一款实用的php mysql数据库连接类

作者:袖梨 2022-06-24

 本款数据库连接类,他会自动加载sql防注入功能,过滤一些敏感的sql查询关键词,同时还可以增加判断字段 show table status的性质与show table类 获取数据库所有表名等。*/
@ini_set('mysql.trace_mode','off');
class mysql
{
 public $dblink;
 public $pconnect;
 private $search = array('/union(s*(/*.**/)?s*)+select/i', '/load_file(s*(/*.**/)?s*)+(/i', '/into(s*(/*.**/)?s*)+outfile/i');
 private $replace = array('union   select', 'load_file   (', 'into   outfile');
 private $rs;

 function __construct($hostname,$username,$userpwd,$database,$pconnect=false,$charset='utf8')
 {
  define('allowed_htmltags', '<meta><body><a><p><br><hr><h1><h2><h3><h4><h5><h6><font><u><i><b><strong><div><span><ol><ul><li><img><table><tr><td><map>'); <br />   $this->pconnect=$pconnect;<br />   $this->dblink=$pconnect?mysql_pconnect($hostname,$username,$userpwd):mysql_connect($hostname,$username,$userpwd);<br />   (!$this->dblink||!is_resource($this->dblink)) && fatal_error("connect to the database unsuccessfully!");<br />   @mysql_unbuffered_query("set names {$charset}");<br />   if($this->version()>'5.0.1')<br />   {<br />    @mysql_unbuffered_query("set sql_mode = ''");<br />   }<br />   @mysql_select_db($database) or fatal_error("can not select table!");<br />   return $this->dblink;<br />  }</p> <p> function query($sql,$unbuffered=false)<br />  {<br />   //echo $sql.'<br>';<br />   $this->rs=$unbuffered?mysql_unbuffered_query($sql,$this->dblink):mysql_query($sql,$this->dblink);<br />   //(!$this->rs||!is_resource($this->rs)) && fatal_error("execute the query unsuccessfully! error:".mysql_error());<br />   if(!$this->rs)fatal_error('在执行sql语句 '.$sql.' 时发生以下错误:'.mysql_error());<br />   return $this->rs;<br />  }</p> <p> function fetch_one($sql)<br />  {<br />   $this->rs=$this->query($sql);<br />   return dircms_stri<a target="_blank" href="/fw/photo.html">ps教程</a>lashes($this->filter_pass(mysql_fetch_array($this->rs,mysql_assoc)));<br />  }</p> <p> function get_maxfield($filed='id',$table) // 获取$table表中$filed字段的最大值<br />  {<br />   $r=$this->fetch_one("select {$table}.{$filed} from `{$table}` order by `{$table}`.`{$filed}` desc limit 0,1");<br />   return $r[$filed];<br />  }</p> <p> function fetch_all($sql)<br />  {<br />   $this->rs=$this->query($sql);<br />   $result=array();<br />   while($rows=mysql_fetch_array($this->rs,mysql_assoc))<br />   {<br />    $result[]=$rows;<br />   }<br />   <br />   mysql_free_result($this->rs);<br />   return dircms_stripslashes($this->filter_pass($result)); <br />  }</p> <p> function fetch_all_withkey($sql,$key='id')<br />  {<br />   $this->rs=$this->query($sql);<br />   $result=array();<br />   while($rows=mysql_fetch_array($this->rs,mysql_assoc))<br />   {<br />    $result[$rows[$key]]=$rows;<br />   }<br />   <br />   mysql_free_result($this->rs);<br />   return dircms_stripslashes($this->filter_pass($result)); <br />  }</p> <p> function last_insert_id()<br />  {<br />   if(($insertid=mysql_insert_id($this->dblink))>0)return $insertid;<br />   else //如果 auto_increment 的列的类型是 bigint,则 mysql_insert_id() 返回的值将不正确.<br />   {<br />    $result=$this->fetch_one('select last_insert_id() as insertid');<br />    return $result['insertid'];<br />   }<br />  }</p> <p> function insert($tbname,$varray,$replace=false)<br />  {<br />   $varray=$this->escape($varray);<br />   $tb_fields=$this->get_fields($tbname); // mb.111com.net 升级一下,增加判断字段是否存在<br />   <br />   foreach($varray as $key => $value)<br />   {<br />    if(in_array($key,$tb_fields))<br />    {<br />     $fileds[]='`'.$key.'`';<br />     $values[]=is_string($value)?'''.$value.''':$value;<br />    }<br />   }</p> <p>  if($fileds)<br />   {<br />    $fileds=implode(',',$fileds);<br />    $fileds=str_replace(''','`',$fileds);<br />    $values=implode(',',$values);<br />    $sql=$replace?"replace into {$tbname}({$fileds}) values ({$values})":"insert into {$tbname}({$fileds}) values ({$values})";<br />    $this->query($sql,true);<br />    return $this->last_insert_id();<br />   }<br />   else return false;<br />  }</p> <p> function update($tbname, $array, $where = '')<br />  {<br />   $array=$this->escape($array);<br />   if($where)<br />   {<br />    $tb_fields=$this->get_fields($tbname); // www.111com.net,增加判断字段是否存在<br />    <br />    $sql = '';<br />    foreach($array as $k=>$v)<br />    {<br />     if(in_array($k,$tb_fields))<br />     {<br />      $k=str_replace(''','',$k);<br />      $sql .= ", `$k`='$v'";<br />     }<br />    }<br />    $sql = substr($sql, 1);<br />    <br />    if($sql)$sql = "update `$tbname` set $sql where $where";<br />    else return true;<br />   }<br />   else<br />   {<br />    $sql = "replace into `$tbname`(`".implode('`,`', array_keys($array))."`) values('".implode("','", $array)."')";<br />   }<br />   return $this->query($sql,true);<br />  }<br />  <br />  function mysql_delete($tbname,$idarray,$filedname='id')<br />  {<br />   $idwhere=is_array($idarray)?implode(',',$idarray):intval($idarray);<br />   $where=is_array($idarray)?"{$tbname}.{$filedname} in ({$idwhere})":" {$tbname}.{$filedname}={$idwhere}";</p> <p>  return $this->query("delete from {$tbname} where {$where}",true);<br />  }</p> <p> function get_fields($table)<br />  {<br />   $fields=array();<br />   $result=$this->fetch_all("show columns from `{$table}`");<br />   foreach($result as $val)<br />   {<br />    $fields[]=$val['field'];<br />   }<br />   return $fields;<br />  }</p> <p> function get_table_status($database)<br />  {<br />   $status=array();<br />   $r=$this->fetch_all("show table status from `".$database."`"); /////// show table status的性质与show table类似,不过,可以提供每个表的大量信息。<br />   foreach($r as $v)<br />   {<br />    $status[]=$v;<br />   }<br />   return $status;<br />  }</p> <p> function get_one_table_status($table)<br />  {<br />   return $this->fetch_one("show table status like '$table'");<br />  }</p> <p> function create_fields($tbname,$fieldname,$size=0,$type='varchar') // 2010-5-14 修正一下<br />  {  <br />   if($size)<br />   {<br />    $size=strtoupper($type)=='varchar'?$size:8;<br />    $this->query("alter table `{$tbname}` add `$fieldname` {$type}( {$size} )  not null",true);<br />   }<br />   else $this->query("alter table `{$tbname}` add `$fieldname` mediumtext  not null",true);<br />   return true;<br />  }</p> <p> function get_tables() //获取所有表表名<br />  {<br />   $tables=array();<br />   $r=$this->fetch_all("show tables");<br />   foreach($r as $v)<br />   {<br />    foreach($v as $v_)<br />    {<br />     $tables[]=$v_;<br />    }<br />   }<br />   return $tables;<br />  }</p> <p> function create_model_table($tbname) //创建一个内容模型表(start:初始只有字段contentid int(20),用于内容表,/////////////////////// update:2010-5-20     默认加入`content` mediumtext not null,字段)<br />  {<br />   if(in_array($tbname,$this->get_tables())) return false;  ///////////////////// 当表名已经存在时,返回 false<br />   if($this->query("create table `{$tbname}` (<br /> `contentid` mediumint(8) not null ,<br /> `content` mediumtext not null,<br /> key ( `contentid` ) <br /> ) engine = myisam default charset=utf8",true))return true;   ////////////////////  成功则返回 true<br />   return false; //////////////失败返回 false<br />  }</p> <p> function create_table($tbname) //创建一个会员模型空表(初始只有字段userid int(20),用于会员表,2010-4-26)<br />  {<br />   if(in_array($tbname,$this->get_tables())) return false;<br />   if($this->query("create table `{$tbname}` (<br /> `userid` mediumint(8) not null ,<br /> key ( `userid` ) <br /> ) engine = myisam default charset=utf8",true))return true;<br />   return false;<br />  }</p> <p> function escape($str) // 过滤危险字符<br />  {<br />   if(!is_array($str)) return str_replace(array('n', 'r'), array(chr(10), chr(13)),mysql_real_escape_string(preg_replace($this->search,$this->replace, $str), $this->dblink));<br />   foreach($str as $key=>$val) $str[$key] = $this->escape($val);<br />   return $str;<br />  }</p> <p> function filter_pass($string, $allowedtags = '', $disabledattributes = array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavaible', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragdrop', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterupdate', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmoveout', 'onmou<a target="_blank" href="/seo/seo.html">seo教程</a>ver', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload'))<br />  {<br />   if(is_array($string))<br />   {<br />    foreach($string as $key => $val) $string[$key] = $this->filter_pass($val, allowed_htmltags);<br />   }<br />   else<br />   {<br />    $string = preg_replace('/s('.implode('|', $disabledattributes).').*?([s>])/', '', preg_replace('/<(.*?)>/ie', "'<'.preg_replace(array('/<a target="_blank" href="/js_a/js.html">网页特效</a>:[^"']*/i', '/(".implode('|', $disabledattributes).")[ ]*=[ ]*["'][^"']*["']/i', '/s+/'), array('', '', ' '), stripslashes('')) . '>'", strip_tags($string, $allowedtags)));<br />   }<br />   return $string;<br />  }</p> <p> function drop_table($tbname)<br />  {<br />   return $this->query("drop table if exists `{$tbname}`",true);<br />  }</p> <p> function version()<br />  {<br />   return mysql_get_server_info($this->dblink);<br />  }<br /> }</p></td> </tr> </table> </div> </div> </section> <section class="wrap-box"> <div class="g-tit"> <h2>相关文章</h2> </div> <ul class="s-list nobord notop"> <li> <a href="/art-424491.htm" class="s-card"> <div class="s-card-l"> <p class="tit">炉石传说兑换码大全</p> <div class="info"> <span class="person">游戏攻略</span> <span class="time">2024-12-26</span> </div> </div> <div class="s-card-pic"> <img src="/images/lazy.gif" data-src="/uploads/20241226/logo_676cfefb803431.jpeg" alt="炉石传说兑换码大全" /> </div> </a> </li> <li> <a href="/art-424490.htm" class="s-card"> <div class="s-card-l"> <p class="tit">重返未来1999趋光性研究夜幕之外怎么玩 趋光性夜幕之外活动介绍</p> <div class="info"> <span class="person">游戏攻略</span> <span class="time">2024-12-26</span> </div> </div> <div class="s-card-pic"> <img src="/images/lazy.gif" data-src="/uploads/20241226/logo_676cea9d0ee421.jpeg" alt="重返未来1999趋光性研究夜幕之外怎么玩 趋光性夜幕之外活动介绍" /> </div> </a> </li> <li> <a href="/art-424488.htm" class="s-card"> <div class="s-card-l"> <p class="tit">光遇12.26大蜡烛在哪里 光遇12月26日大蜡烛位置攻略</p> <div class="info"> <span class="person">游戏攻略</span> <span class="time">2024-12-26</span> </div> </div> <div class="s-card-pic"> <img src="/images/lazy.gif" data-src="/uploads/20241226/logo_676cea972561b1.jpeg" alt="光遇12.26大蜡烛在哪里 光遇12月26日大蜡烛位置攻略" /> </div> </a> </li> <li> <a href="/art-424489.htm" class="s-card"> <div class="s-card-l"> <p class="tit">江南百景图金谷园怎么样 江南百景图金谷园建筑介绍</p> <div class="info"> <span class="person">游戏攻略</span> <span class="time">2024-12-26</span> </div> </div> <div class="s-card-pic"> <img src="/images/lazy.gif" data-src="/uploads/20241226/logo_676cea9c8c2ce1.jpeg" alt="江南百景图金谷园怎么样 江南百景图金谷园建筑介绍" /> </div> </a> </li> <li> <a href="/art-424487.htm" class="s-card"> <div class="s-card-l"> <p class="tit">光遇12.26每日任务怎么做 光遇12月26日每日任务做法攻略</p> <div class="info"> <span class="person">游戏攻略</span> <span class="time">2024-12-26</span> </div> </div> <div class="s-card-pic"> <img src="/images/lazy.gif" data-src="/uploads/20241226/logo_676cce83dcf8a1.jpeg" alt="光遇12.26每日任务怎么做 光遇12月26日每日任务做法攻略" /> </div> </a> </li> <li> <a href="/art-424486.htm" class="s-card"> <div class="s-card-l"> <p class="tit">光遇12.26季节蜡烛在哪里 光遇12月26日季节蜡烛位置攻略</p> <div class="info"> <span class="person">游戏攻略</span> <span class="time">2024-12-26</span> </div> </div> <div class="s-card-pic"> <img src="/images/lazy.gif" data-src="/uploads/20241226/logo_676cce82d6a891.jpeg" alt="光遇12.26季节蜡烛在哪里 光遇12月26日季节蜡烛位置攻略" /> </div> </a> </li> </ul> </section> <section class="wrap-box"> <div class="g-tit"> <h2>精彩推荐</h2> </div> <ul class="card-box"> <li class="card3"> <a href="/app/101544.htm" target="_self" class="figure"> <div class="figure-box"> <img src="/images/lazy.gif" data-src="https://img.111cn.net/uploads/20241226/logo_676cb092a2bd71.png" alt="恐龙生存侏罗纪世界 安卓版v0.0.32" /> </div> <p class="figure-head">恐龙生存侏罗纪世界 安卓版v0.0.32</p> <span class="figure-btn">下载</span> </a> </li> <li class="card3"> <a href="/app/101536.htm" target="_self" class="figure"> <div class="figure-box"> <img src="/images/lazy.gif" data-src="https://img.111cn.net/uploads/20241226/logo_676cb0896d6171.png" alt="死神vs火影沃特水改版全人物 安卓版vwts_1.3.60" /> </div> <p class="figure-head">死神vs火影沃特水改版全人物 安卓版vwts_1.3.60</p> <span class="figure-btn">下载</span> </a> </li> <li class="card3"> <a href="/app/101529.htm" target="_self" class="figure"> <div class="figure-box"> <img src="/images/lazy.gif" data-src="https://img.111cn.net/uploads/20241226/logo_676cb077371b81.png" alt="小猫传奇免广告版 最新版本v64" /> </div> <p class="figure-head">小猫传奇免广告版 最新版本v64</p> <span class="figure-btn">下载</span> </a> </li> <li class="card3"> <a href="/app/101528.htm" target="_self" class="figure"> <div class="figure-box"> <img src="/images/lazy.gif" data-src="https://img.111cn.net/uploads/20241226/logo_676cb074f01b31.png" alt="街头搏斗 安卓最新版v3.2.2" /> </div> <p class="figure-head">街头搏斗 安卓最新版v3.2.2</p> <span class="figure-btn">下载</span> </a> </li> </ul> <ul class="card-box-b"> <li class="card10"> <a href="/app/101541.htm" target="_self" class="figure2"> <div class="figure-box"> <img src="/images/lazy.gif" data-src="https://img.111cn.net/uploads/20241226/logo_676cb08e8831a1.png" alt="我的博物馆故事 官方安卓版v1.61.2" /> </div> <div class="figure-cont"> <p class="figure-head">我的博物馆故事 官方安卓版v1.61.2</p> <div class="figure-desc"> <span>模拟经营</span> <span>我的博物馆故事 官方安卓版v1.61.2</span> </div> <div class="figure-desc"> <p>我的博物馆故事是一款以消除为主题的经营养成类手游,在这里玩家</p> </div> </div> <span class="figure-btn">下载</span> </a> </li> <li class="card10"> <a href="/app/101531.htm" target="_self" class="figure2"> <div class="figure-box"> <img src="/images/lazy.gif" data-src="https://img.111cn.net/uploads/20241226/logo_676cb07e2e4c11.png" alt="专业模拟飞行10 手机版v12.2.4" /> </div> <div class="figure-cont"> <p class="figure-head">专业模拟飞行10 手机版v12.2.4</p> <div class="figure-desc"> <span>模拟经营</span> <span>专业模拟飞行10 手机版v12.2.4</span> </div> <div class="figure-desc"> <p>专业模拟飞行10安卓版是一款飞行休闲手游,顶尖的物理飞行引擎</p> </div> </div> <span class="figure-btn">下载</span> </a> </li> <li class="card10"> <a href="/app/101526.htm" target="_self" class="figure2"> <div class="figure-box"> <img src="/images/lazy.gif" data-src="https://img.111cn.net/uploads/20241226/logo_676cb06f772b01.png" alt="动物起义战斗模拟器二琳同款 最新版v4.1.1" /> </div> <div class="figure-cont"> <p class="figure-head">动物起义战斗模拟器二琳同款 最新版v4.1.1</p> <div class="figure-desc"> <span>模拟经营</span> <span>动物起义战斗模拟器二琳同款 最新版v4.1.1</span> </div> <div class="figure-desc"> <p>动物起义战斗模拟器是一个非常有趣的模拟类游戏,玩家可以召唤各</p> </div> </div> <span class="figure-btn">下载</span> </a> </li> <li class="card10"> <a href="/app/101519.htm" target="_self" class="figure2"> <div class="figure-box"> <img src="/images/lazy.gif" data-src="https://img.111cn.net/uploads/20241226/logo_676cb05cef2841.png" alt="迷你世界七周年 安卓手机版v1.43.0" /> </div> <div class="figure-cont"> <p class="figure-head">迷你世界七周年 安卓手机版v1.43.0</p> <div class="figure-desc"> <span>模拟经营</span> <span>迷你世界七周年 安卓手机版v1.43.0</span> </div> <div class="figure-desc"> <p>迷你世界7周年是一款由《迷你世界》官方推出的庆祝特别版本,在</p> </div> </div> <span class="figure-btn">下载</span> </a> </li> <li class="card10"> <a href="/app/101514.htm" target="_self" class="figure2"> <div class="figure-box"> <img src="/images/lazy.gif" data-src="https://img.111cn.net/uploads/20241226/logo_676cb0544b9a61.png" alt="劫后公司无限资源版 v1.0.5.1" /> </div> <div class="figure-cont"> <p class="figure-head">劫后公司无限资源版 v1.0.5.1</p> <div class="figure-desc"> <span>模拟经营</span> <span>劫后公司无限资源版 v1.0.5.1</span> </div> <div class="figure-desc"> <p>劫后公司内置菜单版是游戏的破解版本,在该版本中为玩家提供了内</p> </div> </div> <span class="figure-btn">下载</span> </a> </li> </ul> </section> <footer class="foot"> <a href="/" class="logo-icon"> <img src="/mobile/images/logo2.png" alt="一聚教程网"> </a> <p>Copyright © 2010-2022</p> <p>111cn.net All Rights Reserved</p> </footer> <script> var advData = {"img_fixed_pc_adv":"https:\/\/img.111cn.net\/uploads\/20240509\/663c2e9729f58.jpg","img_fixed_mob_adv":"https:\/\/img.111cn.net\/uploads\/20240509\/663c2e8793225.jpg","url_adv":"http:\/\/shop.hushen.cn\/shop\/c\/baojianpin.html","str_adv":"\u864e\u795e\u5546\u57ce\uff1a\u5173\u7231\u7537\u6027\uff0c\u66f4\u61c2\u7537\u4eba\u3002\u89e3\u51b3\u5927\u4f17\u7684\u7537\u8a00\u4e4b\u9690","img_popup_adv":"https:\/\/img.111cn.net\/uploads\/20240509\/663c2e748238d.png","pc_show_img":"2","pc_show_popup":"2","pc_show_video":"2","mob_show_img":"2","mob_show_popup":"2","mob_show_video":"2","close_adv":"https:\/\/img.111cn.net\/uploads\/20240508\/663b20650801e.png","video_adv":"\/pc\/images\/pc-adv.mp4"}; </script> <script src="/jspc/funcmob.js" type="text/javascript"></script> <!-- Google tag (gtag.js) --> <script async src="https://www.googletagmanager.com/gtag/js?id=G-DSRRGRV1TL"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'G-DSRRGRV1TL'); </script> <div class="back-top" style="display: block;"> <span class="icon-box"> <svg class="icon" viewBox="0 0 1024 1024"> <path d="M213.333333 640h170.666667v256h256v-256h170.666667l-298.666667-341.333333zM170.666667 128h682.666666v85.333333H170.666667z" fill="#0374f3"></path> </svg> </span> </div> </div> <script src="/js/stat.js"></script> </body> </html>