<?php
/************************************************************************
- * MXChange v0.2.1 Start: 08/29/2004 *
- * =============== Last change: 08/29/2004 *
+ * Mailer v0.2.1-FINAL Start: 08/29/2004 *
+ * =================== Last change: 08/29/2004 *
* *
* -------------------------------------------------------------------- *
* File : lib-mysql3.php *
// Remove \t, \n and \r from queries they may confuse some MySQL version I have heard
$sqlString = str_replace("\t", ' ', str_replace("\n", ' ', str_replace("\r", ' ', $sqlString)));
- // Compile config out
- $sqlString = FILTER_COMPILE_CONFIG($sqlString, true);
+ // Replace {PER}
+ $sqlString = str_replace('{PER}', '%', $sqlString);
+
+ // Compile config entries out
+ $eval = "\$sqlString = \"".FILTER_COMPILE_CONFIG(escapeQuotes($sqlString))."\";";
+ eval($eval);
// Starting time
- $querytimeBefore = array_sum(explode(' ', microtime()));
+ $querytimeBefore = microtime(true);
// Run SQL command
- //* DEBUG: */ print('F=' . basename($F) . ',L=' . $L . 'sql=' . $sqlString . '<br />');
+ //* DEBUG: */ print('F=' . basename($F) . ',L=' . $L . 'sql=' . htmlentities($sqlString) . '<br />');
$result = mysql_query($sqlString, SQL_GET_LINK())
or addFatalMessage(__FUNCTION__, __LINE__, $F . ' (' . $L . '):' . mysql_error() . '<br />
Query string:<br />
' . $sqlString);
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'sql=' . $sqlString . ',numRows=' . SQL_NUMROWS($result) . ',affected=' . SQL_AFFECTEDROWS());
- // Ending time
- $querytimeAfter = array_sum(explode(' ', microtime()));
-
// Calculate query time
- $queryTime = $querytimeAfter - $querytimeBefore;
+ $queryTime = microtime(true) - $querytimeBefore;
// Add this query to array including timing
addSqlToDebug($result, $sqlString, $queryTime, $F, $L);
//
// Debugging stuff...
//
- $fp = fopen(getConfig('CACHE_PATH') . 'mysql.log', 'a') or app_die(__FILE__, __LINE__, "Cannot write mysql.log!");
+ $fp = fopen(getConfig('CACHE_PATH') . 'mysql.log', 'a') or app_die(__FILE__, __LINE__, 'Cannot write mysql.log!');
if (!isset($GLOBALS['sql_first_entry'])) {
// Write first entry
fwrite($fp, 'Module=' . getModule() . "\n");
// Debugging
//
//* DEBUG: */ $fp = fopen(getConfig('CACHE_PATH') . 'escape_debug.log', 'a') or app_die(__FILE__, __LINE__, "Cannot write debug.log!");
- //* DEBUG: */ fwrite($fp, $F.'('.$L."): ".str_replace("\r", '', str_replace("\n", " ", $eval))."\n");
+ //* DEBUG: */ fwrite($fp, $F.'('.$L."): ".str_replace("\r", '', str_replace("\n", ' ', $eval))."\n");
//* DEBUG: */ fclose($fp);
if ($run === true) {
} // END - if
if (!SQL_IS_LINK_UP()) {
- // Fall-back to smartAddSlashes() when there is no link
- $ret = smartAddSlashes($str);
+ // Fall-back to escapeQuotes() when there is no link
+ $ret = escapeQuotes($str);
} elseif (function_exists('mysql_real_escape_string')) {
// The new and improved version
//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str='.$str);
// The obsolete function
$ret = mysql_escape_string($str, SQL_GET_LINK());
} else {
- // If nothing else works, fall back to smartAddSlashes() again
- $ret = smartAddSlashes($str);
+ // If nothing else works, fall back to escapeQuotes() again
+ $ret = escapeQuotes($str);
}
// Cache result