-
Notifications
You must be signed in to change notification settings - Fork 144
/
Copy pathCreateDB.php
65 lines (54 loc) · 1.97 KB
/
CreateDB.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
<?php
require_once 'Generic.php';
/**
* Converter: mysql_create_db.
*
* @category Functions
*
* @author Andrey Hristov <andrey@php.net>, Ulf Wendel <ulf.wendel@phpdoc.de>
* @copyright 1997-2006 The PHP Group
* @license http://www.php.net/license/3_0.txt PHP License 3.0
*
* @version CVS: $Id:$, Release: @package_version@
*
* @link http://www.mysql.com
* @since Class available since Release 1.0
*/
class MySQLConverterTool_Function_CreateDB extends MySQLConverterTool_Function_Generic
{
// not used, but anyway
public $new_name = 'mysqli_query';
public function __construct()
{
}
public function handle(array $params = array())
{
// mysql_create_db ( string database_name [, resource link_identifier] )
if (count($params) < 1 || count($params) > 2) {
return array(self::PARSE_ERROR_WRONG_PARAMS, null);
}
@list($db, $conn) = $this->extractParamValues($params);
if (is_null($conn)) {
$conn = $this->ston_name;
}
list($db, $db_type) = $this->extractValueAndType(trim($db));
if ('const' == $db_type) {
$ret = sprintf('((is_null($___mysqli_res = %s(%s, "CREATE DATABASE " . constant(\'%s\')))) ? false : $___mysqli_res)',
$this->new_name,
$conn,
$db
);
} else {
$ret = sprintf('((is_null($___mysqli_res = %s(%s, "CREATE DATABASE %s"))) ? false : $___mysqli_res)',
$this->new_name,
$conn,
$db
);
}
return array('mysql_create_db(string database_name [...]) is emulated using mysqli_query() and CREATE DATABASE database_name. This is a possible SQL injection security bug as no tests are performed what value database_name has. Check your script!', $ret);
}
public function getConversionHint()
{
return 'Emulated using mysqli_query and CREATE DATABASE.';
}
}