Skip to content

Instantly share code, notes, and snippets.

@stypr

stypr/query.php

Last active Aug 17, 2019
Embed
What would you like to do?
MySQL Query class for php5/php7, made for personal use
<?php
error_reporting(0);
if(__CHECK_INTERNAL__ == False) die();
// SQL Query Selector for PHP5/PHP7, Who cares if it's vulnerable? \o/
class Query{
private $conn, $mysqli;
function check(){
return ($this->conn) ? True : False;
}
function connect($host, $username, $password, $db=""){
// @return //
if($this->mysqli){
$this->conn = mysqli_connect($host, $username, $password, $db);
if(!$this->conn) return mysqli_connect_errno();
}else{
$this->conn = mysql_connect($host, $username, $password);
mysql_select_db($db, $this->conn);
if(!$this->conn) return mysql_error();
}
}
function query($query, $result=0){
// $result: 0 -> no return, 1 -> return_assoc, 2 -> return_array
if(!$this->conn) return false;
if($this->mysqli){
$_query = mysqli_query($this->conn, $query);
if(!$_query) return false;
switch($result){
case 2:
$_result = Array();
while($_result_temp = mysqli_fetch_array($_query)){
$_result[] = $_result_temp;
}
return $_result;
case 1:
return mysqli_fetch_assoc($_query);
default:
return true;
}
}else{
$_query = mysql_query($query, $this->conn);
if(!$_query) return false;
switch($result){
case 2:
$_result = Array();
while($_result_temp = mysql_fetch_array($_query, MYSQL_ASSOC)){
$_result[] = $_result_temp;
}
return $_result;
case 1:
return mysql_fetch_assoc($_query);
default:
return true;
}
}
}
function filter($str, $type='sql'){
switch($type){
case "url":
return preg_replace("/[^a-zA-Z0-9-_&\/]/", "", $str);
case "sql":
if($this->conn){
$_filter = preg_replace("/[^a-zA-Z0-9-_!@#$.%^+&*(){}가-힣]/", "", $str);
if($this->mysqli){
return mysqli_real_escape_string($this->conn, $_filter);
}else{
return mysql_real_escape_string($_filter, $this->conn);
}
}
case "memo":
if($this->conn){
$_filter = htmlspecialchars(preg_replace("/[^a-zA-Z0-9-_:+!@#$.%^&*(){}:\/.\ <>가-힣]/", "", $str));
if($this->mysqli){
return mysqli_real_escape_string($this->conn, $_filter);
}else{
return mysql_real_escape_string($_filter, $this->conn);
}
}
case "auth":
return preg_replace("/[^a-zA-Z0-9-_!@#$.%^&*()가-힣]/", "", $str);
}
}
function __construct(){
if(function_exists("mysqli_connect")){
$this->mysqli = true;
}else{
$this->mysqli = false;
}
}
function __destruct(){
if($this->conn){
if($this->mysqli){
mysqli_close($this->conn);
}else{
mysql_close($this->conn);
}
}
}
}
?>
@abdilahrf

This comment has been minimized.

Copy link

@abdilahrf abdilahrf commented Jan 15, 2017

why this "가-힣" character include in your filter ?

@stypr

This comment has been minimized.

Copy link
Owner Author

@stypr stypr commented Jul 14, 2017

why this "가-힣" character include in your filter ?
-- that's because I'm Korean. 😄 you can actually make filters a bit more lenient. it's just made for my personal usage, you can go and change them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.