$DIR_LANG = $DIR_LOCALES;\r
}\r
\r
+/**\r
+ * Errors before the database connection has been made\r
+ */\r
+function startUpError($msg, $title)\r
+{\r
+ header('Content-Type: text/xml; charset=' . i18n::get_current_charset());\r
+?>\r
+<html xmlns="http://www.w3.org/1999/xhtml">\r
+ <head><title><?php echo htmlspecialchars($title, null, i18n::get_current_charset()) ?></title></head>\r
+ <body>\r
+ <h1><?php echo htmlspecialchars($title, null, i18n::get_current_charset()) ?></h1>\r
+ <?php echo $msg ?>\r
+ </body>\r
+</html>\r
+<?php\r
+ exit;\r
+}\r
+\r
/*\r
* load and initialize i18n class\r
*/\r
include($DIR_LIBS . 'ENTITY.php');\r
\r
/* include core classes that are needed for login & plugin handling */\r
-include_once($DIR_LIBS . 'mysql.php');\r
+\r
/* added for 3.5 sql_* wrapper */\r
global $MYSQL_HANDLER;\r
if ( !isset($MYSQL_HANDLER) )\r
{\r
$MYSQL_HANDLER[0] = 'mysql';\r
}\r
-include_once($DIR_LIBS . 'sql/'.$MYSQL_HANDLER[0].'.php');\r
+include_once($DIR_LIBS . 'sql/sql.php');\r
+\r
/* end new for 3.5 sql_* wrapper */\r
include($DIR_LIBS . 'MEMBER.php');\r
include($DIR_LIBS . 'ACTIONLOG.php');\r
include($DIR_LIBS . 'MANAGER.php');\r
include($DIR_LIBS . 'PLUGIN.php');\r
\r
-$manager =& Manager::instance();\r
+$manager = new Manager();\r
\r
/*\r
* make sure there's no unnecessary escaping:\r
}\r
\r
/* connect to database */\r
-sql_connect();\r
-$SQLCount = 0;\r
+DB::setConnectionInfo($MYSQL_HANDLER[1], $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DATABASE);\r
\r
/* logs sanitized result if need */\r
if ( $orgRequestURI!==serverVar('REQUEST_URI') )\r
}\r
}\r
\r
-/* makes sure database connection gets closed on script termination */\r
-register_shutdown_function('sql_disconnect');\r
-\r
/* read config */\r
getConfig();\r
\r
'info' => $virtualpath\r
)\r
);\r
-\r
/*\r
* NOTE: Here is the end of initialization\r
*/\r
*/\r
function getBlogIDFromName($name)\r
{\r
- return quickQuery('SELECT bnumber AS result FROM ' . sql_table('blog') . ' WHERE bshortname = "' . sql_real_escape_string($name) . '"');\r
+ $query = sprintf('SELECT bnumber AS result FROM %s WHERE bshortname=%s', sql_table('blog'), DB::quoteValue($name));\r
+ return DB::getValue($query);\r
}\r
\r
\r
*/\r
function getBlogNameFromID($id)\r
{\r
- return quickQuery('SELECT bname AS result FROM ' . sql_table('blog') . ' WHERE bnumber = ' . intval($id));\r
+ $query = sprintf('SELECT bname AS result FROM %s WHERE bnumber=%d', sql_table('blog'), intval($id));\r
+ return DB::getValue($query);\r
}\r
\r
\r
*/\r
function getBlogIDFromItemID($item_id)\r
{\r
- return quickQuery('SELECT iblog AS result FROM ' . sql_table('item') . ' WHERE inumber = ' . intval($item_id));\r
+ $query = sprintf('SELECT iblog AS result FROM %s WHERE inumber=%d', sql_table('item'), intval($item_id));\r
+ return DB::getValue($query);\r
}\r
\r
\r
*/\r
function getBlogIDFromCommentID($comment_id)\r
{\r
- return quickQuery('SELECT cblog AS result FROM ' . sql_table('comment') . ' WHERE cnumber = ' . intval($comment_id));\r
+ $query = sprintf('SELECT cblog AS result FROM %s WHERE cnumber=%d', sql_table('comment'), intval($comment_id));\r
+ return DB::getValue($query);\r
}\r
\r
\r
*/\r
function getBlogIDFromCatID($category_id)\r
{\r
- return quickQuery('SELECT cblog AS result FROM ' . sql_table('category') . ' WHERE catid = ' . intval($category_id));\r
+ $query = sprintf('SELECT cblog AS result FROM %s WHERE catid=%d', sql_table('category'), intval($category_id));\r
+ return DB::getValue($query);\r
}\r
\r
\r
*/\r
function getCatIDFromName($name)\r
{\r
- return quickQuery('SELECT catid AS result FROM ' . sql_table('category') . ' WHERE cname = "' . sql_real_escape_string($name) . '"');\r
+ $query = sprintf('SELECT catid AS result FROM %s WHERE cname=%s', sql_table('category'), DB::quoteValue($name));\r
+ return DB::getValue($query);\r
}\r
\r
\r
/**\r
* This function performs a quick SQL query\r
+ * @deprecated\r
* @param string $query\r
* @return object\r
*/\r
function quickQuery($query)\r
{\r
- $res = sql_query($query);\r
- $obj = sql_fetch_object($res);\r
- return $obj->result;\r
+ $row = DB::getRow($query);\r
+ return $row['result'];\r
}\r
\r
function getPluginNameFromPid($pid) {\r
- $res = sql_query('SELECT pfile FROM ' . sql_table('plugin') . ' WHERE pid=' . intval($pid) );\r
- $obj = sql_fetch_object($res);\r
- return $obj->pfile;\r
+ $query = sprintf('SELECT pfile FROM %s WHERE pid=%d', sql_table('plugin'), intval($pid));\r
+ return DB::getValue($query);\r
// return isset($obj->pfile) ? $obj->pfile : false;\r
}\r
\r
\r
// 1. get timestamp, blogid and catid for item\r
$query = 'SELECT itime, iblog, icat FROM %s WHERE inumber=%d';\r
- $query = sprintf($query, sql_table('item'), (integer) $itemid);\r
- $res = sql_query($query);\r
- $obj = sql_fetch_object($res);\r
+ $query = sprintf($query, sql_table('item'), intval($itemid));\r
+ $row = DB::getRow($query);\r
\r
// if a different blog id has been set through the request or selectBlog(),\r
// deny access\r
\r
- if ( $blogid && (intval($blogid) != $obj->iblog) )\r
+ if ( $blogid && (intval($blogid) != $row['iblog']) )\r
{\r
doError(_ERROR_NOSUCHITEM);\r
}\r
\r
// if a category has been selected which doesn't match the item, ignore the\r
// category. #85\r
- if ( ($catid != 0) && ($catid != $obj->icat) )\r
+ if ( ($catid != 0) && ($catid != $row['icat']) )\r
{\r
$catid = 0;\r
}\r
\r
- $blogid = $obj->iblog;\r
- $timestamp = strtotime($obj->itime);\r
+ $blogid = $row['iblog'];\r
+ $timestamp = strtotime($row['itime']);\r
\r
$b =& $manager->getBlog($blogid);\r
\r
if ( !$b->isValidCategory($catid) )\r
{\r
$query = "SELECT inumber, ititle FROM %s WHERE itime<'%s' AND idraft=0 AND iblog=%d ORDER BY itime DESC LIMIT 1";\r
- $query = sprintf($query, sql_table('item'), i18n::formatted_datetime('mysql', $timestamp), $blogid);\r
+ $query = sprintf($query, sql_table('item'), DB::formatDateTime($timestamp), intval($blogid));\r
}\r
else\r
{\r
$query = "SELECT inumber, ititle FROM %s WHERE itime<'%s' AND idraft=0 AND iblog=%d AND icat=%d ORDER BY itime DESC LIMIT 1";\r
- $query = sprintf($query, sql_table('item'), i18n::formatted_datetime('mysql', $timestamp), $blogid, $catid);\r
+ $query = sprintf($query, sql_table('item'), DB::formatDateTime($timestamp), intval($blogid), intval($catid));\r
}\r
+ $row = DB::getRow($query);\r
\r
- $res = sql_query($query);\r
- $obj = sql_fetch_object($res);\r
- \r
- if ( $obj )\r
+ if ( $row )\r
{\r
- $itemidprev = $obj->inumber;\r
- $itemtitleprev = $obj->ititle;\r
+ $itemidprev = $row['inumber'];\r
+ $itemtitleprev = $row['ititle'];\r
}\r
\r
// get next itemid and title\r
if ( !$b->isValidCategory($catid) )\r
{\r
$query = "SELECT inumber, ititle FROM %s WHERE itime>'%s' AND itime<='%s' AND idraft=0 AND iblog=%d ORDER BY itime ASC LIMIT 1";\r
- $query = sprintf($query, sql_table('item'), i18n::formatted_datetime('mysql', $timestamp), i18n::formatted_datetime('mysql', $b->getCorrectTime()), $blogid);\r
+ $query = sprintf($query, sql_table('item'), DB::formatDateTime($timestamp), DB::formatDateTime($b->getCorrectTime()), intval($blogid));\r
}\r
else\r
{\r
$query = "SELECT inumber, ititle FROM %s WHERE itime>'%s' AND itime<='%s' AND idraft=0 AND iblog=%d AND icat=%d ORDER BY itime ASC LIMIT 1";\r
- $query = sprintf($query, sql_table('item'), i18n::formatted_datetime('mysql', $timestamp), i18n::formatted_datetime('mysql', $b->getCorrectTime()), $blogid, $catid);\r
+ $query = sprintf($query, sql_table('item'), DB::formatDateTime($timestamp), DB::formatDateTime($b->getCorrectTime()), intval($blogid), intval($catid));\r
}\r
- $res = sql_query($query);\r
- \r
- $obj = sql_fetch_object($res);\r
+ $row = DB::getRow($query);\r
\r
- if ( $obj )\r
+ if ( $row )\r
{\r
- $itemidnext = $obj->inumber;\r
- $itemtitlenext = $obj->ititle;\r
+ $itemidnext = $row['inumber'];\r
+ $itemtitlenext = $row['ititle'];\r
}\r
}\r
elseif ( $archive )\r
global $archivenext, $archiveprev, $archivetype, $archivenextexists, $archiveprevexists;\r
\r
// sql queries for the timestamp of the first and the last published item\r
- $query = "SELECT UNIX_TIMESTAMP(itime) as result FROM ".sql_table('item')." WHERE idraft=0 ORDER BY itime ASC";\r
- $first_timestamp=quickQuery ($query);\r
- $query = "SELECT UNIX_TIMESTAMP(itime) as result FROM ".sql_table('item')." WHERE idraft=0 ORDER BY itime DESC";\r
- $last_timestamp=quickQuery ($query);\r
+ $query = sprintf('SELECT UNIX_TIMESTAMP(itime) as result FROM %s WHERE idraft=0 ORDER BY itime ASC', sql_table('item'));\r
+ $first_timestamp = DB::getValue($query);\r
+ $query = sprintf('SELECT UNIX_TIMESTAMP(itime) as result FROM %s WHERE idraft=0 ORDER BY itime DESC', sql_table('item'));\r
+ $last_timestamp = DB::getValue($query);\r
\r
sscanf($archive, '%d-%d-%d', $y, $m, $d);\r
\r
function getConfig() {\r
global $CONF;\r
\r
- $query = 'SELECT * FROM ' . sql_table('config');\r
- $res = sql_query($query);\r
+ $query = sprintf('SELECT * FROM %s', sql_table('config'));\r
+ $res = DB::getResult($query);\r
\r
- while ($obj = sql_fetch_object($res) ) {\r
- $CONF[$obj->name] = $obj->value;\r
+ foreach ( $res as $row )\r
+ {\r
+ $CONF[$row['name']] = $row['value'];\r
}\r
}\r
\r
\r
// Solve the plugin name.\r
$plugins = array();\r
- $query = 'SELECT pfile FROM '.sql_table('plugin');\r
- $res = sql_query($query);\r
+ $query = sprintf('SELECT pfile FROM %s', sql_table('plugin'));\r
+ $res = DB::getResult($query);\r
\r
- while($row = sql_fetch_row($res) )\r
+ foreach ( $res as $row )\r
{\r
- $name = i18n::substr($row[0], 3);\r
+ $name = i18n::substr($row['pfile'], 3);\r
$plugins[strtolower($name)] = $name;\r
}\r
\r
- sql_free_result($res);\r
+ $res->closeCursor();\r
\r
if (array_key_exists($path, $plugins))\r
{\r
* @return number of subscriber(s)\r
*/\r
function numberOfEventSubscriber($event) {\r
- $query = 'SELECT COUNT(*) as count FROM ' . sql_table('plugin_event') . ' WHERE event=\'' . $event . '\'';\r
- $res = sql_query($query);\r
- $obj = sql_fetch_object($res);\r
- return $obj->count;\r
+ $query = sprintf('SELECT COUNT(*) as count FROM %s WHERE event=%s', sql_table('plugin_event'), DB::quoteValue($event));\r
+ $res = DB::getValue($query);\r
+ return $res;\r
}\r
\r
/**\r
OSDN Git Service
