DedeBIZ
/
DedeV6
Tarkkaile 2
Äänestä 0
Fork 0
Koodi Pull-pyynnöt 0 Julkaisut 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
172 Commitit
3 Branchit
1.8GB
Puu: 8d541209e5
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from '8d541209e5'
${ noResults }
DedeV6/src/include/dedesqlite.class.php

764 lines
24KB
Raaka Blame Historia 

  1. <?php   if(!defined('DEDEINC')) exit("Request Error!");

  2. /**

  3.  * 数据库类

  4.  * 说明:系统底层数据库核心类

  5.  *      调用这个类前,请先设定这些外部变量

  6.  *      $GLOBALS['cfg_dbhost'];

  7.  *      $GLOBALS['cfg_dbuser'];

  8.  *      $GLOBALS['cfg_dbpwd'];

  9.  *      $GLOBALS['cfg_dbname'];

  10.  *      $GLOBALS['cfg_dbprefix'];

  11.  *

  12.  * @version        $Id: dedesqli.class.php 1 15:00 2011-1-21 tianya $

  13.  * @package        DedeCMS.Libraries

  14.  * @copyright      Copyright (c) 2007 - 2018, DesDev, Inc.

  15.  * @copyright      Copyright (c) 2020, DedeBIZ.COM

  16.  * @license        https://www.dedebiz.com/license/v6

  17.  * @link           https://www.dedebiz.com

  18.  */

  19. @set_time_limit(0);

  20. // 在工程所有文件中均不需要单独初始化这个类,可直接用 $dsql 或 $db 进行操作

  21. // 为了防止错误,操作完后不必关闭数据库

  22. $dsql = $dsqlitete = $db = new DedeSqlite(FALSE);

  23. /**

  24.  * Dede MySQLi数据库类

  25.  *

  26.  * @package        DedeSqli

  27.  * @subpackage     DedeCMS.Libraries

  28.  * @link           http://www.dedecms.com

  29.  */

  30. if (!defined('MYSQL_BOTH')) {

  31.      define('MYSQL_BOTH',MYSQLI_BOTH);

  32. }

  33. class DedeSqlite

  34. {

  35.     var $linkID;

  36.     var $dbHost;

  37.     var $dbUser;

  38.     var $dbPwd;

  39.     var $dbName;

  40.     var $dbPrefix;

  41.     var $result;

  42.     var $queryString;

  43.     var $parameters;

  44.     var $isClose;

  45.     var $safeCheck;

  46. 	var $showError=false;

  47.     var $recordLog=false; // 记录日志到data/mysqli_record_log.inc便于进行调试

  48. 	var $isInit=false;

  49. 	var $pconnect=false;

  50. 	var $_fixObject;

  51. 

  52.     //用外部定义的变量初始类,并连接数据库

  53.     function __construct($pconnect=FALSE,$nconnect=FALSE)

  54.     {

  55.         $this->isClose = FALSE;

  56.         $this->safeCheck = TRUE;

  57. 		$this->pconnect = $pconnect;

  58.         if($nconnect)

  59.         {

  60.             $this->Init($pconnect);

  61.         }

  62.     }

  63. 

  64.     function DedeSql($pconnect=FALSE,$nconnect=TRUE)

  65.     {

  66.         $this->__construct($pconnect,$nconnect);

  67.     }

  68. 

  69.     function Init($pconnect=FALSE)

  70.     {

  71.         $this->linkID = 0;

  72.         //$this->queryString = '';

  73.         //$this->parameters = Array();

  74.         $this->dbHost   =  $GLOBALS['cfg_dbhost'];

  75.         $this->dbUser   =  $GLOBALS['cfg_dbuser'];

  76.         $this->dbPwd    =  $GLOBALS['cfg_dbpwd'];

  77.         $this->dbName   =  $GLOBALS['cfg_dbname'];

  78.         $this->dbPrefix =  $GLOBALS['cfg_dbprefix'];

  79.         $this->result["me"] = 0;

  80.         $this->Open($pconnect);

  81.     }

  82. 

  83.     //用指定参数初始数据库信息

  84.     function SetSource($host,$username,$pwd,$dbname,$dbprefix="dede_")

  85.     {

  86.         $this->dbHost = $host;

  87.         $this->dbUser = $username;

  88.         $this->dbPwd = $pwd;

  89.         $this->dbName = $dbname;

  90.         $this->dbPrefix = $dbprefix;

  91.         $this->result["me"] = 0;

  92.     }

  93. 

  94.     //设置SQL里的参数

  95.     function SetParameter($key,$value)

  96.     {

  97.         $this->parameters[$key]=$value;

  98.     }

  99. 

  100.     //连接数据库

  101.     function Open($pconnect=FALSE)

  102.     {

  103.         global $dsqlite;

  104.         //连接数据库

  105.         if($dsqlite && !$dsqlite->isClose && $dsqlite->isInit)

  106.         {

  107.             $this->linkID = $dsqlite->linkID;

  108.         }

  109.         else

  110.         {

  111. 

  112.             $this->linkID = new SQLite3(DEDEDATA.'/'.$this->dbName.'.db');

  113. 

  114.             //复制一个对象副本

  115.             CopySQLiPoint($this);

  116.         }

  117. 

  118.         //处理错误,成功连接则选择数据库

  119.         if(!$this->linkID)

  120.         {

  121.             $this->DisplayError("DedeCMS错误警告:<font color='red'>连接数据库失败,可能数据库密码不对或数据库服务器出错!</font>");

  122.             exit();

  123.         }

  124. 		$this->isInit = TRUE;

  125.         return TRUE;

  126.     }

  127. 

  128.     //为了防止采集等需要较长运行时间的程序超时,在运行这类程序时设置系统等待和交互时间

  129.     function SetLongLink()

  130.     {

  131.         @mysqli_query("SET interactive_timeout=3600, wait_timeout=3600 ;", $this->linkID);

  132.     }

  133. 

  134.     //获得错误描述

  135.     function GetError()

  136.     {

  137.         $str = mysqli_error($this->linkID);

  138.         return $str;

  139.     }

  140. 

  141.     //关闭数据库

  142.     //mysql能自动管理非持久连接的连接池

  143.     //实际上关闭并无意义并且容易出错,所以取消这函数

  144.     function Close($isok=FALSE)

  145.     {

  146.         $this->FreeResultAll();

  147.         if($isok)

  148.         {

  149.             $this->linkID->close();

  150.             $this->isClose = TRUE;

  151.             $GLOBALS['dsql'] = NULL;

  152.         }

  153.     }

  154. 

  155.     //定期清理死连接

  156.     function ClearErrLink()

  157.     {

  158.     }

  159. 

  160.     //关闭指定的数据库连接

  161.     function CloseLink($dblink)

  162.     {

  163.     }

  164. 

  165.     function Esc( $_str )

  166.     {

  167.         return addslashes($_str);

  168.     }

  169. 

  170.     //执行一个不返回结果的SQL语句,如update,delete,insert等

  171.     function ExecuteNoneQuery($sql='')

  172.     {

  173.         global $dsqlite;

  174. 		if(!$dsqlite->isInit)

  175. 		{

  176. 			$this->Init($this->pconnect);

  177. 		}

  178.         if($dsqlite->isClose)

  179.         {

  180.             $this->Open(FALSE);

  181.             $dsqlite->isClose = FALSE;

  182.         }

  183.         if(!empty($sql))

  184.         {

  185.             $this->SetQuery($sql);

  186.         }else{

  187.             return FALSE;

  188.         }

  189.         if(is_array($this->parameters))

  190.         {

  191.             foreach($this->parameters as $key=>$value)

  192.             {

  193.                 $this->queryString = str_replace("@".$key,"'$value'",$this->queryString);

  194.             }

  195.         }

  196.         //SQL语句安全检查

  197.         if($this->safeCheck) CheckSql($this->queryString,'update');

  198. 

  199.         $t1 = ExecTime();

  200.         

  201.         $rs = $this->linkID->exec($this->queryString);

  202. 

  203. 

  204.         //查询性能测试

  205.         if($this->recordLog) {

  206. 			$queryTime = ExecTime() - $t1;

  207.             $this->RecordLog($queryTime);

  208.             //echo $this->queryString."--{$queryTime}<hr />\r\n";

  209.         }

  210.         return $rs;

  211.     }

  212. 

  213. 

  214.     //执行一个返回影响记录条数的SQL语句,如update,delete,insert等

  215.     function ExecuteNoneQuery2($sql='')

  216.     {

  217.         global $dsqlite;

  218. 		if(!$dsqlite->isInit)

  219. 		{

  220. 			$this->Init($this->pconnect);

  221. 		}

  222.         if($dsqlite->isClose)

  223.         {

  224.             $this->Open(FALSE);

  225.             $dsqlite->isClose = FALSE;

  226.         }

  227. 

  228.         if(!empty($sql))

  229.         {

  230.             $this->SetQuery($sql);

  231.         }

  232.         if(is_array($this->parameters))

  233.         {

  234.             foreach($this->parameters as $key=>$value)

  235.             {

  236.                 $this->queryString = str_replace("@".$key,"'$value'",$this->queryString);

  237.             }

  238.         }

  239.         $t1 = ExecTime();

  240.         $this->linkID->exec($this->queryString);

  241. 

  242.         //查询性能测试

  243.         if($this->recordLog) {

  244. 			$queryTime = ExecTime() - $t1;

  245.             $this->RecordLog($queryTime);

  246.             //echo $this->queryString."--{$queryTime}<hr />\r\n";

  247.         }

  248. 

  249.         return $this->linkID->changes();

  250.     }

  251. 

  252.     function ExecNoneQuery($sql='')

  253.     {

  254.         return $this->ExecuteNoneQuery($sql);

  255.     }

  256. 

  257.     function GetFetchRow($id='me')

  258.     {

  259.         return $this->result[$id]->numColumns();

  260.     }

  261. 

  262.     function GetAffectedRows()

  263.     {

  264.         return $this->linkID->changes();

  265.     }

  266. 

  267.     //执行一个带返回结果的SQL语句,如SELECT,SHOW等

  268.     function Execute($id="me", $sql='')

  269.     {

  270.         global $dsqlite;

  271. 		if(!$dsqlite->isInit)

  272. 		{

  273. 			$this->Init($this->pconnect);

  274. 		}

  275.         if($dsqlite->isClose)

  276.         {

  277.             $this->Open(FALSE);

  278.             $dsqlite->isClose = FALSE;

  279.         }

  280.         if(!empty($sql))

  281.         {

  282.             $this->SetQuery($sql);

  283.         }

  284.         //SQL语句安全检查

  285.         if($this->safeCheck)

  286.         {

  287.             CheckSql($this->queryString);

  288.         }

  289. 

  290.         $t1 = ExecTime();

  291.         //var_dump($this->queryString);

  292.         

  293.         $this->result[$id] = $this->linkID->query($this->queryString);

  294.         

  295. 		//var_dump(mysql_error());

  296. 

  297.         //查询性能测试

  298.         if($this->recordLog) {

  299. 			$queryTime = ExecTime() - $t1;

  300.             $this->RecordLog($queryTime);

  301.             //echo $this->queryString."--{$queryTime}<hr />\r\n";

  302.         }

  303. 

  304.         if($this->result[$id]===FALSE)

  305.         {

  306.             $this->DisplayError($this->linkID->lastErrorMsg()." <br />Error sql: <font color='red'>".$this->queryString."</font>");

  307.         }

  308.     }

  309. 

  310.     function Query($id="me",$sql='')

  311.     {

  312.         $this->Execute($id,$sql);

  313.     }

  314. 

  315.     //执行一个SQL语句,返回前一条记录或仅返回一条记录

  316.     function GetOne($sql='',$acctype=MYSQLI_ASSOC)

  317.     {

  318.         global $dsqlite;

  319. 		if(!$dsqlite->isInit)

  320. 		{

  321. 			$this->Init($this->pconnect);

  322. 		}

  323.         if($dsqlite->isClose)

  324.         {

  325.             $this->Open(FALSE);

  326.             $dsqlite->isClose = FALSE;

  327.         }

  328.         if(!empty($sql))

  329.         {

  330.             if(!preg_match("/LIMIT/i",$sql)) $this->SetQuery(preg_replace("/[,;]$/i", '', trim($sql))." LIMIT 0,1;");

  331.             else $this->SetQuery($sql);

  332.         }

  333.         $this->Execute("one");

  334.         $arr = $this->GetArray("one", $acctype);

  335.         if(!is_array($arr))

  336.         {

  337.             return '';

  338.         }

  339.         else

  340.         {

  341.             $this->result["one"]->reset(); return($arr);

  342.         }

  343.     }

  344. 

  345.     //执行一个不与任何表名有关的SQL语句,Create等

  346.     function ExecuteSafeQuery($sql,$id="me")

  347.     {

  348.         global $dsqlite;

  349. 		if(!$dsqlite->isInit)

  350. 		{

  351. 			$this->Init($this->pconnect);

  352. 		}

  353.         if($dsqlite->isClose)

  354.         {

  355.             $this->Open(FALSE);

  356.             $dsqlite->isClose = FALSE;

  357.         }

  358.         $this->result[$id] = $this->linkID->query($sql);

  359.     }

  360. 

  361.     //返回当前的一条记录并把游标移向下一记录

  362.     // SQLITE3_ASSOC、SQLITE3_NUM、SQLITE3_BOTH

  363.     function GetArray($id="me",$acctype=SQLITE3_ASSOC)

  364.     {

  365.         switch ( $acctype )

  366.         {

  367.             case MYSQL_ASSOC:

  368.                 $acctype = SQLITE3_ASSOC;

  369.                 break;    

  370.             case MYSQL_NUM:

  371.                 $acctype = SQLITE3_NUM;

  372.                 break;  

  373.             default:

  374.                 $acctype = SQLITE3_BOTH;

  375.                 break;

  376.         }

  377.         

  378.         if($this->result[$id]===0)

  379.         {

  380.             return FALSE;

  381.         }

  382.         else

  383.         {

  384.             $rs = $this->result[$id]->fetchArray($acctype);

  385.             if ( !$rs ) {

  386.                 $this->result[$id]=0;

  387.                 return false;

  388.             }

  389.             return $rs;

  390.         }

  391.     }

  392. 

  393.     function GetObject($id="me")

  394.     {

  395.         if ( !isset($this->_fixObject[$id]) )

  396.         {

  397.             $this->_fixObject[$id] = array();

  398.             while ( $row = $this->result[$id]->fetchArray(SQLITE3_ASSOC) )

  399.             {

  400.                 $this->_fixObject[$id][] = (object)$row;

  401.             }

  402.             $this->result[$id]->reset();

  403.         }

  404.         return array_shift($this->_fixObject[$id]);

  405.     }

  406. 

  407.     // 检测是否存在某数据表

  408.     function IsTable($tbname)

  409.     {

  410.         global $dsqlite;

  411. 		if(!$dsqlite->isInit)

  412. 		{

  413. 			$this->Init($this->pconnect);

  414. 		}

  415.         $prefix="#@__";

  416.         $tbname = str_replace($prefix, $GLOBALS['cfg_dbprefix'], $tbname);

  417. 

  418.         $row = $this->linkID->querySingle( "PRAGMA table_info({$tbname});");

  419.         

  420.         if( $row !== null )

  421.         {

  422.             return TRUE;

  423.         }

  424.         return FALSE;

  425.     }

  426. 

  427.     //获得MySql的版本号

  428.     function GetVersion($isformat=TRUE)

  429.     {

  430.         global $dsqlite;

  431. 		if(!$dsqlite->isInit)

  432. 		{

  433. 			$this->Init($this->pconnect);

  434. 		}

  435.         if($dsqlite->isClose)

  436.         {

  437.             $this->Open(FALSE);

  438.             $dsqlite->isClose = FALSE;

  439.         }

  440.         $rs = $this->linkID->querySingle("select sqlite_version();");

  441.         $sqlite_version = $rs;

  442.         if($isformat)

  443.         {

  444.             $sqlite_versions = explode(".",trim($sqlite_version));

  445.             $sqlite_version = number_format($sqlite_versions[0].".".$sqlite_versions[1],2);

  446.         }

  447.         return $sqlite_version;

  448.     }

  449. 

  450.     //获取特定表的信息

  451.     function GetTableFields($tbname, $id="me")

  452.     {

  453. 		global $dsqlite;

  454. 		if(!$dsqlite->isInit)

  455. 		{

  456. 			$this->Init($this->pconnect);

  457. 		}

  458.         $prefix="#@__";

  459.         $tbname = str_replace($prefix, $GLOBALS['cfg_dbprefix'], $tbname);

  460.         $query = "SELECT * FROM {$tbname} LIMIT 0,1";

  461.         $this->result[$id] = $this->linkID->query($query);

  462.     }

  463. 

  464.     //获取字段详细信息

  465.     function GetFieldObject($id="me")

  466.     {

  467.         $cols = $this->result[$id]->numColumns(); 

  468.         $fields = array();

  469.         while ($row = $this->result[$id]->fetchArray()) { 

  470.             for ($i = 1; $i < $cols; $i++) { 

  471.                 $fields[] =  $this->result[$id]->columnName($i); 

  472.             } 

  473.         } 

  474.         

  475.         return (object)$fields;

  476.     }

  477. 

  478.     //获得查询的总记录数

  479.     function GetTotalRow($id="me")

  480.     {

  481.         $queryString = preg_replace("/SELECT(.*)FROM/isU",'SELECT count(*) as dd FROM',$this->queryString);

  482.         $rs = $this->linkID->query($queryString);

  483.         $row = $rs->fetchArray();

  484.         return $row['dd'];

  485.     }

  486. 

  487.     //获取上一步INSERT操作产生的ID

  488.     function GetLastID()

  489.     {

  490.         //如果 AUTO_INCREMENT 的列的类型是 BIGINT,则 mysqli_insert_id() 返回的值将不正确。

  491.         //可以在 SQL 查询中用 MySQL 内部的 SQL 函数 LAST_INSERT_ID() 来替代。

  492.         //$rs = mysqli_query($this->linkID, "Select LAST_INSERT_ID() as lid");

  493.         //$row = mysqli_fetch_array($rs);

  494.         //return $row["lid"];

  495.         return $this->linkID->lastInsertRowID();

  496.     }

  497. 

  498.     //释放记录集占用的资源

  499.     function FreeResult($id="me")

  500.     {

  501.         if ( $this->result[$id] )

  502.         {

  503.             @$this->result[$id]->reset();

  504.         }

  505.         

  506.     }

  507.     function FreeResultAll()

  508.     {

  509.         if(!is_array($this->result))

  510.         {

  511.             return '';

  512.         }

  513.         foreach($this->result as $kk => $vv)

  514.         {

  515.             if($vv)

  516.             {

  517.                 @$vv->reset();

  518.             }

  519.         }

  520.     }

  521. 

  522.     //设置SQL语句,会自动把SQL语句里的#@__替换为$this->dbPrefix(在配置文件中为$cfg_dbprefix)

  523.     function SetQuery($sql)

  524.     {

  525.         $prefix="#@__";

  526.         $sql = str_replace($prefix,$GLOBALS['cfg_dbprefix'],$sql);

  527.         $this->queryString = $sql;

  528.         //$this->queryString = preg_replace("/CONCAT\(',', arc.typeid2, ','\)/i","printf(',%s,', arc.typeid2)",$this->queryString);

  529.         if ( preg_match("/CONCAT\(([^\)]*?)\)/i",$this->queryString,$matches) )

  530.         {

  531.             $this->queryString = preg_replace("/CONCAT\(([^\)]*?)\)/i",str_replace(",","||",$matches[1]), $this->queryString);

  532.             $this->queryString = str_replace("'||'","','",$this->queryString);

  533.         }

  534.         

  535.         $this->queryString = preg_replace("/FIND_IN_SET\('([\w]+)', arc.flag\)>0/i","(',' || arc.flag || ',') LIKE '%,\\1,%'",$this->queryString);

  536.         $this->queryString = preg_replace("/FIND_IN_SET\('([\w]+)', arc.flag\)<1/i","(',' || arc.flag || ',') NOT LIKE '%,\\1,%'",$this->queryString);

  537.         if ( preg_match("/CREATE TABLE/i",$this->queryString) )

  538.         {

  539.             $this->queryString = preg_replace("/[\r\n]/",'',$this->queryString);

  540.             $this->queryString = preg_replace('/character set (.*?) /i','',$this->queryString);

  541.             $this->queryString = preg_replace('/unsigned/i','',$this->queryString);

  542.             $this->queryString = str_replace('TYPE=MyISAM','',$this->queryString);

  543.             

  544.             $this->queryString = preg_replace ('/TINYINT\(([\d]+)\)/i','INTEGER',$this->queryString);

  545.             $this->queryString = preg_replace ('/mediumint\(([\d]+)\)/i','INTEGER',$this->queryString);

  546.             $this->queryString = preg_replace ('/smallint\(([\d]+)\)/i','INTEGER',$this->queryString);

  547.             $this->queryString = preg_replace('/int\(([\d]+)\)/i','INTEGER',$this->queryString);

  548.             $this->queryString = preg_replace('/auto_increment/i','PRIMARY KEY AUTOINCREMENT',$this->queryString);

  549.             $this->queryString = preg_replace('/, KEY(.*?)MyISAM;/i','',$this->queryString);

  550.             $this->queryString = preg_replace('/, KEY(.*?);/i',');',$this->queryString);

  551.             $this->queryString = preg_replace('/, UNIQUE KEY(.*?);/i',');',$this->queryString);

  552.             $this->queryString = preg_replace('/set\(([^\)]*?)\)/','varchar',$this->queryString);

  553.             $this->queryString = preg_replace('/enum\(([^\)]*?)\)/','varchar',$this->queryString);

  554.             if ( preg_match("/PRIMARY KEY AUTOINCREMENT/",$this->queryString) )

  555.             {

  556.                 $this->queryString = preg_replace('/,([\t\s ]+)PRIMARY KEY  \(`([0-9a-zA-Z]+)`\)/i','',$this->queryString);

  557.                 $this->queryString = str_replace(',	PRIMARY KEY (`id`)','',$this->queryString);

  558.             }

  559.         }

  560.         $this->queryString = preg_replace("/SHOW fields FROM `([\w]+)`/i","PRAGMA table_info('\\1') ",$this->queryString);

  561.         $this->queryString = preg_replace("/SHOW CREATE TABLE .([\w]+)/i","SELECT 0,sql FROM sqlite_master WHERE name='\\1'; ",$this->queryString);

  562.         //var_dump($this->queryString);

  563.         $this->queryString = preg_replace("/Show Tables/i","SELECT name FROM sqlite_master WHERE type = \"table\"",$this->queryString);

  564.         $this->queryString = str_replace("\'","\"",$this->queryString);

  565.         //var_dump($this->queryString);

  566.     }

  567. 

  568.     function SetSql($sql)

  569.     {

  570.         $this->SetQuery($sql);

  571.     }

  572. 

  573. 	function RecordLog($runtime=0)

  574. 	{

  575. 		$RecordLogFile = dirname(__FILE__).'/../data/mysqli_record_log.inc';

  576. 		$url = $this->GetCurUrl();

  577. 		$savemsg = <<<EOT

  578. 

  579. ------------------------------------------

  580. SQL:{$this->queryString}

  581. Page:$url

  582. Runtime:$runtime

  583. EOT;

  584.         $fp = @fopen($RecordLogFile, 'a');

  585.         @fwrite($fp, $savemsg);

  586.         @fclose($fp);

  587. 	}

  588. 

  589.     //显示数据链接错误信息

  590.     function DisplayError($msg)

  591.     {

  592.         $errorTrackFile = dirname(__FILE__).'/../data/mysqli_error_trace.inc';

  593.         if( file_exists(dirname(__FILE__).'/../data/mysqli_error_trace.php') )

  594.         {

  595.             @unlink(dirname(__FILE__).'/../data/mysqli_error_trace.php');

  596.         }

  597. 		if($this->showError)

  598. 		{

  599. 			$emsg = '';

  600. 			$emsg .= "<div><h3>DedeCMS Error Warning!</h3>\r\n";

  601. 			$emsg .= "<div><a href='http://bbs.dedecms.com' target='_blank' style='color:red'>Technical Support: http://bbs.dedecms.com</a></div>";

  602. 			$emsg .= "<div style='line-helght:160%;font-size:14px;color:green'>\r\n";

  603. 			$emsg .= "<div style='color:blue'><br />Error page: <font color='red'>".$this->GetCurUrl()."</font></div>\r\n";

  604. 			$emsg .= "<div>Error infos: {$msg}</div>\r\n";

  605. 			$emsg .= "<br /></div></div>\r\n";

  606. 

  607. 			echo $emsg;

  608. 		}

  609. 

  610.         $savemsg = 'Page: '.$this->GetCurUrl()."\r\nError: ".$msg."\r\nTime".date('Y-m-d H:i:s');

  611.         //保存MySql错误日志

  612.         $fp = @fopen($errorTrackFile, 'a');

  613.         @fwrite($fp, '<'.'?php  exit();'."\r\n/*\r\n{$savemsg}\r\n*/\r\n?".">\r\n");

  614.         @fclose($fp);

  615.     }

  616. 

  617.     //获得当前的脚本网址

  618.     function GetCurUrl()

  619.     {

  620.         if(!empty($_SERVER["REQUEST_URI"]))

  621.         {

  622.             $scriptName = $_SERVER["REQUEST_URI"];

  623.             $nowurl = $scriptName;

  624.         }

  625.         else

  626.         {

  627.             $scriptName = $_SERVER["PHP_SELF"];

  628.             if(empty($_SERVER["QUERY_STRING"])) {

  629.                 $nowurl = $scriptName;

  630.             }

  631.             else {

  632.                 $nowurl = $scriptName."?".$_SERVER["QUERY_STRING"];

  633.             }

  634.         }

  635.         return $nowurl;

  636.     }

  637. 

  638. }

  639. 

  640. //复制一个对象副本

  641. function CopySQLiPoint(&$ndsql)

  642. {

  643.     $GLOBALS['dsqlite'] = $ndsql;

  644. }

  645. 

  646. //SQL语句过滤程序,由80sec提供,这里作了适当的修改

  647. if (!function_exists('CheckSql'))

  648. {

  649.     function CheckSql($db_string,$querytype='select')

  650.     {

  651.         global $cfg_cookie_encode;

  652.         $clean = '';

  653.         $error='';

  654.         $old_pos = 0;

  655.         $pos = -1;

  656.         $log_file = DEDEINC.'/../data/'.md5($cfg_cookie_encode).'_safe.txt';

  657.         $userIP = GetIP();

  658.         $getUrl = GetCurUrl();

  659. 

  660.         //如果是普通查询语句,直接过滤一些特殊语法

  661.         if($querytype=='select')

  662.         {

  663.             $notallow1 = "[^0-9a-z@\._-]{1,}(union|sleep|benchmark|load_file|outfile)[^0-9a-z@\.-]{1,}";

  664. 

  665.             //$notallow2 = "--|/\*";

  666.             if(preg_match("/".$notallow1."/i", $db_string))

  667.             {

  668.                 fputs(fopen($log_file,'a+'),"$userIP||$getUrl||$db_string||SelectBreak\r\n");

  669.                 exit("<font size='5' color='red'>Safe Alert: Request Error step 1 !</font>");

  670.             }

  671.         }

  672. 

  673.         //完整的SQL检查

  674.         while (TRUE)

  675.         {

  676.             $pos = strpos($db_string, '\'', $pos + 1);

  677.             if ($pos === FALSE)

  678.             {

  679.                 break;

  680.             }

  681.             $clean .= substr($db_string, $old_pos, $pos - $old_pos);

  682.             while (TRUE)

  683.             {

  684.                 $pos1 = strpos($db_string, '\'', $pos + 1);

  685.                 $pos2 = strpos($db_string, '\\', $pos + 1);

  686.                 if ($pos1 === FALSE)

  687.                 {

  688.                     break;

  689.                 }

  690.                 elseif ($pos2 == FALSE || $pos2 > $pos1)

  691.                 {

  692.                     $pos = $pos1;

  693.                     break;

  694.                 }

  695.                 $pos = $pos2 + 1;

  696.             }

  697.             $clean .= '$s$';

  698.             $old_pos = $pos + 1;

  699.         }

  700.         $clean .= substr($db_string, $old_pos);

  701.         $clean = trim(strtolower(preg_replace(array('~\s+~s' ), array(' '), $clean)));

  702. 

  703.         if (strpos($clean, '@') !== FALSE  OR strpos($clean,'char(')!== FALSE OR strpos($clean,'"')!== FALSE

  704.         OR strpos($clean,'$s$$s$')!== FALSE)

  705.         {

  706.             $fail = TRUE;

  707.             if(preg_match("#^create table#i",$clean)) $fail = FALSE;

  708.             $error="unusual character";

  709.         }

  710. 

  711.         //老版本的Mysql并不支持union,常用的程序里也不使用union,但是一些黑客使用它,所以检查它

  712.         if (strpos($clean, 'union') !== FALSE && preg_match('~(^|[^a-z])union($|[^[a-z])~s', $clean) != 0)

  713.         {

  714.             $fail = TRUE;

  715.             $error="union detect";

  716.         }

  717. 

  718.         //发布版本的程序可能比较少包括--,#这样的注释,但是黑客经常使用它们

  719.         elseif (strpos($clean, '/*') > 2 || strpos($clean, '--') !== FALSE || strpos($clean, '#') !== FALSE)

  720.         {

  721.             $fail = TRUE;

  722.             $error="comment detect";

  723.         }

  724. 

  725.         //这些函数不会被使用,但是黑客会用它来操作文件,down掉数据库

  726.         elseif (strpos($clean, 'sleep') !== FALSE && preg_match('~(^|[^a-z])sleep($|[^[a-z])~s', $clean) != 0)

  727.         {

  728.             $fail = TRUE;

  729.             $error="slown down detect";

  730.         }

  731.         elseif (strpos($clean, 'benchmark') !== FALSE && preg_match('~(^|[^a-z])benchmark($|[^[a-z])~s', $clean) != 0)

  732.         {

  733.             $fail = TRUE;

  734.             $error="slown down detect";

  735.         }

  736.         elseif (strpos($clean, 'load_file') !== FALSE && preg_match('~(^|[^a-z])load_file($|[^[a-z])~s', $clean) != 0)

  737.         {

  738.             $fail = TRUE;

  739.             $error="file fun detect";

  740.         }

  741.         elseif (strpos($clean, 'into outfile') !== FALSE && preg_match('~(^|[^a-z])into\s+outfile($|[^[a-z])~s', $clean) != 0)

  742.         {

  743.             $fail = TRUE;

  744.             $error="file fun detect";

  745.         }

  746. 

  747.         //老版本的MYSQL不支持子查询,我们的程序里可能也用得少,但是黑客可以使用它来查询数据库敏感信息

  748.         elseif (preg_match('~\([^)]*?select~s', $clean) != 0)

  749.         {

  750.             $fail = TRUE;

  751.             $error="sub select detect";

  752.         }

  753.         if (!empty($fail))

  754.         {

  755.             fputs(fopen($log_file,'a+'),"$userIP||$getUrl||$db_string||$error\r\n");

  756.             exit("<font size='5' color='red'>Safe Alert: Request Error step 2!</font>");

  757.         }

  758.         else

  759.         {

  760.             return $db_string;

  761.         }

  762.     }

  763. }