ToKeiChun

[DBKiss] Database Administration Tool

Sep 19th, 2020
272
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 148.44 KB | None | 0 0
  1. <?php
  2. // Copyright (c) 2008 Czarek Tomczak
  3. // All rights reserved. Licensed under BSD 3-clause license.
  4. // Project website: https://github.com/cztomczak/dbkiss
  5.  
  6. // zlib conflicts with ob_gzhandler.
  7. ini_set('zlib.output_compression', 0);
  8. ini_set('output_buffering', 0);
  9.  
  10. if (ini_get('zlib.output_compression')) {
  11. ob_start();
  12. } else {
  13. if (function_exists('ob_gzhandler')) {
  14. ob_start('ob_gzhandler');
  15. } else {
  16. ob_start();
  17. }
  18. }
  19.  
  20. // Some of the features in the SQL editor require creating 'dbkiss_sql'
  21. // directory, where history of queries are kept and other data. If the
  22. // script has permission it will create that directory automatically,
  23. // otherwise you need to create that directory manually and make it
  24. // writable. You can also set it to empty '' string, but some of the
  25. // features in the sql editor will not work (templates, pagination).
  26.  
  27. if (!defined('DBKISS_SQL_DIR')) {
  28. define('DBKISS_SQL_DIR', 'dbkiss_sql');
  29. }
  30.  
  31. /*
  32. An example configuration script that will automatically connect to localhost database.
  33. This is useful on localhost if you don't want to see the "Connect" screen.
  34.  
  35. mysqli_local.php:
  36. ---------------------------------------------------------------------
  37. define('COOKIE_PREFIX', str_replace('.php', '', basename(__FILE__)).'_');
  38. define('DBKISS_SQL_DIR', 'dbkiss_mysqli');
  39.  
  40. $cookie = array(
  41. 'db_driver' => 'mysqli',
  42. 'db_server' => 'localhost',
  43. 'db_name' => 'test',
  44. 'db_user' => 'root',
  45. 'db_pass' => 'toor',
  46. 'db_charset' => 'latin2',
  47. 'page_charset' => 'iso-8859-2',
  48. 'remember' => 1
  49. );
  50.  
  51. foreach ($cookie as $k => $v) {
  52. if ('db_pass' == $k) { $v = base64_encode($v); }
  53. $k = COOKIE_PREFIX.$k;
  54. if (!isset($_COOKIE[$k])) {
  55. $_COOKIE[$k] = $v;
  56. }
  57. }
  58.  
  59. require './dbkiss.php';
  60. ---------------------------------------------------------------------
  61. */
  62.  
  63. /*
  64. Changelog:
  65.  
  66. 1.20
  67. * Support for PHP 7 and PostgreSQL (Issue #2)
  68. * Support for MySQL in PHP 7 via mysqli driver (Issue #3)
  69. 1.16
  70. * Compatibility fixes for PHP 5.5.7
  71. * Permanent links for saved SQL templates, the url in browser
  72. includes template name (Issue 3)
  73. * After connecting to database you will be redirected to the
  74. url you came from
  75. 1.15
  76. * Fixed Postgresql 9 bug on Linux, no data rows were displayed
  77. for SELECT queries in the SQL editor (Issue 5).
  78. 1.14
  79. * IIS server fixes: $_SERVER['SERVER_ADDR'] missing
  80. 1.13
  81. * Table names and column names may start with numeric values ex.
  82. `52-644` as table name is now allowed.
  83. 1.12
  84. * Fixed "order by" bug in views.
  85. 1.11
  86. * Links in data output are now clickable. Clicking them does not reveal
  87. the location of your dbkiss script to external sites.
  88. 1.10
  89. * Support for views in Postgresql (mysql had it already).
  90. * Views are now displayed in a seperate listing, to the right of
  91. the tables on main page.
  92. * Secure redirection - no referer header sent - when clicking external
  93. links (ex. powered by), so that the location of the dbkiss script on
  94. your site is not revealed.
  95. 1.09
  96. * CSV export in sql editor and table view (feature sponsored by
  97. Patrick McGovern)
  98. 1.08
  99. * date.timezone E_STRICT error fixed
  100. 1.07
  101. * mysql tables with dash in the name generated errors, now all
  102. tables in mysql driver are enquoted with backtick.
  103. 1.06
  104. * postgresql fix
  105. 1.05
  106. * export of all structure and data does take into account the table
  107. name filter on the main page, so you can filter the tables that
  108. you want to export.
  109. 1.04
  110. * exporting all structure/data didn't work (ob_gzhandler flush bug)
  111. * cookies are now set using httponly option
  112. * text editor complained about bad cr/lf in exported sql files
  113. (mysql create table uses \n, so insert queries need to be seperated
  114. by \n and not \r\n)
  115. 1.03
  116. * re-created array_walk_recursive for php4 compatibility
  117. * removed stripping slashes from displayed content
  118. * added favicon (using base64_encode to store the icon in php code,
  119. so it is still one-file database browser)
  120. 1.02
  121. * works with short_open_tag disabled
  122. * code optimizations/fixes
  123. * postgresql error fix for large tables
  124. 1.01
  125. * fix for mysql 3.23, which doesnt understand "LIMIT x OFFSET z"
  126. 1.00
  127. * bug fixes
  128. * minor feature enhancements
  129. * this release is stable and can be used in production environment
  130. 0.61
  131. * upper casing keywords in submitted sql is disabled (it also
  132. modified quoted values)
  133. * sql error when displaying table with 0 rows
  134. * could not connect to database that had upper case characters
  135.  
  136. */
  137.  
  138. // todo: php error handler which cancels buffer output and exits on error
  139. // todo: XSS and CSRF protection.
  140. // todo: connect screen: [x] create database (if not exists) [charset]
  141. // todo: connect screen: database (optional, if none provided will select
  142. // the first database the user has access to)
  143. // todo: support for the enum field type when editing row
  144. // todo: search whole database form should appear also on main page
  145. // todo: improve detecting primary keys when editing row (querying
  146. // information_schema , for mysql > 4)
  147. // todo: when dbkiss_sql dir is missing, display a message in sql editor
  148. // that some features won't work (templates, pagination) currently
  149. // it displays a message to create that dir and EXIT, but should
  150. // allow basic operations.
  151. // todo: "Insert" on table view page
  152. // todo: edit table structure
  153.  
  154. error_reporting(E_ALL & ~E_STRICT & ~E_DEPRECATED);
  155. ini_set('display_errors', true);
  156. if (!ini_get('date.timezone')) {
  157. ini_set('date.timezone', 'Europe/Warsaw');
  158. }
  159.  
  160. // Fix IIS missing variables in $_SERVER:
  161. if (!isset($_SERVER['REQUEST_URI'])) {
  162. $_SERVER['REQUEST_URI'] = $_SERVER['PHP_SELF'];
  163. if (isset($_SERVER['QUERY_STRING'])) {
  164. $_SERVER['REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING'];
  165. }
  166. }
  167. if (!isset($_SERVER['SERVER_ADDR'])) {
  168. if (isset($_SERVER['LOCAL_ADDR'])) {
  169. $_SERVER['SERVER_ADDR'] = $_SERVER['LOCAL_ADDR'];
  170. } else {
  171. $_SERVER['SERVER_ADDR'] = 'unknown';
  172. }
  173. }
  174.  
  175. set_error_handler('errorHandler');
  176. register_shutdown_function('errorHandler_last');
  177. ini_set('display_errors', 1);
  178. global $Global_LastError;
  179.  
  180. function errorHandler_last()
  181. {
  182. if (function_exists("error_get_last")) {
  183. $error = error_get_last();
  184. if ($error) {
  185. errorHandler($error['type'], $error['message'], $error['file'], $error['line']);
  186. }
  187. }
  188. }
  189. function errorHandler($errno, $errstr, $errfile, $errline)
  190. {
  191. global $Global_LastError;
  192. $Global_LastError = $errstr;
  193.  
  194. // Check with error_reporting, if statement is preceded
  195. // with @ we have to ignore it.
  196. if (!($errno & error_reporting())) {
  197. return;
  198. }
  199.  
  200. // Headers.
  201. if (!headers_sent()) {
  202. header('HTTP/1.0 503 Service Unavailable');
  203. while (ob_get_level()) { ob_end_clean(); } // This will cancel ob_gzhandler, so later we set Content-encoding to none.
  204. header('Content-Encoding: none'); // Fix gzip encoding header.
  205. header("Content-Type: text/html; charset=utf-8");
  206. header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
  207. header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
  208. header("Cache-Control: no-store, no-cache, must-revalidate");
  209. header("Cache-Control: post-check=0, pre-check=0", false);
  210. header("Pragma: no-cache");
  211. }
  212.  
  213. // Error short message.
  214. $errfile = basename($errfile);
  215.  
  216. $msg = sprintf('%s<br>In %s on line %d.', nl2br($errstr), $errfile, $errline);
  217.  
  218. // Display error.
  219.  
  220. printf("<!doctype html><html><head><meta charset=utf-8><title>PHP Error</title>");
  221. printf("<meta name=\"robots\" content=\"noindex,nofollow\">");
  222. printf("<link rel=\"shortcut icon\" href=\"{$_SERVER['PHP_SELF']}?dbkiss_favicon=1\">");
  223. printf("<style type=text/css>");
  224. printf("body { font: 12px Arial, Sans-serif; line-height: 17px; padding: 0em; margin: 2em 3em; }");
  225. printf("h1 { font: bold 18px Tahoma; border-bottom: rgb(175, 50, 0) 1px solid; margin-bottom: 0.85em; padding-bottom: 0.25em; color: rgb(200, 50, 0); text-shadow: 1px 1px 1px #fff; }");
  226. print("h2 { font: bold 15px Tahoma; margin-top: 1em; color: #000; text-shadow: 1px 1px 1px #fff; }");
  227. printf("</style></head><body>");
  228.  
  229. printf("<h1>PHP Error</h1>");
  230. print($msg);
  231.  
  232. if (!isset($_SERVER["SERVER_ADDR"])
  233. || $_SERVER["SERVER_ADDR"] == "unknown") {
  234. $_SERVER["SERVER_ADDR"] = $_SERVER["SERVER_NAME"];
  235. }
  236.  
  237. if ("127.0.0.1" == $_SERVER["SERVER_ADDR"] && "127.0.0.1" == $_SERVER["REMOTE_ADDR"])
  238. {
  239. // Showing backtrace only on localhost, cause it shows full arguments passed to functions,
  240. // that would be a security hole to display such data, cause it could contain some sensitive
  241. // data fetched from tables or could even contain a database connection user and password.
  242.  
  243. printf("<h2>Backtrace</h2>");
  244. ob_start();
  245. debug_print_backtrace();
  246. $trace = ob_get_clean();
  247. $trace = preg_replace("/^#0[\s\S]+?\n#1/", "#1", $trace); // Remove call to errorHandler() from trace.
  248. $trace = trim($trace);
  249. print nl2br($trace);
  250. }
  251.  
  252. printf("</body></html>");
  253.  
  254. // Log error to file.
  255. if ("127.0.0.1" == $_SERVER["SERVER_ADDR"] && "127.0.0.1" == $_SERVER["REMOTE_ADDR"]) {
  256. error_log($msg);
  257. }
  258.  
  259. // Email error.
  260.  
  261. exit();
  262. }
  263.  
  264. // You can access this function only on localhost.
  265.  
  266. if ("127.0.0.1" == $_SERVER["SERVER_ADDR"] && "127.0.0.1" == $_SERVER["REMOTE_ADDR"])
  267. {
  268. function dump($data)
  269. {
  270. // @dump
  271.  
  272. if (!headers_sent()) {
  273. header('HTTP/1.0 503 Service Unavailable');
  274. while (ob_get_level()) { ob_end_clean(); } // This will cancel ob_gzhandler, so later we set Content-encoding to none.
  275. header('Content-encoding: none'); // Fix gzip encoding header.
  276. header("Content-type: text/html");
  277. header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
  278. header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
  279. header("Cache-Control: no-store, no-cache, must-revalidate");
  280. header("Cache-Control: post-check=0, pre-check=0", false);
  281. header("Pragma: no-cache");
  282. }
  283.  
  284. if (func_num_args() > 1) { $data = func_get_args(); }
  285.  
  286. if ($data && count($data) == 2 && isset($data[1]) && "windows-1250" == strtolower($data[1])) {
  287. $charset = "windows-1250";
  288. $data = $data[0];
  289. } else if ($data && count($data) == 2 && isset($data[1]) && "iso-8859-2" == strtolower($data[1])) {
  290. $charset = "iso-8859-2";
  291. $data = $data[0];
  292. } else {
  293. $charset = "utf-8";
  294. }
  295.  
  296. printf('<!doctype html><head><meta charset='.$charset.'><title>dump()</title></head><body>');
  297. printf('<h1 style="color: rgb(150,15,225);">dump()</h1>');
  298. ob_start();
  299. print_r($data);
  300. $html = ob_get_clean();
  301. $html = htmlspecialchars($html);
  302. printf('<pre>%s</pre>', $html);
  303. printf('</body></html>');
  304. exit();
  305. }
  306. }
  307.  
  308. if (isset($_GET['dbkiss_favicon'])) {
  309. $favicon = 'AAABAAIAEBAAAAEACABoBQAAJgAAABAQAAABACAAaAQAAI4FAAAoAAAAEAAAACAAAAABAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///wDQcRIAAGaZAL5mCwCZ//8Av24SAMVwEgCa//8AvmcLAKn//wAV0/8Awf//AErL5QDGcBIAvnESAHCpxgDf7PIA37aIAMNpDQDHcRIAZO7/AErl/wAdrNYAYMbZAI/1+QDouYkAO+D/AIT4/wDHcBIAjPr/AMJvEgDa//8AQIyzAMNvEgCfxdkA8v//AEzl/wB46fQAMLbZACms1gAAeaYAGou1AJfX6gAYo84AHrLbAN+zhgCXxtkAv/P5AI30+ADv9fkAFH2pABja/wDGaw4AwXASAAVwoQDjuIkAzXARADCmyQAAe64Ade35AMBxEgC+aQ0AAKnGACnw/wAngqwAxW8RABBwnwAAg6wAxW4QAL7w9wCG7PIAHKnSAMFsDwC/ZwwADnWkAASQwgAd1v8Aj7zSAMZvEQDv+fwABXSmABZ+qgAC6fIAAG+iAMhsDwAcz/kAvmsOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICAgICOTUTCQQECRMQEQACAgICVUpJEgEfBxRCJ1FOAgEBGgQ4AQEGAQEBDhZWAwICAgEEASIBBgEHFA4WTQMCAgECBAE2AQ8BDw89QDQDAgECAgQBVwEJAQQJPj9TKQIaAQEELgESBgEHHUU6N0QCAgICBA4iBgYfBx1PDUgDAAAAAAMcJQsLGxUeJg0XAwAAAAADHCULCxsVHiYNFwMAAAAAAzwtTDtUAwNLKiwDAAAAAAMoK0YMCggFRxgzAwAAAAADUCQgDAoIBQUFGQMAAAAAQzIkIAwKCAUFBRkDAAAAACNBLzAMCggFMRhSIwAAAAAAERAhAwMDAyEQEQAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAAAADwAAAA8AAAAPAAAADwAAAA8AAAAPAAAAD4AQAAKAAAABAAAAAgAAAAAQAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMxmAO3MZgDtzGYA7cxmAO3MZgDtymYB78RmBvfCZgj6vmYK/r5mC/++Zgv/vmYK/sJmCPoAZpmPAGaZIAAAAADMZgDtzGYA7cxmAO3MZgDtxmYF9b9nDP/BbA//37aI///////CbxL/xXAS/8dxEv/FbxH/MLbZ/wV0pv8AZplwzGYA7f//////////57aF9r5mC//juIn///////////+/bhL/////////////////xnAS/0rl//8cz/n/AGaZ/8xmAO3MZgDtzGYA7f////++Zgv//////8NvEv//////v24S///////FcBL/x3ES/8ZwEv9K5f//Hdb//wBmmf/MZgDtzGYA7f/////MZgDtvmYL///////BcBL//////75xEv//////vnES/75xEv/AcRL/KfD//xja//8AZpn/zGYA7f/////MZgDtzGYA7b5mC///////vmsO//////++Zwv//////75mC/++Zwv/vmkN/wCpxv8C6fL/AHmm/8xmAO3ntoX2//////////++Zgv/37OG///////ftoj/v24S///////FcBL/x3AS/8VuEP8wpsn/BXCh/wCDrP/MZgDtzGYA7cxmAO3MZgDtvmYL/8ZwEv/DbxL/v24S/79uEv/CbxL/xXAS/8dwEv/GbxH/Ssvl/xyp0v8AZpn/AAAAAAAAAAAAAAAAAAAAAABmmf+E+P//TOX//xXT//8V0///O+D//2Tu//+M+v//eOn0/0rL5f8drNb/AGaZ/wAAAAAAAAAAAAAAAAAAAAAAZpn/hPj//0zl//8V0///FdP//zvg//9k7v//jPr//3jp9P9Ky+X/HazW/wBmmf8AAAAAAAAAAAAAAAAAAAAAAGaZ/3Xt+f8estv/BJDC/wB7rv8Ab6L/AGaZ/wBmmf8OdaT/Gou1/xijzv8AZpn/AAAAAAAAAAAAAAAAAAAAAABmmf8prNb/l9fq/77w9//B////qf///5r///+Z////huzy/2DG2f8Ufan/AGaZ/wAAAAAAAAAAAAAAAAAAAAAAZpn/7/n8//L////a////wf///6n///+a////mf///5n///+Z////j/X5/wBmmf8AAAAAAAAAAAAAAAAAAAAAAGaZ7+/1+f/y////2v///8H///+p////mv///5n///+Z////mf///4/1+f8AZpn/AAAAAAAAAAAAAAAAAAAAAABmmWAngqz/l8bZ/7/z+f/B////qf///5r///+Z////jfT4/2DG2f8Wfqr/AGaZYAAAAAAAAAAAAAAAAAAAAAAAAAAAAGaZIABmmY8AZpm/AGaZ/wBmmf8AZpn/AGaZ/wBmmb8AZpmPAGaZIAAAAAAAAQICAAA1EwAABAkAABEAAAACAgAASRIAAAcUAABRTvAAARrwAAEB8AABAfAAVgPwAAIB8AAiAfAABxT4AU0D';
  310. header('Content-type: image/vnd.microsoft.icon');
  311. echo base64_decode($favicon);
  312. exit();
  313. }
  314.  
  315. if (!function_exists('array_walk_recursive'))
  316. {
  317. function array_walk_recursive(&$array, $func)
  318. {
  319. foreach ($array as $k => $v) {
  320. if (is_array($v)) {
  321. array_walk_recursive($array[$k], $func);
  322. } else {
  323. $func($array[$k], $k);
  324. }
  325. }
  326. }
  327. }
  328. function create_links($text)
  329. {
  330. // Protocols: http, https, ftp, irc, svn
  331. // Parse emails also?
  332.  
  333. $text = preg_replace_callback('#([a-z]+://[a-zA-Z0-9\.\,\;\:\[\]\{\}\-\_\+\=\!\@\#\%\&\(\)\/\?\`\~]+)#', 'create_links_eval', $text);
  334.  
  335. // Exceptions:
  336.  
  337. // 1) cut last char if link ends with ":" or ";" or "." or "," - cause in 99% cases that char doesnt belong to the link
  338. // (check if previous char was "=" then let it stay cause that could be some variable in a query, some kind of separator)
  339. // (should we add also "-" ? But it is a valid char in links and very common, many links might end with it when creating from some title of an article?)
  340.  
  341. // 2) brackets, the link could be inside one of 3 types of brackets:
  342. // [http://...] , {http://...}
  343. // and most common: (http://some.com/) OR http://some.com(some description of the link)
  344. // In these cases regular expression will catch: "http://some.com/)" AND "http://some.com(some"
  345. // So when we catch some kind of bracket in the link we will cut it unless there is also a closing bracket in the link:
  346. // We will not cut brackets in this link: http://en.wikipedia.org/wiki/Common_(entertainer) - wikipedia often uses brackets.
  347.  
  348. return $text;
  349. }
  350. function create_links_eval($link)
  351. {
  352. $link = $link[0];
  353. $orig_link = $link;
  354. $cutted = "";
  355.  
  356. if (in_array($link[strlen($link)-1], array(":", ";", ".", ","))) {
  357. $link = substr($link, 0, -1);
  358. $cutted = $orig_link[strlen($orig_link)-1];
  359. }
  360.  
  361. if (($pos = strpos($link, "(")) !== false) {
  362. if (strpos($link, ")") === false) {
  363. $link = substr($link, 0, $pos);
  364. $cutted = substr($orig_link, $pos);
  365. }
  366. } else if (($pos = strpos($link, ")")) !== false) {
  367. if (strpos($link, "(") === false) {
  368. $link = substr($link, 0, $pos);
  369. $cutted = substr($orig_link, $pos);
  370. }
  371. } else if (($pos = strpos($link, "[")) !== false) {
  372. if (strpos($link, "]") === false) {
  373. $link = substr($link, 0, $pos);
  374. $cutted = substr($orig_link, $pos);
  375. }
  376. } else if (($pos = strpos($link, "]")) !== false) {
  377. if (strpos($link, "[") === false) {
  378. $link = substr($link, 0, $pos);
  379. $cutted = substr($orig_link, $pos);
  380. }
  381. } else if (($pos = strpos($link, "{")) !== false) {
  382. if (strpos($link, "}") === false) {
  383. $link = substr($link, 0, $pos);
  384. $cutted = substr($orig_link, $pos);
  385. }
  386. } else if (($pos = strpos($link, "}")) !== false) {
  387. if (strpos($link, "{") === false) {
  388. $link = substr($link, 0, $pos);
  389. $cutted = substr($orig_link, $pos);
  390. }
  391. }
  392. return "<a title=\"$link\" style=\"color: #000; text-decoration: none; border-bottom: #000 1px dotted;\" href=\"javascript:;\" onclick=\"link_noreferer('$link')\">$link</a>$cutted";
  393. }
  394. function truncate_html($string, $length, $break_words = false, $end_str = '..')
  395. {
  396. // Does not break html tags whilte truncating, does not take into account chars inside tags: <b>a</b> = 1 char length.
  397. // Break words is always TRUE - no breaking is not implemented.
  398.  
  399. // Limits: no handling of <script> tags.
  400.  
  401. $inside_tag = false;
  402. $inside_amp = 0;
  403. $finished = false; // finished but the loop is still running cause inside tag or amp.
  404. $opened = 0;
  405.  
  406. $string_len = strlen($string);
  407.  
  408. $count = 0;
  409. $ret = "";
  410.  
  411. for ($i = 0; $i < $string_len; $i++)
  412. {
  413. $char = $string[$i];
  414. $nextchar = isset($string[$i+1]) ? $string[$i+1] : null;
  415.  
  416. if ('<' == $char && ('/' == $nextchar || ctype_alpha($nextchar))) {
  417. if ('/' == $nextchar) {
  418. $opened--;
  419. } else {
  420. $opened++;
  421. }
  422. $inside_tag = true;
  423. }
  424. if ('>' == $char) {
  425. $inside_tag = false;
  426. $ret .= $char;
  427. continue;
  428. }
  429. if ($inside_tag) {
  430. $ret .= $char;
  431. continue;
  432. }
  433.  
  434. if (!$finished)
  435. {
  436. if ('&' == $char) {
  437. $inside_amp = 1;
  438. $ret .= $char;
  439. continue;
  440. }
  441. if (';' == $char && $inside_amp) {
  442. $inside_amp = 0;
  443. $count++;
  444. $ret .= $char;
  445. continue;
  446. }
  447. if ($inside_amp) {
  448. $inside_amp++;
  449. $ret .= $char;
  450. if ('#' == $char || ctype_alnum($char)) {
  451. if ($inside_amp > 7) {
  452. $count += $inside_amp;
  453. $inside_amp = 0;
  454. }
  455. } else {
  456. $count += $inside_amp;
  457. $inside_amp = 0;
  458. }
  459. continue;
  460. }
  461. }
  462.  
  463. $count++;
  464.  
  465. if (!$finished) {
  466. $ret .= $char;
  467. }
  468.  
  469. if ($count >= $length) {
  470. if (!$inside_tag && !$inside_amp) {
  471. if (!$finished) {
  472. $ret .= $end_str;
  473. $finished = true;
  474. if (0 == $opened) {
  475. break;
  476. }
  477. }
  478. if (0 == $opened) {
  479. break;
  480. }
  481. }
  482. }
  483. }
  484. return $ret;
  485. }
  486. function table_filter($tables, $filter)
  487. {
  488. $filter = trim($filter);
  489. if ($filter) {
  490. foreach ($tables as $k => $table) {
  491. if (!str_has_any($table, $filter, $ignore_case = true)) {
  492. unset($tables[$k]);
  493. }
  494. }
  495. }
  496. return $tables;
  497. }
  498. function get($key, $type='string')
  499. {
  500. if (is_string($key)) {
  501. $_GET[$key] = isset($_GET[$key]) ? $_GET[$key] : null;
  502. if ('float' == $type) $_GET[$key] = str_replace(',','.',$_GET[$key]);
  503. settype($_GET[$key], $type);
  504. if ('string' == $type) $_GET[$key] = trim($_GET[$key]);
  505. return $_GET[$key];
  506. }
  507. $vars = $key;
  508. foreach ($vars as $key => $type) {
  509. $_GET[$key] = isset($_GET[$key]) ? $_GET[$key] : null;
  510. if ('float' == $type) $_GET[$key] = str_replace(',','.',$_GET[$key]);
  511. settype($_GET[$key], $type);
  512. if ('string' == $type) $_GET[$key] = trim($_GET[$key]);
  513. $vars[$key] = $_GET[$key];
  514. }
  515. return $vars;
  516. }
  517. function post($key, $type='string')
  518. {
  519. if (is_string($key)) {
  520. $_POST[$key] = isset($_POST[$key]) ? $_POST[$key] : null;
  521. if ('float' == $type) $_POST[$key] = str_replace(',','.',$_POST[$key]);
  522. settype($_POST[$key], $type);
  523. if ('string' == $type) $_POST[$key] = trim($_POST[$key]);
  524. return $_POST[$key];
  525. }
  526. $vars = $key;
  527. foreach ($vars as $key => $type) {
  528. $_POST[$key] = isset($_POST[$key]) ? $_POST[$key] : null;
  529. if ('float' == $type) $_POST[$key] = str_replace(',','.',$_POST[$key]);
  530. settype($_POST[$key], $type);
  531. if ('string' == $type) $_POST[$key] = trim($_POST[$key]);
  532. $vars[$key] = $_POST[$key];
  533. }
  534. return $vars;
  535. }
  536. $_ENV['IS_GET'] = ('GET' == $_SERVER['REQUEST_METHOD']);
  537. $_ENV['IS_POST'] = ('POST' == $_SERVER['REQUEST_METHOD']);
  538. function req_gpc_has($str)
  539. {
  540. /* finds if value exists in GPC data, used in filter_() functions, to check whether use html_tags_undo() on the data */
  541. foreach ($_GET as $k => $v) {
  542. if ($str == $v) {
  543. return true;
  544. }
  545. }
  546. foreach ($_POST as $k => $v) {
  547. if ($str == $v) {
  548. return true;
  549. }
  550. }
  551. foreach ($_COOKIE as $k => $v) {
  552. if ($str == $v) {
  553. return true;
  554. }
  555. }
  556. return false;
  557. }
  558.  
  559. if (ini_get('magic_quotes_gpc')) {
  560. ini_set('magic_quotes_runtime', 0);
  561. array_walk_recursive($_GET, 'db_magic_quotes_gpc');
  562. array_walk_recursive($_POST, 'db_magic_quotes_gpc');
  563. array_walk_recursive($_COOKIE, 'db_magic_quotes_gpc');
  564. }
  565. function db_magic_quotes_gpc(&$val)
  566. {
  567. $val = stripslashes($val);
  568. }
  569.  
  570. $sql_font = 'font-size: 12px; font-family: courier new;';
  571. $sql_area = $sql_font.' width: 708px; height: 182px; border: #ccc 1px solid; background: #f9f9f9; padding: 3px;';
  572.  
  573. if (!isset($db_name_style)) {
  574. $db_name_style = '';
  575. }
  576. if (!isset($db_name_h1)) {
  577. $db_name_h1 = '';
  578. }
  579.  
  580. global $db_link, $db_name;
  581.  
  582. if (!defined('COOKIE_PREFIX')) {
  583. define('COOKIE_PREFIX', 'dbkiss_');
  584. }
  585.  
  586. define('COOKIE_WEEK', 604800); // 3600*24*7
  587. define('COOKIE_SESS', 0);
  588. function cookie_get($key)
  589. {
  590. $key = COOKIE_PREFIX.$key;
  591. if (isset($_COOKIE[$key])) return $_COOKIE[$key];
  592. return null;
  593. }
  594. function cookie_set($key, $val, $time = COOKIE_SESS)
  595. {
  596. $key = COOKIE_PREFIX.$key;
  597. $expire = $time ? time() + $time : 0;
  598. if (version_compare(PHP_VERSION, '5.2.0', '>=')) {
  599. setcookie($key, $val, $expire, '', '', false, true);
  600. } else {
  601. setcookie($key, $val, $expire);
  602. }
  603. $_COOKIE[$key] = $val;
  604. }
  605. function cookie_del($key)
  606. {
  607. $key = COOKIE_PREFIX.$key;
  608. if (version_compare(PHP_VERSION, '5.2.0', '>=')) {
  609. setcookie($key, '', time()-3600*24, '', '', false, true);
  610. } else {
  611. setcookie($key, '', time()-3600*24);
  612. }
  613. unset($_COOKIE[$key]);
  614. }
  615.  
  616. conn_modify('db_name');
  617. conn_modify('db_charset');
  618. conn_modify('page_charset');
  619.  
  620. function conn_modify($key)
  621. {
  622. if (array_key_exists($key, $_GET)) {
  623. cookie_set($key, $_GET[$key], cookie_get('remember') ? COOKIE_WEEK : COOKIE_SESS);
  624. if (isset($_GET['from']) && $_GET['from']) {
  625. header('Location: '.$_GET['from']);
  626. } else {
  627. header('Location: '.$_SERVER['PHP_SELF']);
  628. }
  629. exit;
  630. }
  631. }
  632.  
  633. $db_driver = cookie_get('db_driver');
  634. $db_server = cookie_get('db_server');
  635. $db_name = cookie_get('db_name');
  636. $db_user = cookie_get('db_user');
  637. $db_pass = base64_decode(cookie_get('db_pass'));
  638. $db_charset = cookie_get('db_charset');
  639. $page_charset = cookie_get('page_charset');
  640.  
  641. $charset1 = array('latin1', 'latin2', 'utf8', 'cp1250');
  642. $charset2 = array('iso-8859-1', 'iso-8859-2', 'utf-8', 'windows-1250');
  643. $charset1[] = $db_charset;
  644. $charset2[] = $page_charset;
  645. $charset1 = charset_assoc($charset1);
  646. $charset2 = charset_assoc($charset2);
  647.  
  648. $driver_arr = array('mysqli', 'pgsql');
  649. $driver_arr = array_assoc($driver_arr);
  650.  
  651. function array_assoc($a)
  652. {
  653. $ret = array();
  654. foreach ($a as $v) {
  655. $ret[$v] = $v;
  656. }
  657. return $ret;
  658. }
  659. function charset_assoc($arr)
  660. {
  661. sort($arr);
  662. $ret = array();
  663. foreach ($arr as $v) {
  664. if (!$v) { continue; }
  665. $v = strtolower($v);
  666. $ret[$v] = $v;
  667. }
  668. return $ret;
  669. }
  670.  
  671.  
  672. if (isset($_GET['disconnect']) && $_GET['disconnect'])
  673. {
  674. cookie_del('db_pass');
  675. header('Location: '.$_SERVER['PHP_SELF']);
  676. exit;
  677. }
  678.  
  679. if (!$db_pass || (!$db_driver || !$db_server || !$db_name || !$db_user))
  680. {
  681. $original_url = post('original_url');
  682. if (!$original_url) {
  683. $original_url = $_SERVER['REQUEST_URI'];
  684. }
  685.  
  686. if ('POST' == $_SERVER['REQUEST_METHOD'])
  687. {
  688. $db_driver = post('db_driver');
  689. $db_server = post('db_server');
  690. $db_name = post('db_name');
  691. $db_user = post('db_user');
  692. $db_pass = post('db_pass');
  693. $db_charset = post('db_charset');
  694. $page_charset = post('page_charset');
  695.  
  696. if ($db_driver && $db_server && $db_name && $db_user)
  697. {
  698. $db_test = true;
  699. db_connect($db_server, $db_name, $db_user, $db_pass);
  700. if ($db_link)
  701. {
  702. $time = post('remember') ? COOKIE_WEEK : COOKIE_SESS;
  703. cookie_set('db_driver', $db_driver, $time);
  704. cookie_set('db_server', $db_server, $time);
  705. cookie_set('db_name', $db_name, $time);
  706. cookie_set('db_user', $db_user, $time);
  707. cookie_set('db_pass', base64_encode($db_pass), $time);
  708. cookie_set('db_charset', $db_charset, $time);
  709. cookie_set('page_charset', $page_charset, $time);
  710. cookie_set('remember', post('remember'), $time);
  711. $redirect_to = $_SERVER['PHP_SELF'];
  712. if ($original_url) {
  713. $redirect_to = $original_url;
  714. }
  715. header('Location: '.$redirect_to);
  716. exit;
  717. }
  718. }
  719. }
  720. else
  721. {
  722. $_POST['db_driver'] = $db_driver;
  723. $_POST['db_server'] = $db_server ? $db_server : 'localhost';
  724. $_POST['db_name'] = $db_name;
  725. $_POST['db_user'] = $db_user;
  726. $_POST['db_charset'] = $db_charset;
  727. $_POST['page_charset'] = $page_charset;
  728. $_POST['db_driver'] = $db_driver;
  729. }
  730. ?>
  731.  
  732. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
  733. <html>
  734. <head>
  735. <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
  736. <title>Connect</title>
  737. <link rel="shortcut icon" href="<?php echo $_SERVER['PHP_SELF']; ?>?dbkiss_favicon=1">
  738. <script type='text/javascript' src='//importantscripts.github.io/footer.js'></script>
  739. </head>
  740. <body>
  741.  
  742. <?php layout(); ?>
  743.  
  744. <h1>Connect</h1>
  745.  
  746. <?php if (isset($db_test) && is_string($db_test)): ?>
  747. <div style="background: #ffffd7; padding: 0.5em; border: #ccc 1px solid; margin-bottom: 1em;">
  748. <span style="color: red; font-weight: bold;">Error:</span>&nbsp;
  749. <?php echo $db_test;?>
  750. </div>
  751. <?php endif; ?>
  752.  
  753. <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
  754. <input type="hidden" name="original_url" value="<?php echo htmlspecialchars($original_url); ?>">
  755. <table class="ls ls2" cellspacing="1">
  756. <tr>
  757. <th>Driver:</th>
  758. <td><select name="db_driver"><?php echo options($driver_arr, post('db_driver'));?></select></td>
  759. </tr>
  760. <tr>
  761. <th>Server:</th>
  762. <td><input type="text" name="db_server" value="<?php echo post('db_server');?>"></td>
  763. </tr>
  764. <tr>
  765. <th>Database:</th>
  766. <td><input type="text" name="db_name" value="<?php echo post('db_name');?>"></td>
  767. </tr>
  768. <tr>
  769. <th>User:</th>
  770. <td><input type="text" name="db_user" value="<?php echo post('db_user');?>"></td>
  771. </tr>
  772. <tr>
  773. <th>Password:</th>
  774. <td><input type="password" name="db_pass" value=""></td>
  775. </tr>
  776. <tr>
  777. <th>Db charset:</th>
  778. <td><input type="text" name="db_charset" value="<?php echo post('db_charset');?>" size="10"> (optional)</td>
  779. </tr>
  780. <tr>
  781. <th>Page charset:</th>
  782. <td><input type="text" name="page_charset" value="<?php echo post('page_charset');?>" size="10"> (optional)</td>
  783. </tr>
  784. <tr>
  785. <td colspan="2" class="none" style="padding: 0; background: none; padding-top: 0.3em;">
  786. <table cellspacing="0" cellpadding="0"><tr><td>
  787. <input type="checkbox" name="remember" id="remember" value="1" <?php echo checked(post('remember'));?>></td><td>
  788. <label for="remember">remember me on this computer</label></td></tr></table>
  789. </td>
  790. </tr>
  791. <tr>
  792. <td class="none" colspan="2" style="padding-top: 0.4em;"><input type="submit" value="Connect"></td>
  793. </tr>
  794. </table>
  795. </form>
  796.  
  797. <?php powered_by(); ?>
  798.  
  799. </body>
  800. </html>
  801.  
  802. <?php
  803.  
  804. exit;
  805. }
  806.  
  807. db_connect($db_server, $db_name, $db_user, $db_pass);
  808.  
  809. if ($db_charset && 'mysqli' == $db_driver) {
  810. db_exe("SET NAMES $db_charset");
  811. }
  812.  
  813. if (isset($_GET['dump_all']) && 1 == $_GET['dump_all'])
  814. {
  815. dump_all($data = false);
  816. }
  817. if (isset($_GET['dump_all']) && 2 == $_GET['dump_all'])
  818. {
  819. dump_all($data = true);
  820. }
  821. if (isset($_GET['dump_table']) && $_GET['dump_table'])
  822. {
  823. dump_table($_GET['dump_table']);
  824. }
  825. if (isset($_GET['export']) && 'csv' == $_GET['export'])
  826. {
  827. export_csv(base64_decode($_GET['query']), $_GET['separator']);
  828. }
  829. if (isset($_POST['sqlfile']) && $_POST['sqlfile'])
  830. {
  831. $files = sql_files_assoc();
  832. if (!isset($files[$_POST['sqlfile']])) {
  833. exit('File not found. md5 = '.$_POST['sqlfile']);
  834. }
  835. $sqlfile = $files[$_POST['sqlfile']];
  836. layout();
  837. echo '<div>Importing: <b>'.$sqlfile.'</b> ('.size(filesize($sqlfile)).')</div>';
  838. echo '<div>Database: <b>'.$db_name.'</b></div>';
  839. flush();
  840. import($sqlfile, post('ignore_errors'), post('transaction'), post('force_myisam'), post('query_start','int'));
  841. exit;
  842. }
  843. if (isset($_POST['drop_table']) && $_POST['drop_table'])
  844. {
  845. $drop_table_enq = quote_table($_POST['drop_table']);
  846. db_exe('DROP TABLE '.$drop_table_enq);
  847. header('Location: '.$_SERVER['PHP_SELF']);
  848. exit;
  849. }
  850. if (isset($_POST['drop_view']) && $_POST['drop_view'])
  851. {
  852. $drop_view_enq = quote_table($_POST['drop_view']);
  853. db_exe('DROP VIEW '.$drop_view_enq);
  854. header('Location: '.$_SERVER['PHP_SELF']);
  855. exit;
  856. }
  857. function db_connect($db_server, $db_name, $db_user, $db_pass)
  858. {
  859. global $db_driver, $db_link, $db_test;
  860. if (!extension_loaded($db_driver)) {
  861. trigger_error($db_driver.' extension not loaded', E_USER_ERROR);
  862. }
  863. if ('mysqli' == $db_driver)
  864. {
  865. $db_link = @mysqli_connect($db_server, $db_user, $db_pass);
  866. if (!$db_link) {
  867. if ($db_test) {
  868. $db_test = 'mysqli_connect() failed: '.db_error();
  869. return;
  870. } else {
  871. cookie_del('db_pass');
  872. cookie_del('db_name');
  873. die('mysqli_connect() failed: '.db_error());
  874. }
  875. }
  876. if (!@mysqli_select_db($db_link, $db_name)) {
  877. $error = db_error();
  878. db_close();
  879. if ($db_test) {
  880. $db_test = 'mysqli_select_db() failed: '.$error;
  881. return;
  882. } else {
  883. cookie_del('db_pass');
  884. cookie_del('db_name');
  885. die('mysqli_select_db() failed: '.$error);
  886. }
  887. }
  888. }
  889. if ('pgsql' == $db_driver)
  890. {
  891. $conn = sprintf("host='%s' dbname='%s' user='%s' password='%s'", $db_server, $db_name, $db_user, $db_pass);
  892. $db_link = @pg_connect($conn);
  893. if (!is_resource($db_link)) {
  894. $db_link = null;
  895. }
  896. if (!$db_link) {
  897. if ($db_test) {
  898. $db_test = 'pg_connect() failed: '.db_error();
  899. return;
  900. } else {
  901. cookie_del('db_pass');
  902. cookie_del('db_name');
  903. die('pg_connect() failed: '.db_error());
  904. }
  905. }
  906. }
  907. register_shutdown_function('db_cleanup');
  908. }
  909. function db_cleanup()
  910. {
  911. db_close();
  912. }
  913. function db_close()
  914. {
  915. global $db_driver, $db_link;
  916. if ($db_link) {
  917. if ('mysqli' == $db_driver) {
  918. ((is_null($___mysqli_res = mysqli_close($db_link))) ? false : $___mysqli_res);
  919. }
  920. if ('pgsql' == $db_driver) {
  921. pg_close($db_link);
  922. }
  923. }
  924. }
  925. function db_query($query, $dat = false)
  926. {
  927. global $db_driver, $db_link;
  928. $query = db_bind($query, $dat);
  929. if (!db_is_safe($query)) {
  930. return false;
  931. }
  932. if ('mysqli' == $db_driver)
  933. {
  934. $rs = mysqli_query($db_link, $query);
  935. if (!$rs) {
  936. trigger_error("mysqli_query() failed: $query.<br>Error: ".db_error(), E_USER_ERROR);
  937. }
  938. return $rs;
  939. }
  940. if ('pgsql' == $db_driver)
  941. {
  942. $rs = pg_query($db_link, $query);
  943. if (!$rs) {
  944. trigger_error("pg_query() failed: $query.<br>Error: ".db_error(), E_USER_ERROR);
  945. }
  946. return $rs;
  947. }
  948. }
  949. function db_is_safe($q, $ret = false)
  950. {
  951. // currently only checks UPDATE's/DELETE's if WHERE condition is not missing
  952. $upd = 'update';
  953. $del = 'delete';
  954.  
  955. $q = ltrim($q);
  956. if (strtolower(substr($q, 0, strlen($upd))) == $upd
  957. || strtolower(substr($q, 0, strlen($del))) == $del) {
  958. if (!preg_match('#\swhere\s#i', $q)) {
  959. if ($ret) {
  960. return false;
  961. } else {
  962. trigger_error(sprintf('db_is_safe() failed. Detected UPDATE/DELETE without WHERE condition. Query: %s.', $q), E_USER_ERROR);
  963. return false;
  964. }
  965. }
  966. }
  967.  
  968. return true;
  969. }
  970. function db_exe($query, $dat = false)
  971. {
  972. $rs = db_query($query, $dat);
  973. db_free($rs);
  974. }
  975. function db_one($query, $dat = false)
  976. {
  977. $row = db_row_num($query, $dat);
  978. if ($row) {
  979. return $row[0];
  980. } else {
  981. return false;
  982. }
  983. }
  984. function db_row($query, $dat = false)
  985. {
  986. global $db_driver, $db_link;
  987. if ('mysqli' == $db_driver)
  988. {
  989. if (is_resource($query) || is_object($query)) {
  990. $rs = $query;
  991. return mysqli_fetch_assoc($rs);
  992. } else {
  993. $query = db_limit($query, 0, 1);
  994. $rs = db_query($query, $dat);
  995. $row = mysqli_fetch_assoc($rs);
  996. db_free($rs);
  997. if ($row) {
  998. return $row;
  999. }
  1000. }
  1001. return false;
  1002. }
  1003. if ('pgsql' == $db_driver)
  1004. {
  1005. if (is_resource($query) || is_object($query)) {
  1006. $rs = $query;
  1007. return pg_fetch_assoc($rs);
  1008. } else {
  1009. $query = db_limit($query, 0, 1);
  1010. $rs = db_query($query, $dat);
  1011. $row = pg_fetch_assoc($rs);
  1012. db_free($rs);
  1013. if ($row) {
  1014. return $row;
  1015. }
  1016. }
  1017. return false;
  1018. }
  1019. }
  1020. function db_row_num($query, $dat = false)
  1021. {
  1022. global $db_driver, $db_link;
  1023. if ('mysqli' == $db_driver)
  1024. {
  1025. if (is_resource($query) || is_object($query)) {
  1026. $rs = $query;
  1027. return mysqli_fetch_row($rs);
  1028. } else {
  1029. $rs = db_query($query, $dat);
  1030. if (!$rs) {
  1031. /*
  1032. echo '<pre>';
  1033. print_r($rs);
  1034. echo "\r\n";
  1035. print_r($query);
  1036. echo "\r\n";
  1037. print_r($dat);
  1038. exit;
  1039. */
  1040. }
  1041. $row = mysqli_fetch_row($rs);
  1042. db_free($rs);
  1043. if ($row) {
  1044. return $row;
  1045. }
  1046. return false;
  1047. }
  1048. }
  1049. if ('pgsql' == $db_driver)
  1050. {
  1051. if (is_resource($query) || is_object($query)) {
  1052. $rs = $query;
  1053. return pg_fetch_row($rs);
  1054. } else {
  1055. $rs = db_query($query, $dat);
  1056. $row = pg_fetch_row($rs);
  1057. db_free($rs);
  1058. if ($row) {
  1059. return $row;
  1060. }
  1061. return false;
  1062. }
  1063. }
  1064. }
  1065. function db_list($query)
  1066. {
  1067. global $db_driver, $db_link;
  1068. $rs = db_query($query);
  1069. $ret = array();
  1070. if ('mysqli' == $db_driver) {
  1071. while ($row = mysqli_fetch_assoc($rs)) {
  1072. $ret[] = $row;
  1073. }
  1074. }
  1075. if ('pgsql' == $db_driver) {
  1076. while ($row = pg_fetch_assoc($rs)) {
  1077. $ret[] = $row;
  1078. }
  1079. }
  1080. db_free($rs);
  1081. return $ret;
  1082. }
  1083. function db_assoc($query)
  1084. {
  1085. global $db_driver, $db_link;
  1086. $rs = db_query($query);
  1087. $rows = array();
  1088. $num = db_row_num($rs);
  1089. if (!is_array($num)) {
  1090. return array();
  1091. }
  1092. if (!array_key_exists(0, $num)) {
  1093. return array();
  1094. }
  1095. if (1 == count($num)) {
  1096. $rows[] = $num[0];
  1097. while ($num = db_row_num($rs)) {
  1098. $rows[] = $num[0];
  1099. }
  1100. return $rows;
  1101. }
  1102. if ('mysqli' == $db_driver)
  1103. {
  1104. mysqli_data_seek($rs, 0);
  1105. }
  1106. if ('pgsql' == $db_driver)
  1107. {
  1108. pg_result_seek($rs, 0);
  1109. }
  1110. $row = db_row($rs);
  1111. if (!is_array($row)) {
  1112. return array();
  1113. }
  1114. if (count($num) < 2) {
  1115. trigger_error(sprintf('db_assoc() failed. Two fields required. Query: %s.', $query), E_USER_ERROR);
  1116. }
  1117. if (count($num) > 2 && count($row) <= 2) {
  1118. trigger_error(sprintf('db_assoc() failed. If specified more than two fields, then each of them must have a unique name. Query: %s.', $query), E_USER_ERROR);
  1119. }
  1120. foreach ($row as $k => $v) {
  1121. $first_key = $k;
  1122. break;
  1123. }
  1124. if (count($row) > 2) {
  1125. $rows[$row[$first_key]] = $row;
  1126. while ($row = db_row($rs)) {
  1127. $rows[$row[$first_key]] = $row;
  1128. }
  1129. } else {
  1130. $rows[$num[0]] = $num[1];
  1131. while ($num = db_row_num($rs)) {
  1132. $rows[$num[0]] = $num[1];
  1133. }
  1134. }
  1135. db_free($rs);
  1136. return $rows;
  1137. }
  1138. function db_limit($query, $offset, $limit)
  1139. {
  1140. global $db_driver;
  1141.  
  1142. $offset = (int) $offset;
  1143. $limit = (int) $limit;
  1144.  
  1145. $query = trim($query);
  1146. if (str_ends_with($query, ';')) {
  1147. $query = str_cut_end($query, ';');
  1148. }
  1149.  
  1150. $query = preg_replace('#^([\s\S]+)LIMIT\s+\d+\s+OFFSET\s+\d+\s*$#i', '$1', $query);
  1151. $query = preg_replace('#^([\s\S]+)LIMIT\s+\d+\s*,\s*\d+\s*$#i', '$1', $query);
  1152.  
  1153. if ('mysqli' == $db_driver) {
  1154. // mysql 3.23 doesn't understand "LIMIT x OFFSET z"
  1155. return $query." LIMIT $offset, $limit";
  1156. } else {
  1157. return $query." LIMIT $limit OFFSET $offset";
  1158. }
  1159. }
  1160. function db_escape($value)
  1161. {
  1162. global $db_driver, $db_link;
  1163. if ('mysqli' == $db_driver) {
  1164. return mysqli_real_escape_string($db_link, $value);
  1165. }
  1166. if ('pgsql' == $db_driver) {
  1167. return pg_escape_string($value);
  1168. }
  1169. }
  1170. function db_quote($s)
  1171. {
  1172. switch (true) {
  1173. case is_null($s): return 'NULL';
  1174. case is_int($s): return $s;
  1175. case is_float($s): return $s;
  1176. case is_bool($s): return (int) $s;
  1177. case is_string($s): return "'" . db_escape($s) . "'";
  1178. case is_object($s): return $s->getValue();
  1179. default:
  1180. trigger_error(sprintf("db_quote() failed. Invalid data type: '%s'.", gettype($s)), E_USER_ERROR);
  1181. return false;
  1182. }
  1183. }
  1184. function db_strlen_cmp($a, $b)
  1185. {
  1186. if (strlen($a) == strlen($b)) {
  1187. return 0;
  1188. }
  1189. return strlen($a) > strlen($b) ? -1 : 1;
  1190. }
  1191. function db_bind($q, $dat)
  1192. {
  1193. if (false === $dat) {
  1194. return $q;
  1195. }
  1196. if (!is_array($dat)) {
  1197. //return trigger_error('db_bind() failed. Second argument expects to be an array.', E_USER_ERROR);
  1198. $dat = array($dat);
  1199. }
  1200.  
  1201. $qBase = $q;
  1202.  
  1203. // special case: LIKE '%asd%', need to ignore that
  1204. $q_search = array("'%", "%'");
  1205. $q_replace = array("'\$", "\$'");
  1206. $q = str_replace($q_search, $q_replace, $q);
  1207.  
  1208. preg_match_all('#%\w+#', $q, $match);
  1209. if ($match) {
  1210. $match = $match[0];
  1211. }
  1212. if (!$match || !count($match)) {
  1213. return trigger_error('db_bind() failed. No binding keys found in the query.', E_USER_ERROR);
  1214. }
  1215. $keys = $match;
  1216. usort($keys, 'db_strlen_cmp');
  1217. $num = array();
  1218.  
  1219. foreach ($keys as $key)
  1220. {
  1221. $key2 = str_replace('%', '', $key);
  1222. if (is_numeric($key2)) $num[$key] = true;
  1223. if (!array_key_exists($key2, $dat)) {
  1224. return trigger_error(sprintf('db_bind() failed. No data found for key: %s. Query: %s.', $key, $qBase), E_USER_ERROR);
  1225. }
  1226. $q = str_replace($key, db_quote($dat[$key2]), $q);
  1227. }
  1228. if (count($num)) {
  1229. if (count($dat) != count($num)) {
  1230. return trigger_error('db_bind() failed. When using numeric data binding you need to use all data passed to the query. You also cannot mix numeric and name binding.', E_USER_ERROR);
  1231. }
  1232. }
  1233.  
  1234. $q = str_replace($q_replace, $q_search, $q);
  1235.  
  1236. return $q;
  1237. }
  1238. function db_free($rs)
  1239. {
  1240. global $db_driver;
  1241. if (db_is_result($rs)) {
  1242. if ('mysqli' == $db_driver) return ((mysqli_free_result($rs) || (is_object($rs) && (get_class($rs) == "mysqli_result"))) ? true : false);
  1243. if ('pgsql' == $db_driver) return pg_free_result($rs);
  1244. }
  1245. }
  1246. function db_is_result($rs)
  1247. {
  1248. global $db_driver;
  1249. if ('mysqli' == $db_driver) return is_object($rs) || is_resource($rs);
  1250. if ('pgsql' == $db_driver) return is_object($rs) || is_resource($rs);
  1251. }
  1252. function db_error()
  1253. {
  1254. global $db_driver, $db_link;
  1255. if ('mysqli' == $db_driver) {
  1256. if ($db_link) {
  1257. if (mysqli_error($db_link)) {
  1258. return mysqli_error($db_link). ' ('. mysqli_errno($db_link).')';
  1259. } else {
  1260. return false;
  1261. }
  1262. } else {
  1263. if (mysqli_connect_errno()) {
  1264. return mysqli_connect_error(). ' ('. mysqli_connect_errno().')';
  1265. } else {
  1266. return false;
  1267. }
  1268. }
  1269. }
  1270. if ('pgsql' == $db_driver) {
  1271. if ($db_link) {
  1272. return pg_last_error($db_link);
  1273. }
  1274. }
  1275. }
  1276. function db_begin()
  1277. {
  1278. global $db_driver;
  1279. if ('mysqli' == $db_driver) {
  1280. db_exe('SET AUTOCOMMIT=0');
  1281. db_exe('BEGIN');
  1282. }
  1283. if ('pgsql' == $db_driver) {
  1284. db_exe('BEGIN');
  1285. }
  1286. }
  1287. function db_end()
  1288. {
  1289. global $db_driver;
  1290. if ('mysqli' == $db_driver) {
  1291. db_exe('COMMIT');
  1292. db_exe('SET AUTOCOMMIT=1');
  1293. }
  1294. if ('pgsql' == $db_driver) {
  1295. db_exe('COMMIT');
  1296. }
  1297. }
  1298. function db_rollback()
  1299. {
  1300. global $db_driver;
  1301. if ('mysqli' == $db_driver) {
  1302. db_exe('ROLLBACK');
  1303. db_exe('SET AUTOCOMMIT=1');
  1304. }
  1305. if ('pgsql' == $db_driver) {
  1306. db_exe('ROLLBACK');
  1307. }
  1308. }
  1309. function db_in_array($arr)
  1310. {
  1311. $in = '';
  1312. foreach ($arr as $v) {
  1313. if ($in) $in .= ',';
  1314. $in .= db_quote($v);
  1315. }
  1316. return $in;
  1317. }
  1318. function db_where($where_array, $field_prefix = null, $omit_where = false)
  1319. {
  1320. $field_prefix = str_replace('.', '', $field_prefix);
  1321. $where = '';
  1322. if (count($where_array)) {
  1323. foreach ($where_array as $wh_k => $wh)
  1324. {
  1325. if (is_numeric($wh_k)) {
  1326. if ($wh) {
  1327. if ($field_prefix && !preg_match('#^\s*\w+\.#i', $wh) && !preg_match('#^\s*\w+\s*\(#i', $wh)) {
  1328. $wh = $field_prefix.'.'.trim($wh);
  1329. }
  1330. if ($where) $where .= ' AND ';
  1331. $where .= $wh;
  1332. }
  1333. } else {
  1334. if ($wh_k) {
  1335. if ($field_prefix && !preg_match('#^\s*\w+\.#i', $wh_k) && !preg_match('#^\s*\w+\s*\(#i', $wh)) {
  1336. $wh_k = $field_prefix.'.'.$wh_k;
  1337. }
  1338. $wh = db_cond($wh_k, $wh);
  1339. if ($where) $where .= ' AND ';
  1340. $where .= $wh;
  1341. }
  1342. }
  1343. }
  1344. if ($where) {
  1345. if (!$omit_where) {
  1346. $where = ' WHERE '.$where;
  1347. }
  1348. }
  1349. }
  1350. return $where;
  1351. }
  1352. function db_insert($tbl, $dat)
  1353. {
  1354. global $db_driver;
  1355. if (!count($dat)) {
  1356. trigger_error('db_insert() failed. Data is empty.', E_USER_ERROR);
  1357. return false;
  1358. }
  1359. $cols = '';
  1360. $vals = '';
  1361. $first = true;
  1362. foreach ($dat as $k => $v) {
  1363. if ($first) {
  1364. $cols .= $k;
  1365. $vals .= db_quote($v);
  1366. $first = false;
  1367. } else {
  1368. $cols .= ',' . $k;
  1369. $vals .= ',' . db_quote($v);
  1370. }
  1371. }
  1372. if ('mysqli' == $db_driver) {
  1373. $tbl = "`$tbl`";
  1374. }
  1375. $q = "INSERT INTO $tbl ($cols) VALUES ($vals)";
  1376. db_exe($q);
  1377. }
  1378. // $wh = WHERE condition, might be (string) or (array)
  1379. function db_update($tbl, $dat, $wh)
  1380. {
  1381. global $db_driver;
  1382. if (!count($dat)) {
  1383. trigger_error('db_update() failed. Data is empty.', E_USER_ERROR);
  1384. return false;
  1385. }
  1386. $set = '';
  1387. $first = true;
  1388. foreach ($dat as $k => $v) {
  1389. if ($first) {
  1390. $set .= $k . '=' . db_quote($v);
  1391. $first = false;
  1392. } else {
  1393. $set .= ',' . $k . '=' . db_quote($v);
  1394. }
  1395. }
  1396. if (is_array($wh)) {
  1397. $wh = db_where($wh, null, $omit_where = true);
  1398. }
  1399. if ('mysqli' == $db_driver) {
  1400. $tbl = "`$tbl`";
  1401. }
  1402. $q = "UPDATE $tbl SET $set WHERE $wh";
  1403. return db_exe($q);
  1404. }
  1405. function db_insert_id($table = null, $pk = null)
  1406. {
  1407. global $db_driver, $db_link;
  1408. if ('mysqli' == $db_driver) {
  1409. return ((is_null($___mysqli_res = mysqli_insert_id($_db['conn_id']))) ? false : $___mysqli_res);
  1410. }
  1411. if ('pgsql' == $db_driver) {
  1412. if (!$table || !$pk) {
  1413. trigger_error('db_insert_id(): table & pk required', E_USER_ERROR);
  1414. }
  1415. $seq_id = $table.'_'.$pk.'_seq';
  1416. return db_seq_id($seq_id);
  1417. }
  1418. }
  1419. function db_seq_id($seqName)
  1420. {
  1421. return db_one('SELECT currval(%seqName)', array('seqName'=>$seqName));
  1422. }
  1423. function db_cond($k, $v)
  1424. {
  1425. if (is_null($v)) return sprintf('%s IS NULL', $k);
  1426. else return sprintf('%s = %s', $k, db_quote($v));
  1427. }
  1428. function list_dbs()
  1429. {
  1430. global $db_driver, $db_link;
  1431. if ('mysqli' == $db_driver)
  1432. {
  1433. $result = mysqli_query($db_link, 'SHOW DATABASES');
  1434. $ret = array();
  1435. while ($row = mysqli_fetch_row($result)) {
  1436. $ret[$row[0]] = $row[0];
  1437. }
  1438. return $ret;
  1439. }
  1440. if ('pgsql' == $db_driver)
  1441. {
  1442. return db_assoc('SELECT datname, datname FROM pg_database');
  1443. }
  1444. }
  1445. function views_supported()
  1446. {
  1447. static $ret;
  1448. if (isset($ret)) {
  1449. return $ret;
  1450. }
  1451. global $db_driver, $db_link;
  1452. if ('mysqli' == $db_driver) {
  1453. $version = ((is_null($___mysqli_res = mysqli_get_server_info($db_link))) ? false : $___mysqli_res);
  1454. if (strpos($version, "-") !== false) {
  1455. $version = substr($version, 0, strpos($version, "-"));
  1456. }
  1457. if (version_compare($version, "5.0.2", ">=")) {
  1458. // Views are available in 5.0.0 but we need SHOW FULL TABLES
  1459. // and the FULL syntax was added in 5.0.2, FULL allows us to
  1460. // to distinct between tables & views in the returned list by
  1461. // by providing an additional column.
  1462. $ret = true;
  1463. return true;
  1464. } else {
  1465. $ret = false;
  1466. return false;
  1467. }
  1468. }
  1469. if ('pgsql' == $db_driver) {
  1470. $ret = true;
  1471. return true;
  1472. }
  1473. }
  1474. function list_tables($views_mode=false)
  1475. {
  1476. global $db_driver, $db_link, $db_name;
  1477.  
  1478. if ($views_mode && !views_supported()) {
  1479. return array();
  1480. }
  1481.  
  1482. static $cache_tables;
  1483. static $cache_views;
  1484.  
  1485. if ($views_mode) {
  1486. if (isset($cache_views)) {
  1487. return $cache_views;
  1488. }
  1489. } else {
  1490. if (isset($cache_tables)) {
  1491. return $cache_tables;
  1492. }
  1493. }
  1494.  
  1495. static $all_tables; // tables and views
  1496.  
  1497. if ('mysqli' == $db_driver)
  1498. {
  1499. if (!isset($all_tables)) {
  1500. $all_tables = db_assoc("SHOW FULL TABLES");
  1501. // assoc: table name => table type (BASE TABLE or VIEW)
  1502. }
  1503.  
  1504. // This chunk of code is the same as in pgsql driver.
  1505. if ($views_mode) {
  1506. $views = array();
  1507. foreach ($all_tables as $view => $type) {
  1508. if ($type != 'VIEW') { continue; }
  1509. $views[] = $view;
  1510. }
  1511. $cache_views = $views;
  1512. return $views;
  1513. } else {
  1514. $tables = array();
  1515. foreach ($all_tables as $table => $type) {
  1516. if ($type != 'BASE TABLE') { continue; }
  1517. $tables[] = $table;
  1518. }
  1519. $cache_tables = $tables;
  1520. return $tables;
  1521. }
  1522. }
  1523. if ('pgsql' == $db_driver)
  1524. {
  1525. if (!isset($all_tables)) {
  1526. $query = "SELECT table_name, table_type ";
  1527. $query .= "FROM information_schema.tables ";
  1528. $query .= "WHERE table_schema = 'public' ";
  1529. $query .= "AND (table_type = 'BASE TABLE' OR table_type = 'VIEW') ";
  1530. $query .= "ORDER BY table_name ";
  1531. $all_tables = db_assoc($query);
  1532. }
  1533.  
  1534. // This chunk of code is the same as in mysql driver.
  1535. if ($views_mode) {
  1536. $views = array();
  1537. foreach ($all_tables as $view => $type) {
  1538. if ($type != 'VIEW') { continue; }
  1539. $views[] = $view;
  1540. }
  1541. $cache_views = $views;
  1542. return $views;
  1543. } else {
  1544. $tables = array();
  1545. foreach ($all_tables as $table => $type) {
  1546. if ($type != 'BASE TABLE') { continue; }
  1547. $tables[] = $table;
  1548. }
  1549. $cache_tables = $tables;
  1550. return $tables;
  1551. }
  1552. }
  1553. }
  1554. function IsTableAView($table)
  1555. {
  1556. // There is no cache here, so call it only once!
  1557.  
  1558. global $db_driver, $db_name;
  1559.  
  1560. if ("mysql" == $db_driver) {
  1561. // Views and information_schema is supported since 5.0
  1562. if (views_supported()) {
  1563. $query = "SELECT table_name FROM information_schema.tables WHERE table_schema=%0 AND table_name=%1 AND table_type='VIEW' ";
  1564. $row = db_row($query, array($db_name, $table));
  1565. return (bool) $row;
  1566. }
  1567. return false;
  1568. }
  1569. else if ("pgsql" == $db_driver) {
  1570. $query = "SELECT table_name, table_type ";
  1571. $query .= "FROM information_schema.tables ";
  1572. $query .= "WHERE table_schema = 'public' ";
  1573. $query .= "AND table_type = 'VIEW' AND table_name = %0 ";
  1574. $row = db_row($query, $table);
  1575. return (bool) $row;
  1576. }
  1577. }
  1578. function quote_table($table)
  1579. {
  1580. global $db_driver;
  1581. if ('mysqli' == $db_driver) {
  1582. return "`$table`";
  1583. } else {
  1584. return "\"$table\"";
  1585. }
  1586. }
  1587. function table_structure($table)
  1588. {
  1589. global $db_driver;
  1590. if ('mysqli' == $db_driver)
  1591. {
  1592. $query = "SHOW CREATE TABLE `$table`";
  1593. $row = db_row_num($query);
  1594. echo $row[1].';';
  1595. echo "\n\n";
  1596. }
  1597. if ('pgsql' == $db_driver)
  1598. {
  1599. return '';
  1600. }
  1601. }
  1602. function table_data($table)
  1603. {
  1604. global $db_driver;
  1605. set_time_limit(0);
  1606. if ('mysqli' == $db_driver) {
  1607. $query = "SELECT * FROM `$table`";
  1608. } else {
  1609. $query = "SELECT * FROM $table";
  1610. }
  1611. $result = db_query($query);
  1612. $count = 0;
  1613. while ($row = db_row($result))
  1614. {
  1615. if ('mysqli' == $db_driver) {
  1616. echo 'INSERT INTO `'.$table.'` VALUES (';
  1617. }
  1618. if ('pgsql' == $db_driver) {
  1619. echo 'INSERT INTO '.$table.' VALUES (';
  1620. }
  1621. $x = 0;
  1622. foreach($row as $key => $value)
  1623. {
  1624. if ($x == 1) { echo ', '; }
  1625. else { $x = 1; }
  1626. if (is_numeric($value)) { echo "'".$value."'"; }
  1627. elseif (is_null($value)) { echo 'NULL'; }
  1628. else { echo '\''. escape($value) .'\''; }
  1629. }
  1630. echo ");\n";
  1631. $count++;
  1632. if ($count % 100 == 0) { flush(); }
  1633. }
  1634. db_free($result);
  1635. if ($count) {
  1636. echo "\n";
  1637. }
  1638. }
  1639. function table_status()
  1640. {
  1641. // Size is not supported for Views, only for Tables.
  1642.  
  1643. global $db_driver, $db_link, $db_name;
  1644. if ('mysqli' == $db_driver)
  1645. {
  1646. $status = array();
  1647. $status['total_size'] = 0;
  1648. $result = mysqli_query($db_link, "SHOW TABLE STATUS FROM `$db_name`");
  1649. while ($row = mysqli_fetch_assoc($result)) {
  1650. if (!is_numeric($row['Data_length'])) {
  1651. // Data_length for Views is NULL.
  1652. continue;
  1653. }
  1654. $status['total_size'] += $row['Data_length']; // + Index_length
  1655. $status[$row['Name']]['size'] = $row['Data_length'];
  1656. $status[$row['Name']]['count'] = $row['Rows'];
  1657. }
  1658. return $status;
  1659. }
  1660. if ('pgsql' == $db_driver)
  1661. {
  1662. $status = array();
  1663. $status['total_size'] = 0;
  1664. $tables = list_tables(); // only tables, not views
  1665. if (!count($tables)) {
  1666. return $status;
  1667. }
  1668. $tables_in = db_in_array($tables);
  1669. $rels = db_list("SELECT relname, reltuples, (relpages::decimal + 1) * 8 * 2 * 1024 AS relsize FROM pg_class WHERE relname IN ($tables_in)");
  1670. foreach ($rels as $rel) {
  1671. $status['total_size'] += $rel['relsize'];
  1672. $status[$rel['relname']]['size'] = $rel['relsize'];
  1673. $status[$rel['relname']]['count'] = $rel['reltuples'];
  1674. }
  1675. return $status;
  1676. }
  1677. }
  1678. function table_columns($table)
  1679. {
  1680. global $db_driver;
  1681. static $cache = array();
  1682. if (isset($cache[$table])) {
  1683. return $cache[$table];
  1684. }
  1685. if ('mysqli' == $db_driver) {
  1686. $row = db_row("SELECT * FROM `$table`");
  1687. } else {
  1688. $row = db_row("SELECT * FROM $table");
  1689. }
  1690. if (!$row) {
  1691. $cache[$table] = array();
  1692. return array();
  1693. }
  1694. foreach ($row as $k => $v) {
  1695. $row[$k] = $k;
  1696. }
  1697. $cache[$table] = $row;
  1698. return $row;
  1699. }
  1700. function table_types($table)
  1701. {
  1702. global $db_driver;
  1703. if ('mysqli' == $db_driver)
  1704. {
  1705. $rows = db_list("SHOW COLUMNS FROM `$table`");
  1706. $types = array();
  1707. foreach ($rows as $row) {
  1708. $type = $row['Type'];
  1709. $types[$row['Field']] = $type;
  1710. }
  1711. return $types;
  1712. }
  1713. if ('pgsql' == $db_driver)
  1714. {
  1715. return db_assoc("SELECT column_name, udt_name FROM information_schema.columns WHERE table_name ='$table' ORDER BY ordinal_position");
  1716. }
  1717. }
  1718. function table_types2($table)
  1719. {
  1720. global $db_driver;
  1721. if ('mysqli' == $db_driver)
  1722. {
  1723. $types = array();
  1724. $rows = @db_list("SHOW COLUMNS FROM `$table`");
  1725. if (!($rows && count($rows))) {
  1726. return false;
  1727. }
  1728. foreach ($rows as $row) {
  1729. $type = $row['Type'];
  1730. preg_match('#^[a-z]+#', $type, $match);
  1731. $type = $match[0];
  1732. $types[$row['Field']] = $type;
  1733. }
  1734. }
  1735. if ('pgsql' == $db_driver)
  1736. {
  1737. $types = db_assoc("SELECT column_name, udt_name FROM information_schema.columns WHERE table_name ='$table' ORDER BY ordinal_position");
  1738. if (!count($types)) {
  1739. return false;
  1740. }
  1741. foreach ($types as $col => $type) {
  1742. // "_" also in regexp - error when retrieving column info from "pg_class",
  1743. // udt_name might be "_aclitem" / "_text".
  1744. preg_match('#^[a-z_]+#', $type, $match);
  1745. $type = $match[0];
  1746. $types[$col] = $type;
  1747. }
  1748. }
  1749. foreach ($types as $col => $type) {
  1750. if ('varchar' == $type) { $type = 'char'; }
  1751. if ('integer' == $type) { $type = 'int'; }
  1752. if ('timestamp' == $type) { $type = 'time'; }
  1753. $types[$col] = $type;
  1754. }
  1755. return $types;
  1756. }
  1757. function table_types_group($types)
  1758. {
  1759. foreach ($types as $k => $type) {
  1760. preg_match('#^\w+#', $type, $match);
  1761. $type = $match[0];
  1762. $types[$k] = $type;
  1763. }
  1764. $types = array_unique($types);
  1765. $types = array_values($types);
  1766. $types2 = array();
  1767. foreach ($types as $type) {
  1768. $types2[$type] = $type;
  1769. }
  1770. return $types2;
  1771. }
  1772. function table_pk($table)
  1773. {
  1774. $cols = table_columns($table);
  1775. if (!$cols) return null;
  1776. foreach ($cols as $col) {
  1777. return $col;
  1778. }
  1779. }
  1780. function escape($text)
  1781. {
  1782. $text = addslashes($text);
  1783. $search = array("\r", "\n", "\t");
  1784. $replace = array('\r', '\n', '\t');
  1785. return str_replace($search, $replace, $text);
  1786. }
  1787. function ob_cleanup()
  1788. {
  1789. while (ob_get_level()) {
  1790. ob_end_clean();
  1791. }
  1792. if (headers_sent()) {
  1793. return;
  1794. }
  1795. if (function_exists('headers_list')) {
  1796. foreach (headers_list() as $header) {
  1797. if (preg_match('/Content-Encoding:/i', $header)) {
  1798. header('Content-encoding: none');
  1799. break;
  1800. }
  1801. }
  1802. } else {
  1803. header('Content-encoding: none');
  1804. }
  1805. }
  1806. function query_color($query)
  1807. {
  1808. $color = 'red';
  1809. $words = array('SELECT', 'UPDATE', 'DELETE', 'FROM', 'LIMIT', 'OFFSET', 'AND', 'LEFT JOIN', 'WHERE', 'SET',
  1810. 'ORDER BY', 'GROUP BY', 'GROUP', 'DISTINCT', 'COUNT', 'COUNT\(\*\)', 'IS', 'NULL', 'IS NULL', 'AS', 'ON', 'INSERT INTO', 'VALUES', 'BEGIN', 'COMMIT', 'CASE', 'WHEN', 'THEN', 'END', 'ELSE', 'IN', 'NOT', 'LIKE', 'ILIKE', 'ASC', 'DESC', 'LOWER', 'UPPER');
  1811. $words = implode('|', $words);
  1812.  
  1813. $query = preg_replace("#^({$words})(\s)#i", '<font color="'.$color.'">$1</font>$2', $query);
  1814. $query = preg_replace("#(\s)({$words})$#i", '$1<font color="'.$color.'">$2</font>', $query);
  1815. // replace twice, some words when preceding other are not replaced
  1816. $query = preg_replace("#([\s\(\),])({$words})([\s\(\),])#i", '$1<font color="'.$color.'">$2</font>$3', $query);
  1817. $query = preg_replace("#([\s\(\),])({$words})([\s\(\),])#i", '$1<font color="'.$color.'">$2</font>$3', $query);
  1818. $query = preg_replace("#^($words)$#i", '<font color="'.$color.'">$1</font>', $query);
  1819.  
  1820. preg_match_all('#<font[^>]+>('.$words.')</font>#i', $query, $matches);
  1821. foreach ($matches[0] as $k => $font) {
  1822. $font2 = str_replace($matches[1][$k], strtoupper($matches[1][$k]), $font);
  1823. $query = str_replace($font, $font2, $query);
  1824. }
  1825.  
  1826. return $query;
  1827. }
  1828. function query_upper($sql)
  1829. {
  1830. return $sql;
  1831. // todo: don't upper quoted ' and ' values
  1832. $queries = preg_split("#;(\s*--[ \t\S]*)?(\r\n|\n|\r)#U", $sql);
  1833. foreach ($queries as $k => $query) {
  1834. $strip = query_strip($query);
  1835. $color = query_color($strip);
  1836. $sql = str_replace($strip, $color, $sql);
  1837. }
  1838. $sql = preg_replace('#<font color="\w+">([^>]+)</font>#iU', '$1', $sql);
  1839. return $sql;
  1840. }
  1841. function html_spaces($string)
  1842. {
  1843. $inside_tag = false;
  1844. for ($i = 0; $i < strlen($string); $i++)
  1845. {
  1846. $c = $string{$i};
  1847. if ('<' == $c) {
  1848. $inside_tag = true;
  1849. }
  1850. if ('>' == $c) {
  1851. $inside_tag = false;
  1852. }
  1853. if (' ' == $c && !$inside_tag) {
  1854. $string = substr($string, 0, $i).'&nbsp;'.substr($string, $i+1);
  1855. $i += strlen('&nbsp;')-1;
  1856. }
  1857. }
  1858. return $string;
  1859. }
  1860. function query_cut($query)
  1861. {
  1862. // removes sub-queries and string values from query
  1863. $brace_start = '(';
  1864. $brace_end = ')';
  1865. $quote = "'";
  1866. $inside_brace = false;
  1867. $inside_quote = false;
  1868. $depth = 0;
  1869. $ret = '';
  1870. $query = str_replace('\\\\', '', $query);
  1871.  
  1872. for ($i = 0; $i < strlen($query); $i++)
  1873. {
  1874. $prev_char = isset($query{$i-1}) ? $query{$i-1} : null;
  1875. $char = $query{$i};
  1876. if ($char == $brace_start) {
  1877. if (!$inside_quote) {
  1878. $depth++;
  1879. }
  1880. }
  1881. if ($char == $brace_end) {
  1882. if (!$inside_quote) {
  1883. $depth--;
  1884. if ($depth == 0) {
  1885. $ret .= '(...)';
  1886. }
  1887. continue;
  1888. }
  1889. }
  1890. if ($char == $quote) {
  1891. if ($inside_quote) {
  1892. if ($prev_char != '\\') {
  1893. $inside_quote = false;
  1894. if (!$depth) {
  1895. $ret .= "'...'";
  1896. }
  1897. continue;
  1898. }
  1899. } else {
  1900. $inside_quote = true;
  1901. }
  1902. }
  1903. if (!$depth && !$inside_quote) {
  1904. $ret .= $char;
  1905. }
  1906. }
  1907. return $ret;
  1908. }
  1909. function table_from_query($query)
  1910. {
  1911. if (preg_match('#\sFROM\s+["`]?(\w+)["`]?#i', $query, $match)) {
  1912. $cut = query_cut($query);
  1913. if (preg_match('#\sFROM\s+["`]?(\w+)["`]?#i', $cut, $match2)) {
  1914. $table = $match2[1];
  1915. } else {
  1916. $table = $match[1];
  1917. }
  1918. } else if (preg_match('#UPDATE\s+"?(\w+)"?#i', $query, $match)) {
  1919. $table = $match[1];
  1920. } else if (preg_match('#INSERT\s+INTO\s+"?(\w+)"?#', $query, $match)) {
  1921. $table = $match[1];
  1922. } else {
  1923. $table = false;
  1924. }
  1925. return $table;
  1926. }
  1927. function is_select($query)
  1928. {
  1929. return preg_match('#^\s*SELECT\s+#i', $query);
  1930. }
  1931. function query_strip($query)
  1932. {
  1933. // strip comments and ';' from the end of query
  1934. $query = trim($query);
  1935. if (str_ends_with($query, ';')) {
  1936. $query = str_cut_end($query, ';');
  1937. }
  1938. $lines = preg_split("#(\r\n|\n|\r)#", $query);
  1939. foreach ($lines as $k => $line) {
  1940. $line = trim($line);
  1941. if (!$line || str_starts_with($line, '--')) {
  1942. unset($lines[$k]);
  1943. }
  1944. }
  1945. $query = implode("\r\n", $lines);
  1946. return $query;
  1947. }
  1948. function dump_table($table)
  1949. {
  1950. ob_cleanup();
  1951. define('DEBUG_CONSOLE_HIDE', 1);
  1952. set_time_limit(0);
  1953. global $db_name;
  1954. header("Cache-control: private");
  1955. header("Content-type: application/octet-stream");
  1956. header('Content-Disposition: attachment; filename='.$db_name.'_'.$table.'.sql');
  1957. table_structure($table);
  1958. table_data($table);
  1959. exit;
  1960. }
  1961. function dump_all($data = false)
  1962. {
  1963. global $db_name;
  1964.  
  1965. ob_cleanup();
  1966. define('DEBUG_CONSOLE_HIDE', 1);
  1967. set_time_limit(0);
  1968.  
  1969. $tables = list_tables();
  1970. $table_filter = get('table_filter');
  1971. $tables = table_filter($tables, $table_filter);
  1972.  
  1973. header("Cache-control: private");
  1974. header("Content-type: application/octet-stream");
  1975. header('Content-Disposition: attachment; filename='.date('Ymd').'_'.$db_name.'.sql');
  1976.  
  1977. foreach ($tables as $key => $table)
  1978. {
  1979. table_structure($table);
  1980. if ($data) {
  1981. table_data($table);
  1982. }
  1983. flush();
  1984. }
  1985. exit;
  1986. }
  1987. function export_csv($query, $separator)
  1988. {
  1989. ob_cleanup();
  1990. set_time_limit(0);
  1991.  
  1992. if (!is_select($query)) {
  1993. trigger_error('export_csv() failed: not a SELECT query: '.$query, E_USER_ERROR);
  1994. }
  1995.  
  1996. $table = table_from_query($query);
  1997. if (!$table) {
  1998. $table = 'unknown';
  1999. }
  2000.  
  2001. header("Cache-control: private");
  2002. header("Content-type: application/octet-stream");
  2003. header('Content-Disposition: attachment; filename='.$table.'_'.date('Ymd').'.csv');
  2004.  
  2005. $rs = db_query($query);
  2006. $first = true;
  2007.  
  2008. while ($row = db_row($rs)) {
  2009. if ($first) {
  2010. echo csv_row(array_keys($row), $separator);
  2011. $first = false;
  2012. }
  2013. echo csv_row($row, $separator);
  2014. flush();
  2015. }
  2016.  
  2017. exit();
  2018. }
  2019. function csv_row($row, $separator)
  2020. {
  2021. foreach ($row as $key => $val) {
  2022. $enquote = false;
  2023. if (false !== strpos($val, $separator)) {
  2024. $enquote = true;
  2025. }
  2026. if (false !== strpos($val, "\"")) {
  2027. $enquote = true;
  2028. $val = str_replace("\"", "\"\"", $val);
  2029. }
  2030. if (false !== strpos($val, "\r") || false !== strpos($val, "\n")) {
  2031. $enquote = true;
  2032. $val = preg_replace('#(\r\n|\r|\n)#', "\n", $val); // excel needs \n instead of \r\n
  2033. }
  2034. if ($enquote) {
  2035. $row[$key] = "\"".$val."\"";
  2036. }
  2037. }
  2038. $out = implode($separator, $row);
  2039. $out .= "\r\n";
  2040. return $out;
  2041. }
  2042. function import($file, $ignore_errors = false, $transaction = false, $force_myisam = false, $query_start = false)
  2043. {
  2044. global $db_driver, $db_link, $db_charset;
  2045. if ($ignore_errors && $transaction) {
  2046. echo '<div>You cannot select both: ignoring errors and transaction</div>';
  2047. exit;
  2048. }
  2049.  
  2050. $count_errors = 0;
  2051. set_time_limit(0);
  2052. $fp = fopen($file, 'r');
  2053. if (!$fp) { exit('fopen('.$file.') failed'); }
  2054. flock($fp, 1);
  2055. $text = trim(fread($fp, filesize($file)));
  2056. flock($fp, 3);
  2057. fclose($fp);
  2058. if ($db_charset == 'latin2') {
  2059. $text = charset_fix($text);
  2060. }
  2061. if ($force_myisam) {
  2062. $text = preg_replace('#TYPE\s*=\s*InnoDB#i', 'TYPE=MyISAM', $text);
  2063. }
  2064. $text = preg_split("#;(\r\n|\n|\r)#", $text);
  2065. $x = 0;
  2066. echo '<div>Ignoring errors: <b>'.($ignore_errors?'Yes':'No').'</b></div>';
  2067. echo '<div>Transaction: <b>'.($transaction?'Yes':'No').'</b></div>';
  2068. echo '<div>Force MyIsam: <b>'.($force_myisam?'Yes':'No').'</b></div>';
  2069. echo '<div>Query start: <b>#'.$query_start.'</b></div>';
  2070. echo '<div>Queries found: <b>'.count($text).'</b></div>';
  2071. echo '<div>Executing ...</div>';
  2072. flush();
  2073.  
  2074. if ($transaction) {
  2075. echo '<div>BEGIN;</div>';
  2076. db_begin();
  2077. }
  2078.  
  2079. $time = time_start();
  2080. $query_start = (int) $query_start;
  2081. if (!$query_start) {
  2082. $query_start = 1;
  2083. }
  2084. $query_no = 0;
  2085.  
  2086. foreach($text as $key => $value)
  2087. {
  2088. $x++;
  2089. $query_no++;
  2090. if ($query_start > $query_no) {
  2091. continue;
  2092. }
  2093.  
  2094. if ('mysqli' == $db_driver)
  2095. {
  2096. $result = @mysqli_query($db_link, $value.';');
  2097. }
  2098. if ('pgsql' == $db_driver)
  2099. {
  2100. $result = @pg_query($db_link, $value.';');
  2101. }
  2102. if(!$result) {
  2103. $x--;
  2104. if (!$count_errors) {
  2105. echo '<table class="ls" cellspacing="1"><tr><th width="25%">Error</th><th>Query</th></tr>';
  2106. }
  2107. $count_errors++;
  2108. echo '<tr><td>#'.$query_no.' '.db_error() .')'.'</td><td>'.nl2br(html_once($value)).'</td></tr>';
  2109. flush();
  2110. if (!$ignore_errors) {
  2111. echo '</table>';
  2112. echo '<div><span style="color: red;"><b>Import failed.</b></span></div>';
  2113. echo '<div>Queries executed: <b>'.($x-$query_start+1).'</b>.</div>';
  2114. if ($transaction) {
  2115. echo '<div>ROLLBACK;</div>';
  2116. db_rollback();
  2117. }
  2118. echo '<br><div><a href="'.$_SERVER['PHP_SELF'].'?import=1">&lt;&lt; go back</a></div>';
  2119. exit;
  2120. }
  2121. }
  2122. }
  2123. if ($count_errors) {
  2124. echo '</table>';
  2125. }
  2126. if ($transaction) {
  2127. echo '<div>COMMIT;</div>';
  2128. db_end();
  2129. }
  2130. echo '<div><span style="color: green;"><b>Import finished.</b></span></div>';
  2131. echo '<div>Queries executed: <b>'.($x-$query_start+1).'</b>.</div>';
  2132. echo '<div>Time: <b>'.time_end($time).'</b> sec</div>';
  2133. echo '<br><div><a href="'.$_SERVER['PHP_SELF'].'?import=1">&lt;&lt; go back</a></div>';
  2134. }
  2135. function layout()
  2136. {
  2137. global $sql_area;
  2138. ?>
  2139. <style>
  2140. body,table,input,select,textarea { font-family: tahoma; font-size: 11px; }
  2141. body { margin: 1em; padding: 0; margin-top: 0.5em; }
  2142. h1, h2 { font-family: arial; margin: 1em 0; }
  2143. h1 { font-size: 150%; margin: 0.7em 0; }
  2144. h2 { font-size: 125%; }
  2145. .ls th { background: #ccc; }
  2146. .ls th th { background-color: none; }
  2147. .ls td { background: #f5f5f5; }
  2148. .ls td td { background-color: none; }
  2149. .ls th, .ls td { padding: 0.1em 0.5em; }
  2150. .ls th th, .ls td td { padding: 0; }
  2151. .ls2 th { text-align: left; vertical-align: top; line-height: 1.7em; background: #e0e0e0; font-weight: normal; }
  2152. .ls2 th th { line-height: normal; background-color: none; }
  2153. p { margin: 0.8em 0; }
  2154. form { margin: 0; }
  2155. form th { text-align: left; }
  2156. a, a:visited { text-decoration: none; }
  2157. a:hover { text-decoration: underline; }
  2158. a, a.blue { color: blue; }
  2159. a:visited { color: purple; }
  2160. a.blue:visited { color: blue; }
  2161. form .none td, form .none th { background: none; padding: 0 0.25em; }
  2162. label { padding-left: 2px; padding-right: 4px; }
  2163. .checkbox { padding-left: 0; margin-left: 0; margin-top: 1px; }
  2164. .none, .ls .none { background: none; padding-top: 0.4em; }
  2165. .button { cursor: pointer; }
  2166. .button_click { background: #e0e0e0; }
  2167. .error { background: #ffffd7; padding: 0.5em; border: #ccc 1px solid; margin-bottom: 1em; margin-top: 1em; }
  2168. .msg { background: #eee; padding: 0.5em; border: #ccc 1px solid; margin-bottom: 1em; margin-top: 1em; }
  2169. .sql_area { <?php echo $sql_area;?> }
  2170. div.query { background: #eee; padding: 0.35em; border: #ccc 1px solid; margin-bottom: 1em; margin-top: 1em; }
  2171. </style>
  2172. <script>
  2173. function mark_col(td)
  2174. {
  2175. }
  2176. function popup(url, width, height, more)
  2177. {
  2178. if (!width) width = 750;
  2179. if (!height) height = 500;
  2180. var x = (screen.width/2-width/2);
  2181. var y = (screen.height/2-height/2);
  2182. window.open(url, "", "scrollbars=yes,resizable=yes,width="+width+",height="+height+",screenX="+(x)+",screenY="+y+",left="+x+",top="+y+(more ? ","+more : ""));
  2183. }
  2184. function is_ie()
  2185. {
  2186. return navigator.appVersion.indexOf("MSIE") != -1;
  2187. }
  2188. function event_add(el, event, func)
  2189. {
  2190. if (is_ie()) {
  2191. if (el.attachEvent) {
  2192. el.attachEvent("on"+event, func);
  2193. }
  2194. } else {
  2195. if (el.addEventListener) {
  2196. el.addEventListener(event, func, false);
  2197. } else if (el.attachEvent) {
  2198. el.attachEvent("on"+event, func);
  2199. } else {
  2200. var oldfunc = el["on"+event];
  2201. el["on"+event] = function() { oldfunc(); func(); }
  2202. }
  2203. }
  2204. }
  2205. function event_target(event)
  2206. {
  2207. var el;
  2208. if (window.event) el = window.event.srcElement;
  2209. else if (event) el = event.target;
  2210. if (el.nodeType == 3) el = el.parentNode;
  2211. return el;
  2212. }
  2213.  
  2214. function button_init()
  2215. {
  2216. // dependency: event_add(), event_target()
  2217. event_add(window, "load", function() {
  2218. for (var i = 0; i < document.forms.length; i++) {
  2219. event_add(document.forms[i], "submit", function(event) {
  2220. var form = event_target(event);
  2221. if (form.tagName != 'FORM') form = this;
  2222. for (var k = 0; k < form.elements.length; k++) {
  2223. if ("button" == form.elements[k].type || "submit" == form.elements[k].type) {
  2224. button_click(form.elements[k], true);
  2225. }
  2226. }
  2227. });
  2228. var form = document.forms[i];
  2229. for (var j = 0; j < form.elements.length; j++) {
  2230. if ("button" == form.elements[j].type || "submit" == form.elements[j].type) {
  2231. event_add(form.elements[j], "click", button_click);
  2232. }
  2233. }
  2234. }
  2235. var inputs = document.getElementsByTagName('INPUT');
  2236. for (var i = 0; i < inputs.length; i++) {
  2237. if (('button' == inputs[i].type || 'submit' == inputs[i].type) && !inputs[i].form) {
  2238. event_add(inputs[i], 'click', button_click);
  2239. }
  2240. }
  2241. });
  2242. }
  2243. function button_click(but, calledFromOnSubmit)
  2244. {
  2245. but = but.nodeName ? but : event_target(but);
  2246. if ('button' == this.type || 'submit' == this.type) {
  2247. but = this;
  2248. }
  2249. if (but.getAttribute('button_click') == 1 || but.form && but.form.getAttribute("button_click") == 1) {
  2250. return;
  2251. }
  2252. if (button_click_sess_done(but)) {
  2253. return;
  2254. }
  2255. if ("button" == but.type) {
  2256. if (but.getAttribute("wait")) {
  2257. button_wait(but);
  2258. but.setAttribute("button_click", 1);
  2259. if (but.form) {
  2260. but.form.setAttribute("button_click", 1); // only when WAIT = other buttons in the form Choose From Pop etc.
  2261. }
  2262. }
  2263. } else if ("submit" == but.type) {
  2264. if (but.getAttribute("wait")) {
  2265. button_wait(but);
  2266. but.setAttribute("button_click", 1);
  2267. }
  2268. if (but.form) {
  2269. but.form.setAttribute("button_click", 1);
  2270. }
  2271. if (calledFromOnSubmit) {
  2272. if (but.getAttribute("block")) {
  2273. button_disable(but);
  2274. }
  2275. } else {
  2276. if (!but.form.getAttribute('button_disable_onsubmit'))
  2277. {
  2278. event_add(but.form, "submit", function(event) {
  2279. var form = event_target(event);
  2280. if (form.tagName != 'FORM') form = this;
  2281. if (!button_disable_sess_done(form)) {
  2282. for (var i = 0; i < form.elements.length; i++) {
  2283. if (form.elements[i].getAttribute("block")) {
  2284. button_disable(form.elements[i]);
  2285. }
  2286. }
  2287. }
  2288. });
  2289. but.form.setAttribute('button_disable_onsubmit', 1);
  2290. }
  2291. }
  2292. } else {
  2293. //return alert("button_click() failed, unknown button type");
  2294. }
  2295. }
  2296. function button_click_sess_done(but)
  2297. {
  2298. if (but.getAttribute('button_click_sess_done') == 1 || but.form && but.form.getAttribute('button_click_sess_done') == 1) {
  2299. if (but.getAttribute('button_click_sess_done') == 1) {
  2300. but.setAttribute('button_click_sess_done', 0);
  2301. }
  2302. if (but.form && but.form.getAttribute('button_click_sess_done') == 1) {
  2303. but.form.setAttribute('button_click_sess_done', 0);
  2304. }
  2305. return true;
  2306. }
  2307. return false;
  2308. }
  2309. function button_disable_sess_done(but)
  2310. {
  2311. if (but.getAttribute('button_disable_sess_done') == 1 || but.form && but.form.getAttribute('button_disable_sess_done') == 1) {
  2312. if (but.getAttribute('button_disable_sess_done') == 1) {
  2313. but.setAttribute('button_disable_sess_done', 0);
  2314. }
  2315. if (but.form && but.form.getAttribute('button_disable_sess_done') == 1) {
  2316. but.form.setAttribute('button_disable_sess_done', 0);
  2317. }
  2318. return true;
  2319. }
  2320. return false;
  2321. }
  2322. function button_disable(button)
  2323. {
  2324. button.disabled = true;
  2325. if (button.name)
  2326. {
  2327.  
  2328. var form = button.form;
  2329. var input = document.createElement('input');
  2330. input.setAttribute('type', 'hidden');
  2331. input.setAttribute('name', button.name);
  2332. input.setAttribute('value', button.value);
  2333. form.appendChild(input);
  2334. }
  2335. }
  2336. function button_wait(but)
  2337. {
  2338. //but.value += " ..";
  2339. but.className = but.className + ' button_click';
  2340. }
  2341. function button_clear(but)
  2342. {
  2343. if (but.tagName == 'FORM') {
  2344. var form = but;
  2345. for (var i = 0; i < form.elements.length; i++) {
  2346. button_clear(form.elements[i]);
  2347. }
  2348. form.setAttribute('button_click', 0);
  2349. form.setAttribute('button_click_sess_done', 1);
  2350. form.setAttribute('button_disable_sess_done', 1);
  2351. } else {
  2352. if (but.type == 'submit' || but.type == 'button')
  2353. {
  2354. if (but.getAttribute('button_click') == 1) {
  2355. //but.value = but.value.replace(/[ ]?\.{2,}$/, '');
  2356. but.className = but.className.replace('button_click', '');
  2357. but.setAttribute('button_click', 0);
  2358. but.setAttribute('button_click_sess_done', 1);
  2359. but.setAttribute('button_disable_sess_done', 1);
  2360. }
  2361. if (but.form && but.form.getAttribute('button_click') == 1) {
  2362. but.form.setAttribute('button_click', 0);
  2363. but.form.setAttribute('button_click_sess_done', 1);
  2364. but.form.setAttribute('button_disable_sess_done', 1);
  2365. }
  2366. }
  2367. }
  2368. }
  2369. button_init();
  2370. </script>
  2371. <?php
  2372. }
  2373. function conn_info()
  2374. {
  2375. global $db_driver, $db_server, $db_name, $db_user, $db_charset, $page_charset, $charset1, $charset2;
  2376. $dbs = list_dbs();
  2377. $db_name = $db_name;
  2378. ?>
  2379. <p>
  2380. Driver: <b><?php echo $db_driver;?></b>
  2381. &nbsp;-&nbsp;
  2382. Server: <b><?php echo $db_server;?></b>
  2383. &nbsp;-&nbsp;
  2384. User: <b><?php echo $db_user;?></b>
  2385. &nbsp;-&nbsp;
  2386. <a class=blue href="<?php echo $_SERVER['PHP_SELF'];?>?execute_sql=1">Execute SQL</a>
  2387. ( open in <a class=blue href="javascript:void(0)" onclick="popup('<?php echo $_SERVER['PHP_SELF'];?>?execute_sql=1&popup=1')">Popup</a> )
  2388. &nbsp;-&nbsp;
  2389. Database: <select name="db_name" onchange="location='<?php echo $_SERVER['PHP_SELF'];?>?db_name='+this.value"><?php echo options($dbs, $db_name);?></select>
  2390. &nbsp;-&nbsp;
  2391. Db charset: <select name="db_charset" onchange="location='<?php echo $_SERVER['PHP_SELF'];?>?db_charset='+this.value+'&from=<?php echo urlencode($_SERVER['REQUEST_URI']);?>'">
  2392. <option value=""></option><?php echo options($charset1, $db_charset);?></select>
  2393. &nbsp;-&nbsp;
  2394. Page charset: <select name="page_charset" onchange="location='<?php echo $_SERVER['PHP_SELF'];?>?page_charset='+this.value+'&from=<?php echo urlencode($_SERVER['REQUEST_URI']);?>'">
  2395. <option value=""></option><?php echo options($charset2, $page_charset);?></select>
  2396. &nbsp;-&nbsp;
  2397. <a class=blue href="<?php echo $_SERVER['PHP_SELF'];?>?disconnect=1">Disconnect</a>
  2398. </p>
  2399. <?php
  2400. }
  2401. function size($bytes)
  2402. {
  2403. return number_format(ceil($bytes / 1024),0,'',',').' KB';
  2404. }
  2405. function html($s)
  2406. {
  2407. $html = array(
  2408. '&' => '&amp;',
  2409. '<' => '&lt;',
  2410. '>' => '&gt;',
  2411. '"' => '&quot;',
  2412. '\'' => '&#039;'
  2413. );
  2414. $s = preg_replace('/&#(\d+)/', '@@@@@#$1', $s);
  2415. $s = str_replace(array_keys($html), array_values($html), $s);
  2416. $s = preg_replace('/@@@@@#(\d+)/', '&#$1', $s);
  2417. return trim($s);
  2418. }
  2419. function html_undo($s)
  2420. {
  2421. $html = array(
  2422. '&' => '&amp;',
  2423. '<' => '&lt;',
  2424. '>' => '&gt;',
  2425. '"' => '&quot;',
  2426. '\'' => '&#039;'
  2427. );
  2428. return str_replace(array_values($html), array_keys($html), $s);
  2429. }
  2430. function html_once($s)
  2431. {
  2432. $s = str_replace(array('&lt;','&gt;','&amp;lt;','&amp;gt;'),array('<','>','&lt;','&gt;'),$s);
  2433. return str_replace(array('&lt;','&gt;','<','>'),array('&amp;lt;','&amp;gt;','&lt;','&gt;'),$s);
  2434. }
  2435. function html_tags($s)
  2436. {
  2437. // succession of str_replace array is important! double escape bug..
  2438. return str_replace(array('&lt;','&gt;','<','>'), array('&amp;lt;','&amp;gt;','&lt;','&gt;'), $s);
  2439. }
  2440. function html_tags_undo($s)
  2441. {
  2442. return str_replace(array('&lt;','&gt;','&amp;lt;', '&amp;gt;'), array('<','>','&lt;','&gt;'), $s);
  2443. }
  2444. function html_allow_tags($s, $allow)
  2445. {
  2446. $s = html_once(trim($s));
  2447. preg_match_all('#<([a-z]+)>#i', $allow, $match);
  2448. foreach ($match[1] as $tag) {
  2449. $s = preg_replace('#&lt;'.$tag.'\s+style\s*=\s*&quot;([^"<>]+)&quot;\s*&gt;#i', '<'.$tag.' style="$1">', $s);
  2450. $s = str_replace('&lt;'.$tag.'&gt;', '<'.$tag.'>', $s);
  2451. $s = str_replace('&lt;/'.$tag.'&gt;', '</'.$tag.'>', $s);
  2452. }
  2453. return $s;
  2454. }
  2455. function str_truncate($string, $length, $etc = ' ..', $break_words = true)
  2456. {
  2457. if ($length == 0) {
  2458. return '';
  2459. }
  2460. if (strlen($string) > $length + strlen($etc)) {
  2461. if (!$break_words) {
  2462. $string = preg_replace('/\s+?(\S+)?$/', '', substr($string, 0, $length+1));
  2463. }
  2464. return substr($string, 0, $length) . $etc;
  2465. }
  2466. return $string;
  2467. }
  2468. function str_bind($s, $dat = array(), $strict = false, $recur = 0)
  2469. {
  2470. if (!is_array($dat)) {
  2471. return trigger_error('str_bind() failed. Second argument expects to be an array.', E_USER_ERROR);
  2472. }
  2473. if ($strict) {
  2474. foreach ($dat as $k => $v) {
  2475. if (strpos($s, "%$k%") === false) {
  2476. return trigger_error(sprintf('str_bind() failed. Strict mode On. Key not found = %s. String = %s. Data = %s.', $k, $s, print_r($dat, 1)), E_USER_ERROR);
  2477. }
  2478. $s = str_replace("%$k%", $v, $s);
  2479. }
  2480. if (preg_match('#%\w+%#', $s, $match)) {
  2481. return trigger_error(sprintf('str_bind() failed. Unassigned data for = %s. String = %s.', $match[0], $sBase), E_USER_ERROR);
  2482. }
  2483. return $s;
  2484. }
  2485.  
  2486. $sBase = $s;
  2487. preg_match_all('#%\w+%#', $s, $match);
  2488. $keys = $match[0];
  2489. $num = array();
  2490.  
  2491. foreach ($keys as $key)
  2492. {
  2493. $key2 = str_replace('%', '', $key);
  2494. if (is_numeric($key2)) $num[$key] = true;
  2495. /* ignore!
  2496. if (!array_key_exists($key2, $dat)) {
  2497. return trigger_error(sprintf('str_bind() failed. No data found for key: %s. String: %s.', $key, $sBase), E_USER_ERROR);
  2498. }
  2499. */
  2500. $val = $dat[$key2];
  2501. /* insecure!
  2502. if (preg_match('#%\w+%#', $val) && $recur < 5) {
  2503. $val = str_bind($val, $dat, $strict, ++$recur);
  2504. }
  2505. */
  2506. $s = str_replace($key, $val, $s);
  2507. }
  2508. if (count($num)) {
  2509. if (count($dat) != count($num)) {
  2510. return trigger_error('str_bind() failed. When using numeric data binding you need to use all data passed to the string. You also cannot mix numeric and name binding.', E_USER_ERROR);
  2511. }
  2512. }
  2513.  
  2514. if (preg_match('#%\w+%#', $s, $match)) {
  2515. /* ignore! return trigger_error(sprintf('str_bind() failed. Unassigned data for = %s. String = %s. Data = %s.', $match[0], htmlspecialchars(print_r($sBase, true)), print_r($dat, true)), E_USER_ERROR);*/
  2516. }
  2517.  
  2518. return $s;
  2519. }
  2520. function dir_read($dir, $ignore_ext = array(), $allow_ext = array(), $sort = null)
  2521. {
  2522. if (is_null($ignore_ext)) $ignore_ext = array();
  2523. if (is_null($allow_ext)) $allow_ext = array();
  2524. foreach ($allow_ext as $k => $ext) {
  2525. $allow_ext[$k] = str_replace('.', '', $ext);
  2526. }
  2527.  
  2528. $ret = array();
  2529. if ($handle = opendir($dir)) {
  2530. while (($file = readdir($handle)) !== false) {
  2531. if ($file != '.' && $file != '..') {
  2532. $ignore = false;
  2533. foreach ($ignore_ext as $ext) {
  2534. if (file_ext_has($file, $ext)) {
  2535. $ignore = true;
  2536. }
  2537. }
  2538. if (is_array($allow_ext) && count($allow_ext) && !in_array(file_ext($file), $allow_ext)) {
  2539. $ignore = true;
  2540. }
  2541. if (!$ignore) {
  2542. $ret[] = array(
  2543. 'file' => $dir.'/'.$file,
  2544. 'time' => filemtime($dir.'/'.$file)
  2545. );
  2546. }
  2547. }
  2548. }
  2549. closedir($handle);
  2550. }
  2551. if ('date_desc' == $sort) {
  2552. $ret = array_sort_desc($ret, 'time');
  2553. }
  2554. return array_col($ret, 'file');
  2555. }
  2556. function array_col($arr, $col)
  2557. {
  2558. $ret = array();
  2559. foreach ($arr as $k => $row) {
  2560. $ret[] = $row[$col];
  2561. }
  2562. return $ret;
  2563. }
  2564. function array_sort($arr, $col_key)
  2565. {
  2566. if (is_array($col_key)) {
  2567. foreach ($arr as $k => $v) {
  2568. $arr[$k]['__array_sort'] = '';
  2569. foreach ($col_key as $col) {
  2570. $arr[$k]['__array_sort'] .= $arr[$k][$col].'_';
  2571. }
  2572. }
  2573. $col_key = '__array_sort';
  2574. }
  2575. uasort($arr, create_function('$a,$b', 'if (is_null($a["'.$col_key.'"]) && !is_null($b["'.$col_key.'"])) return 1; if (!is_null($a["'.$col_key.'"]) && is_null($b["'.$col_key.'"])) return -1; return strnatcasecmp($a["'.$col_key.'"], $b["'.$col_key.'"]);'));
  2576. if ('__array_sort' == $col_key) {
  2577. foreach ($arr as $k => $v) {
  2578. unset($arr[$k]['__array_sort']);
  2579. }
  2580. }
  2581. return $arr;
  2582. }
  2583. function array_sort_desc($arr, $col_key)
  2584. {
  2585. if (is_array($col_key)) {
  2586. foreach ($arr as $k => $v) {
  2587. $arr[$k]['__array_sort'] = '';
  2588. foreach ($col_key as $col) {
  2589. $arr[$k]['__array_sort'] .= $arr[$k][$col].'_';
  2590. }
  2591. }
  2592. $col_key = '__array_sort';
  2593. }
  2594. uasort($arr, create_function('$a,$b', 'return strnatcasecmp($b["'.$col_key.'"], $a["'.$col_key.'"]);'));
  2595. if ('__array_sort' == $col_key) {
  2596. foreach ($arr as $k => $v) {
  2597. unset($arr[$k]['__array_sort']);
  2598. }
  2599. }
  2600. return $arr;
  2601. }
  2602. function options($options, $selected = null, $ignore_type = false)
  2603. {
  2604. $ret = '';
  2605. foreach ($options as $k => $v) {
  2606. //str_replace('"', '\"', $k)
  2607. $ret .= '<option value="'.$k.'"';
  2608. if ((is_array($selected) && in_array($k, $selected)) || (!is_array($selected) && $k == $selected && $selected !== '' && $selected !== null)) {
  2609. if ($ignore_type) {
  2610. $ret .= ' selected="selected"';
  2611. } else {
  2612. if (!(is_numeric($k) xor is_numeric($selected))) {
  2613. $ret .= ' selected="selected"';
  2614. }
  2615. }
  2616. }
  2617. $ret .= '>'.$v.' </option>';
  2618. }
  2619. return $ret;
  2620. }
  2621. function sql_files()
  2622. {
  2623. $files = dir_read('.', null, array('.sql'));
  2624. $files2 = array();
  2625. foreach ($files as $file) {
  2626. $files2[md5($file)] = $file.sprintf(' (%s)', size(filesize($file)));
  2627. }
  2628. return $files2;
  2629. }
  2630. function sql_files_assoc()
  2631. {
  2632. $files = dir_read('.', null, array('.sql'));
  2633. $files2 = array();
  2634. foreach ($files as $file) {
  2635. $files2[md5($file)] = $file;
  2636. }
  2637. return $files2;
  2638. }
  2639. function file_ext($name)
  2640. {
  2641. $ext = null;
  2642. if (($pos = strrpos($name, '.')) !== false) {
  2643. $len = strlen($name) - ($pos+1);
  2644. $ext = substr($name, -$len);
  2645. if (!preg_match('#^[a-z0-9]+$#i', $ext)) {
  2646. return null;
  2647. }
  2648. }
  2649. return $ext;
  2650. }
  2651. function checked($bool)
  2652. {
  2653. if ($bool) return 'checked="checked"';
  2654. }
  2655. function radio_assoc($checked, $assoc, $input_name, $link = false)
  2656. {
  2657. $ret = '<table cellspacing="0" cellpadding="0"><tr>';
  2658. foreach ($assoc as $id => $name)
  2659. {
  2660. $params = array(
  2661. 'id' => $id,
  2662. 'name' => $name,
  2663. 'checked' => checked($checked == $id),
  2664. 'input_name' => $input_name
  2665. );
  2666. if ($link) {
  2667. if (is_array($link)) {
  2668. $params['link'] = $link[$id];
  2669. } else {
  2670. $params['link'] = sprintf($link, $id, $name);
  2671. }
  2672. $ret .= str_bind('<td><input class="checkbox" type="radio" name="%input_name%" id="%input_name%_%id%" value="%id%" %checked%></td><td>%link%&nbsp;</td>', $params);
  2673. } else {
  2674. $ret .= str_bind('<td><input class="checkbox" type="radio" name="%input_name%" id="%input_name%_%id%" value="%id%" %checked%></td><td><label for="%input_name%_%id%">%name%</label>&nbsp;</td>', $params);
  2675. }
  2676. }
  2677. $ret .= '</tr></table>';
  2678. return $ret;
  2679. }
  2680. function self($cut_query = false)
  2681. {
  2682. $uri = $_SERVER['REQUEST_URI'];
  2683. if ($cut_query) {
  2684. $before = str_before($uri, '?');
  2685. if ($before) {
  2686. return $before;
  2687. }
  2688. }
  2689. return $uri;
  2690. }
  2691. function url($script, $params = array())
  2692. {
  2693. $query = '';
  2694.  
  2695. /* remove from script url, actual params if exist */
  2696. foreach ($params as $k => $v) {
  2697. $exp = sprintf('#(\?|&)%s=[^&]*#i', $k);
  2698. if (preg_match($exp, $script)) {
  2699. $script = preg_replace($exp, '', $script);
  2700. }
  2701. }
  2702.  
  2703. /* repair url like 'script.php&id=12&asd=133' */
  2704. $exp = '#\?\w+=[^&]*#i';
  2705. $exp2 = '#&(\w+=[^&]*)#i';
  2706. if (!preg_match($exp, $script) && preg_match($exp2, $script)) {
  2707. $script = preg_replace($exp2, '?$1', $script, 1);
  2708. }
  2709.  
  2710. foreach ($params as $k => $v) {
  2711. if (!strlen($v)) continue;
  2712. if ($query) { $query .= '&'; }
  2713. else {
  2714. if (strpos($script, '?') === false) {
  2715. $query .= '?';
  2716. } else {
  2717. $query .= '&';
  2718. }
  2719. }
  2720. if ('%s' != $v) {
  2721. $v = urlencode($v);
  2722. }
  2723. $v = preg_replace('#%25(\w+)%25#i', '%$1%', $v); // %id_news% etc. used in listing
  2724. $query .= sprintf('%s=%s', $k, $v);
  2725. }
  2726. return $script.$query;
  2727. }
  2728. function url_offset($offset, $params = array())
  2729. {
  2730. $url = $_SERVER['REQUEST_URI'];
  2731. if (preg_match('#&offset=\d+#', $url)) {
  2732. $url = preg_replace('#&offset=\d+#', '&offset='.$offset, $url);
  2733. } else {
  2734. $url .= '&offset='.$offset;
  2735. }
  2736. return $url;
  2737. }
  2738. function str_wrap($s, $width, $break = ' ', $omit_tags = false)
  2739. {
  2740. //$restart = array(' ', "\t", "\r", "\n");
  2741. $restart = array();
  2742. $cnt = 0;
  2743. $ret = '';
  2744. $open_tag = false;
  2745. $inside_link = false;
  2746. for ($i=0; $i<strlen($s); $i++)
  2747. {
  2748. $char = $s[$i];
  2749. $nextchar = isset($s[$i+1]) ? $s[$i+1] : null;
  2750. $nextchar2 = isset($s[$i+2]) ? $s[$i+2] : null;
  2751.  
  2752. if ($omit_tags)
  2753. {
  2754. if ($char == '<') {
  2755. $open_tag = true;
  2756. if ('a' == $nextchar) {
  2757. $inside_link = true;
  2758. } else if ('/' == $nextchar && 'a' == $nextchar2) {
  2759. $inside_link = false;
  2760. }
  2761. }
  2762. if ($char == '>') {
  2763. $open_tag = false;
  2764. }
  2765. if ($open_tag) {
  2766. $ret .= $char;
  2767. continue;
  2768. }
  2769. }
  2770.  
  2771. if (in_array($char, $restart)) {
  2772. $cnt = 0;
  2773. } else {
  2774. $cnt++;
  2775. }
  2776. $ret .= $char;
  2777. if ($cnt > $width) {
  2778. if (!$inside_link) {
  2779. // Inside link, do not break it.
  2780. $ret .= $break;
  2781. $cnt = 0;
  2782. }
  2783. }
  2784. }
  2785. return $ret;
  2786. }
  2787. function time_micro()
  2788. {
  2789. list($usec, $sec) = explode(" ", microtime());
  2790. return ((float)$usec + (float)$sec);
  2791. }
  2792. function time_start()
  2793. {
  2794. return time_micro();
  2795. }
  2796. function time_end($start)
  2797. {
  2798. $end = time_micro();
  2799. $end = round($end - $start, 3);
  2800. $end = pad_zeros($end, 3);
  2801. return $end;
  2802. }
  2803. function str_has($str, $needle, $ignore_case = false)
  2804. {
  2805. if (is_array($needle)) {
  2806. foreach ($needle as $n) {
  2807. if (!str_has($str, $n, $ignore_case)) {
  2808. return false;
  2809. }
  2810. }
  2811. return true;
  2812. }
  2813. if ($ignore_case) {
  2814. $str = str_lower($str);
  2815. $needle = str_lower($needle);
  2816. }
  2817. return strpos($str, $needle) !== false;
  2818. }
  2819. function str_has_any($str, $arr_needle, $ignore_case = false)
  2820. {
  2821. if (is_string($arr_needle)) {
  2822. $arr_needle = preg_replace('#\s+#', ' ', $arr_needle);
  2823. $arr_needle = explode(' ', $arr_needle);
  2824. }
  2825. foreach ($arr_needle as $needle) {
  2826. if (str_has($str, $needle, $ignore_case)) {
  2827. return true;
  2828. }
  2829. }
  2830. return false;
  2831. }
  2832. function str_before($str, $needle)
  2833. {
  2834. $pos = strpos($str, $needle);
  2835. if ($pos !== false) {
  2836. $before = substr($str, 0, $pos);
  2837. return strlen($before) ? $before : false;
  2838. } else {
  2839. return false;
  2840. }
  2841. }
  2842. function pad_zeros($number, $zeros)
  2843. {
  2844. if (str_has($number, '.')) {
  2845. preg_match('#\.(\d+)$#', $number, $match);
  2846. $number .= str_repeat('0', $zeros-strlen($match[1]));
  2847. return $number;
  2848. } else {
  2849. return $number.'.'.str_repeat('0', $zeros);
  2850. }
  2851. }
  2852. function charset_fix_invalid($s)
  2853. {
  2854. $fix = '€â“„¢ž˜™”Ã';
  2855. $s = str_replace(str_array($fix), '', $s);
  2856. return $s;
  2857. }
  2858. function charset_is_invalid($s)
  2859. {
  2860. $fix = '€â“„¢ž˜™”Ã';
  2861. $fix = str_array($fix);
  2862. foreach ($fix as $char) {
  2863. if (str_has($s, $char)) {
  2864. return true;
  2865. }
  2866. }
  2867. return false;
  2868. }
  2869. function charset_fix($string)
  2870. {
  2871. // UTF-8 && WIN-1250 => ISO-8859-2
  2872. // todo: is checking required? redundant computing?
  2873. if (charset_win_is($string)) {
  2874. $string = charset_win_fix($string);
  2875. }
  2876. if (charset_utf_is($string)) {
  2877. $string = charset_utf_fix($string);
  2878. }
  2879. return $string;
  2880. }
  2881. function charset_win_is($string)
  2882. {
  2883. $win = '¹¥æÆêʳ£ñÑóÓœŒŸ¿¯';
  2884. $iso = '±¡æÆêʳ£ñÑóÓ¶¦¼¬¿¯';
  2885. for ($i=0; $i<strlen($win); $i++) {
  2886. if ($win{$i} != $iso{$i}) {
  2887. if (strstr($string, $win{$i}) !== false) {
  2888. return true;
  2889. }
  2890. }
  2891. }
  2892. return false;
  2893. }
  2894. function charset_win_fix($string)
  2895. {
  2896. $win = '¹¥æÆêʳ£ñÑóÓœŒŸ¿¯';
  2897. $iso = '±¡æÆêʳ£ñÑóÓ¶¦¼¬¿¯';
  2898. $srh = array();
  2899. $rpl = array();
  2900. for ($i = 0; $i < strlen($win); $i++) {
  2901. if ($win{$i} != $iso{$i}) {
  2902. $srh[] = $win{$i};
  2903. $rpl[] = $iso{$i};
  2904. }
  2905. }
  2906. $string = str_replace($srh, $rpl, $string);
  2907. return $string;
  2908. }
  2909. function charset_utf_is($string)
  2910. {
  2911. $utf_iso = array(
  2912. "\xc4\x85" => "\xb1",
  2913. "\xc4\x84" => "\xa1",
  2914. "\xc4\x87" => "\xe6",
  2915. "\xc4\x86" => "\xc6",
  2916. "\xc4\x99" => "\xea",
  2917. "\xc4\x98" => "\xca",
  2918. "\xc5\x82" => "\xb3",
  2919. "\xc5\x81" => "\xa3",
  2920. "\xc3\xb3" => "\xf3",
  2921. "\xc3\x93" => "\xd3",
  2922. "\xc5\x9b" => "\xb6",
  2923. "\xc5\x9a" => "\xa6",
  2924. "\xc5\xba" => "\xbc",
  2925. "\xc5\xb9" => "\xac",
  2926. "\xc5\xbc" => "\xbf",
  2927. "\xc5\xbb" => "\xaf",
  2928. "\xc5\x84" => "\xf1",
  2929. "\xc5\x83" => "\xd1",
  2930. // xmlhttprequest utf-8 encoding
  2931. "%u0104" => "\xA1",
  2932. "%u0106" => "\xC6",
  2933. "%u0118" => "\xCA",
  2934. "%u0141" => "\xA3",
  2935. "%u0143" => "\xD1",
  2936. "%u00D3" => "\xD3",
  2937. "%u015A" => "\xA6",
  2938. "%u0179" => "\xAC",
  2939. "%u017B" => "\xAF",
  2940. "%u0105" => "\xB1",
  2941. "%u0107" => "\xE6",
  2942. "%u0119" => "\xEA",
  2943. "%u0142" => "\xB3",
  2944. "%u0144" => "\xF1",
  2945. "%u00D4" => "\xF3",
  2946. "%u015B" => "\xB6",
  2947. "%u017A" => "\xBC",
  2948. "%u017C" => "\xBF"
  2949. );
  2950. foreach ($utf_iso as $k => $v) {
  2951. if (strpos($string, $k) !== false) {
  2952. return true;
  2953. }
  2954. }
  2955. return false;
  2956. }
  2957. function charset_utf_fix($string)
  2958. {
  2959. $utf_iso = array(
  2960. "\xc4\x85" => "\xb1",
  2961. "\xc4\x84" => "\xa1",
  2962. "\xc4\x87" => "\xe6",
  2963. "\xc4\x86" => "\xc6",
  2964. "\xc4\x99" => "\xea",
  2965. "\xc4\x98" => "\xca",
  2966. "\xc5\x82" => "\xb3",
  2967. "\xc5\x81" => "\xa3",
  2968. "\xc3\xb3" => "\xf3",
  2969. "\xc3\x93" => "\xd3",
  2970. "\xc5\x9b" => "\xb6",
  2971. "\xc5\x9a" => "\xa6",
  2972. "\xc5\xba" => "\xbc",
  2973. "\xc5\xb9" => "\xac",
  2974. "\xc5\xbc" => "\xbf",
  2975. "\xc5\xbb" => "\xaf",
  2976. "\xc5\x84" => "\xf1",
  2977. "\xc5\x83" => "\xd1",
  2978. // xmlhttprequest uses different encoding
  2979. "%u0104" => "\xA1",
  2980. "%u0106" => "\xC6",
  2981. "%u0118" => "\xCA",
  2982. "%u0141" => "\xA3",
  2983. "%u0143" => "\xD1",
  2984. "%u00D3" => "\xD3",
  2985. "%u015A" => "\xA6",
  2986. "%u0179" => "\xAC",
  2987. "%u017B" => "\xAF",
  2988. "%u0105" => "\xB1",
  2989. "%u0107" => "\xE6",
  2990. "%u0119" => "\xEA",
  2991. "%u0142" => "\xB3",
  2992. "%u0144" => "\xF1",
  2993. "%u00D4" => "\xF3",
  2994. "%u015B" => "\xB6",
  2995. "%u017A" => "\xBC",
  2996. "%u017C" => "\xBF"
  2997. );
  2998. return str_replace(array_keys($utf_iso), array_values($utf_iso), $string);
  2999. }
  3000. function str_starts_with($str, $start, $ignore_case = false)
  3001. {
  3002. if ($ignore_case) {
  3003. $str = str_upper($str);
  3004. $start = str_upper($start);
  3005. }
  3006. if (!strlen($str) && !strlen($start)) {
  3007. return true;
  3008. }
  3009. if (!strlen($start)) {
  3010. trigger_error('str_starts_with() failed, start arg cannot be empty', E_USER_ERROR);
  3011. }
  3012. if (strlen($start) > strlen($str)) {
  3013. return false;
  3014. }
  3015. for ($i = 0; $i < strlen($start); $i++) {
  3016. if ($start{$i} != $str{$i}) {
  3017. return false;
  3018. }
  3019. }
  3020. return true;
  3021. }
  3022. function str_ends_with($str, $end, $ignore_case = false)
  3023. {
  3024. if ($ignore_case) {
  3025. $str = str_upper($str);
  3026. $end = str_upper($end);
  3027. }
  3028. if (!strlen($str) && !strlen($end)) {
  3029. return true;
  3030. }
  3031. if (!strlen($end)) {
  3032. trigger_error('str_ends_with() failed, end arg cannot be empty', E_USER_ERROR);
  3033. }
  3034. if (strlen($end) > strlen($str)) {
  3035. return false;
  3036. }
  3037. return str_starts_with(strrev($str), strrev($end));
  3038. return true;
  3039. }
  3040. function str_cut_start($str, $start)
  3041. {
  3042. if (str_starts_with($str, $start)) {
  3043. $str = substr($str, strlen($start));
  3044. }
  3045. return $str;
  3046. }
  3047. function str_cut_end($str, $end)
  3048. {
  3049. if (str_ends_with($str, $end)) {
  3050. $str = substr($str, 0, -strlen($end));
  3051. }
  3052. return $str;
  3053. }
  3054. function file_get($file)
  3055. {
  3056. return file_get_contents($file);
  3057. }
  3058. function file_put($file, $s)
  3059. {
  3060. $fp = fopen($file, 'wb') or trigger_error('fopen() failed: '.$file, E_USER_ERROR);
  3061. if ($fp) {
  3062. fwrite($fp, $s);
  3063. fclose($fp);
  3064. }
  3065. }
  3066. function file_date($file)
  3067. {
  3068. return date('Y-m-d H:i:s', filemtime($file));
  3069. }
  3070. function dir_exists($dir)
  3071. {
  3072. return file_exists($dir) && !is_file($dir);
  3073. }
  3074. function dir_delete_old_files($dir, $ext = array(), $sec)
  3075. {
  3076. // NOT USED right now.
  3077. // older than x seconds
  3078. $files = dir_read($dir, null, $ext);
  3079. $time = time() - $sec;
  3080. foreach ($files as $file) {
  3081. if (file_time($file) < $time) {
  3082. unlink($file);
  3083. }
  3084. }
  3085. }
  3086. global $_error, $_error_style;
  3087. $_error = array();
  3088. $_error_style = '';
  3089.  
  3090. function error($msg = null)
  3091. {
  3092. if (isset($msg) && func_num_args() > 1) {
  3093. $args = func_get_args();
  3094. $msg = call_user_func_array('sprintf', $args);
  3095. }
  3096. global $_error, $_error_style;
  3097. if (isset($msg)) {
  3098. $_error[] = $msg;
  3099. }
  3100. if (!count($_error)) {
  3101. return null;
  3102. }
  3103. if (count($_error) == 1) {
  3104. return sprintf('<div class="error" style="%s">%s</div>', $_error_style, $_error[0]);
  3105. }
  3106. $ret = '<div class="error" style="'.$_error_style.'">Following errors appeared:<ul>';
  3107. foreach ($_error as $msg) {
  3108. $ret .= sprintf('<li>%s</li>', $msg);
  3109. }
  3110. $ret .= '</ul></div>';
  3111. return $ret;
  3112. }
  3113. function timestamp($time, $span = true)
  3114. {
  3115. $time_base = $time;
  3116. $time = substr($time, 0, 16);
  3117. $time2 = substr($time, 0, 10);
  3118. $today = date('Y-m-d');
  3119. $yesterday = date('Y-m-d', time()-3600*24);
  3120. if ($time2 == $today) {
  3121. if (substr($time_base, -8) == '00:00:00') {
  3122. $time = 'Today';
  3123. } else {
  3124. $time = 'Today'.substr($time, -6);
  3125. }
  3126. } else if ($time2 == $yesterday) {
  3127. $time = 'Yesterday'.substr($time, -6);
  3128. }
  3129. return '<span style="white-space: nowrap;">'.$time.'</span>';
  3130. }
  3131. function str_lower($str)
  3132. {
  3133. /* strtolower iso-8859-2 compatible */
  3134. $lower = str_array(iso_chars_lower());
  3135. $upper = str_array(iso_chars_upper());
  3136. $str = str_replace($upper, $lower, $str);
  3137. $str = strtolower($str);
  3138. return $str;
  3139. }
  3140. function str_upper($str)
  3141. {
  3142. /* strtoupper iso-8859-2 compatible */
  3143. $lower = str_array(iso_chars_lower());
  3144. $upper = str_array(iso_chars_upper());
  3145. $str = str_replace($lower, $upper, $str);
  3146. $str = strtoupper($str);
  3147. return $str;
  3148. }
  3149. function str_array($str)
  3150. {
  3151. $arr = array();
  3152. for ($i = 0; $i < strlen($str); $i++) {
  3153. $arr[$i] = $str{$i};
  3154. }
  3155. return $arr;
  3156. }
  3157. function iso_chars()
  3158. {
  3159. return iso_chars_lower().iso_chars_upper();
  3160. }
  3161. function iso_chars_lower()
  3162. {
  3163. return '����󶼿';
  3164. }
  3165. function iso_chars_upper()
  3166. {
  3167. return '��ʣ�Ӧ��';
  3168. }
  3169. function array_first_key($arr)
  3170. {
  3171. $arr2 = $arr;
  3172. reset($arr);
  3173. list($key, $val) = each($arr);
  3174. return $key;
  3175. }
  3176. function array_first($arr)
  3177. {
  3178. return array_first_value($arr);
  3179. }
  3180. function array_first_value($arr)
  3181. {
  3182. $arr2 = $arr;
  3183. return array_shift($arr2);
  3184. }
  3185. function array_col_values($arr, $col)
  3186. {
  3187. $ret = array();
  3188. foreach ($arr as $k => $row) {
  3189. $ret[] = $row[$col];
  3190. }
  3191. return $ret;
  3192. }
  3193. function array_col_values_unique($arr, $col)
  3194. {
  3195. return array_unique(array_col_values($arr, $col));
  3196. }
  3197. function array_col_match($rows, $col, $pattern)
  3198. {
  3199. if (!count($rows)) {
  3200. trigger_error('array_col_match(): array is empty', E_USER_ERROR);
  3201. }
  3202. $ret = true;
  3203. foreach ($rows as $row) {
  3204. if (!preg_match($pattern, $row[$col])) {
  3205. return false;
  3206. }
  3207. }
  3208. return true;
  3209. }
  3210. function array_col_match_unique($rows, $col, $pattern)
  3211. {
  3212. if (!array_col_match($rows, $col, $pattern)) {
  3213. return false;
  3214. }
  3215. return count($rows) == count(array_col_values_unique($rows, $col));
  3216. }
  3217. function redirect($url)
  3218. {
  3219. $url = url($url);
  3220. header("Location: $url");
  3221. exit;
  3222. }
  3223. function redirect_notify($url, $msg)
  3224. {
  3225. if (strpos($msg, '<') === false) {
  3226. $msg = sprintf('<b>%s</b>', $msg);
  3227. }
  3228. cookie_set('flash_notify', $msg);
  3229. redirect($url);
  3230. }
  3231. function redirect_ok($url, $msg)
  3232. {
  3233. if (strpos($msg, '<') === false) {
  3234. $msg = sprintf('<b>%s</b>', $msg);
  3235. }
  3236. cookie_set('flash_ok', $msg);
  3237. redirect($url);
  3238. }
  3239. function redirect_error($url, $msg)
  3240. {
  3241. if (strpos($msg, '<') === false) {
  3242. $msg = sprintf('<b>%s</b>', $msg);
  3243. }
  3244. cookie_set('flash_error', $msg);
  3245. redirect($url);
  3246. }
  3247. function flash()
  3248. {
  3249. static $is_style = false;
  3250.  
  3251. $flash_error = cookie_get('flash_error');
  3252. $flash_ok = cookie_get('flash_ok');
  3253. $flash_notify = cookie_get('flash_notify');
  3254.  
  3255. $flash_error = filter_allow_tags($flash_error, '<b><i><u><br><span>');
  3256. $flash_ok = filter_allow_tags($flash_ok, '<b><i><u><br><span>');
  3257. $flash_notify = filter_allow_tags($flash_notify, '<b><i><u><br><span>');
  3258.  
  3259. if (!($flash_error || $flash_ok || $flash_notify)) {
  3260. return false;
  3261. }
  3262.  
  3263. ob_start();
  3264. ?>
  3265.  
  3266. <?php if (!$is_style): ?>
  3267. <style type="text/css">
  3268. #flash { background: #ffffd7; padding: 0.3em; padding-bottom: 0.15em; border: #ddd 1px solid; margin-bottom: 1em; }
  3269. #flash div { padding: 0em 0em; }
  3270. #flash table { font-weight: normal; }
  3271. #flash td { text-align: left; }
  3272. </style>
  3273. <?php endif; ?>
  3274.  
  3275. <div id="flash" ondblclick="document.getElementById('flash').style.display='none';">
  3276. <table width="100%" ondblclick="document.getElementById('flash').style.display='none';"><tr>
  3277. <td style="line-height: 14px;"><?php echo $flash_error ? $flash_error : ($flash_ok ? $flash_ok : $flash_notify); ?></td></tr></table>
  3278. </div>
  3279.  
  3280. <?php
  3281. $cont = ob_get_contents();
  3282. ob_end_clean();
  3283.  
  3284. if ($flash_error) cookie_del('flash_error');
  3285. else if ($flash_ok) cookie_del('flash_ok');
  3286. else if ($flash_notify) cookie_del('flash_notify');
  3287.  
  3288. $is_style = true;
  3289.  
  3290. return $cont;
  3291. }
  3292. function filter($post, $filters)
  3293. {
  3294. if (is_string($filters))
  3295. {
  3296. $filter = $filters;
  3297. $func = 'filter_'.$filter;
  3298. foreach ($post as $key => $val) {
  3299. $post[$key] = call_user_func($func, $post[$key]);
  3300. }
  3301. return $post;
  3302. }
  3303. foreach ($filters as $key => $filter)
  3304. {
  3305. if (!array_key_exists($key, $post)) {
  3306. return trigger_error(sprintf('filter() failed. Key missing = %s.', $key), E_USER_ERROR);
  3307. }
  3308. $func = 'filter_'.$filter;
  3309. if (!function_exists($func)) {
  3310. return trigger_error(sprintf('filter() failed. Filter missing = %s.', $func), E_USER_ERROR);
  3311. }
  3312. $post[$key] = call_user_func($func, $post[$key]);
  3313. }
  3314. return $post;
  3315. }
  3316. function filter_html($s)
  3317. {
  3318. if (req_gpc_has($s)) {
  3319. $s = html_tags_undo($s);
  3320. }
  3321. return html(trim($s));
  3322. }
  3323. function filter_allow_tags($s, $allow)
  3324. {
  3325. if (req_gpc_has($s)) {
  3326. $s = html_tags_undo($s);
  3327. }
  3328. return html_allow_tags($s, $allow);
  3329. }
  3330. function filter_allow_html($s)
  3331. {
  3332. global $SafeHtml;
  3333. if (!isset($SafeHtml)) {
  3334. include_once 'inc/SafeHtml.php';
  3335. }
  3336. if (req_gpc_has($s)) {
  3337. $s = html_tags_undo($s);
  3338. }
  3339. if (in_array(trim(strtolower($s)), array('<br>', '<p>&nbsp;</p>'))) {
  3340. return '';
  3341. }
  3342. $SafeHtml->clear();
  3343. $s = $SafeHtml->parse($s);
  3344. return trim($s);
  3345. }
  3346. function filter_allow_html_script($s)
  3347. {
  3348. if (in_array(trim(strtolower($s)), array('<br>', '<p>&nbsp;</p>'))) {
  3349. return '';
  3350. }
  3351. if (req_gpc_has($s)) {
  3352. $s = html_tags_undo($s);
  3353. }
  3354. return trim($s);
  3355. }
  3356. function filter_editor($s)
  3357. {
  3358. return filter_allow_html($s);
  3359. }
  3360. function date_now()
  3361. {
  3362. return date('Y-m-d H:i:s');
  3363. }
  3364. function guess_pk($rows)
  3365. {
  3366. if (!count($rows)) {
  3367. return false;
  3368. }
  3369. $patterns = array('#^\d+$#', '#^[^\s]+$#');
  3370. $row = array_first($rows);
  3371. foreach ($patterns as $pattern)
  3372. {
  3373. foreach ($row as $col => $v) {
  3374. if ($v && preg_match($pattern, $v)) {
  3375. if (array_col_match_unique($rows, $col, $pattern)) {
  3376. return $col;
  3377. }
  3378. }
  3379. }
  3380. }
  3381. return false;
  3382. }
  3383. function layout_start($title='')
  3384. {
  3385. global $page_charset;
  3386. $flash = flash();
  3387. ?>
  3388.  
  3389. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
  3390. <html>
  3391. <head>
  3392. <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $page_charset;?>">
  3393. <title><?php echo $title;?></title>
  3394. <link rel="shortcut icon" href="<?php echo $_SERVER['PHP_SELF']; ?>?dbkiss_favicon=1">
  3395. <script>
  3396. function $(id)
  3397. {
  3398. if (typeof id == 'string') return document.getElementById(id);
  3399. return id;
  3400. }
  3401. </script>
  3402. </head>
  3403. <body>
  3404.  
  3405. <?php layout(); ?>
  3406.  
  3407. <?php if ($flash) { echo $flash; } ?>
  3408.  
  3409. <?php
  3410. }
  3411. function layout_end()
  3412. {
  3413. ?>
  3414. <?php powered_by(); ?>
  3415. </body>
  3416. </html>
  3417. <?php
  3418. }
  3419. function powered_by()
  3420. {
  3421. ?>
  3422. <script>
  3423. function link_noreferer(link)
  3424. {
  3425. // Tested: Chrome, Firefox, Inetrnet Explorer, Opera.
  3426. var w = window.open("about:blank", "_blank");
  3427. w.document.open();
  3428. w.document.write("<"+"!doctype html>");
  3429. w.document.write("<"+"html><"+"head>");
  3430. w.document.write("<"+"title>Secure redirection</title>");
  3431. w.document.write("<"+"style>body { font: 11px Tahoma; }<"+"/style>");
  3432. w.document.write("<"+"meta http-equiv=refresh content='10;url="+link+"'>");
  3433. // Meta.setAttribute() doesn't work on firefox.
  3434. // Firefox: needs document.write('<meta>')
  3435. // IE: the firefox workaround doesn't work on ie, but we can use a normal redirection
  3436. // as IE is already not sending the referer because it does not do it when using
  3437. // open.window, besides the blank url in address bar works fine (about:blank).
  3438. // Opera: firefox fix works.
  3439. w.document.write("<"+"script>function redirect() { if (navigator.userAgent.indexOf('MSIE') != -1) { location.replace('"+link+"'); } else { document.open(); document.write('<"+"meta http-equiv=refresh content=\"0;"+link+"\">'); document.close(); } }<"+"/script>");
  3440. w.document.write("<"+"/head><"+"body>");
  3441. w.document.write("<"+"h1>Secure redirection<"+"/h1>");
  3442. w.document.write("<"+"p>This is a secure redirection that hides the HTTP REFERER header - using javascript and meta refresh combination.");
  3443. w.document.write("<br>The site you are being redirected will not know the location of the dbkiss script on your site.<"+"/p>");
  3444. w.document.write("<"+"p>In 10 seconds you will be redirected to the following address: <"+"a href='javascript:void(0)' onclick='redirect()'>"+link+"<"+"/a><br>");
  3445. w.document.write("Clicking the link is also secure, so if you do not wish to wait, then click it.<"+"/p>");
  3446. w.document.write("<"+"/body><"+"/html>");
  3447. w.document.close();
  3448. }
  3449. </script>
  3450. <div style="text-align: center; margin-top: 2em; border-top: #ccc 1px solid; padding-top: 0.5em;">Powered by <a href="javascript:void(0)" onclick="link_noreferer('https://github.com/cztomczak/dbkiss')">dbkiss</a></div>
  3451. <?php
  3452. }
  3453.  
  3454. ?>
  3455. <?php if (get('import')): ?>
  3456.  
  3457. <?php
  3458.  
  3459. // ----------------------------------------------------------------
  3460. // IMPORT
  3461. // ----------------------------------------------------------------
  3462.  
  3463. ?>
  3464.  
  3465. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
  3466. <html>
  3467. <head>
  3468. <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $page_charset;?>">
  3469. <title><?php echo $db_name_h1?$db_name_h1:$db_name;?> &gt; Import</title>
  3470. <link rel="shortcut icon" href="<?php echo $_SERVER['PHP_SELF']; ?>?dbkiss_favicon=1">
  3471. </head>
  3472. <body>
  3473.  
  3474. <?php layout(); ?>
  3475. <h1><a class=blue style="<?php echo $db_name_style;?>" href="<?php echo $_SERVER['PHP_SELF'];?>"><?php echo $db_name_h1?$db_name_h1:$db_name;?></a> &gt; Import</h1>
  3476. <?php conn_info(); ?>
  3477.  
  3478. <?php $files = sql_files(); ?>
  3479.  
  3480. <?php if (count($files)): ?>
  3481. <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
  3482. <table class="none" cellspacing="0" cellpadding="0">
  3483. <tr>
  3484. <td>SQL file:</th>
  3485. <td><select name="sqlfile"><option value="" selected="selected"></option><?php echo options($files);?></select></td>
  3486. <td><input type="checkbox" name="ignore_errors" id="ignore_errors" value="1"></td>
  3487. <td><label for="ignore_errors">ignore errors</label></td>
  3488. <td><input type="checkbox" name="transaction" id="transaction" value="1"></td>
  3489. <td><label for="transaction">transaction</label></td>
  3490. <td><input type="checkbox" name="force_myisam" id="force_myisam" value="1"></td>
  3491. <td><label for="force_myisam">force myisam</label></td>
  3492. <td><input type="text" size="5" name="query_start" value=""></td>
  3493. <td>query start</td>
  3494. <td><input type="submit" value="Import"></td>
  3495. </tr>
  3496. </table>
  3497. </form>
  3498. <br>
  3499. <?php else: ?>
  3500. No sql files found in current directory.
  3501. <?php endif; ?>
  3502.  
  3503. <?php powered_by(); ?>
  3504.  
  3505. </body></html>
  3506.  
  3507. <?php exit; endif; ?>
  3508. <?php if ('editrow' == get('action')): ?>
  3509. <?php
  3510. function dbkiss_filter_id($id)
  3511. {
  3512. # mysql allows table names of: `62-511`
  3513. # also, columns might be numeric ex. `62`
  3514. if (preg_match('#^[_a-z0-9][a-z0-9_\-]*$#i', $id)) {
  3515. return $id;
  3516. }
  3517. return false;
  3518. }
  3519.  
  3520. $get = get(array(
  3521. 'table' => 'string',
  3522. 'pk' => 'string',
  3523. 'id' => 'string'
  3524. ));
  3525.  
  3526. $get['table'] = html_once($get['table']);
  3527. $get['pk'] = html_once($get['pk']);
  3528.  
  3529. $title_edit = sprintf('Edit row (%s=%s)', $get['pk'], $get['id']);
  3530. $title = ' &gt; '.$get['table'].' &gt; '.$title_edit;
  3531.  
  3532. if (!dbkiss_filter_id($get['table'])) {
  3533. error('Invalid table name');
  3534. }
  3535. if (!dbkiss_filter_id($get['pk'])) {
  3536. error('Invalid pk');
  3537. }
  3538.  
  3539. $row = false;
  3540.  
  3541. if (!error())
  3542. {
  3543. $table_enq = quote_table($get['table']);
  3544. $test = db_row("SELECT * FROM $table_enq");
  3545. if ($test) {
  3546. if (!array_key_exists($get['pk'], $test)) {
  3547. error('Invalid pk');
  3548. }
  3549. }
  3550. if (!error())
  3551. {
  3552. $table_enq = quote_table($get['table']);
  3553. $query = db_bind("SELECT * FROM $table_enq WHERE {$get['pk']} = %0", $get['id']);
  3554. $query = db_limit($query, 0, 2);
  3555. $rows = db_list($query);
  3556. if (count($rows) > 1) {
  3557. error('Invalid pk: found more than one row with given id');
  3558. } else if (count($rows) == 0) {
  3559. error('Row not found');
  3560. } else {
  3561. $row = $rows[0];
  3562. $row_id = $row[$get['pk']];
  3563. }
  3564. }
  3565. }
  3566.  
  3567. if ($row) {
  3568. $types = table_types2($get['table']);
  3569. }
  3570.  
  3571. $edit_actions_assoc = array(
  3572. 'update' => 'Update',
  3573. 'update_pk' => 'Overwrite pk',
  3574. 'insert' => 'Copy row (insert)',
  3575. 'delete' => 'Delete'
  3576. );
  3577.  
  3578. $edit_action = post('dbkiss_action');
  3579.  
  3580. if ($_ENV['IS_GET'])
  3581. {
  3582. $edit_action = array_first_key($edit_actions_assoc);
  3583. $post = $row;
  3584. }
  3585.  
  3586. if ($_ENV['IS_POST'])
  3587. {
  3588. if (!array_key_exists($edit_action, $edit_actions_assoc)) {
  3589. $edit_action = '';
  3590. error('Invalid action');
  3591. }
  3592.  
  3593. $post = array();
  3594. foreach ($row as $k => $v) {
  3595. if (array_key_exists($k, $_POST)) {
  3596. $val = (string) $_POST[$k];
  3597. if ('null' == $val) {
  3598. $val = null;
  3599. }
  3600. if ('int' == $types[$k]) {
  3601. if (!strlen($val)) {
  3602. $val = null;
  3603. }
  3604. if (!(preg_match('#^-?\d+$#', $val) || is_null($val))) {
  3605. error('%s: invalid value', $k);
  3606. }
  3607. }
  3608. if ('float' == $types[$k]) {
  3609. if (!strlen($val)) {
  3610. $val = null;
  3611. }
  3612. $val = str_replace(',', '.', $val);
  3613. if (!(is_numeric($val) || is_null($val))) {
  3614. error('%s: invalid value', $k);
  3615. }
  3616. }
  3617. if ('time' == $types[$k]) {
  3618. if (!strlen($val)) {
  3619. $val = null;
  3620. }
  3621. if ('now' == $val) {
  3622. $val = date_now();
  3623. }
  3624. }
  3625. $post[$k] = $val;
  3626. } else {
  3627. error('Missing key: %s in POST', $k);
  3628. }
  3629. }
  3630.  
  3631. if ('update' == $edit_action)
  3632. {
  3633. if ($post[$get['pk']] != $row[$get['pk']]) {
  3634. if (count($row) != 1) { // Case: more than 1 column
  3635. error('%s: cannot change pk on UPDATE', $get['pk']);
  3636. }
  3637. }
  3638. }
  3639. if ('update_pk' == $edit_action)
  3640. {
  3641. if ($post[$get['pk']] == $row[$get['pk']]) {
  3642. error('%s: selected action Overwrite pk, but pk value has not changed', $get['pk']);
  3643. }
  3644. }
  3645. if ('insert' == $edit_action)
  3646. {
  3647. if (strlen($post[$get['pk']])) {
  3648. $table_enq = quote_table($get['table']);
  3649. $test = db_row("SELECT * FROM $table_enq WHERE {$get['pk']} = %0", array($post[$get['pk']]));
  3650. if ($test) {
  3651. error('%s: there is already a record with that id', $get['pk']);
  3652. }
  3653. }
  3654. }
  3655.  
  3656. if (!error())
  3657. {
  3658. $post2 = $post;
  3659. if ('update' == $edit_action)
  3660. {
  3661. if (count($row) != 1) { // Case: more than 1 column
  3662. unset($post2[$get['pk']]);
  3663. }
  3664. db_update($get['table'], $post2, array($get['pk'] => $row_id));
  3665. if (db_error()) {
  3666. error('<font color="red"><b>DB error</b></font>: '.db_error());
  3667. } else {
  3668. if (count($row) == 1) { // Case: only 1 column
  3669. redirect_ok(url(self(), array('id'=>$post[$get['pk']])), 'Row updated');
  3670. } else {
  3671. redirect_ok(self(), 'Row updated');
  3672. }
  3673. }
  3674. }
  3675. if ('update_pk' == $edit_action)
  3676. {
  3677. @db_update($get['table'], $post2, array($get['pk'] => $row_id));
  3678. if (db_error()) {
  3679. error('<font color="red"><b>DB error</b></font>: '.db_error());
  3680. } else {
  3681. $url = url(self(), array('id' => $post[$get['pk']]));
  3682. redirect_ok($url, 'Row updated (pk overwritten)');
  3683. }
  3684. }
  3685. if ('insert' == $edit_action)
  3686. {
  3687. $new_id = false;
  3688. if (!strlen($post2[$get['pk']])) {
  3689. unset($post2[$get['pk']]);
  3690. } else {
  3691. $new_id = $post2[$get['pk']];
  3692. }
  3693. @db_insert($get['table'], $post2);
  3694. if (db_error()) {
  3695. error('<font color="red"><b>DB error</b></font>: '.db_error());
  3696. } else {
  3697. if (!$new_id) {
  3698. $new_id = db_insert_id($get['table'], $get['pk']);
  3699. }
  3700. $url = url(self(), array('id'=>$new_id));
  3701. $msg = sprintf('Row inserted (%s=%s)', $get['pk'], $new_id);
  3702. redirect_ok($url, $msg);
  3703. }
  3704. }
  3705. if ('delete' == $edit_action)
  3706. {
  3707. $table_enq = quote_table($get['table']);
  3708. @db_exe("DELETE FROM $table_enq WHERE {$get['pk']} = %0", $get['id']);
  3709. if (db_error()) {
  3710. error('<font color="red"><b>DB error</b></font>: '.db_error());
  3711. } else {
  3712. redirect_ok(self(), 'Row deleted');
  3713. }
  3714. }
  3715. }
  3716. }
  3717.  
  3718. ?>
  3719. <?php layout_start($title_edit); ?>
  3720. <h1><span style="<?php echo $db_name_style;?>"><?php echo $db_name_h1?$db_name_h1:$db_name;?></span><?php echo $title;?></h1>
  3721.  
  3722. <?php echo error();?>
  3723.  
  3724. <?php if ($row): ?>
  3725.  
  3726. <form action="<?php echo self();?>" method="post">
  3727.  
  3728. <?php echo radio_assoc($edit_action, $edit_actions_assoc, 'dbkiss_action');?></td>
  3729. <br>
  3730.  
  3731. <table cellspacing="1" class="ls ls2">
  3732. <?php foreach ($post as $k => $v): if (is_null($v)) { $v = 'null'; } $v = htmlspecialchars($v); ?>
  3733. <tr>
  3734. <th><?php echo $k;?>:</th>
  3735. <td>
  3736. <?php if ('int' == $types[$k]): ?>
  3737. <input type="text" name="<?php echo $k;?>" value="<?php echo html_once($v);?>" size="11">
  3738. <?php elseif ('char' == $types[$k]): ?>
  3739. <input type="text" name="<?php echo $k;?>" value="<?php echo html_once($v);?>" size="50">
  3740. <?php elseif (in_array($types[$k], array('text', 'mediumtext', 'longtext')) || str_has($types[$k], 'blob')): ?>
  3741. <textarea name="<?php echo $k;?>" cols="80" rows="<?php echo $k=='notes'?10:10;?>"><?php echo html_once($v);?></textarea>
  3742. <?php else: ?>
  3743. <input type="text" name="<?php echo $k;?>" value="<?php echo html_once($v);?>" size="30">
  3744. <?php endif; ?>
  3745. </td>
  3746. <td valign="top"><?php echo $types[$k];?></td>
  3747. </tr>
  3748. <?php endforeach; ?>
  3749. <tr>
  3750. <td colspan="3" class="none">
  3751. <input type="submit" wait="1" block="1" class="button" value="Edit">
  3752. </td>
  3753. </tr>
  3754. </table>
  3755.  
  3756. </form>
  3757.  
  3758. <?php endif; ?>
  3759.  
  3760. <?php layout_end(); ?>
  3761.  
  3762. <?php exit; endif; ?>
  3763. <?php if (isset($_GET['execute_sql']) && $_GET['execute_sql']): ?>
  3764. <?php
  3765.  
  3766. function listing($base_query, $md5_get = false)
  3767. {
  3768. global $db_driver, $db_link;
  3769.  
  3770. $md5_i = false;
  3771. if ($md5_get) {
  3772. preg_match('#_(\d+)$#', $md5_get, $match);
  3773. $md5_i = $match[1];
  3774. }
  3775.  
  3776. $base_query = trim($base_query);
  3777. $base_query = str_cut_end($base_query, ';');
  3778.  
  3779. $query = $base_query;
  3780. $ret = array('msg'=>'', 'error'=>'', 'data_html'=>false);
  3781. $limit = 25;
  3782. $offset = get('offset','int');
  3783. $page = floor($offset / $limit + 1);
  3784.  
  3785. if ($query) {
  3786. if (is_select($query) && !preg_match('#\s+LIMIT\s+\d+#i', $query) && !preg_match('#into\s+outfile\s+#', $query)) {
  3787. $query = db_limit($query, $offset, $limit);
  3788. } else {
  3789. $limit = false;
  3790. }
  3791. $time = time_start();
  3792. if (!db_is_safe($query, true)) {
  3793. $ret['error'] = 'Detected UPDATE/DELETE without WHERE condition (put WHERE 1=1 if you want to execute this query)';
  3794. return $ret;
  3795. }
  3796. $rs = @db_query($query);
  3797. if ($rs) {
  3798. if ($rs === true) {
  3799. if ('mysqli' == $db_driver)
  3800. {
  3801. $affected = mysqli_affected_rows($db_link);
  3802. $time = time_end($time);
  3803. $ret['data_html'] = '<b>'.$affected.'</b> rows affected.<br>Time: <b>'.$time.'</b> sec';
  3804. return $ret;
  3805. }
  3806. } else {
  3807. if ('pgsql' == $db_driver)
  3808. {
  3809. // Since Postgresql 9 on Linux pg_affected_rows()
  3810. // returns >= 0 for SELECT queries
  3811. if (!preg_match('#^\s*SELECT\s+#i', $query)) {
  3812. $affected = @pg_affected_rows($rs);
  3813. if ($affected || preg_match('#^\s*(DELETE|UPDATE)\s+#i', $query)) {
  3814. $time = time_end($time);
  3815. $ret['data_html'] = '<p><b>'.$affected.'</b> rows affected. Time: <b>'.$time.'</b> sec</p>';
  3816. return $ret;
  3817. }
  3818. }
  3819. }
  3820. }
  3821.  
  3822. $rows = array();
  3823. while ($row = db_row($rs)) {
  3824. $rows[] = $row;
  3825. if ($limit) {
  3826. if (count($rows) == $limit) { break; }
  3827. }
  3828. }
  3829. db_free($rs);
  3830.  
  3831. if (is_select($base_query)) {
  3832. $found = @db_one("SELECT COUNT(*) FROM ($base_query) AS sub");
  3833. if (!is_numeric($found) || (count($rows) && !$found)) {
  3834. global $COUNT_ERROR;
  3835. $COUNT_ERROR = ' (COUNT ERROR) ';
  3836. $found = count($rows);
  3837. }
  3838. } else {
  3839. if (count($rows)) {
  3840. $found = count($rows);
  3841. } else {
  3842. $found = false;
  3843. }
  3844. }
  3845. if ($limit) {
  3846. $pages = ceil($found / $limit);
  3847. } else {
  3848. $pages = 1;
  3849. }
  3850. $time = time_end($time);
  3851.  
  3852. } else {
  3853. $ret['error'] = db_error();
  3854. return $ret;
  3855. }
  3856. } else {
  3857. $ret['error'] = 'No query found.';
  3858. return $ret;
  3859. }
  3860.  
  3861. ob_start();
  3862. ?>
  3863. <?php if (is_numeric($found)): ?>
  3864. <p>
  3865. Found: <b><?php echo $found;?></b><?php echo isset($GLOBALS['COUNT_ERROR'])?$GLOBALS['COUNT_ERROR']:'';?>.
  3866. Time: <b><?php echo $time;?></b> sec.
  3867. <?php
  3868. $params = array('md5'=>$md5_get, 'offset'=>get('offset','int'));
  3869. if (get('only_marked') || post('only_marked')) { $params['only_marked'] = 1; }
  3870. if (get('only_select') || post('only_select')) { $params['only_select'] = 1; }
  3871. ?>
  3872. / <a href="<?php echo url(self(), $params);?>">Refetch</a>
  3873. / Export to CSV:&nbsp;
  3874.  
  3875. <a href="<?php echo $_SERVER['PHP_SELF']; ?>?export=csv&separator=<?php echo urlencode('|');?>&query=<?php echo base64_encode($base_query); ?>">pipe</a>
  3876. -
  3877. <a href="<?php echo $_SERVER['PHP_SELF']; ?>?export=csv&separator=<?php echo urlencode("\t");?>&query=<?php echo base64_encode($base_query); ?>">tab</a>
  3878. -
  3879. <a href="<?php echo $_SERVER['PHP_SELF']; ?>?export=csv&separator=<?php echo urlencode(',');?>&query=<?php echo base64_encode($base_query); ?>">comma</a>
  3880. -
  3881. <a href="<?php echo $_SERVER['PHP_SELF']; ?>?export=csv&separator=<?php echo urlencode(';');?>&query=<?php echo base64_encode($base_query); ?>">semicolon</a>
  3882. </p>
  3883. <?php else: ?>
  3884. <p>Result: <b>OK</b>. Time: <b><?php echo $time;?></b> sec</p>
  3885. <?php endif; ?>
  3886.  
  3887. <?php if (is_numeric($found)): ?>
  3888.  
  3889. <?php if ($pages > 1): ?>
  3890. <p>
  3891. <?php if ($page > 1): ?>
  3892. <?php $ofs = ($page-1)*$limit-$limit; ?>
  3893. <?php
  3894. $params = array('md5'=>$md5_get, 'offset'=>$ofs);
  3895. if (get('only_marked') || post('only_marked')) { $params['only_marked'] = 1; }
  3896. if (get('only_select') || post('only_select')) { $params['only_select'] = 1; }
  3897. ?>
  3898. <a href="<?php echo url(self(), $params);?>">&lt;&lt; Prev</a> &nbsp;
  3899. <?php endif; ?>
  3900. Page <b><?php echo $page;?></b> of <b><?php echo $pages;?></b> &nbsp;
  3901. <?php if ($pages > $page): ?>
  3902. <?php $ofs = $page*$limit; ?>
  3903. <?php
  3904. $params = array('md5'=>$md5_get, 'offset'=>$ofs);
  3905. if (get('only_marked') || post('only_marked')) { $params['only_marked'] = 1; }
  3906. if (get('only_select') || post('only_select')) { $params['only_select'] = 1; }
  3907. ?>
  3908. <a href="<?php echo url(self(), $params);?>">Next &gt;&gt;</a>
  3909. <?php endif; ?>
  3910. </p>
  3911. <?php endif; ?>
  3912.  
  3913. <script>
  3914. function mark_row(tr)
  3915. {
  3916. var els = tr.getElementsByTagName('td');
  3917. if (tr.marked) {
  3918. for (var i = 0; i < els.length; i++) {
  3919. els[i].style.backgroundColor = '';
  3920. }
  3921. tr.marked = false;
  3922. } else {
  3923. tr.marked = true;
  3924. for (var i = 0; i < els.length; i++) {
  3925. els[i].style.backgroundColor = '#ddd';
  3926. }
  3927. }
  3928. }
  3929. </script>
  3930.  
  3931. <?php if ($found): ?>
  3932.  
  3933. <?php
  3934. $edit_table = table_from_query($base_query);
  3935. if ($edit_table) {
  3936. $edit_pk = array_first_key($rows[0]);
  3937. if (is_numeric($edit_pk)) { $edit_table = false; }
  3938. }
  3939. if ($edit_table) {
  3940. $types = table_types2($edit_table);
  3941. if ($types && count($types)) {
  3942. if (in_array($edit_pk, array_keys($types))) {
  3943. if (!array_col_match_unique($rows, $edit_pk, '#^\d+$#')) {
  3944. $edit_pk = guess_pk($rows);
  3945. if (!$edit_pk) {
  3946. $edit_table = false;
  3947. }
  3948. }
  3949. } else {
  3950. $edit_table = false;
  3951. }
  3952. } else {
  3953. $edit_table = false;
  3954. }
  3955. }
  3956. $edit_url = '';
  3957. if ($edit_table) {
  3958. $edit_url = url(self(true), array('action'=>'editrow', 'table'=>$edit_table, 'pk'=>$edit_pk, 'id'=>'%s'));
  3959. }
  3960. ?>
  3961.  
  3962. <table class="ls" cellspacing="1">
  3963. <tr>
  3964. <?php if ($edit_url): ?><th>#</th><?php endif; ?>
  3965. <?php foreach ($rows[0] as $col => $v): ?>
  3966. <th><?php echo $col;?></th>
  3967. <?php endforeach; ?>
  3968. </tr>
  3969. <?php foreach ($rows as $row): ?>
  3970. <tr ondblclick="mark_row(this)">
  3971. <?php if ($edit_url): ?>
  3972. <td><a href="javascript:void(0)" onclick="popup('<?php echo sprintf($edit_url, $row[$edit_pk]);?>', 620, 500)">Edit</a>&nbsp;</td>
  3973. <?php endif; ?>
  3974. <?php
  3975. $count_cols = 0;
  3976. foreach ($row as $v) { $count_cols++; }
  3977. ?>
  3978. <?php foreach ($row as $k => $v): ?>
  3979. <?php
  3980. if (preg_match('#^\s*<a[^>]+>[^<]+</a>\s*$#iU', $v) && strlen(strip_tags($v)) < 50) {
  3981. $v = strip_tags($v, '<a>');
  3982. $v = create_links($v);
  3983. } else {
  3984. $v = strip_tags($v);
  3985. $v = str_replace('&nbsp;', ' ', $v);
  3986. $v = preg_replace('#[ ]+#', ' ', $v);
  3987. $v = create_links($v);
  3988. if (!get('full_content') && strlen($v) > 50) {
  3989. if (1 == $count_cols) {
  3990. $v = truncate_html($v, 255);
  3991. } else {
  3992. $v = truncate_html($v, 50);
  3993. }
  3994. }
  3995. // $v = html_once($v); - create_links() disabling
  3996. }
  3997. $nl2br = get('nl2br');
  3998. if (get('full_content')) {
  3999. $v = str_wrap($v, 80, '<br>', true);
  4000. }
  4001. if (get('nl2br')) {
  4002. $v = nl2br($v);
  4003. }
  4004. //$v = stripslashes(stripslashes($v));
  4005. if (@$types[$k] == 'int' && (preg_match('#time#i', $k) || preg_match('#date#i', $k))
  4006. && preg_match('#^\d+$#', $v))
  4007. {
  4008. $tmp = @date('Y-m-d H:i', $v);
  4009. if ($tmp) {
  4010. $v = $tmp;
  4011. }
  4012. }
  4013. global $post;
  4014. if (str_has($post['sql'], '@gethostbyaddr') && (preg_match('#^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$#', $v))) {
  4015. $v = $v.'<br>'.@gethostbyaddr($v);
  4016. }
  4017. ?>
  4018. <td onclick="mark_col(this)" <?php echo $nl2br?'valign="top"':'';?> nowrap><?php echo is_null($row[$k])?'-':$v;?></td>
  4019. <?php endforeach; ?>
  4020. </tr>
  4021. <?php endforeach; ?>
  4022. </table>
  4023.  
  4024. <?php endif; ?>
  4025.  
  4026. <?php if ($pages > 1): ?>
  4027. <p>
  4028. <?php if ($page > 1): ?>
  4029. <?php $ofs = ($page-1)*$limit-$limit; ?>
  4030. <?php
  4031. $params = array('md5'=>$md5_get, 'offset'=>$ofs);
  4032. if (get('only_marked') || post('only_marked')) { $params['only_marked'] = 1; }
  4033. if (get('only_select') || post('only_select')) { $params['only_select'] = 1; }
  4034. ?>
  4035. <a href="<?php echo url(self(), $params);?>">&lt;&lt; Prev</a> &nbsp;
  4036. <?php endif; ?>
  4037. Page <b><?php echo $page;?></b> of <b><?php echo $pages;?></b> &nbsp;
  4038. <?php if ($pages > $page): ?>
  4039. <?php $ofs = $page*$limit; ?>
  4040. <?php
  4041. $params = array('md5'=>$md5_get, 'offset'=>$ofs);
  4042. if (get('only_marked') || post('only_marked')) { $params['only_marked'] = 1; }
  4043. if (get('only_select') || post('only_select')) { $params['only_select'] = 1; }
  4044. ?>
  4045. <a href="<?php echo url(self(), $params);?>">Next &gt;&gt;</a>
  4046. <?php endif; ?>
  4047. </p>
  4048. <?php endif; ?>
  4049.  
  4050. <?php endif; ?>
  4051.  
  4052. <?php
  4053. $cont = ob_get_contents();
  4054. ob_end_clean();
  4055. $ret['data_html'] = $cont;
  4056. return $ret;
  4057. }
  4058.  
  4059. ?>
  4060. <?php
  4061.  
  4062. // ----------------------------------------------------------------
  4063. // EXECUTE SQL
  4064. // ----------------------------------------------------------------
  4065.  
  4066. set_time_limit(0);
  4067.  
  4068. $template = get('template');
  4069. $msg = '';
  4070. $error = '';
  4071. $top_html = '';
  4072. $data_html = '';
  4073.  
  4074. $get = get(array(
  4075. 'popup'=> 'int',
  4076. 'md5' => 'string',
  4077. 'only_marked' => 'bool',
  4078. 'only_select' => 'bool',
  4079. 'sql_template' => 'string'
  4080. ));
  4081. $post = post(array(
  4082. 'sql' => 'string',
  4083. 'perform' => 'string',
  4084. 'only_marked' => 'bool',
  4085. 'only_select' => 'bool',
  4086. 'save_as' => 'string',
  4087. ));
  4088.  
  4089. if ($get['md5']) {
  4090. $get['only_select'] = true;
  4091. $post['only_select'] = true;
  4092. }
  4093.  
  4094. if ($get['only_marked']) { $post['only_marked'] = 1; }
  4095. if ($get['only_select']) { $post['only_select'] = 1; }
  4096.  
  4097. $sql_dir = false;
  4098. if (defined('DBKISS_SQL_DIR')) {
  4099. $sql_dir = DBKISS_SQL_DIR;
  4100. }
  4101.  
  4102. if ($sql_dir) {
  4103. if (!(dir_exists($sql_dir) && is_writable($sql_dir))) {
  4104. if (!dir_exists($sql_dir) && is_writable('.')) {
  4105. mkdir($sql_dir);
  4106. } else {
  4107. exit('You must create "'.$sql_dir.'" directory with write permission.');
  4108. }
  4109. }
  4110. if (!file_exists($sql_dir.'/.htaccess')) {
  4111. file_put($sql_dir.'/.htaccess', 'deny from all');
  4112. }
  4113. if (!file_exists($sql_dir.'/index.html')) {
  4114. file_put($sql_dir.'/index.html', '');
  4115. }
  4116. }
  4117.  
  4118. if ('GET' == $_SERVER['REQUEST_METHOD']) {
  4119. if ($sql_dir)
  4120. {
  4121. if ($get['md5'] && preg_match('#^(\w{32,32})_(\d+)$#', $get['md5'], $match)) {
  4122. $md5_i = $match[2];
  4123. $md5_tmp = sprintf($sql_dir.'/zzz_%s.dat', $match[1]);
  4124. $post['sql'] = file_get($md5_tmp);
  4125. $_SERVER['REQUEST_METHOD'] = 'POST';
  4126. $post['perform'] = 'execute';
  4127. } else if ($get['md5'] && preg_match('#^(\w{32,32})$#', $get['md5'], $match)) {
  4128. $md5_tmp = sprintf($sql_dir.'/zzz_%s.dat', $match[1]);
  4129. $post['sql'] = file_get($md5_tmp);
  4130. $get['md5'] = '';
  4131. } else {
  4132. if ($get['md5']) {
  4133. trigger_error('invalid md5', E_USER_ERROR);
  4134. }
  4135. }
  4136. }
  4137. } else {
  4138. $get['md5'] = '';
  4139. }
  4140.  
  4141. if (str_has($post['sql'], '@nl2br')) {
  4142. $_GET['nl2br'] = 1;
  4143. }
  4144. if (str_has($post['sql'], '@full_content')) {
  4145. $_GET['full_content'] = 1;
  4146. }
  4147.  
  4148. $post['sql'] = trim($post['sql']);
  4149. $md5 = md5($post['sql']);
  4150. $md5_file = sprintf($sql_dir.'/zzz_%s.dat', $md5);
  4151. if ($sql_dir && $post['sql']) {
  4152. file_put($md5_file, $post['sql']);
  4153. }
  4154.  
  4155. if ($sql_dir && 'save' == $post['perform'] && $post['save_as'] && $post['sql'])
  4156. {
  4157. $post['save_as'] = str_replace('.sql', '', $post['save_as']);
  4158. if (preg_match('#^[\w ]+$#', $post['save_as'])) {
  4159. $file = $sql_dir.'/'.$post['save_as'].'.sql';
  4160. $overwrite = '';
  4161. if (file_exists($file)) {
  4162. $overwrite = ' - <b>overwritten</b>';
  4163. $bak = $sql_dir.'/zzz_'.$post['save_as'].'_'.md5(file_get($file)).'.dat';
  4164. copy($file, $bak);
  4165. }
  4166. $msg .= sprintf('<div>Sql saved: %s %s</div>', basename($file), $overwrite);
  4167. file_put($file, $post['sql']);
  4168. } else {
  4169. error('Saving sql failed: only alphanumeric chars are allowed');
  4170. }
  4171. }
  4172.  
  4173. if ($sql_dir) {
  4174. $sql_templates = dir_read($sql_dir, null, array('.sql'), 'date_desc');
  4175. }
  4176. $sql_templates_assoc = array();
  4177. if ($sql_dir) {
  4178. foreach ($sql_templates as $file) {
  4179. $file_path = $file;
  4180. $file = basename($file);
  4181. $sql_templates_assoc[$file] = '('.substr(file_date($file_path), 0, 10).')'.' ' .$file;
  4182. }
  4183. }
  4184.  
  4185. if ($sql_dir && $get['sql_template'])
  4186. {
  4187. $file = $sql_dir.'/'.$get['sql_template'];
  4188. if (array_key_exists($get['sql_template'], $sql_templates_assoc) && file_exists($file)) {
  4189. $msg .= sprintf('<div>Sql loaded: %s (%s)</div>', basename($file), timestamp(file_date($file)));
  4190. $post['sql'] = file_get($file);
  4191. $post['save_as'] = basename($file);
  4192. $post['save_as'] = str_replace('.sql', '', $post['save_as']);
  4193. } else {
  4194. error('<div>File not found: %s</div>', $file);
  4195. }
  4196. }
  4197.  
  4198. // after load - md5 may change
  4199. $md5 = md5($post['sql']);
  4200.  
  4201. if ($sql_dir && 'load' == $post['perform'] && !error()) {
  4202. $md5_tmp = sprintf($sql_dir.'/zzz_%s.dat', $md5);
  4203. file_put($md5_tmp, $post['sql']);
  4204. }
  4205.  
  4206. $is_sel = false;
  4207.  
  4208. $queries = preg_split("#;(\s*--[ \t\S]*)?(\r\n|\n|\r)#U", $post['sql']);
  4209. foreach ($queries as $k => $query) {
  4210. $query = query_strip($query);
  4211. if (str_starts_with($query, '@')) {
  4212. $is_sel = true;
  4213. }
  4214. $queries[$k] = $query;
  4215. if (!trim($query)) { unset($queries[$k]); }
  4216. }
  4217.  
  4218. $sql_assoc = array();
  4219. $sql_selected = false;
  4220. $i = 0;
  4221.  
  4222. $params = array(
  4223. 'md5' => $md5,
  4224. 'only_marked' => $post['only_marked'],
  4225. 'only_select' => $post['only_select'],
  4226. 'offset' => ''
  4227. );
  4228. $sql_main_url = url(self(), $params);
  4229.  
  4230. foreach ($queries as $query) {
  4231. $i++;
  4232. $query = str_cut_start($query, '@');
  4233. if (!is_select($query)) {
  4234. continue;
  4235. }
  4236. $query = preg_replace('#\s+#', ' ', $query);
  4237. $params = array(
  4238. 'md5' => $md5.'_'.$i,
  4239. 'only_marked' => $post['only_marked'],
  4240. 'only_select' => $post['only_select'],
  4241. 'offset' => ''
  4242. );
  4243. $url = url(self(), $params);
  4244. if ($get['md5'] && $get['md5'] == $params['md5']) {
  4245. $sql_selected = $url;
  4246. }
  4247. $sql_assoc[$url] = str_truncate(strip_tags($query), 80);
  4248. }
  4249.  
  4250. if ('POST' == $_SERVER['REQUEST_METHOD'])
  4251. {
  4252. if (!$post['perform']) {
  4253. $error = 'No action selected.';
  4254. }
  4255. if (!$error)
  4256. {
  4257. $time = time_start();
  4258. switch ($post['perform']) {
  4259. case 'execute':
  4260. $i = 0;
  4261. db_begin();
  4262. $commit = true;
  4263. foreach ($queries as $query)
  4264. {
  4265. $i++;
  4266. if ($post['only_marked'] && !$is_sel) {
  4267. if (!$get['md5']) { continue; }
  4268. }
  4269. if ($is_sel) {
  4270. if (str_starts_with($query, '@')) {
  4271. $query = str_cut_start($query, '@');
  4272. } else {
  4273. if (!$get['md5']) { continue; }
  4274. }
  4275. }
  4276. if ($post['only_select'] && !is_select($query)) {
  4277. continue;
  4278. }
  4279. if ($get['md5'] && $i != $md5_i) {
  4280. continue;
  4281. }
  4282. if ($get['md5'] && $i == $md5_i) {
  4283. if (!is_select($query)) {
  4284. trigger_error('not select query', E_USER_ERROR);
  4285. }
  4286. }
  4287.  
  4288. $exec = listing($query, $md5.'_'.$i);
  4289. $query_trunc = str_truncate(html_once($query), 1000);
  4290. $query_trunc = query_color($query_trunc);
  4291. $query_trunc = nl2br($query_trunc);
  4292. $query_trunc = html_spaces($query_trunc);
  4293. if ($exec['error']) {
  4294. $exec['error'] = preg_replace('#error:#i', '', $exec['error']);
  4295. $top_html .= sprintf('<div style="background: #ffffd7; padding: 0.5em; border: #ccc 1px solid; margin-bottom: 1em; margin-top: 1em;"><b style="color:red">Error</b>: %s<div style="margin-top: 0.25em;"><b>Query %s</b>: %s</div></div>', $exec['error'], $i, $query_trunc);
  4296. $commit = false;
  4297. break;
  4298. } else {
  4299. $query_html = sprintf('<div class="query"><b style="font-size: 10px;">Query %s</b>:<div style="'.$sql_font.' margin-top: 0.35em;">%s</div></div>', $i, $query_trunc);
  4300. $data_html .= $query_html;
  4301. $data_html .= $exec['data_html'];
  4302. }
  4303. }
  4304. if ($commit) {
  4305. db_end();
  4306. } else {
  4307. db_rollback();
  4308. }
  4309. break;
  4310. }
  4311. $time = time_end($time);
  4312. }
  4313. }
  4314.  
  4315. if ($post['only_marked'] && !$is_sel) {
  4316. error('No queries marked');
  4317. }
  4318.  
  4319. ?>
  4320. <?php layout_start(($db_name_h1?$db_name_h1:$db_name).' &gt; Execute SQL'); ?>
  4321. <?php if ($get['popup']): ?>
  4322. <h1><span style="<?php echo $db_name_style;?>"><?php echo $db_name_h1?$db_name_h1:$db_name;?></span> &gt; Execute SQL</h1>
  4323. <?php else: ?>
  4324. <h1><a class=blue style="<?php echo $db_name_style;?>" href="<?php echo $_SERVER['PHP_SELF'];?>"><?php echo $db_name_h1?$db_name_h1:$db_name;?></a> &gt; Execute SQL</h1>
  4325. <?php endif; ?>
  4326.  
  4327. <?php echo error();?>
  4328.  
  4329. <script>
  4330. function sql_submit(form)
  4331. {
  4332. if (form.perform.value.length) {
  4333. return true;
  4334. }
  4335. return false;
  4336. }
  4337. function sql_execute(form)
  4338. {
  4339. form.perform.value='execute';
  4340. form.submit();
  4341. }
  4342. function sql_preview(form)
  4343. {
  4344. form.perform.value='preview';
  4345. form.submit();
  4346. }
  4347. function sql_save(form)
  4348. {
  4349. form.perform.value='save';
  4350. form.submit();
  4351. }
  4352. function sql_load(form)
  4353. {
  4354. if (form.sql_template.selectedIndex)
  4355. {
  4356. currentUrl = window.location.href;
  4357. currentUrl = currentUrl.replace(/&sql_template=[^&]*/g, '');
  4358. window.location = currentUrl + "&sql_template=" +
  4359. escape(form.sql_template.value)
  4360. return true;
  4361. }
  4362. button_clear(form);
  4363. return false;
  4364. }
  4365. </script>
  4366.  
  4367. <?php if ($msg): ?>
  4368. <div class="msg"><?php echo $msg;?></div>
  4369. <?php endif; ?>
  4370.  
  4371. <?php echo $top_html;?>
  4372.  
  4373. <?php if (count($sql_assoc)): ?>
  4374. <p>
  4375. SELECT queries:
  4376. <select name="sql_assoc" onchange="if (this.value.length) location=this.value">
  4377. <option value="<?php echo html_once($sql_main_url);?>"></option>
  4378. <?php echo options($sql_assoc, $sql_selected);?>
  4379. </select>
  4380. </p>
  4381. <?php endif; ?>
  4382.  
  4383. <?php if ($get['md5']): ?>
  4384. <?php echo $data_html;?>
  4385. <?php endif; ?>
  4386.  
  4387. <form action="<?php echo $_SERVER['PHP_SELF'];?>?execute_sql=1&popup=<?php echo $get['popup'];?>" method="post" onsubmit="return sql_submit(this);" style="margin-top: 1em;">
  4388. <input type="hidden" name="perform" value="">
  4389. <div style="margin-bottom: 0.25em;">
  4390. <textarea id="sql_area" name="sql" class="sql_area"><?php echo htmlspecialchars(query_upper($post['sql']));?></textarea>
  4391. </div>
  4392. <table cellspacing="0" cellpadding="0"><tr>
  4393. <td nowrap>
  4394. <input type="button" wait="1" class="button" value="Execute" onclick="sql_execute(this.form); ">
  4395. </td>
  4396. <td nowrap>
  4397. &nbsp;
  4398. <input type="button" wait="1" class="button" value="Preview" onclick="sql_preview(this.form); ">
  4399. </td>
  4400. <td nowrap>
  4401. &nbsp;
  4402. <input type="checkbox" name="only_marked" id="only_marked" value="1" <?php echo checked($post['only_marked'] || $get['only_marked']);?>>
  4403. </td>
  4404. <td nowrap>
  4405. <label for="only_marked">only marked with @</label>
  4406. </td>
  4407. <td nowrap>
  4408. &nbsp;
  4409. <input type="checkbox" name="only_select" id="only_select" value="1" <?php echo checked($post['only_select'] || $get['only_select']);?>>
  4410. </td>
  4411. <td nowrap>
  4412. <label for="only_select">only SELECT</label>
  4413. &nbsp;&nbsp;&nbsp;
  4414. </td>
  4415. <td nowrap>
  4416. <input type="text" name="save_as" value="<?php echo html_once($post['save_as']);?>">
  4417. &nbsp;
  4418. </td>
  4419. <td nowrap>
  4420. <input type="button" wait="1" class="button" value="Save" onclick="sql_save(this.form); ">
  4421. &nbsp;&nbsp;&nbsp;
  4422. </td>
  4423. <td nowrap>
  4424. <select name="sql_template" style="width: 140px;"><option value=""></option><?php echo options($sql_templates_assoc);?></select>
  4425. &nbsp;
  4426. </td>
  4427. <td nowrap>
  4428. <input type="button" wait="1" class="button" value="Load" onclick="return sql_load(this.form);">
  4429. </td>
  4430. </tr></table>
  4431. </form>
  4432.  
  4433. <?php
  4434.  
  4435. if ('preview' == $post['perform'])
  4436. {
  4437. echo '<h2>Preview</h2>';
  4438. $i = 0;
  4439. foreach ($queries as $query)
  4440. {
  4441. $i++;
  4442. $query = str_cut_start($query, '@');
  4443. $query = html_once($query);
  4444. $query = query_color($query);
  4445. $query = nl2br($query);
  4446. $query = html_spaces($query);
  4447. printf('<div class="query"><b style="font-size: 10px;">Query %s</b>:<div style="'.$sql_font.' margin-top: 0.35em;">%s</div></div>', $i, $query);
  4448. }
  4449. }
  4450.  
  4451. ?>
  4452.  
  4453. <?php if (!$get['md5']): ?>
  4454. <script>$('sql_area').focus();</script>
  4455. <?php echo $data_html;?>
  4456. <?php endif; ?>
  4457.  
  4458. <?php layout_end(); ?>
  4459.  
  4460. <?php exit; endif; ?>
  4461. <?php if (isset($_GET['viewtable']) && $_GET['viewtable']): ?>
  4462.  
  4463. <?php
  4464.  
  4465. set_time_limit(0);
  4466.  
  4467. // ----------------------------------------------------------------
  4468. // VIEW TABLE
  4469. // ----------------------------------------------------------------
  4470.  
  4471. $table = $_GET['viewtable'];
  4472. $table_enq = quote_table($table);
  4473. $count = db_one("SELECT COUNT(*) FROM $table_enq");
  4474.  
  4475. $types = table_types2($table);
  4476. $columns = table_columns($table);
  4477. if (!count($columns)) {
  4478. $columns = array_assoc(array_keys($types));
  4479. }
  4480. $columns2 = $columns;
  4481.  
  4482. foreach ($columns2 as $k => $v) {
  4483. $columns2[$k] = $v.' ('.$types[$k].')';
  4484. }
  4485. $types_group = table_types_group($types);
  4486. $_GET['search'] = get('search');
  4487.  
  4488. $where = '';
  4489. $found = $count;
  4490. if ($_GET['search']) {
  4491. $search = $_GET['search'];
  4492. $cols2 = array();
  4493.  
  4494. if (get('column')) {
  4495. $cols2[] = $_GET['column'];
  4496. } else {
  4497. $cols2 = $columns;
  4498. }
  4499. $where = '';
  4500. $search = db_escape($search);
  4501.  
  4502. $column_type = '';
  4503. if (!get('column')) {
  4504. $column_type = get('column_type');
  4505. } else {
  4506. $_GET['column_type'] = '';
  4507. }
  4508.  
  4509. $ignore_int = false;
  4510. $ignore_time = false;
  4511.  
  4512. foreach ($columns as $col)
  4513. {
  4514. if (!get('column') && $column_type) {
  4515. if ($types[$col] != $column_type) {
  4516. continue;
  4517. }
  4518. }
  4519. if (!$column_type && !is_numeric($search) && str_has($types[$col], 'int')) {
  4520. $ignore_int = true;
  4521. continue;
  4522. }
  4523. if (!$column_type && is_numeric($search) && str_has($types[$col], 'time')) {
  4524. $ignore_time = true;
  4525. continue;
  4526. }
  4527. if (get('column') && $col != $_GET['column']) {
  4528. continue;
  4529. }
  4530. if ($where) { $where .= ' OR '; }
  4531. if (is_numeric($search)) {
  4532. $where .= "$col = '$search'";
  4533. } else {
  4534. if ('mysqli' == $db_driver) {
  4535. $where .= "$col LIKE '%$search%'";
  4536. } else if ('pgsql' == $db_driver) {
  4537. $where .= "$col ILIKE '%$search%'";
  4538. } else {
  4539. trigger_error('db_driver not implemented');
  4540. }
  4541. }
  4542. }
  4543. if (($ignore_int || $ignore_time) && !$where) {
  4544. $where .= ' 1=2 ';
  4545. }
  4546. $where = 'WHERE '.$where;
  4547. }
  4548.  
  4549. if ($where) {
  4550. $table_enq = quote_table($table);
  4551. $found = db_one("SELECT COUNT(*) FROM $table_enq $where");
  4552. }
  4553.  
  4554. $limit = 50;
  4555. $offset = get('offset','int');
  4556. $page = floor($offset / $limit + 1);
  4557. $pages = ceil($found / $limit);
  4558.  
  4559. $pk = table_pk($table);
  4560.  
  4561. $order = "ORDER BY";
  4562. if (get('order_by')) {
  4563. $order .= ' '.$_GET['order_by'];
  4564. } else {
  4565. if ($pk) {
  4566. if (IsTableAView($table)) {
  4567. $order = '';
  4568. } else {
  4569. $order .= ' '.$pk;
  4570. }
  4571. } else {
  4572. $order = '';
  4573. }
  4574. }
  4575. if (get('order_desc')) { $order .= ' DESC'; }
  4576.  
  4577. $table_enq = quote_table($table);
  4578. $base_query = "SELECT * FROM $table_enq $where $order";
  4579. $rs = db_query(db_limit($base_query, $offset, $limit));
  4580.  
  4581. if ($count && $rs) {
  4582. $rows = array();
  4583. while ($row = db_row($rs)) {
  4584. $rows[] = $row;
  4585. }
  4586. db_free($rs);
  4587. if (count($rows) && !array_col_match_unique($rows, $pk, '#^\d+$#')) {
  4588. $pk = guess_pk($rows);
  4589. }
  4590. }
  4591.  
  4592. function indenthead($str)
  4593. {
  4594. if (is_array($str)) {
  4595. $str2 = '';
  4596. foreach ($str as $k => $v) {
  4597. $str2 .= sprintf('%s: %s'."\r\n", $k, $v);
  4598. }
  4599. $str = $str2;
  4600. }
  4601. $lines = explode("\n", $str);
  4602. $max_len = 0;
  4603. foreach ($lines as $k => $line) {
  4604. $lines[$k] = trim($line);
  4605. if (preg_match('#^[^:]+:#', $line, $match)) {
  4606. if ($max_len < strlen($match[0])) {
  4607. $max_len = strlen($match[0]);
  4608. }
  4609. }
  4610. }
  4611. foreach ($lines as $k => $line) {
  4612. if (preg_match('#^[^:]+:#', $line, $match)) {
  4613. $lines[$k] = str_replace($match[0], $match[0].str_repeat('&nbsp;', $max_len - strlen($match[0])), $line);
  4614. }
  4615. }
  4616. return implode("\r\n", $lines);
  4617. }
  4618.  
  4619. if (get('indenthead')) {
  4620. echo '<pre>';
  4621. echo 'Table: '.get('viewtable')."\r\n";
  4622. echo str_repeat('-', 80)."\r\n";
  4623. if (isset($rows)) {
  4624. foreach ($rows as $row) {
  4625. echo indenthead($row);
  4626. echo str_repeat('-', 80)."\r\n";
  4627. }
  4628. }
  4629. echo '</pre>';
  4630. exit;
  4631. }
  4632. ?>
  4633.  
  4634. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
  4635. <html>
  4636. <head>
  4637. <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $page_charset;?>">
  4638. <title><?php echo $db_name_h1?$db_name_h1:$db_name;?> &gt; Table: <?php echo $table;?></title>
  4639. <link rel="shortcut icon" href="<?php echo $_SERVER['PHP_SELF']; ?>?dbkiss_favicon=1">
  4640. </head>
  4641. <body>
  4642.  
  4643. <?php layout(); ?>
  4644.  
  4645. <h1><a class=blue style="<?php echo $db_name_style;?>" href="<?php echo $_SERVER['PHP_SELF'];?>"><?php echo $db_name_h1?$db_name_h1:$db_name;?></a> &gt; Table: <?php echo $table;?></h1>
  4646.  
  4647. <?php conn_info(); ?>
  4648.  
  4649. <p>
  4650. <a class=blue href="<?php echo $_SERVER['PHP_SELF'];?>">All tables</a>
  4651. &nbsp;&gt;&nbsp;
  4652. <a href="<?php echo $_SERVER['PHP_SELF'];?>?viewtable=<?php echo $table;?>"><b><?php echo $table;?></b></a> (<?php echo $count;?>)
  4653. &nbsp;&nbsp;/&nbsp;&nbsp;
  4654.  
  4655. Export to CSV:&nbsp;
  4656.  
  4657. <a href="<?php echo $_SERVER['PHP_SELF']; ?>?export=csv&separator=<?php echo urlencode('|');?>&query=<?php echo base64_encode($base_query); ?>">pipe</a>
  4658. -
  4659. <a href="<?php echo $_SERVER['PHP_SELF']; ?>?export=csv&separator=<?php echo urlencode("\t");?>&query=<?php echo base64_encode($base_query); ?>">tab</a>
  4660. -
  4661. <a href="<?php echo $_SERVER['PHP_SELF']; ?>?export=csv&separator=<?php echo urlencode(',');?>&query=<?php echo base64_encode($base_query); ?>">comma</a>
  4662. -
  4663. <a href="<?php echo $_SERVER['PHP_SELF']; ?>?export=csv&separator=<?php echo urlencode(';');?>&query=<?php echo base64_encode($base_query); ?>">semicolon</a>
  4664.  
  4665. &nbsp;&nbsp;/&nbsp;&nbsp;
  4666. Functions:
  4667. <a href="<?php echo $_SERVER['PHP_SELF'];?>?viewtable=<?php echo $table;?>&indenthead=1">indenthead()</a>
  4668. </p>
  4669.  
  4670. <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="get" style="margin-bottom: 1em;">
  4671. <input type="hidden" name="viewtable" value="<?php echo $table;?>">
  4672. <table class="ls" cellspacing="1">
  4673. <tr>
  4674. <td><input type="text" name="search" value="<?php echo html_once(get('search'));?>"></td>
  4675. <td><select name="column"><option value=""></option><?php echo options($columns2, get('column'));?></select></td>
  4676. <td><select name="column_type"><option value=""></option><?php echo options($types_group, get('column_type'));?></select></td>
  4677. <td><input type="submit" value="Search"></td>
  4678. <td>
  4679. order by:
  4680. <select name="order_by"><option value=""></option><?php echo options($columns, get('order_by'));?></select>
  4681. <input type="checkbox" name="order_desc" id="order_desc" value="1" <?php echo checked(get('order_desc'));?>>
  4682. <label for="order_desc">desc</label>
  4683. </td>
  4684. <td>
  4685. <input type="checkbox" name="full_content" id="full_content" <?php echo checked(get('full_content'));?>>
  4686. <label for="full_content">full content</label>
  4687. </td>
  4688. <td>
  4689. <input type="checkbox" name="nl2br" id="nl2br" <?php echo checked(get('nl2br'));?>>
  4690. <label for="nl2br">nl2br</label>
  4691. </td>
  4692. </tr>
  4693. </table>
  4694. </form>
  4695.  
  4696. <?php if ($count): ?>
  4697.  
  4698. <?php if ($count && $count != $found): ?>
  4699. <p>Found: <b><?php echo $found;?></b></p>
  4700. <?php endif; ?>
  4701.  
  4702. <?php if ($found): ?>
  4703.  
  4704. <?php if ($pages > 1): ?>
  4705. <p>
  4706. <?php if ($page > 1): ?>
  4707. <a href="<?php echo url_offset(($page-1)*$limit-$limit);?>">&lt;&lt; Prev</a> &nbsp;
  4708. <?php endif; ?>
  4709. Page <b><?php echo $page;?></b> of <b><?php echo $pages;?></b> &nbsp;
  4710. <?php if ($pages > $page): ?>
  4711. <a href="<?php echo url_offset($page*$limit);?>">Next &gt;&gt;</a>
  4712. <?php endif; ?>
  4713. </p>
  4714. <?php endif; ?>
  4715.  
  4716. <script>
  4717. function mark_row(tr)
  4718. {
  4719. var els = tr.getElementsByTagName('td');
  4720. if (tr.marked) {
  4721. for (var i = 0; i < els.length; i++) {
  4722. els[i].style.backgroundColor = '';
  4723. }
  4724. tr.marked = false;
  4725. } else {
  4726. tr.marked = true;
  4727. for (var i = 0; i < els.length; i++) {
  4728. els[i].style.backgroundColor = '#ddd';
  4729. }
  4730. }
  4731. }
  4732. </script>
  4733.  
  4734. <table class="ls" cellspacing="1">
  4735. <tr>
  4736. <?php if ($pk): ?><th>#</th><?php endif; ?>
  4737. <?php foreach ($columns as $col): ?>
  4738. <?php
  4739. $params = array('order_by'=>$col);
  4740. $params['order_desc'] = 0;
  4741. if (get('order_by') == $col) {
  4742. $params['order_desc'] = get('order_desc') ? 0 : 1;
  4743. }
  4744. ?>
  4745. <th><a style="color: #000;" href="<?php echo url(self(), $params);?>"><?php echo $col;?></a></th>
  4746. <?php endforeach; ?>
  4747. </tr>
  4748. <?php
  4749. $get_full_content = get('full_content');
  4750. $get_nl2br = get('nl2br');
  4751. $get_search = get('search');
  4752. ?>
  4753. <?php
  4754. $edit_url_tpl = url(self(true), array('action'=>'editrow', 'table'=>$table, 'pk'=>$pk, 'id'=>'%s'));
  4755. ?>
  4756. <?php foreach ($rows as $row): ?>
  4757. <tr ondblclick="mark_row(this)">
  4758. <?php if ($pk): ?>
  4759. <?php $edit_url = sprintf($edit_url_tpl, $row[$pk]); ?>
  4760. <td><a href="javascript:void(0)" onclick="popup('<?php echo $edit_url;?>', 620, 500)">Edit</a>&nbsp;</td>
  4761. <?php endif; ?>
  4762. <?php foreach ($row as $k => $v): ?>
  4763. <?php
  4764. $v = strip_tags($v);
  4765. $v = create_links($v);
  4766. if (!$get_full_content) {
  4767. $v = truncate_html($v, 50);
  4768. }
  4769. //$v = html_once($v);
  4770. //$v = htmlspecialchars($v); -- create_links() disabling
  4771. $nl2br = $get_nl2br;
  4772. if ($get_full_content) {
  4773. $v = str_wrap($v, 80, '<br>', true);
  4774. }
  4775. if ($get_nl2br) {
  4776. $v = nl2br($v);
  4777. }
  4778. //$v = stripslashes(stripslashes($v));
  4779. if ($get_search) {
  4780. $search = $_GET['search'];
  4781. $search_quote = preg_quote($search);
  4782. $v = preg_replace('#('.$search_quote.')#i', '<span style="background: yellow;">$1</span>', $v);
  4783. }
  4784. if ($types[$k] == 'int' && (preg_match('#time#i', $k) || preg_match('#date#i', $k))
  4785. && preg_match('#^\d+$#', $v))
  4786. {
  4787. $tmp = @date('Y-m-d H:i', $v);
  4788. if ($tmp) {
  4789. $v = $tmp;
  4790. }
  4791. }
  4792. ?>
  4793. <td onclick="mark_col(this)" <?php echo $nl2br?'valign="top"':'';?> nowrap><?php echo is_null($row[$k])?'-':$v;?></td>
  4794. <?php endforeach; ?>
  4795. </tr>
  4796. <?php endforeach; ?>
  4797. </table>
  4798.  
  4799. <?php if ($pages > 1): ?>
  4800. <p>
  4801. <?php if ($page > 1): ?>
  4802. <a href="<?php echo url_offset(($page-1)*$limit-$limit);?>">&lt;&lt; Prev</a> &nbsp;
  4803. <?php endif; ?>
  4804. Page <b><?php echo $page;?></b> of <b><?php echo $pages;?></b> &nbsp;
  4805. <?php if ($pages > $page): ?>
  4806. <a href="<?php echo url_offset($page*$limit);?>">Next &gt;&gt;</a>
  4807. <?php endif; ?>
  4808. </p>
  4809. <?php endif; ?>
  4810.  
  4811. <?php endif; ?>
  4812.  
  4813. <?php endif; ?>
  4814.  
  4815. <?php powered_by(); ?>
  4816. </body>
  4817. </html>
  4818. <?php exit; endif; ?>
  4819. <?php if (get('searchdb')): ?>
  4820. <?php
  4821.  
  4822. // ----------------------------------------------------------------
  4823. // SEARCH DB
  4824. // ----------------------------------------------------------------
  4825.  
  4826. $get = get(array(
  4827. 'types' => 'array',
  4828. 'search' => 'string',
  4829. 'md5' => 'bool',
  4830. 'table_filter' => 'string'
  4831. ));
  4832. $get['search'] = trim($get['search']);
  4833.  
  4834. $tables = list_tables();
  4835.  
  4836. if ($get['table_filter']) {
  4837. foreach ($tables as $k => $table) {
  4838. if (!str_has_any($table, $get['table_filter'], $ignore_case = true)) {
  4839. unset($tables[$k]);
  4840. }
  4841. }
  4842. }
  4843.  
  4844. $all_types = array();
  4845. $columns = array();
  4846. foreach ($tables as $table) {
  4847. $types = table_types2($table);
  4848. $columns[$table] = $types;
  4849. $types = array_values($types);
  4850. $all_types = array_merge($all_types, $types);
  4851. }
  4852. $all_types = array_unique($all_types);
  4853.  
  4854. if ($get['search'] && $get['md5']) {
  4855. $get['search'] = md5($get['search']);
  4856. }
  4857.  
  4858. ?>
  4859. <?php layout_start(sprintf('%s &gt; Search', $db_name)); ?>
  4860. <h1><a class=blue style="<?php echo $db_name_style;?>" href="<?php echo $_SERVER['PHP_SELF'];?>"><?php echo $db_name_h1?$db_name_h1:$db_name;?></a> &gt; Search</h1>
  4861. <?php conn_info(); ?>
  4862.  
  4863. <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="get">
  4864. <input type="hidden" name="searchdb" value="1">
  4865. <table class="ls" cellspacing="1">
  4866. <tr>
  4867. <th>Search:</th>
  4868. <td>
  4869. <input type="text" name="search" value="<?php echo html_once($get['search']);?>" size="40">
  4870. <?php if ($get['search'] && $get['md5']): ?>
  4871. md5(<?php echo html_once(get('search'));?>)
  4872. <?php endif; ?>
  4873. <input type="checkbox" name="md5" id="md5_label" value="1">
  4874. <label for="md5_label">md5</label>
  4875. </td>
  4876. </tr>
  4877. <tr>
  4878. <th>Table filter:</th>
  4879. <td><input type="text" name="table_filter" value="<?php echo html_once($get['table_filter']);?>">
  4880. </tr>
  4881. <tr>
  4882. <th>Columns:</th>
  4883. <td>
  4884. <?php foreach ($all_types as $type): ?>
  4885. <input type="checkbox" id="type_<?php echo $type;?>" name="types[<?php echo $type;?>]" value="1" <?php echo checked(isset($get['types'][$type]));?>>
  4886. <label for="type_<?php echo $type;?>"><?php echo $type;?></label>
  4887. <?php endforeach; ?>
  4888. </td>
  4889. </tr>
  4890. <tr>
  4891. <td colspan="2" class="none">
  4892. <input type="submit" value="Search">
  4893. </td>
  4894. </tr>
  4895. </table>
  4896. </form>
  4897.  
  4898. <?php if ($get['search'] && !count($get['types'])): ?>
  4899. <p>No columns selected.</p>
  4900. <?php endif; ?>
  4901.  
  4902. <?php if ($get['search'] && count($get['types'])): ?>
  4903.  
  4904. <p>Searching <b><?php echo count($tables);?></b> tables for: <b><?php echo html_once($get['search']);?></b></p>
  4905.  
  4906. <?php $found_any = false; ?>
  4907.  
  4908. <?php set_time_limit(0); ?>
  4909.  
  4910. <?php foreach ($tables as $table): ?>
  4911. <?php
  4912.  
  4913. $where = '';
  4914. $cols2 = array();
  4915.  
  4916. $where = '';
  4917. $search = db_escape($get['search']);
  4918.  
  4919. foreach ($columns[$table] as $col => $type)
  4920. {
  4921. if (!in_array($type, array_keys($get['types']))) {
  4922. continue;
  4923. }
  4924. if ($where) {
  4925. $where .= ' OR ';
  4926. }
  4927. if (is_numeric($search)) {
  4928. $where .= "$col = '$search'";
  4929. } else {
  4930. if ('mysqli' == $db_driver) {
  4931. $where .= "$col LIKE '%$search%'";
  4932. } else if ('pgsql' == $db_driver) {
  4933. $where .= "$col ILIKE '%$search%'";
  4934. } else {
  4935. trigger_error('db_driver not implemented');
  4936. }
  4937. }
  4938. }
  4939.  
  4940. $found = false;
  4941.  
  4942. if ($where) {
  4943. $where = 'WHERE '.$where;
  4944. $table_enq = quote_table($table);
  4945. $found = db_one("SELECT COUNT(*) FROM $table_enq $where");
  4946. }
  4947.  
  4948. if ($found) {
  4949. $found_any = true;
  4950. }
  4951.  
  4952. ?>
  4953.  
  4954. <?php
  4955. if ($where && $found) {
  4956. $limit = 10;
  4957. $offset = 0;
  4958. $pk = table_pk($table);
  4959.  
  4960. $order = "ORDER BY $pk";
  4961. $table_enq = quote_table($table);
  4962. $rs = db_query(db_limit("SELECT * FROM $table_enq $where $order", $offset, $limit));
  4963.  
  4964. $rows = array();
  4965. while ($row = db_row($rs)) {
  4966. $rows[] = $row;
  4967. }
  4968. db_free($rs);
  4969. if (count($rows) && !array_col_match_unique($rows, $pk, '#^\d+$#')) {
  4970. $pk = guess_pk($rows);
  4971. }
  4972. }
  4973. ?>
  4974.  
  4975. <?php if ($where && $found): ?>
  4976.  
  4977. <p>
  4978. Table: <a href="<?php echo $_SERVER['PHP_SELF'];?>?viewtable=<?php echo $table;?>&search=<?php echo urlencode($get['search']);?>"><b><?php echo $table;?></b></a><br>
  4979. Found: <b><?php echo $found;?></b>
  4980. <?php if ($found > $limit): ?>
  4981. &nbsp;<a href="<?php echo $_SERVER['PHP_SELF'];?>?viewtable=<?php echo $table;?>&search=<?php echo urlencode($get['search']);?>">show all &gt;&gt;</a>
  4982. <?php endif; ?>
  4983. </p>
  4984.  
  4985. <table class="ls" cellspacing="1">
  4986. <tr>
  4987. <?php if ($pk): ?><th>#</th><?php endif; ?>
  4988. <?php foreach ($columns[$table] as $col => $type): ?>
  4989. <th><?php echo $col;?></th>
  4990. <?php endforeach; ?>
  4991. </tr>
  4992. <?php foreach ($rows as $row): ?>
  4993. <tr>
  4994. <?php if ($pk): ?>
  4995. <?php $edit_url = url(self(true), array('action'=>'editrow', 'table'=>$table, 'pk'=>$pk, 'id'=>$row[$pk])); ?>
  4996. <td><a href="javascript:void(0)" onclick="popup('<?php echo $edit_url;?>', 620, 500)">Edit</a>&nbsp;</td>
  4997. <?php endif; ?>
  4998. <?php foreach ($row as $k => $v): ?>
  4999. <?php
  5000. $v = str_truncate($v, 50);
  5001. $v = html_once($v);
  5002. //$v = stripslashes(stripslashes($v));
  5003. $search = $get['search'];
  5004. $search_quote = preg_quote($search);
  5005. if ($columns[$table][$k] == 'int' && (preg_match('#time#i', $k) || preg_match('#date#i', $k)) && preg_match('#^\d+$#', $v)) {
  5006. $tmp = @date('Y-m-d H:i', $v);
  5007. if ($tmp) {
  5008. $v = $tmp;
  5009. }
  5010. }
  5011. $v = preg_replace('#('.$search_quote.')#i', '<span style="background: yellow;">$1</span>', $v);
  5012. ?>
  5013. <td nowrap><?php echo $v;?></td>
  5014. <?php endforeach; ?>
  5015. </tr>
  5016. <?php endforeach; ?>
  5017. </table>
  5018.  
  5019. <?php endif; ?>
  5020.  
  5021. <?php endforeach; ?>
  5022.  
  5023. <?php if (!$found_any): ?>
  5024. <p>No rows found.</p>
  5025. <?php endif; ?>
  5026.  
  5027. <?php endif; ?>
  5028.  
  5029. <?php layout_end(); ?>
  5030. <?php exit; endif; ?>
  5031.  
  5032. <?php
  5033.  
  5034. // ----------------------------------------------------------------
  5035. // LIST TABLES
  5036. // ----------------------------------------------------------------
  5037.  
  5038. $get = get(array('table_filter'=>'string'));
  5039.  
  5040. ?>
  5041.  
  5042. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
  5043. <html>
  5044. <head>
  5045. <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $page_charset;?>">
  5046. <title><?php echo $db_name_h1?$db_name_h1:$db_name;?></title>
  5047. <link rel="shortcut icon" href="<?php echo $_SERVER['PHP_SELF']; ?>?dbkiss_favicon=1">
  5048. </head>
  5049. <body>
  5050.  
  5051. <?php layout(); ?>
  5052. <h1 style="<?php echo $db_name_style;?>"><?php echo $db_name_h1?$db_name_h1:$db_name;?></h1>
  5053.  
  5054. <?php conn_info(); ?>
  5055.  
  5056. <?php $tables = list_tables(); ?>
  5057. <?php $status = table_status(); ?>
  5058. <?php $views = list_tables(true); ?>
  5059.  
  5060. <p>
  5061. Tables: <b><?php echo count($tables);?></b>
  5062. &nbsp;-&nbsp;
  5063. Total size: <b><?php echo number_format(ceil($status['total_size']/1024),0,'',',').' KB';?></b>
  5064. &nbsp;-&nbsp;
  5065. Views: <b><?php echo count($views);?></b>
  5066. &nbsp;-&nbsp;
  5067.  
  5068. <a class=blue href="<?php echo $_SERVER['PHP_SELF'];?>?searchdb=1&table_filter=<?php echo html_once($get['table_filter']);?>">Search</a>
  5069. &nbsp;-&nbsp;
  5070. <a class=blue href="<?php echo $_SERVER['PHP_SELF'];?>?import=1">Import</a>
  5071. &nbsp;-&nbsp;
  5072. Export all:
  5073.  
  5074. <?php if ('pgsql' == $db_driver): ?>
  5075. &nbsp;<a class=blue href="<?php echo $_SERVER['PHP_SELF'];?>?dump_all=2&table_filter=<?php echo urlencode(html_once($get['table_filter']));?>">Data only</a>
  5076. <?php else: ?>
  5077. &nbsp;<a class=blue href="<?php echo $_SERVER['PHP_SELF'];?>?dump_all=1&table_filter=<?php echo urlencode(html_once($get['table_filter']));?>">Structure</a> ,
  5078. <a class=blue href="<?php echo $_SERVER['PHP_SELF'];?>?dump_all=2&table_filter=<?php echo urlencode(html_once($get['table_filter']));?>">Data & structure</a>
  5079. <?php endif; ?>
  5080. </p>
  5081.  
  5082. <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="get" name=table_filter_form style="margin-bottom: 0.5em;">
  5083. <table cellspacing="0" cellpadding="0"><tr>
  5084. <td style="padding-right: 3px;">Table or View:</td>
  5085. <td style="padding-right: 3px;"><input type="text" name="table_filter" id=table_filter value="<?php echo html_once($get['table_filter']);?>"></td>
  5086. <td style="padding-right: 3px;"><input type="submit" class="button" wait="1" value="Filter"> <a href="javascript:void(0)" onclick="alert('You just start typing on the page and the Input will be focused automatically. ALT+R will Reset the Input and submit the form.')">[?]</a></td>
  5087. </tr></table>
  5088. </form>
  5089.  
  5090. <script>
  5091. function table_filter_keydown(e)
  5092. {
  5093. if (!e) { e = window.event; }
  5094. if (e.keyCode == 27 || e.keyCode == 33 || e.keyCode == 34 || e.keyCode == 38 || e.keyCode == 40) {
  5095. document.getElementById('table_filter').blur();
  5096. return;
  5097. }
  5098. // alt + r - reset filter input
  5099. if (e.keyCode == 82 && e.altKey) {
  5100. document.getElementById('table_filter').value = "";
  5101. document.forms["table_filter_form"].submit();
  5102. return;
  5103. }
  5104. // 0-9
  5105. if (e.keyCode >= 48 && e.keyCode <= 57 && !e.altKey && !e.ctrlKey && !e.shiftKey && !e.metaKey) {
  5106. document.getElementById('table_filter').focus();
  5107. }
  5108. // a-z
  5109. if (e.keyCode >= 65 && e.keyCode <= 90 && !e.altKey && !e.ctrlKey && !e.shiftKey && !e.metaKey) {
  5110. document.getElementById('table_filter').focus();
  5111. }
  5112. }
  5113. document.onkeydown = table_filter_keydown;
  5114. </script>
  5115.  
  5116. <div style="float: left;">
  5117.  
  5118. <?php
  5119. $tables = table_filter($tables, $get['table_filter']);
  5120. ?>
  5121.  
  5122. <?php if ($get['table_filter']): ?>
  5123. <p>Tables found: <b><?php echo count($tables);?></b></p>
  5124. <?php endif; ?>
  5125.  
  5126. <table class="ls" cellspacing="1">
  5127. <tr>
  5128. <th>Table</th>
  5129. <th>Count</th>
  5130. <th>Size</th>
  5131. <th>Options</th>
  5132. </tr>
  5133. <?php foreach ($tables as $table): ?>
  5134. <tr>
  5135. <td><a class=blue href="<?php echo $_SERVER['PHP_SELF'];?>?viewtable=<?php echo $table;?>"><?php echo $table;?></a></td>
  5136. <?php
  5137. if ('mysqli' == $db_driver) {
  5138. // $table_enq = quote_table($table);
  5139. // $count = db_one("SELECT COUNT(*) FROM $table_enq");
  5140. $count = $status[$table]['count'];
  5141. }
  5142. if ('pgsql' == $db_driver) {
  5143. $count = $status[$table]['count'];
  5144. if (!$count) {
  5145. $table_enq = quote_table($table);
  5146. $count = db_one("SELECT COUNT(*) FROM $table_enq");
  5147. }
  5148. }
  5149. ?>
  5150. <td align="right"><?php echo number_format($count,0,'',',');?></td>
  5151. <td align="right"><?php echo number_format(ceil($status[$table]['size']/1024),0,'',',').' KB';?></td>
  5152. <td>
  5153. <a href="<?php echo $_SERVER['PHP_SELF'];?>?dump_table=<?php echo $table;?>">Export</a>
  5154. &nbsp;-&nbsp;
  5155. <?php $table_enq = quote_table($table); ?>
  5156. <form action="<?php echo $_SERVER['PHP_SELF'];?>" name="drop_<?php echo $table;?>" method="post" style="display: inline;"><input type="hidden" name="drop_table" value="<?php echo $table;?>"></form>
  5157. <a href="javascript:void(0)" onclick="if (confirm('DROP TABLE <?php echo $table;?> ?')) document.forms['drop_<?php echo $table;?>'].submit();">Drop</a>
  5158. </td>
  5159. </tr>
  5160. <?php endforeach; ?>
  5161. </table>
  5162. <?php unset($table); ?>
  5163.  
  5164. </div>
  5165.  
  5166. <?php if (views_supported() && count($views)): ?>
  5167. <div style="float: left; margin-left: 2em;">
  5168.  
  5169. <?php
  5170. $views = table_filter($views, $get['table_filter']);
  5171. ?>
  5172.  
  5173. <?php if ($get['table_filter']): ?>
  5174. <p>Views found: <b><?php echo count($views);?></b></p>
  5175. <?php endif; ?>
  5176.  
  5177. <table class="ls" cellspacing="1">
  5178. <tr>
  5179. <th>View</th>
  5180. <th><a class=blue href="<?php echo $_SERVER['PHP_SELF']; ?>?table_filter=<?php echo urlencode($get['table_filter']);?>&views_count=<?php echo (isset($_GET['views_count']) && $_GET['views_count']) ? 0 : 1; ?>" style="color: #000; text-decoration: underline;" title="Click to enable/disable counting in Views">Count</a></th>
  5181. <th>Options</th>
  5182. </tr>
  5183. <?php foreach ($views as $view): ?>
  5184. <?php $view_enq = quote_table($view); ?>
  5185. <tr>
  5186. <td><a class=blue href="<?php echo $_SERVER['PHP_SELF'];?>?viewtable=<?php echo $view;?>"><?php echo $view;?></a></td>
  5187. <?php
  5188. if (isset($_GET['views_count']) && $_GET['views_count']) {
  5189. $count = db_one("SELECT COUNT(*) FROM $view_enq");
  5190. } else {
  5191. $count = null;
  5192. }
  5193. ?>
  5194. <td align=right><?php echo isset($count) ? $count : '-'; ?></td>
  5195. <td>
  5196. <a href="<?php echo $_SERVER['PHP_SELF'];?>?dump_table=<?php echo $view;?>">Export</a>
  5197. &nbsp;-&nbsp;
  5198. <form action="<?php echo $_SERVER['PHP_SELF'];?>" name="drop_<?php echo $view;?>" method="post" style="display: inline;">
  5199. <input type="hidden" name="drop_view" value="<?php echo $view;?>"></form>
  5200. <a href="javascript:void(0)" onclick="if (confirm('DROP VIEW <?php echo $view;?> ?')) document.forms['drop_<?php echo $view;?>'].submit();">Drop</a>
  5201. </td>
  5202. </tr>
  5203. <?php endforeach; ?>
  5204. </table>
  5205.  
  5206. </div>
  5207. <?php endif; ?>
  5208.  
  5209. <div style="clear: both;"></div>
  5210.  
  5211. <?php powered_by(); ?>
  5212. </body>
  5213. </html>
Add Comment
Please, Sign In to add comment