit semicolons in mid-query, and never allow comments
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	220	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	221	// Injection attempt!
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	222	if($debug)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	223	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	224	$e = '';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	225	for($j=$i-5;$j<$i+5;$j++)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	226	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	227	if($j == $i) $e .= '<span style="color: red; text-decoration: underline;">' . $c . '</span>';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	228	else $e .= $c;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	229	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	230	echo 'Injection attempt caught at pos: '.$i.'<br />';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	231	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	232	return false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	233	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	234	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	235	return true;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	236	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	237
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	238	/**
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	239	* Set the internal result pointer to X
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	240	* @param int $pos The number of the row
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	241	* @param resource $result The MySQL result resource - if not given, the latest cached query is assumed
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	242	* @return true on success, false on failure
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	243	*/
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	244
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	245	function sql_data_seek($pos, $result = false)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	246	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	247	$this->enable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	248	if(!$result)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	249	$result = $this->latest_result;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	250	if(!$result)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	251	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	252	$this->disable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	253	return false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	254	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	255	if(mysql_data_seek($result, $pos))
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	256	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	257	$this->disable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	258	return true;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	259	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	260	else
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	261	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	262	$this->disable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	263	return false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	264	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	265	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	266
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	267	/**
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	268	* Reports a bad query to the admin
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	269	* @param string $query the naughty query
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	270	* @access private
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	271	*/
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	272
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	273	function report_query($query)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	274	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	275	global $session;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	276	if(is_object($session) && defined('ENANO_MAINSTREAM'))
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	277	$username = $session->username;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	278	else
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	279	$username = 'Unavailable';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	280	$query = $this->escape($query);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	281	$q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type, action, time_id, date_string, page_text, author, edit_summary)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	282	VALUES(\'security\', \'sql_inject\', '.time().', \'\', \''.$query.'\', \''.$username.'\', \''.$_SERVER['REMOTE_ADDR'].'\');');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	283	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	284
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	285	function fetchrow($r = false) {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	286	$this->enable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	287	if(!$this->_conn) return false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	288	if(!$r) $r = $this->latest_result;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	289	if(!$r) $this->_die('$db->fetchrow(): an invalid MySQL resource was passed.');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	290	$row = mysql_fetch_assoc($r);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	291	$this->disable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	292	return $row;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	293	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	294
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	295	function fetchrow_num($r = false) {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	296	$this->enable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	297	if(!$r) $r = $this->latest_result;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	298	if(!$r) $this->_die('$db->fetchrow(): an invalid MySQL resource was passed.');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	299	$row = mysql_fetch_row($r);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	300	$this->disable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	301	return $row;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	302	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	303
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	304	function numrows($r = false) {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	305	$this->enable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	306	if(!$r) $r = $this->latest_result;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	307	if(!$r) $this->_die('$db->fetchrow(): an invalid MySQL resource was passed.');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	308	$n = mysql_num_rows($r);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	309	$this->disable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	310	return $n;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	311	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	312
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	313	function escape($str)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	314	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	315	$this->enable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	316	$str = mysql_real_escape_string($str);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	317	$this->disable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	318	return $str;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	319	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	320
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	321	function free_result($result = false)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	322	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	323	$this->enable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	324	if(!$result)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	325	$result = $this->latest_result;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	326	if(!$result)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	327	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	328	$this->disable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	329	return null;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	330	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	331	mysql_free_result($result);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	332	$this->disable_errorhandler();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	333	return null;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	334	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	335
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	336	function close() {
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	337	dc_here('dbal: closing MySQL connection');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	338	mysql_close($this->_conn);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	339	unset($this->_conn);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	340	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	341
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	342	// phpBB DBAL compatibility
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	343	function sql_fetchrow($r = false)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	344	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	345	return $this->fetchrow($r);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	346	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	347	function sql_freeresult($r = false)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	348	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	349	if(!$this->_conn) return false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	350	if(!$r) $r = $this->latest_result;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	351	if(!$r) $this->_die('$db->fetchrow(): an invalid MySQL resource was passed.');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	352	mysql_free_result($r);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	353	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	354	function sql_numrows($r = false)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	355	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	356	if(!$this->_conn) return false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	357	if(!$r) $r = $this->latest_result;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	358	if(!$r) $this->_die('$db->fetchrow(): an invalid MySQL resource was passed.');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	359	return mysql_num_rows($r);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	360	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	361	function sql_affectedrows($r = false, $f, $n)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	362	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	363	if(!$this->_conn) return false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	364	if(!$r) $r = $this->latest_result;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	365	if(!$r) $this->_die('$db->fetchrow(): an invalid MySQL resource was passed.');
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	366	return mysql_affected_rows();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	367	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	368
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	369	function sql_type_cast(&$value)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	370	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	371	if ( is_float($value) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	372	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	373	return doubleval($value);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	374	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	375	if ( is_integer($value) \|\| is_bool($value) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	376	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	377	return intval($value);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	378	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	379	if ( is_string($value) \|\| empty($value) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	380	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	381	return '\'' . $this->sql_escape_string($value) . '\'';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	382	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	383	// uncastable var : let's do a basic protection on it to prevent sql injection attempt
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	384	return '\'' . $this->sql_escape_string(htmlspecialchars($value)) . '\'';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	385	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	386
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	387	function sql_statement(&$fields, $fields_inc='')
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	388	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	389	// init result
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	390	$this->sql_fields = $this->sql_values = $this->sql_update = '';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	391	if ( empty($fields) && empty($fields_inc) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	392	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	393	return;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	394	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	395
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	396	// process
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	397	if ( !empty($fields) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	398	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	399	$first = true;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	400	foreach ( $fields as $field => $value )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	401	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	402	// field must contain a field name
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	403	if ( !empty($field) && is_string($field) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	404	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	405	$value = $this->sql_type_cast($value);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	406	$this->sql_fields .= ( $first ? '' : ', ' ) . $field;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	407	$this->sql_values .= ( $first ? '' : ', ' ) . $value;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	408	$this->sql_update .= ( $first ? '' : ', ' ) . $field . ' = ' . $value;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	409	$first = false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	410	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	411	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	412	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	413	if ( !empty($fields_inc) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	414	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	415	foreach ( $fields_inc as $field => $indent )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	416	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	417	if ( $indent != 0 )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	418	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	419	$this->sql_update .= (empty($this->sql_update) ? '' : ', ') . $field . ' = ' . $field . ($indent < 0 ? ' - ' : ' + ') . abs($indent);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	420	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	421	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	422	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	423	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	424
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	425	function sql_stack_reset($id='')
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	426	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	427	if ( empty($id) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	428	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	429	$this->sql_stack_fields = array();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	430	$this->sql_stack_values = array();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	431	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	432	else
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	433	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	434	$this->sql_stack_fields[$id] = array();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	435	$this->sql_stack_values[$id] = array();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	436	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	437	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	438
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	439	function sql_stack_statement(&$fields, $id='')
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	440	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	441	$this->sql_statement($fields);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	442	if ( empty($id) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	443	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	444	$this->sql_stack_fields = $this->sql_fields;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	445	$this->sql_stack_values[] = '(' . $this->sql_values . ')';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	446	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	447	else
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	448	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	449	$this->sql_stack_fields[$id] = $this->sql_fields;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	450	$this->sql_stack_values[$id][] = '(' . $this->sql_values . ')';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	451	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	452	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	453
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	454	function sql_stack_insert($table, $transaction=false, $line='', $file='', $break_on_error=true, $id='')
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	455	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	456	if ( (empty($id) && empty($this->sql_stack_values)) \|\| (!empty($id) && empty($this->sql_stack_values[$id])) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	457	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	458	return false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	459	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	460	switch( SQL_LAYER )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	461	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	462	case 'mysql':
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	463	case 'mysql4':
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	464	if ( empty($id) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	465	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	466	$sql = 'INSERT INTO ' . $table . '
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	467	(' . $this->sql_stack_fields . ') VALUES ' . implode(",\n", $this->sql_stack_values);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	468	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	469	else
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	470	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	471	$sql = 'INSERT INTO ' . $table . '
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	472	(' . $this->sql_stack_fields[$id] . ') VALUES ' . implode(",\n", $this->sql_stack_values[$id]);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	473	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	474	$this->sql_stack_reset($id);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	475	return $this->sql_query($sql, $transaction, $line, $file, $break_on_error);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	476	break;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	477	default:
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	478	$count_sql_stack_values = empty($id) ? count($this->sql_stack_values) : count($this->sql_stack_values[$id]);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	479	$result = !empty($count_sql_stack_values);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	480	for ( $i = 0; $i < $count_sql_stack_values; $i++ )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	481	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	482	if ( empty($id) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	483	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	484	$sql = 'INSERT INTO ' . $table . '
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	485	(' . $this->sql_stack_fields . ') VALUES ' . $this->sql_stack_values[$i];
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	486	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	487	else
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	488	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	489	$sql = 'INSERT INTO ' . $table . '
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	490	(' . $this->sql_stack_fields[$id] . ') VALUES ' . $this->sql_stack_values[$id][$i];
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	491	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	492	$result &= $this->sql_query($sql, $transaction, $line, $file, $break_on_error);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	493	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	494	$this->sql_stack_reset($id);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	495	return $result;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	496	break;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	497	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	498	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	499
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	500	function sql_subquery($field, $sql, $line='', $file='', $break_on_error=true, $type=TYPE_INT)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	501	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	502	// sub-queries doable
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	503	$this->sql_get_version();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	504	if ( !in_array(SQL_LAYER, array('mysql', 'mysql4')) \|\| (($this->sql_version[0] + ($this->sql_version[1] / 100)) >= 4.01) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	505	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	506	return $sql;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	507	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	508
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	509	// no sub-queries
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	510	$ids = array();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	511	$result = $this->sql_query(trim($sql), false, $line, $file, $break_on_error);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	512	while ( $row = $this->sql_fetchrow($result) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	513	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	514	$ids[] = $type == TYPE_INT ? intval($row[$field]) : '\'' . $this->sql_escape_string($row[$field]) . '\'';
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	515	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	516	$this->sql_freeresult($result);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	517	return empty($ids) ? 'NULL' : implode(', ', $ids);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	518	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	519
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	520	function sql_col_id($expr, $alias)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	521	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	522	$this->sql_get_version();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	523	return in_array(SQL_LAYER, array('mysql', 'mysql4')) && (($this->sql_version[0] + ($this->sql_version[1] / 100)) <= 4.01) ? $alias : $expr;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	524	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	525
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	526	function sql_get_version()
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	527	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	528	if ( empty($this->sql_version) )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	529	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	530	$this->sql_version = array(0, 0, 0);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	531	switch ( SQL_LAYER )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	532	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	533	case 'mysql':
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	534	case 'mysql4':
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	535	if ( function_exists('mysql_get_server_info') )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	536	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	537	$lo_version = explode('-', mysql_get_server_info());
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	538	$this->sql_version = explode('.', $lo_version[0]);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	539	$this->sql_version = array(intval($this->sql_version[0]), intval($this->sql_version[1]), intval($this->sql_version[2]), $lo_version[1]);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	540	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	541	break;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	542
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	543	case 'postgresql':
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	544	case 'mssql':
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	545	case 'mssql-odbc':
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	546	default:
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	547	break;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	548	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	549	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	550	return $this->sql_version;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	551	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	552
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	553	function sql_error()
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	554	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	555	if ( $this->_conn )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	556	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	557	return mysql_error();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	558	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	559	else
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	560	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	561	return array();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	562	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	563	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	564	function sql_escape_string($t)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	565	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	566	return mysql_real_escape_string($t);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	567	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	568	function sql_close()
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	569	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	570	$this->close();
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	571	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	572	function sql_fetchrowset($query_id = 0)
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	573	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	574	if( !$query_id )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	575	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	576	$query_id = $this->query_result;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	577	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	578
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	579	if( $query_id )
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	580	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	581	unset($this->rowset[$query_id]);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	582	unset($this->row[$query_id]);
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	583
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	584	while($this->rowset[$query_id] = mysql_fetch_array($query_id, MYSQL_ASSOC))
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	585	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	586	$result[] = $this->rowset[$query_id];
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	587	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	588
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	589	return $result;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	590	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	591	else
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	592	{
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	593	return false;
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	594	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	595	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	596	}
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	597
fe660c52c48f Adding /includes dan@scribus.fuhry.local.fuhry.local parents: diff changeset	598	?>

author	Dan
	Wed, 11 Jul 2007 15:56:18 -0400
changeset 67	f6454d5fec7a
parent 21	663fcf528726
child 73	0a74676a2f2f
permissions	-rw-r--r--