Location: PHPKode > projects > ActualAnalyzer > common/db/mysqli.php
<?php

/*------------------------------------------------------------------------*/
// Product: ActualAnalyzer
// Script: mysqli.php
// Source: http://www.actualscripts.com/
// Copyright: (c) 2002-2006 ActualScripts, Company. All rights reserved.
//
// YOU DON'T NEED TO EDIT ANYTHING IN THIS SCRIPT.
// SEE LICENSE AGREEMENT FOR MORE DETAILS
/*------------------------------------------------------------------------*/

function db_connect($dbhost,$dbuser,$dbpass) {
  global $err;

  $tarr=split(':',$dbhost);
  if(isset($tarr[1])) return @mysqli_connect($tarr[0],$dbuser,$dbpass,'',$tarr[1]);
  else return @mysqli_connect($dbhost,$dbuser,$dbpass);
}

function db_select_db($dbase,$link) {
  global $err;

  return @mysqli_select_db($link,$dbase);
}

function db_close($link) {
  global $err;

  return @mysqli_close($link);
}

function db_query($request,$link) {
  global $err;

  //check for injections
  $rq=$request;
  $rq=preg_replace('/\\\"/',"\'",$rq);
  $rq=preg_replace('/\"[^\"]*\"/','',$rq);
  if(strstr($rq,"\'")) return 0;
  elseif(strstr($rq,'union')) return 0;
  elseif(strstr($rq,'load_file')) return 0;
  elseif(strstr($rq,'outfile')) return 0;
  elseif(strstr($rq,'benchmark')) return 0;
  elseif(strstr($rq,'ascii')) return 0;
  elseif(strstr($rq,'substring')) return 0;
  elseif(preg_match('/char\s*\(\s*\d+\s*,/i',$rq)) return 0;
  elseif(strstr($rq,'/*')) return 0;
  elseif(strstr($rq,'--')) return 0;
  if(preg_match_all('/.select/i',$rq,$m)) {
    if(sizeof($m[0])>1) return 0;
    if(!preg_match('/^create/i',$rq) && !preg_match('/^insert into aa_tmp/i',$rq)) return 0;
  }

  return @mysqli_query($link,$request);
}

function db_fetch_object($result) {
  global $err;

  return @mysqli_fetch_object($result);
}

function db_fetch_row($result) {
  global $err;

  return @mysqli_fetch_row($result);
}

function db_num_rows($result) {
  global $err;

  return @mysqli_num_rows($result);
}

function db_num_fields($result) {
  global $err;

  return @mysqli_num_fields($result);
}

function db_affected_rows($link) {
  global $err;

  return @mysqli_affected_rows($link);
}

function db_data_seek($result,$num) {
  global $err;

  return @mysqli_data_seek($result,$num);
}

function db_free_result($result) {
  global $err;

  return @mysqli_free_result($result);
}

function db_error($link) {
  global $err;

  return @mysqli_error($link);
}

?>
PHP Helpdesk script - 100% PHP source code. Try it now!
Return current item: ActualAnalyzer