Skip to content

Instantly share code, notes, and snippets.

@stypr

stypr/query.php

Last active August 17, 2019 19:44
Show Gist options
  • Save stypr/ce124c7858c8ae16ff5ec8e9693c02f8 to your computer and use it in GitHub Desktop.
Save stypr/ce124c7858c8ae16ff5ec8e9693c02f8 to your computer and use it in GitHub Desktop.
Download ZIP
MySQL Query class for php5/php7, made for personal use
Raw
query.php
<?php
error_reporting(0);
if(__CHECK_INTERNAL__ == False) die();
// SQL Query Selector for PHP5/PHP7, Who cares if it's vulnerable? \o/
class Query{
private $conn, $mysqli;
function check(){
return ($this->conn) ? True : False;
}
function connect($host, $username, $password, $db=""){
// @return //
if($this->mysqli){
$this->conn = mysqli_connect($host, $username, $password, $db);
if(!$this->conn) return mysqli_connect_errno();
}else{
$this->conn = mysql_connect($host, $username, $password);
mysql_select_db($db, $this->conn);
if(!$this->conn) return mysql_error();
}
}
function query($query, $result=0){
// $result: 0 -> no return, 1 -> return_assoc, 2 -> return_array
if(!$this->conn) return false;
if($this->mysqli){
$_query = mysqli_query($this->conn, $query);
if(!$_query) return false;
switch($result){
case 2:
$_result = Array();
while($_result_temp = mysqli_fetch_array($_query)){
$_result[] = $_result_temp;
}
return $_result;
case 1:
return mysqli_fetch_assoc($_query);
default:
return true;
}
}else{
$_query = mysql_query($query, $this->conn);
if(!$_query) return false;
switch($result){
case 2:
$_result = Array();
while($_result_temp = mysql_fetch_array($_query, MYSQL_ASSOC)){
$_result[] = $_result_temp;
}
return $_result;
case 1:
return mysql_fetch_assoc($_query);
default:
return true;
}
}
}
function filter($str, $type='sql'){
switch($type){
case "url":
return preg_replace("/[^a-zA-Z0-9-_&\/]/", "", $str);
case "sql":
if($this->conn){
$_filter = preg_replace("/[^a-zA-Z0-9-_!@#$.%^+&*(){}가-힣]/", "", $str);
if($this->mysqli){
return mysqli_real_escape_string($this->conn, $_filter);
}else{
return mysql_real_escape_string($_filter, $this->conn);
}
}
case "memo":
if($this->conn){
$_filter = htmlspecialchars(preg_replace("/[^a-zA-Z0-9-_:+!@#$.%^&*(){}:\/.\ <>가-힣]/", "", $str));
if($this->mysqli){
return mysqli_real_escape_string($this->conn, $_filter);
}else{
return mysql_real_escape_string($_filter, $this->conn);
}
}
case "auth":
return preg_replace("/[^a-zA-Z0-9-_!@#$.%^&*()가-힣]/", "", $str);
}
}
function __construct(){
if(function_exists("mysqli_connect")){
$this->mysqli = true;
}else{
$this->mysqli = false;
}
}
function __destruct(){
if($this->conn){
if($this->mysqli){
mysqli_close($this->conn);
}else{
mysql_close($this->conn);
}
}
}
}
?>
@abdilahrf
Copy link

why this "가-힣" character include in your filter ?

@stypr
Copy link
Author

stypr commented Jul 14, 2017

why this "가-힣" character include in your filter ?
-- that's because I'm Korean. 😄 you can actually make filters a bit more lenient. it's just made for my personal usage, you can go and change them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment