X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fdb%2Flib-mysql3.php;h=ab53b7041b94b2a85a1aff213e561a91bb5aa69b;hp=625125b39d6e6f3f5b9ad5f98c0439bef2c0947d;hb=b8c071f12a601619c4c02b9441b3e0e012db6ced;hpb=16de7d9e8b98108627db01688bc095240b5ba8d2

diff --git a/inc/db/lib-mysql3.php b/inc/db/lib-mysql3.php
index 625125b39d..ab53b7041b 100644
--- a/inc/db/lib-mysql3.php
+++ b/inc/db/lib-mysql3.php
@@ -1,7 +1,7 @@
 <?php
 /************************************************************************
- * MXChange v0.2.1                                    Start: 08/29/2004 *
- * ===============                              Last change: 08/29/2004 *
+ * Mailer v0.2.1-FINAL                                Start: 08/29/2004 *
+ * ===================                          Last change: 08/29/2004 *
  *                                                                      *
  * -------------------------------------------------------------------- *
  * File              : lib-mysql3.php                                   *
@@ -71,25 +71,26 @@ function SQL_QUERY ($sqlString, $F, $L) {
 	// Remove \t, \n and \r from queries they may confuse some MySQL version I have heard
 	$sqlString = str_replace("\t", ' ', str_replace("\n", ' ', str_replace("\r", ' ', $sqlString)));
 
-	// Compile config out
-	$sqlString = FILTER_COMPILE_CONFIG($sqlString);
+	// Replace {PER}
+	$sqlString = str_replace('{PER}', '%', $sqlString);
+
+	// Compile config entries out
+	$eval = "\$sqlString = \"".FILTER_COMPILE_CONFIG(escapeQuotes($sqlString))."\";";
+	eval($eval);
 
 	// Starting time
-	$querytimeBefore = array_sum(explode(' ', microtime()));
+	$querytimeBefore = microtime(true);
 
 	// Run SQL command
-	//* DEBUG: */ print('F=' . basename($F) . ',L=' . $L . 'sql=' . $sqlString . '<br />');
+	//* DEBUG: */ print('F=' . basename($F) . ',L=' . $L . 'sql=' . htmlentities($sqlString) . '<br />');
 	$result = mysql_query($sqlString, SQL_GET_LINK())
 		or addFatalMessage(__FUNCTION__, __LINE__, $F . ' (' . $L . '):' . mysql_error() . '<br />
 Query string:<br />
 ' . $sqlString);
 	//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'sql=' . $sqlString . ',numRows=' . SQL_NUMROWS($result) . ',affected=' . SQL_AFFECTEDROWS());
 
-	// Ending time
-	$querytimeAfter = array_sum(explode(' ', microtime()));
-
 	// Calculate query time
-	$queryTime = $querytimeAfter - $querytimeBefore;
+	$queryTime = microtime(true) - $querytimeBefore;
 
 	// Add this query to array including timing
 	addSqlToDebug($result, $sqlString, $queryTime, $F, $L);
@@ -108,7 +109,7 @@ Query string:<br />
 		//
 		// Debugging stuff...
 		//
-		$fp = fopen(getConfig('CACHE_PATH') . 'mysql.log', 'a') or app_die(__FILE__, __LINE__, "Cannot write mysql.log!");
+		$fp = fopen(getConfig('CACHE_PATH') . 'mysql.log', 'a') or app_die(__FILE__, __LINE__, 'Cannot write mysql.log!');
 		if (!isset($GLOBALS['sql_first_entry'])) {
 			// Write first entry
 			fwrite($fp, 'Module=' . getModule() . "\n");
@@ -142,10 +143,10 @@ function SQL_NUMROWS ($result) {
 		$lines = mysql_num_rows($result);
 
 		// Is the result empty? Then we have an error!
-		if (empty($lines)) $lines = 0;
+		if (empty($lines)) $lines = '0';
 	} elseif (SQL_IS_LINK_UP()) {
 		// No resource given, no lines found!
-		$lines = 0;
+		$lines = '0';
 	}
 
 	// Return lines
@@ -190,7 +191,7 @@ function SQL_FETCHARRAY ($res, $nr=0, $remove_numerical=true) {
 		if ($remove_numerical) {
 			// So let's remove all numerical elements to save memory!
 			$max = count($row);
-			for ($idx = 0; $idx < ($max / 2); $idx++) {
+			for ($idx = '0'; $idx < ($max / 2); $idx++) {
 				// Remove entry
 				unset($row[$idx]);
 			} // END - for
@@ -205,7 +206,7 @@ function SQL_FETCHARRAY ($res, $nr=0, $remove_numerical=true) {
 }
 
 // SQL result
-function SQL_RESULT ($res, $row, $field = 0) {
+function SQL_RESULT ($res, $row, $field = '0') {
 	// Is $res valid?
 	if ((!is_resource($res)) || (!SQL_IS_LINK_UP())) return false;
 
@@ -313,8 +314,8 @@ function SQL_ESCAPE ($str, $secureString=true, $strip=true) {
 		} // END - if
 
 		if (!SQL_IS_LINK_UP()) {
-			// Fall-back to smartAddSlashes() when there is no link
-			$ret = smartAddSlashes($str);
+			// Fall-back to escapeQuotes() when there is no link
+			$ret = escapeQuotes($str);
 		} elseif (function_exists('mysql_real_escape_string')) {
 			// The new and improved version
 			//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str='.$str);
@@ -323,8 +324,8 @@ function SQL_ESCAPE ($str, $secureString=true, $strip=true) {
 			// The obsolete function
 			$ret = mysql_escape_string($str, SQL_GET_LINK());
 		} else {
-			// If nothing else works, fall back to smartAddSlashes() again
-			$ret = smartAddSlashes($str);
+			// If nothing else works, fall back to escapeQuotes() again
+			$ret = escapeQuotes($str);
 		}
 
 		// Cache result
@@ -401,14 +402,14 @@ function SQL_ALTER_TABLE ($sql, $F, $L) {
 
 			// Do we have no entry on ADD or an entry on DROP?
 			// 123           4       4     3    3      4           4          32    23           4       4     3    3      4            4          321
-			if (((SQL_NUMROWS($result) == 0) && (strpos($sql, 'ADD') !== false)) || ((SQL_NUMROWS($result) == 1) && (strpos($sql, 'DROP') !== false))) {
+			if (((SQL_NUMROWS($result) == '0') && (strpos($sql, 'ADD') !== false)) || ((SQL_NUMROWS($result) == 1) && (strpos($sql, 'DROP') !== false))) {
 				// Do the query
 				//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Executing: ' . $sql);
 				$result = SQL_QUERY($sql, $F, $L, false);
 
 				// Skip further attempt(s)
 				break;
-			} elseif ((((SQL_NUMROWS($result) == 1) && (strpos($sql, 'ADD') !== false)) || ((SQL_NUMROWS($result) == 0) && (strpos($sql, 'DROP') !== false))) && ($columnName != 'KEY')) {
+			} elseif ((((SQL_NUMROWS($result) == 1) && (strpos($sql, 'ADD') !== false)) || ((SQL_NUMROWS($result) == '0') && (strpos($sql, 'DROP') !== false))) && ($columnName != 'KEY')) {
 				// Abort here because it is alreay there
 				//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Skipped: ' . $sql);
 				break;