/** * bool parseSqlFile(string $file, string $table = '', bool $drop = true) * * Parses a SQL file * * @param string $file name of the file to parse * @param string $table (optional) name of the table * @param bool $drop (optional) if true, execute a DROP TABLE sentence * @return bool false if an error occurs * @access public */ function parseSqlFile($file, $table = '', $drop = true) { if ($drop && !empty($table)) { $installQ = new Query(); $installQ->captureError(true); $sql = "DROP TABLE IF EXISTS " . $table; $result = $installQ->exec($sql); if ($installQ->isError()) { Error::query($installQ, false); $installQ->clearErrors(); } $installQ->close(); } $text = file_get_contents($file); return $text === false ? false : parseSql($text); }
require_once "../layout/header.php"; echo HTML::section(1, $title); require_once dirname(__FILE__) . "/parse_sql_file.php"; require_once "../lib/Form.php"; require_once "../lib/Check.php"; //Error::debug($_POST); //Error::debug($_FILES); if (isset($_POST['install_file'])) { Form::compareToken('./index.php'); // @fixme gecko browsers (Mozilla 1.7.8) cause to disappear CR/LF (and I don't know why) /*$_POST['sql_query'] = Check::safeText($_POST['sql_query'], false); if (get_magic_quotes_gpc()) { $_POST['sql_query'] = stripslashes($_POST['sql_query']); }*/ if (!parseSql($_POST['sql_query'])) { echo Msg::error(_("Parse failed.")); echo HTML::para(HTML::link(_("Back to installation main page"), $_SERVER['PHP_SELF'])); include_once "../layout/footer.php"; exit; } else { // to prevent ghosts... $_SESSION = array(); session_destroy(); echo Msg::info(_("File installed correctly.")); echo HTML::para(HTML::link(_("Go to OpenClinic"), '../home/index.php')); echo HTML::rule(); } } /** * In Mozilla there no path file, only name and extension. Why? Is it an error?
function innerMsgSend($mass_id) { //$inntype =C('MASS_RECEIVER_TYPE'); $innmess = M('inner_msg')->where("mass_id='{$mass_id}'")->field('msg,title')->find(); $msg = $innmess['msg']; $title = $innmess['title']; $time = time(); $isql = parseSql("INSERT INTO `lzh_inner_msg`(uid,title,msg,send_time,mass_id)(SELECT b.id,'%s','%s','%s','%s' FROM `lzh_members` b WHERE b.is_ban='0')", array($title, $msg, $time, $mass_id)); if ($model = M()->execute($isql)) { return true; } else { return false; } }