X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fdb%2Flib-mysql3.php;h=61d9be17fa1305e720669059823f380a1851389e;hb=d5ee31ebfc85f22fc691b8c2753c42e188c1c4ef;hp=b1104563e55f077ac00535ee7f4ec6f44e5d622f;hpb=3daede4c904e23905c3e48dd6749019deca0a0e0;p=mailer.git
diff --git a/inc/db/lib-mysql3.php b/inc/db/lib-mysql3.php
index b1104563e5..61d9be17fa 100644
--- a/inc/db/lib-mysql3.php
+++ b/inc/db/lib-mysql3.php
@@ -39,7 +39,10 @@ if (!defined('__SECURITY')) {
// SQL queries
function SQL_QUERY ($sql_string, $F, $L) {
- global $link, $CSS, $_CONFIG, $OK;
+ global $link, $CSS, $OK;
+
+ // Link is up?
+ if (!is_resource($link)) return false;
// Remove \t, \n and \r from queries they may confuse some MySQL version I have heard
$sql_string = str_replace("\t", " ", str_replace("\n", " ", str_replace("\r", " ", $sql_string)));
@@ -47,9 +50,12 @@ function SQL_QUERY ($sql_string, $F, $L) {
// Starting time
$querytimeBefore = array_sum(explode(' ', microtime()));
+ // Replace {!_MYSQL_PREFIX!} with constant, closes #84. Thanks to profi-concept
+ $sql_string = str_replace("{!_MYSQL_PREFIX!}", constant('_MYSQL_PREFIX'), $sql_string);
+
// Run SQL command
//* DEBUG: */ echo $sql_string."
\n";
- $result = @mysql_query($sql_string, $link)
+ $result = mysql_query($sql_string, $link)
or addFatalMessage($F." (".$L."):".mysql_error()."
Query string:
".$sql_string);
@@ -61,13 +67,13 @@ Query string:
$queryTime = $querytimeAfter - $querytimeBefore;
// Save last successfull query
- $_CONFIG['db_last_query'] = $sql_string;
+ setConfigEntry('db_last_query', $sql_string);
// Count this query
incrementConfigEntry('sql_count');
// Debug output
- //* DEBUG: */ print "Query=
".$sql_string.", affected=".SQL_AFFECTEDROWS().", numrows=".SQL_NUMROWS($result)."
".$sql_string.", affected=".SQL_AFFECTEDROWS().", numrows=".SQL_NUMROWS($result)."
"; - debug_print_backtrace(); - die(""); + printf("eval=%s\n
%s", + htmlentities($eval), + debug_get_printable_backtrace() + ); + + // Abort further code executions + exit; } // END - if if ($run) { @@ -268,12 +283,16 @@ function SQL_QUERY_ESC($qstring, $data, $file, $line, $run=true, $strip=true) { return $query; } } + // Get ID from last INSERT command -function SQL_INSERTID() { - return @mysql_insert_id(); +function SQL_INSERTID () { + global $link; + if (!is_resource($link)) return false; + return mysql_insert_id(); } + // Escape a string for the database -function SQL_ESCAPE($str, $secureString=true,$strip=true) { +function SQL_ESCAPE ($str, $secureString=true,$strip=true) { global $link; // Secure string first? (which is the default behaviour!) @@ -299,18 +318,37 @@ function SQL_ESCAPE($str, $secureString=true,$strip=true) { return addslashes($str); } } + // SELECT query string from table, columns and so on... ;-) function SQL_RESULT_FROM_ARRAY ($table, $columns, $idRow, $id, $F, $L) { + // Is columns an array? + if (!is_array($columns) { + // No array + trigger_error(sprintf("columns is not array. %s!=array", gettype($columns))); + } + // Prepare the SQL statement - $SQL = "SELECT ".implode(", ", $columns)." FROM "._MYSQL_PREFIX."_".$table." WHERE ".$idRow."=%s LIMIT 1"; + $SQL = "SELECT `".implode("`, `", $columns)."` FROM `{!_MYSQL_PREFIX!}_%s` WHERE ``='%s' LIMIT 1"; // Return the result - return SQL_QUERY_ESC($SQL, array(bigintval($id)), $F, $L); + return SQL_QUERY_ESC($SQL, + array( + bigintval($id), + $table, + $idRow + ), $F, $L); } + // ALTER TABLE wrapper function -function SQL_ALTER_TABLE($sql, $F, $L) { - // Shall we add? - if (eregi("ADD", $sql) > 0) { +function SQL_ALTER_TABLE ($sql, $F, $L) { + // This is the default result... + $result = false; + + // Determine index/fulltext/unique word + $noIndex = ((eregi("INDEX", $sql) == false) && (eregi("FULLTEXT", $sql) == false) && (eregi("UNIQUE", $sql) == false); + + // Shall we add/drop? + if (((eregi("ADD", $sql) > 0) || (eregi("DROP", $sql) > 0)) && ($noIndex)) { // Extract table name $tableArray = explode(" ", $sql); $tableName = str_replace("`", "", $tableArray[2]); @@ -322,15 +360,18 @@ function SQL_ALTER_TABLE($sql, $F, $L) { $result = SQL_QUERY_ESC("SHOW COLUMNS FROM %s LIKE '%s'", array($tableName, $columnName), $F, $L); - // Do we have no entry? - if (SQL_NUMROWS($result) == 0) { + // Do we have no entry on ADD or an entry on DROP? + if (((SQL_NUMROWS($result) == 0) && (eregi("ADD", $sql) > 0)) || ((SQL_NUMROWS($result) == 1) && (eregi("DROP", $sql) > 0))) { // Do the query - return SQL_QUERY($sql, $F, $L, false); + $result = SQL_QUERY($sql, $F, $L, false); } // END - if } else { // Send it to the SQL_QUERY() function - return SQL_QUERY($sql, $F, $L, false); + $result = SQL_QUERY($sql, $F, $L, false); } + + // Return result + return $result; } // ?>