12-17-2008, 10:39 PM
|
#1 (permalink)
|
|
how quixotic are you?
Join Date: Dec 2007
Location: Lapeer, MI
Posts: 445
Thanks: 37
|
Problem with mysql_real_escape_string()
OK, so I've been working on a new, top secret framework and I ran into a bit of a problem when trying to use mysql_real_escape_string(). It just gives me an error saying:
Quote:
Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'localhost' (using password: NO) in C:\xampp\htdocs\dingo\testapps\blog_0-1-2\application\controllers\article.php on line 8
Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in C:\xampp\htdocs\dingo\testapps\blog_0-1-2\application\controllers\article.php on line 8
|
I think it is because I'm using a MySQL class to store my database connection stuff.
Here's the MySQL class:
PHP Code:
class mysql {
private $db; // db name
private $db_host; // db server host
private $db_user; // db mysql username
private $db_password; // db mysql password
private $db_conn=NULL; // data ressource connection
private $_queries=array(); // array of query string
public $error=false; // is an error?
public $debug=true;
private function _connect() {
if (function_exists("mysql_connect")) {
$this->db_conn=mysql_connect($this->db_host,$this->db_user,$this->db_password) or die(mysql_error()." ".mysql_errno());
}
else {
if ($this->debug)
echo "Mysql extension not installed into PHP";
$this->error=true;
}
}
public function __construct($db,$db_host,$db_user,$db_password) {
$this->db=$db;
$this->db_host=$db_host;
$this->db_user=$db_user;
$this->db_password=$db_password;
}
/**
* query() : make a mysql query
*
* @param $query : query to launch
* @return : an array(array(),...array()) of results if select query
*/
public function query($query) {
if ($this->db_conn===NULL) {
$this->_connect();
}
//$this->queries[]=$query;
if (!$this->error) {
//echo $this->db_conn;
$test=mysql_select_db($this->db,$this->db_conn);
if ($test) {
if (is_string($query)) {
$debut=microtime(true);
$db_result=mysql_query($query,$this->db_conn);
$fin=microtime(true);
$this->_queries[]=array('query'=>$query,'time'=>($fin-$debut));
if ($db_result===FALSE) {
echo "Mysql Error: <strong>".mysql_error($this->db_conn)."</strong> in query to database '$this->db'<br><br>\n ".$query."<br><br>\n";
return false;
}
}
elseif (is_array($query)) { // gere les transaction
$res=array();
$db_result=mysql_query("START TRANSACTION;",$this->db_conn);
if ($db_result===FALSE)
return false;
foreach ($query as $q) {
$db_result=$this->query($q);
if ($db_result===FALSE)
return false;
else
$res[]=$db_result;
}
$db_result=mysql_query("COMMIT;",$this->db_conn);
if ($db_result===FALSE)
return false;
else
return $res;
}
if ((strtoupper(substr(ltrim(ltrim($query,' '),'('),0,6))=="SELECT")
||(strtoupper(substr(ltrim(ltrim($query,' '),'('),0,8))=="DESCRIBE")) { // have to process data to return because SELECT query
$num_row=mysql_num_rows($db_result);
for ($res=array(),$i=0;$i<$num_row;$i++)
$res[$i]=mysql_fetch_assoc($db_result);
return $res;
}
else
return true;
}
else {
$this->error=true;
die ("Error in mysql_select_db: ".mysql_error());
}
}
else
return array();
}
/**
* insert() : make a mysql insert
*
* @param $table : name of the table
* @param $liste_champs : array of the field to insert
* @param $liste_valeur : array of the valued of the field to insert
* @return : the id of the primary key value after insert
*/
public function insert($table,$liste_champs,$liste_valeur) {
$sql="INSERT INTO `$table` ";
$sql.="(`".implode("`,`",$liste_champs)."`) ";
$sql.="VALUES (";
$temp=array();
foreach ($liste_valeur as $v)
if (strcmp($v,"NULL")==0)
$temp[]='NULL';
else
$temp[]="'".$v."'";
$sql.=implode(",",$temp).")";
$res=$this->query($sql);
if ($res===FALSE)
return false;
else
return mysql_insert_id($this->db_conn);
}
/**
* mysql_update() : make a mysql update
*
* @param $table : name of the table
* @param $liste_champs : array of the field to update
* @param $liste_valeur : array of the valued of the field to update
* @param $where : where condition
*/
public function update($table,$liste_champs,$liste_valeur,$where) {
if ($where!="") { // prevent for updating all datas! use query function instead...
$sql="UPDATE `$table` SET ";
for ($i=0;$i<count($liste_champs);$i++) {
$k=$liste_champs[$i];
$v=$liste_valeur[$i];
if (strcmp($v,'NULL')==0) {
$sql.="`$k`=NULL";
die();
}
else
$sql.="`$k`='$v'";
$sql.=(($i==count($liste_champs)-1)?"":" , ");
}
$sql.=" WHERE ($where)";
//ebug($sql);
return $this->query($sql);
//ebug($res);
}
return false;
}
/**
* delete() : make a mysql delete
*
* @param $table : name of the table
* @param $where : where condition
*/
public function delete($table,$where) {
if ($where!="") { // prevent for deleting ALL datas! use query function instead...
$sql="DELETE FROM $table WHERE ($where)";
return $this->query($sql);
}
return false;
}
/**
* select_diff() : make a select a,b,c,d from table1 where (a not in select a from table2 where ())and/or()
* => subselect emulation!
*
* @param $query_plus : select of the lines we want
* @param $query_moins : !! select of the lines we don't want (!! 1 column only)
* @return : array of array, like query function with select query
*/
public function select_diff($query_plus,$query_moins) {
$tab_plus=$this->query($query_plus);
if ($query_moins!="") {
$tab_moins=$this->query($query_moins);
if (count($tab_moins)>0) {
$keys1=array_keys($tab_plus[0]);
$keys2=array_keys($tab_moins[0]);
for ($i=0,$res=array();$i<count($tab_plus);$i++) {
for ($j=0,$find=false;$j<count($tab_moins);$j++)
if ($tab_moins[$j][$keys2[0]]==$tab_plus[$i][$keys1[0]])
$find=true;
if (!$find)
$res[]=$tab_plus[$i];
}
return $res;
}
else
return $tab_plus;
}
else
return $tab_plus;
}
/**
* select_value() : get _a_ value from a query (ie a field on a row) with a default value
*
* @param $query : the query, with a single field in SELECT clause
* @param $default : the value the function return if no row answer to the query
* @return : the value of row/column of the query
*/
public function select_value($query,$default="") {
$tab=$this->query($query." LIMIT 0,1");
if (count($tab)==1) { // only one row!!
$keys=array_keys($tab[0]);
return $tab[0][$keys[0]];
}
else
return $default;
}
/**
* Give list of queries the class have lunch
*
* @return : an array of all queries
*/
public function get_queries($order=NULL) {
//ebug($this->_queries);
if ($order=='query')
return array_2D_sort($this->_queries,'query');
if ($order=='time')
return array_2D_sort($this->_queries,'time','DESC');
return $this->_queries;
}
/**
* give the number of query the class have lunch
*
* @return : an integer
*/
public function get_nb_query() {
return count($this->_queries);
}
/**
* Close mysql connection
*
*/
public function __destruct() {
// ADDED BY EVAN
if($this->db_conn)
{
mysql_close($this->db_conn);
}
}
}
Know of any way around this? |
|
|
|
Join the friendly bunch on IRC...
Linear Mode
