{ return mysql_close($this->link); } /** * 输出错误信息 * * @param string $message * @param string $sql */ function halt($message = '', $sql = '') { echo $message . ' ' . $sql; exit; } function inject_check($sql_str) { //防止注入 $check = eregi('select|insert|update|delete|\'|\\/\\*|\\*|\\.\\.\\/|\\.\\/|union|into|load_file|outfile', $sql_str); if ($check) { echo "输入非法注入内容!"; exit; } else { return $sql_str; } } } $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset); $dbuser = $dbpw = $pconnect = $sdb = NULL; ?>