|
|
@@ -20,7 +20,7 @@ if (!defined('DEDEINC')) exit('dedebiz'); |
|
|
|
//在工程所有文件中均不需要单独初始化这个类,可直接用 $dsql 或 $db 进行操作
|
|
|
|
//为了防止错误,操作完后不必关闭数据库
|
|
|
|
if (!function_exists("mysqli_init")) {
|
|
|
|
echo "DedeBIZ提示:尚未发现开启mysqli模块,请在php.ini中启用`extension=mysqli`";
|
|
|
|
ShowMsg("尚未发现开启mysqli模块,请在php.ini中启用`extension=mysqli`","javasctipt:;",-1) ;
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
$dsql = $dsqli = $db = new DedeSqli(FALSE);
|
|
|
@@ -45,7 +45,7 @@ class DedeSqli |
|
|
|
var $parameters;
|
|
|
|
var $isClose;
|
|
|
|
var $safeCheck;
|
|
|
|
var $showError = false;
|
|
|
|
var $showError = true;
|
|
|
|
var $recordLog = false; //记录日志到data/mysqli_record_log.inc便于进行调试
|
|
|
|
var $isInit = false;
|
|
|
|
var $pconnect = false;
|
|
|
@@ -108,14 +108,20 @@ class DedeSqli |
|
|
|
@list($dbhost, $dbport) = explode(':', $this->dbHost);
|
|
|
|
!$dbport && $dbport = 3306;
|
|
|
|
$this->linkID = mysqli_init();
|
|
|
|
mysqli_real_connect($this->linkID, $dbhost, $this->dbUser, $this->dbPwd, false, $dbport);
|
|
|
|
mysqli_errno($this->linkID) != 0 && $this->DisplayError('系统提示:链接('.$this->pconnect.') 到MySQL发生错误');
|
|
|
|
try {
|
|
|
|
mysqli_real_connect($this->linkID, $dbhost, $this->dbUser, $this->dbPwd, false, $dbport);
|
|
|
|
mysqli_errno($this->linkID) != 0 && $this->DisplayError('链接('.$this->pconnect.') 到MySQL发生错误');
|
|
|
|
} catch (Exception $e) {
|
|
|
|
$this->DisplayError("<span style='color:#dc3545'>连接数据库失败,可能数据库密码不对或数据库服务器出错</span>");
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
//复制一个对象副本
|
|
|
|
CopySQLiPoint($this);
|
|
|
|
}
|
|
|
|
//处理错误,成功连接则选择数据库
|
|
|
|
if (!$this->linkID) {
|
|
|
|
$this->DisplayError("系统提示:<span style='color:#dc3545'>连接数据库失败,可能数据库密码不对或数据库服务器出错</span>");
|
|
|
|
$this->DisplayError("<span style='color:#dc3545'>连接数据库失败,可能数据库密码不对或数据库服务器出错</span>");
|
|
|
|
exit();
|
|
|
|
}
|
|
|
|
$this->isInit = TRUE;
|
|
|
@@ -468,7 +474,7 @@ class DedeSqli |
|
|
|
}
|
|
|
|
function RecordLog($runtime = 0)
|
|
|
|
{
|
|
|
|
$RecordLogFile = dirname(__FILE__).'/../data/mysqli_record_log.inc';
|
|
|
|
$RecordLogFile = DEDEDATA.'/mysqli_record_log.inc';
|
|
|
|
$url = $this->GetCurUrl();
|
|
|
|
$savemsg = <<<EOT
|
|
|
|
|
|
|
@@ -484,20 +490,10 @@ EOT; |
|
|
|
//显示数据链接错误信息
|
|
|
|
function DisplayError($msg)
|
|
|
|
{
|
|
|
|
$errorTrackFile = dirname(__FILE__).'/../../data/mysqli_error_trace.inc';
|
|
|
|
if (file_exists(dirname(__FILE__).'/../../data/mysqli_error_trace.php')) {
|
|
|
|
@unlink(dirname(__FILE__).'/../../data/mysqli_error_trace.php');
|
|
|
|
}
|
|
|
|
$errorTrackFile = DEDEDATA.'/mysqli_error_trace.inc';
|
|
|
|
if ($this->showError) {
|
|
|
|
$emsg = '';
|
|
|
|
$emsg .= "<div><h3>DedeBIZ Error Warning!</h3>\r\n";
|
|
|
|
$emsg .= "<div><a href='https://www.dedebiz.com' target='_blank' style='color:#dc3545'>Technical Support: https://www.dedebiz.com</a></div>";
|
|
|
|
$emsg .= "<div style='line-helght:160%;font-size:14px;color:green'>\r\n";
|
|
|
|
$emsg .= "<div style='color:blue'><br>Error page: <span style='color:#dc3545'>".$this->GetCurUrl()."</span></div>\r\n";
|
|
|
|
$emsg .= "<div>Error infos: {$msg}</div>\r\n";
|
|
|
|
$emsg .= "<br></div></div>\r\n";
|
|
|
|
|
|
|
|
echo $emsg;
|
|
|
|
ShowMsg("{$msg}", "javascript:;", -1);
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
$savemsg = 'Page: '.$this->GetCurUrl()."\r\nError: ".$msg."\r\nTime".date('Y-m-d H:i:s');
|
|
|
|
//保存MySql错误日志
|
|
|
@@ -536,7 +532,7 @@ if (!function_exists('CheckSql')) { |
|
|
|
$error = '';
|
|
|
|
$old_pos = 0;
|
|
|
|
$pos = -1;
|
|
|
|
$log_file = DEDEINC.'/../data/'.md5($cfg_cookie_encode).'_safe.txt';
|
|
|
|
$log_file = DEDEDATA.'/'.md5($cfg_cookie_encode).'_safe.txt';
|
|
|
|
$userIP = GetIP();
|
|
|
|
$getUrl = GetCurUrl();
|
|
|
|
//如果是普通查询语句,直接过滤一些特殊语法
|
|
|
|