XiaoLFeng/XF_Index
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

数据库漏洞修复

Browse Source
This commit is contained in:
筱锋xiao_lfeng 2023-05-02 14:40:45 +08:00
parent 6eb558f989
commit 909cd1e0dc
1 changed files with 24 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
Class/Sql.php
View File

@ -10,19 +10,20 @@ class Sql
/**
* @return false|mysqli
*/
public static function MySqlConn() {
public static function MySqlConn()
{
// 从文件获取数据
$Array_ConfigData = null;
$FileData = fopen(dirname(__FILE__,3)."/setting.inc.json",'r');
$FileData = fopen(dirname(__FILE__, 2) . "/setting.inc.json", 'r');
while (!feof($FileData))
$Array_ConfigData .= fgetc($FileData);
$Array_ConfigData = json_decode($Array_ConfigData,JSON_UNESCAPED_UNICODE);
$Array_ConfigData = json_decode($Array_ConfigData, JSON_UNESCAPED_UNICODE);
fclose($FileData);
//判断数据库端口
if($Array_ConfigData['Mysql']['Port'] == 3306 or $Array_ConfigData['Mysql']['Port'] == NULL) $Array_ConfigData['Mysql']['Port'] = 3306;
if ($Array_ConfigData['Mysql']['Port'] == 3306 or $Array_ConfigData['Mysql']['Port'] == NULL) $Array_ConfigData['Mysql']['Port'] = 3306;
return mysqli_connect($Array_ConfigData['Mysql']['Host'],$Array_ConfigData['Mysql']['Username'],$Array_ConfigData['Mysql']['Password'],null,$Array_ConfigData['Mysql']['Port']);
return mysqli_connect($Array_ConfigData['Mysql']['Host'], $Array_ConfigData['Mysql']['Username'], $Array_ConfigData['Mysql']['Password'], null, $Array_ConfigData['Mysql']['Port']);
}
/**
@ -30,27 +31,21 @@ public static function MySqlConn() {
* @param string $Mysql_Query
* @return string[] 查找到结果返回结果
*/
public static function SELECT(string $Mysql_Query): array {
$Array_Push = null;
$Array_OutPut = [
'output'=>null,
'data'=>$Array_Push,
];
if (preg_match('/^SELECT/',$Mysql_Query)) {
$Result = mysqli_query(self::MySqlConn(),$Mysql_Query);
for ($CC_i = 0; $Result_Object = mysqli_fetch_object($Result); $CC_i++) {
if ($CC_i == 0 && empty($Result_Object)) {
$Array_OutPut['output'] = 'EmptyResult';
return $Array_OutPut;
} else {
$Array_Push[$CC_i] = $Result_Object;
}
public static function SELECT(string $Mysql_Query): array
{
$CC_i = 0;
$Array_OutPut = [];
if (preg_match('/^SELECT/', $Mysql_Query)) {
$Result = mysqli_query(self::MySqlConn(), $Mysql_Query);
for (; $Result_Object = mysqli_fetch_object($Result); $CC_i++) {
$Array_OutPut['output'] = 'Success';
$Array_OutPut['data'][$CC_i] = $Result_Object;
}
return $Array_OutPut;
} else {
if ($CC_i == 0)
$Array_OutPut['output'] = 'EmptyResult';
} else
$Array_OutPut['output'] = 'TypeError';
return $Array_OutPut;
}
return $Array_OutPut;
}
/**
@ -58,11 +53,11 @@ public static function SELECT(string $Mysql_Query): array {
* @param string $Mysql_Query
* @return bool
*/
public static function INSERT(string $Mysql_Query): bool {
if (preg_match('/^INSERT/',$Mysql_Query)) {
return mysqli_query(self::MySqlConn(),$Mysql_Query);
} else {
public static function INSERT(string $Mysql_Query): bool
{
if (preg_match('/^INSERT/', $Mysql_Query))
return mysqli_query(self::MySqlConn(), $Mysql_Query);
else
return false;
}
}
}