/**
* Connects to mysql server
*/
function sql_connect()
{
global $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DATABASE, $MYSQL_CONN;
$MYSQL_CONN = @mysql_connect($MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD) or startUpError('<p>Could not connect to MySQL database.</p>', 'Connect Error');
mysql_select_db($MYSQL_DATABASE) or startUpError('<p>Could not select database: ' . mysql_error() . '</p>', 'Connect Error');
// <add for garble measure>
if (defined(_CHARSET)) {
$charset = _CHARSET;
} else {
$resource = sql_query("show variables LIKE 'character_set_database'");
$fetchDat = sql_fetch_assoc($resource);
$charset = $fetchDat['Value'];
// in trouble of encoding,uncomment the following line.
// $charset = "ujis";
// $charset = "utf8";
}
sql_set_charset_jp($charset);
// </add for garble measure>*/
return $MYSQL_CONN;
}
* of the License, or (at your option) any later version.
* (see nucleus/documentation/index.html#license for more info)
*/
/**
* @license http://nucleuscms.org/license.txt GNU General Public License
* @copyright Copyright (C) 2002-2011 The Nucleus Group
* @version $Id: mysql.php 1131 2011-02-01 06:19:31Z sakamocchi $
* @version $NucleusJP: mysql.php,v 1.2 2006/07/20 08:01:52 kimitake Exp $
*/
/*
* if no mysql_* functions exist, define wrappers
*/
$MYSQL_CONN = 0;
if (!function_exists('mysql_query')) {
if (!function_exists('mysqli_query') && function_exists('startUpError')) {
startUpError(_NO_SUITABLE_MYSQL_LIBRARY);
}
function mysql_query($query)
{
global $MYSQL_CONN;
return mysqli_query($MYSQL_CONN, $query);
}
function mysql_fetch_object($res)
{
return mysqli_fetch_object($res);
}
function mysql_fetch_array($res)
{
return mysqli_fetch_array($res);
}
function mysql_fetch_assoc($res)
function encoding_check($val, $key, $encoding = false, $exclude = false)
{
/*
When 3rd argument is set, return if checked already.
When 4th argument is set, set the excluded key(s).
*/
static $search = false, $checked = array(), $excludes = array();
if ($exclude !== false) {
if (is_array($exclude)) {
foreach ($exclude as $v) {
$excludes[$v] = true;
}
} else {
$excludes[$exclude] = true;
}
return;
}
if ($encoding !== false) {
switch ($encoding = strtolower($encoding)) {
case 'utf-8':
$search = '/([\\x00-\\x7F]+' . '|[\\xC2-\\xDF][\\x80-\\xBF]' . '|[\\xE0-\\xEF][\\x80-\\xBF][\\x80-\\xBF]' . '|[\\xF0-\\xF7][\\x80-\\xBF][\\x80-\\xBF][\\x80-\\xBF]' . '|[\\xF8-\\xFB][\\x80-\\xBF][\\x80-\\xBF][\\x80-\\xBF][\\x80-\\xBF]' . '|[\\xFC-\\xFD][\\x80-\\xBF][\\x80-\\xBF][\\x80-\\xBF][\\x80-\\xBF][\\x80-\\xBF])/';
break;
case 'euc-jp':
$search = '/([\\x00-\\x7F]+' . '|[\\x8E][\\xA0-\\xDF]' . '|[\\x8F]?[\\xA1-\\xFE][\\xA1-\\xFE])/';
break;
case 'gb2312':
$search = '/([\\x00-\\x7F]+' . '|[\\xA1-\\xF7][\\xA1-\\xFE])/';
break;
case 'shift_jis':
// Note that shift_jis is only supported for output.
// Using shift_jis in DB is prohibited.
$search = '/([\\x00-\\x7F\\xA1-\\xDF]+' . '|[\\x81-\\x9F\\xE0-\\xFC][\\x40-\\xFC])/';
break;
default:
$search = false;
if (preg_match('/^iso\\-8859\\-[0-9]{1,2}$/', $encoding)) {
break;
}
if (preg_match('/^windows\\-125[0-8]$/', $encoding)) {
break;
}
startUpError('<p>Unknown or non-supported encoding.</p>', 'Encoding Error');
exit;
}
if (isset($checked[$encoding])) {
return true;
}
// Already checked.
$checked[$encoding] = true;
}
if ($key === false) {
return false;
}
// Not yet checked.
if ($search === false) {
return true;
}
// non-multibyte encoding
if (isset($excludes[$key])) {
return true;
}
// This key isn't checked.
if (is_array($val)) {
array_walk($val, 'encoding_check');
} else {
$result = preg_replace($search, '', $val);
if (strlen($result) != 0) {
startUpError('<p>Invalid input.</p>', 'Input Error');
exit;
}
}
$result = preg_replace($search, '', $key);
if (strlen($result) != 0) {
startUpError('<p>Invalid input.</p>', 'Input Error');
exit;
}
return true;
}
// include the admin code
require_once '../config.php';
if ($CONF['alertOnSecurityRisk'] == 1) {
// check if files exist and generate an error if so
$aFiles = array('../install' => _ERRORS_INSTALLDIR, 'upgrades' => _ERRORS_UPGRADESDIR, 'convert' => _ERRORS_CONVERTDIR);
$aFound = array();
foreach ($aFiles as $fileName => $fileDesc) {
if (@file_exists($fileName)) {
array_push($aFound, $fileDesc);
}
}
if (@is_writable('../config.php')) {
array_push($aFound, _ERRORS_CONFIGPHP);
}
if (sizeof($aFound) > 0) {
startUpError(_ERRORS_STARTUPERROR1 . implode($aFound, '</li><li>') . _ERRORS_STARTUPERROR2, _ERRORS_STARTUPERROR3);
}
}
$bNeedsLogin = false;
$bIsActivation = in_array($action, array('activate', 'activatesetpwd'));
if ($action == 'logout') {
$bNeedsLogin = true;
}
if (!$member->isLoggedIn() && !$bIsActivation) {
$bNeedsLogin = true;
}
// show error if member cannot login to admin
if ($member->isLoggedIn() && !$member->canLogin() && !$bIsActivation) {
$error = _ERROR_LOGINDISALLOWED;
$bNeedsLogin = true;
}
/**
* executes an SQL db select
*/
function sql_select_db($db, &$dbh = NULL)
{
global $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DATABASE, $MYSQL_CONN, $MYSQL_HANDLER, $SQL_DBH;
//echo '<hr />'.print_r($dbh,true).'<hr />';
//exit;
if (is_null($dbh)) {
try {
$SQL_DBH = NULL;
list($host, $port) = explode(":", $MYSQL_HOST);
if (isset($port)) {
$portnum = $port;
$port = ';port=' . trim($port);
} else {
$port = '';
$portnum = '';
}
//$SQL_DBH = new PDO($MYSQL_HANDLER[1].':host='.trim($host).$port.';dbname='.$db, $MYSQL_USER, $MYSQL_PASSWORD);
//$SQL_DBH = sql_connect();
switch ($MYSQL_HANDLER[1]) {
case 'sybase':
case 'dblib':
if (is_numeric($portnum)) {
$port = ':' . intval($portnum);
} else {
$port = '';
}
$SQL_DBH = new PDO($MYSQL_HANDLER[1] . ':host=' . $host . $port . ';dbname=' . $db, $MYSQL_USER, $MYSQL_PASSWORD);
break;
case 'mssql':
if (is_numeric($portnum)) {
$port = ',' . intval($portnum);
} else {
$port = '';
}
$SQL_DBH = new PDO($MYSQL_HANDLER[1] . ':host=' . $host . $port . ';dbname=' . $db, $MYSQL_USER, $MYSQL_PASSWORD);
break;
case 'oci':
if (is_numeric($portnum)) {
$port = ':' . intval($portnum);
} else {
$port = '';
}
$SQL_DBH = new PDO($MYSQL_HANDLER[1] . ':dbname=//' . $host . $port . '/' . $db, $MYSQL_USER, $MYSQL_PASSWORD);
break;
case 'odbc':
if (is_numeric($portnum)) {
$port = ';PORT=' . intval($portnum);
} else {
$port = '';
}
$SQL_DBH = new PDO($MYSQL_HANDLER[1] . ':DRIVER={IBM DB2 ODBC DRIVER};HOSTNAME=' . $host . $port . ';DATABASE=' . $db . ';PROTOCOL=TCPIP;UID=' . $MYSQL_USER . ';PWD=' . $MYSQL_PASSWORD);
break;
case 'pgsql':
if (is_numeric($portnum)) {
$port = ';port=' . intval($portnum);
} else {
$port = '';
}
$SQL_DBH = new PDO($MYSQL_HANDLER[1] . ':host=' . $host . $port . ';dbname=' . $db, $MYSQL_USER, $MYSQL_PASSWORD);
break;
case 'sqlite':
case 'sqlite2':
if (is_numeric($portnum)) {
$port = ':' . intval($portnum);
} else {
$port = '';
}
$SQL_DBH = new PDO($MYSQL_HANDLER[1] . ':' . $db, $MYSQL_USER, $MYSQL_PASSWORD);
break;
default:
//mysql
$SQL_DBH = new PDO($MYSQL_HANDLER[1] . ':host=' . $host . $port . ';dbname=' . $db, $MYSQL_USER, $MYSQL_PASSWORD);
break;
}
return 1;
} catch (PDOException $e) {
startUpError('<p>a3 Error!: ' . $e->getMessage() . '</p>', 'Connect Error');
return 0;
}
} else {
if ($dbh->exec("USE {$db}") !== false) {
return 1;
} else {
return 0;
}
}
}
