DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
425 Commits
3 Branches
110MB
Tree: 7b92c71654
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7b92c71654'
${ noResults }
DedeV6/src/include/dedesqlite.class.php

697 lines
24KB
Raw Blame History 

  1. <?php if (!defined('DEDEINC')) exit("Request Error!");

  2. /**

  3.  * 数据库类

  4.  * 说明:系统底层数据库核心类

  5.  *      调用这个类前,请先设定这些外部变量

  6.  *      $GLOBALS['cfg_dbhost'];

  7.  *      $GLOBALS['cfg_dbuser'];

  8.  *      $GLOBALS['cfg_dbpwd'];

  9.  *      $GLOBALS['cfg_dbname'];

  10.  *      $GLOBALS['cfg_dbprefix'];

  11.  *

  12.  * @version        $Id: dedesqli.class.php 1 15:00 2011-1-21 tianya $

  13.  * @package        DedeBIZ.Libraries

  14.  * @copyright      Copyright (c) 2021, DedeBIZ.COM

  15.  * @license        https://www.dedebiz.com/license

  16.  * @link           https://www.dedebiz.com

  17.  */

  18. @set_time_limit(0);

  19. // 在工程所有文件中均不需要单独初始化这个类,可直接用 $dsql 或 $db 进行操作

  20. // 为了防止错误,操作完后不必关闭数据库

  21. $dsql = $dsqlitete = $db = new DedeSqlite(FALSE);

  22. /**

  23.  * Dede MySQLi数据库类

  24.  *

  25.  * @package        DedeSqli

  26.  * @subpackage     DedeBIZ.Libraries

  27.  * @link           https://www.dedebiz.com

  28.  */

  29. if (!defined('MYSQL_BOTH')) {

  30.     define('MYSQL_BOTH', MYSQLI_BOTH);

  31. }

  32. if (!defined('MYSQL_ASSOC')) {

  33.     define('MYSQL_ASSOC', SQLITE3_ASSOC);

  34. }

  35. class DedeSqlite

  36. {

  37.     var $linkID;

  38.     var $dbHost;

  39.     var $dbUser;

  40.     var $dbPwd;

  41.     var $dbName;

  42.     var $dbPrefix;

  43.     var $result;

  44.     var $queryString;

  45.     var $parameters;

  46.     var $isClose;

  47.     var $safeCheck;

  48.     var $showError = false;

  49.     var $recordLog = false; // 记录日志到data/mysqli_record_log.inc便于进行调试

  50.     var $isInit = false;

  51.     var $pconnect = false;

  52.     var $_fixObject;

  53. 

  54.     //用外部定义的变量初始类,并连接数据库

  55.     function __construct($pconnect = FALSE, $nconnect = FALSE)

  56.     {

  57.         $this->isClose = FALSE;

  58.         $this->safeCheck = TRUE;

  59.         $this->pconnect = $pconnect;

  60.         if ($nconnect) {

  61.             $this->Init($pconnect);

  62.         }

  63.     }

  64. 

  65.     function DedeSql($pconnect = FALSE, $nconnect = TRUE)

  66.     {

  67.         $this->__construct($pconnect, $nconnect);

  68.     }

  69. 

  70.     function Init($pconnect = FALSE)

  71.     {

  72.         $this->linkID = 0;

  73.         //$this->queryString = '';

  74.         //$this->parameters = Array();

  75.         $this->dbHost   =  $GLOBALS['cfg_dbhost'];

  76.         $this->dbUser   =  $GLOBALS['cfg_dbuser'];

  77.         $this->dbPwd    =  $GLOBALS['cfg_dbpwd'];

  78.         $this->dbName   =  $GLOBALS['cfg_dbname'];

  79.         $this->dbPrefix =  $GLOBALS['cfg_dbprefix'];

  80.         $this->result["me"] = 0;

  81.         $this->Open($pconnect);

  82.     }

  83. 

  84.     //用指定参数初始数据库信息

  85.     function SetSource($host, $username, $pwd, $dbname, $dbprefix = "dede_")

  86.     {

  87.         $this->dbHost = $host;

  88.         $this->dbUser = $username;

  89.         $this->dbPwd = $pwd;

  90.         $this->dbName = $dbname;

  91.         $this->dbPrefix = $dbprefix;

  92.         $this->result["me"] = 0;

  93.     }

  94. 

  95.     //设置SQL里的参数

  96.     function SetParameter($key, $value)

  97.     {

  98.         $this->parameters[$key] = $value;

  99.     }

  100. 

  101.     //连接数据库

  102.     function Open($pconnect = FALSE)

  103.     {

  104.         global $dsqlite;

  105.         //连接数据库

  106.         if ($dsqlite && !$dsqlite->isClose && $dsqlite->isInit) {

  107.             $this->linkID = $dsqlite->linkID;

  108.         } else {

  109. 

  110.             $this->linkID = new SQLite3(DEDEDATA . '/' . $this->dbName . '.db');

  111. 

  112.             //复制一个对象副本

  113.             CopySQLiPoint($this);

  114.         }

  115. 

  116.         //处理错误,成功连接则选择数据库

  117.         if (!$this->linkID) {

  118.             $this->DisplayError("DedeBIZ错误警告:<font color='red'>连接数据库失败,可能数据库密码不对或数据库服务器出错</font>");

  119.             exit();

  120.         }

  121.         $this->isInit = TRUE;

  122.         return TRUE;

  123.     }

  124. 

  125.     //为了防止采集等需要较长运行时间的程序超时,在运行这类程序时设置系统等待和交互时间

  126.     function SetLongLink()

  127.     {

  128.         // @mysqli_query("SET interactive_timeout=3600, wait_timeout=3600 ;", $this->linkID);

  129.     }

  130. 

  131.     //获得错误描述

  132.     function GetError()

  133.     {

  134.         $str = $dsqlite->lastErrorMsg();

  135.         return $str;

  136.     }

  137. 

  138.     //关闭数据库

  139.     //mysql能自动管理非持久连接的连接池

  140.     //实际上关闭并无意义并且容易出错,所以取消这函数

  141.     function Close($isok = FALSE)

  142.     {

  143.         $this->FreeResultAll();

  144.         if ($isok) {

  145.             $this->linkID->close();

  146.             $this->isClose = TRUE;

  147.             $GLOBALS['dsql'] = NULL;

  148.         }

  149.     }

  150. 

  151.     //定期清理死连接

  152.     function ClearErrLink()

  153.     {

  154.     }

  155. 

  156.     //关闭指定的数据库连接

  157.     function CloseLink($dblink)

  158.     {

  159.     }

  160. 

  161.     function Esc($_str)

  162.     {

  163.         return addslashes($_str);

  164.     }

  165. 

  166.     //执行一个不返回结果的SQL语句,如update,delete,insert等

  167.     function ExecuteNoneQuery($sql = '')

  168.     {

  169.         global $dsqlite;

  170.         if (!$dsqlite->isInit) {

  171.             $this->Init($this->pconnect);

  172.         }

  173.         if ($dsqlite->isClose) {

  174.             $this->Open(FALSE);

  175.             $dsqlite->isClose = FALSE;

  176.         }

  177.         if (!empty($sql)) {

  178.             $this->SetQuery($sql);

  179.         } else {

  180.             return FALSE;

  181.         }

  182.         if (is_array($this->parameters)) {

  183.             foreach ($this->parameters as $key => $value) {

  184.                 $this->queryString = str_replace("@" . $key, "'$value'", $this->queryString);

  185.             }

  186.         }

  187.         //SQL语句安全检查

  188.         if ($this->safeCheck) CheckSql($this->queryString, 'update');

  189. 

  190.         $t1 = ExecTime();

  191. 

  192.         $rs = $this->linkID->exec($this->queryString);

  193. 

  194. 

  195.         //查询性能测试

  196.         if ($this->recordLog) {

  197.             $queryTime = ExecTime() - $t1;

  198.             $this->RecordLog($queryTime);

  199.             //echo $this->queryString."--{$queryTime}<hr />\r\n";

  200.         }

  201.         return $rs;

  202.     }

  203. 

  204. 

  205.     //执行一个返回影响记录条数的SQL语句,如update,delete,insert等

  206.     function ExecuteNoneQuery2($sql = '')

  207.     {

  208.         global $dsqlite;

  209.         if (!$dsqlite->isInit) {

  210.             $this->Init($this->pconnect);

  211.         }

  212.         if ($dsqlite->isClose) {

  213.             $this->Open(FALSE);

  214.             $dsqlite->isClose = FALSE;

  215.         }

  216. 

  217.         if (!empty($sql)) {

  218.             $this->SetQuery($sql);

  219.         }

  220.         if (is_array($this->parameters)) {

  221.             foreach ($this->parameters as $key => $value) {

  222.                 $this->queryString = str_replace("@" . $key, "'$value'", $this->queryString);

  223.             }

  224.         }

  225.         $t1 = ExecTime();

  226.         $this->linkID->exec($this->queryString);

  227. 

  228.         //查询性能测试

  229.         if ($this->recordLog) {

  230.             $queryTime = ExecTime() - $t1;

  231.             $this->RecordLog($queryTime);

  232.             //echo $this->queryString."--{$queryTime}<hr />\r\n";

  233.         }

  234. 

  235.         return $this->linkID->changes();

  236.     }

  237. 

  238.     function ExecNoneQuery($sql = '')

  239.     {

  240.         return $this->ExecuteNoneQuery($sql);

  241.     }

  242. 

  243.     function GetFetchRow($id = 'me')

  244.     {

  245.         return $this->result[$id]->numColumns();

  246.     }

  247. 

  248.     function GetAffectedRows()

  249.     {

  250.         return $this->linkID->changes();

  251.     }

  252. 

  253.     //执行一个带返回结果的SQL语句,如SELECT,SHOW等

  254.     function Execute($id = "me", $sql = '')

  255.     {

  256.         global $dsqlite;

  257.         if (!$dsqlite->isInit) {

  258.             $this->Init($this->pconnect);

  259.         }

  260.         if ($dsqlite->isClose) {

  261.             $this->Open(FALSE);

  262.             $dsqlite->isClose = FALSE;

  263.         }

  264.         if (!empty($sql)) {

  265.             $this->SetQuery($sql);

  266.         }

  267.         //SQL语句安全检查

  268.         if ($this->safeCheck) {

  269.             CheckSql($this->queryString);

  270.         }

  271. 

  272.         $t1 = ExecTime();

  273.         //var_dump($this->queryString);

  274. 

  275.         $this->result[$id] = $this->linkID->query($this->queryString);

  276. 

  277.         //var_dump(mysql_error());

  278. 

  279.         //查询性能测试

  280.         if ($this->recordLog) {

  281.             $queryTime = ExecTime() - $t1;

  282.             $this->RecordLog($queryTime);

  283.             //echo $this->queryString."--{$queryTime}<hr />\r\n";

  284.         }

  285. 

  286.         if ($this->result[$id] === FALSE) {

  287.             $this->DisplayError($this->linkID->lastErrorMsg() . " <br />Error sql: <font color='red'>" . $this->queryString . "</font>");

  288.         }

  289.     }

  290. 

  291.     function Query($id = "me", $sql = '')

  292.     {

  293.         $this->Execute($id, $sql);

  294.     }

  295. 

  296.     //执行一个SQL语句,返回前一条记录或仅返回一条记录

  297.     function GetOne($sql = '', $acctype = SQLITE3_ASSOC)

  298.     {

  299.         global $dsqlite;

  300.         if (!$dsqlite->isInit) {

  301.             $this->Init($this->pconnect);

  302.         }

  303.         if ($dsqlite->isClose) {

  304.             $this->Open(FALSE);

  305.             $dsqlite->isClose = FALSE;

  306.         }

  307.         if (!empty($sql)) {

  308.             if (!preg_match("/LIMIT/i", $sql)) $this->SetQuery(preg_replace("/[,;]$/i", '', trim($sql)) . " LIMIT 0,1;");

  309.             else $this->SetQuery($sql);

  310.         }

  311.         $this->Execute("one");

  312.         $arr = $this->GetArray("one", $acctype);

  313.         if (!is_array($arr)) {

  314.             return '';

  315.         } else {

  316.             $this->result["one"]->reset();

  317.             return ($arr);

  318.         }

  319.     }

  320. 

  321.     //执行一个不与任何表名有关的SQL语句,Create等

  322.     function ExecuteSafeQuery($sql, $id = "me")

  323.     {

  324.         global $dsqlite;

  325.         if (!$dsqlite->isInit) {

  326.             $this->Init($this->pconnect);

  327.         }

  328.         if ($dsqlite->isClose) {

  329.             $this->Open(FALSE);

  330.             $dsqlite->isClose = FALSE;

  331.         }

  332.         $this->result[$id] = $this->linkID->query($sql);

  333.     }

  334. 

  335.     //返回当前的一条记录并把游标移向下一记录

  336.     // SQLITE3_ASSOC、SQLITE3_NUM、SQLITE3_BOTH

  337.     function GetArray($id = "me", $acctype = SQLITE3_ASSOC)

  338.     {

  339.         switch ($acctype) {

  340.             case MYSQL_ASSOC:

  341.                 $acctype = SQLITE3_ASSOC;

  342.                 break;

  343.             case MYSQL_NUM:

  344.                 $acctype = SQLITE3_NUM;

  345.                 break;

  346.             default:

  347.                 $acctype = SQLITE3_BOTH;

  348.                 break;

  349.         }

  350. 

  351.         if ($this->result[$id] === 0) {

  352.             return FALSE;

  353.         } else {

  354.             if ($this->result[$id]) {

  355.                 $rs = $this->result[$id]->fetchArray($acctype);

  356.                 if (!$rs) {

  357.                     $this->result[$id] = 0;

  358.                     return false;

  359.                 }

  360.                 return $rs;

  361.             } else {

  362.                 return false;

  363.             }

  364.         }

  365.     }

  366. 

  367.     function GetObject($id = "me")

  368.     {

  369.         if (!isset($this->_fixObject[$id])) {

  370.             $this->_fixObject[$id] = array();

  371.             if ($this->result[$id]) {

  372.                 while ($row = $this->result[$id]->fetchArray(SQLITE3_ASSOC)) {

  373.                     $this->_fixObject[$id][] = (object)$row;

  374.                 }

  375.                 $this->result[$id]->reset();

  376.             }

  377.         }

  378.         return array_shift($this->_fixObject[$id]);

  379.     }

  380. 

  381.     // 检测是否存在某数据表

  382.     function IsTable($tbname)

  383.     {

  384.         global $dsqlite;

  385.         if (!$dsqlite->isInit) {

  386.             $this->Init($this->pconnect);

  387.         }

  388.         $prefix = "#@__";

  389.         $tbname = str_replace($prefix, $GLOBALS['cfg_dbprefix'], $tbname);

  390. 

  391.         $row = $this->linkID->querySingle("PRAGMA table_info({$tbname});");

  392. 

  393.         if ($row !== null) {

  394.             return TRUE;

  395.         }

  396.         return FALSE;

  397.     }

  398. 

  399.     //获得MySql的版本号

  400.     function GetVersion($isformat = TRUE)

  401.     {

  402.         global $dsqlite;

  403.         if (!$dsqlite->isInit) {

  404.             $this->Init($this->pconnect);

  405.         }

  406.         if ($dsqlite->isClose) {

  407.             $this->Open(FALSE);

  408.             $dsqlite->isClose = FALSE;

  409.         }

  410.         $rs = $this->linkID->querySingle("select sqlite_version();");

  411.         $sqlite_version = $rs;

  412.         if ($isformat) {

  413.             $sqlite_versions = explode(".", trim($sqlite_version));

  414.             $sqlite_version = number_format($sqlite_versions[0] . "." . $sqlite_versions[1], 2);

  415.         }

  416.         return $sqlite_version;

  417.     }

  418. 

  419.     //获取特定表的信息

  420.     function GetTableFields($tbname, $id = "me")

  421.     {

  422.         global $dsqlite;

  423.         if (!$dsqlite->isInit) {

  424.             $this->Init($this->pconnect);

  425.         }

  426.         $prefix = "#@__";

  427.         $tbname = str_replace($prefix, $GLOBALS['cfg_dbprefix'], $tbname);

  428.         $query = "SELECT * FROM {$tbname} LIMIT 0,1";

  429.         $this->result[$id] = $this->linkID->query($query);

  430.     }

  431. 

  432.     //获取字段详细信息

  433.     function GetFieldObject($id = "me")

  434.     {

  435.         $cols = $this->result[$id]->numColumns();

  436.         $fields = array();

  437.         while ($row = $this->result[$id]->fetchArray()) {

  438.             for ($i = 1; $i < $cols; $i++) {

  439.                 $fields[] =  $this->result[$id]->columnName($i);

  440.             }

  441.         }

  442. 

  443.         return (object)$fields;

  444.     }

  445. 

  446.     //获得查询的总记录数

  447.     function GetTotalRow($id = "me")

  448.     {

  449.         $queryString = preg_replace("/SELECT(.*)FROM/isU", 'SELECT count(*) as dd FROM', $this->queryString);

  450.         $rs = $this->linkID->query($queryString);

  451.         $row = $rs->fetchArray();

  452.         return $row['dd'];

  453.     }

  454. 

  455.     //获取上一步INSERT操作产生的ID

  456.     function GetLastID()

  457.     {

  458.         //如果 AUTO_INCREMENT 的列的类型是 BIGINT,则 mysqli_insert_id() 返回的值将不正确。

  459.         //可以在 SQL 查询中用 MySQL 内部的 SQL 函数 LAST_INSERT_ID() 来替代。

  460.         //$rs = mysqli_query($this->linkID, "Select LAST_INSERT_ID() as lid");

  461.         //$row = mysqli_fetch_array($rs);

  462.         //return $row["lid"];

  463.         return $this->linkID->lastInsertRowID();

  464.     }

  465. 

  466.     //释放记录集占用的资源

  467.     function FreeResult($id = "me")

  468.     {

  469.         if ($this->result[$id]) {

  470.             @$this->result[$id]->reset();

  471.         }

  472.     }

  473.     function FreeResultAll()

  474.     {

  475.         if (!is_array($this->result)) {

  476.             return '';

  477.         }

  478.         foreach ($this->result as $kk => $vv) {

  479.             if ($vv) {

  480.                 @$vv->reset();

  481.             }

  482.         }

  483.     }

  484. 

  485.     //设置SQL语句,会自动把SQL语句里的#@__替换为$this->dbPrefix(在配置文件中为$cfg_dbprefix)

  486.     function SetQuery($sql)

  487.     {

  488.         $prefix = "#@__";

  489.         $sql = str_replace($prefix, $GLOBALS['cfg_dbprefix'], $sql);

  490.         $this->queryString = $sql;

  491.         //$this->queryString = preg_replace("/CONCAT\(',', arc.typeid2, ','\)/i","printf(',%s,', arc.typeid2)",$this->queryString);

  492.         if (preg_match("/CONCAT\(([^\)]*?)\)/i", $this->queryString, $matches)) {

  493.             $this->queryString = preg_replace("/CONCAT\(([^\)]*?)\)/i", str_replace(",", "||", $matches[1]), $this->queryString);

  494.             $this->queryString = str_replace("'||'", "','", $this->queryString);

  495.         }

  496. 

  497.         $this->queryString = preg_replace("/FIND_IN_SET\('([\w]+)', arc.flag\)>0/i", "(',' || arc.flag || ',') LIKE '%,\\1,%'", $this->queryString);

  498.         $this->queryString = preg_replace("/FIND_IN_SET\('([\w]+)', arc.flag\)<1/i", "(',' || arc.flag || ',') NOT LIKE '%,\\1,%'", $this->queryString);

  499.         if (preg_match("/CREATE TABLE/i", $this->queryString)) {

  500.             $this->queryString = preg_replace("/[\r\n]/", '', $this->queryString);

  501.             $this->queryString = preg_replace('/character set (.*?) /i', '', $this->queryString);

  502.             $this->queryString = preg_replace('/unsigned/i', '', $this->queryString);

  503.             $this->queryString = str_replace('TYPE=MyISAM', '', $this->queryString);

  504. 

  505.             $this->queryString = preg_replace('/TINYINT\(([\d]+)\)/i', 'INTEGER', $this->queryString);

  506.             $this->queryString = preg_replace('/mediumint\(([\d]+)\)/i', 'INTEGER', $this->queryString);

  507.             $this->queryString = preg_replace('/smallint\(([\d]+)\)/i', 'INTEGER', $this->queryString);

  508.             $this->queryString = preg_replace('/int\(([\d]+)\)/i', 'INTEGER', $this->queryString);

  509.             $this->queryString = preg_replace('/auto_increment/i', 'PRIMARY KEY AUTOINCREMENT', $this->queryString);

  510.             $this->queryString = preg_replace('/, KEY(.*?)MyISAM;/i', '', $this->queryString);

  511.             $this->queryString = preg_replace('/, KEY(.*?);/i', ');', $this->queryString);

  512.             $this->queryString = preg_replace('/, UNIQUE KEY(.*?);/i', ');', $this->queryString);

  513.             $this->queryString = preg_replace('/set\(([^\)]*?)\)/', 'varchar', $this->queryString);

  514.             $this->queryString = preg_replace('/enum\(([^\)]*?)\)/', 'varchar', $this->queryString);

  515.             if (preg_match("/PRIMARY KEY AUTOINCREMENT/", $this->queryString)) {

  516.                 $this->queryString = preg_replace('/,([\t\s ]+)PRIMARY KEY  \(`([0-9a-zA-Z]+)`\)/i', '', $this->queryString);

  517.                 $this->queryString = str_replace(',	PRIMARY KEY (`id`)', '', $this->queryString);

  518.             }

  519.         }

  520.         $this->queryString = preg_replace("/SHOW fields FROM `([\w]+)`/i", "PRAGMA table_info('\\1') ", $this->queryString);

  521.         $this->queryString = preg_replace("/SHOW CREATE TABLE .([\w]+)/i", "SELECT 0,sql FROM sqlite_master WHERE name='\\1'; ", $this->queryString);

  522.         //var_dump($this->queryString);

  523.         $this->queryString = preg_replace("/Show Tables/i", "SELECT name FROM sqlite_master WHERE type = \"table\"", $this->queryString);

  524.         $this->queryString = str_replace("\'", "\"", $this->queryString);

  525.         $this->queryString = str_replace('\t\n', "", $this->queryString);

  526.         //var_dump($this->queryString);

  527.     }

  528. 

  529.     function SetSql($sql)

  530.     {

  531.         $this->SetQuery($sql);

  532.     }

  533. 

  534.     function RecordLog($runtime = 0)

  535.     {

  536.         $RecordLogFile = dirname(__FILE__) . '/../data/mysqli_record_log.inc';

  537.         $url = $this->GetCurUrl();

  538.         $savemsg = <<<EOT

  539. 

  540. ------------------------------------------

  541. SQL:{$this->queryString}

  542. Page:$url

  543. Runtime:$runtime

  544. EOT;

  545.         $fp = @fopen($RecordLogFile, 'a');

  546.         @fwrite($fp, $savemsg);

  547.         @fclose($fp);

  548.     }

  549. 

  550.     //显示数据链接错误信息

  551.     function DisplayError($msg)

  552.     {

  553.         $errorTrackFile = dirname(__FILE__) . '/../data/mysqli_error_trace.inc';

  554.         if (file_exists(dirname(__FILE__) . '/../data/mysqli_error_trace.php')) {

  555.             @unlink(dirname(__FILE__) . '/../data/mysqli_error_trace.php');

  556.         }

  557.         if ($this->showError) {

  558.             $emsg = '';

  559.             $emsg .= "<div><h3>DedeBIZ Error Warning!</h3>\r\n";

  560.             $emsg .= "<div><a href='https://www.dedebiz.com' target='_blank' style='color:red'>Technical Support: https://www.dedebiz.com</a></div>";

  561.             $emsg .= "<div style='line-helght:160%;font-size:14px;color:green'>\r\n";

  562.             $emsg .= "<div style='color:blue'><br />Error page: <font color='red'>" . $this->GetCurUrl() . "</font></div>\r\n";

  563.             $emsg .= "<div>Error infos: {$msg}</div>\r\n";

  564.             $emsg .= "<br /></div></div>\r\n";

  565. 

  566.             echo $emsg;

  567.         }

  568. 

  569.         $savemsg = 'Page: ' . $this->GetCurUrl() . "\r\nError: " . $msg . "\r\nTime" . date('Y-m-d H:i:s');

  570.         //保存MySql错误日志

  571.         $fp = @fopen($errorTrackFile, 'a');

  572.         @fwrite($fp, '<' . '?php  exit();' . "\r\n/*\r\n{$savemsg}\r\n*/\r\n?" . ">\r\n");

  573.         @fclose($fp);

  574.     }

  575. 

  576.     //获得当前的脚本网址

  577.     function GetCurUrl()

  578.     {

  579.         if (!empty($_SERVER["REQUEST_URI"])) {

  580.             $scriptName = $_SERVER["REQUEST_URI"];

  581.             $nowurl = $scriptName;

  582.         } else {

  583.             $scriptName = $_SERVER["PHP_SELF"];

  584.             if (empty($_SERVER["QUERY_STRING"])) {

  585.                 $nowurl = $scriptName;

  586.             } else {

  587.                 $nowurl = $scriptName . "?" . $_SERVER["QUERY_STRING"];

  588.             }

  589.         }

  590.         return $nowurl;

  591.     }

  592. }

  593. 

  594. //复制一个对象副本

  595. function CopySQLiPoint(&$ndsql)

  596. {

  597.     $GLOBALS['dsqlite'] = $ndsql;

  598. }

  599. 

  600. //SQL语句过滤程序,由80sec提供,这里作了适当的修改

  601. if (!function_exists('CheckSql')) {

  602.     function CheckSql($db_string, $querytype = 'select')

  603.     {

  604.         global $cfg_cookie_encode;

  605.         $clean = '';

  606.         $error = '';

  607.         $old_pos = 0;

  608.         $pos = -1;

  609.         $log_file = DEDEINC . '/../data/' . md5($cfg_cookie_encode) . '_safe.txt';

  610.         $userIP = GetIP();

  611.         $getUrl = GetCurUrl();

  612. 

  613.         //如果是普通查询语句,直接过滤一些特殊语法

  614.         if ($querytype == 'select') {

  615.             $notallow1 = "[^0-9a-z@\._-]{1,}(union|sleep|benchmark|load_file|outfile)[^0-9a-z@\.-]{1,}";

  616. 

  617.             //$notallow2 = "--|/\*";

  618.             if (preg_match("/" . $notallow1 . "/i", $db_string)) {

  619.                 fputs(fopen($log_file, 'a+'), "$userIP||$getUrl||$db_string||SelectBreak\r\n");

  620.                 exit("<font size='5' color='red'>Safe Alert: Request Error step 1 !</font>");

  621.             }

  622.         }

  623. 

  624.         //完整的SQL检查

  625.         while (TRUE) {

  626.             $pos = strpos($db_string, '\'', $pos + 1);

  627.             if ($pos === FALSE) {

  628.                 break;

  629.             }

  630.             $clean .= substr($db_string, $old_pos, $pos - $old_pos);

  631.             while (TRUE) {

  632.                 $pos1 = strpos($db_string, '\'', $pos + 1);

  633.                 $pos2 = strpos($db_string, '\\', $pos + 1);

  634.                 if ($pos1 === FALSE) {

  635.                     break;

  636.                 } elseif ($pos2 == FALSE || $pos2 > $pos1) {

  637.                     $pos = $pos1;

  638.                     break;

  639.                 }

  640.                 $pos = $pos2 + 1;

  641.             }

  642.             $clean .= '$s$';

  643.             $old_pos = $pos + 1;

  644.         }

  645.         $clean .= substr($db_string, $old_pos);

  646.         $clean = trim(strtolower(preg_replace(array('~\s+~s'), array(' '), $clean)));

  647. 

  648.         if (

  649.             strpos($clean, '@') !== FALSE  or strpos($clean, 'char(') !== FALSE or strpos($clean, '"') !== FALSE

  650.             or strpos($clean, '$s$$s$') !== FALSE

  651.         ) {

  652.             $fail = TRUE;

  653.             if (preg_match("#^create table#i", $clean)) $fail = FALSE;

  654.             $error = "unusual character";

  655.         }

  656. 

  657.         //老版本的Mysql并不支持union,常用的程序里也不使用union,但是一些黑客使用它,所以检查它

  658.         if (strpos($clean, 'union') !== FALSE && preg_match('~(^|[^a-z])union($|[^[a-z])~s', $clean) != 0) {

  659.             $fail = TRUE;

  660.             $error = "union detect";

  661.         }

  662. 

  663.         //发布版本的程序可能比较少包括--,#这样的注释,但是黑客经常使用它们

  664.         elseif (strpos($clean, '/*') > 2 || strpos($clean, '--') !== FALSE || strpos($clean, '#') !== FALSE) {

  665.             $fail = TRUE;

  666.             $error = "comment detect";

  667.         }

  668. 

  669.         //这些函数不会被使用,但是黑客会用它来操作文件,down掉数据库

  670.         elseif (strpos($clean, 'sleep') !== FALSE && preg_match('~(^|[^a-z])sleep($|[^[a-z])~s', $clean) != 0) {

  671.             $fail = TRUE;

  672.             $error = "slown down detect";

  673.         } elseif (strpos($clean, 'benchmark') !== FALSE && preg_match('~(^|[^a-z])benchmark($|[^[a-z])~s', $clean) != 0) {

  674.             $fail = TRUE;

  675.             $error = "slown down detect";

  676.         } elseif (strpos($clean, 'load_file') !== FALSE && preg_match('~(^|[^a-z])load_file($|[^[a-z])~s', $clean) != 0) {

  677.             $fail = TRUE;

  678.             $error = "file fun detect";

  679.         } elseif (strpos($clean, 'into outfile') !== FALSE && preg_match('~(^|[^a-z])into\s+outfile($|[^[a-z])~s', $clean) != 0) {

  680.             $fail = TRUE;

  681.             $error = "file fun detect";

  682.         }

  683. 

  684.         //老版本的MYSQL不支持子查询,我们的程序里可能也用得少,但是黑客可以使用它来查询数据库敏感信息

  685.         elseif (preg_match('~\([^)]*?select~s', $clean) != 0) {

  686.             $fail = TRUE;

  687.             $error = "sub select detect";

  688.         }

  689.         if (!empty($fail)) {

  690.             fputs(fopen($log_file, 'a+'), "$userIP||$getUrl||$db_string||$error\r\n");

  691.             exit("<font size='5' color='red'>Safe Alert: Request Error step 2!</font>");

  692.         } else {

  693.             return $db_string;

  694.         }

  695.     }

  696. }