Tsar_Lyagushka/HB
1
0
Fork 0
forked from halo-battle/game
Code Issues Pull requests Projects Releases Wiki Activity

Version 1.9a

Browse source
This commit is contained in:
nemunaire 2008-09-20 12:00:00 +02:00
commit d028822d0b
437 changed files with 27543 additions and 81793 deletions
Download patch file Download diff file Expand all files Collapse all files

226
onyx/bdd.postgresql.class.php Normal file
View file

@ -0,0 +1,226 @@
<?php
class BDD
{
private $session;
private $reponse;
var $database;
var $num_rows;
var $nodb;
function connexion($db=NULL,$h=NULL,$u=NULL,$p=NULL)
{
if($this->session) $this->deconnexion();
global $var___db,$config;
$u = pg_escape_string( empty($u)?$var___db['postgresql']['login']:$u );
$p = pg_escape_string( empty($p)?$var___db['postgresql']['password']:$p );
$h = pg_escape_string( empty($h)?$var___db['postgresql']['host']:$h );
$db = pg_escape_string( empty($db)?$var___db['postgresql']['db']:$db );
$this->session = @pg_connect("host='$h' port=5432 dbname='$db' user='$u' password='$p'");
if (!$this->session)
{
if($config['db_log']) file_log('Erreur PostgreSQL: Connexion à la base de donnée impossible.',2);
if(!empty($this->nodb) && function_exists($this->nodb))
{
call_user_func($this->nodb);
}
elseif(array_key_exists('no_db',$config) && function_exists($config['no_db']))
{
call_user_func($config['no_db']);
}
else die('Erreur de connexion a la base de donnee');
return FALSE;
}
pg_setclientencoding($this->session,'UTF8');
$this->reponse = NULL;
$this->num_rows = NULL;
$this->database = $db;
}
function deconnexion()
{
if($this->session)
{
$var = @pg_close($this->session);
$this->session = FALSE;
return $var;
}
else return FALSE;
}
function erreur($flag=TRUE)
{
if($this->session)
{
$var = pg_last_error($this->session);
if($flag) echo $var;
return($var);
}
else return FALSE;
}
function db($db=NULL)
{
if($this->session)
{
global $var___db;
$db = pg_escape_string( empty($db)?$var___db['postgresql']['db']:$db );
$var = pg_query("\\connect $db");
if($var) $this->database = $db;
return $var;
}
else return FALSE;
}
function escape(&$var)
{
if($this->session)
{
$var = pg_escape_string($this->session,$var);
return $var;
}
else return FALSE;
}
function query($q)
{
if($this->session)
{
$this->reponse = pg_query($this->session,$q);
global $config;
if($config['db_injection'] == '1') $this->injection($q);
if(!$this->reponse)
{
if($config['db_log'] == '1')
{
file_log('Erreur PostgreSQL: " '.$this->erreur(FALSE).' ", avec la requète: { '.$q.' }.',1);
}
else
{
echo("Requete à la base de donnée invalide");
}
return FALSE;
}
$this->num_rows = @pg_num_rows($this->reponse);
if($this->num_rows == 0)
{
return NULL;
}
elseif($this->num_rows >= 1)
{
for($i=0; $var = pg_fetch_assoc($this->reponse); $i++)
{
$sortie[$i] = $var;
}
return $sortie;
}
else return FALSE;
}
else return FALSE;
}
function unique_query($q)
{
if($this->session)
{
$this->reponse = pg_query($this->session,$q);
global $config;
if($config['db_injection'] == '1') $this->injection($q);
if(!$this->reponse)
{
if($config['db_log'] == '1')
{
file_log('Erreur PostgreSQL: " '.$this->erreur(FALSE).' ", avec la requète: { '.$q.' }.',1);
}
else
{
echo("Requete à la base de donnée invalide");
}
return FALSE;
}
$this->num_rows = @pg_num_rows($this->reponse);
if($this->num_rows == 0 || $this->num_rows > 1)
{
return NULL;
}
elseif($this->num_rows == 1)
{
return pg_fetch_assoc($this->reponse);
}
else return FALSE;
}
else return FALSE;
}
function affected()
{
if($this->session)
{
$affected = pg_affected_rows($this->session);
if($affected >= 0)
{
return $affected;
}
else return FALSE;
}
else return FALSE;
}
private function injection($q)
{
$var = preg_replace('#(\'|")(.*?)(?<!\\\\)\\1#us','',$q);
$find = array('union',
'\\x',
#'0x',
'"',
'\'',
'1=1',
'char(',
'chr(',
'/*',
'#',
'--',
'ascii(',
'x\'',
'%',
'hex(');
foreach($find as $string)
{
if(stripos($var,$string) !== FALSE)
{
file_log("injection sql possible avec la requète: { $q }",1);
return;
}
}
}
}
?>