Código PHP:
<?php
set_time_limit(0);
$page = basename($_SERVER['REQUEST_URI']);
$current_page = basename(__FILE__);
if(substr_count(strtolower($page), $current_page) > 0)
die("<strong> Acesso não autorizado. </strong>");
require_once("modules/security.class.php");
if(class_exists('DtMssql') == false)
{
class DtMssql
{
var $connection;
var $database;
var $argumentc;
var $arguments;
/* inicializa a classe */
function DtMssql()
{
$this->argumentc = 0;
$this->arguments = array();
}
/* conecta-se ao sql */
function Connect()
{
if (!extension_loaded('mssql')) {
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
dl('php_mssql.dll');
} else {
dl('mssql.so');
}
}
if (!extension_loaded('mssql')) {
$prefix = (PHP_SHLIB_SUFFIX === 'dll') ? 'php_' : '';
dl($prefix . 'mssql.' . PHP_SHLIB_SUFFIX);
}
$this->arguments = array();
$this->connection = @mssql_connect(DB_HOST, DB_USER, DB_PASS);
$this->database = @mssql_select_db(DB_NAME, $this->connection);
if(!($this->connection) || !($this->database))
{
if(DB_ALERT == true)
echo "<br><strong>DtMssql Error:</strong> Impossível conectar-se.";
return false;
}
return true;
}
/* desconecta do sql */
function Disconnect()
{
@mssql_close($this->connection);
}
/* monta um argumento para ser colocar em uma array */
function AddArgument($value, $check_inject = true, $check_crlf = false)
{
if($check_inject == true)
{
$injection = new DtSecurity;
if($injection->Check($value) == true)
{
return false;
}
if($check_crlf == true)
{
if($injection->CheckCrlf($value) == true)
{
return false;
}
}
}
$current = $this->argumentc;
$this->argumentc += 1;
$this->arguments[$current] = $value;
return true;
}
/* limpa argumentos */
function ClearArguments()
{
$this->argumentc = 0;
$this->arguments = array();
}
/* executa uma query */
function Query($query)
{
//array_shift($this->arguments);
if($this->argumentc > 0)
{
$query = vsprintf($query, $this->arguments);
}
//echo $query;
return new DtRecordset($query, (mssql_query($query), $this->connection);
}
} /* class */
} /* if exists */
if(class_exists('DtRecordset') == false)
{
class DtRecordset extends DtMssql
{
var $results = array(); /* guardar os resultados */
var $original_query; /* usada no refresh() */
var $row_pointer = 0;
var $colc = 0;
var $rowc = 0;
function RowCount()
{
return $this->rowc;
}
function ColCount()
{
return $this->colc;
}
/* inicializa a classe */
function DtRecordset($query, $result)
{
$this->results = $result;
$this->original_query = $query;
$this->Clear();
$this->rowc = @mssql_num_rows($result);
$this->colc = @mssql_num_fields($result);
$current = 0;
while($temp = @mssql_fetch_row($result))
{
$current_col = 0;
for($i=0; $i<$this->colc; $i++)
{
$this->results[$current][$i] = array('value' => $temp[$i], 'name' => mssql_field_name($result, $i) );
}
$current++;
}
}
/* reseta o recordset */
function Clear()
{
$this->results = array();
$this->row_pointer = 0;
}
/* conecta-se ao sql */
function NextRecord()
{
$this->row_pointer++;
if($this->row_pointer >= $this->rowc) $this->row_pointer = $this->rowc - 1;
}
function PrevRecord()
{
$this->row_pointer--;
if($this->row_pointer < 0) $this->row_pointer = 0;
}
function Refresh()
{
$this->Clear();
$this->DtRecordset($this->query, @mssql_query($this->query, $this->connection));
}
function Field($field = -1)
{
if($field == -1)
return $this->results[$this->row_pointer];
if(is_numeric($field) == true)
{
return @$this->results[$this->row_pointer][$field]['value'];
}
if(is_string($field))
{
$i=0;
for($i=0; $i < $this->colc; $i++)
{
if(@$this->results[$this->row_pointer][$i]['name'] == $field)
{
return $this->results[$this->row_pointer][$i]['value'];
}
}
}
}
} /* class */
} /* if exists */
?>
