/**
* Enter description here...
*
* @param string $sql
* @param array $fields
* @return boolean
*/
function executeQuery($sql, $fields = array())
{
//if(substr_count($sql,'#')!=count($fields))
//return false;
if (count($fields) > 0) {
$sql = $this->makeQuery($sql, $fields);
}
// Security::makeQuery();
$i = 0;
$this->rs = mysql_query($sql);
$this->sql = $sql;
$this->insertid = mysql_insert_id();
if (is_resource($this->rs)) {
$this->totrows = mysql_num_rows($this->rs);
}
if (!mysql_affected_rows() || $this->totrows < 1) {
return false;
} else {
while ($fetch = mysql_fetch_array($this->rs)) {
$this->records[$i++] = $fetch;
}
for ($i = 0; $i < count($this->records); $i++) {
foreach ($this->records[$i] as $key => $item) {
if (is_numeric($key)) {
unset($this->records[$i][$key]);
}
}
}
return true;
}
}
public function getAffectedRows()
{
if (!$this->_affected_rows) {
$this->_affected_rows = mysql_affected_rows($this->_link);
}
return $this->_affected_rows;
}
function sql_command($sql)
{
if (mysql_query($sql)) {
return mysql_affected_rows();
}
return -1;
}
function SqlExecOrDie($con, $sql)
{
if (!mysql_query($sql, $con)) {
die("Invalid query: " . mysql_error($con) . "\n{$sql}");
}
return mysql_affected_rows($con);
}
function cancel_order($orderid, $uid)
{
// cancel an order
$query = "\n UPDATE orderbook\n SET status='CANCEL'\n WHERE\n orderid='{$orderid}'\n AND uid='{$uid}'\n AND status='OPEN'\n ";
do_query($query);
if (mysql_affected_rows() != 1) {
if (mysql_affected_rows() > 1) {
throw new Error('Serious...', 'More rows updated than should be. Contact the sysadmin ASAP.');
} else {
if (mysql_affected_rows() == 0) {
throw new Problem(_('Cannot...'), _('Your order got bought up before you were able to cancel.'));
} else {
throw new Error('Serious...', 'Internal error. Contact sysadmin ASAP.');
}
}
}
// Refetch order in case something has happened.
$info = fetch_order_info($orderid);
if ($uid != $info->uid) {
throw new Error('Permission...', '... Denied! Now GTFO.');
}
add_funds($info->uid, $info->amount, $info->type);
// these records indicate returned funds.
create_record($orderid, $info->amount, 0, 0, -1, 0);
addlog(LOG_RESULT, " cancelled order {$orderid}");
}
function retrieve_messages()
{
global $dbc;
$query = "select m.subject, m.message_txt, u.username, m.date, m.parent_id, m.user_id, m.mess_block, m.topic_id, m.user_id from message AS m, users AS u where (m.user_id = u.user_id) order by m.mess_block, m.date;";
$result = mysql_query($query) or trigger_error("An Error Happened");
if (mysql_affected_rows() > 0) {
$tagSwitch = FALSE;
while ($messages = mysql_fetch_array($result, MYSQLI_ASSOC)) {
if ($messages['parent_id'] == 0) {
$tagSwitch ? print '</div>' : (print '<div class="commentBox">');
$tagSwitch = !$tagSwitch;
echo "<p><h3>{$messages['subject']}</h3></p>";
echo "<p>{$messages['message_txt']}</p>";
echo "<br />via: {$messages['username']} <a href='#' class='getComments'>Comments</a><hr />";
echo "<div class='comments'>";
echo "<form id='theForm'>";
echo "<textarea name='comment' class='comment' cols=60 rows=10>Enter Comment...</textarea><br />";
echo "<input type=hidden name='username' value={$messages['username']}>";
echo "<input type=hidden name='subject' value={$messages['subject']}>";
echo "<input type=hidden name='parent_id' value=1>";
echo "<input type=hidden name='mess_block' value={$messages['mess_block']}>";
echo "<input type=hidden name='token_id' value={$_SESSION['token_id']}>";
echo "<input type=hidden name='topic_id' value={$messages['topic_id']}>";
echo "<input type=hidden name='user_id' value={$messages['user_id']}>";
echo "<button type='button' id='oneButton'>Post Comment</button></form></div>";
} else {
echo "<div class='comments'>";
echo "{$messages['message_txt']}<br />";
echo "via: {$messages['username']}<br /><hr />";
echo "</div>";
}
}
}
}
function mysql_modified_rows($conn)
{
$info_str = mysql_info($conn);
$a_rows = mysql_affected_rows();
ereg("Rows matched: ([0-9]*)", $info_str, $r_matched);
return $a_rows < 1 ? $r_matched[1] ? $r_matched[1] : 0 : $a_rows;
}
function writeFile($path)
{
global $karyawanid;
global $conn;
global $dbname;
$dir = $path;
$ext = split('[.]', basename($_FILES['photo']['name']));
$ext = $ext[count($ext) - 1];
$ext = strtolower($ext);
if ($ext == 'jpg' or $ext == 'jpeg' or $ext == 'gif' or $ext == 'png' or $ext == 'bmp') {
$path = $dir . "/" . $karyawanid . "." . $ext;
//remove if exist;
//write to a file
try {
if (move_uploaded_file($_FILES['photo']['tmp_name'], $path)) {
$str = "update " . $dbname . ".datakaryawan set photo='" . $path . "'\r\n\t\t\t\t where karyawanid=" . $karyawanid;
mysql_query($str);
//echo mysql_error($conn);
if (mysql_affected_rows($conn) > 0) {
echo "<script>\r\n\t\t\t\t\tparent.document.getElementById('displayphoto').removeAttribute('src');\r\n\t\t\t\t\tparent.document.getElementById('displayphoto').setAttribute('src','" . $path . "');\r\n\t\t\t\t\t//parent.document.getElementById('displayphoto').getAttribute('src').value;\r\n\t\t\t\t\t</script>";
}
chmod($path, 0775);
}
} catch (Exception $e) {
echo "<script>alert(\"Error Writing File" . addslashes($e->getMessage()) . "\");</script>";
}
} else {
echo "<script>alert('Filetype not support');</script>";
}
}
function getdata($id = 0)
{
global $str;
$res = mysql_query('select id,zwname,pid,path,`desc` from ' . $this->table . ' where pid=' . $id . ' and state=0 ');
if ($res && mysql_affected_rows()) {
$str .= '<ul class="lu" >';
while ($row = mysql_fetch_array($res)) {
if ($row['pid'] == 0 && $row['path'] == 0) {
$this->person[$row['zwname']][] = $this->getOT($row['zwname']);
}
$sql = 'select * from ' . $this->table . ' where path="' . ($row['path'] . ',' . $row['id'] . '"');
if (mysql_num_rows(mysql_query($sql))) {
$this->dep[] = $row;
$str .= <<<cd
\t\t\t\t\t<li class='afl' onclick="listu(this)" ondblclick="chat({$row['zwname']})" path="{$row['path']}" desc="{$row['desc']}" myinner="{$row['zwname']}" sid="{$row['id']}" onmousedown="fun(this)"><input class="ltclasscheckbox" type="checkbox">{$row['zwname']} <span style="display:none" class="btns"><button class="select_daily_list" depname="{$row['zwname']}">查看报表</button><button class="input_daily_job" depname="{$row['zwname']}">日常工作</button></span></li>
cd;
$this->getdata($row['id']);
} else {
$str .= <<<cd
\t\t\t\t\t<li class='afl' onclick="listu(this)" ondblclick="chat({$row['zwname']})" path="{$row['path']}" desc="{$row['desc']}" myinner="{$row['zwname']}" sid="{$row['id']}" onmousedown="fun(this)"><input class="ltclasscheckbox" type="checkbox">{$row['zwname']} </li>
cd;
}
}
$str .= '</ul>';
}
$result = array();
$result['tree'] = $str;
$result['dep'] = $this->dep;
$result['person'] = $this->person;
return $result;
}
function fof_db_query($sql, $live = 0)
{
global $fof_connection;
list($usec, $sec) = explode(" ", microtime());
$t1 = (double) $sec + (double) $usec;
$result = mysql_query($sql, $fof_connection);
if (is_resource($result)) {
$num = mysql_num_rows($result);
}
if ($result) {
$affected = mysql_affected_rows();
}
list($usec, $sec) = explode(" ", microtime());
$t2 = (double) $sec + (double) $usec;
$elapsed = $t2 - $t1;
$logmessage = sprintf("%.3f: [%s] (%d / %d)", $elapsed, $sql, $num, $affected);
fof_log($logmessage, "query");
if ($live) {
return $result;
} else {
if (mysql_errno()) {
//echo "<pre>";
//print_r(debug_backtrace());
//echo "</pre>";
die("Cannot query database. Have you run <a href=\"install.php\"><code>install.php</code></a> to create or upgrade your installation? MySQL says: <b>" . mysql_error() . "</b>");
}
return $result;
}
}
public function countAffectedRows()
{
if (!($rows = mysql_affected_rows($this->mysql->conId))) {
throw new Exception('Error counting affected rows');
}
return $rows;
}
function update_poll()
{
global $INSTALLER09, $CURUSER, $mc1;
$total_votes = 0;
if (!isset($_POST['pid']) or !is_valid_id($_POST['pid'])) {
stderr('USER ERROR', 'There is no poll with that ID!');
}
$pid = intval($_POST['pid']);
if (!isset($_POST['poll_question']) or empty($_POST['poll_question'])) {
stderr('USER ERROR', 'There is no title defined!');
}
$poll_title = sqlesc(htmlspecialchars(strip_tags($_POST['poll_question']), ENT_QUOTES));
//get the main crux of the poll data
$poll_data = makepoll();
$total_votes = isset($poll_data['total_votes']) ? intval($poll_data['total_votes']) : 0;
unset($poll_data['total_votes']);
if (!is_array($poll_data) or !count($poll_data)) {
stderr('SYSTEM ERROR', 'There was no data sent');
}
//all ok, serialize
$poll_data = sqlesc(serialize($poll_data));
$username = sqlesc($CURUSER['username']);
@sql_query("UPDATE polls SET choices={$poll_data}, starter_id={$CURUSER['id']}, starter_name={$username}, votes={$total_votes}, poll_question={$poll_title} WHERE pid={$pid}") or sqlerr(__FILE__, __LINE__);
$mc1->delete_value('poll_data_' . $CURUSER['id']);
if (-1 == mysql_affected_rows()) {
$msg = "<h2>An Error Occured!</h2>\r\n <a href='javascript:history.back()' title='Go back and fix the error' style='color:green;font-weight:bold'><span class='btn' style='padding:3px;'><img style='vertical-align:middle;' src='{$INSTALLER09['pic_base_url']}/polls/p_delete.gif' alt='Go Back' />Go Back</span></a>";
} else {
$msg = "<h2>Groovy, everything went hunky dory!</h2>\r\n <a href='staffpanel.php?tool=polls_manager&action=polls_manager' title='Return to Polls Manager' style='color:green;font-weight:bold'><span class='btn' style='padding:3px;'><img style='vertical-align:middle;' src='{$INSTALLER09['pic_base_url']}/polls/p_tick.gif' alt='Success' />Success</span></a>";
}
echo stdhead('Poll Manager::Add New Poll') . $msg . stdfoot();
}
function pg_editPegawai($id, $nama, $jk, $tgllhr, $jabatan, $notelp, $idkc, $password, $idrutepeg)
{
if (!empty($password)) {
$query = sprintf("UPDATE pegawai SET nama='%s',jk='%s',tgllahir='%s',jabatan='%s',notelp='%s',idkantorcabang='%s',password='******' WHERE id='%s'", mysql_real_escape_string($nama), mysql_real_escape_string($jk), mysql_real_escape_string($tgllhr), mysql_real_escape_string($jabatan), mysql_real_escape_string($notelp), mysql_real_escape_string($idkc), md5(mysql_real_escape_string($password)), mysql_real_escape_string($id));
} else {
$query = sprintf("UPDATE pegawai SET nama='%s',jk='%s',tgllahir='%s',jabatan='%s',notelp='%s',idkantorcabang='%s' WHERE id='%s'", mysql_real_escape_string($nama), mysql_real_escape_string($jk), mysql_real_escape_string($tgllhr), mysql_real_escape_string($jabatan), mysql_real_escape_string($notelp), mysql_real_escape_string($idkc), mysql_real_escape_string($id));
}
$result = mysql_query($query);
if (!$result) {
return false;
} else {
if ($jabatan == 'peg. pengiriman') {
$query = sprintf("UPDATE detailpegpengiriman SET idrute='%s' WHERE id='%s'", mysql_real_escape_string($idrutepeg), mysql_real_escape_string($id));
$result = mysql_query($query);
$jml = mysql_affected_rows($GLOBALS["link"]);
if (!$result) {
return false;
}
if ($jml == 0) {
$query = sprintf("INSERT INTO detailpegpengiriman values('%s',%s,NULL)", mysql_real_escape_string($id), mysql_real_escape_string($idrutepeg));
$result = mysql_query($query);
if (!$result && mysql_errno() != 1062) {
return false;
}
}
return true;
} else {
return true;
}
}
}
/**
* Database void query
* @param $sql
* @param $debug
* @param $zero_affected
*/
function database_void_query($sql, $debug = false, $zero_affected = true)
{
$result = mysql_query($sql);
if ($debug == true) {
echo $sql . ' - ' . mysql_error();
}
$affected_rows = mysql_affected_rows();
if (preg_match('/update /i', $sql)) {
if ($zero_affected && $affected_rows >= 0) {
return true;
}
if (!$zero_affected && $affected_rows > 0) {
return true;
}
} else {
if (preg_match('/drop t/i', $sql)) {
if ($affected_rows >= 0) {
return true;
}
} else {
if (preg_match('/create t/i', $sql)) {
if ($affected_rows >= 0) {
return true;
}
} else {
if ($affected_rows > 0) {
return true;
}
}
}
}
return false;
}
function update($sql)
{
$result = $this->execute($sql, $dbbase);
$this->affected_rows = mysql_affected_rows($this->dbLink);
$this->free_result($result);
return $this->affected_rows;
}
function klan_akceptuj_podanie($gracz, $id)
{
//zabezpiecz zmienne
$id = (int) $id;
//jeżeli gracz nie jest w klanie to nie może nic usunąć
if ($gracz['id_klanu'] == 0) {
$msg = "nie jesteś w klanie";
} else {
//sprawdź rangę gracza w klanie
$ranga = mysql_fetch_array(mysql_query("select status from tribal_klany_gracze where gracz_id = " . $gracz['gracz'] . " and klan_id = " . $gracz['id_klanu'] . " limit 1"));
$ranga = $ranga[0];
//jeżeli to nie mistrz klanu to nie może usunąć nic
if ($ranga == 1) {
$msg = "nie jesteś mistrzem klanu ani jego zastępcą";
} else {
//pobierz dane podania
$podanie = mysql_fetch_array(mysql_query("select * from tribal_klany_gracze where id = " . $id));
//akceptuj podanie
mysql_query("update tribal_klany_gracze set status = 1 where id = " . $id . " and klan_id = " . $gracz['id_klanu'] . " and status = 0");
if (mysql_affected_rows() == 0) {
$msg = "nie ma takiego podania";
} else {
//na wszelki wypadek usuń pozostałe podania gracza
mysql_query("delete from tribal_klany_gracze where gracz_id = " . $podanie['gracz_id'] . " and status = 0");
mysql_query("update tribal_gracze set id_klanu = " . $gracz['id_klanu'] . " where gracz = " . $podanie['gracz_id']);
$msg = "zaakceptowano podanie";
}
}
}
return $msg;
}
public function delete()
{
if (!empty($_POST['del'])) {
// Nuke departments..
mysql_query("DELETE FROM `" . DB_PREFIX . "departments`\n WHERE `id` IN(" . implode(',', $_POST['del']) . ")\n\t") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
$rows = mysql_affected_rows();
// Nuke user department association..
mysql_query("DELETE FROM `" . DB_PREFIX . "userdepts`\n WHERE `deptID` IN(" . implode(',', $_POST['del']) . ")\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
if (mswRowCount('departments') == 0) {
@mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "departments`");
}
if (mswRowCount('userdepts') == 0) {
@mysql_query("TRUNCATE TABLE `" . DB_PREFIX . "userdepts`");
}
// Rebuild order sequence..
$seq = 0;
$q = mysql_query("SELECT `id` FROM `" . DB_PREFIX . "departments` ORDER BY `orderBy`");
while ($RB = mysql_fetch_object($q)) {
$n = ++$seq;
mysql_query("UPDATE `" . DB_PREFIX . "departments` SET\n\t `orderBy` = '{$n}'\n WHERE `id` = '{$RB->id}'\n ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__));
}
return $rows;
}
return '0';
}
public function create($username, $email, $password, $sendConfirmation = true, $group = USER_GROUP_DEFAULT_SIGNUP)
{
global $sDB, $sTemplate;
$salt = salt();
$passwordHash = crypt($password, '$6$rounds=5000$' . $salt . '$');
$dateAdded = time();
$sDB->execUsers("INSERT INTO `users` (`userId`, `userName`, `email`, `group`, `password`, `salt`, `dateAdded`) VALUES\n (NULL, '" . mysql_real_escape_string($username) . "', '" . mysql_real_escape_string($email) . "', '" . i($group) . "', '" . mysql_real_escape_string($passwordHash) . "', '" . mysql_real_escape_string($salt) . "', '" . i($dateAdded) . "');");
if (mysql_affected_rows()) {
$this->userId = mysql_insert_id();
$this->userName = $username;
$this->email = $email;
$this->password = $passwordHash;
$this->salt = $salt;
$this->dateAdded = $dateAdded;
$this->group = $group;
if ($sendConfirmation) {
$confirmationCode = md5(time());
$confirmationLink = $sTemplate->getRoot() . "confirmation.php?userId=" . $this->userId . "&confirmationCode=" . $confirmationCode;
$this->addConfirmationCode("CONFIRMATION_TYPE_EMAIL", $confirmationCode);
$subject = $sTemplate->getString("SIGNUP_CONFIRMATION_EMAIL_SUBJECT");
$message = $sTemplate->getString("SIGNUP_CONFIRMATION_EMAIL_BODY", array("[USERNAME]", "[PASSWORD]", "[CONFIRMATION_LINK]"), array($this->userName, $password, $confirmationLink));
$mail = new HTMLMail($this->email, $this->email, SENDMAIL_FROM_NAME, SENDMAIL_FROM);
$mail->buildMessage($subject, $message);
$mail->sendmail();
}
return true;
} else {
return false;
}
}
function do_dbwrite($sql, $verb, $expected_rows = 1, $link = NULL)
{
if ($link == NULL) {
$link = get_dblink();
}
if ($link == NULL) {
return false;
}
write_debug("SQL {$verb}: [{$sql}]");
$rc = mysql_query($sql, $link);
if ($rc == false) {
$err = mysql_error();
$upperverb = strtoupper($verb);
write_error("Problem in {$upperverb} statement: {$err}");
return false;
}
// if
$retval = mysql_affected_rows($link);
if ($expected_rows >= 0 and $retval != $expected_rows) {
$err = mysql_error();
write_error("Database {$verb} error: {$err}");
}
// if
return $retval;
}
function SiteCreator_css(&$smarty, $form = false)
{
$mysql = new MYSQL($smarty);
$tabela = $smarty->cfg['prefix'] . 'bilder_site';
$mysql->SqlSelect("SELECT ID_SITE FROM {$tabela} WHERE site_dominio = '{$form['site_dominio']}'", __FILE__, __LINE__);
if (mysql_affected_rows() > 0) {
return $smarty->getFinishError('sitecreator_erro_01', array("", " - " . htmlspecialchars($this->form['site_dominio'])));
}
switch ($form['action']) {
case "selectcss":
$smarty->assign('ID_CSSCLASS', $form['ID_CSSCLASS']);
return $smarty->fetch($smarty->modulo_dir . "select_css.tpl");
break;
default:
$form['ID_MEMBER'] = $smarty->perfil['ID_MEMBER'];
$sql = $mysql->SqlInsert($tabela, $form);
$mysql->SqlSelect($sql, __FILE__, __LINE__);
$idde = mysql_insert_id();
$cam = './sites/' . $idde;
//$cam = './sites/21';
$site = new SiteCreator();
$site->CopyDefultSite($cam);
$site->createCfgfile($cam, array('ID_SITE' => $idde));
$site->CopyCss($form['ID_CSS'], $cam);
$site->createTemplates($cam, $form['site_pages']);
unset($_POST);
unset($_GET);
return $smarty->getFinish('sitecreator_sucesso_01');
break;
}
}
/**
* Authentifie le numéro de troll et un mot de pas hashé contre la base de donnée, et positionne les variables de
* session en conséquence.
* @return true si l'authentification a réussie
* @return false si elle a échouée (mot de passe incorrecte ou troll inexistant)
*/
function userLogin($numTroll, $md5pass)
{
global $db_vue_rm;
// On regarde si le troll existe dans la base de données
$sql = "SELECT pass_outils_troll, guilde_troll, nom_troll";
$sql .= " FROM trolls WHERE id_troll={$numTroll}";
$result = mysql_query($sql, $db_vue_rm);
if ($result == false) {
return false;
}
list($DBmd5pass, $DBAuthGuilde, $DBNomTroll) = mysql_fetch_array($result);
if (mysql_affected_rows() > 0 && $DBmd5pass != "" && $DBmd5pass == $md5pass) {
$_SESSION['AuthTroll'] = $numTroll;
$_SESSION['Auth'] = $md5pass;
$_SESSION['AuthGuilde'] = $DBAuthGuilde;
$_SESSION['AuthNomTroll'] = $DBNomTroll;
if (userIsGuilde() || userIsGroupSpec()) {
// Controle de l'administrateur
// Remplis la variable de session
if (isDbAdministration()) {
$_SESSION['admin'] = "authenticated";
} else {
$_SESSION['admin'] = "notauthorized";
}
$_SESSION['Status'] = "authentified";
setcookie("cookie_id_troll", $_SESSION['AuthTroll'], time() + 31536000);
// on garde le cookie 1 an
enregistre_connection($_SESSION['AuthTroll']);
return true;
}
}
return false;
}
function getBugs($type = 'all')
{
/**
* @param string $type [all|tm|empresa] para que entregue el listado de bugs por cada tipo
*/
switch ($type) {
case 'tm':
$query = "SELECT * FROM bugs, tm\n WHERE idTM = tm_idTM\n ORDER BY fecha DESC;";
break;
case 'empresa':
$query = 'SELECT * FROM bugs, empresa
WHERE idEmpresa = empresa_idEmpresa
ORDER BY fecha DESC';
break;
case 'all':
$query = 'SELECT * FROM bugs';
}
$res = mysql_query($query) or die(mysql_error());
if (mysql_affected_rows() >= 1) {
while ($row = mysql_fetch_assoc($res)) {
$result[] = $row;
}
//while
} else {
$result = false;
}
return $result;
}
public function query($query = "")
{
try {
$results = array();
$queryString = trim($query);
$explodedQuery = explode(' ', $queryString);
$queryFirstWord = strtoupper(trim($explodedQuery[0]));
$response = mysql_query($queryString, $this->databaseConnection);
if ($response) {
if (is_resource($response)) {
while ($row = mysql_fetch_assoc($response)) {
$results[] = $row;
}
}
switch ($queryFirstWord) {
case "DELETE":
case "UPDATE":
return mysql_affected_rows();
break;
case "INSERT":
return mysql_insert_id();
break;
default:
return $results;
break;
}
} else {
return mysql_error();
}
} catch (Exception $error) {
echo 'Caught exception: ', $error->getMessage(), "\n";
}
}
/**
* Method to send SQL query
*
* @param resource $res_conn
* @return void
*/
private function sendQuery($res_conn)
{
// checking query type
// if the query return recordset or not
if (preg_match("/^SELECT|DESCRIBE|SHOW|EXPLAIN\\s/i", $this->sql_string)) {
$this->res_result = @mysql_query($this->sql_string, $res_conn);
// error checking
if (!$this->res_result) {
$this->error = 'Query (' . $this->sql_string . ") failed to executed. Please check your query again \n" . mysql_error($res_conn);
$this->errno = mysql_errno($res_conn);
} else {
// count number of rows
$this->num_rows = @mysql_num_rows($this->res_result);
$this->field_count = @mysql_num_fields($this->res_result);
}
} else {
$query = @mysql_query($this->sql_string, $res_conn);
$this->insert_id = @mysql_insert_id($res_conn);
// error checking
if (!$query) {
$this->error = 'Query (' . $this->sql_string . ") failed to executed. Please check your query again \n" . mysql_error($res_conn);
$this->errno = mysql_errno($res_conn);
} else {
// get number of affected row
$this->affected_rows = @mysql_affected_rows($res_conn);
}
// nullify query
$query = null;
}
}
public function processQuery($sql, $type = NULL)
{
$query_start = microtime(true);
$result = mysql_query($sql, $this->db);
$query_end = microtime(true);
$this->log($sql, $query_end - $query_start);
$this->checkForError();
$data = array();
if (is_resource($result)) {
$resultType = MYSQL_NUM;
if ($type == 'assoc') {
$resultType = MYSQL_ASSOC;
}
while ($row = mysql_fetch_array($result, $resultType)) {
if (mysql_affected_rows($this->db) > 1) {
array_push($data, $row);
} else {
$data = $row;
}
}
mysql_free_result($result);
} else {
if ($result) {
$data = mysql_insert_id($this->db);
}
}
return $data;
}
public function affected_rows($result = null)
{
if ($result == null) {
$result = $this->last_result;
}
return @mysql_affected_rows($result);
}
/** Scan files/ directory for new files
* @cron period: 1h
*/
function cronjob_files_discover()
{
$ret = array('new' => 0, 'updated' => 0, 'removed' => 0);
# Search for new files or updates
if (file_exists($files_dir = 'files/')) {
foreach (scandir($files_dir) as $file) {
if ($file[0] != '.' && strtolower(strrchr($file, '.')) == '.exe') {
$q_data = array('file' => $file, 'hash' => md5_file("{$files_dir}/{$file}"), 'time' => time());
# try to add a new file (rely on the PK)
mysql_query(mkquery('INSERT INTO `exe_updates` SET `file`={s:file}, `hash`={s:hash}, `ctime`={i:time}, `mtime`={i:time};', $q_data));
if (mysql_affected_rows() > 0) {
$ret['new']++;
}
# try to update mtime & hash of an existing file
mysql_query(mkquery('UPDATE `exe_updates` SET `mtime`={i:time}, `hash`={s:hash}, `scan_date`=0, `scan_threat`=0, `scan_count`=0 WHERE `file`={s:file} AND `hash`<>{s:hash};', $q_data));
if (mysql_affected_rows() > 0) {
$ret['updated']++;
}
}
}
}
# Remove missing files
$res = mysql_q(mkquery('SELECT `id`, `file`, `mtime` FROM `exe_updates` WHERE `scan_date` < {i:date};', array('date' => time() - 60 * 60 * 20)));
while ($res && !is_bool($exe = mysql_fetch_assoc($res))) {
if (!file_exists('files/' . $exe['file'])) {
if (time() - $exe['mtime'] > 60 * 60 * 24) {
mysql_q(mkquery('DELETE FROM `exe_updates` WHERE `id`={i:id}', $exe));
$ret['removed']++;
}
continue;
}
}
return $ret;
}
function ExeSql($sql)
{
//执行SQL语句$sql为接受的查询语句
$this->Result = mysql_query($sql);
$this->row = mysql_affected_rows();
return $this->Result;
}
/**
* 删除记录
* @param string $table
* @param string $where
* @return number
*/
function delete($table,$where=null){
$where=$where==null?null:" where ".$where;
$sql="delete from {$table} {$where}";
mysql_query($sql);
//echo $sql;
return mysql_affected_rows();
}
public function del($id)
{
$id = (int) $id;
$sql = "delete from {$this->_name} where id=" . $id;
$this->query($sql);
return mysql_affected_rows();
}