diff -r 990ccfb20120 -r f58e0b6e9c22 includes/dbal.php
--- a/includes/dbal.php Thu Feb 14 21:57:04 2008 -0500
+++ b/includes/dbal.php Sat Feb 16 16:56:08 2008 -0500
@@ -41,6 +41,8 @@
function enable_errorhandler()
{
+ if ( !defined('ENANO_DEBUG') )
+ return true;
// echo "DBAL: enabling error handler
";
if ( function_exists('debug_backtrace') )
{
@@ -50,6 +52,8 @@
function disable_errorhandler()
{
+ if ( !defined('ENANO_DEBUG') )
+ return true;
// echo "DBAL: disabling error handler
";
if ( $this->errhandler )
{
@@ -210,9 +214,10 @@
return true;
}
- function sql_query($q)
+ function sql_query($q, $log_query = true)
{
- $this->enable_errorhandler();
+ if ( $log_query || defined('ENANO_DEBUG') )
+ $this->enable_errorhandler();
if ( $this->debug && function_exists('debug_backtrace') )
{
@@ -233,34 +238,48 @@
}
$this->num_queries++;
- $this->query_backtrace[] = $q;
- $this->latest_query = $q;
+ if ( $log_query || defined('ENANO_DEBUG') )
+ {
+ $this->query_backtrace[] = $q;
+ $this->latest_query = $q;
+ }
// First make sure we have a connection
if ( !$this->_conn )
{
$this->_die('A database connection has not yet been established.');
}
+ // Start the timer
+ if ( $log_query || defined('ENANO_DEBUG') )
+ $time_start = microtime_float();
// Does this query look malicious?
- if ( !$this->check_query($q) )
+ if ( $log_query || defined('ENANO_DEBUG') )
{
- $this->report_query($q);
- grinding_halt('SQL Injection attempt', '
Enano has caught and prevented an SQL injection attempt. Your IP address has been recorded and the administrator has been notified.
Query was:
'.htmlspecialchars($q).''); + if ( !$this->check_query($q) ) + { + $this->report_query($q); + grinding_halt('SQL Injection attempt', '
Enano has caught and prevented an SQL injection attempt. Your IP address has been recorded and the administrator has been notified.
Query was:
'.htmlspecialchars($q).''); + } } - $time_start = microtime_float(); $r = mysql_query($q, $this->_conn); - $this->query_times[$q] = microtime_float() - $time_start; + + if ( $log_query ) + $this->query_times[$q] = microtime_float() - $time_start; + $this->latest_result = $r; - $this->disable_errorhandler(); + + if ( $log_query ) + $this->disable_errorhandler(); return $r; } - function sql_unbuffered_query($q) + function sql_unbuffered_query($q, $log_query = true) { $this->enable_errorhandler(); $this->num_queries++; - $this->query_backtrace[] = '(UNBUFFERED) ' . $q; + if ( $log_query || defined('ENANO_DEBUG') ) + $this->query_backtrace[] = '(UNBUFFERED) ' . $q; $this->latest_query = $q; // First make sure we have a connection if ( !$this->_conn )