353 lines
8.4 KiB
PHP
353 lines
8.4 KiB
PHP
|
<?php
|
||
|
class db_mysql
|
||
|
{
|
||
|
var $connid;
|
||
|
var $dbname;
|
||
|
var $querynum = 0;
|
||
|
var $debug = 1;
|
||
|
var $search = array('/union/i', '/load_file(\s*(\/\*.*\*\/)?\s*)+\(/i', '/into(\s*(\/\*.*\*\/)?\s*)+outfile/i');
|
||
|
var $replace = array('union ', 'load_file (', 'into outfile');
|
||
|
private $db_enkey = "b9fc66957a4e5dbb";
|
||
|
|
||
|
function connect($dbhost, $dbuser, $dbpw, $dbname = '', $pconnect = 0, $charset = '')
|
||
|
{
|
||
|
$func = $pconnect == 1 ? 'mysql_pconnect' : 'mysql_connect';
|
||
|
if(!$this->connid = @$func($dbhost, $dbuser, $dbpw))
|
||
|
{
|
||
|
if(DB_NAME == '' && file_exists(PHPCMS_ROOT.'install.php'))
|
||
|
{
|
||
|
header('location:./install.php');
|
||
|
exit;
|
||
|
}
|
||
|
$this->halt('Can not connect to MySQL server');
|
||
|
return false;
|
||
|
}
|
||
|
if($this->version() > '4.1')
|
||
|
{
|
||
|
$serverset = $charset ? "character_set_connection='$charset',character_set_results='$charset',character_set_client=binary" : '';
|
||
|
$serverset .= $this->version() > '5.0.1' ? ((empty($serverset) ? '' : ',')." sql_mode='' ") : '';
|
||
|
$serverset && mysql_query("SET $serverset", $this->connid);
|
||
|
}
|
||
|
if($dbname && !@mysql_select_db($dbname , $this->connid))
|
||
|
{
|
||
|
$this->halt('Cannot use database '.$dbname);
|
||
|
return false;
|
||
|
}
|
||
|
$this->dbname = $dbname;
|
||
|
return $this->connid;
|
||
|
}
|
||
|
function link_id()
|
||
|
{
|
||
|
return $this->connid;
|
||
|
}
|
||
|
function select_db($dbname)
|
||
|
{
|
||
|
if(!@mysql_select_db($dbname , $this->connid)) return false;
|
||
|
$this->dbname = $dbname;
|
||
|
return true;
|
||
|
}
|
||
|
|
||
|
function query($sql , $type = '')
|
||
|
{
|
||
|
$func = $type == 'UNBUFFERED' ? 'mysql_unbuffered_query' : 'mysql_query';
|
||
|
if(!($query = @$func($sql , $this->connid)) && $type != 'SILENT')
|
||
|
{
|
||
|
$this->halt('MySQL Query Error', $sql);
|
||
|
return false;
|
||
|
}
|
||
|
$this->querynum++;
|
||
|
return $query;
|
||
|
}
|
||
|
|
||
|
function select($sql, $keyfield = '')
|
||
|
{
|
||
|
$array = array();
|
||
|
$result = $this->query($sql);
|
||
|
while($r = $this->fetch_array($result))
|
||
|
{
|
||
|
if($keyfield)
|
||
|
{
|
||
|
$key = $r[$keyfield];
|
||
|
$array[$key] = $r;
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
$array[] = $r;
|
||
|
}
|
||
|
}
|
||
|
$this->free_result($result);
|
||
|
return $array;
|
||
|
}
|
||
|
|
||
|
function insert($tablename, $array)
|
||
|
{
|
||
|
$this->check_fields($tablename, $array);
|
||
|
return $this->query("INSERT INTO `$tablename`(`".implode('`,`', array_keys($array))."`) VALUES('".implode("','", $array)."')");
|
||
|
}
|
||
|
|
||
|
function update($tablename, $array, $where = '')
|
||
|
{
|
||
|
$this->check_fields($tablename, $array);
|
||
|
if($where)
|
||
|
{
|
||
|
$sql = '';
|
||
|
foreach($array as $k=>$v)
|
||
|
{
|
||
|
$sql .= ", `$k`='$v'";
|
||
|
}
|
||
|
$sql = substr($sql, 1);
|
||
|
$sql = "UPDATE `$tablename` SET $sql WHERE $where";
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
$sql = "REPLACE INTO `$tablename`(`".implode('`,`', array_keys($array))."`) VALUES('".implode("','", $array)."')";
|
||
|
}
|
||
|
return $this->query($sql);
|
||
|
}
|
||
|
|
||
|
function delete($tablename, $where){
|
||
|
if(empty($where)){
|
||
|
return false;
|
||
|
}
|
||
|
return $this->query("delete from {$tablename} where {$where}");
|
||
|
}
|
||
|
|
||
|
function get_primary($table)
|
||
|
{
|
||
|
$result = $this->query("SHOW COLUMNS FROM $table");
|
||
|
while($r = $this->fetch_array($result))
|
||
|
{
|
||
|
if($r['Key'] == 'PRI') break;
|
||
|
}
|
||
|
$this->free_result($result);
|
||
|
return $r['Field'];
|
||
|
}
|
||
|
|
||
|
function check_fields($tablename, $array)
|
||
|
{
|
||
|
$fields = $this->get_fields($tablename);
|
||
|
foreach($array AS $k=>$v)
|
||
|
{
|
||
|
if(!in_array($k,$fields))
|
||
|
{
|
||
|
$this->halt('MySQL Query Error', "Unknown column '$k' in field list");
|
||
|
return false;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
function get_fields($table)
|
||
|
{
|
||
|
$fields = array();
|
||
|
$result = $this->query("SHOW COLUMNS FROM $table");
|
||
|
while($r = $this->fetch_array($result))
|
||
|
{
|
||
|
$fields[] = $r['Field'];
|
||
|
}
|
||
|
$this->free_result($result);
|
||
|
return $fields;
|
||
|
}
|
||
|
|
||
|
function get_one($sql, $type = '', $expires = 3600, $dbname = '')
|
||
|
{
|
||
|
$query = $this->query($sql, $type, $expires, $dbname);
|
||
|
if(!$query) return false;
|
||
|
$rs = $this->fetch_array($query);
|
||
|
$this->free_result($query);
|
||
|
return $rs ;
|
||
|
}
|
||
|
|
||
|
function get_all($sql, $type = '', $expires = 3600, $dbname = '')
|
||
|
{
|
||
|
$query = $this->query($sql, $type, $expires, $dbname);
|
||
|
$data = array();
|
||
|
while($row = $this->fetch_array($query)) {
|
||
|
$data[] = $row;
|
||
|
}
|
||
|
$this->free_result($query);
|
||
|
return $data ;
|
||
|
}
|
||
|
|
||
|
function get_colume($sql, $type = '', $expires = 3600, $dbname = '')
|
||
|
{
|
||
|
$query = $this->query($sql, $type, $expires, $dbname);
|
||
|
$rs = $this->fetch_array($query);
|
||
|
$this->free_result($query);
|
||
|
return reset($rs) ;
|
||
|
}
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
function dbenc($s) {
|
||
|
if($this->db_enkey) {
|
||
|
$s = "genc_".$this->aes_encrypt($s, $this->db_enkey);
|
||
|
}
|
||
|
return $s;
|
||
|
}
|
||
|
function dbdec($s) {
|
||
|
if($this->db_enkey) {
|
||
|
if(strpos($s, 'genc_') === 0) $s = substr($s, 5);
|
||
|
$s = $this->aes_decrypt($s, $this->db_enkey);
|
||
|
}
|
||
|
return $s;
|
||
|
}
|
||
|
|
||
|
function aes_encrypt($orig_data, $key, $iv = '', $raw = false) {
|
||
|
$mode = MCRYPT_MODE_CBC;
|
||
|
if($iv == 'ecb') {
|
||
|
$iv = str_repeat("0", 16);
|
||
|
$mode = MCRYPT_MODE_ECB;
|
||
|
}
|
||
|
$encrypter = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', $mode, '');
|
||
|
|
||
|
$blocksize = mcrypt_enc_get_block_size($encrypter);
|
||
|
$padding = $blocksize - strlen($orig_data) % $blocksize;
|
||
|
$padding_text = str_repeat(chr($padding), $padding);
|
||
|
$orig_data .= $padding_text;
|
||
|
|
||
|
|
||
|
if(!$iv) $iv = substr($key, 0, 16);
|
||
|
mcrypt_generic_init($encrypter, $key, $iv);
|
||
|
$ciphertext = mcrypt_generic($encrypter, $orig_data);
|
||
|
mcrypt_generic_deinit($encrypter);
|
||
|
mcrypt_module_close($encrypter);
|
||
|
if(!$raw) $ciphertext = base64_encode($ciphertext);
|
||
|
return $ciphertext;
|
||
|
}
|
||
|
|
||
|
function aes_decrypt($ciphertext, $key, $iv = '', $raw = false) {
|
||
|
if($ciphertext == '') return false;
|
||
|
$mode = MCRYPT_MODE_CBC;
|
||
|
if($iv == 'ecb') {
|
||
|
$iv = str_repeat("0", 16);
|
||
|
$mode = MCRYPT_MODE_ECB;
|
||
|
}
|
||
|
|
||
|
$encrypter = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', $mode, '');
|
||
|
if(!$raw) $ciphertext = base64_decode($ciphertext);
|
||
|
|
||
|
if(!$iv) $iv = substr($key, 0, 16);
|
||
|
mcrypt_generic_init($encrypter, $key, $iv);
|
||
|
$orig_data = mdecrypt_generic($encrypter, $ciphertext);
|
||
|
mcrypt_generic_deinit($encrypter);
|
||
|
mcrypt_module_close($encrypter);
|
||
|
$length = strlen($orig_data);
|
||
|
$unpadding = ord($orig_data[$length - 1]);
|
||
|
return substr($orig_data, 0, $length - $unpadding);
|
||
|
}
|
||
|
|
||
|
function fetch_array($query, $result_type = MYSQL_ASSOC)
|
||
|
{
|
||
|
$row = @mysql_fetch_array($query, $result_type);
|
||
|
if(!$row) return $row;
|
||
|
foreach($row as $k => $v) {
|
||
|
if(strpos($v, 'genc_') === 0) {
|
||
|
$row[$k] = $this->dbdec($v);
|
||
|
}
|
||
|
}
|
||
|
return $row;
|
||
|
}
|
||
|
|
||
|
function affected_rows()
|
||
|
{
|
||
|
return mysql_affected_rows($this->connid);
|
||
|
}
|
||
|
|
||
|
function num_rows($query)
|
||
|
{
|
||
|
return mysql_num_rows($query);
|
||
|
}
|
||
|
|
||
|
function num_fields($query)
|
||
|
{
|
||
|
return mysql_num_fields($query);
|
||
|
}
|
||
|
|
||
|
function result($query, $row)
|
||
|
{
|
||
|
return @mysql_result($query, $row);
|
||
|
}
|
||
|
|
||
|
function free_result(&$query)
|
||
|
{
|
||
|
return @mysql_free_result($query);
|
||
|
}
|
||
|
|
||
|
function insert_id()
|
||
|
{
|
||
|
return mysql_insert_id($this->connid);
|
||
|
}
|
||
|
|
||
|
function fetch_row($query)
|
||
|
{
|
||
|
return mysql_fetch_row($query);
|
||
|
}
|
||
|
|
||
|
function escape($string)
|
||
|
{
|
||
|
if(!is_array($string)) return str_replace(array('\n', '\r'), array(chr(10), chr(13)), mysql_real_escape_string(preg_replace($this->search, $this->replace, $string), $this->connid));
|
||
|
foreach($string as $key=>$val) $string[$key] = $this->escape($val);
|
||
|
return $string;
|
||
|
}
|
||
|
|
||
|
function table_status($table)
|
||
|
{
|
||
|
return $this->get_one("SHOW TABLE STATUS LIKE '$table'");
|
||
|
}
|
||
|
|
||
|
function tables()
|
||
|
{
|
||
|
$tables = array();
|
||
|
$result = $this->query("SHOW TABLES");
|
||
|
while($r = $this->fetch_array($result))
|
||
|
{
|
||
|
$tables[] = $r['Tables_in_'.$this->dbname];
|
||
|
}
|
||
|
$this->free_result($result);
|
||
|
return $tables;
|
||
|
}
|
||
|
|
||
|
function table_exists($table)
|
||
|
{
|
||
|
$tables = $this->tables($table);
|
||
|
return in_array($table, $tables);
|
||
|
}
|
||
|
|
||
|
function field_exists($table, $field)
|
||
|
{
|
||
|
$fields = $this->get_fields($table);
|
||
|
return in_array($field, $fields);
|
||
|
}
|
||
|
|
||
|
function version()
|
||
|
{
|
||
|
return mysql_get_server_info($this->connid);
|
||
|
}
|
||
|
|
||
|
function close()
|
||
|
{
|
||
|
return mysql_close($this->connid);
|
||
|
}
|
||
|
|
||
|
function error()
|
||
|
{
|
||
|
return @mysql_error($this->connid);
|
||
|
}
|
||
|
|
||
|
function errno()
|
||
|
{
|
||
|
return intval(@mysql_errno($this->connid)) ;
|
||
|
}
|
||
|
|
||
|
function halt($message = '', $sql = '')
|
||
|
{
|
||
|
//$this->errormsg = "<b>MySQL Query : </b>$sql <br /><b> MySQL Error : </b>".$this->error()." <br /> <b>MySQL Errno : </b>".$this->errno()." <br /><b> Message : </b> $message";
|
||
|
//if($this->debug)
|
||
|
//{
|
||
|
//$msg = (defined('IN_ADMIN') || DEBUG) ? $this->errormsg : "Bad Request. $LANG[illegal_request_return]";
|
||
|
//echo '<div style="font-size:12px;text-align:left; border:1px solid #9cc9e0; padding:1px 4px;color:#000000;font-family:Arial, Helvetica,sans-serif;"><span>'.$msg.'</span></div>';
|
||
|
// exit;
|
||
|
//}
|
||
|
}
|
||
|
}
|