sql.lib.php
4.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
<?php
if(!defined('DEDEINC'))
{
exit("Request Error!");
}
/**
* SQL标签
*
* @version $Id: sql.lib.php 2 10:00 2010-11-11 tianya $
* @package DedeCMS.Taglib
* @copyright Copyright (c) 2007 - 2010, DesDev, Inc.
* @license http://help.dedecms.com/usersguide/license.html
* @link http://www.dedecms.com
*/
/*>>dede>>
<name>SQL标签</name>
<type>全局标记</type>
<for>V55,V56,V57</for>
<description>用于获取MySQL数据库内容的标签</description>
<demo>
{dede:sql sql='' db='default'}
[field:title/]
{/dede}
</demo>
<attributes>
<iterm>sql:需要查询的sql语句</iterm>
<iterm>appname: 默认为default,即当前dedecms的数据库,如果需要自定义,可以在data/tag/sql.inc.php中扩展,具体扩展方法查看配置文件头部说明</iterm>
</attributes>
>>dede>>*/
function lib_sql(&$ctag,&$refObj)
{
global $dsql,$sqlCt,$cfg_soft_lang;
$attlist="sql|appname";
FillAttsDefault($ctag->CAttribute->Items,$attlist);
extract($ctag->CAttribute->Items, EXTR_SKIP);
//传递环境参数
preg_match_all("/~([A-Za-z0-9]+)~/s", $sql, $conditions);
$appname = empty($appname)? 'default' : $appname;
if(is_array($conditions))
{
foreach ($conditions[1] as $key => $value)
{
if(isset($refObj->Fields[$value]))
{
$sql = str_replace($conditions[0][$key], "'".addslashes($refObj->Fields[$value])."'", $sql);
}
}
}
$revalue = '';
$Innertext = trim($ctag->GetInnerText());
if($sql=='' || $Innertext=='') return '';
if(empty($sqlCt)) $sqlCt = 0;
$ctp = new DedeTagParse();
$ctp->SetNameSpace('field','[',']');
$ctp->LoadSource($Innertext);
$thisrs = 'sq'.$sqlCt;
$GLOBALS['autoindex'] = 0;
// 引入配置文件
if ($appname != 'default')
{
require_once(DEDEDATA.'/tag/sql.inc.php');
global $sqltag;
$config = $sqltag[$appname];
if (!isset($config['dbname'])) return '';
// 链接数据库
$linkid = @mysql_connect($config['dbhost'], $config['dbuser'], $config['dbpwd']);
if(!$linkid) return '';
@mysql_select_db($config['dbname']);
$mysqlver = explode('.',$dsql->GetVersion());
$mysqlver = $mysqlver[0].'.'.$mysqlver[1];
// 设定数据库编码及长连接
if($mysqlver > 4.0)
{
@mysql_query("SET NAMES '".$config['dblanguage']."', character_set_client=binary, sql_mode='', interactive_timeout=3600 ;", $linkid);
}
$prefix="#@__";
$sql = str_replace($prefix, $config['dbprefix'], $sql);
// 校验SQL字符串并获取数组返回
$sql = CheckSql($sql);
$rs = @mysql_query($sql, $linkid);
while($row = mysql_fetch_array($rs,MYSQL_ASSOC))
{
$sqlCt++;
$GLOBALS['autoindex']++;
// 根据程序判断编码类型,并进行转码,这里主要就是gbk和utf-8
if (substr($cfg_soft_lang, 0, 2) != substr($config['dblanguage'], 0, 2))
{
$row = AutoCharset($row, $config['dblanguage'], $cfg_soft_lang);
}
foreach($ctp->CTags as $tagid=>$ctag)
{
if($ctag->GetName()=='array')
{
$ctp->Assign($tagid, $row);
}
else
{
if( !empty($row[$ctag->GetName()]))
{
$ctp->Assign($tagid, $row[$ctag->GetName()]);
} else {
$ctp->Assign($tagid, "");
}
}
}
$revalue .= $ctp->GetResult();
}
@mysql_free_result($rs);
} else {
$dsql->Execute($thisrs, $sql);
while($row = $dsql->GetArray($thisrs))
{
$sqlCt++;
$GLOBALS['autoindex']++;
foreach($ctp->CTags as $tagid=>$ctag)
{
if($ctag->GetName()=='array')
{
$ctp->Assign($tagid,$row);
}
else
{
if( !empty($row[$ctag->GetName()]))
{
$ctp->Assign($tagid,$row[$ctag->GetName()]);
} else {
$ctp->Assign($tagid,"");
}
}
}
$revalue .= $ctp->GetResult();
}
}
return $revalue;
}