Código
function db_query($db_string, $file, $line) { global $db_cache, $db_count, $db_connection, $db_show_debug, $modSettings; // One more query.... // Debugging. { // Initialize $db_cache if not already initialized. { } $db_cache[$db_count]['q'] = $db_string; $db_cache[$db_count]['f'] = $file; $db_cache[$db_count]['l'] = $line; } // First, we clean strings out of the query, reduce whitespace, lowercase, and trim - so we can check it over. { $clean = ''; $old_pos = 0; $pos = -1; while (true) { if ($pos === false) break; while (true) { if ($pos1 === false) break; elseif ($pos2 == false || $pos2 > $pos1) { $pos = $pos1; break; } $pos = $pos2 + 1; } $clean .= ' %s '; $old_pos = $pos + 1; } $clean = trim(strtolower(preg_replace(array('~\s+~s', '~/\*!40001 SQL_NO_CACHE \*/~', '~/\*!40000 USE INDEX \([A-Za-z\_]+?\) \*/~'), array(' ', '', ''), $clean))); // We don't use UNION in SMF, at least so far. But it's useful for injections. $fail = true; // Comments? We don't use comments in our queries, we leave 'em outside! $fail = true; // Trying to change passwords, slow us down, or something? elseif (strpos($clean, 'sleep') !== false && preg_match('~(^|[^a-z])sleep($|[^[a-z])~s', $clean) != 0) $fail = true; elseif (strpos($clean, 'benchmark') !== false && preg_match('~(^|[^a-z])benchmark($|[^[a-z])~s', $clean) != 0) $fail = true; // Sub selects? We don't use those either. $fail = true; { log_error('Hacking attempt...' . "\n" . $db_string, $file, $line); fatal_error('Hacking attempt...', false); } } if ($ret === false && $file !== false) $ret = db_error($db_string, $file, $line); // Debugging. return $ret; }
El modo de uso es simple, por ejemplo:
Código
db_query("InsERT into TABLA values ('bla', 'Jojojo', '$variable')" , __FILE__, __LINE__)
Es muy bueno para echarle un ojo y aprender.
Un saludo!