예제 #1
0
 public static function query($sql, $is_master = false)
 {
     $sql = trim($sql);
     if (!mod_sqlsafecheck::checkquery($sql)) {
         throw new Exception('Sorry,Your SQL is bad', 444);
     }
     self::$current_link = self::init_mysql(true, $is_master);
     try {
         self::$sql = $sql;
         self::$query = @mysql_query($sql, self::$current_link);
         if (self::$query === false) {
             throw new Exception(mysql_error());
         } else {
             self::$query_count++;
             return self::$query;
         }
     } catch (Exception $e) {
         if (!TRUE) {
         } else {
             echo $e->getMessage(), '<br/>';
             echo '<pre>', $e->getTraceAsString(), '</pre>';
             echo '<strong>Query: </strong> ' . $sql;
         }
         self::log($e->getMessage());
         exit;
     }
 }
 public static function checkquery($sql)
 {
     if (self::$config === null) {
         self::$config = $GLOBALS['security']['querysafe'];
     }
     if (self::$config['status']) {
         $check = 1;
         $cmd = strtoupper(substr(trim($sql), 0, 3));
         if (isset(self::$checkcmd[$cmd])) {
             $check = self::_do_query_safe($sql);
         } elseif (substr($cmd, 0, 2) === '/*') {
             $check = -1;
         }
         /*if ($check < 1) 
         		{
         			throw new Exception('It is not safe to do this query', 0, $sql);
         		}*/
     }
     return true;
 }