Location: PHPKode > projects > ActualAnalyzer > common/db/mysql.php
<?php

/*------------------------------------------------------------------------*/
// Product: ActualAnalyzer
// Script: mysql.php
// Source: http://www.actualscripts.com/
// Copyright: (c) 2002-2006 ActualScripts, Company. All rights reserved.
//
// YOU DON'T NEED TO EDIT ANYTHING IN THIS SCRIPT.
// SEE LICENSE AGREEMENT FOR MORE DETAILS
/*------------------------------------------------------------------------*/

function db_connect($dbhost,$dbuser,$dbpass) {
  global $err;

  return @mysql_connect($dbhost,$dbuser,$dbpass);
}

function db_select_db($dbase,$link) {
  global $err;

  return @mysql_select_db($dbase,$link);
}

function db_close($link) {
  global $err;

  return @mysql_close($link);
}

function db_query($request,$link) {
  global $err;

  //check for injections
  $rq=$request;
  $rq=preg_replace('/\\\"/',"\'",$rq);
  $rq=preg_replace('/\"[^\"]*\"/','',$rq);
  if(strstr($rq,"\'")) return 0;
  elseif(strstr($rq,'union')) return 0;
  elseif(strstr($rq,'load_file')) return 0;
  elseif(strstr($rq,'outfile')) return 0;
  elseif(strstr($rq,'benchmark')) return 0;
  elseif(strstr($rq,'ascii')) return 0;
  elseif(strstr($rq,'substring')) return 0;
  elseif(preg_match('/char\s*\(\s*\d+\s*,/i',$rq)) return 0;
  elseif(strstr($rq,'/*')) return 0;
  elseif(strstr($rq,'--')) return 0;
  if(preg_match_all('/.select/i',$rq,$m)) {
    if(sizeof($m[0])>1) return 0;
    if(!preg_match('/^create/i',$rq) && !preg_match('/^insert into aa_tmp/i',$rq)) return 0;
  }

  return @mysql_query($request,$link);
}

function db_fetch_object($result) {
  global $err;

  return @mysql_fetch_object($result);
}

function db_fetch_row($result) {
  global $err;

  return @mysql_fetch_row($result);
}

function db_num_rows($result) {
  global $err;

  return @mysql_num_rows($result);
}

function db_num_fields($result) {
  global $err;

  return @mysql_num_fields($result);
}

function db_affected_rows($link) {
  global $err;

  return @mysql_affected_rows($link);
}

function db_data_seek($result,$num) {
  global $err;

  return @mysql_data_seek($result,$num);
}

function db_free_result($result) {
  global $err;

  return @mysql_free_result($result);
}

function db_error($link) {
  global $err;

  return @mysql_error($link);
}

?>
PHPKode Newsletter X is easy to install and configure on the most servers. Try now!
Return current item: ActualAnalyzer