PHP mres函数代码示例

/**
 * Generate SQL from Group-Pattern
 * @param string $pattern Pattern to generate SQL for
 * @param string $search What to searchid for
 * @return string
 */
function GenGroupSQL($pattern, $search = '')
{
    $tmp = explode(" ", $pattern);
    $tables = array();
    foreach ($tmp as $opt) {
        if (strstr($opt, '%') && strstr($opt, '.')) {
            $tmpp = explode(".", $opt, 2);
            $tmpp[0] = str_replace("%", "", $tmpp[0]);
            $tables[] = mres(str_replace("(", "", $tmpp[0]));
            $pattern = str_replace($opt, $tmpp[0] . '.' . $tmpp[1], $pattern);
        }
    }
    $tables = array_keys(array_flip($tables));
    $x = sizeof($tables);
    $i = 0;
    $join = "";
    while ($i < $x) {
        if (isset($tables[$i + 1])) {
            $join .= $tables[$i] . ".device_id = " . $tables[$i + 1] . ".device_id && ";
        }
        $i++;
    }
    if (!empty($search)) {
        $search .= " &&";
    }
    $sql = "SELECT DISTINCT(" . str_replace("(", "", $tables[0]) . ".device_id) FROM " . implode(",", $tables) . " WHERE " . $search . " (" . str_replace(array("%", "@", "!~", "~"), array("", "%", "NOT LIKE", "LIKE"), $pattern) . ")";
    return $sql;
}

/**
 * Generate SQL from Group-Pattern
 * @param string $pattern Pattern to generate SQL for
 * @param string $search  What to searchid for
 * @return string
 */
function GenGroupSQL($pattern, $search = '')
{
    $pattern = RunGroupMacros($pattern);
    if ($pattern === false) {
        return false;
    }
    $tmp = explode(' ', $pattern);
    $tables = array();
    foreach ($tmp as $opt) {
        if (strstr($opt, '%') && strstr($opt, '.')) {
            $tmpp = explode('.', $opt, 2);
            $tmpp[0] = str_replace('%', '', $tmpp[0]);
            $tables[] = mres(str_replace('(', '', $tmpp[0]));
            $pattern = str_replace($opt, $tmpp[0] . '.' . $tmpp[1], $pattern);
        }
    }
    $tables = array_keys(array_flip($tables));
    $x = sizeof($tables);
    $i = 0;
    $join = '';
    while ($i < $x) {
        if (isset($tables[$i + 1])) {
            $join .= $tables[$i] . '.device_id = ' . $tables[$i + 1] . '.device_id && ';
        }
        $i++;
    }
    if (!empty($search)) {
        $search .= ' &&';
    }
    $sql = 'SELECT DISTINCT(' . str_replace('(', '', $tables[0]) . '.device_id) FROM ' . implode(',', $tables) . ' WHERE ' . $search . ' (' . str_replace(array('%', '@', '!~', '~'), array('', '.*', 'NOT REGEXP', 'REGEXP'), $pattern) . ')';
    return $sql;
}

function get_userid($username)
{
    # FIXME should come from LDAP
    $sql = "SELECT user_id FROM `users` WHERE `username`='" . mres($username) . "'";
    $row = mysql_fetch_array(mysql_query($sql));
    return $row['user_id'];
}

/**
 * Generate SQL from Rule
 * @param string $rule Rule to generate SQL for
 * @return string
 */
function GenSQL($rule)
{
    $tmp = explode(" ", $rule);
    $tables = array();
    foreach ($tmp as $opt) {
        if (strstr($opt, '%') && strstr($opt, '.')) {
            $tmpp = explode(".", $opt, 2);
            $tmpp[0] = str_replace("%", "", $tmpp[0]);
            $tables[] = mres(str_replace("(", "", $tmpp[0]));
            $rule = str_replace($opt, $tmpp[0] . '.' . $tmpp[1], $rule);
        }
    }
    $tables = array_unique($tables);
    $x = sizeof($tables);
    $i = 0;
    $join = "";
    while ($i < $x) {
        if (isset($tables[$i + 1])) {
            $join .= $tables[$i] . ".device_id = " . $tables[$i + 1] . ".device_id && ";
        }
        $i++;
    }
    $sql = "SELECT * FROM " . implode(",", $tables) . " WHERE (" . $join . "" . str_replace("(", "", $tables[0]) . ".device_id = ?) && (" . str_replace(array("%", "@", "!~", "~"), array("", "%", "NOT LIKE", "LIKE"), $rule) . ")";
    return $sql;
}

function postbug($username, $body)
{
    global $DB_HOST, $DB_USERNAME, $DB_PASSWORD, $DB_WEBSITE;
    $connection = connect($DB_HOST, $DB_USERNAME, $DB_PASSWORD);
    $date = date('Y-m-d H:i:s');
    $sql = "INSERT INTO " . $DB_WEBSITE . ".`bugtracker` ( `body`, `autor`, `solved`, `date`, `so_date`) VALUES ( '" . mres($body) . "', '" . $username . "', 0, '" . $date . "', '" . $date . "')";
    mysqli_query($connection, $sql);
}

/**
 * Generate SQL from Rule
 * @param string $rule Rule to generate SQL for
 * @return string|boolean
 */
function GenSQL($rule)
{
    $rule = htmlspecialchars_decode($rule);
    $rule = RunMacros($rule);
    if (empty($rule)) {
        //Cannot resolve Macros due to recursion. Rule is invalid.
        return false;
    }
    //Pretty-print rule to dissect easier
    $pretty = array('*' => ' * ', '(' => ' ( ', ')' => ' ) ', '/' => ' / ', '&&' => ' && ', '||' => ' || ', 'DATE_SUB ( NOW (  )' => 'DATE_SUB( NOW()');
    $rule = str_replace(array_keys($pretty), $pretty, $rule);
    $tmp = explode(" ", $rule);
    $tables = array();
    foreach ($tmp as $opt) {
        if (strstr($opt, '%') && strstr($opt, '.')) {
            $tmpp = explode(".", $opt, 2);
            $tmpp[0] = str_replace("%", "", $tmpp[0]);
            $tables[] = mres(str_replace("(", "", $tmpp[0]));
            $rule = str_replace($opt, $tmpp[0] . '.' . $tmpp[1], $rule);
        }
    }
    $tables = array_keys(array_flip($tables));
    if (dbFetchCell('SELECT 1 FROM information_schema.COLUMNS WHERE TABLE_NAME = ? && COLUMN_NAME = ?', array($tables[0], 'device_id')) != 1) {
        //Our first table has no valid glue, append the 'devices' table to it!
        array_unshift($tables, 'devices');
    }
    $x = sizeof($tables) - 1;
    $i = 0;
    $join = "";
    while ($i < $x) {
        if (isset($tables[$i + 1])) {
            $gtmp = ResolveGlues(array($tables[$i + 1]), 'device_id');
            if ($gtmp === false) {
                //Cannot resolve glue-chain. Rule is invalid.
                return false;
            }
            $last = "";
            $qry = "";
            foreach ($gtmp as $glue) {
                if (empty($last)) {
                    list($tmp, $last) = explode('.', $glue);
                    $qry .= $glue . ' = ';
                } else {
                    list($tmp, $new) = explode('.', $glue);
                    $qry .= $tmp . '.' . $last . ' && ' . $tmp . '.' . $new . ' = ';
                    $last = $new;
                }
                if (!in_array($tmp, $tables)) {
                    $tables[] = $tmp;
                }
            }
            $join .= "( " . $qry . $tables[0] . ".device_id ) && ";
        }
        $i++;
    }
    $sql = "SELECT * FROM " . implode(",", $tables) . " WHERE (" . $join . "" . str_replace("(", "", $tables[0]) . ".device_id = ?) && (" . str_replace(array("%", "@", "!~", "~"), array("", ".*", "NOT REGEXP", "REGEXP"), $rule) . ")";
    return $sql;
}

function discover_service($device, $service)
{
    if (!dbFetchCell('SELECT COUNT(service_id) FROM `services` WHERE `service_type`= ? AND `device_id` = ?', array($service, $device['device_id']))) {
        add_service($device, $service, "(Auto discovered) {$service}");
        log_event('Autodiscovered service: type ' . mres($service), $device, 'service');
        echo '+';
    }
    echo "{$service} ";
}

function mres($q)
{
    if (is_array($q)) {
        foreach ($q as $k => $v) {
            $q[$k] = mres($v);
        }
    } elseif (is_string($q)) {
        $q = mysql_real_escape_string($q);
    }
    return $q;
}

function authenticate($username, $password)
{
    global $config;
    if (isset($_SERVER['REMOTE_USER'])) {
        $_SESSION['username'] = mres($_SERVER['REMOTE_USER']);
        if (user_exists($_SESSION['username'])) {
            return 1;
        }
        $_SESSION['username'] = $config['http_auth_guest'];
        return 1;
    }
    return 0;
}

function authenticate($username, $password)
{
    global $config;
    if (isset($_SERVER['REMOTE_USER'])) {
        $_SESSION['username'] = mres($_SERVER['REMOTE_USER']);
        $row = @dbFetchRow("SELECT username FROM `users` WHERE `username`=?", array($_SESSION['username']));
        if (isset($row['username']) && $row['username'] == $_SESSION['username']) {
            return 1;
        } else {
            $_SESSION['username'] = $config['http_auth_guest'];
            return 1;
        }
    }
    return 0;
}

 /**
  * generic clean up from db_quoteStr() clone
  *
  * @param string $string
  *
  * @return string
  */
 public static function db_sanitize($string = '')
 {
     function mres($string = '')
     {
         $search = array("\\", "", "\n", "\r", "'", '"', "");
         $replace = array("\\\\", "\\0", "\\n", "\\r", "\\'", '\\"', "\\Z");
         return str_replace($search, $replace, $string);
     }
     if (empty($string)) {
         return '';
     }
     // remove only double empty single quotes
     $string = (string) preg_replace("/[']{2}/", "'", $string);
     $string = (string) str_replace("\\n", "\n", $string);
     $string = (string) str_replace("\\r", "\r", $string);
     $string = (string) str_replace("\\\\", "\\", $string);
     $string = (string) mres($string);
     return $string;
 }

foreach (dbFetchRows('SELECT DISTINCT `program` FROM `syslog` ORDER BY `program`') as $data) {
    echo '"<option value="' . mres($data['program']) . '"';
    if ($data['program'] == $vars['program']) {
        echo ' selected';
    }
    echo '>' . $data['program'] . '</option>';
}
?>
                        </select>
                    </div>
                    <div class="form-group">
                        <select name="priority" id="priority" class="form-control input-sm">
                            <option value="">All Priorities</option>
                                <?php 
foreach (dbFetchRows('SELECT DISTINCT `priority` FROM `syslog` ORDER BY `level`') as $data) {
    echo '"<option value="' . mres($data['priority']) . '"';
    if ($data['priority'] == $vars['priority']) {
        echo ' selected';
    }
    echo '>' . $data['priority'] . '</option>';
}
?>
                        </select>
                    </div>
                    <div class="form-group">
                        <input name="from" type="text" class="form-control input-sm" id="dtpickerfrom" maxlength="16" value="<?php 
echo $vars['from'];
?>
" placeholder="From" data-date-format="YYYY-MM-DD HH:mm">
                    </div>
                    <div class="form-group">

 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation, either version 3 of the License, or (at your
 * option) any later version.  Please see LICENSE.txt at the top level of
 * the source code distribution for details.
 */
header('Content-type: application/json');
if (is_admin() === false) {
    $response = array('status' => 'error', 'message' => 'Need to be admin');
    echo _json_encode($response);
    exit;
}
$status = 'error';
$message = 'Error updating storage information';
$device_id = mres($_POST['device_id']);
$storage_id = mres($_POST['storage_id']);
$data = mres($_POST['data']);
if (!is_numeric($device_id)) {
    $message = 'Missing device id';
} elseif (!is_numeric($storage_id)) {
    $message = 'Missing storage id';
} elseif (!is_numeric($data)) {
    $message = 'Missing value';
} else {
    if (dbUpdate(array('storage_perc_warn' => $data), 'storage', '`storage_id`=? AND `device_id`=?', array($storage_id, $device_id))) {
        $message = 'Storage information updated';
        $status = 'ok';
    } else {
        $message = 'Could not update storage information';
    }
}
$response = array('status' => $status, 'message' => $message, 'extra' => $extra);

<?php

/*
 * LibreNMS
 *
 * Copyright (c) 2015 Søren Friis Rosiak <sorenrosiak@gmail.com>
 * This program is free software: you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation, either version 3 of the License, or (at your
 * option) any later version.  Please see LICENSE.txt at the top level of
 * the source code distribution for details.
 */
header('Content-type: application/json');
$status = 'error';
$message = 'unknown error';
$device_id = mres($_POST['device_id']);
$port_id_notes = mres($_POST['port_id_notes']);
$attrib_value = $_POST['notes'];
if (isset($attrib_value) && set_dev_attrib(array('device_id' => $device_id), $port_id_notes, $attrib_value)) {
    $status = 'ok';
    $message = 'Updated';
} else {
    $status = 'error';
    $message = 'ERROR: Could not update';
}
die(json_encode(array('status' => $status, 'message' => $message, 'attrib_type' => $port_id_notes, 'attrib_value' => $attrib_value, 'device_id' => $device_id)));

    echo _json_encode($response);
    exit;
}
$action = mres($_POST['action']);
$config_group = mres($_POST['config_group']);
$config_sub_group = mres($_POST['config_sub_group']);
$config_name = mres($_POST['config_name']);
$config_value = mres($_POST['config_value']);
$config_extra = mres($_POST['config_extra']);
$config_room_id = mres($_POST['config_room_id']);
$config_from = mres($_POST['config_from']);
$config_userkey = mres($_POST['config_userkey']);
$status = 'error';
$message = 'Error with config';
if ($action == 'remove' || $action == 'remove-slack' || $action == 'remove-hipchat' || $action == 'remove-pushover' || $action == 'remove-boxcar') {
    $config_id = mres($_POST['config_id']);
    if (empty($config_id)) {
        $message = 'No config id passed';
    } else {
        if (dbDelete('config', '`config_id`=?', array($config_id))) {
            if ($action == 'remove-slack') {
                dbDelete('config', "`config_name` LIKE 'alert.transports.slack.{$config_id}.%'");
            } else {
                if ($action == 'remove-hipchat') {
                    dbDelete('config', "`config_name` LIKE 'alert.transports.hipchat.{$config_id}.%'");
                } else {
                    if ($action == 'remove-pushover') {
                        dbDelete('config', "`config_name` LIKE 'alert.transports.pushover.{$config_id}.%'");
                    } elseif ($action == 'remove-boxcar') {
                        dbDelete('config', "`config_name` LIKE 'alert.transports.boxcar.{$config_id}.%'");
                    }