amrytech 0 Report post Posted August 26, 2010 i want study the connection database and security user lever. but failerany body help me, where the problem is.here the code <?php/********************************************************************************* * Filename: common.php * PHP 4.0 *********************************************************************************/error_reporting (E_ALL ^ E_NOTICE);//===============================// Database Connection Definition//-------------------------------//Philmar Online Rent-a-Car Connection begininclude("./db_mysql.inc");define("DATABASE_NAME","car");define("DATABASE_USER","root");define("DATABASE_PASSWORD","");define("DATABASE_HOST","localhost");// Database Initialize$db = new DB_Sql();$db->Database = DATABASE_NAME;$db->User = DATABASE_USER;$db->Password = DATABASE_PASSWORD;$db->Host = DATABASE_HOST;// Philmar Online Rent-a-Car Connection end//===============================// Site Initialization//-------------------------------// Obtain the path where this site is located on the server//-------------------------------$app_path = ".";//-------------------------------// Create Header and Footer Path variables//-------------------------------$header_filename = "Header.html";$footer_filename = "Footer.html";//===============================//===============================// Common functions//-------------------------------// Convert non-standard characters to HTML//-------------------------------function tohtml($strValue){ return htmlspecialchars($strValue);}//-------------------------------// Convert value to URL//-------------------------------function tourl($strValue){ return urlencode($strValue);}//-------------------------------// Obtain specific URL Parameter from URL string//-------------------------------function get_param($param_name){ global $HTTP_POST_VARS; global $HTTP_GET_VARS; $param_value = ""; if(isset($HTTP_POST_VARS[$param_name])) $param_value = $HTTP_POST_VARS[$param_name]; else if(isset($HTTP_GET_VARS[$param_name])) $param_value = $HTTP_GET_VARS[$param_name]; return $param_value;}function get_session($param_name){ global $HTTP_POST_VARS; global $HTTP_GET_VARS; global ${$param_name}; $param_value = ""; if(!isset($HTTP_POST_VARS[$param_name]) && !isset($HTTP_GET_VARS[$param_name]) && session_is_registered($param_name)) $param_value = ${$param_name}; return $param_value;}function set_session($param_name, $param_value){ global ${$param_name}; if(session_is_registered($param_name)) session_unregister($param_name); ${$param_name} = $param_value; session_register($param_name);}function is_number($string_value){ if(is_numeric($string_value) || !strlen($string_value)) return true; else return false;}//-------------------------------// Convert value for use with SQL statament//-------------------------------function tosql($value, $type){ if(!strlen($value)) return "NULL"; else if($type == "Number") return str_replace (",", ".", doubleval($value)); else { if(get_magic_quotes_gpc() == 0) { $value = str_replace("'","''",$value); $value = str_replace("\\","\\\\",$value); } else { $value = str_replace("\\'","''",$value); $value = str_replace("\\\"","\"",$value); } return "'" . $value . "'"; }}function strip($value){ if(get_magic_quotes_gpc() == 0) return $value; else return stripslashes($value);}function db_fill_array($sql_query){ global $db; $db_fill = new DB_Sql(); $db_fill->Database = $db->Database; $db_fill->User = $db->User; $db_fill->Password = $db->Password; $db_fill->Host = $db->Host; $db_fill->query($sql_query); if ($db_fill->next_record()) { do { $ar_lookup[$db_fill->f(0)] = $db_fill->f(1); } while ($db_fill->next_record()); return $ar_lookup; } else return false;}//-------------------------------// Deprecated function - use get_db_value($sql)//-------------------------------function dlookup($table_name, $field_name, $where_condition){ $sql = "SELECT " . $field_name . " FROM " . $table_name . " WHERE " . $where_condition; return get_db_value($sql);}//-------------------------------// Lookup field in the database based on SQL query//-------------------------------function get_db_value($sql){ global $db; $db_look = new DB_Sql(); $db_look->Database = $db->Database; $db_look->User = $db->User; $db_look->Password = $db->Password; $db_look->Host = $db->Host; $db_look->query($sql); if($db_look->next_record()) return $db_look->f(0); else return "";}//-------------------------------// Obtain Checkbox value depending on field type//-------------------------------function get_checkbox_value($value, $checked_value, $unchecked_value, $type){ if(!strlen($value)) return tosql($unchecked_value, $type); else return tosql($checked_value, $type);}//-------------------------------// Obtain lookup value from array containing List Of Values//-------------------------------function get_lov_value($value, $array){ $return_result = ""; if(sizeof($array) % 2 != 0) $array_length = sizeof($array) - 1; else $array_length = sizeof($array); for($i = 0; $i < $array_length; $i = $i + 2) { if($value == $array[$i]) $return_result = $array[$i+1]; } return $return_result;}//-------------------------------// Verify user's security level and redirect to login page if needed//-------------------------------function check_security($security_level){ global $UserRights; if(!session_is_registered("UserID")) header ("Location: Login.php?querystring=" . urlencode(getenv("QUERY_STRING")) . "&ret_page=" . urlencode(getenv("REQUEST_URI"))); else if(!session_is_registered("UserRights") || $UserRights < $security_level) header ("Location: Login.php?querystring=" . urlencode(getenv("QUERY_STRING")) . "&ret_page=" . urlencode(getenv("REQUEST_URI")));}//===============================// GlobalFuncs begin// GlobalFuncs end//===============================?>and -------<?phpclass DB_Sql { /* public: connection parameters */ var $Host = ""; <--------------------------------------// necessary for me include data here!!!!!! var $Database = ""; var $User = ""; var $Password = ""; /* public: configuration parameters */ var $Auto_Free = 0; ## Set to 1 for automatic mysql_free_result() var $Debug = 0; ## Set to 1 for debugging messages. var $Halt_On_Error = "yes"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore errror, but spit a warning) var $Seq_Table = "db_sequence"; /* public: result array and current row number */ var $Record = array(); var $Row; /* public: current error number and error text */ var $Errno = 0; var $Error = ""; /* public: this is an api revision, not a CVS revision. */ var $type = "mysql"; var $revision = "1.2"; /* private: link and query handles */ var $Link_ID = 0; var $Query_ID = 0; /* public: constructor */ function DB_Sql($query = "") { $this->query($query); } /* public: some trivial reporting */ function link_id() { return $this->Link_ID; } function query_id() { return $this->Query_ID; } /* public: connection management */ function connect($Database = "", $Host = "", $User = "", $Password = "") <---------- // necessary for me include data here!!!!!!{ /* Handle defaults */ if ("" == $Database) $Database = $this->Database; if ("" == $Host) $Host = $this->Host; if ("" == $User) $User = $this->User; if ("" == $Password) $Password = $this->Password; /* establish connection, select database */ if ( 0 == $this->Link_ID ) { $this->Link_ID=mysql_pconnect($Host, $User, $Password); if (!$this->Link_ID) { $this->halt("connect($Host, $User, \$Password) failed."); return 0; } if (!@mysql_select_db($Database,$this->Link_ID)) { $this->halt("cannot use database ".$this->Database); return 0; } } return $this->Link_ID; } /* public: discard the query result */ function free() { @mysql_free_result($this->Query_ID); $this->Query_ID = 0; } /* public: perform a query */ function query($Query_String) { /* No empty queries, please, since PHP4 chokes on them. */ if ($Query_String == "") /* The empty query string is passed on from the constructor, * when calling the class without a query, e.g. in situations * like these: '$db = new DB_Sql_Subclass;' */ return 0; if (!$this->connect()) { return 0; /* we already complained in connect() about that. */ }; # New query, discard previous result. if ($this->Query_ID) { $this->free(); } if ($this->Debug) printf("Debug: query = %s<br>\n", $Query_String); $this->Query_ID = @mysql_query($Query_String,$this->Link_ID); $this->Row = 0; $this->Errno = mysql_errno(); $this->Error = mysql_error(); if (!$this->Query_ID) { $this->halt("Invalid SQL: ".$Query_String); } # Will return nada if it fails. That's fine. return $this->Query_ID; } /* public: walk result set */ function next_record() { if (!$this->Query_ID) { $this->halt("next_record called with no query pending."); return 0; } $this->Record = @mysql_fetch_array($this->Query_ID); $this->Row += 1; $this->Errno = mysql_errno(); $this->Error = mysql_error(); $stat = is_array($this->Record); if (!$stat && $this->Auto_Free) { $this->free(); } return $stat; } /* public: position in result set */ function seek($pos = 0) { $status = @mysql_data_seek($this->Query_ID, $pos); if ($status) $this->Row = $pos; else { $this->halt("seek($pos) failed: result has ".$this->num_rows()." rows"); /* half assed attempt to save the day, * but do not consider this documented or even * desireable behaviour. */ @mysql_data_seek($this->Query_ID, $this->num_rows()); $this->Row = $this->num_rows; return 0; } return 1; } /* public: table locking */ function lock($table, $mode="write") { $this->connect(); $query="lock tables "; if (is_array($table)) { while (list($key,$value)=each($table)) { if ($key=="read" && $key!=0) { $query.="$value read, "; } else { $query.="$value $mode, "; } } $query=substr($query,0,-2); } else { $query.="$table $mode"; } $res = @mysql_query($query, $this->Link_ID); if (!$res) { $this->halt("lock($table, $mode) failed."); return 0; } return $res; } function unlock() { $this->connect(); $res = @mysql_query("unlock tables"); if (!$res) { $this->halt("unlock() failed."); return 0; } return $res; } /* public: evaluate the result (size, width) */ function affected_rows() { return @mysql_affected_rows($this->Link_ID); } function num_rows() { return @mysql_num_rows($this->Query_ID); } function num_fields() { return @mysql_num_fields($this->Query_ID); } /* public: shorthand notation */ function nf() { return $this->num_rows(); } function np() { print $this->num_rows(); } function f($Name) { if(isset($this->Record[$Name])) return $this->Record[$Name]; else return ""; } function p($Name) { print $this->Record[$Name]; } /* public: sequence numbers */ function nextid($seq_name) { $this->connect(); if ($this->lock($this->Seq_Table)) { /* get sequence number (locked) and increment */ $q = sprintf("select nextid from %s where seq_name = '%s'", $this->Seq_Table, $seq_name); $id = @mysql_query($q, $this->Link_ID); $res = @mysql_fetch_array($id); /* No current value, make one */ if (!is_array($res)) { $currentid = 0; $q = sprintf("insert into %s values('%s', %s)", $this->Seq_Table, $seq_name, $currentid); $id = @mysql_query($q, $this->Link_ID); } else { $currentid = $res["nextid"]; } $nextid = $currentid + 1; $q = sprintf("update %s set nextid = '%s' where seq_name = '%s'", $this->Seq_Table, $nextid, $seq_name); $id = @mysql_query($q, $this->Link_ID); $this->unlock(); } else { $this->halt("cannot lock ".$this->Seq_Table." - has it been created?"); return 0; } return $nextid; } /* public: return table metadata */ function metadata($table='',$full=false) { $count = 0; $id = 0; $res = array(); /* * Due to compatibility problems with Table we changed the behavior * of metadata(); * depending on $full, metadata returns the following values: * * - full is false (default): * $result[]: * [0]["table"] table name * [0]["name"] field name * [0]["type"] field type * [0]["len"] field length * [0]["flags"] field flags * * - full is true * $result[]: * ["num_fields"] number of metadata records * [0]["table"] table name * [0]["name"] field name * [0]["type"] field type * [0]["len"] field length * [0]["flags"] field flags * ["meta"][field name] index of field named "field name" * The last one is used, if you have a field name, but no index. * Test: if (isset($result['meta']['myfield'])) { ... */ // if no $table specified, assume that we are working with a query // result if ($table) { $this->connect(); $id = @mysql_list_fields($this->Database, $table); if (!$id) $this->halt("Metadata query failed."); } else { $id = $this->Query_ID; if (!$id) $this->halt("No query specified."); } $count = @mysql_num_fields($id); // made this IF due to performance (one if is faster than $count if's) if (!$full) { for ($i=0; $i<$count; $i++) { $res[$i]["table"] = @mysql_field_table ($id, $i); $res[$i]["name"] = @mysql_field_name ($id, $i); $res[$i]["type"] = @mysql_field_type ($id, $i); $res[$i]["len"] = @mysql_field_len ($id, $i); $res[$i]["flags"] = @mysql_field_flags ($id, $i); } } else { // full $res["num_fields"]= $count; for ($i=0; $i<$count; $i++) { $res[$i]["table"] = @mysql_field_table ($id, $i); $res[$i]["name"] = @mysql_field_name ($id, $i); $res[$i]["type"] = @mysql_field_type ($id, $i); $res[$i]["len"] = @mysql_field_len ($id, $i); $res[$i]["flags"] = @mysql_field_flags ($id, $i); $res["meta"][$res[$i]["name"]] = $i; } } // free the result only if we were called on a table if ($table) @mysql_free_result($id); return $res; } /* private: error handling */ function halt($msg) { $this->Error = @mysql_error($this->Link_ID); $this->Errno = @mysql_errno($this->Link_ID); if ($this->Halt_On_Error == "no") return; $this->haltmsg($msg); if ($this->Halt_On_Error != "report") die("Session halted."); } function haltmsg($msg) { printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg); printf("<b>MySQL Error</b>: %s (%s)<br>\n", $this->Errno, $this->Error); } function table_names() { $this->query("SHOW TABLES"); $i=0; while ($info=mysql_fetch_row($this->Query_ID)) { $return[$i]["table_name"]= $info[0]; $return[$i]["tablespace_name"]=$this->Database; $return[$i]["database"]=$this->Database; $i++; } return $return; }}?> Share this post Link to post Share on other sites
Quatrux 4 Report post Posted August 26, 2010 This seems to be quite an old PHP script, why don't you find any other Database script? As the methods used there are really old for the year 2010. :PAlso, I don't understand what you want by showing the code, what problems you have using it and etc. What PHP version are you running? What errors are you getting? Share this post Link to post Share on other sites
truefusion 3 Report post Posted August 26, 2010 The code illustrated does not show how the classes and functions are being used, nor does it show which ones were used. There is no point in attempting to debug the code you have provided as there are other factors that have been intentionally left out that we require knowing, some of which you may not even know of. Share this post Link to post Share on other sites
amrytech 0 Report post Posted August 27, 2010 actually, this code i get from my friend. i want built the system web base for my final project. the code for open userthe problem is i use in easyphp. when i login as admin, page loading not function. still at current page. i test code at DSV PHP editor. not error.so i no idea to solving the problem Share this post Link to post Share on other sites