/
functions_db.php
120 lines (99 loc) · 2.86 KB
/
functions_db.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?
/**
* Allomani News v1.0
*
* @package Allomani.News
* @version 1.0
* @copyright (c) 2006-2013 Allomani , All rights reserved.
* @author Ali Allomani <info@allomani.com>
* @link http://allomani.com
* @license GNU General Public License version 3.0 (GPLv3)
*
*/
function fix_gpc($value){
if(get_magic_quotes_gpc()==0)
{
return addslashes($value);
}else{
return $value ;
}
}
//----------- Clean String ----------
function db_clean_string($str,$type="text",$op="write",$is_gpc=true){
if(get_magic_quotes_gpc() && $is_gpc){ $str = stripslashes($str);}
if($type=="num"){
return intval($str);
}elseif($type=="text"){
if($op=="write"){
return db_escape_string(htmlspecialchars($str));
}else{
return db_escape_string($str);
}
}elseif($type=="code"){
return db_escape_string($str);
}
}
//----------- escape String -----------
function db_escape_string($str){
if(function_exists('mysql_real_escape_string')){
return mysql_real_escape_string($str);
}else{
return mysql_escape_string($str);
}
}
//----------- query ------------------
function db_query($sql){
global $show_mysql_errors ;
if(strpos(strtolower($sql),"union")){
die("<script>window.location=\"index.php\"</script>");
}
$qr = mysql_query($sql);
$err = mysql_error() ;
if($err && $show_mysql_errors){
print "<p align=left><b> MySQL Error: </b> $err </p>";
}else{
return $qr ;
}
}
//---------------- fetch -------------------
function db_fetch($qr){
global $show_mysql_errors ;
$fetch = mysql_fetch_array($qr);
$err = mysql_error() ;
if($err && $show_mysql_errors){
print "<p align=left><b> MySQL Error: </b> $err </p>";
}else{
return $fetch;
}
}
//------------------ Query + fetch ----------------------
function db_qr_fetch($sql){
global $show_mysql_errors ;
if(strpos(strtolower($sql),"union")){
die("<script>window.location=\"index.php\"</script>");
}
$qr = mysql_query($sql);
$err = mysql_error() ;
if($err && $show_mysql_errors){
print "<p align=left><b> MySQL Error: </b> $err </p>";
}else{
return mysql_fetch_array($qr);
}
}
// ------------------------ num -----------------------
function db_num($sql){
return mysql_num_rows($sql);
}
// ------------------- query + num --------------------
function db_qr_num($sql){
if(strpos(strtolower($sql),"union")){
die("<script>window.location=\"index.php\"</script>");
}
$qr = mysql_query($sql);
$err = mysql_error() ;
if($err && $show_mysql_errors){
print "<p align=left><b> MySQL Error: </b> $err </p>";
}else{
return mysql_num_rows($qr);
}
}