<?php
class
mysql {
private
$db_host
;
private
$db_user
;
private
$db_pwd
;
private
$db_database
;
private
$conn
;
private
$result
;
private
$sql
;
private
$row
;
private
$coding
;
private
$bulletin
= true;
private
$show_error
= false;
private
$is_error
= false;
public
function
__construct(
$db_host
,
$db_user
,
$db_pwd
,
$db_database
,
$conn
,
$coding
) {
$this
->db_host =
$db_host
;
$this
->db_user =
$db_user
;
$this
->db_pwd =
$db_pwd
;
$this
->db_database =
$db_database
;
$this
->conn =
$conn
;
$this
->coding =
$coding
;
$this
->connect();
}
public
function
connect() {
if
(
$this
->conn ==
"pconn"
) {
$this
->conn = mysql_pconnect(
$this
->db_host,
$this
->db_user,
$this
->db_pwd);
}
else
{
$this
->conn = mysql_connect(
$this
->db_host,
$this
->db_user,
$this
->db_pwd);
}
if
(!mysql_select_db(
$this
->db_database,
$this
->conn)) {
if
(
$this
->show_error) {
$this
->show_error(
"数据库不可用:"
,
$this
->db_database);
}
}
mysql_query(
"SET NAMES $this->coding"
);
}
public
function
query(
$sql
) {
if
(
$sql
==
""
) {
$this
->show_error(
"SQL语句错误:"
,
"SQL查询语句为空"
);
}
$this
->sql =
$sql
;
$result
= mysql_query(
$this
->sql,
$this
->conn);
if
(!
$result
) {
if
(
$this
->show_error) {
$this
->show_error(
"错误SQL语句:"
,
$this
->sql);
}
}
else
{
$this
->result =
$result
;
}
return
$this
->result;
}
public
function
create_database(
$database_name
) {
$database
=
$database_name
;
$sqlDatabase
=
'create database '
.
$database
;
$this
->query(
$sqlDatabase
);
}
public
function
show_databases() {
$this
->query(
"show databases"
);
echo
"现有数据库:"
.
$amount
=
$this
->db_num_rows(
$rs
);
echo
"<br />"
;
$i
= 1;
while
(
$row
=
$this
->fetch_array(
$rs
)) {
echo
"$i $row[Database]"
;
echo
"<br />"
;
$i
++;
}
}
public
function
databases() {
$rsPtr
= mysql_list_dbs(
$this
->conn);
$i
= 0;
$cnt
= mysql_num_rows(
$rsPtr
);
while
(
$i
<
$cnt
) {
$rs
[] = mysql_db_name(
$rsPtr
,
$i
);
$i
++;
}
return
$rs
;
}
public
function
show_tables(
$database_name
) {
$this
->query(
"show tables"
);
echo
"现有数据库:"
.
$amount
=
$this
->db_num_rows(
$rs
);
echo
"<br />"
;
$i
= 1;
while
(
$row
=
$this
->fetch_array(
$rs
)) {
$columnName
=
"Tables_in_"
.
$database_name
;
echo
"$i $row[$columnName]"
;
echo
"<br />"
;
$i
++;
}
}
public
function
mysql_result_li() {
return
mysql_result(
$str
);
}
public
function
fetch_array(
$resultt
=
""
) {
if
(
$resultt
<>
""
){
return
mysql_fetch_array(
$resultt
);
}
else
{
return
mysql_fetch_array(
$this
->result);
}
}
public
function
fetch_assoc() {
return
mysql_fetch_assoc(
$this
->result);
}
public
function
fetch_row() {
return
mysql_fetch_row(
$this
->result);
}
public
function
fetch_Object() {
return
mysql_fetch_object(
$this
->result);
}
public
function
findall(
$table
) {
$this
->query(
"SELECT * FROM $table"
);
}
public
function
select(
$table
,
$columnName
=
"*"
,
$condition
=
''
,
$debug
=
''
) {
$condition
=
$condition
?
' Where '
.
$condition
: NULL;
if
(
$debug
) {
echo
"SELECT $columnName FROM $table $condition"
;
}
else
{
$this
->query(
"SELECT $columnName FROM $table $condition"
);
}
}
public
function
delete
(
$table
,
$condition
,
$url
=
''
) {
if
(
$this
->query(
"DELETE FROM $table WHERE $condition"
)) {
if
(!
empty
(
$url
))
$this
->Get_admin_msg(
$url
,
'删除成功!'
);
}
}
public
function
insert(
$table
,
$columnName
,
$value
,
$url
=
''
) {
if
(
$this
->query(
"INSERT INTO $table ($columnName) VALUES ($value)"
)) {
if
(!
empty
(
$url
))
$this
->Get_admin_msg(
$url
,
'添加成功!'
);
}
}
public
function
update(
$table
,
$mod_content
,
$condition
,
$url
=
''
) {
if
(
$this
->query(
"UPDATE $table SET $mod_content WHERE $condition"
)) {
if
(!
empty
(
$url
))
$this
->Get_admin_msg(
$url
);
}
}
public
function
insert_id() {
return
mysql_insert_id();
}
public
function
db_data_seek(
$id
) {
if
(
$id
> 0) {
$id
=
$id
-1;
}
if
(!@ mysql_data_seek(
$this
->result,
$id
)) {
$this
->show_error(
"SQL语句有误:"
,
"指定的数据为空"
);
}
return
$this
->result;
}
public
function
db_num_rows() {
if
(
$this
->result == null) {
if
(
$this
->show_error) {
$this
->show_error(
"SQL语句错误"
,
"暂时为空,没有任何内容!"
);
}
}
else
{
return
mysql_num_rows(
$this
->result);
}
}
public
function
db_affected_rows() {
return
mysql_affected_rows();
}
public
function
show_error(
$message
=
""
,
$sql
=
""
) {
if
(!
$sql
) {
echo
"<font color='red'>"
.
$message
.
"</font>"
;
echo
"<br />"
;
}
else
{
echo
"<fieldset>"
;
echo
"<legend>错误信息提示:</legend><br />"
;
echo
"<div style='font-size:14px; clear:both; font-family:Verdana, Arial, Helvetica, sans-serif;'>"
;
echo
"<div style='height:20px; background:#000000; border:1px #000000 solid'>"
;
echo
"<font color='white'>错误号:12142</font>"
;
echo
"</div><br />"
;
echo
"错误原因:"
. mysql_error() .
"<br /><br />"
;
echo
"<div style='height:20px; background:#FF0000; border:1px #FF0000 solid'>"
;
echo
"<font color='white'>"
.
$message
.
"</font>"
;
echo
"</div>"
;
echo
"<font color='red'><pre>"
.
$sql
.
"</pre></font>"
;
$ip
=
$this
->getip();
if
(
$this
->bulletin) {
$time
=
date
(
"Y-m-d H:i:s"
);
$message
=
$message
.
"\r\n$this->sql"
.
"\r\n客户IP:$ip"
.
"\r\n时间 :$time"
.
"\r\n\r\n"
;
$server_date
=
date
(
"Y-m-d"
);
$filename
=
$server_date
.
".txt"
;
$file_path
=
"error/"
.
$filename
;
$error_content
=
$message
;
$file
=
"error"
;
if
(!
file_exists
(
$file
)) {
if
(!
mkdir
(
$file
, 0777)) {
die
(
"upload files directory does not exist and creation failed"
);
}
}
if
(!
file_exists
(
$file_path
)) {
fopen
(
$file_path
,
"w+"
);
if
(
is_writable
(
$file_path
)) {
if
(!
$handle
=
fopen
(
$file_path
,
'a'
)) {
echo
"不能打开文件 $filename"
;
exit
;
}
if
(!fwrite(
$handle
,
$error_content
)) {
echo
"不能写入到文件 $filename"
;
exit
;
}
echo
"——错误记录被保存!"
;
fclose(
$handle
);
}
else
{
echo
"文件 $filename 不可写"
;
}
}
else
{
if
(
is_writable
(
$file_path
)) {
if
(!
$handle
=
fopen
(
$file_path
,
'a'
)) {
echo
"不能打开文件 $filename"
;
exit
;
}
if
(!fwrite(
$handle
,
$error_content
)) {
echo
"不能写入到文件 $filename"
;
exit
;
}
echo
"——错误记录被保存!"
;
fclose(
$handle
);
}
else
{
echo
"文件 $filename 不可写"
;
}
}
}
echo
"<br />"
;
if
(
$this
->is_error) {
exit
;
}
}
echo
"</div>"
;
echo
"</fieldset>"
;
echo
"<br />"
;
}
public
function
free() {
@ mysql_free_result(
$this
->result);
}
public
function
select_db(
$db_database
) {
return
mysql_select_db(
$db_database
);
}
public
function
num_fields(
$table_name
) {
$this
->query(
"select * from $table_name"
);
echo
"<br />"
;
echo
"字段数:"
.
$total
= mysql_num_fields(
$this
->result);
echo
"<pre>"
;
for
(
$i
= 0;
$i
<
$total
;
$i
++) {
print_r(mysql_fetch_field(
$this
->result,
$i
));
}
echo
"</pre>"
;
echo
"<br />"
;
}
public
function
mysql_server(
$num
=
''
) {
switch
(
$num
) {
case
1 :
return
mysql_get_server_info();
break
;
case
2 :
return
mysql_get_host_info();
break
;
case
3 :
return
mysql_get_client_info();
break
;
case
4 :
return
mysql_get_proto_info();
break
;
default
:
return
mysql_get_client_info();
}
}
public
function
__destruct() {
if
(!
empty
(
$this
->result)) {
$this
->free();
}
mysql_close(
$this
->conn);
}
function
getip() {
if
(
getenv
(
"HTTP_CLIENT_IP"
) &&
strcasecmp
(
getenv
(
"HTTP_CLIENT_IP"
),
"unknown"
)) {
$ip
=
getenv
(
"HTTP_CLIENT_IP"
);
}
else
if
(
getenv
(
"HTTP_X_FORWARDED_FOR"
) &&
strcasecmp
(
getenv
(
"HTTP_X_FORWARDED_FOR"
),
"unknown"
)) {
$ip
=
getenv
(
"HTTP_X_FORWARDED_FOR"
);
}
else
if
(
getenv
(
"REMOTE_ADDR"
) &&
strcasecmp
(
getenv
(
"REMOTE_ADDR"
),
"unknown"
)) {
$ip
=
getenv
(
"REMOTE_ADDR"
);
}
else
if
(isset (
$_SERVER
[
'REMOTE_ADDR'
]) &&
$_SERVER
[
'REMOTE_ADDR'
] &&
strcasecmp
(
$_SERVER
[
'REMOTE_ADDR'
],
"unknown"
)) {
$ip
=
$_SERVER
[
'REMOTE_ADDR'
];
}
else
{
$ip
=
"unknown"
;
}
return
(
$ip
);
}
function
inject_check(
$sql_str
) {
$check
=
eregi
(
'select|insert|update|delete|\'|\/\*|\*|\.\.\/|\.\/|union|into|load_file|outfile'
,
$sql_str
);
if
(
$check
) {
echo
"输入非法注入内容!"
;
exit
();
}
else
{
return
$sql_str
;
}
}
function
checkurl() {
if
(preg_replace(
"/https?:\/\/([^\:\/]+).*/i"
,
"\\1"
,
$_SERVER
[
'HTTP_REFERER'
]) !== preg_replace(
"/([^\:]+).*/"
,
"\\1"
,
$_SERVER
[
'HTTP_HOST'
])) {
exit
();
}
}
}
?>