diff -r 7846d45bd250 -r b2f985e4cef3 includes/dbal.php
--- a/includes/dbal.php Fri Nov 23 17:59:24 2007 -0500
+++ b/includes/dbal.php Sat Nov 24 00:53:23 2007 -0500
@@ -27,18 +27,21 @@
case E_WARNING: case E_USER_WARNING: case E_CORE_WARNING: case E_COMPILE_WARNING: $errtype = 'Warning'; break;
}
$debug = debug_backtrace();
- $debug = $debug[2]['file'] . ', line ' . $debug[2]['line'];
+ if ( !isset($debug[0]['file']) )
+ return false;
+ $debug = $debug[0]['file'] . ', line ' . $debug[0]['line'];
echo "$errtype: $errstr
Error source:
$debug"; } class mysql { - var $num_queries, $query_backtrace, $latest_result, $latest_query, $_conn, $sql_stack_fields, $sql_stack_values; + var $num_queries, $query_backtrace, $query_times, $query_sources, $latest_result, $latest_query, $_conn, $sql_stack_fields, $sql_stack_values, $debug; var $row = array(); var $rowset = array(); var $errhandler; function enable_errorhandler() { + // echo "DBAL: enabling error handler
Enano has caught and prevented an SQL injection attempt. Your IP address has been recorded and the administrator has been notified.
Query was:
'.htmlspecialchars($q).''); } + $time_start = microtime_float(); $r = mysql_query($q, $this->_conn); + $this->query_times[$q] = microtime_float() - $time_start; $this->latest_result = $r; $this->disable_errorhandler(); return $r; @@ -214,8 +238,9 @@ function sql_unbuffered_query($q) { $this->enable_errorhandler(); + $this->num_queries++; - $this->query_backtrace .= '(UNBUFFERED) ' . $q."\n"; + $this->query_backtrace[] = '(UNBUFFERED) ' . $q; $this->latest_query = $q; dc_here('dbal: making SQL query:
Enano has caught and prevented an SQL injection attempt. Your IP address has been recorded and the administrator has been notified.
Query was:
'.htmlspecialchars($q).''); } + $time_start = microtime_float(); $r = mysql_unbuffered_query($q, $this->_conn); + $this->query_times[$q] = microtime_float() - $time_start; $this->latest_result = $r; $this->disable_errorhandler(); return $r; @@ -681,6 +708,70 @@ return false; } } + /** + * Generates and outputs a report of all the SQL queries made during execution. Should only be called after everything's over with. + */ + + function sql_report() + { + global $db, $session, $paths, $template, $plugins; // Common objects + if ( !$session->get_permissions('mod_misc') ) + { + die_friendly('Access denied', '
You are not authorized to generate a SQL backtrace.
'); + } + // Create copies of variables that may be changed after header is called + $backtrace = $this->query_backtrace; + $times = $this->query_times; + $template->header(); + echo 'SQL backtrace for a normal page load of ' . htmlspecialchars($paths->cpage['urlname']) . ' | +|
---|---|
+ | |
Query: | +' . htmlspecialchars($query) . ' |
+
Time: | +' . number_format($this->query_times[$query], 6) . ' seconds | +
Unbuffered: | +' . ( $unbuffered ? 'Yes' : 'No' ) . ' | +
Called from: | +' . $this->query_sources[$query] . ' | +