Home  >  Article  >  Backend Development  >  mysql database connection program_PHP tutorial

mysql database connection program_PHP tutorial

WBOY
WBOYOriginal
2016-07-13 17:05:22984browse

mysql tutorial database tutorial connection program
The database connection program provided here also provides a SQL security detection function and SQL statement integrity detection function. */

class db_mysql {
var $connid;
var $querynum = 0;
var $expires;
var $cursor = 0;
var $cache_id = '';
var $cache_file = '';
var $cache_expires = '';
var $halt = 0;
var $result = array();

function connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect = 0) {
global $cfg;
$this->expires = $cfg['db_expires'];
$func = $pconnect == 1 ? 'mysql_pconnect' : 'mysql_connect';
if(!$this->connid = $func($dbhost, $dbuser, $dbpw)) {
$this->halt('can not connect to mysql server');
}
if($this->version() > '4.1' && $cfg['db_charset']) {
Mysql_query("set names '".$cfg['db_charset']."'" , $this->connid);
}
if($this->version() > '5.0') {
Mysql_query("set sql_mode=''" , $this->connid);
}
if($dbname) {
If(!mysql_select_db($dbname, $this->connid)) {
$this->halt('cannot use database '.$dbname);
}
}
return $this->connid;
}

function select_db($dbname) {
Return mysql_select_db($dbname, $this->connid);
}

function query($sql, $type = '', $expires = 0, $save_id = false) {
          $sql=checksql($sql);
if($type == 'cache' && stristr($sql, 'select')) {
$this->cursor = 0;
$this->cache_id = md5($sql);
$this->result = array();
$this->cache_expires = $expires ? $expires + mt_rand(-9, 9) : $this->expires;
Return $this->_query($sql);
}
if(!$save_id) $this->cache_id = 0;
$func = $type == 'unbuffered' ? 'mysql_unbuffered_query' : 'mysql_query';
if(!($query = $func($sql , $this->connid)) && $this->halt) {
$this->halt('mysql query error', $sql);
}
$this->querynum++;
return $query;
}

function get_one($sql, $type = '', $expires = 0) {
$query = $this->query($sql, $type, $expires);
$r = $this->fetch_array($query);
$this->free_result($query);
Return $r ;
}

function counter($table, $condition = '', $type = '', $expires = 0) {
global $cfg;
$table = strpos($table, $cfg['tb_pre']) === false ? $cfg['tb_pre'].$table : $table;
$sql = "select count(*) as num from {$table}";
if($condition) $sql .= " where $condition";
$r = $this->get_one($sql, $type, $expires);
return $r ? $r['num'] : 0;
}

function fetch_array($query, $result_type = mysql_assoc) {
return $this->cache_id ? $this->_fetch_array($query) : @mysql_fetch_array($query, $result_type);
}

function affected_rows() {
Return mysql_affected_rows($this->connid);
}

function num_rows($query) {
Return mysql_num_rows($query);
}

function num_fields($query) {
Return mysql_num_fields($query);
}
function escape_string($str){
Return mysql_escape_string($str);
}
function result($query, $row) {
Return @mysql_result($query, $row);
}

function free_result($query) {
Return @mysql_free_result($query);
}

function insert_id() {
Return mysql_insert_id($this->connid);
}

function fetch_row($query) {
Return mysql_fetch_row($query);
}

function version() {
Return mysql_get_server_info($this->connid);
}

function close() {
Return mysql_close($this->connid);
}

 function error() {
  return @mysql_error($this->connid);
 }

 function errno() {
  return intval(@mysql_errno($this->connid)) ;
 }

 function halt($message = '', $sql = '') {
  global $cfg;
  if($message) {
   if($cfg['errlog']) {
    $log = "query:$sql|errno:".$this->errno()."|error:".$this->error()."|errmsg:$message";
    log_write($log, 'sql');
   }
  }
        showmsg("mysqlerror:$message",'-1');
        exit();
 }

 function _query($sql) {
  global $fr_time;
  $this->cache_file = cache_root.'/sql/'.substr($this->cache_id, 0, 2).'/'.$this->cache_id.'.php教程';
  if(!is_file($this->cache_file) || ($fr_time - @filemtime($this->cache_file) > $this->cache_expires)) {
   $tmp = array();
   $result = $this->query($sql, '', '', true);
   while($r = mysql_fetch_array($result, mysql_assoc)) {
    $tmp[] = $r;
   }
   $this->result = $tmp;
   $this->free_result($result);
   file_put($this->cache_file, "cache_expires)."*/ return ".var_export($this->result, true).";n?>");
  } else {
      $this->result = include $this->cache_file;
  }
  return $this->result;
 }

 function _fetch_array($query = array()) {
  if($query) $this->result = $query;
  if(isset($this->result[$this->cursor])) {
   return $this->result[$this->cursor++];
  } else {
   $this->cursor = $this->cache_id = 0;
   return array();
  }
 }
}

function checksql($dbstr,$querytype='select'){
$clean = '';
$old_pos = 0;
$pos = -1;
//Ordinary statements, directly filter special syntax
if($querytype=='select'){
$nastr = "/[^0-9a-z@._-]{1,}(union|sleep|benchmark|load_file|outfile)[^0-9a-z@.-]{1,}/i" ;
if(preg_match($nastr,$dbstr)){
Log_write($dbstr,'sql');
             showmsg('safeerror:10001', 'Web page special effects:;');
exit();
}
}
//Complete sql check
while (true){
$pos = strpos($dbstr, ''', $pos + 1);
if ($pos === false){
Break;
}
$clean .= substr($dbstr, $old_pos, $pos - $old_pos);
while (true){
$pos1 = strpos($dbstr, ''', $pos + 1);
$pos2 = strpos($dbstr, '', $pos + 1);
if ($pos1 === false){
Break;
}
elseif ($pos2 == false || $pos2 > $pos1){
$pos = $pos1;
Break;
}
$pos = $pos2 + 1;
}
$clean .= '$s$';
$old_pos = $pos + 1;
}
$clean .= substr($dbstr, $old_pos);
$clean = trim(strtolower(preg_replace(array('~s+~s' ), ​​array(' '), $clean)));
if (strpos($clean, 'union') !== false && preg_match('~(^|[^a-z])union($|[^[a-z])~s', $clean) != 0){
$fail = true;
}
elseif (strpos($clean, '/*') > 2 || strpos($clean, '--') !== false || strpos($clean, '#') !== false){
$fail = true;
}
elseif (strpos($clean, 'sleep') !== false && preg_match('~(^|[^a-z])sleep($|[^[a-z])~s', $clean) != 0){
$fail = true;
}
elseif (strpos($clean, 'benchmark') !== false && preg_match('~(^|[^a-z])benchmark($|[^[a-z])~s', $clean) != 0){
$fail = true;
}
elseif (strpos($clean, 'load_file') !== false && preg_match('~(^|[^a-z])load_file($|[^[a-z])~s', $clean) != 0){
$fail = true;
}
elseif (strpos($clean, 'into outfile') !== false && preg_match('~(^|[^a-z])intos+outfile($|[^[a-z])~s', $clean) != 0){
$fail = true;
}
elseif (preg_match('~([^)]*?select~s', $clean) != 0){
$fail = true;
}
if (!empty($fail)){
Log_write($dbstr,'sql');
showmsg('safeerror:10002', 'javascript:;');exit;
}
else
{
return $dbstr;
}
}

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/630779.htmlTechArticlemysql tutorial database tutorial connection program The database connection program provided here also provides a sql security detection function and SQL statement integrity detection function. */ class db_mysql...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn