예제 #1
0
/**
 * Converts a filter specific name/value field pair into SQL
 *
 * The filter array has a special syntax for field names which can be used to control
 * how the name/value pair is constructed in the WHERE clause. For example, it
 * is possible to specify a LIKE, NOT LIKE, =, >, >=, <, <=, !=, IS NULL, or IS NOT NULL
 * format using this function.
 *
 * Valid field name syntax characters:
 *
 * =field          field = 'value'
 * >field          field > 'value'
 * >=field         field >= 'value'
 * <field          field < 'value'
 * <=field         field <= 'value'
 * !=field         field != 'value'
 * %field          field like '%%value%%'
 * !%field         field not like '%%value%%'
 * *field          field is null
 * !*field         field is not null
 *
 * @param string $field_name the name of the field optionally including a special syntax
 *   character specified above
 * @param string $field_value the value of the field
 * @return string the name/value pair in SQL format which can placed within a WHERE clause
 */
function sql_filter_get_sql_field_component($field_name, $field_type, $field_value)
{
	/* WHERE field = 'value' */
	if (substr($field_name, 0, 1) == "=")
	{
		$field_component = substr($field_name, 1) . " = " . sql_get_quoted_string($field_type, $field_value);
	}
	/* WHERE field >= 'value' */
	elseif (substr($field_name, 0, 2) == ">=")
	{
		$field_component = substr($field_name, 2) . " >= " . sql_get_quoted_string($field_type, $field_value);
	}
	/* WHERE field > 'value' */
	elseif (substr($field_name, 0, 1) == ">")
	{
		$field_component = substr($field_name, 1) . " > " . sql_get_quoted_string($field_type, $field_value);
	}
	/* WHERE field >= 'value' */
	elseif (substr($field_name, 0, 2) == "<=")
	{
		$field_component = substr($field_name, 2) . " <= " . sql_get_quoted_string($field_type, $field_value);
	}
	/* WHERE field < 'value' */
	elseif (substr($field_name, 0, 1) == "<")
	{
		$field_component = substr($field_name, 1) . " < " . sql_get_quoted_string($field_type, $field_value);
	}
	/* WHERE field != 'value' */
	elseif (substr($field_name, 0, 2) == "!=")
	{
		$field_component = substr($field_name, 2) . " != " . sql_get_quoted_string($field_type, $field_value);
	}
	/* WHERE field like '%%value%%' */
	elseif (substr($field_name, 0, 1) == "%")
	{
		$field_component = substr($field_name, 1) . " like " . sql_get_quoted_string($field_type, "%%$field_value%%");
	}
	/* WHERE field not like '%%value%%' */
	elseif (substr($field_name, 0, 2) == "!%")
	{
		$field_component = substr($field_name, 2) . " not like " . sql_get_quoted_string($field_type, "%%$field_value%%");
	}
	/* WHERE field is null */
	elseif (substr($field_name, 0, 1) == "*")
	{
		$field_component = substr($field_name, 1) . " is null";
	}
	/* WHERE field is not null */
	elseif (substr($field_name, 0, 2) == "!*")
	{
		$field_component = substr($field_name, 2) . " is not null";
	}
	/* WHERE field like '%%value%%' (default) */
	else
	{
		$field_component = $field_name . " like " . sql_get_quoted_string($field_type, "%%$field_value%%");
	}

	return $field_component;
}
예제 #2
0
파일: database.php 프로젝트: songchin/Cacti
function db_delete($table_name, $fields) {
	/* generate a WHERE statement that reflects the list of keys */
	$sql_key_where = ""; $i = 0;
	if (sizeof($fields) > 0) {
		foreach ($fields as $db_field_name => $db_field_array) {
			$sql_key_where .= ($i == 0 ? "WHERE " : " AND ") . $db_field_name  . " = " . sql_get_quoted_string($db_field_array["type"], $db_field_array["value"]);
			$i++;
		}
	}

	$sql = "DELETE FROM $table_name $sql_key_where";

	/* execute the sql statement and return the result */
	if (db_execute($sql)) {
		return true;
	}else{
		return false;
	}
}