function dbQuery($query, $show_errors = true, $all_results = true, $show_output = true)
{
if ($show_errors) {
error_reporting(E_ALL);
} else {
error_reporting(E_PARSE);
}
// Connect to the Ingres database management system
$link = ingres_pconnect("testdb", "root", "testpass");
if (!$link) {
die(ingres_error());
}
// Print results in HTML
print "<html><body>\n";
// Print SQL query to test sqlmap '--string' command line option
//print "<b>SQL query:</b> " . $query . "<br>\n";
// Perform SQL injection affected query
//$result = ingres_query($link, $query); // on PECL Ingres > 2
$result = ingres_query($query, $link);
if (!$result) {
if ($show_errors) {
print "<b>SQL error:</b> " . ingres_error() . "<br>\n";
}
exit(1);
}
if (!$show_output) {
exit(1);
}
print "<b>SQL results:</b>\n";
print "<table border=\"1\">\n";
//while ($line = ingres_fetch_assoc($result)) { // on PECL Ingres > 2
while ($line = ingres_fetch_array($result)) {
print "<tr>";
foreach ($line as $col_value) {
print "<td>" . $col_value . "</td>";
}
print "</tr>\n";
if (!$all_results) {
break;
}
}
print "</table>\n";
print "</body></html>";
}
function error()
{
return ingres_error($this->link);
}
function query($sql, $params = array(), $sqltypes = "")
{
/*After a query is send, its result must be fetched BEFORE another query is executed
*If not the result of the first query is destroyed by the second query
*/
$this->Result = ingres_query($this->Connection, $sql, $params, $sqltypes);
if ($this->Result) {
return;
} else {
throw new Exception("Error while sending query:" . $sql . "<br/>Errno: " . ingres_errno() . "<br/>Error: " . ingres_error(), 3);
}
}
