2 /**********************************************************************
3 Copyright (C) FrontAccounting, LLC.
4 Released under the terms of the GNU General Public License, GPL,
5 as published by the Free Software Foundation, either version 3
6 of the License, or (at your option) any later version.
7 This program is distributed in the hope that it will be useful,
8 but WITHOUT ANY WARRANTY; without even the implied warranty of
9 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10 See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
11 ***********************************************************************/
13 function set_global_connection()
15 global $db, $transaction_level;
17 cancel_transaction(); // cancel all aborted transactions if any
18 $transaction_level = 0;
20 $db = $_SESSION["wa_current_user"]->get_db_connection();
23 $db_duplicate_error_code = 1062;
25 //DB wrapper functions to change only once for whole application
27 function db_query($sql, $err_msg=null)
29 global $db, $show_sql, $sql_trail, $select_trail, $go_debug;
33 echo "<font face=arial size=2 color=000099><b>SQL..</b></font>";
40 $result = mysql_query($sql, $db);
42 if ($select_trail || (strstr($sql, 'SELECT') === false)) {
44 "INSERT INTO ".TB_PREF."sql_trail
45 (`sql`, `result`, `msg`)
46 VALUES(".db_escape($sql).",".($result ? 1 : 0).",
47 ".db_escape($err_msg).")", $db);
51 if ($err_msg != null || $go_debug) {
52 $exit = $err_msg != null;
53 if (function_exists('xdebug_call_file'))
54 check_db_error('<br>At file '.xdebug_call_file().':'.xdebug_call_line().':<br>'.$err_msg, $sql, $exit);
56 check_db_error($err_msg, $sql, $exit);
61 function db_fetch_row ($result)
64 return mysql_fetch_row($result);
67 function db_fetch_assoc ($result)
70 return mysql_fetch_assoc($result);
73 function db_fetch ($result)
76 return mysql_fetch_array($result);
79 function db_seek (&$result,$record)
81 return mysql_data_seek($result, $record);
84 function db_free_result ($result)
87 mysql_free_result($result);
90 function db_num_rows ($result)
92 return mysql_num_rows($result);
95 function db_num_fields ($result)
97 return mysql_num_fields($result);
100 function db_escape($value = "", $nullify = false)
102 $value = @html_entity_decode($value, ENT_QUOTES, $_SESSION['language']->encoding);
103 $value = @htmlspecialchars($value, ENT_QUOTES, $_SESSION['language']->encoding);
105 //reset default if second parameter is skipped
106 $nullify = ($nullify === null) ? (false) : ($nullify);
108 //check for null/unset/empty strings
109 if ((!isset($value)) || (is_null($value)) || ($value === "")) {
110 $value = ($nullify) ? ("NULL") : ("''");
112 if (is_string($value)) {
113 //value is a string and should be quoted; determine best method based on available extensions
114 if (function_exists('mysql_real_escape_string')) {
115 $value = "'" . mysql_real_escape_string($value) . "'";
117 $value = "'" . mysql_escape_string($value) . "'";
119 } else if (!is_numeric($value)) {
120 //value is not a string nor numeric
121 display_error("ERROR: incorrect data type send to sql query");
129 function db_error_no ()
132 return mysql_errno($db);
135 function db_error_msg($conn)
137 return mysql_error($conn);
140 function db_insert_id()
143 return mysql_insert_id($db);
146 function db_num_affected_rows()
149 return mysql_affected_rows($db);