Location: PHPKode > scripts > SQL Revealer > SimpleConstructorClass.php
<?php
/* ===================================================================== *\
#																		 #
#      +-----------------------------------------------------------+     #
#      | Author: Juan Manuel Sueiro                                |     #
#      | Contact: <juan.manuel.sueiro[at]arlequin.com>             |     #
#      | Desc: manage mySQL db                                     |     #
#      +-----------------------------------------------------------+     #
#   																	 #
\* ===================================================================== */


# ---===--------------===--- #
# ---===  SQLCONNECT  ===--- #
# ---===--------------===--- #
class sqlConnect{
	var $dbhost, $dbuser, $dbpass, $database;
	
	function db_connect(){
		mysql_connect($this->dbhost, $this->dbuser, $this->dbpass) or exit(mysql_error());
		mysql_select_db($this->database) or exit(mysql_error());
	}
}

# ---===----------------------===--- #
# ---===  SIMPLE CONSTRUCTOR  ===--- #
# ---===----------------------===--- #
class simpleConstructor extends sqlConnect{
	var $ltype, $vclass, $bordercolorlight, $bordercolordark, $bordercolor, $bgcolor, $background, $align;
	var $width, $border, $cellspacing, $cellpadding;
	var $sql, $output, $user, $pass, $nombre, $qry, $vFl, $pag, $vPinit, $vPres, $vResult, $verbose, $vSubCount;
	var $tblname, $sField, $sqlWhere, $sqlValues, $eField;
		
		function sqlExec(){
			$qry = @mysql_query($this->formatInput());
				if($qry){
					
					if(!$this->vFl){
						$i = 0;
						while ($i < @mysql_num_fields($qry)){
							$meta = @mysql_fetch_field($qry, $i);
								$stack[$i] = $meta->name;
								$i++;
						}
						
						$tObj = array();
						$tObj[0] = $stack;
						$j = 1;
						if($row = @mysql_fetch_array($qry)){
							do{
								$n = 0;
								foreach($stack as $val){
									$tObj[$j][$n] = $row[$val];
									$n++;
								}
							$j++;
							} while ($row = @mysql_fetch_array($qry));
						}
	
							$resTbl .= '<table width="'.$this->width.'" border="'.$this->border.'" cellspacing="'.$this->cellspacing.'" cellpadding="'.$this->cellpadding.'" align="'.$this->align.'" background="'.$this->background.'" bgcolor="'.$this->bgcolor.'" bordercolor="'.$this->bordercolor.'" bordercolordark="'.$this->bordercolordark.'" bordercolorlight="'.$this->bordercolorlight.'" class="'.$this->vclass.'">';	
							$resTbl .= '<tr>';
								for($n=0;$n<count($tObj[0]);$n++){ $resTbl .= '<td><b>'.$tObj[0][$n].'</b></td>'; }
							$resTbl .= '</tr>';
						
							for($i=1;$i<count($tObj);$i++){
								$resTbl .= '<tr>';
									for($n=0;$n<count($tObj[0]);$n++){ $resTbl .= '<td> '.$tObj[$i][$n].' </td>'; }	
								$resTbl .= '</tr>';
							}
							$resTbl .= '</table>';
	
						return $resTbl;
					
					}else{
					
						return true;
						
					}
					
				}
			}

		#------------------------#
		#        Security        #
		#------------------------# 
		function is_clean($container){
			$container = strtolower($container);
			$container = str_replace(' ', "", $container);
			$string1 = "<script";
			$string2 = "\">";
				if(!strstr($container,$string1) && !strstr($container,$string2)) {
					$result = true;
				}else{
					$result = false;
				}
			return $result;
		}
		
		#------------------------#
		#     String Formats     #
		#------------------------# 	
		function formatInput(){ 
			if($this->is_clean($this->sql)){
					ob_start();
					if(strtolower(substr(utf8_decode($this->sql), 0, 3))==='sel'){ $this->vFl=false; }
					else{ $this->vFl=true;	}
				return utf8_decode($this->sql); 
			}else{
				$this->sendOutput();		
			}
		}
		
		function sendOutput(){
		ob_end_flush();
			if(!empty($this->output))
				return utf8_encode($this->output);
			else
				return false;
		}
}
?>
Return current item: SQL Revealer