\n"; $result = @mysql_query($sql_string, $link) or ADD_FATAL($F." (".$L."):".mysql_error()."
Query string:
".$sql_string); // Save last successfull query $_CONFIG['db_last_query'] = $sql_string; // Ending time $querytimeAfter = array_sum(explode(' ', microtime())); // Calculate query time $queryTime = $querytimeAfter - $querytimeBefore; // Count this query if (!isset($_CONFIG['sql_count'])) $_CONFIG['sql_count'] = 0; $_CONFIG['sql_count']++; // Debug output //* DEBUG: */ print "Query=
".$sql_string."
, affected=".SQL_AFFECTEDROWS().", numrows=".SQL_NUMROWS($result)."
\n"; if (($CSS != "1") && ($CSS != "-1") && (isBooleanConstantAndTrue('DEBUG_MODE')) && (isBooleanConstantAndTrue('DEBUG_SQL'))) { // // Debugging stuff... // $fp = @fopen(PATH."inc/cache/mysql.log", 'a') or mxchange_die("Cannot write mysql.log!"); if (!isset($OK)) { // Write first entry fwrite($fp, "Module=".$GLOBALS['module']."\n"); $OK = true; } // END - if fwrite($fp, $F."(LINE=".$L."|NUM=".SQL_NUMROWS($result)."|AFFECTED=".SQL_AFFECTEDROWS()."|QUERYTIME:".$queryTime."): ".str_replace('\r', "", str_replace('\n', " ", $sql_string))."\n"); fclose($fp); } // END - if // Count DB hits if (!isset($_CONFIG['db_hits_run'])) { // Count in dummy variable $_CONFIG['db_hits_run'] = 1; } else { // Count to config array $_CONFIG['db_hits_run']++; } // Return the result return $result; } // SQL num rows function SQL_NUMROWS($result) { // Is the result a valid resource? if (is_resource($result)) { // Get the count of rows from database $lines = @mysql_num_rows($result); // Is the result empty? Then we have an error! if (empty($lines)) $lines = 0; } else { // No resource given, no lines found! $lines = 0; } return $lines; } // SQL affected rows function SQL_AFFECTEDROWS() { global $link; // Valid link resource? if (!is_resource($link)) return false; // Get affected rows $lines = @mysql_affected_rows($link); // Return it return $lines; } // SQL fetch row function SQL_FETCHROW($result) { // Init data $DATA = array(); // Is a result resource set? if (!is_resource($result)) return false; $DATA = @mysql_fetch_row($result); return $DATA; } // SQL fetch array function SQL_FETCHARRAY($res, $nr=0, $remove_numerical=true) { // Is a result resource set? if (!is_resource($res)) return false; // Initialize array $row = array(); // Load row from database $row = @mysql_fetch_array($res); // Return only arrays here if (is_array($row)) { // Shall we remove numerical data here automatically? if ($remove_numerical) { // So let's remove all numerical elements to save memory! $max = count($row); for ($idx = 0; $idx < ($max / 2); $idx++) { // Remove entry unset($row[$idx]); } } // Return row return $row; } else { // Return a false here... return false; } } // SQL result function SQL_RESULT($res, $row, $field) { $result = @mysql_result($res, $row, $field); return $result; } // SQL connect function SQL_CONNECT($host, $login, $password, $F, $L) { $connect = @mysql_connect($host, $login, $password) or ADD_FATAL($F." (".$L."):".mysql_error()); return $connect; } // SQL select database function SQL_SELECT_DB($dbName, $link, $F, $L) { $select = false; if (is_resource($link)) { $select = @mysql_select_db($dbName, $link) or ADD_FATAL($F." (".$L."):".mysql_error()); } return $select; } // SQL close link function SQL_CLOSE(&$link, $F, $L) { global $_CONFIG, $cacheInstance, $cacheArray; // Is there still a valid link? if (!is_resource($link)) { // Skip double close return false; } // END - if //* DEBUG: */ echo "DB=".$_CONFIG['db_hits'].",CACHE=".$_CONFIG['cache_hits']."
\n"; if ((GET_EXT_VERSION("cache") >= "0.0.7") && (isset($_CONFIG['db_hits'])) && (isset($_CONFIG['cache_hits'])) && (is_object($cacheInstance))) { // Add new hits $_CONFIG['db_hits'] += $_CONFIG['db_hits_run']; // Update counter for db/cache UPDATE_CONFIG(array("db_hits", "cache_hits"), array(bigintval($_CONFIG['db_hits']), bigintval($_CONFIG['cache_hits']))); } // END - if // Close database link and forget the link $close = @mysql_close($link) or ADD_FATAL($F." (".$L."):".mysql_error()); $link = null; return $close; } // SQL free result function SQL_FREERESULT($result) { if (!is_resource($result)) { // Abort here return false; } // END - if $res = @mysql_free_result($result); return $res; } // SQL string escaping function SQL_QUERY_ESC($qstring, $data, $file, $line, $run=true, $strip=true) { global $link; if ($strip) { $strip = "true"; } else { $strip = "false"; } $query = ""; $eval = "\$query = sprintf(\"".$qstring."\""; foreach ($data as $var) { if ((!empty($var)) || ($var === 0)) { $eval .= ", SQL_ESCAPE(\"".$var."\",true,".$strip.")"; } else { $eval .= ", ''"; } } $eval .= ");"; // // Debugging // //* DEBUG: */ $fp = fopen(PATH."inc/cache/escape_debug.log", 'a') or mxchange_die("Cannot write debug.log!"); //* DEBUG: */ fwrite($fp, $file."(".$line."): ".str_replace("\r", "", str_replace("\n", " ", $eval))."\n"); //* DEBUG: */ fclose($fp); // Run the code @eval($eval); // Was the eval() command fine? if (empty($query)) { // Something went wrong? print "eval=".htmlentities($eval)."
";
		debug_print_backtrace();
		die("
"); } // END - if if ($run) { // Run SQL query (default) return SQL_QUERY($query, $file, $line); } else { // Return secured string return $query; } } // Get ID from last INSERT command function SQL_INSERTID() { return @mysql_insert_id(); } // Escape a string for the database function SQL_ESCAPE($str, $secureString=true,$strip=true) { global $link; // Secure string first? (which is the default behaviour!) if ($secureString) { // Then do it here $str = secureString($str, $strip); } // END - if if (!is_resource($link)) { // Fall-back to addslashes() when there is no link return addslashes($str); } // END - if if (function_exists('mysql_real_escape_string')) { // The new and improved version //* DEBUG: */ print __FUNCTION__."(".__LINE__."):str={$str}
\n"; return mysql_real_escape_string($str, $link); } elseif (function_exists('mysql_escape_string')) { // The obsulete function return mysql_escape_string($str, $link); } else { // If nothing else works return addslashes($str); } } // SELECT query string from table, columns and so on... ;-) function SQL_RESULT_FROM_ARRAY ($table, $columns, $idRow, $id, $F, $L) { // Prepare the SQL statement $SQL = "SELECT ".implode(", ", $columns)." FROM "._MYSQL_PREFIX."_".$table." WHERE ".$idRow."=%s LIMIT 1"; // Return the result return SQL_QUERY_ESC($SQL, array(bigintval($id)), $F, $L); } // ALTER TABLE wrapper function function SQL_ALTER_TABLE($sql, $F, $L) { // Shall we add? if (eregi("ADD", $sql) > 0) { // Extract table name $tableArray = explode(" ", $sql); $tableName = str_replace("`", "", $tableArray[2]); // And column name as well $columnName = str_replace("`", "", $tableArray[4]); // Get column information $result = SQL_QUERY_ESC("SHOW COLUMNS FROM %s LIKE '%s'", array($tableName, $columnName), $F, $L); // Do we have no entry? if (SQL_NUMROWS($result) == 0) { // Do the query return SQL_QUERY($sql, $F, $L, false); } // END - if } else { // Send it to the SQL_QUERY() function return SQL_QUERY($sql, $F, $L, false); } } // ?>