//---------------------------------------------------------------------------------------------
function get_exchange_rate($rate_id)
{
- $sql = "SELECT * FROM ".TB_PREF."exchange_rates WHERE id=$rate_id";
+ $sql = "SELECT * FROM ".TB_PREF."exchange_rates WHERE id=".db_escape($rate_id);
$result = db_query($sql, "could not get exchange rate for $rate_id");
return db_fetch($result);
function get_date_exchange_rate($curr_code, $date_)
{
$date = date2sql($date_);
- $sql = "SELECT rate_buy FROM ".TB_PREF."exchange_rates WHERE curr_code='$curr_code'
- AND date_='$date'";
+ $sql = "SELECT rate_buy FROM ".TB_PREF."exchange_rates WHERE curr_code=".db_escape($curr_code)
+ ." AND date_='$date'";
$result = db_query($sql, "could not get exchange rate for $curr_code - $date_");
if(db_num_rows($result) == 0)
$date = date2sql($date_);
- $sql = "UPDATE ".TB_PREF."exchange_rates SET rate_buy=$buy_rate, rate_sell=$sell_rate
- WHERE curr_code='$curr_code' AND date_='$date'";
+ $sql = "UPDATE ".TB_PREF."exchange_rates SET rate_buy=$buy_rate, rate_sell=".db_escape($sell_rate)
+ ." WHERE curr_code=".db_escape($curr_code)." AND date_='$date'";
db_query($sql, "could not add exchange rate for $curr_code");
}
$date = date2sql($date_);
$sql = "INSERT INTO ".TB_PREF."exchange_rates (curr_code, date_, rate_buy, rate_sell)
- VALUES ('$curr_code', '$date', $buy_rate, $sell_rate)";
+ VALUES (".db_escape($curr_code).", '$date', ".db_escape($buy_rate)
+ .", ".db_escape($sell_rate).")";
db_query($sql, "could not add exchange rate for $curr_code");
}
function delete_exchange_rate($rate_id)
{
- $sql = "DELETE FROM ".TB_PREF."exchange_rates WHERE id=$rate_id";
+ $sql = "DELETE FROM ".TB_PREF."exchange_rates WHERE id=".db_escape($rate_id);
db_query($sql, "could not delete exchange rate $rate_id");
}
-//---------------------------------------------------------------------------------------------
+//-----------------------------------------------------------------------------
+// Retrieve exchange rate as of date $date from external source (usually inet)
+//
+function retrieve_exrate($curr_b, $date)
+{
+ global $Hooks;
+
+ if (method_exists($Hooks, 'retrieve_exrate'))
+ return $Hooks->retrieve_exrate($curr_b, $date);
+ else
+ return get_ecb_rate($curr_b);
+}
+//-----------------------------------------------------------------------------
function get_ecb_rate($curr_b)
{
$curr_a = get_company_pref('curr_default');
- $ecb_filename = 'http://www.ecb.int/stats/eurofxref/eurofxref-daily.xml';
+ $ecb_filename = '/stats/eurofxref/eurofxref-daily.xml';
+ $ecb_site = 'www.ecb.int';
$contents = '';
if (function_exists('curl_init'))
{ // first check with curl as we can set short timeout;
- $ch = curl_init();
- curl_setopt ($ch, CURLOPT_URL, $ecb_filename);
- curl_setopt ($ch, CURLOPT_COOKIEJAR, "cookie.txt");
- curl_setopt ($ch, CURLOPT_HEADER, 0);
- curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt ($ch, CURLOPT_TIMEOUT, 5);
- $contents = curl_exec ($ch);
- curl_close($ch);
+ $retry = 1;
+ do {
+ $ch = curl_init();
+ curl_setopt ($ch, CURLOPT_URL, 'http://'.$ecb_site.$ecb_filename);
+ curl_setopt ($ch, CURLOPT_COOKIEJAR, "cookie.txt");
+ curl_setopt ($ch, CURLOPT_HEADER, 0);
+ curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
+ curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
+ curl_setopt ($ch, CURLOPT_TIMEOUT, 3);
+ $contents = curl_exec ($ch);
+ curl_close($ch);
+ // due to resolver bug in some curl versions (e.g. 7.15.5)
+ // try again for constant IP.
+ $ecb_site="195.128.2.97";
+ } while( ($contents == '') && $retry--);
+
} else {
- $handle = @fopen($ecb_filename, 'rb');
+ $handle = @fopen("http://".$ecb_site.$ecb_filename, 'rb');
if ($handle) {
do
{