function __tcSqlLogEnd($result, $cachedResult = 0) { global $__tcSqlLog, $__tcSqlQueryBeginTime, $__tcSqlLogCount, $__tcPageStartTime; static $client_encoding = ''; $tcSqlQueryEndTime = explode(' ', microtime()); $elapsed = $tcSqlQueryEndTime[1] - $__tcSqlQueryBeginTime[1] + ($tcSqlQueryEndTime[0] - $__tcSqlQueryBeginTime[0]); if (!$client_encoding) { $client_encoding = str_replace('_', '-', mysqli_client_encoding(POD::$db)); } if ($client_encoding != 'utf8' && function_exists('iconv')) { $__tcSqlLog[$__tcSqlLogCount]['error'] = iconv($client_encoding, 'utf-8', mysqli_error(POD::$db)); } else { $__tcSqlLog[$__tcSqlLogCount]['error'] = mysqli_error(POD::$db); } $__tcSqlLog[$__tcSqlLogCount]['errno'] = mysqli_errno(POD::$db); if ($cachedResult == 0) { $__tcSqlLog[$__tcSqlLogCount]['elapsed'] = ceil($elapsed * 10000) / 10; } else { $__tcSqlLog[$__tcSqlLogCount]['elapsed'] = 0; } $__tcSqlLog[$__tcSqlLogCount]['elapsed'] = sprintf("%4.1f", $__tcSqlLog[$__tcSqlLogCount]['elapsed']); $__tcSqlLog[$__tcSqlLogCount]['cached'] = $cachedResult; $__tcSqlLog[$__tcSqlLogCount]['rows'] = 0; $__tcSqlLog[$__tcSqlLogCount]['endtime'] = $tcSqlQueryEndTime[1] - $__tcPageStartTime[1] + ($tcSqlQueryEndTime[0] - $__tcPageStartTime[0]); $__tcSqlLog[$__tcSqlLogCount]['endtime'] = sprintf("%4.1f", ceil($__tcSqlLog[$__tcSqlLogCount]['endtime'] * 10000) / 10); if (!$cachedResult && mysqli_errno(POD::$db) == 0) { switch (strtolower(substr($__tcSqlLog[$__tcSqlLogCount]['sql'], 0, 6))) { case 'select': $__tcSqlLog[$__tcSqlLogCount]['rows'] = mysqli_num_rows($result); break; case 'insert': case 'delete': case 'update': $__tcSqlLog[$__tcSqlLogCount]['rows'] = mysqli_affected_rows(POD::$db); break; } } $__tcSqlLogCount++; $__tcSqlQueryBeginTime = 0; }
/** * Gets the database encoding * * @return string The database encoding */ function getEncoding() { return mysqli_client_encoding($this->connection); }
public function getDbInfo() { $charsets = $this->getCharsetInfo(); $charset_str = array(); foreach ($charsets as $name => $value) { $charset_str[] = "{$name} = {$value}"; } return array("MySQLi Version" => @mysqli_get_client_info(), "MySQLi Host Info" => @mysqli_get_host_info($this->database), "MySQLi Server Info" => @mysqli_get_server_info($this->database), "MySQLi Client Encoding" => @mysqli_client_encoding($this->database), "MySQL Character Set Settings" => join(", ", $charset_str)); }
//$_POST['username'] = chr(0xbf).chr(0x5c).' OR username = username /*'; $_POST['password'] = '******'; echo "\n----addslashes-----\n"; echo $username = addslashes($_POST['username']); echo "\n"; $password = addslashes($_POST['password']); //echo $sql = "SELECT * FROM users WHERE username = '******' AND password = '******'";echo $sql = "SELECT * FROM users WHERE username = '******'"; echo "\n"; $result = mysqli_query($db, $sql) or trigger_error(mysqli_error($db) . $sql); var_dump(mysqli_num_rows($result)); var_dump(mysqli_client_encoding($db)); echo "\n---------\n"; echo $username = mysqli_real_escape_string($db, $_POST['username']); echo "\n"; $password = mysqli_real_escape_string($db, $_POST['password']); //$sql = "SELECT * FROM users WHERE username = '******' AND password = '******'";echo $sql = "SELECT * FROM users WHERE username = '******'"; echo "\n"; $result = mysqli_query($db, $sql) or trigger_error(mysqli_error($db) . $sql); var_dump(mysqli_num_rows($result)); var_dump(mysqli_client_encoding($db)); echo "\n---------\n"; mysqli_set_charset($db, "GBK"); echo $username = mysqli_real_escape_string($db, $_POST['username']); echo "\n"; $password = mysqli_real_escape_string($db, $_POST['password']); //$sql = "SELECT * FROM users WHERE username = '******' AND password = '******'";echo $sql = "SELECT * FROM users WHERE username = '******'"; echo "\n"; $result = mysqli_query($db, $sql) or trigger_error(mysqli_error($db) . $sql); var_dump(mysqli_num_rows($result)); var_dump(mysqli_client_encoding($db));
call_user_method(); call_user_method_array(); define_syslog_variables(); dl(); ereg(); ereg_replace(); eregi(); eregi_replace(); import_request_variables(); mcrypt_generic_end(); mysql_db_query(); mysql_escape_string(); mysql_list_dbs(); mysqli_bind_param(); mysqli_bind_result(); mysqli_client_encoding(); mysqli_fetch(); mysqli_param_count(); mysqli_get_metadata(); mysqli_send_long_data(); magic_quotes_runtime(); session_register(); session_unregister(); session_is_registered(); set_magic_quotes_runtime(); set_socket_blocking(); split(); spliti(); sql_regcase(); php_logo_guid(); php_egg_logo_guid();
# Check PHP version $phpversion=phpversion(); $phpinifile=php_ini_loaded_file(); if ($phpversion<'4.4') {$result=$lang["status-fail"] . ": " . str_replace("?", "4.4", $lang["shouldbeversion"]);} else {$result=$lang["status-ok"];} ?><tr><td><?php echo str_replace("?", "PHP", $lang["softwareversion"]); ?></td><td><?php echo $phpversion .'  ' . str_replace("%file", $phpinifile, $lang["config_file"]);?></td><td><b><?php echo $result?></b></td></tr><?php # Check MySQL version if ($use_mysqli){ $mysqlversion=mysqli_get_server_info($db); } else { $mysqlversion=mysql_get_server_info(); } if ($mysqlversion<'5') {$result=$lang["status-fail"] . ": " . str_replace("?", "5", $lang["shouldbeversion"]);} else {$result=$lang["status-ok"];} if ($use_mysqli){$encoding=mysqli_client_encoding($db);} else {$encoding=mysql_client_encoding();} ?><tr><td><?php echo str_replace("?", "MySQL", $lang["softwareversion"]); ?></td><td><?php echo $mysqlversion . "  " . str_replace("%encoding", $encoding, $lang["client-encoding"]); ?></td><td><b><?php echo $result?></b></td></tr><?php # Check GD installed if (function_exists("gd_info")) { $gdinfo=gd_info(); if (is_array($gdinfo)) { $version=$gdinfo["GD Version"]; $result=$lang["status-ok"]; } else { $version=$lang["status-notinstalled"]; $result=$lang["status-fail"];
function client_encoding() { return mysqli_client_encoding($this->connect_id); }
/** * {@inheritdoc} */ public function getCharset() { return mysqli_client_encoding($this->connection); }
echo $result; ?> </b></td></tr><?php # Check MySQL version if ($use_mysqli) { $mysqlversion = mysqli_get_server_info($db); } else { $mysqlversion = mysql_get_server_info(); } if ($mysqlversion < '5') { $result = $lang["status-fail"] . ": " . str_replace("?", "5", $lang["shouldbeversion"]); } else { $result = $lang["status-ok"]; } if ($use_mysqli) { $encoding = mysqli_client_encoding($db); } else { $encoding = mysql_client_encoding(); } ?> <tr><td><?php echo str_replace("?", "MySQL", $lang["softwareversion"]); ?> </td><td><?php echo $mysqlversion . "  " . str_replace("%encoding", $encoding, $lang["client-encoding"]); ?> </td><td><b><?php echo $result; ?> </b></td></tr><?php # Check GD installed
/** * Ouverture d'une connexion vers le serveur et eventuellement une database. * @param type Type de base de donnees (mysql ou pgsql) * @param host Addresse de la base de donnees * @param user Nom de l'utilisateur autorise * @param pass Mot de passe * @param name Nom de la database * @param port Port of database server * @return int 1 en cas de succes, 0 sinon */ function DoliDb($type='mysqli', $host, $user, $pass, $name='', $port=0) { global $conf,$langs; if (! empty($conf->db->character_set)) $this->forcecharset=$conf->db->character_set; if (! empty($conf->db->dolibarr_main_db_collation)) $this->forcecollate=$conf->db->dolibarr_main_db_collation; $this->database_user=$user; $this->transaction_opened=0; //print "Name DB: $host,$user,$pass,$name<br>"; if (! function_exists("mysqli_connect")) { $this->connected = 0; $this->ok = 0; $this->error="Mysqli PHP functions for using Mysqli driver are not available in this version of PHP. Try to use another driver."; dol_syslog("DoliDB::DoliDB : Mysqli PHP functions for using Mysqli driver are not available in this version of PHP. Try to use another driver.",LOG_ERR); return $this->ok; } if (! $host) { $this->connected = 0; $this->ok = 0; $this->error=$langs->trans("ErrorWrongHostParameter"); dol_syslog("DoliDB::DoliDB : Erreur Connect, wrong host parameters",LOG_ERR); return $this->ok; } // Essai connexion serveur // We do not try to connect to database, only to server. Connect to database is done later in constrcutor $this->db = $this->connect($host, $user, $pass, '', $port); if ($this->db) { $this->connected = 1; $this->ok = 1; } else { // host, login ou password incorrect $this->connected = 0; $this->ok = 0; $this->error=mysqli_connect_error(); dol_syslog("DoliDB::DoliDB : Erreur Connect mysqli_connect_error=".$this->error,LOG_ERR); } // Si connexion serveur ok et si connexion base demandee, on essaie connexion base if ($this->connected && $name) { if ($this->select_db($name)) { $this->database_selected = 1; $this->database_name = $name; $this->ok = 1; // If client connected with different charset than Dolibarr HTML output $clientmustbe=''; if (preg_match('/UTF-8/i',$conf->file->character_set_client)) $clientmustbe='utf8'; if (preg_match('/ISO-8859-1/i',$conf->file->character_set_client)) $clientmustbe='latin1'; if (mysqli_client_encoding($this->db) != $clientmustbe) { $this->query("SET NAMES '".$clientmustbe."'", $this->db); //$this->query("SET CHARACTER SET ". $this->forcecharset); } } else { $this->database_selected = 0; $this->database_name = ''; $this->ok = 0; $this->error=$this->error(); dol_syslog("DoliDB::DoliDB : Erreur Select_db ".$this->error,LOG_ERR); } } else { // Pas de selection de base demandee, ok ou ko $this->database_selected = 0; if ($this->connected) { // If client connected with different charset than Dolibarr HTML output $clientmustbe=''; if (preg_match('/UTF-8/i',$conf->file->character_set_client)) $clientmustbe='utf8'; if (preg_match('/ISO-8859-1/i',$conf->file->character_set_client)) $clientmustbe='latin1'; if (mysqli_client_encoding($this->db) != $clientmustbe) { $this->query("SET NAMES '".$clientmustbe."'", $this->db); //$this->query("SET CHARACTER SET ". $this->forcecharset); } } } return $this->ok; }