2 /**********************************************************************
3 Copyright (C) FrontAccounting, LLC.
4 Released under the terms of the GNU General Public License, GPL,
5 as published by the Free Software Foundation, either version 3
6 of the License, or (at your option) any later version.
7 This program is distributed in the hope that it will be useful,
8 but WITHOUT ANY WARRANTY; without even the implied warranty of
9 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10 See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
11 ***********************************************************************/
13 function set_global_connection($company=-1)
15 global $db, $transaction_level;
17 cancel_transaction(); // cancel all aborted transactions if any
18 $transaction_level = 0;
20 $db = $_SESSION["wa_current_user"]->get_db_connection($company);
25 $db_duplicate_error_code = 1062;
27 //DB wrapper functions to change only once for whole application
29 function db_query($sql, $err_msg=null)
31 global $db, $show_sql, $sql_trail, $select_trail, $go_debug, $sql_queries, $Ajax,
34 // set current db prefix
35 $cur_prefix = $db_connections[$_SESSION["wa_current_user"]->cur_con]['tbpref'];
36 $sql = str_replace(TB_PREF, $cur_prefix, $sql);
40 $Ajax->activate('footer_debug');
41 $sql_queries .= "<pre>$sql</pre>\n<hr>";
44 $result = mysql_query($sql, $db);
46 if ($select_trail || (strstr($sql, 'SELECT') === false)) {
48 "INSERT INTO ".$cur_prefix."sql_trail
49 (`sql`, `result`, `msg`)
50 VALUES(".db_escape($sql).",".($result ? 1 : 0).",
51 ".db_escape($err_msg).")", $db);
55 if ($err_msg != null || $go_debug) {
56 $exit = $err_msg != null;
57 if (function_exists('xdebug_call_file'))
58 check_db_error('<br>At file '.xdebug_call_file().':'.xdebug_call_line().':<br>'.$err_msg, $sql, $exit);
60 check_db_error($err_msg, $sql, $exit);
65 function db_fetch_row ($result)
68 return mysql_fetch_row($result);
71 function db_fetch_assoc ($result)
74 return mysql_fetch_assoc($result);
77 function db_fetch ($result)
80 return mysql_fetch_array($result);
83 function db_seek (&$result,$record)
85 return mysql_data_seek($result, $record);
88 function db_free_result ($result)
91 mysql_free_result($result);
94 function db_num_rows ($result)
96 return mysql_num_rows($result);
99 function db_num_fields ($result)
101 return mysql_num_fields($result);
104 function db_escape($value = "", $nullify = false)
106 $value = @html_entity_decode($value, ENT_QUOTES, $_SESSION['language']->encoding);
107 $value = @htmlspecialchars($value, ENT_QUOTES, $_SESSION['language']->encoding);
109 //reset default if second parameter is skipped
110 $nullify = ($nullify === null) ? (false) : ($nullify);
112 //check for null/unset/empty strings
113 if ((!isset($value)) || (is_null($value)) || ($value === "")) {
114 $value = ($nullify) ? ("NULL") : ("''");
116 if (is_string($value)) {
117 //value is a string and should be quoted; determine best method based on available extensions
118 if (function_exists('mysql_real_escape_string')) {
119 $value = "'" . mysql_real_escape_string($value) . "'";
121 $value = "'" . mysql_escape_string($value) . "'";
123 } else if (!is_numeric($value)) {
124 //value is not a string nor numeric
125 display_error("ERROR: incorrect data type send to sql query");
133 function db_error_no ()
136 return mysql_errno($db);
139 function db_error_msg($conn)
141 return mysql_error($conn);
144 function db_insert_id()
147 return mysql_insert_id($db);
150 function db_num_affected_rows()
153 return mysql_affected_rows($db);