Exemple #1
0
 /** Process search box in select
  * @param array
  * @param array
  * @return array expressions to join by AND
  */
 function selectSearchProcess($fields, $indexes)
 {
     global $connection, $jush;
     $return = array();
     foreach ($indexes as $i => $index) {
         if ($index["type"] == "FULLTEXT" && $_GET["fulltext"][$i] != "") {
             $return[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST (" . q($_GET["fulltext"][$i]) . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
         }
     }
     foreach ((array) $_GET["where"] as $val) {
         if ("{$val['col']}{$val['val']}" != "" && in_array($val["op"], $this->operators)) {
             $cond = " {$val['op']}";
             if (preg_match('~IN$~', $val["op"])) {
                 $in = process_length($val["val"]);
                 $cond .= " " . ($in != "" ? $in : "(NULL)");
             } elseif ($val["op"] == "SQL") {
                 $cond = " {$val['val']}";
                 // SQL injection
             } elseif ($val["op"] == "LIKE %%") {
                 $cond = " LIKE " . $this->processInput($fields[$val["col"]], "%{$val['val']}%");
             } elseif ($val["op"] == "ILIKE %%") {
                 $cond = " ILIKE " . $this->processInput($fields[$val["col"]], "%{$val['val']}%");
             } elseif (!preg_match('~NULL$~', $val["op"])) {
                 $cond .= " " . $this->processInput($fields[$val["col"]], $val["val"]);
             }
             if ($val["col"] != "") {
                 $return[] = idf_escape($val["col"]) . $cond;
             } else {
                 // find anywhere
                 $cols = array();
                 foreach ($fields as $name => $field) {
                     $is_text = preg_match('~char|text|enum|set~', $field["type"]);
                     if ((is_numeric($val["val"]) || !preg_match('~(^|[^o])int|float|double|decimal|bit~', $field["type"])) && (!preg_match("~[€-ÿ]~", $val["val"]) || $is_text)) {
                         $name = idf_escape($name);
                         $cols[] = $jush == "sql" && $is_text && !preg_match("~^utf8_~", $field["collation"]) ? "CONVERT({$name} USING " . charset($connection) . ")" : $name;
                     }
                 }
                 $return[] = $cols ? "(" . implode("{$cond} OR ", $cols) . "{$cond})" : "0";
             }
         }
     }
     return $return;
 }
Exemple #2
0
function process_type($field, $collate = "COLLATE")
{
    global $mysql, $enum_length, $unsigned;
    return " {$field['type']}" . ($field["length"] && !preg_match('~^date|time$~', $field["type"]) ? "(" . process_length($field["length"]) . ")" : "") . (preg_match('~int|float|double|decimal~', $field["type"]) && in_array($field["unsigned"], $unsigned) ? " {$field['unsigned']}" : "") . (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " {$collate} '" . $mysql->escape_string($field["collation"]) . "'" : "");
}
Exemple #3
0
/** Create SQL string from field type
* @param array
* @param string
* @return string
*/
function process_type($field, $collate = "COLLATE")
{
    global $unsigned;
    return " {$field['type']}" . process_length($field["length"]) . (preg_match('~(^|[^o])int|float|double|decimal~', $field["type"]) && in_array($field["unsigned"], $unsigned) ? " {$field['unsigned']}" : "") . (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " {$collate} " . q($field["collation"]) : "");
}
/** Create SQL string from field type
* @param array
* @param string
* @return string
*/
function process_type($field, $collate = "COLLATE")
{
    global $unsigned;
    return " {$field['type']}" . ($field["length"] != "" ? "(" . process_length($field["length"]) . ")" : "") . (ereg('int|float|double|decimal', $field["type"]) && in_array($field["unsigned"], $unsigned) ? " {$field['unsigned']}" : "") . (ereg('char|text|enum|set', $field["type"]) && $field["collation"] ? " {$collate} " . q($field["collation"]) : "");
}