| 1 |
diff -ur gui_/include/class.database.php /var/www/ispcp/gui/include/class.database.php |
|---|
| 2 |
--- gui_/include/class.database.php 2008-07-02 23:12:12.000000000 +0300 |
|---|
| 3 |
+++ /var/www/ispcp/gui/include/class.database.php 2008-07-03 13:30:04.000000000 +0300 |
|---|
| 4 |
@@ -35,6 +35,14 @@ |
|---|
| 5 |
return $this->_db->errorInfo(); |
|---|
| 6 |
} |
|---|
| 7 |
|
|---|
| 8 |
+ public function MyQuery($sql) { |
|---|
| 9 |
+ if(preg_match("/((ALTER )|(CREATE )|(DROP )|(GRANT )|(REVOKE )|(FLUSH ))/i", $sql, $matches) > 0) $this->_db->setAttribute(PDO::MYSQL_ATTR_DIRECT_QUERY, true); |
|---|
| 10 |
+ else $this->_db->setAttribute(PDO::MYSQL_ATTR_DIRECT_QUERY, false); |
|---|
| 11 |
+ $ret = $this->_db->query($sql); |
|---|
| 12 |
+ if ($ret instanceof PDOStatement) return new DatabaseResult($ret); |
|---|
| 13 |
+ return $ret; |
|---|
| 14 |
+ } |
|---|
| 15 |
+ |
|---|
| 16 |
public function Execute($sql, $param = null) { |
|---|
| 17 |
if ($sql instanceof PDOStatement) { |
|---|
| 18 |
if (is_array($param)) |
|---|
| 19 |
Only in /var/www/ispcp/gui/include/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer/HTML: 3.1.1,730b6e78af390b2943b70942a5354214,1.ser |
|---|
| 20 |
diff -ur gui_/include/sql.php /var/www/ispcp/gui/include/sql.php |
|---|
| 21 |
--- gui_/include/sql.php 2008-07-02 23:12:12.000000000 +0300 |
|---|
| 22 |
+++ /var/www/ispcp/gui/include/sql.php 2008-07-03 13:53:18.000000000 +0300 |
|---|
| 23 |
@@ -39,26 +39,52 @@ |
|---|
| 24 |
Config::set('DB_USER', null); |
|---|
| 25 |
Config::set('DB_PASS', null); |
|---|
| 26 |
|
|---|
| 27 |
+function _pseudo_Prepare($query){ |
|---|
| 28 |
+ if(!is_array($query)||!isset($query[0])||!isset($query[1])){ |
|---|
| 29 |
+ throw new Exception('Invalid query'); |
|---|
| 30 |
+ return false; |
|---|
| 31 |
+ } |
|---|
| 32 |
+ $params=$query[1]; |
|---|
| 33 |
+ if (is_string($params) || is_int($params)) |
|---|
| 34 |
+ $params = array($params); |
|---|
| 35 |
+ $params[]=''; |
|---|
| 36 |
+ $query=explode('?',$query[0]); |
|---|
| 37 |
+ if(count($params)!=count($query)){ |
|---|
| 38 |
+ throw new Exception('Invalid query'); |
|---|
| 39 |
+ return false; |
|---|
| 40 |
+ } |
|---|
| 41 |
+ $fquery=''; |
|---|
| 42 |
+ foreach($query as $key=>$value) |
|---|
| 43 |
+ $fquery.=$value.'\''.addslashes($params[$key]).'\''; |
|---|
| 44 |
+ return substr($fquery,0,-2); |
|---|
| 45 |
+} |
|---|
| 46 |
+ |
|---|
| 47 |
function execute_query (&$sql, $query) { |
|---|
| 48 |
- $rs = $sql->Execute($query); |
|---|
| 49 |
+ if(version_compare(PHP_VERSION,'5.2.5','<')){ |
|---|
| 50 |
+ $query=_pseudo_Prepare(array($query,array())); |
|---|
| 51 |
+ $rs = $sql->MyQuery($query); |
|---|
| 52 |
+ } else { |
|---|
| 53 |
+ $rs = $sql->Execute($query); |
|---|
| 54 |
+ } |
|---|
| 55 |
if (!$rs) system_message($sql->ErrorMsg()); |
|---|
| 56 |
return $rs; |
|---|
| 57 |
} |
|---|
| 58 |
|
|---|
| 59 |
function exec_query(&$sql, $query, $data = array(), $failDie = true) { |
|---|
| 60 |
- $query = $sql->Prepare($query); |
|---|
| 61 |
- $rs = $sql->Execute($query, $data); |
|---|
| 62 |
- |
|---|
| 63 |
+ if(version_compare(PHP_VERSION,'5.2.5','<')){ |
|---|
| 64 |
+ $query=_pseudo_Prepare(array($query,$data)); |
|---|
| 65 |
+ $rs = $sql->MyQuery($query); |
|---|
| 66 |
+ } else { |
|---|
| 67 |
+ $query = $sql->Prepare($query); |
|---|
| 68 |
+ $rs = $sql->Execute($query, $data); |
|---|
| 69 |
+ } |
|---|
| 70 |
if (!$rs && $failDie) { |
|---|
| 71 |
-// var_dump($query); |
|---|
| 72 |
-// var_dump($data); |
|---|
| 73 |
if($query instanceof PDOStatement) |
|---|
| 74 |
$msg = $query->errorInfo(); |
|---|
| 75 |
else |
|---|
| 76 |
$msg = $sql->errorInfo(); |
|---|
| 77 |
system_message(isset($msg[2]) ? $msg[2] : $msg); |
|---|
| 78 |
} |
|---|
| 79 |
- |
|---|
| 80 |
return $rs; |
|---|
| 81 |
} |
|---|
| 82 |
|
|---|
