-<?php\r
-/************************************************************************\r
- * MXChange v0.2.1 Start: 08/29/2004 *\r
- * =============== Last change: 08/29/2004 *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * File : lib.php *\r
- * -------------------------------------------------------------------- *\r
- * Short description : *\r
- * -------------------------------------------------------------------- *\r
- * Kurzbeschreibung : *\r
- * -------------------------------------------------------------------- *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * Copyright (c) 2003 - 2008 by Roland Haeder *\r
- * For more information visit: http://www.mxchange.org *\r
- * *\r
- * This program is free software; you can redistribute it and/or modify *\r
- * it under the terms of the GNU General Public License as published by *\r
- * the Free Software Foundation; either version 2 of the License, or *\r
- * (at your option) any later version. *\r
- * *\r
- * This program is distributed in the hope that it will be useful, *\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *\r
- * GNU General Public License for more details. *\r
- * *\r
- * You should have received a copy of the GNU General Public License *\r
- * along with this program; if not, write to the Free Software *\r
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *\r
- * MA 02110-1301 USA *\r
- ************************************************************************/\r
-\r
-// Some security stuff...\r
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))\r
-{\r
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";\r
- require($INC);\r
-}\r
-\r
-// SQL queries\r
-function SQL_QUERY($sql_string, $F, $L, $compile=false)\r
-{\r
- global $link, $CSS, $CONFIG, $OK;\r
-\r
- // Run SQL command\r
- $result = @mysql_query($sql_string, $link)\r
- or ADD_FATAL($F." (".$L."):".mysql_error()."<BR>\r
-".MYSQL_QUERY_STRING."<BR>\r
-".$sql_string);\r
-\r
- if (($CSS != "1") && ($CSS != "-1") && (DEBUG_MODE) && (DEBUG_SQL))\r
- {\r
- //\r
- // Debugging stuff...\r
- //\r
- $fp = @fopen(PATH."debug.log", 'a') or mxchange_die("Cannot write debug.log!");\r
- if (!isset($OK)) {\r
- // Write first entry\r
- fwrite($fp, "Module=".$GLOBALS['module']."\n");\r
- $OK = true;\r
- }\r
- fwrite($fp, $F."(LINE=".$L."|NUM=".SQL_NUMROWS($result)."|AFFECTED=".SQL_AFFECTEDROWS()."): ".str_replace('\r', '', str_replace('\n', " ", $sql_string))."\n");\r
- fclose($fp);\r
- }\r
-\r
- // Count DB hits\r
- if (!isset($CONFIG['db_hits']))\r
- {\r
- // Count in dummy variable\r
- $CONFIG['db_hits'] = 0;\r
- }\r
- else\r
- {\r
- // Count to config array\r
- $CONFIG['db_hits']++;\r
- }\r
- return $result;\r
-}\r
-\r
-// SQL num rows\r
-function SQL_NUMROWS($result)\r
-{\r
- if ($result != false)\r
- {\r
- $lines = @mysql_num_rows($result);\r
- if (empty($lines)) $lines = "0";\r
-\r
- }\r
- else\r
- {\r
- // No resource given, no lines found!\r
- $lines = "0";\r
- }\r
- return $lines;\r
-}\r
-\r
-// SQL affected rows\r
-function SQL_AFFECTEDROWS($lnk="x", $F="dummy", $L="dummy")\r
-{\r
- global $link;\r
- // $lnk will be ignored for now!\r
- $lines = @mysql_affected_rows($link);\r
- return $lines;\r
-}\r
-\r
-// SQL fetch row\r
-function SQL_FETCHROW($result)\r
-{\r
- $DATA = array();\r
- $DATA = @mysql_fetch_row($result);\r
- return $DATA;\r
-}\r
-\r
-// SQL fetch array\r
-function SQL_FETCHARRAY($res=false, $nr=0, $remove_numerical=true)\r
-{\r
- // Is a result resource set?\r
- if (!$res) return false;\r
-\r
- // Initialize array\r
- $row = array();\r
-\r
- // Load row from database\r
- $row = @mysql_fetch_array($res);\r
-\r
- // Return only arrays here\r
- if (is_array($row))\r
- {\r
- // Shall we remove numerical data here automatically?\r
- if ($remove_numerical)\r
- {\r
- // So let's remove all numerical elements to save memory!\r
- $max = count($row);\r
- for ($idx = 0; $idx < ($max / 2); $idx++)\r
- {\r
- // Remove entry\r
- unset($row[$idx]);\r
- }\r
- }\r
-\r
- // Return row\r
- return $row;\r
- }\r
- else\r
- {\r
- // Return a false here...\r
- return false;\r
- }\r
-}\r
-\r
-// SQL result\r
-function SQL_RESULT($res, $row, $field)\r
-{\r
- $result = @mysql_result($res, $row, $field);\r
- return $result;\r
-}\r
-// SQL connect\r
-function SQL_CONNECT($host, $login, $password, $F, $L)\r
-{\r
- $connect = @mysql_connect($host, $login, $password) or ADD_FATAL($F." (".$L."):".mysql_error());\r
- return $connect;\r
-}\r
-// SQL select database\r
-function SQL_SELECT_DB($DB, $link, $F, $L)\r
-{\r
- $DB = @mysql_select_db($DB, $link) or ADD_FATAL($F." (".$L."):".mysql_error());\r
- return $DB;\r
-}\r
-// SQL close link\r
-function SQL_CLOSE($link, $F, $L)\r
-{\r
- global $CONFIG, $CACHE, $CFG_CACHE;\r
- if ((GET_EXT_VERSION("cache") >= "0.0.7") && (isset($CONFIG['db_hits'])) && (isset($CONFIG['cache_hits'])) && (is_object($CACHE)))\r
- {\r
- // Update counter for db/cache\r
- $result = SQL_QUERY("UPDATE "._MYSQL_PREFIX."_config SET db_hits='".$CONFIG['db_hits']."', cache_hits='".$CONFIG['cache_hits']."' WHERE config='0' LIMIT 1", __FILE__, __LINE__);\r
-\r
- // Update cache here\r
- if (GET_EXT_VERSION("cache") >= "0.1.2")\r
- {\r
- if ($CACHE->cache_file("config", true))\r
- {\r
- // Replace data\r
- $CACHE->cache_replace("cache_hits", $CONFIG['cache_hits'], "0", $CFG_CACHE);\r
- $CACHE->cache_replace("db_hits" , $CONFIG['db_hits'] , "0", $CFG_CACHE);\r
- }\r
- }\r
- }\r
-\r
- // Close database link\r
- $close = @mysql_close($link) or ADD_FATAL($F." (".$L."):".mysql_error());\r
- return $close;\r
-}\r
-// SQL free result\r
-function SQL_FREERESULT($result)\r
-{\r
- $res = @mysql_free_result($result);\r
- return $res;\r
-}\r
-// SQL string escaping\r
-function SQL_QUERY_ESC($qstring, $data, $file, $line, $run=true, $strip=true)\r
-{\r
- global $link;\r
- $eval = "\$query = sprintf(\"".$qstring."\"";\r
- foreach ($data as $var)\r
- {\r
- if (!empty($var))\r
- {\r
- if ($strip) {\r
- $eval .= ", SQL_ESCAPE(\"".strip_tags($var)."\")";\r
- } else {\r
- $eval .= ", SQL_ESCAPE(\"".$var."\")";\r
- }\r
- }\r
- else\r
- {\r
- $eval .= ", ''";\r
- }\r
- }\r
- $eval .= ");";\r
- //\r
- // Debugging\r
- //\r
- //$fp = fopen(PATH."escape_debug.log", 'a') or mxchange_die("Cannot write debug.log!");\r
- //fwrite($fp, $file."(".$line."): ".str_replace('\r', '', str_replace('\n', " ", $eval))."\n");\r
- //fclose($fp);\r
- eval($eval);\r
- if ($run)\r
- {\r
- // Run SQL query (default)\r
- return SQL_QUERY($query, $file, $line);\r
- }\r
- else\r
- {\r
- // Return secured string\r
- return $query;\r
- }\r
-}\r
-// Get ID from last INSERT command\r
-function SQL_INSERTID()\r
-{\r
- return @mysql_insert_id();\r
-}\r
-// Escape a string for the database\r
-function SQL_ESCAPE($str)\r
-{\r
- global $link;\r
- if (!is_resource($link)) {\r
- // Fall-back to addslashes() when there is no link\r
- return addslashes($str);\r
- }\r
-\r
- if (function_exists('mysql_real_escape_string')) {\r
- // The new and improved version\r
- return mysql_real_escape_string($str, $link);\r
- } elseif (function_exists('mysql_escape_string')) {\r
- // The obsulete function\r
- return mysql_escape_string($str, $link);\r
- } else {\r
- // If nothing else works\r
- return addslashes($str);\r
- }\r
-}\r
-// SELECT query string from table, columns and so on... ;-)\r
-function SQL_RESULT_FROM_ARRAY ($table, array $columns, $idRow, $id) {\r
- // Prepare the SQL statement\r
- $SQL = "SELECT ".implode(", ", $columns)." FROM "._MYSQL_PREFIX."_".$table." WHERE ".$idRow."=%d LIMIT 1";\r
-\r
- // Return the result\r
- return SQL_QUERY_ESC($SQL, array(bigintval($id)), __FILE__, __LINE__);\r
-}\r
-//\r
-?>\r
+<?php
+/************************************************************************
+ * MXChange v0.2.1 Start: 08/29/2004 *
+ * =============== Last change: 08/29/2004 *
+ * *
+ * -------------------------------------------------------------------- *
+ * File : lib.php *
+ * -------------------------------------------------------------------- *
+ * Short description : *
+ * -------------------------------------------------------------------- *
+ * Kurzbeschreibung : *
+ * -------------------------------------------------------------------- *
+ * *
+ * -------------------------------------------------------------------- *
+ * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * For more information visit: http://www.mxchange.org *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
+ * MA 02110-1301 USA *
+ ************************************************************************/
+
+// Some security stuff...
+if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
+{
+ $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
+ require($INC);
+}
+
+// SQL queries
+function SQL_QUERY($sql_string, $F, $L, $compile=false)
+{
+ global $link, $CSS, $CONFIG, $OK;
+
+ // Run SQL command
+ $result = @mysql_query($sql_string, $link)
+ or ADD_FATAL($F." (".$L."):".mysql_error()."<BR>
+".MYSQL_QUERY_STRING."<BR>
+".$sql_string);
+
+ if (($CSS != "1") && ($CSS != "-1") && (DEBUG_MODE) && (DEBUG_SQL))
+ {
+ //
+ // Debugging stuff...
+ //
+ $fp = @fopen(PATH."debug.log", 'a') or mxchange_die("Cannot write debug.log!");
+ if (!isset($OK)) {
+ // Write first entry
+ fwrite($fp, "Module=".$GLOBALS['module']."\n");
+ $OK = true;
+ }
+ fwrite($fp, $F."(LINE=".$L."|NUM=".SQL_NUMROWS($result)."|AFFECTED=".SQL_AFFECTEDROWS()."): ".str_replace('\r', '', str_replace('\n', " ", $sql_string))."\n");
+ fclose($fp);
+ }
+
+ // Count DB hits
+ if (!isset($CONFIG['db_hits']))
+ {
+ // Count in dummy variable
+ $CONFIG['db_hits'] = 0;
+ }
+ else
+ {
+ // Count to config array
+ $CONFIG['db_hits']++;
+ }
+ return $result;
+}
+
+// SQL num rows
+function SQL_NUMROWS($result)
+{
+ if ($result != false)
+ {
+ $lines = @mysql_num_rows($result);
+ if (empty($lines)) $lines = "0";
+
+ }
+ else
+ {
+ // No resource given, no lines found!
+ $lines = "0";
+ }
+ return $lines;
+}
+
+// SQL affected rows
+function SQL_AFFECTEDROWS($lnk="x", $F="dummy", $L="dummy")
+{
+ global $link;
+ // $lnk will be ignored for now!
+ $lines = @mysql_affected_rows($link);
+ return $lines;
+}
+
+// SQL fetch row
+function SQL_FETCHROW($result)
+{
+ $DATA = array();
+ $DATA = @mysql_fetch_row($result);
+ return $DATA;
+}
+
+// SQL fetch array
+function SQL_FETCHARRAY($res=false, $nr=0, $remove_numerical=true)
+{
+ // Is a result resource set?
+ if (!$res) return false;
+
+ // Initialize array
+ $row = array();
+
+ // Load row from database
+ $row = @mysql_fetch_array($res);
+
+ // Return only arrays here
+ if (is_array($row))
+ {
+ // Shall we remove numerical data here automatically?
+ if ($remove_numerical)
+ {
+ // So let's remove all numerical elements to save memory!
+ $max = count($row);
+ for ($idx = 0; $idx < ($max / 2); $idx++)
+ {
+ // Remove entry
+ unset($row[$idx]);
+ }
+ }
+
+ // Return row
+ return $row;
+ }
+ else
+ {
+ // Return a false here...
+ return false;
+ }
+}
+
+// SQL result
+function SQL_RESULT($res, $row, $field)
+{
+ $result = @mysql_result($res, $row, $field);
+ return $result;
+}
+// SQL connect
+function SQL_CONNECT($host, $login, $password, $F, $L)
+{
+ $connect = @mysql_connect($host, $login, $password) or ADD_FATAL($F." (".$L."):".mysql_error());
+ return $connect;
+}
+// SQL select database
+function SQL_SELECT_DB($DB, $link, $F, $L)
+{
+ $DB = @mysql_select_db($DB, $link) or ADD_FATAL($F." (".$L."):".mysql_error());
+ return $DB;
+}
+// SQL close link
+function SQL_CLOSE($link, $F, $L)
+{
+ global $CONFIG, $CACHE, $CFG_CACHE;
+ if ((GET_EXT_VERSION("cache") >= "0.0.7") && (isset($CONFIG['db_hits'])) && (isset($CONFIG['cache_hits'])) && (is_object($CACHE)))
+ {
+ // Update counter for db/cache
+ $result = SQL_QUERY("UPDATE "._MYSQL_PREFIX."_config SET db_hits='".$CONFIG['db_hits']."', cache_hits='".$CONFIG['cache_hits']."' WHERE config='0' LIMIT 1", __FILE__, __LINE__);
+
+ // Update cache here
+ if (GET_EXT_VERSION("cache") >= "0.1.2")
+ {
+ if ($CACHE->cache_file("config", true))
+ {
+ // Replace data
+ $CACHE->cache_replace("cache_hits", $CONFIG['cache_hits'], "0", $CFG_CACHE);
+ $CACHE->cache_replace("db_hits" , $CONFIG['db_hits'] , "0", $CFG_CACHE);
+ }
+ }
+ }
+
+ // Close database link
+ $close = @mysql_close($link) or ADD_FATAL($F." (".$L."):".mysql_error());
+ return $close;
+}
+// SQL free result
+function SQL_FREERESULT($result)
+{
+ $res = @mysql_free_result($result);
+ return $res;
+}
+// SQL string escaping
+function SQL_QUERY_ESC($qstring, $data, $file, $line, $run=true, $strip=true)
+{
+ global $link;
+ $eval = "\$query = sprintf(\"".$qstring."\"";
+ foreach ($data as $var)
+ {
+ if (!empty($var))
+ {
+ if ($strip) {
+ $eval .= ", SQL_ESCAPE(\"".strip_tags($var)."\")";
+ } else {
+ $eval .= ", SQL_ESCAPE(\"".$var."\")";
+ }
+ }
+ else
+ {
+ $eval .= ", ''";
+ }
+ }
+ $eval .= ");";
+ //
+ // Debugging
+ //
+ //$fp = fopen(PATH."escape_debug.log", 'a') or mxchange_die("Cannot write debug.log!");
+ //fwrite($fp, $file."(".$line."): ".str_replace('\r', '', str_replace('\n', " ", $eval))."\n");
+ //fclose($fp);
+ eval($eval);
+ if ($run)
+ {
+ // Run SQL query (default)
+ return SQL_QUERY($query, $file, $line);
+ }
+ else
+ {
+ // Return secured string
+ return $query;
+ }
+}
+// Get ID from last INSERT command
+function SQL_INSERTID()
+{
+ return @mysql_insert_id();
+}
+// Escape a string for the database
+function SQL_ESCAPE($str)
+{
+ global $link;
+ if (!is_resource($link)) {
+ // Fall-back to addslashes() when there is no link
+ return addslashes($str);
+ }
+
+ if (function_exists('mysql_real_escape_string')) {
+ // The new and improved version
+ return mysql_real_escape_string($str, $link);
+ } elseif (function_exists('mysql_escape_string')) {
+ // The obsulete function
+ return mysql_escape_string($str, $link);
+ } else {
+ // If nothing else works
+ return addslashes($str);
+ }
+}
+// SELECT query string from table, columns and so on... ;-)
+function SQL_RESULT_FROM_ARRAY ($table, array $columns, $idRow, $id) {
+ // Prepare the SQL statement
+ $SQL = "SELECT ".implode(", ", $columns)." FROM "._MYSQL_PREFIX."_".$table." WHERE ".$idRow."=%d LIMIT 1";
+
+ // Return the result
+ return SQL_QUERY_ESC($SQL, array(bigintval($id)), __FILE__, __LINE__);
+}
+//
+?>