2011-02-14 Miguel de Dios <miguel.dedios@artica.es>
* include/db/postgresql.php: fixed in function "postgresql_insert_id" the lost var. Erased traces in the function "postgresql_process_sql". Added function "postgresql_escape_string_sql". * include/db/mysql.php: fixed duplicated function "mysql_process_sql". And added function "mysql_escape_string_sql". * include/auth/mysql.php: added method to autenticate with postgreSQL. * include/functions_db.php: added functions "select_db_engine", "connect_db". And divided the function "escape_string_sql" into avaliable engines. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3827 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
mdtrooper
parent
26dc52933e
commit
38dad03b3b
|
|
@ -1,3 +1,18 @@
|
|||
2011-02-14 Miguel de Dios <miguel.dedios@artica.es>
|
||||
|
||||
* include/db/postgresql.php: fixed in function "postgresql_insert_id" the
|
||||
lost var. Erased traces in the function "postgresql_process_sql". Added
|
||||
function "postgresql_escape_string_sql".
|
||||
|
||||
* include/db/mysql.php: fixed duplicated function "mysql_process_sql". And
|
||||
added function "mysql_escape_string_sql".
|
||||
|
||||
* include/auth/mysql.php: added method to autenticate with postgreSQL.
|
||||
|
||||
* include/functions_db.php: added functions "select_db_engine",
|
||||
"connect_db". And divided the function "escape_string_sql" into avaliable
|
||||
engines.
|
||||
|
||||
2011-02-14 Miguel de Dios <miguel.dedios@artica.es>
|
||||
|
||||
* include/db/postgresql.php, include/db/mysql.php,
|
||||
|
|
|
|||
|
|
@ -78,7 +78,14 @@ function process_user_login ($login, $pass) {
|
|||
if (strtolower ($config["auth"]) == 'mysql' || is_user_admin ($login)) {
|
||||
|
||||
// Connect to Database
|
||||
$sql = sprintf ("SELECT `id_user`, `password` FROM `tusuario` WHERE `id_user` = '%s'", $login);
|
||||
switch ($config["dbtype"]) {
|
||||
case "mysql":
|
||||
$sql = sprintf ("SELECT `id_user`, `password` FROM `tusuario` WHERE `id_user` = '%s'", $login);
|
||||
break;
|
||||
case "postgresql":
|
||||
$sql = sprintf ('SELECT "id_user", "password" FROM "tusuario" WHERE "id_user" = \'%s\'', $login);
|
||||
break;
|
||||
}
|
||||
$row = get_db_row_sql ($sql);
|
||||
|
||||
//Check that row exists, that password is not empty and that password is the same hash
|
||||
|
|
|
|||
|
|
@ -80,74 +80,6 @@ function mysql_get_db_all_rows_sql ($sql, $search_history_db = false, $cache = t
|
|||
return false;
|
||||
}
|
||||
|
||||
function mysql_process_sql ($sql, $rettype = "affected_rows", $dbconnection = '', $cache = true) {
|
||||
global $config;
|
||||
global $sql_cache;
|
||||
|
||||
$retval = array();
|
||||
|
||||
if ($sql == '')
|
||||
return false;
|
||||
|
||||
if ($cache && ! empty ($sql_cache[$sql])) {
|
||||
$retval = $sql_cache[$sql];
|
||||
$sql_cache['saved']++;
|
||||
add_database_debug_trace ($sql);
|
||||
}
|
||||
else {
|
||||
$start = microtime (true);
|
||||
if ($dbconnection == '') {
|
||||
$result = mysql_query ($sql);
|
||||
}
|
||||
else {
|
||||
$result = mysql_query ($sql, $dbconnection);
|
||||
}
|
||||
$time = microtime (true) - $start;
|
||||
if ($result === false) {
|
||||
$backtrace = debug_backtrace ();
|
||||
$error = sprintf ('%s (\'%s\') in <strong>%s</strong> on line %d',
|
||||
mysql_error (), $sql, $backtrace[0]['file'], $backtrace[0]['line']);
|
||||
add_database_debug_trace ($sql, mysql_error ());
|
||||
set_error_handler ('sql_error_handler');
|
||||
trigger_error ($error);
|
||||
restore_error_handler ();
|
||||
|
||||
return false;
|
||||
}
|
||||
elseif ($result === true) {
|
||||
if ($rettype == "insert_id") {
|
||||
$result = mysql_insert_id ();
|
||||
}
|
||||
elseif ($rettype == "info") {
|
||||
$result = mysql_info ();
|
||||
}
|
||||
else {
|
||||
$result = mysql_affected_rows ();
|
||||
}
|
||||
|
||||
add_database_debug_trace ($sql, $result, mysql_affected_rows (),
|
||||
array ('time' => $time));
|
||||
return $result;
|
||||
}
|
||||
else {
|
||||
add_database_debug_trace ($sql, 0, mysql_affected_rows (),
|
||||
array ('time' => $time));
|
||||
while ($row = mysql_fetch_assoc ($result)) {
|
||||
array_push ($retval, $row);
|
||||
}
|
||||
|
||||
if ($cache === true)
|
||||
$sql_cache[$sql] = $retval;
|
||||
mysql_free_result ($result);
|
||||
}
|
||||
}
|
||||
|
||||
if (! empty ($retval))
|
||||
return $retval;
|
||||
//Return false, check with === or !==
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all the rows in a table of the database.
|
||||
*
|
||||
|
|
@ -304,4 +236,18 @@ function mysql_process_sql($sql, $rettype = "affected_rows", $dbconnection = '',
|
|||
//Return false, check with === or !==
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* Escape string to set it properly to use in sql queries
|
||||
*
|
||||
* @param string String to be cleaned.
|
||||
*
|
||||
* @return string String cleaned.
|
||||
*/
|
||||
function mysql_escape_string_sql($string) {
|
||||
$str = mysql_real_escape_string($string);
|
||||
|
||||
return $str;
|
||||
}
|
||||
?>
|
||||
|
|
@ -86,12 +86,12 @@ function postgresql_insert_id($dbconnection = '') {
|
|||
if ($dbconnection !== '') {
|
||||
$insert_query = pg_query($dbconnection, "SELECT lastval();");
|
||||
$insert_id = pg_fetch_row($insert_query);
|
||||
$result = $insert_row[0];
|
||||
$result = $insert_id[0];
|
||||
}
|
||||
else {
|
||||
$insert_query = pg_query($config['dbconnection'], "SELECT lastval();");
|
||||
$insert_id = pg_fetch_row($insert_query);
|
||||
$result = $insert_row[0];
|
||||
$result = $insert_id[0];
|
||||
}
|
||||
|
||||
return $result;
|
||||
|
|
@ -120,11 +120,6 @@ function postgresql_process_sql($sql, $rettype = "affected_rows", $dbconnection
|
|||
else {
|
||||
pg_send_query($config['dbconnection'], $sql);
|
||||
$result = pg_get_result($config['dbconnection']);
|
||||
|
||||
debugPrint($sql);
|
||||
$insert_query = pg_query($config['dbconnection'], "SELECT LASTVAL();");
|
||||
$insert_id = pg_fetch_row($insert_query);
|
||||
debugPrint($insert_row[0]);
|
||||
}
|
||||
$time = microtime (true) - $start;
|
||||
if ($result === false) {
|
||||
|
|
@ -254,4 +249,18 @@ function postgresql_process_sql_insert($table, $values) {
|
|||
|
||||
return process_sql($query, 'insert_id');
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* Escape string to set it properly to use in sql queries
|
||||
*
|
||||
* @param string String to be cleaned.
|
||||
*
|
||||
* @return string String cleaned.
|
||||
*/
|
||||
function postgresql_escape_string_sql($string) {
|
||||
$str = pg_escape_string($string);
|
||||
|
||||
return $str;
|
||||
}
|
||||
?>
|
||||
|
|
@ -21,6 +21,32 @@
|
|||
|
||||
include_once("include/functions_extensions.php");
|
||||
|
||||
function select_db_engine() {
|
||||
global $config;
|
||||
|
||||
switch ($config["dbtype"]) {
|
||||
case "mysql":
|
||||
require_once ('include/db/mysql.php');
|
||||
break;
|
||||
case "postgresql":
|
||||
require_once ('include/db/postgresql.php');
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
function connect_db($host = null, $db = null, $user = null, $pass = null) {
|
||||
global $config;
|
||||
|
||||
switch ($config["dbtype"]) {
|
||||
case "mysql":
|
||||
return mysql_connect_db($host, $db, $user, $pass);
|
||||
break;
|
||||
case "postgresql":
|
||||
return postgresql_connect_db($host, $db, $user, $pass);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* When you delete (with the function "process_sql_delete" or other) any row in
|
||||
* any table, some times the cache save the data just deleted, because you
|
||||
|
|
@ -73,11 +99,17 @@ function check_login () {
|
|||
*
|
||||
* @return string String cleaned.
|
||||
*/
|
||||
function escape_string_sql ($string) {
|
||||
function escape_string_sql($string) {
|
||||
global $config;
|
||||
|
||||
$str = mysql_real_escape_string($string);
|
||||
|
||||
return $str;
|
||||
switch ($config["dbtype"]) {
|
||||
case "mysql":
|
||||
return mysql_escape_string_sql($string);
|
||||
break;
|
||||
case "postgresql":
|
||||
return postgresql_escape_string_sql($string);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue