API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 6th, 2016
103
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.84 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /* This script is free to modify and distribute
  3.  
  4. Current version: 1.4
  5.  
  6. Updated 21 March 2009 (tehsausage@gmail.com) [1.4]
  7. Strip null characters in Database::Escape()
  8. Updated 24th August 2008 (tehsausage@gmail.com) [1.3]
  9. Fixed critical exploit - $ and # weren't escaped by Database::Escape()
  10. Updated 17th May 2008 (tehsausage@gmail.com) [1.2]
  11. Addeed AffectedRows() - returns the number of rows affected by the last query
  12. Fixed InsertID bug on MySQL (_db instead of db)
  13. Updated 13th March 2008 (tehsausage@gmail.com) [1.1]
  14. Added InsertID() - returns ID of last INSERT query
  15. Created 20th December 2007 (tehsausage@gmail.com) [1.0]
  16. PHP port of the db wrapper I wrote in C++
  17.  
  18. */
  19.  
  20. class Database{
  21. protected $db;
  22. protected $type;
  23. protected $count=0;
  24. protected $debug=array();
  25. private $sqlite_rowcount;
  26. function __construct($type,$host=NULL,$user=NULL,$pass=NULL,$name=NULL){
  27. $this->type = 'unknown';
  28. switch ($type){
  29. case 'sqlite':
  30. try {
  31. $this->db = new PDO('sqlite:'.$host);
  32. } catch (PDOException $pdoe) {
  33. throw new Exception("Could not connect to DB (".$pdoe->getMessage().")");
  34. }
  35. $this->type = $type;
  36. break;
  37. case 'mysql':
  38. if (!($this->db = mysql_connect($host,$user,$pass)))
  39. throw new Exception("Could not connect to DB (".mysql_error().")");
  40. $this->type = $type;
  41. if (!mysql_select_db($name,$this->db))
  42. throw new Exception("Could not select DB");
  43. break;
  44. default:
  45. throw new Exception("Unknown DB type");
  46. }
  47. }
  48. function AffectedRows(){
  49. switch ($this->type){
  50. case 'sqlite':
  51. return $this->sqlite_rowcount;
  52. break;
  53. case 'mysql':
  54. return mysql_affected_rows($this->db);
  55. }
  56. }
  57. function Escape($str){
  58. switch ($this->type){
  59. case 'sqlite':
  60. return str_replace(array("'",'$','#',chr(0)),array("''",'$$','##',''),$str);
  61. break;
  62. case 'mysql':
  63. return str_replace(chr(0),'',mysql_real_escape_string($str,$this->db));
  64. break;
  65. }
  66.  
  67. }
  68. function SQL($query){
  69. $finalquery = "";
  70. $i = 1;
  71. $temp = NULL;
  72. switch ($this->type){
  73. case 'sqlite':
  74. $len = strlen($query);
  75. for ($ii = 0; $ii < $len; ++$ii){ // todo:optimize
  76. $letter = $query[$ii];
  77. if ($letter == '$'){
  78. if (isset($query[$ii+1]) && $query[$ii+1] == '$')
  79. {
  80. $finalquery .= $letter;
  81. ++$ii;
  82. continue;
  83. }
  84. $arg = func_get_arg($i++);
  85. $finalquery .= str_replace("'","''",$arg);
  86. } elseif ($letter == '#') {
  87. if (isset($query[$ii+1]) && $query[$ii+1] == '#')
  88. {
  89. $finalquery .= $letter;
  90. ++$ii;
  91. continue;
  92. }
  93. $arg = func_get_arg($i++);
  94. $finalquery .= (float)$arg;
  95. } else {
  96. $finalquery .= $letter;
  97. }
  98. }
  99. break;
  100. case 'mysql':
  101. $len = strlen($query);
  102. for ($ii = 0; $ii < $len; ++$ii){ // todo:optimize
  103. $letter = $query[$ii];
  104. if ($letter == '$'){
  105. if (isset($query[$ii+1]) && $query[$ii+1] == '$')
  106. {
  107. $finalquery .= $letter;
  108. ++$ii;
  109. continue;
  110. }
  111. $arg = func_get_arg($i++);
  112. $finalquery .= mysql_real_escape_string($arg,$this->db);
  113. } elseif ($letter == '#') {
  114. if (isset($query[$ii+1]) && $query[$ii+1] == '#')
  115. {
  116. $finalquery .= $letter;
  117. ++$ii;
  118. continue;
  119. }
  120. $arg = func_get_arg($i++);
  121. $finalquery .= (float)$arg;
  122. } else {
  123. $finalquery .= $letter;
  124. }
  125. }
  126. }
  127. return $this->RawSQL($finalquery);
  128. }
  129. function RawSQL($finalquery){
  130. $this->count++;
  131. $start_query = microtime(true);
  132. switch ($this->type){
  133. case 'sqlite':
  134. $ret = array();
  135. if (!($query = $this->db->prepare($finalquery)))
  136. throw new Exception("Query failed. (".implode(' ',$this->db->errorInfo()).")");
  137. if ($query->execute()){
  138. $all = $query->fetchAll(PDO::FETCH_ASSOC);
  139. if (!empty($all))
  140. foreach ($all as $a)
  141. $ret[] = $a;
  142. $this->sqlite_rowcount = $query->rowCount();
  143. } else
  144. throw new Exception("Query failed. (".implode(' ',$query->errorInfo()).")");
  145. $end_query = microtime(true);
  146. $this->debug[] = array($finalquery,($end_query-$start_query)*1000);
  147. return $ret;
  148. case 'mysql':
  149. $ret = array();
  150. $result = mysql_query($finalquery,$this->db);
  151. if ($result){
  152. while (($a = @mysql_fetch_assoc($result)) !== false)
  153. $ret[] = $a;
  154. } else
  155. throw new Exception("Query failed. (".mysql_error($this->db).")");
  156. $end_query = microtime(true);
  157. $this->debug[] = array($finalquery,($end_query-$start_query)*1000);
  158. return $ret;
  159. }
  160. }
  161. function InsertID(){
  162. switch ($this->type){
  163. case 'sqlite':
  164. return $this->db->lastInsertID();
  165. case 'mysql':
  166. return @mysql_insert_id($this->db);
  167. }
  168. }
  169. function Count(){
  170. return $this->count;
  171. }
  172. function Debug(){
  173. return $this->debug;
  174. }
  175. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!