fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-30 07:42:11 +09:00
Code Issues Projects Releases Packages Wiki Activity

r8032 보안

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/sandbox@8035 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
ngleader 2011-01-20 09:17:02 +00:00
parent fdab40757a
commit 144a922954
8 changed files with 217 additions and 77 deletions
Download patch file Download diff file Expand all files Collapse all files

21
classes/db/DBCubrid.class.php
View file

@ -826,7 +826,10 @@
}
}
if(!$output->columns) $output->columns = array('*');
$click_count = array();
if(!$output->columns){
$output->columns = array(array('name'=>'*'));
}
$column_list = array ();
foreach ($output->columns as $key => $val) {
@ -1014,7 +1017,13 @@
if(count($output->arg_columns))
{
$columns = '"' . join('","',$output->arg_columns) . '"';
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'"')===false) $columns[] = '"'.$col.'"';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf ("select %s from %s %s %s %s", $columns, implode (',',$table_list), implode (' ',$left_join), $condition, $groupby_query.$orderby_query);
@ -1187,7 +1196,13 @@
if(count($output->arg_columns))
{
$columns = '"' . join('","',$output->arg_columns) . '"';
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'"')===false) $columns[] = '"'.$col.'"';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf ("select %s from %s %s %s %s", $columns, implode (',',$table_list), implode (' ',$left_join), $condition, $groupby_query.$orderby_query);

50
classes/db/DBFirebird.class.php
View file

@ -809,23 +809,23 @@
}
}
$click_count = array();
if(!$output->columns){
$output->columns = array(array('name'=>'*'));
}
if(!$output->columns) {
$columns = '*';
} else {
$column_list = array();
foreach($output->columns as $key => $val) {
$name = $val['name'];
$alias = $val['alias'];
if($val['click_count']) $click_count[] = $val['name'];
$column_list = array();
foreach($output->columns as $key => $val) {
$name = $val['name'];
$alias = $val['alias'];
if($val['click_count']) $click_count[] = $val['name'];
if($alias == "")
$column_list[] = $this->autoQuotes($name);
else
$column_list[$alias] = sprintf("%s as \"%s\"", $this->autoQuotes($name), $alias);
}
$columns = implode(',',$column_list);
}
if($alias == "")
$column_list[] = $this->autoQuotes($name);
else
$column_list[$alias] = sprintf("%s as \"%s\"", $this->autoQuotes($name), $alias);
}
$columns = implode(',',$column_list);
$condition = $this->getCondition($output);
@ -868,8 +868,15 @@
if(count($output->arg_columns))
{
$columns = '"' . join('","',$output->arg_columns) . '"';
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'"')===false && strpos($col,' ')==false) $columns[] = '"'.$col.'"';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf("select %s from %s %s %s %s", $columns, implode(',',$table_list),implode(' ',$left_join), $condition, $groupby_query.$orderby_query);
$query .= ";";
$query .= (__DEBUG_QUERY__&1 && $output->query_id)?sprintf(' '.$this->comment_syntax,$this->query_id):'';
@ -978,6 +985,17 @@
if(count($index_list)) $orderby_query = sprintf(" ORDER BY %s", implode(",",$index_list));
}
if(count($output->arg_columns))
{
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'"')===false && strpos($col,' ')==false) $columns[] = '"'.$col.'"';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf('SELECT %s %s FROM %s %s %s, %s', $limit, $columns, implode(',',$table_list), implode(' ',$left_join), $condition, $groupby_query.$orderby_query);
$query .= ";";
$query .= (__DEBUG_QUERY__&1 && $output->query_id)?sprintf(' '.$this->comment_syntax,$this->query_id):'';

22
classes/db/DBMssql.class.php
View file

@ -639,7 +639,11 @@
}
}
if(!$output->columns) $output->columns = array('*');
$click_count = array();
if(!$output->columns){
$output->columns = array(array('name'=>'*'));
}
$column_list = array();
foreach($output->columns as $key => $val) {
$name = $val['name'];
@ -696,7 +700,13 @@
if(count($output->arg_columns))
{
$columns = '[' . join('],[',$output->arg_columns) . ']';
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'[')===false && strpos($col,' ')==false) $columns[] = '['.$col.']';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf("%s from %s %s %s %s", $columns, implode(',',$table_list),implode(' ',$left_join), $condition, $groupby_query.$orderby_query);
@ -812,7 +822,13 @@
if(count($output->arg_columns))
{
$columns = '[' . join('],[',$output->arg_columns) . ']';
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'[')===false && strpos($col,' ')==false) $columns[] = '['.$col.']';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
if($start_count<1) {

21
classes/db/DBMysql.class.php
View file

@ -534,7 +534,9 @@
}
$click_count = array();
if(!$output->columns) $output->columns = array('*');
if(!$output->columns){
$output->columns = array(array('name'=>'*'));
}
$column_list = array();
foreach($output->columns as $key => $val)
@ -616,7 +618,13 @@
if(count($output->arg_columns))
{
$columns = '`' . join('`,`',$output->arg_columns) . '`';
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'`')===false && strpos($col,' ')==false) $columns[] = '`'.$col.'`';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf("select %s from %s %s %s %s", $columns, implode(',',$table_list),implode(' ',$left_join), $condition, $groupby_query.$orderby_query);
@ -628,7 +636,6 @@
$result = $this->_query($query);
if($this->isError()) return;
if(count($click_count) && count($output->conditions)){
$_query = '';
foreach($click_count as $k => $c) $_query .= sprintf(',%s=%s+1 ',$c,$c);
@ -715,7 +722,13 @@
if(count($output->arg_columns))
{
$columns = '`' . join('`,`',$output->arg_columns) . '`';
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'`')===false && strpos($col,' ')==false) $columns[] = '`'.$col.'`';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf("select %s from %s %s %s %s", $columns, implode(',',$table_list), implode(' ',$left_join), $condition, $groupby_query.$orderby_query);

104
classes/db/DBMysql_innodb.class.php
View file

@ -544,29 +544,51 @@
}
$click_count = array();
if(!$output->columns) $output->columns = array('*');
if(!$output->columns){
$output->columns = array(array('name'=>'*'));
}
$column_list = array();
foreach($output->columns as $key => $val) {
foreach($output->columns as $key => $val)
{
$name = $val['name'];
$alias = $val['alias'];
if($val['click_count']) $click_count[] = $val['name'];
if(substr($name,-1) == '*') {
if(substr($name,-1) == '*')
{
$column_list[] = $name;
} elseif(strpos($name,'.')===false && strpos($name,'(')===false) {
if($alias) $column_list[] = sprintf('`%s` as `%s`', $name, $alias);
else $column_list[] = sprintf('`%s`',$name);
} else {
if($alias) $column_list[] = sprintf('%s as `%s`', $name, $alias);
else $column_list[] = sprintf('%s',$name);
}
else if(strpos($name,'.')===false && strpos($name,'(')===false)
{
if($alias)
{
$col = sprintf('`%s` as `%s`', $name, $alias);
$column_list[$alias] = $col;
}
else
{
$column_list[] = sprintf('`%s`',$name);
}
}
else
{
if($alias)
{
$col = sprintf('%s as `%s`', $name, $alias);
$column_list[$alias] = $col;
}
else
{
$column_list[] = sprintf('%s',$name);
}
}
}
$columns = implode(',',$column_list);
$columns = implode(',',$column_list);
$output->column_list = $column_list;
$condition = $this->getCondition($output);
$output->column_list = $column_list;
if($output->list_count && $output->page) return $this->_getNavigationData($table_list, $columns, $left_join, $condition, $output);
@ -583,24 +605,48 @@
}
}
$query = sprintf("select %s from %s %s %s", $columns, implode(',',$table_list),implode(' ',$left_join), $condition);
if(count($output->groups)) $query .= sprintf(' group by %s', implode(',',$output->groups));
if(count($output->groups))
{
$groupby_query = sprintf(' group by %s', implode(',',$output->groups));
if(count($output->arg_columns))
{
foreach($output->groups as $group)
{
if($column_list[$group]) $output->arg_columns[] = $column_list[$group];
}
}
}
if($output->order) {
foreach($output->order as $key => $val) {
$index_list[] = sprintf('%s %s', $val[0], $val[1]);
if(count($output->arg_columns) && $column_list[$val[0]]) $output->arg_columns[] = $column_list[$val[0]];
}
if(count($index_list)) $query .= ' order by '.implode(',',$index_list);
if(count($index_list)) $orderby_query .= ' order by '.implode(',',$index_list);
}
if(count($output->arg_columns))
{
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'`')===false && strpos($col,' ')==false) $columns[] = '`'.$col.'`';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf("select %s from %s %s %s %s", $columns, implode(',',$table_list),implode(' ',$left_join), $condition, $groupby_query.$orderby_query);
// list_count를 사용할 경우 적용
if($output->list_count['value']) $query = sprintf('%s limit %d', $query, $output->list_count['value']);
$query .= (__DEBUG_QUERY__&1 && $output->query_id)?sprintf(' '.$this->comment_syntax,$this->query_id):'';
$result = $this->_query($query);
if($this->isError()) return;
if(count($click_count)>0 && count($output->conditions)>0){
$_query = '';
foreach($click_count as $k => $c) $_query .= sprintf(',%s=%s+1 ',$c,$c);
@ -608,7 +654,6 @@
$this->_query($_query);
}
$data = $this->_fetch($result);
$buff = new Object();
@ -665,8 +710,17 @@
}
}
$query = sprintf("select %s from %s %s %s", $columns, implode(',',$table_list), implode(' ',$left_join), $condition);
if(count($output->groups)) $query .= sprintf(' group by %s', implode(',',$output->groups));
if(count($output->groups)){
$groupby_query = sprintf(' group by %s', implode(',',$output->groups));
if(count($output->arg_columns))
{
foreach($output->groups as $group)
{
if($column_list[$group]) $output->arg_columns[] = $column_list[$group];
}
}
}
if($output->order) {
foreach($output->order as $key => $val) {
@ -675,6 +729,18 @@
if(count($index_list)) $query .= ' order by '.implode(',',$index_list);
}
if(count($output->arg_columns))
{
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'`')===false && strpos($col,' ')==false) $columns[] = '`'.$col.'`';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf("select %s from %s %s %s", $columns, implode(',',$table_list), implode(' ',$left_join), $condition);
$query = sprintf('%s limit %d, %d', $query, $start_count, $list_count);
$query .= (__DEBUG_QUERY__&1 && $output->query_id)?sprintf(' '.$this->comment_syntax,$this->query_id):'';

24
classes/db/DBMysqli.class.php
View file

@ -523,7 +523,9 @@
}
$click_count = array();
if(!$output->columns) $output->columns = array('*');
if(!$output->columns){
$output->columns = array(array('name'=>'*'));
}
$column_list = array();
foreach($output->columns as $key => $val) {
@ -586,13 +588,16 @@
// list_count를 사용할 경우 적용
if($output->list_count['value']) $query = sprintf('%s limit %d', $query, $output->list_count['value']);
if(count($output->arg_columns))
{
$columns = '`' . join('`,`',$output->arg_columns) . '`';
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'`')===false && strpos($col,' ')==false) $columns[] = '`'.$col.'`';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf("select %s from %s %s %s %s", $columns, implode(',',$table_list),implode(' ',$left_join), $condition, $groupnby_query.$orderby_query);
$query .= (__DEBUG_QUERY__&1 && $output->query_id)?sprintf(' '.$this->comment_syntax,$this->query_id):'';
@ -682,10 +687,15 @@
if(count($index_list)) $orderby_query = ' order by '.implode(',',$index_list);
}
if(count($output->arg_columns))
{
$columns = '`' . join('`,`',$output->arg_columns) . '`';
$columns = array();
foreach($output->arg_columns as $col){
if(strpos($col,'`')===false && strpos($col,' ')==false) $columns[] = '`'.$col.'`';
else $columns[] = $col;
}
$columns = join(',',$columns);
}
$query = sprintf("select %s from %s %s %s %s", $columns, implode(',',$table_list), implode(' ',$left_join), $condition, $groupby_query.$orderby_query);

48
classes/db/DBPostgresql.class.php
View file

@ -668,32 +668,32 @@ class DBPostgresql extends DB
}
}
$click_count = array();
if(!$output->columns){
$output->columns = array(array('name'=>'*'));
}
if (!$output->columns) {
$columns = '*';
} else {
$column_list = array();
foreach ($output->columns as $key => $val) {
$name = $val['name'];
$alias = $val['alias'];
if($val['click_count']) $click_count[] = $val['name'];
$column_list = array();
foreach ($output->columns as $key => $val) {
$name = $val['name'];
$alias = $val['alias'];
if($val['click_count']) $click_count[] = $val['name'];
if (substr($name, -1) == '*') {
$column_list[] = $name;
} elseif (strpos($name, '.') === false && strpos($name, '(') === false) {
if ($alias)
$column_list[$alias] = sprintf('%s as %s', $name, $alias);
else
$column_list[] = sprintf('%s', $name);
} else {
if ($alias)
$column_list[$alias] = sprintf('%s as %s', $name, $alias);
else
$column_list[] = sprintf('%s', $name);
}
}
$columns = implode(',', $column_list);
}
if (substr($name, -1) == '*') {
$column_list[] = $name;
} elseif (strpos($name, '.') === false && strpos($name, '(') === false) {
if ($alias)
$column_list[$alias] = sprintf('%s as %s', $name, $alias);
else
$column_list[] = sprintf('%s', $name);
} else {
if ($alias)
$column_list[$alias] = sprintf('%s as %s', $name, $alias);
else
$column_list[] = sprintf('%s', $name);
}
}
$columns = implode(',', $column_list);
$condition = $this->getCondition($output);

4
classes/db/DBSqlite3_pdo.class.php
View file

@ -582,7 +582,9 @@
$click_count = array();
if(!$output->columns) $output->columns = array('*');
if(!$output->columns){
$output->columns = array(array('name'=>'*'));
}
$column_list = array();
foreach($output->columns as $key => $val) {