我的服务器上有一个POST PHP个{I}}文件请求,但我从PHP和mysql获得了警告下面:
Warning: mysql_query() [function.mysql-query]: Access denied for user 'user'@'localhost' (using password: NO) in /path/db.php on line 12
Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /path/db.php on line 12
Warning: Cannot modify header information - headers already sent by (output started at /path/db.php:12) in /path/inc.php on line 64
db.php中
<?php
define("_db","db_name");
define("_host","localhost");
define("_user","db_user");
define("_pass","db_password");
?>
inc.php
<?php
session_start();
$d=date("l, d-F-Y");
$func="";
$CurrentLang="en";
$encoding="utf-8";
define("_secret_","MoonLight");
mb_internal_encoding( 'UTF-8' );
$icons_folder ="icons/";
define('allowed_tags','<IFRAME><FORM><INPUT><TEXTAREA><A><ABBR><ACRONYM><ALIGN><AREA><B><BASE><BASEFONT><BIG><BLINK><BLOCKQUOTE><BODY><BR><CAPTION><CENTER><CITE><CODE><COL><COLGROUP><COMMENT><DD><DEL><DFN><DIR><DIV><DL><DT><EM><FIELDSET><FONT><H1><H2><H3><H4><H5><H6><HEAD><HR><I><ILAYER><IMG><INS><KBD><LABEL><LAYER><LEGEND><LI><LINK><LISTING><MAP><MARQUEE><MENU><MULTICOL><NOBR><NOLAYER><NOSAVE><OL><OPTGROUP><OPTION><P><PARAM><PRE><Q><RP><RT><RTC><RUBY><S><SAMP><SMALL><SPACER><SPAN><STRIKE><STRONG><SUB><TABLE><TBODY><TD><TFOOT><TH><THEAD><TITLE><TR><TT><U><UL><VAR><WBR><XMP>');
//_____________________________________________________________________________________
function secure($data){
global $mysqli;
if(is_object($data)){
foreach($data as $k=>$v) $data->$k=secure($v);
}
elseif(is_array($data)){
foreach($data as $k=>$v) $data[$k]=secure($v);
}
else{
$data=strip_tags($data,allowed_tags);
//$data=$mysqli->real_escape_string(strip_tags($data,allowed_tags));
}
return $data;
}
//_____________________________________________________________________________________
function addSlash($str){
return preg_replace_all("/([^\])'/","$1\'",$str);
}
//_____________________________________________________________________________________
//$data = isset($_REQUEST['data']) ? $_REQUEST['data'] : "{}";
$_GET=secure($_GET);
$_POST=secure($_POST);
$_REQUEST=secure($_REQUEST);
//_____________________________________________________________________________________
include("db.php");
include("lang_".$CurrentLang.".php");
include("dbmgr.php");
include("functions.php");
$script=strtolower(basename($_SERVER['SCRIPT_NAME']));
$dbmgr=new DbMgr(_host,_user,_pass,_db,false);
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$mode=isset($_POST['mode'])?$_POST['mode']:"";
$_id=isset($_POST['_id'])?$_POST['_id']:"";
if(!empty($_GET)) extract($_GET);
if(!empty($_POST)) extract($_POST);
if(!isset($table)) $table="";
if(!empty($_id) && empty($mode)) $mode="s";
define("ie",strstr($_SERVER["HTTP_USER_AGENT"], "MSIE")?1:0);
function cutString($str, $nbChars){
$s=mb_substr($str,0,$nbChars,'utf-8');
$pos=mb_strrpos($s,' ','utf-8');
if(mb_strlen($str, 'utf-8')>$nbChars) $s=mb_substr($s,0,$pos,'utf-8');
$s.=mb_strlen($str, 'utf-8')>$nbChars?'...':'';
return $s;
}
function getIframeUrl($iframe_string){
preg_match('/src="([^"]+)"/', $iframe_string, $match);
return $match[1];
}
if(isset($_SESSION['uid']) && preg_match('/tbl_/',$script) && $_SESSION['ugroup']<>1){
// get script name
$sql = sprintf("select * from v_user_perm where user_id=%s and funcfile='%s';",$_SESSION['uid'],$script);
$result=$dbmgr->query($sql);
if(!$row=$dbmgr->next($result)){
header("Location: 403.php");
}
}
//_____________________________________________________________________________________
function sendEmail($from, $to, $subject, $body){
require_once('dSendMail2.inc.php');
ini_set('max_execution_time', 0);
set_time_limit(0);
ignore_user_abort(true);
header("Content-type: text/html; charset=utf-8");
$m = new dSendMail2;
$m->setTo($to);
$m->setFrom($from);
$m->setSubject($subject);
$m->setMessage($body);
// EXACTLY THE SAME CODE as any other example.. Except for the line below:
//$m->sendThroughSMTP("mail.example.co", 25, "example@example.co", "Ul5JeniQ6RWT");
// Real GMail example:
//$m->sendThroughSMTP("bit.bit1.me", 465, $from, "Info_2016", true);
$m->sendThroughSMTP("bit.bit1.me", 465, "example@example.co", "Ul5JeniQ6RWT", true);
// You can still send mass mails, attachments, embedded images... Do what you want!
$m->send();
return $m;
}
//_____________________________________________________________________________________
?>
dbmgr.php
<?php
/*
|-----------------------------------------------------------------------------|
|* Class DbMgr ***************************************************************|
|* A Class to manage Databases
*******************************|
|* Creation Date: 26-07-2010 (Version 1.0) ***********************************|
|* Licence: LGPL (http://www.gnu.org/copyleft/gpl.html) **********************|
|-----------------------------------------------------------------------------|
*/
define("MYSQLI_OBJ","MYSQLI_OBJ");
class DbMgr
{
var $host;
var $user;
var $pass;
var $db;
var $mysqli;
//_____________________________________________________________________________
function __construct($host, $user, $pass, $db)
{
$this->host = $host;
$this->user = $user;
$this->pass = $pass;
$this->db = $db;
$this->mysqli = new mysqli($this->host, $this->user, $this->pass, $this->db);
if($this->mysqli->connect_errno > 0){
die('Unable to connect to database [' . $db->connect_error . ']');
}
$this->query("SET NAMES 'utf8'");
}
//_____________________________________________________________________________
function __destruct()
{
$this->closeDB();
}
//_____________________________________________________________________________
function closeDB()
{
@$this->mysqli->close();
}
//_____________________________________________________________________________
function select($fields = "*", $t,$filter=1,$sort="",$dir="" ,$start=0,$limit=0, $grid=true)
{
$q = "SELECT " . $fields . " FROM `" . $t . "` WHERE " . $filter;
$count = $limit;
if($grid){
if(!$result = $this->query($q)) return $this->mysqli->error;
$count = $result->num_rows;
}
if (!empty($sort)) $q .= " ORDER BY " . $sort . " " . $dir;
if($limit>0) $q.= " LIMIT " . $start . "," . $limit;
//if (!empty($sort) || $limit>0)
//echo $q;
if(!$result = $this->query($q)) return $this->mysqli->error;
return array('result'=>$result, 'count'=>$count);
}
//_____________________________________________________________________________
function insert($t, $data)
{
$sql="insert into `".$t."` (";
foreach ($data as $key => $value) {
$sql.="`$key`,";
}
$sql=substr($sql,0,-1);
$sql.=") values (";
foreach ($data as $key => $value) {
$sql.="'".$this->mysqli->real_escape_string($value)."' ,";
}
$sql=substr($sql,0,-1);
$sql.=");";
if($result=$this->query($sql)){
$this->last_id=$this->mysqli->insert_id;
return $result;
}
return false;
}
//_____________________________________________________________________________
function pk($t)
{
if($res=$this->query("SHOW KEYS FROM `$t` WHERE Key_name = 'PRIMARY'")){
if($row = $this->next($res)) return $row['Column_name'];
}
return '';
}
//_____________________________________________________________________________
function exists($t)
{
return (@$this->mysqli->query("select 1 from `$t`"))?true:false;
}
//_____________________________________________________________________________
function delete($t, $ids)
{
return $this->query("DELETE FROM `" . $t . "` WHERE `".$this->pk($t)."` in ('". $ids ."')");
}
//_____________________________________________________________________________
function update($t,$id,$data)
{
$sql="UPDATE `" . $t . "` SET ";
foreach ($data as $key => $value) {
$sql.="`$key`='".$this->mysqli->real_escape_string($value)."' ,";
}
$sql=substr($sql,0,-1);
$sql.=" WHERE `".$this->pk($t)."`='".$id."'";
//echo $sql;
return $this->query($sql);
}
//_____________________________________________________________________________
function query($q)
{
//echo $q;
if($result=$this->mysqli->query($q)){
return $result;
}
else{
//echo $q;
$this->error=$this->mysqli->error;
}
//echo $this->mysqli->error;
return false;
}
//_____________________________________________________________________________
function next($result,$type=MYSQLI_ASSOC)
{
switch($type){
case MYSQLI_OBJ:
return $result->mysql_fetch_object();
break;
default:
//echo $this->SqlQuery;
return $result->fetch_array($type);
break;
}
}
//_____________________________________________________________________________
function Err($table,$fields,$err){
foreach($fields as $v){
$err=str_replace($v, constant("lbl_".$table."_".$v), $err);
}
return $err;
}
//_____________________________________________________________________________
function crud($table, &$mode,$ssql,$isql,$esql,$xsql,&$_id,&$row, $fields){
switch($mode){
case "u":
if($reslt=$this->query($esql)){
Message(msg_updated);
}
else{
Message($this->Err($table, $fields,$this->error));
}
break;
case "i":
if($reslt=$this->query($isql)){
$_id=$this->mysqli->insert_id;
Message(msg_inserted);
foreach($fields as $v) unset($$v);
$mode="";
}
else{
Message($this->Err($table, $fields,$this->error));
}
break;
case "x":
if($reslt=$this->query($xsql)){
Message(msg_deleted);
}
else{
Message($this->Err($table, $fields,$this->error));
}
break;
case "c":
case "s":
if($reslt=$this->query($ssql)){
$row = $this->next($reslt);
foreach($row as $k=>$v) $row[$k]=stripslashes($v);
}
else{
Message($this->Err($table, $fields,$this->error));
}
if($mode=="c") $_id="";
$mode=$mode=="c"?"i":"u";
break;
default:
$mode="i";
break;
}
}
//_____________________________________________________________________________
function SP_Exists($p)
{
$f = array();
$sql="SHOW PROCEDURE STATUS";
$result=$this->query($sql);
while ($row=$this->next($result)) {
if($row['Name']==$p) return true;
}
return false;
return $f;
}
//_____________________________________________________________________________
function DatabasesNamesAsArray()
{
$f = array();
$sql="SHOW databases;";
$result=$this->query($sql);
while ($row=$this->next($result)) {
array_push($f, current($row));
}
return $f;
}
//_____________________________________________________________________________
function TablesNamesAsArray($db)
{
$f = array();
$sql="SHOW TABLES FROM " . $db;
$result=$this->query($sql);
while ($row=$this->next($result)) {
array_push($f, current($row));
}
return $f;
}
//_____________________________________________________________________________
function Fields($table, $detail = true)
{
$f = array();
$sql="SHOW COLUMNS FROM `" . $table . "`;";
$result=$this->query($sql);
while ($row=$this->next($result)) {
array_push($f, $detail ? $row : $row['Field']);
}
return $f;
}
//_____________________________________________________________________________
function gridFields($table)
{
$f = array();
$sql="SHOW COLUMNS FROM `" . $table . "`;";
$result=$this->query($sql);
while ($row=$this->next($result)) {
//array_push($f, $row['Type']=='text'? 'LEFT('.$row['Field'].',10)' : $row['Field']);
if($row['Type']!='text') array_push($f,$row['Field']);
}
return implode(",", $f);
}
//_____________________________________________________________________________
function FieldsNamesAsArray($table)
{
return $this->Fields($table, false);
}
//_____________________________________________________________________________
function FieldsNamesAsString($table)
{
return implode(",", $this->FieldsNamesAsArray($table));
}
//_____________________________________________________________________________
function all($res) {
$r=array();
while($row=$this->next($res)){
array_push($r,$row);
}
return $r;
}
//_____________________________________________________________________________
function parseSetEnum($table,$name){
$sql="SHOW COLUMNS FROM `$table` LIKE '$name'";
$result=$this->query($sql);
if ($row=$this->next($result)) {
return explode("','",preg_replace("/(enum|set)\('(.+?)'\)/","\\2",$row['Type']));
}
return "";
}
//_____________________________________________________________________________
}
我的问题:我如何解决这个问题,有什么建议吗?
PHP版本5.3.26