DZX filter function encapsulation extraction sharing

I newly installed dzx, and suddenly I remembered that the server is php5.4.10. The *_magic_quotes_* functions are disabled and not supported. Want to see how dzx does it. I looked through the code. No addslashes found. Then the filter function of dzx was extracted. Share it. It's of no use. You can take a look.


All function definitions are in /source/class/discuz/discuz_database.php

The DB class is defined at the bottom of /source/class/class_core.php

function quote($str, $noarray = false) {

 if (is_string($str))
 return ''' . addcslashes($str, "nr\'"



function quote_field($field) {
 if (is_array($field)) {
 foreach ($field as $k => $v) {
 $field[$k] = self::quote_field($ v);
 }
 } else {
 if (strpos($field, '`') !== false)
 $field = str_replace(''', '', $field);
 $field = '`' . $field . '`';
 }
 return $field;
}


Copy code

$count = substr_count($sql, '%');

 throw new DbException('SQL string format error! This SQL need "' . $count . '" vars to replace into.', 0, $sql);
 }

 $len = strlen( $sql);
 $i = $find = 0;
 $ret = '';
 while ($i <= $len && $find < $count) {
 if ($sql{$i} == '%') {
 $next = $sql{$i + 1};
 if ($next == 't') {
 $ret .= self::table($arg[$find]);
 } elseif ($next == 's') {

$ ret .= dintval($arg[$find]);

 if (!empty($arg[$find])) {
 $ret .= is_array($arg[$find]) ? implode(',', self::quote($arg[$find])) : self::quote($arg[$find]);
 } else {
 $ret .= '0';
 }
 } else {
 $ret .= self::quote($arg[$find]) ;
 }
 $i++;
 $find++;
 } else {
 $ret .= $sql{$i};
 }
 $i++;
 }
 if ($i < $len) {
 $ret . = substr($sql, $i);
 }
 return $ret;
}

}


Copy code