执行SQL语句

query("insert into {$dbtbpre}enewssql(sqlname,sqltext) values('".$add['sqlname']."','".addslashes($query)."');"); } $query=RepSqlTbpre($query); DoRunQuery($query); //操作日志 insert_dolog("query=".$query); printerror("DoExecSqlSuccess","DoSql.php".hReturnEcmsHashStrHref2(1)); } //运行SQL function DoRunQuery($sql){ global $empire; $sql=str_replace("\r","\n",$sql); $ret=array(); $num=0; foreach(explode(";\n",trim($sql)) as $query) { $queries=explode("\n",trim($query)); foreach($queries as $query) { $ret[$num].=$query[0]=='#'||$query[0].$query[1]=='--'?'':$query; } $num++; } unset($sql); foreach($ret as $query) { $query=trim($query); if($query) { $empire->query($query); } } } //增加SQL语句 function AddSql($add,$userid,$username){ global $empire,$dbtbpre; if(!$add['sqlname']||!$add['sqltext']) { printerror("EmptySqltext","history.go(-1)"); } $add['sqlname']=hRepPostStr($add['sqlname'],1); $add[sqltext]=ClearAddsData($add[sqltext]); $sql=$empire->query("insert into {$dbtbpre}enewssql(sqlname,sqltext) values('".$add['sqlname']."','".addslashes($add[sqltext])."');"); $lastid=$empire->lastid(); if($sql) { //操作日志 insert_dolog("id=".$lastid."
sqlname=".$add[sqlname]); printerror("AddSqlSuccess","AddSql.php?enews=AddSql".hReturnEcmsHashStrHref2(0)); } else { printerror("DbError","history.go(-1)"); } } //修改SQL语句 function EditSql($add,$userid,$username){ global $empire,$dbtbpre; $id=(int)$add[id]; if(!$add['sqlname']||!$add['sqltext']||!$id) { printerror("EmptySqltext","history.go(-1)"); } $add['sqlname']=hRepPostStr($add['sqlname'],1); $add[sqltext]=ClearAddsData($add[sqltext]); $sql=$empire->query("update {$dbtbpre}enewssql set sqlname='".$add['sqlname']."',sqltext='".addslashes($add[sqltext])."' where id='$id'"); if($sql) { //操作日志 insert_dolog("id=".$id."
sqlname=".$add[sqlname]); printerror("EditSqlSuccess","ListSql.php".hReturnEcmsHashStrHref2(1)); } else { printerror("DbError","history.go(-1)"); } } //删除SQL语句 function DelSql($id,$userid,$username){ global $empire,$dbtbpre; $id=(int)$id; if(!$id) { printerror("EmptySqlid","history.go(-1)"); } $r=$empire->fetch1("select sqlname from {$dbtbpre}enewssql where id='$id'"); $sql=$empire->query("delete from {$dbtbpre}enewssql where id='$id'"); if($sql) { //操作日志 insert_dolog("id=".$id."
sqlname=".$r[sqlname]); printerror("DelSqlSuccess","ListSql.php".hReturnEcmsHashStrHref2(1)); } else { printerror("DbError","history.go(-1)"); } } //运行SQL语句 function ExecSql($id,$userid,$username){ global $empire,$dbtbpre; $id=(int)$id; if(empty($id)) { printerror('EmptyExecSqlid',''); } $r=$empire->fetch1("select sqltext from {$dbtbpre}enewssql where id='$id'"); if(!$r['sqltext']) { printerror('EmptyExecSqlid',''); } $query=RepSqlTbpre($r['sqltext']); DoRunQuery($query); //操作日志 insert_dolog("query=".$query); printerror("DoExecSqlSuccess","ListSql.php".hReturnEcmsHashStrHref2(1)); } $enews=$_POST['enews']; if(empty($enews)) {$enews=$_GET['enews'];} if($enews) { hCheckEcmsRHash(); @set_time_limit(0); } //执行SQL语句 if($enews=='DoExecSql') { DoExecSql($_POST,$logininid,$loginin); } elseif($enews=='AddSql')//增加 { AddSql($_POST,$logininid,$loginin); } elseif($enews=='EditSql')//修改 { EditSql($_POST,$logininid,$loginin); } elseif($enews=='DelSql')//删除 { DelSql($_GET['id'],$logininid,$loginin); } elseif($enews=='ExecSql')//执行 { ExecSql($_GET['id'],$logininid,$loginin); } $url="执行SQL语句"; db_close(); $empire=null; ?> 执行SQL语句

位置：