<?php
/*仿注入*/
require_once("Date_conf.php");
class mdenin_sql
{ private $Mdenin_ip;
private $Mdenin_root;
private $Mdenin_qa;
private $Mdenin_class;
private $Mdenin_connect;
//获取属性值
function __get($property_Mdenin_class)
{
if(isset($this->$property_Mdenin_class))
{
return($this->$property_Mdenin_class);
}else
{
return (NULL);
}
}
//设置属性值
function __set($property_Mdenin_class,$value)
{
$this->$property_Mdenin_class=$value;
}
//构造函数,建接数据库
function __construct()
{
$this->Mdenin_ip=Date_conf::$IP;
$this->Mdenin_root=Date_conf::$ROOT;
$this->Mdenin_qa=Date_conf::$QA;
$this->Mdenin_class=Date_conf::$CLASS;
$this->Mdenin_connect=mysql_connect($this->Mdenin_ip,$this->Mdenin_root,$this->Mdenin_qa);
mysql_select_db($this->Mdenin_class,$this->Mdenin_connect);
mysql_query("set names 'gb2312'");
}
//析构函数,断开数据库链接
function __destruct()
{
mysql_close($this->Mdenin_connect);
}//增删改
function execute($sql)
{
@mysql_query($sql);
}//读取搜索数据库
function mdenin_select($sql)
{
$result_array=array();
$select=@mysql_query($sql);
while($row=@mysql_fetch_array($select))
{
$result_array[]=$row;;
}
return $result_array;
}
}
$jop= new mdenin_sql;
$sql="SELECT * FROM `admin` LIMIT 0 , 30";
$ad=$jop->mdenin_select($sql);
foreach ($ad as $book)
{
print_r($book);
}
?>
/*仿注入*/
require_once("Date_conf.php");
class mdenin_sql
{ private $Mdenin_ip;
private $Mdenin_root;
private $Mdenin_qa;
private $Mdenin_class;
private $Mdenin_connect;
//获取属性值
function __get($property_Mdenin_class)
{
if(isset($this->$property_Mdenin_class))
{
return($this->$property_Mdenin_class);
}else
{
return (NULL);
}
}
//设置属性值
function __set($property_Mdenin_class,$value)
{
$this->$property_Mdenin_class=$value;
}
//构造函数,建接数据库
function __construct()
{
$this->Mdenin_ip=Date_conf::$IP;
$this->Mdenin_root=Date_conf::$ROOT;
$this->Mdenin_qa=Date_conf::$QA;
$this->Mdenin_class=Date_conf::$CLASS;
$this->Mdenin_connect=mysql_connect($this->Mdenin_ip,$this->Mdenin_root,$this->Mdenin_qa);
mysql_select_db($this->Mdenin_class,$this->Mdenin_connect);
mysql_query("set names 'gb2312'");
}
//析构函数,断开数据库链接
function __destruct()
{
mysql_close($this->Mdenin_connect);
}//增删改
function execute($sql)
{
@mysql_query($sql);
}//读取搜索数据库
function mdenin_select($sql)
{
$result_array=array();
$select=@mysql_query($sql);
while($row=@mysql_fetch_array($select))
{
$result_array[]=$row;;
}
return $result_array;
}
}
$jop= new mdenin_sql;
$sql="SELECT * FROM `admin` LIMIT 0 , 30";
$ad=$jop->mdenin_select($sql);
foreach ($ad as $book)
{
print_r($book);
}
?>
这样,基本可以杜绝所有SQL 注入方法而且可以减低数据库使量。