Untitled

SUBMITTED BY: Guest

DATE: Jan. 3, 2014, 6:03 p.m.

FORMAT: Text only

SIZE: 2.4 kB

Raw Download

HITS: 835

Report
  1. <?php
  2. /**
  3. * mssqlconn.inc.php : Base Configuration File for the MS-SQL Conection
  4. *
  5. * PHP version 5
  6. *
  7. * LICENSE: This source file is subject to version 3.01 of the PHP license
  8. * that is available through the world-wide-web at the following URI:
  9. * http://www.php.net/license/3_01.txt. If you did not receive a copy of
  10. * the PHP License and are unable to obtain it through the web, please
  11. * send a note to license@php.net so we can mail you a copy immediately.
  12. *
  13. * @author Aquiles dos Santos Crespo <aquilescrespo@gmail.com>
  14. * @copyright 2011-2013 DjinnSoftWorks (DSW)
  15. * @license http://www.php.net/license/3_01.txt PHP License 3.01
  16. */
  17. /*
  18. * Verify the php_mssql libary is installed and enabled.
  19. * Stops script if mssql functions are missing
  20. */
  21. if(!function_exists('mssql_connect')){
  22. die("You must have the php_mssql library for Apache (win) or httpd "
  23. . "(Linux) installed and enabled to connect to an MSSQL database. "
  24. . "php.ini or configure your Linux Web Server to enable this extension. "
  25. . "This requires a restart of the Apache/httpd service to take effect.");
  26. }
  27. /*
  28. * Title : mssql_escape_string
  29. *
  30. * Description :
  31. * MSSQL Escape Function is an SQL Injection Prevention values from the $non_dispayebles array variable
  32. * of passing to your query's
  33. * Non Dispayables :
  34. * => url encoded 00-08, 11, 12, 14, 15
  35. * => url encoded 16-31
  36. * => 00-08
  37. * => 11
  38. * => 12
  39. * => 14-31
  40. *
  41. * Author : CodeIgniter by Rick Ellis
  42. * Remake : Aquiles dos Santos Crespo
  43. */
  44. function mssql_escape_string($data) {
  45. if(!isset($data) or empty($data)){return '';}
  46. if(\is_numeric($data)){return $data;}
  47. $non_displayables = array('/%0[0-8bcef]/','/%1[0-9a-f]/','/[\x00-\x08]/','/\x0b/','/\x0c/','/[\x0e-\x1f]/');
  48. foreach($non_displayables as $regex){$data = \preg_replace($regex,'',$data);}
  49. $data = \str_replace("'","''",$data);
  50. return $data;
  51. }
  52. // Database configuration parameters
  53. $db_host = 'Address Here';
  54. $db_user = 'DB Login Here';
  55. $db_pass = 'DataBase Password Here';
  56. // Connect to MSSQL server
  57. $conn = \mssql_connect($db_host,$db_user,$db_pass) or die('Failed to connect to MSSQL Server, in the MSSQL DB conf File.');
comments powered by Disqus