X-Git-Url: http://git.pjr.cc/?p=configmanager.git;a=blobdiff_plain;f=lib%2Fdb.php;h=58f729da9865f6058bbc4d5edc89eb45d9d693ec;hp=f24917f20249500892b1711fe51fa2d1f40180f6;hb=843363a8f4dca2460800d5c3c72b559cce15c99f;hpb=336d9ee4a2c84e3029a7f40b4ac759d592733c78 diff --git a/lib/db.php b/lib/db.php index f24917f..58f729d 100644 --- a/lib/db.php +++ b/lib/db.php @@ -4,6 +4,12 @@ function db_getDB() { global $DB_URL; + if(!isset($IS_WEB_REQUEST)) { + // only the web requests are allowed to create dbs + return false; + } + + $dbobject = false; global $BASE_DIR, $DB_HANDLE; if($DB_HANDLE != false) return $DB_HANDLE; @@ -29,6 +35,8 @@ function db_createTable($tablename) { $db = db_getDB(); + if(!$db) return false; + if(db_tableExists($tablename)) return true; $sql = "create table \"$tablename\" (\"".$tablename."_id\" INTEGER PRIMARY KEY AUTOINCREMENT"; @@ -47,6 +55,8 @@ function db_insertData($tablename) $db = db_getDB(); + if(!$db) return false; + $sql = "insert into \"$tablename\" values (NULL"; for($i=1; $i < func_num_args(); $i++) { $sql .= ",'".func_get_arg($i)."'"; @@ -60,6 +70,8 @@ function db_selectData($tablename, $column="", $value="") { $db = db_getDB(); + if(!$db) return false; + if($column != "") $extra = " where $column like '%$value%'"; else $extra = ""; $sql = "select * from \"$tablename\"$extra"; @@ -74,6 +86,8 @@ function db_deleteData($tablename, $column, $value) { $db = db_getDB(); + if(!$db) return false; + $sql = "delete from \"$tablename\" where $column like '%$value%'"; //echo "Sql is $sql\n"; return $db->query($sql); @@ -84,6 +98,8 @@ function db_updateData($tablename, $column, $newdata, $wherecol, $wheredata, $ex { $db = db_getDB(); + if(!$db) return false; + if($exact) $sql = "update \"$tablename\" set $column='$newdata' where $wherecol='$wheredata'"; else $sql = "update \"$tablename\" set $column='$newdata' where $wherecol like '$wheredata'"; return $db->query($sql); @@ -93,6 +109,8 @@ function db_deleteTable($tablename) { $db = db_getDB(); + if(!$db) return false; + $sql = "drop table $tablename"; return $db->query($sql); @@ -102,6 +120,8 @@ function db_tableExists($tablename) { $db = db_getDB(); + if(!$db) return false; + $sql = "select count(*) from sqlite_master where type='table' and name='$tablename'"; $res = $db->query($sql); @@ -115,6 +135,8 @@ function db_getTables() { $db = db_getDB(); + if(!$db) return false; + $sql = "select name from sqlite_master where type='table' and name not like 'sqlite_%'"; $res = $db->query($sql);