PHP sqlquery函数代码示例

function sql($m)
{
    /*{{{*/
    require_once 'api/function.sqlquery.php';
    if ($m->getNumParams() > 1) {
        $error = "Invalid number of parameters. SQL query required";
        return new XML_RPC_Response(0, $GLOBALS['XML_RPC_erruser'], $error);
    }
    $db = $GLOBALS['dsn'] . $GLOBALS['datadb'];
    // get the SQL statement
    $query = $m->getParam(0);
    // return an error if the query is not allowed
    if (!ereg("^(select|show|describe) ", strtolower($query->scalarval()))) {
        $error = 'Invalid query, only "SELECT", "SHOW", or "DESCRIBE" statements are accepted';
        return new XML_RPC_Response(0, $GLOBALS['XML_RPC_erruser'], $error);
    }
    // perform the query
    $result = @sqlquery($db, $query->scalarval(), true);
    if (is_object($result) && DB::isError($result)) {
        $error = $result->getCode() . ": " . $result->getMessage();
        return new XML_RPC_Response(0, $GLOBALS['XML_RPC_erruser'], $error);
    }
    $res = db2XMLRPC($result);
    return new XML_RPC_Response($res);
}

function buildVariableEnv($uid, $gid, $tid, &$vardisp, &$bounds, &$privilege, &$tree, &$condensed, &$autoDisplay)
{
    $result = sqlquery("SELECT view_row.name AS user_name, variable.name AS var_name, path, warning_bound, error_bound, alarm_order, view_row.filter as varfilter, view_table.filter as viewfilter, display, auto_display, view_row.vid AS vid " . "FROM variable, view_row, view_table " . "WHERE variable.command='variable' AND (view_table.uid='{$uid}' OR view_table.uid='{$gid}') AND view_table.tid='{$tid}' AND view_row.tid='{$tid}' AND variable.vid=view_row.vid ORDER BY view_row.ordering");
    while ($result && ($arr = sqlfetch($result))) {
        $vid = $arr["vid"];
        if (!hasAccessToVariable($vid)) {
            continue;
        }
        $path = $arr["path"];
        if ($arr["varfilter"] != "" && ($path = filterPath($path, $arr["varfilter"])) == "") {
            continue;
        }
        if ($arr["viewfilter"] != "" && ($path = filterPath($path, $arr["viewfilter"])) == "") {
            continue;
        }
        $condensed = $arr["display"] == "condensed";
        $autoDisplay = $arr["auto_display"] == "auto";
        $varName = getVarName($path);
        $vardisp[$varName] = $arr["user_name"];
        $bounds[$varName] = array($arr["warning_bound"], $arr["error_bound"], $arr["alarm_order"]);
        $privilege[$varName] = getVariableRight($vid);
        $address = explode(".", $path);
        //echo "add to tree address $path<br>\n";
        if (!isset($numsteps)) {
            $numsteps = count($address);
        }
        if ($numsteps != count($address)) {
            echo "Invalid table <b>{$tid}</b>, contains different variable path length (typically, mixed shard/server/service variables with entity variables)\n";
            return;
        }
        addToNode($tree, $address, 0);
    }
}

 function __construct($gateway_override = false)
 {
     $s = BigTreeAdmin::getSetting("bigtree-internal-payment-gateway");
     // Setting doesn't exist? Create it.
     if ($s === false) {
         sqlquery("INSERT INTO bigtree_settings (`id`,`system`,`encrypted`) VALUES ('bigtree-internal-payment-gateway','on','on')");
         $s = array("service" => "", "settings" => array());
         BigTreeAdmin::updateSettingValue("bigtree-internal-payment-gateway", $s);
     }
     // If for some reason the setting doesn't exist, make one.
     $this->Service = isset($s["value"]["service"]) ? $s["value"]["service"] : "";
     $this->Settings = isset($s["value"]["settings"]) ? $s["value"]["settings"] : array();
     // If you specifically request a certain service, use it instead of the default
     if ($gateway_override) {
         $this->Service = $gateway_override;
     }
     if ($this->Service == "authorize.net") {
         $this->setupAuthorize();
     } elseif ($this->Service == "paypal") {
         $this->setupPayPal();
     } elseif ($this->Service == "paypal-rest") {
         $this->setupPayPalREST();
     } elseif ($this->Service == "payflow") {
         $this->setupPayflow();
     } elseif ($this->Service == "linkpoint") {
         $this->setupLinkPoint();
     }
 }

function getShardLockState()
{
    global $shardLockState, $uid, $REMOTE_ADDR, $enablelock, $shardList;
    global $ASHost, $ASPort;
    $shardLockState = array();
    if (count($shardList) > 0) {
        foreach ($shardList as $shard => $s) {
            $shardLockState[$shard]['lock_state'] = $enablelock ? 0 : 1;
        }
    }
    $result = sqlquery("SELECT * FROM shard_annotation");
    while ($result && ($arr = sqlfetch($result))) {
        if ($enablelock) {
            if ($arr['lock_user'] == 0) {
                $lockState = 0;
                // unlocked
            } else {
                if ($arr['lock_user'] == $uid && $arr['lock_ip'] == $REMOTE_ADDR) {
                    $lockState = 1;
                    // locked by user
                } else {
                    $lockState = 2;
                    // locked by another user
                }
            }
        } else {
            $lockState = 1;
        }
        $shardLockState[$arr['shard']] = array('user_annot' => $arr['user'], 'annot' => htmlentities($arr['annotation'], ENT_QUOTES), 'post_date' => $arr['post_date'], 'lock_user' => $arr['lock_user'], 'lock_ip' => $arr['lock_ip'], 'lock_date' => $arr['lock_date'], 'lock_state' => $lockState, 'ASAddr' => $arr['ASAddr'], 'alias' => $arr['alias']);
    }
}

function loghistory($link, $userid, $ip, $ua, $outcome)
{
    $sql = "SELECT max(`id`) AS `m` FROM `history`";
    $res = sqlquery($sql, $link);
    $r = $res->fetch(PDO::FETCH_ASSOC);
    $i = $r == FALSE ? 0 : (int) $r['m'] + 1;
    $sql = "INSERT INTO `history` VALUES (?,?,?,?,?,CURRENT_TIMESTAMP)";
    $res = sqlexec($sql, array($i, $userid, $ip, $ua, $outcome), $link);
}

function selectorder($conn, $select, $from, $where, $order)
{
    if ($where == "") {
        $where = "1=1";
    }
    if ($where == "") {
        $where = "1=1";
    }
    return sqlquery($conn, "SELECT " . $select . " FROM " . $from . " WHERE " . $where . " ORDER BY " . $order);
}

function delete_old_process($link)
{
    $ret = sqlquery('SELECT * FROM `process` where 1', $link);
    while ($i = $ret->fetch(PDO::FETCH_ASSOC)) {
        if (!pstatus($i['pid'])) {
            sqlexec('DELETE FROM `process` where pid=?', array($i['pid']), $link);
            deldir('qqbot/' . $i['id']);
        }
    }
}

 function __construct()
 {
     $s = BigTreeAdmin::getSetting("bigtree-internal-email-service");
     // Setting doesn't exist? Create it.
     if ($s === false) {
         sqlquery("INSERT INTO bigtree_settings (`id`,`system`,`encrypted`) VALUES ('bigtree-internal-email-service','on','on')");
         $s = array("service" => "", "settings" => array());
         BigTreeAdmin::updateSettingValue("bigtree-internal-email-service", $s);
     }
     $this->Service = !empty($s["value"]["service"]) ? $s["value"]["service"] : "local";
     $this->Settings = !empty($s["value"]["settings"]) ? $s["value"]["settings"] : array();
 }

 function sql($query)
 {
     if (!eregi("^(select|show|describe)", $query)) {
         trigger_error('Invalid query. Only SELECT, SHOW and DESCRIBE allowed', E_USER_ERROR);
     }
     $db = $GLOBALS['dsn'] . $GLOBALS['datadb'];
     $result = @sqlquery($db, $query, false);
     if (is_object($result) && PEAR::isError($result)) {
         trigger_error($result->getMessage(), E_USER_ERROR);
     } else {
         return new SOAP_Value('result', 'Struct', $result);
     }
 }

 static function getForm($id)
 {
     $id = sqlescape($id);
     $form = sqlfetch(sqlquery("SELECT * FROM btx_form_builder_forms WHERE id = '{$id}'"));
     if (!$form) {
         return false;
     }
     $fields = array();
     $object_count = 0;
     $field_query = sqlquery("SELECT * FROM btx_form_builder_fields WHERE form = '{$id}' AND `column` = '0' ORDER BY position DESC, id ASC");
     while ($field = sqlfetch($field_query)) {
         $object_count++;
         if ($field["type"] == "column") {
             // Get left column
             $column_fields = array();
             $column_query = sqlquery("SELECT * FROM btx_form_builder_fields WHERE `column` = '" . $field["id"] . "' AND `alignment` = 'left' ORDER BY position DESC, id ASC");
             while ($sub_field = sqlfetch($column_query)) {
                 $column_fields[] = $sub_field;
                 $object_count++;
             }
             $field["fields"] = $column_fields;
             $fields[] = $field;
             // Get right column
             $column_fields = array();
             $column_query = sqlquery("SELECT * FROM btx_form_builder_fields WHERE `column` = '" . $field["id"] . "' AND `alignment` = 'right' ORDER BY position DESC, id ASC");
             while ($sub_field = sqlfetch($column_query)) {
                 $column_fields[] = $sub_field;
                 $object_count++;
             }
             $field["fields"] = $column_fields;
             $fields[] = $field;
             // Column start/end count as objects so we add 3 since there's two columns
             $object_count += 3;
         } else {
             $fields[] = $field;
         }
     }
     $form["fields"] = $fields;
     $form["object_count"] = $object_count - 1;
     // We start at 0
     return $form;
 }

 function sql()
 {
     /*{{{*/
     if (!$_REQUEST['query']) {
         echo "<b>ERROR: Missing parameters.</b>\n";
         return false;
     }
     // allow only SELECT, SHOW or DESCRIBE queries
     $allowed = "^(select|show|describe)";
     if (!eregi($allowed, trim($_REQUEST['query']))) {
         echo "<b>ERROR: Only 'SELECT', 'SHOW', or 'DESCRIBE' queries are allowed.</b>\n";
         return false;
     }
     $result = sqlquery(MDB_DATA_DSN, $_REQUEST['query']);
     if (is_object($result) && DB::isError($result)) {
         echo "<b>ERROR " . $result->getCode() . ": " . $result->getMessage() . "</b>\n";
         return false;
     }
     $format = isset($_REQUEST['format']) ? strtolower($_REQUEST['format']) : "csv";
     switch ($format) {
         case "wddx":
             $out = wddx_serialize_value($result);
             break;
         case "serialize":
             $out = serialize($result);
             break;
         case "table":
             $out = toTable($result);
             break;
         case "csv":
         default:
             $fields = array_keys($result[0]);
             $out = toCSV($fields);
             for ($i = 0; $i < count($result); $i++) {
                 $out .= toCSV(array_values($result[$i]));
             }
             break;
     }
     echo $out;
     return true;
 }

function checkpseudo($pseudo)
{
    if ($pseudo == '') {
        return 'empty';
    } else {
        if (strlen($pseudo) < 3) {
            return 'tooshort';
        } else {
            if (strlen($pseudo) > 32) {
                return 'toolong';
            } else {
                $result = sqlquery("SELECT COUNT(*) AS nbr FROM membres WHERE membre_pseudo = '" . mysql_real_escape_string($pseudo) . "'", 1);
                global $queries;
                $queries++;
                if ($result['nbr'] > 0) {
                    return 'exists';
                } else {
                    return 'ok';
                }
            }
        }
    }
}

function _local_bigtree_update_201()
{
    setcookie("bigtree_admin[password]", "", time() - 3600, str_replace(DOMAIN, "", WWW_ROOT));
    sqlquery("CREATE TABLE `bigtree_user_sessions` (`id` varchar(255) NOT NULL DEFAULT '', `email` varchar(255) DEFAULT NULL, `chain` varchar(255) DEFAULT NULL, PRIMARY KEY (`id`), KEY `email` (`email`), KEY `chain` (`chain`)) ENGINE=InnoDB DEFAULT CHARSET=utf8");
}

 function handle404($url)
 {
     $url = sqlescape(htmlspecialchars(strip_tags(rtrim($url, "/"))));
     $f = sqlfetch(sqlquery("SELECT * FROM bigtree_404s WHERE broken_url = '{$url}'"));
     if (!$url) {
         return true;
     }
     if ($f["redirect_url"]) {
         if ($f["redirect_url"] == "/") {
             $f["redirect_url"] = "";
         }
         if (substr($f["redirect_url"], 0, 7) == "http://" || substr($f["redirect_url"], 0, 8) == "https://") {
             $redirect = $f["redirect_url"];
         } else {
             $redirect = WWW_ROOT . str_replace(WWW_ROOT, "", $f["redirect_url"]);
         }
         sqlquery("UPDATE bigtree_404s SET requests = (requests + 1) WHERE id = '" . $f["id"] . "'");
         BigTree::redirect($redirect, "301");
         return false;
     } else {
         header($_SERVER["SERVER_PROTOCOL"] . " 404 Not Found");
         if ($f) {
             sqlquery("UPDATE bigtree_404s SET requests = (requests + 1) WHERE id = '" . $f["id"] . "'");
         } else {
             sqlquery("INSERT INTO bigtree_404s (`broken_url`,`requests`) VALUES ('{$url}','1')");
         }
         define("BIGTREE_DO_NOT_CACHE", true);
         return true;
     }
 }

 static function updatePendingItemField($id, $field, $value)
 {
     $id = sqlescape($id);
     $item = sqlfetch(sqlquery("SELECT * FROM bigtree_pending_changes WHERE id = '{$id}'"));
     $changes = json_decode($item["changes"], true);
     if (is_array($value)) {
         $value = BigTree::translateArray($value);
     }
     $changes[$field] = $value;
     $changes = sqlescape(json_encode($changes));
     sqlquery("UPDATE bigtree_pending_changes SET changes = '{$changes}' WHERE id = '{$id}'");
 }