DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12 Commits
3 Branches
110MB
Tree: 271239454f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '271239454f'
${ noResults }
DedeV6/src/include/dedesqlite.class.php

763 lines
24KB
Raw Blame History 

  1. <?php   if(!defined('DEDEINC')) exit("Request Error!");

  2. /**

  3.  * 数据库类

  4.  * 说明:系统底层数据库核心类

  5.  *      调用这个类前,请先设定这些外部变量

  6.  *      $GLOBALS['cfg_dbhost'];

  7.  *      $GLOBALS['cfg_dbuser'];

  8.  *      $GLOBALS['cfg_dbpwd'];

  9.  *      $GLOBALS['cfg_dbname'];

  10.  *      $GLOBALS['cfg_dbprefix'];

  11.  *

  12.  * @version        $Id: dedesqli.class.php 1 15:00 2011-1-21 tianya $

  13.  * @package        DedeCMS.Libraries

  14.  * @copyright      Copyright (c) 2007 - 2019, DesDev, Inc.

  15.  * @license        http://help.dedecms.com/usersguide/license.html

  16.  * @link           http://www.dedecms.com

  17.  */

  18. @set_time_limit(0);

  19. // 在工程所有文件中均不需要单独初始化这个类,可直接用 $dsql 或 $db 进行操作

  20. // 为了防止错误,操作完后不必关闭数据库

  21. $dsql = $dsqlitete = $db = new DedeSqlite(FALSE);

  22. /**

  23.  * Dede MySQLi数据库类

  24.  *

  25.  * @package        DedeSqli

  26.  * @subpackage     DedeCMS.Libraries

  27.  * @link           http://www.dedecms.com

  28.  */

  29. if (!defined('MYSQL_BOTH')) {

  30.      define('MYSQL_BOTH',MYSQLI_BOTH);

  31. }

  32. class DedeSqlite

  33. {

  34.     var $linkID;

  35.     var $dbHost;

  36.     var $dbUser;

  37.     var $dbPwd;

  38.     var $dbName;

  39.     var $dbPrefix;

  40.     var $result;

  41.     var $queryString;

  42.     var $parameters;

  43.     var $isClose;

  44.     var $safeCheck;

  45. 	var $showError=false;

  46.     var $recordLog=false; // 记录日志到data/mysqli_record_log.inc便于进行调试

  47. 	var $isInit=false;

  48. 	var $pconnect=false;

  49. 	var $_fixObject;

  50. 

  51.     //用外部定义的变量初始类,并连接数据库

  52.     function __construct($pconnect=FALSE,$nconnect=FALSE)

  53.     {

  54.         $this->isClose = FALSE;

  55.         $this->safeCheck = TRUE;

  56. 		$this->pconnect = $pconnect;

  57.         if($nconnect)

  58.         {

  59.             $this->Init($pconnect);

  60.         }

  61.     }

  62. 

  63.     function DedeSql($pconnect=FALSE,$nconnect=TRUE)

  64.     {

  65.         $this->__construct($pconnect,$nconnect);

  66.     }

  67. 

  68.     function Init($pconnect=FALSE)

  69.     {

  70.         $this->linkID = 0;

  71.         //$this->queryString = '';

  72.         //$this->parameters = Array();

  73.         $this->dbHost   =  $GLOBALS['cfg_dbhost'];

  74.         $this->dbUser   =  $GLOBALS['cfg_dbuser'];

  75.         $this->dbPwd    =  $GLOBALS['cfg_dbpwd'];

  76.         $this->dbName   =  $GLOBALS['cfg_dbname'];

  77.         $this->dbPrefix =  $GLOBALS['cfg_dbprefix'];

  78.         $this->result["me"] = 0;

  79.         $this->Open($pconnect);

  80.     }

  81. 

  82.     //用指定参数初始数据库信息

  83.     function SetSource($host,$username,$pwd,$dbname,$dbprefix="dede_")

  84.     {

  85.         $this->dbHost = $host;

  86.         $this->dbUser = $username;

  87.         $this->dbPwd = $pwd;

  88.         $this->dbName = $dbname;

  89.         $this->dbPrefix = $dbprefix;

  90.         $this->result["me"] = 0;

  91.     }

  92. 

  93.     //设置SQL里的参数

  94.     function SetParameter($key,$value)

  95.     {

  96.         $this->parameters[$key]=$value;

  97.     }

  98. 

  99.     //连接数据库

  100.     function Open($pconnect=FALSE)

  101.     {

  102.         global $dsqlite;

  103.         //连接数据库

  104.         if($dsqlite && !$dsqlite->isClose && $dsqlite->isInit)

  105.         {

  106.             $this->linkID = $dsqlite->linkID;

  107.         }

  108.         else

  109.         {

  110. 

  111.             $this->linkID = new SQLite3(DEDEDATA.'/'.$this->dbName.'.db');

  112. 

  113.             //复制一个对象副本

  114.             CopySQLiPoint($this);

  115.         }

  116. 

  117.         //处理错误,成功连接则选择数据库

  118.         if(!$this->linkID)

  119.         {

  120.             $this->DisplayError("DedeCMS错误警告:<font color='red'>连接数据库失败,可能数据库密码不对或数据库服务器出错!</font>");

  121.             exit();

  122.         }

  123. 		$this->isInit = TRUE;

  124.         return TRUE;

  125.     }

  126. 

  127.     //为了防止采集等需要较长运行时间的程序超时,在运行这类程序时设置系统等待和交互时间

  128.     function SetLongLink()

  129.     {

  130.         @mysqli_query("SET interactive_timeout=3600, wait_timeout=3600 ;", $this->linkID);

  131.     }

  132. 

  133.     //获得错误描述

  134.     function GetError()

  135.     {

  136.         $str = mysqli_error($this->linkID);

  137.         return $str;

  138.     }

  139. 

  140.     //关闭数据库

  141.     //mysql能自动管理非持久连接的连接池

  142.     //实际上关闭并无意义并且容易出错,所以取消这函数

  143.     function Close($isok=FALSE)

  144.     {

  145.         $this->FreeResultAll();

  146.         if($isok)

  147.         {

  148.             $this->linkID->close();

  149.             $this->isClose = TRUE;

  150.             $GLOBALS['dsql'] = NULL;

  151.         }

  152.     }

  153. 

  154.     //定期清理死连接

  155.     function ClearErrLink()

  156.     {

  157.     }

  158. 

  159.     //关闭指定的数据库连接

  160.     function CloseLink($dblink)

  161.     {

  162.     }

  163. 

  164.     function Esc( $_str )

  165.     {

  166.         return addslashes($_str);

  167.     }

  168. 

  169.     //执行一个不返回结果的SQL语句,如update,delete,insert等

  170.     function ExecuteNoneQuery($sql='')

  171.     {

  172.         global $dsqlite;

  173. 		if(!$dsqlite->isInit)

  174. 		{

  175. 			$this->Init($this->pconnect);

  176. 		}

  177.         if($dsqlite->isClose)

  178.         {

  179.             $this->Open(FALSE);

  180.             $dsqlite->isClose = FALSE;

  181.         }

  182.         if(!empty($sql))

  183.         {

  184.             $this->SetQuery($sql);

  185.         }else{

  186.             return FALSE;

  187.         }

  188.         if(is_array($this->parameters))

  189.         {

  190.             foreach($this->parameters as $key=>$value)

  191.             {

  192.                 $this->queryString = str_replace("@".$key,"'$value'",$this->queryString);

  193.             }

  194.         }

  195.         //SQL语句安全检查

  196.         if($this->safeCheck) CheckSql($this->queryString,'update');

  197. 

  198.         $t1 = ExecTime();

  199.         

  200.         $rs = $this->linkID->exec($this->queryString);

  201. 

  202. 

  203.         //查询性能测试

  204.         if($this->recordLog) {

  205. 			$queryTime = ExecTime() - $t1;

  206.             $this->RecordLog($queryTime);

  207.             //echo $this->queryString."--{$queryTime}<hr />\r\n";

  208.         }

  209.         return $rs;

  210.     }

  211. 

  212. 

  213.     //执行一个返回影响记录条数的SQL语句,如update,delete,insert等

  214.     function ExecuteNoneQuery2($sql='')

  215.     {

  216.         global $dsqlite;

  217. 		if(!$dsqlite->isInit)

  218. 		{

  219. 			$this->Init($this->pconnect);

  220. 		}

  221.         if($dsqlite->isClose)

  222.         {

  223.             $this->Open(FALSE);

  224.             $dsqlite->isClose = FALSE;

  225.         }

  226. 

  227.         if(!empty($sql))

  228.         {

  229.             $this->SetQuery($sql);

  230.         }

  231.         if(is_array($this->parameters))

  232.         {

  233.             foreach($this->parameters as $key=>$value)

  234.             {

  235.                 $this->queryString = str_replace("@".$key,"'$value'",$this->queryString);

  236.             }

  237.         }

  238.         $t1 = ExecTime();

  239.         $this->linkID->exec($this->queryString);

  240. 

  241.         //查询性能测试

  242.         if($this->recordLog) {

  243. 			$queryTime = ExecTime() - $t1;

  244.             $this->RecordLog($queryTime);

  245.             //echo $this->queryString."--{$queryTime}<hr />\r\n";

  246.         }

  247. 

  248.         return $this->linkID->changes();

  249.     }

  250. 

  251.     function ExecNoneQuery($sql='')

  252.     {

  253.         return $this->ExecuteNoneQuery($sql);

  254.     }

  255. 

  256.     function GetFetchRow($id='me')

  257.     {

  258.         return $this->result[$id]->numColumns();

  259.     }

  260. 

  261.     function GetAffectedRows()

  262.     {

  263.         return $this->linkID->changes();

  264.     }

  265. 

  266.     //执行一个带返回结果的SQL语句,如SELECT,SHOW等

  267.     function Execute($id="me", $sql='')

  268.     {

  269.         global $dsqlite;

  270. 		if(!$dsqlite->isInit)

  271. 		{

  272. 			$this->Init($this->pconnect);

  273. 		}

  274.         if($dsqlite->isClose)

  275.         {

  276.             $this->Open(FALSE);

  277.             $dsqlite->isClose = FALSE;

  278.         }

  279.         if(!empty($sql))

  280.         {

  281.             $this->SetQuery($sql);

  282.         }

  283.         //SQL语句安全检查

  284.         if($this->safeCheck)

  285.         {

  286.             CheckSql($this->queryString);

  287.         }

  288. 

  289.         $t1 = ExecTime();

  290.         //var_dump($this->queryString);

  291.         

  292.         $this->result[$id] = $this->linkID->query($this->queryString);

  293.         

  294. 		//var_dump(mysql_error());

  295. 

  296.         //查询性能测试

  297.         if($this->recordLog) {

  298. 			$queryTime = ExecTime() - $t1;

  299.             $this->RecordLog($queryTime);

  300.             //echo $this->queryString."--{$queryTime}<hr />\r\n";

  301.         }

  302. 

  303.         if($this->result[$id]===FALSE)

  304.         {

  305.             $this->DisplayError($this->linkID->lastErrorMsg()." <br />Error sql: <font color='red'>".$this->queryString."</font>");

  306.         }

  307.     }

  308. 

  309.     function Query($id="me",$sql='')

  310.     {

  311.         $this->Execute($id,$sql);

  312.     }

  313. 

  314.     //执行一个SQL语句,返回前一条记录或仅返回一条记录

  315.     function GetOne($sql='',$acctype=MYSQLI_ASSOC)

  316.     {

  317.         global $dsqlite;

  318. 		if(!$dsqlite->isInit)

  319. 		{

  320. 			$this->Init($this->pconnect);

  321. 		}

  322.         if($dsqlite->isClose)

  323.         {

  324.             $this->Open(FALSE);

  325.             $dsqlite->isClose = FALSE;

  326.         }

  327.         if(!empty($sql))

  328.         {

  329.             if(!preg_match("/LIMIT/i",$sql)) $this->SetQuery(preg_replace("/[,;]$/i", '', trim($sql))." LIMIT 0,1;");

  330.             else $this->SetQuery($sql);

  331.         }

  332.         $this->Execute("one");

  333.         $arr = $this->GetArray("one", $acctype);

  334.         if(!is_array($arr))

  335.         {

  336.             return '';

  337.         }

  338.         else

  339.         {

  340.             $this->result["one"]->reset(); return($arr);

  341.         }

  342.     }

  343. 

  344.     //执行一个不与任何表名有关的SQL语句,Create等

  345.     function ExecuteSafeQuery($sql,$id="me")

  346.     {

  347.         global $dsqlite;

  348. 		if(!$dsqlite->isInit)

  349. 		{

  350. 			$this->Init($this->pconnect);

  351. 		}

  352.         if($dsqlite->isClose)

  353.         {

  354.             $this->Open(FALSE);

  355.             $dsqlite->isClose = FALSE;

  356.         }

  357.         $this->result[$id] = $this->linkID->query($sql);

  358.     }

  359. 

  360.     //返回当前的一条记录并把游标移向下一记录

  361.     // SQLITE3_ASSOC、SQLITE3_NUM、SQLITE3_BOTH

  362.     function GetArray($id="me",$acctype=SQLITE3_ASSOC)

  363.     {

  364.         switch ( $acctype )

  365.         {

  366.             case MYSQL_ASSOC:

  367.                 $acctype = SQLITE3_ASSOC;

  368.                 break;    

  369.             case MYSQL_NUM:

  370.                 $acctype = SQLITE3_NUM;

  371.                 break;  

  372.             default:

  373.                 $acctype = SQLITE3_BOTH;

  374.                 break;

  375.         }

  376.         

  377.         if($this->result[$id]===0)

  378.         {

  379.             return FALSE;

  380.         }

  381.         else

  382.         {

  383.             $rs = $this->result[$id]->fetchArray($acctype);

  384.             if ( !$rs ) {

  385.                 $this->result[$id]=0;

  386.                 return false;

  387.             }

  388.             return $rs;

  389.         }

  390.     }

  391. 

  392.     function GetObject($id="me")

  393.     {

  394.         if ( !isset($this->_fixObject[$id]) )

  395.         {

  396.             $this->_fixObject[$id] = array();

  397.             while ( $row = $this->result[$id]->fetchArray(SQLITE3_ASSOC) )

  398.             {

  399.                 $this->_fixObject[$id][] = (object)$row;

  400.             }

  401.             $this->result[$id]->reset();

  402.         }

  403.         return array_shift($this->_fixObject[$id]);

  404.     }

  405. 

  406.     // 检测是否存在某数据表

  407.     function IsTable($tbname)

  408.     {

  409.         global $dsqlite;

  410. 		if(!$dsqlite->isInit)

  411. 		{

  412. 			$this->Init($this->pconnect);

  413. 		}

  414.         $prefix="#@__";

  415.         $tbname = str_replace($prefix, $GLOBALS['cfg_dbprefix'], $tbname);

  416. 

  417.         $row = $this->linkID->querySingle( "PRAGMA table_info({$tbname});");

  418.         

  419.         if( $row !== null )

  420.         {

  421.             return TRUE;

  422.         }

  423.         return FALSE;

  424.     }

  425. 

  426.     //获得MySql的版本号

  427.     function GetVersion($isformat=TRUE)

  428.     {

  429.         global $dsqlite;

  430. 		if(!$dsqlite->isInit)

  431. 		{

  432. 			$this->Init($this->pconnect);

  433. 		}

  434.         if($dsqlite->isClose)

  435.         {

  436.             $this->Open(FALSE);

  437.             $dsqlite->isClose = FALSE;

  438.         }

  439.         $rs = $this->linkID->querySingle("select sqlite_version();");

  440.         $sqlite_version = $rs;

  441.         if($isformat)

  442.         {

  443.             $sqlite_versions = explode(".",trim($sqlite_version));

  444.             $sqlite_version = number_format($sqlite_versions[0].".".$sqlite_versions[1],2);

  445.         }

  446.         return $sqlite_version;

  447.     }

  448. 

  449.     //获取特定表的信息

  450.     function GetTableFields($tbname, $id="me")

  451.     {

  452. 		global $dsqlite;

  453. 		if(!$dsqlite->isInit)

  454. 		{

  455. 			$this->Init($this->pconnect);

  456. 		}

  457.         $prefix="#@__";

  458.         $tbname = str_replace($prefix, $GLOBALS['cfg_dbprefix'], $tbname);

  459.         $query = "SELECT * FROM {$tbname} LIMIT 0,1";

  460.         $this->result[$id] = $this->linkID->query($query);

  461.     }

  462. 

  463.     //获取字段详细信息

  464.     function GetFieldObject($id="me")

  465.     {

  466.         $cols = $this->result[$id]->numColumns(); 

  467.         $fields = array();

  468.         while ($row = $this->result[$id]->fetchArray()) { 

  469.             for ($i = 1; $i < $cols; $i++) { 

  470.                 $fields[] =  $this->result[$id]->columnName($i); 

  471.             } 

  472.         } 

  473.         

  474.         return (object)$fields;

  475.     }

  476. 

  477.     //获得查询的总记录数

  478.     function GetTotalRow($id="me")

  479.     {

  480.         $queryString = preg_replace("/SELECT(.*)FROM/isU",'SELECT count(*) as dd FROM',$this->queryString);

  481.         $rs = $this->linkID->query($queryString);

  482.         $row = $rs->fetchArray();

  483.         return $row['dd'];

  484.     }

  485. 

  486.     //获取上一步INSERT操作产生的ID

  487.     function GetLastID()

  488.     {

  489.         //如果 AUTO_INCREMENT 的列的类型是 BIGINT,则 mysqli_insert_id() 返回的值将不正确。

  490.         //可以在 SQL 查询中用 MySQL 内部的 SQL 函数 LAST_INSERT_ID() 来替代。

  491.         //$rs = mysqli_query($this->linkID, "Select LAST_INSERT_ID() as lid");

  492.         //$row = mysqli_fetch_array($rs);

  493.         //return $row["lid"];

  494.         return $this->linkID->lastInsertRowID();

  495.     }

  496. 

  497.     //释放记录集占用的资源

  498.     function FreeResult($id="me")

  499.     {

  500.         if ( $this->result[$id] )

  501.         {

  502.             @$this->result[$id]->reset();

  503.         }

  504.         

  505.     }

  506.     function FreeResultAll()

  507.     {

  508.         if(!is_array($this->result))

  509.         {

  510.             return '';

  511.         }

  512.         foreach($this->result as $kk => $vv)

  513.         {

  514.             if($vv)

  515.             {

  516.                 @$vv->reset();

  517.             }

  518.         }

  519.     }

  520. 

  521.     //设置SQL语句,会自动把SQL语句里的#@__替换为$this->dbPrefix(在配置文件中为$cfg_dbprefix)

  522.     function SetQuery($sql)

  523.     {

  524.         $prefix="#@__";

  525.         $sql = str_replace($prefix,$GLOBALS['cfg_dbprefix'],$sql);

  526.         $this->queryString = $sql;

  527.         //$this->queryString = preg_replace("/CONCAT\(',', arc.typeid2, ','\)/i","printf(',%s,', arc.typeid2)",$this->queryString);

  528.         if ( preg_match("/CONCAT\(([^\)]*?)\)/i",$this->queryString,$matches) )

  529.         {

  530.             $this->queryString = preg_replace("/CONCAT\(([^\)]*?)\)/i",str_replace(",","||",$matches[1]), $this->queryString);

  531.             $this->queryString = str_replace("'||'","','",$this->queryString);

  532.         }

  533.         

  534.         $this->queryString = preg_replace("/FIND_IN_SET\('([\w]+)', arc.flag\)>0/i","(',' || arc.flag || ',') LIKE '%,\\1,%'",$this->queryString);

  535.         $this->queryString = preg_replace("/FIND_IN_SET\('([\w]+)', arc.flag\)<1/i","(',' || arc.flag || ',') NOT LIKE '%,\\1,%'",$this->queryString);

  536.         if ( preg_match("/CREATE TABLE/i",$this->queryString) )

  537.         {

  538.             $this->queryString = preg_replace("/[\r\n]/",'',$this->queryString);

  539.             $this->queryString = preg_replace('/character set (.*?) /i','',$this->queryString);

  540.             $this->queryString = preg_replace('/unsigned/i','',$this->queryString);

  541.             $this->queryString = str_replace('TYPE=MyISAM','',$this->queryString);

  542.             

  543.             $this->queryString = preg_replace ('/TINYINT\(([\d]+)\)/i','INTEGER',$this->queryString);

  544.             $this->queryString = preg_replace ('/mediumint\(([\d]+)\)/i','INTEGER',$this->queryString);

  545.             $this->queryString = preg_replace ('/smallint\(([\d]+)\)/i','INTEGER',$this->queryString);

  546.             $this->queryString = preg_replace('/int\(([\d]+)\)/i','INTEGER',$this->queryString);

  547.             $this->queryString = preg_replace('/auto_increment/i','PRIMARY KEY AUTOINCREMENT',$this->queryString);

  548.             $this->queryString = preg_replace('/, KEY(.*?)MyISAM;/i','',$this->queryString);

  549.             $this->queryString = preg_replace('/, KEY(.*?);/i',');',$this->queryString);

  550.             $this->queryString = preg_replace('/, UNIQUE KEY(.*?);/i',');',$this->queryString);

  551.             $this->queryString = preg_replace('/set\(([^\)]*?)\)/','varchar',$this->queryString);

  552.             $this->queryString = preg_replace('/enum\(([^\)]*?)\)/','varchar',$this->queryString);

  553.             if ( preg_match("/PRIMARY KEY AUTOINCREMENT/",$this->queryString) )

  554.             {

  555.                 $this->queryString = preg_replace('/,([\t\s ]+)PRIMARY KEY  \(`([0-9a-zA-Z]+)`\)/i','',$this->queryString);

  556.                 $this->queryString = str_replace(',	PRIMARY KEY (`id`)','',$this->queryString);

  557.             }

  558.         }

  559.         $this->queryString = preg_replace("/SHOW fields FROM `([\w]+)`/i","PRAGMA table_info('\\1') ",$this->queryString);

  560.         $this->queryString = preg_replace("/SHOW CREATE TABLE .([\w]+)/i","SELECT 0,sql FROM sqlite_master WHERE name='\\1'; ",$this->queryString);

  561.         //var_dump($this->queryString);

  562.         $this->queryString = preg_replace("/Show Tables/i","SELECT name FROM sqlite_master WHERE type = \"table\"",$this->queryString);

  563.         $this->queryString = str_replace("\'","\"",$this->queryString);

  564.         //var_dump($this->queryString);

  565.     }

  566. 

  567.     function SetSql($sql)

  568.     {

  569.         $this->SetQuery($sql);

  570.     }

  571. 

  572. 	function RecordLog($runtime=0)

  573. 	{

  574. 		$RecordLogFile = dirname(__FILE__).'/../data/mysqli_record_log.inc';

  575. 		$url = $this->GetCurUrl();

  576. 		$savemsg = <<<EOT

  577. 

  578. ------------------------------------------

  579. SQL:{$this->queryString}

  580. Page:$url

  581. Runtime:$runtime

  582. EOT;

  583.         $fp = @fopen($RecordLogFile, 'a');

  584.         @fwrite($fp, $savemsg);

  585.         @fclose($fp);

  586. 	}

  587. 

  588.     //显示数据链接错误信息

  589.     function DisplayError($msg)

  590.     {

  591.         $errorTrackFile = dirname(__FILE__).'/../data/mysqli_error_trace.inc';

  592.         if( file_exists(dirname(__FILE__).'/../data/mysqli_error_trace.php') )

  593.         {

  594.             @unlink(dirname(__FILE__).'/../data/mysqli_error_trace.php');

  595.         }

  596. 		if($this->showError)

  597. 		{

  598. 			$emsg = '';

  599. 			$emsg .= "<div><h3>DedeCMS Error Warning!</h3>\r\n";

  600. 			$emsg .= "<div><a href='http://bbs.dedecms.com' target='_blank' style='color:red'>Technical Support: http://bbs.dedecms.com</a></div>";

  601. 			$emsg .= "<div style='line-helght:160%;font-size:14px;color:green'>\r\n";

  602. 			$emsg .= "<div style='color:blue'><br />Error page: <font color='red'>".$this->GetCurUrl()."</font></div>\r\n";

  603. 			$emsg .= "<div>Error infos: {$msg}</div>\r\n";

  604. 			$emsg .= "<br /></div></div>\r\n";

  605. 

  606. 			echo $emsg;

  607. 		}

  608. 

  609.         $savemsg = 'Page: '.$this->GetCurUrl()."\r\nError: ".$msg."\r\nTime".date('Y-m-d H:i:s');

  610.         //保存MySql错误日志

  611.         $fp = @fopen($errorTrackFile, 'a');

  612.         @fwrite($fp, '<'.'?php  exit();'."\r\n/*\r\n{$savemsg}\r\n*/\r\n?".">\r\n");

  613.         @fclose($fp);

  614.     }

  615. 

  616.     //获得当前的脚本网址

  617.     function GetCurUrl()

  618.     {

  619.         if(!empty($_SERVER["REQUEST_URI"]))

  620.         {

  621.             $scriptName = $_SERVER["REQUEST_URI"];

  622.             $nowurl = $scriptName;

  623.         }

  624.         else

  625.         {

  626.             $scriptName = $_SERVER["PHP_SELF"];

  627.             if(empty($_SERVER["QUERY_STRING"])) {

  628.                 $nowurl = $scriptName;

  629.             }

  630.             else {

  631.                 $nowurl = $scriptName."?".$_SERVER["QUERY_STRING"];

  632.             }

  633.         }

  634.         return $nowurl;

  635.     }

  636. 

  637. }

  638. 

  639. //复制一个对象副本

  640. function CopySQLiPoint(&$ndsql)

  641. {

  642.     $GLOBALS['dsqlite'] = $ndsql;

  643. }

  644. 

  645. //SQL语句过滤程序,由80sec提供,这里作了适当的修改

  646. if (!function_exists('CheckSql'))

  647. {

  648.     function CheckSql($db_string,$querytype='select')

  649.     {

  650.         global $cfg_cookie_encode;

  651.         $clean = '';

  652.         $error='';

  653.         $old_pos = 0;

  654.         $pos = -1;

  655.         $log_file = DEDEINC.'/../data/'.md5($cfg_cookie_encode).'_safe.txt';

  656.         $userIP = GetIP();

  657.         $getUrl = GetCurUrl();

  658. 

  659.         //如果是普通查询语句,直接过滤一些特殊语法

  660.         if($querytype=='select')

  661.         {

  662.             $notallow1 = "[^0-9a-z@\._-]{1,}(union|sleep|benchmark|load_file|outfile)[^0-9a-z@\.-]{1,}";

  663. 

  664.             //$notallow2 = "--|/\*";

  665.             if(preg_match("/".$notallow1."/i", $db_string))

  666.             {

  667.                 fputs(fopen($log_file,'a+'),"$userIP||$getUrl||$db_string||SelectBreak\r\n");

  668.                 exit("<font size='5' color='red'>Safe Alert: Request Error step 1 !</font>");

  669.             }

  670.         }

  671. 

  672.         //完整的SQL检查

  673.         while (TRUE)

  674.         {

  675.             $pos = strpos($db_string, '\'', $pos + 1);

  676.             if ($pos === FALSE)

  677.             {

  678.                 break;

  679.             }

  680.             $clean .= substr($db_string, $old_pos, $pos - $old_pos);

  681.             while (TRUE)

  682.             {

  683.                 $pos1 = strpos($db_string, '\'', $pos + 1);

  684.                 $pos2 = strpos($db_string, '\\', $pos + 1);

  685.                 if ($pos1 === FALSE)

  686.                 {

  687.                     break;

  688.                 }

  689.                 elseif ($pos2 == FALSE || $pos2 > $pos1)

  690.                 {

  691.                     $pos = $pos1;

  692.                     break;

  693.                 }

  694.                 $pos = $pos2 + 1;

  695.             }

  696.             $clean .= '$s$';

  697.             $old_pos = $pos + 1;

  698.         }

  699.         $clean .= substr($db_string, $old_pos);

  700.         $clean = trim(strtolower(preg_replace(array('~\s+~s' ), array(' '), $clean)));

  701. 

  702.         if (strpos($clean, '@') !== FALSE  OR strpos($clean,'char(')!== FALSE OR strpos($clean,'"')!== FALSE

  703.         OR strpos($clean,'$s$$s$')!== FALSE)

  704.         {

  705.             $fail = TRUE;

  706.             if(preg_match("#^create table#i",$clean)) $fail = FALSE;

  707.             $error="unusual character";

  708.         }

  709. 

  710.         //老版本的Mysql并不支持union,常用的程序里也不使用union,但是一些黑客使用它,所以检查它

  711.         if (strpos($clean, 'union') !== FALSE && preg_match('~(^|[^a-z])union($|[^[a-z])~s', $clean) != 0)

  712.         {

  713.             $fail = TRUE;

  714.             $error="union detect";

  715.         }

  716. 

  717.         //发布版本的程序可能比较少包括--,#这样的注释,但是黑客经常使用它们

  718.         elseif (strpos($clean, '/*') > 2 || strpos($clean, '--') !== FALSE || strpos($clean, '#') !== FALSE)

  719.         {

  720.             $fail = TRUE;

  721.             $error="comment detect";

  722.         }

  723. 

  724.         //这些函数不会被使用,但是黑客会用它来操作文件,down掉数据库

  725.         elseif (strpos($clean, 'sleep') !== FALSE && preg_match('~(^|[^a-z])sleep($|[^[a-z])~s', $clean) != 0)

  726.         {

  727.             $fail = TRUE;

  728.             $error="slown down detect";

  729.         }

  730.         elseif (strpos($clean, 'benchmark') !== FALSE && preg_match('~(^|[^a-z])benchmark($|[^[a-z])~s', $clean) != 0)

  731.         {

  732.             $fail = TRUE;

  733.             $error="slown down detect";

  734.         }

  735.         elseif (strpos($clean, 'load_file') !== FALSE && preg_match('~(^|[^a-z])load_file($|[^[a-z])~s', $clean) != 0)

  736.         {

  737.             $fail = TRUE;

  738.             $error="file fun detect";

  739.         }

  740.         elseif (strpos($clean, 'into outfile') !== FALSE && preg_match('~(^|[^a-z])into\s+outfile($|[^[a-z])~s', $clean) != 0)

  741.         {

  742.             $fail = TRUE;

  743.             $error="file fun detect";

  744.         }

  745. 

  746.         //老版本的MYSQL不支持子查询,我们的程序里可能也用得少,但是黑客可以使用它来查询数据库敏感信息

  747.         elseif (preg_match('~\([^)]*?select~s', $clean) != 0)

  748.         {

  749.             $fail = TRUE;

  750.             $error="sub select detect";

  751.         }

  752.         if (!empty($fail))

  753.         {

  754.             fputs(fopen($log_file,'a+'),"$userIP||$getUrl||$db_string||$error\r\n");

  755.             exit("<font size='5' color='red'>Safe Alert: Request Error step 2!</font>");

  756.         }

  757.         else

  758.         {

  759.             return $db_string;

  760.         }

  761.     }

  762. }