function extractTableName($node)
{
//is this a table type or colref/alias?
if (isTable($node)) {
$partCounts = count($node['no_quotes']['parts']);
//a table node
return $node['no_quotes']['parts'][$partCounts - 1];
} else {
if (isColref($node) || isset($node['as'])) {
//if this is a "*" node, as in SELECT * FROM, then the no_quotes part is not present
//and it does not make sense to extract anything anyways
if (!isset($node['no_quotes'])) {
return false;
}
$partCounts = count($node['no_quotes']['parts']);
if ($partCounts > 1) {
return $node['no_quotes']['parts'][$partCounts - 2];
} else {
return false;
}
} else {
//don't know what to do
return false;
}
}
}
Error("DB NAME을 입력하세요", "");
}
// DB에 커넥트 하고 DB NAME으로 select DB
$connect = @mysql_connect($hostname, $user_id, $password) or Error("MySQL-DB Connect<br>Error!!!", "");
if (mysql_error()) {
Error(mysql_error(), "");
}
mysql_select_db($dbname, $connect) or Error("MySQL-DB Select<br>Error!!!", "");
// 관리자 테이블 생성
if (!isTable($admin_table, $dbname)) {
@mysql_query($admin_table_schema, $connect) or Error("관리자 테이블 생성 실패", "");
} else {
$admin_table_exist = 1;
}
// 그룹테이블 생성
if (!isTable($group_table, $dbname)) {
@mysql_query($group_table_schema, $connect) or Error("그룹 테이블 생성 실패", "");
} else {
$group_table_exist = 1;
}
// 회원관리 테이블 생성
if (!istable($member_table, $dbname)) {
@mysql_query($member_table_schema, $connect) or Error("회원관리 테이블 생성 실패", "");
} else {
$member_table_exist = 1;
}
// 쪽지테이블
if (!istable($get_memo_table, $dbname)) {
@mysql_query($get_memo_table_schema, $connect) or Error("받은 쪽지 테이블 생성 실패");
} else {
$get_memo_table_exists = 1;
/**
* @brief Find all the columns in a SQL query and save them in the tableList with the according table
* @param sqlTree SQL query tree
* @param listOfTables list of tables to save the columns to
*
* Find all the columns in a SQL query and save them in the tableList with the according table.
*/
function PHPSQLGroupTablesAndCols($sqlTree, &$listOfTables)
{
$selectTree = $sqlTree['SELECT'];
if (empty($sqlTree['FROM'])) {
return;
}
$fromTree = $sqlTree['FROM'];
foreach ($fromTree as $currTable) {
$table = array();
if (isTable($currTable)) {
$table['name'] = $currTable['table'];
$table['no_quotes'] = $currTable['no_quotes'];
} else {
if (isSubquery($currTable)) {
$table['name'] = "DEPENDENT-SUBQUERY";
$table['expr_type'] = "subquery";
$table['no_quotes'] = false;
} else {
throw new Exception("Unsupported clause in FROM");
}
}
$table['alias'] = $currTable['alias'];
$table['node'] = $currTable;
$table['sel_columns'] = array();
array_push($listOfTables, $table);
}
//put dependant queries at the end of the list
$currIndex = count($listOfTables) - 1;
foreach ($listOfTables as $key => $node) {
if ($node['name'] == 'DEPENDENT-SUBQUERY' && $key < $currIndex) {
$tmpNode = $listOfTables[$currIndex];
$listOfTables[$currIndex] = $node;
$listOfTables[$key] = $tmpNode;
$currIndex--;
}
}
//link the columns with the tables
foreach ($selectTree as $node) {
$columnsInNode = collectNodes($node, "colref");
foreach ($columnsInNode as $column) {
foreach ($listOfTables as &$table) {
if (isColumnInTable($column, $table)) {
array_push($table['sel_columns'], $column);
break;
}
}
}
}
}
/**
* @brief Add all columns to the SELECT tree
* @param sqlTree SQL parser tree node of complete query/subquery
* @param mysqlConn a properly initialised MySQLI/MySQLII connection to the DB
* @param zendAdapter a valid ZEND DB adapter
*
* This function will evaluate the all the tables that need SQL * attribute substitution.
* The database is queried to retrieve a complete list of columns of each table and the
* approperiate SELECT colref nodes are added to the SQL parser tree. The SQL * attribute
* is removed from the sqlTree SELECT node.
*/
function _parseSqlAll_SELECT(&$sqlTree, $mysqlConn = false, $zendAdapter = false)
{
if (!is_array($sqlTree) || !array_key_exists('SELECT', $sqlTree)) {
return;
}
$table = false;
$selectCpy = $sqlTree['SELECT'];
$sqlTree['SELECT'] = array();
foreach ($selectCpy as &$node) {
if (strpos($node['base_expr'], "*") !== false && $node['sub_tree'] === false) {
//we have found an all operator and need to find the corresponding
//table to look things up
$tableFullName = false;
$dbName = extractDbName($node);
$tableName = extractTableName($node);
$colName = extractColumnName($node);
if ($dbName !== false) {
$tableFullName = "`" . $dbName . "`.`" . $tableName . "`";
} else {
if ($tableName !== false) {
$tableFullName = "`" . $tableName . "`";
}
}
$table = array();
$alias = array();
if ($tableFullName === false) {
//add everything *ed from all tables to this query
foreach ($sqlTree['FROM'] as $fromNode) {
if (isTable($fromNode)) {
$table[] = $fromNode['table'];
if (!hasAlias($fromNode)) {
$alias[] = $fromNode['table'];
} else {
$alias[] = $fromNode['alias']['name'];
}
} else {
if (isSubquery($fromNode)) {
//handle subqueries...
_parseSqlAll_linkSubquerySELECT($fromNode['sub_tree'], $sqlTree, $fromNode['alias']['name']);
}
}
}
} else {
foreach ($sqlTree['FROM'] as $fromNode) {
//it could be, that the table here is actually another aliased table (which should
//have been processed here already, since SELECT is called last) -> link to tree
if (isTable($fromNode)) {
if (hasAlias($fromNode)) {
if (trim($fromNode['alias']['name'], "`") === $tableName) {
$table[] = $fromNode['table'];
break;
}
} else {
if ($fromNode['table'] === $tableFullName) {
$table[] = $fromNode['table'];
break;
}
}
} else {
if (isSubquery($fromNode)) {
if (trim($fromNode['alias']['name'], "`") === $tableName) {
_parseSqlAll_linkSubquerySELECT($fromNode['sub_tree'], $sqlTree, $tableName);
continue 2;
}
}
}
}
$alias[] = $tableFullName;
}
if (empty($table)) {
continue;
}
//now that we know the table, we need to look up what is in there
foreach (array_keys($table) as $key) {
if ($mysqlConn !== false) {
_parseSqlAll_getColsMysqlii($sqlTree, $node, $mysqlConn, $table[$key], $alias[$key]);
}
if ($zendAdapter !== false) {
_parseSqlAll_getColsZend($sqlTree, $node, $zendAdapter, $table[$key], $alias[$key]);
}
}
} else {
array_push($sqlTree['SELECT'], $node);
}
}
}
<?php
if (!isTable('users') && $bRegLogin) {
debug('There is not user database.');
}
if (!empty($_GET['logout'])) {
if ($_GET['logout'] == "true") {
logout();
}
}
if (!$bRegLogin && !isLoggedIn()) {
$_SESSION['user'] = '******';
$_SESSION['admin'] = true;
}
//If you are not logged in it will take you to the login page.
requireLogin();
function login($email, $password)
{
$sql = "SELECT * FROM users WHERE use_email = '" . $email . "' AND use_password = '******' AND use_active = 1";
debug('User SQL: ' . $sql);
$results = mysql_query($sql) or debug('Query failed: ' . mysql_error());
if (mysql_num_rows($results) == 1) {
while ($rs = mysql_fetch_assoc($results)) {
$_SESSION['user'] = $rs['use_name'];
$_SESSION['admin'] = $rs['use_admin'];
success('You have successfuly logged in as "' . $rs['use_name'] . '"');
}
return true;
} else {
error('Your login is invalid, please try again.');
return false;
session_start();
echo "1";
include './conf/db_info.php';
echo "2";
include './conf/db/' . $DB[kind] . '.php';
echo "3";
include './lib/init_check.php';
echo "4";
include './bbs/lib/static/bbs_check.php';
echo "5";
$DB_CONNECT = isConnectDb($DB[host], $DB[user], $DB[pass]);
echo "6";
$DB_USEMYDB = isSelecteDb($DB[name], $DB_CONNECT);
echo "7";
if (!isTable($table)) {
putErrPage(getErrorMsg(2));
}
echo "8";
if (!$DB_CONNECT) {
putErrPage(getErrorMsg(0));
}
echo "9";
if (!$DB_USEMYDB) {
putErrPage(getErrorMsg(1));
}
echo "10";
include './conf/root_info.php';
echo "11";
include './conf/member_info.php';
echo "12";
