Revize 5d106402
Přidáno uživatelem Filip Jani před téměř 6 roky(ů)
old/html/multidic/classes/db.php | ||
---|---|---|
6 | 6 |
* |
7 | 7 |
* $Id: db_pgsql.inc,v 1.9 2002/08/26 08:27:43 richardarcher Exp $ |
8 | 8 |
* |
9 |
*/
|
|
9 |
*/ |
|
10 | 10 | |
11 | 11 |
class DB_Sql { |
12 | 12 |
var $Host = "Filek.cz"; |
... | ... | |
22 | 22 |
/** @var mysqli */ |
23 | 23 |
var $connection = null; |
24 | 24 |
var $Debug = 0; |
25 |
|
|
25 | ||
26 | 26 |
/* public: constructor */ |
27 | 27 |
function __construct($query = "") { |
28 | 28 |
$this->query($query); |
... | ... | |
37 | 37 |
} |
38 | 38 |
} |
39 | 39 | |
40 |
function escape_string($string) |
|
41 |
{ |
|
42 |
if ($this->connection == null) |
|
43 |
{ |
|
44 |
$this->connection = new mysqli($this->Host, $this->User, $this->Password, $this->Database); |
|
45 |
$this->connection->set_charset("utf8"); |
|
46 |
} |
|
47 |
return $this->connection->real_escape_string($string); |
|
48 |
} |
|
49 | ||
40 | 50 |
function query(string $Query_String) { |
41 | 51 |
/* No empty queries, please, since PHP4 chokes on them. */ |
42 | 52 |
if ($Query_String == "") |
... | ... | |
47 | 57 |
return 0; |
48 | 58 | |
49 | 59 |
$this->connect(); |
50 |
|
|
51 |
if ($this->Debug)
|
|
60 | ||
61 |
if ($this->Debug) |
|
52 | 62 |
printf("<br>Debug: query = %s<br>\n", $Query_String); |
53 | 63 | |
54 | 64 |
$this->result = $this->connection->query($Query_String); |
... | ... | |
59 | 69 | |
60 | 70 |
return $this->result; |
61 | 71 |
} |
62 |
|
|
72 | ||
63 | 73 |
function next_record() { |
64 | 74 |
$this->row = mysqli_fetch_row($this->result); |
65 | 75 |
return $this->row; |
... | ... | |
117 | 127 |
function f($Name) { |
118 | 128 |
return $this->result[$Name]; |
119 | 129 |
} |
120 |
|
|
130 | ||
121 | 131 |
function halt($msg) { |
122 | 132 |
printf("</td></tr></table><b>Database error:</b> %s<br>\n", $msg); |
123 | 133 |
printf("<b>PostgreSQL Error</b>: %s (%s)<br>\n", |
old/html/multidic/functions/dictionary.php | ||
---|---|---|
47 | 47 |
global $_SESSION; |
48 | 48 |
if (!Empty($jmeno) && !Empty($heslo)) { |
49 | 49 |
$DB = new DB_Sql(); |
50 |
$DB->query( "select * " . |
|
51 |
"from \"user\" " . |
|
52 |
"where nick = '".pg_escape_string($jmeno)."' " . |
|
53 |
"and pass = '".pg_escape_string($heslo)."'");//, array($jmeno, $heslo) ); |
|
54 |
$DB->next_record(); |
|
50 |
$result = $DB->query( "select * " . |
|
51 |
"from user " . |
|
52 |
"where nick = '".$DB->escape_string($jmeno)."' " . |
|
53 |
"and pass = '".$DB->escape_string($heslo)."'");//, array($jmeno, $heslo) ); |
|
55 | 54 |
if ($DB->num_rows() != 1) |
56 | 55 |
return false; |
57 | 56 |
session_regenerate_id(); |
Také k dispozici: Unified diff
Re #7580 přihlášení uživatele v arabic