svn commit: r333 - trunk/mapbender/http/classes/class_checkInput.php

uli at osgeo.org uli at osgeo.org
Wed May 24 04:26:02 EDT 2006 

Author: uli
Date: 2006-05-24 08:26:02+0000
New Revision: 333

Added:
   trunk/mapbender/http/classes/class_checkInput.php   (contents, props changed)

Log:
new class to check sql data (datatype, escape strings etc.)

Added: trunk/mapbender/http/classes/class_checkInput.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/classes/class_checkInput.php?view=auto&rev=333
==============================================================================
--- (empty file)
+++ trunk/mapbender/http/classes/class_checkInput.php	2006-05-24 08:26:02+0000
@@ -0,0 +1,54 @@
+<?php
+# $Id$
+# http://www.mapbender.org/index.php/class_checkInput
+# Copyright (C) 2002 CCGIS 
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+class checkInput{
+	var $v;
+	function checkInput($q,$v,$t){
+		if(is_array($v) == false){
+			$v = array($v);
+		}
+		if(is_array($t) == false){
+			$t = array($t);
+		}
+		if(count($v) != count($t)){
+			$e = new mb_exception("array params and array types have a different count  in ".$_SERVER['SCRIPT_FILENAME'].": Sql: ".$q);
+		}
+		if(PREPAREDSTATEMENTS == true){
+			$this->v = $v;
+		}
+		else{
+			for($i=0; $i<count($v); $i++){
+				if($t[$i] == 's'){
+					$v[$i] = db_escape_string($v[$i]);
+				}
+				else if($t[$i] == 'i'){
+					if(preg_match("/w/",$v[$i])){
+						$e = new mb_exception($_SERVER['SCRIPT_FILENAME'].": Unable to parse integer in: ".$q." with: param ".$i.",".$v[i]);
+						die("wrong data type in sql:".$q);
+					}					
+				}
+				else if($t[$i] == 'd'){
+					
+				}	
+			}
+			$this->v = $v;
+		}		
+	}	
+}
+?>
\ No newline at end of file

More information about the Mapbender_commits mailing list