1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234:
<?php
class PHPShopBaseXml {
var $log = 'phpshop';
var $pas = 'b244ba41f5309a6ef2405a4ab4dd031d';
var $xml_header = '<?xml version="1.0" encoding="windows-1251"?><phpshop>';
var $xml_footer = '</phpshop>';
var $true_method = array('select');
var $true_from = array('table_name', 'table_name2', 'table_name3');
var $debug = false;
function __construct() {
global $PHPShopBase;
$this->PHPShopBase = $PHPShopBase;
if ($this->admin()) {
$this->sql = stripcslashes($_POST['sql']);
$this->parser();
if ($this->xml['debug'] == 'true')
$this->debug = true;
if (in_array($this->xml['method'], $this->true_method)) {
if (method_exists($this, $this->xml['method']))
call_user_func(array($this, $this->xml['method']));
else
echo 'Non method';
}
else
echo 'False method';
$this->compile();
}
else
exit('Login error!');
}
function compile() {
if (is_array($this->data)) {
$result = $this->xml_header;
foreach ($this->data as $row) {
$result.='
<row>';
if (is_array($row))
foreach ($row as $key => $val) {
if (is_numeric($key{0})) {
$key = substr($key, 1);
}
if (preg_match("(\<(/?[^\>]+)\>)", $val) or strstr($val, '&'))
$result.='
<' . $key . '><![CDATA[' . trim($val) . ']]></' . $key . '>';
else
$result.='
<' . $key . '>' . trim($this->is_serialize($val)) . '</' . $key . '>';
}
$result.='
</row>';
}
$result.=$this->xml_footer;
echo $result;
}
}
function parseWhereString($str) {
$where = array();
if (strstr($str, ' and '))
$num_where_delim = ' and ';
elseif (strstr($str, ' or '))
$num_where_delim = ' or ';
else
$num_where_delim = false;
$this->where_delim = $num_where_delim;
if ($num_where_delim)
$array_num_where = explode($num_where_delim, $str);
else
$array_num_where[] = $str;
if (count($array_num_where) > 0)
foreach ($array_num_where as $value) {
if (strstr($value, '='))
$delim = '=';
elseif (strstr($value, '>'))
$delim = '>';
elseif (strstr($value, '<'))
$delim = '<';
elseif (strstr($value, ' LIKE '))
$delim = ' LIKE ';
elseif (strstr($value, ' REGEXP '))
$delim = ' REGEXP ';
else
$delim = ' ';
if ($delim) {
$array = explode($delim, $value);
$where[$array[0]] = $delim . $array[1];
}
}
return $where;
}
function parser() {
if (@$db = readDatabase($this->sql, "sql", false)) {
$this->xml['method'] = $db[0]['method'];
$this->xml['vars'] = array($db[0]['vars']);
$this->xml['debug'] = array($db[0]['debug']);
if (in_array($db[0]['from'], $this->true_from))
$this->xml['from'] = $db[0]['from'];
else
exit('False table');
if (!empty($db[0]['where']))
$this->xml['where'] = $this->parseWhereString($db[0]['where']);
if (!empty($db[0]['order']))
$this->xml['order'] = array('order' => $db[0]['order']);
if (!empty($db[0]['limit']))
$this->xml['limit'] = array('limit' => $db[0]['limit']);
}
else
exit('Non xml');
}
function admin() {
if ($_POST['log'] == $this->log and md5($_POST['pas'] == $this->pas))
return true;
}
function is_serialize($str) {
$result = null;
$array = unserialize($str);
if (is_array($array)) {
foreach ($array as $key => $val) {
if (is_array($val)) {
$result.='<subrow>';
foreach ($val as $k => $v) {
if (is_array($v)) {
$result.='<subrow>';
foreach ($v as $ks => $vs)
$result.='
<subrow_' . $ks . '_' . $k . '>' . $vs . '</subrow_' . $ks . '_' . $k . '>';
$result.='</subrow>';
}
else
$result.='
<' . $k . '>' . $v . '</' . $k . '>';
}
$result.='</subrow>';
} else {
$result.='
<' . $key . '>' . $val . '</' . $key . '>';
}
}
return $result;
}
else
return $str;
}
function clean($vars) {
foreach ($vars as $k => $v) {
if (preg_match("/\[CDATA\[(.*)\]\]/i", $v, $matches))
$clean_array[$k] = html_entity_decode($matches[1]);
else
$clean_array[$k] = html_entity_decode($v);
}
return $clean_array;
}
function select() {
$PHPShopOrm = new PHPShopOrm($this->PHPShopBase->getParam('base.' . $this->xml['from']));
$PHPShopOrm->debug = $this->debug;
$PHPShopOrm->Option['where'] = $this->where_delim;
$this->data = $PHPShopOrm->select($this->xml['vars'], $this->xml['where'], $this->xml['order'], $this->xml['limit']);
}
function update() {
$vars = readDatabase($this->sql, "vars", false);
$PHPShopOrm = new PHPShopOrm($this->PHPShopBase->getParam('base.' . $this->xml['from']));
$PHPShopOrm->debug = $this->debug;
$PHPShopOrm->Option['where'] = $this->where_delim;
$this->data = $PHPShopOrm->update($this->clean($vars[0]), $this->xml['where'], '');
}
function delete() {
$PHPShopOrm = new PHPShopOrm($this->PHPShopBase->getParam('base.' . $this->xml['from']));
$PHPShopOrm->debug = $this->debug;
$PHPShopOrm->Option['where'] = $this->where_delim;
$this->data = $PHPShopOrm->delete($this->xml['where']);
}
function insert() {
$vars = readDatabase($this->sql, "vars", false);
$PHPShopOrm = new PHPShopOrm($this->PHPShopBase->getParam('base.' . $this->xml['from']));
$PHPShopOrm->debug = $this->debug;
$this->data = $PHPShopOrm->insert($vars[0], $prefix = '');
}
function __call($name, $arguments) {
if ($name == __CLASS__) {
self::__construct();
}
}
}
?>