mysql数据库连接程序_PHP教程-php教程-PHP中文网

mysql数据库连接程序_PHP教程

php中文网

发布： 2016-07-13 17:05:22

原创

1129人浏览过

豆包AI编程

豆包推出的AI编程助手

483

查看详情

mysql教程数据库教程连接程序
这里提供的数据库连接类程序，后面还提供了一个sql安全检测函数与sql语句完整性检测函数。*/

class db_mysql { var $connid; var $querynum = 0; var $expires; var $cursor = 0; var $cache_id = ''; var $cache_file = ''; var $cache_expires = ''; var $halt = 0; var $result = array(); function connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect = 0) { global $cfg; $this->expires = $cfg['db_expires']; $func = $pconnect == 1 ? 'mysql_pconnect' : 'mysql_connect'; if(!$this->connid = $func($dbhost, $dbuser, $dbpw)) { $this->halt('can not connect to mysql server'); } if($this->version() > '4.1' && $cfg['db_charset']) { mysql_query("set names '".$cfg['db_charset']."'" , $this->connid); } if($this->version() > '5.0') { mysql_query("set sql_mode=''" , $this->connid); } if($dbname) { if(!mysql_select_db($dbname , $this->connid)) { $this->halt('cannot use database '.$dbname); } } return $this->connid; } function select_db($dbname) { return mysql_select_db($dbname , $this->connid); } function query($sql , $type = '', $expires = 0, $save_id = false) { $sql=checksql($sql); if($type == 'cache' && stristr($sql, 'select')) { $this->cursor = 0; $this->cache_id = md5($sql); $this->result = array(); $this->cache_expires = $expires ? $expires + mt_rand(-9, 9) : $this->expires; return $this->_query($sql); } if(!$save_id) $this->cache_id = 0; $func = $type == 'unbuffered' ? 'mysql_unbuffered_query' : 'mysql_query'; if(!($query = $func($sql , $this->connid)) && $this->halt) { $this->halt('mysql query error', $sql); } $this->querynum++; return $query; } function get_one($sql, $type = '', $expires = 0) { $query = $this->query($sql, $type, $expires); $r = $this->fetch_array($query); $this->free_result($query); return $r ; } function counter($table, $condition = '', $type = '', $expires = 0) { global $cfg; $table = strpos($table, $cfg['tb_pre']) === false ? $cfg['tb_pre'].$table : $table; $sql = "select count(*) as num from {$table}"; if($condition) $sql .= " where $condition"; $r = $this->get_one($sql, $type, $expires); return $r ? $r['num'] : 0; } function fetch_array($query, $result_type = mysql_assoc) { return $this->cache_id ? $this->_fetch_array($query) : @mysql_fetch_array($query, $result_type); } function affected_rows() { return mysql_affected_rows($this->connid); } function num_rows($query) { return mysql_num_rows($query); } function num_fields($query) { return mysql_num_fields($query); } function escape_string($str){ return mysql_escape_string($str); } function result($query, $row) { return @mysql_result($query, $row); } function free_result($query) { return @mysql_free_result($query); } function insert_id() { return mysql_insert_id($this->connid); } function fetch_row($query) { return mysql_fetch_row($query); } function version() { return mysql_get_server_info($this->connid); } function close() { return mysql_close($this->connid); } function error() { return @mysql_error($this->connid); } function errno() { return intval(@mysql_errno($this->connid)) ; } function halt($message = '', $sql = '') { global $cfg; if($message) { if($cfg['errlog']) { $log = "query:$sql|errno:".$this->errno()."|error:".$this->error()."|errmsg:$message"; log_write($log, 'sql'); } } showmsg("mysqlerror:$message",'-1'); exit(); } function _query($sql) { global $fr_time; $this->cache_file = cache_root.'/sql/'.substr($this->cache_id, 0, 2).'/'.$this->cache_id.'.php教程'; if(!is_file($this->cache_file) || ($fr_time - @filemtime($this->cache_file) > $this->cache_expires)) { $tmp = array(); $result = $this->query($sql, '', '', true); while($r = mysql_fetch_array($result, mysql_assoc)) { $tmp[] = $r; } $this->result = $tmp; $this->free_result($result); file_put($this->cache_file, ""); } else { $this->result = include $this->cache_file; } return $this->result; } function _fetch_array($query = array()) { if($query) $this->result = $query; if(isset($this->result[$this->cursor])) { return $this->result[$this->cursor++]; } else { $this->cursor = $this->cache_id = 0; return array(); } } } function checksql($dbstr,$querytype='select'){ $clean = ''; $old_pos = 0; $pos = -1; //普通语句，直接过滤特殊语法 if($querytype=='select'){ $nastr = "/[^0-9a-z@._-]{1,}(union|sleep|benchmark|load_file|outfile)[^0-9a-z@.-]{1,}/i"; if(preg_match($nastr,$dbstr)){ log_write($dbstr,'sql'); showmsg('safeerror:10001', '网页特效:;'); exit(); } } //完整的sql检查 while (true){ $pos = strpos($dbstr, ''', $pos + 1); if ($pos === false){ break; } $clean .= substr($dbstr, $old_pos, $pos - $old_pos); while (true){ $pos1 = strpos($dbstr, ''', $pos + 1); $pos2 = strpos($dbstr, '', $pos + 1); if ($pos1 === false){ break; } elseif ($pos2 == false || $pos2 > $pos1){ $pos = $pos1; break; } $pos = $pos2 + 1; } $clean .= '$s$'; $old_pos = $pos + 1; } $clean .= substr($dbstr, $old_pos); $clean = trim(strtolower(preg_replace(array('~s+~s' ), array(' '), $clean))); if (strpos($clean, 'union') !== false && preg_match('~(^|[^a-z])union($|[^[a-z])~s', $clean) != 0){ $fail = true; } elseif (strpos($clean, '/*') > 2 || strpos($clean, '--') !== false || strpos($clean, '#') !== false){ $fail = true; } elseif (strpos($clean, 'sleep') !== false && preg_match('~(^|[^a-z])sleep($|[^[a-z])~s', $clean) != 0){ $fail = true; } elseif (strpos($clean, 'benchmark') !== false && preg_match('~(^|[^a-z])benchmark($|[^[a-z])~s', $clean) != 0){ $fail = true; } elseif (strpos($clean, 'load_file') !== false && preg_match('~(^|[^a-z])load_file($|[^[a-z])~s', $clean) != 0){ $fail = true; } elseif (strpos($clean, 'into outfile') !== false && preg_match('~(^|[^a-z])intos+outfile($|[^[a-z])~s', $clean) != 0){ $fail = true; } elseif (preg_match('~([^)]*?select~s', $clean) != 0){ $fail = true; } if (!empty($fail)){ log_write($dbstr,'sql'); showmsg('safeerror:10002', 'javascript:;');exit; } else { return $dbstr; } }

大家都在看：

PHP与MySQL交互：解决创建数据库和表时的多语句执行语法错误 HTML表单数据到MySQL的PHP安全插入与多选处理指南 PHP与MySQL集成：安全高效处理HTML表单数据（含多选框）插入教程 MySQL特殊字符编码最佳实践：为什么推荐使用UTF8MB4 MySQL/PHP：动态计算并获取当前周数据总和的专业指南