<?phpini_set('display_errors', 'On');session_start(); $_SESSION['serv

1. <?php
2. ini_set('display_errors', 'On');
3.  
4. session_start();
5.  
6. $_SESSION['server']='localhost';
7. $_SESSION['dbuser']='leak';
8. $_SESSION['pass']='dqlskd011221sdLLWXWX!QS523';
9. $_SESSION['dbname']='db';
10.  
11. if(empty($_SESSION['server'])&&
12. empty($_SESSION['dbuser'])&&
13. empty($_SESSION['pass'])&&
14. empty($_SESSION['dbname'])
15. )
16.  
17. {
18. if(!empty($_POST['server']) && !empty($_POST['dbuser']) && !empty($_POST['dbname']))
19.  
20. {
21. $_SESSION['server'] = $_POST['server'];
22. $_SESSION['dbuser']= $_POST['dbuser'];
23. $_SESSION['pass'] = $_POST['pass'];
24. $_SESSION['dbname']= $_POST['dbname'];
25. }
26. else
27.  
28. {
29. html_header();
30.  
31. if(!empty($_REQUEST['error_message']))
32. ?>
33. <?php
34. }
35.  
36. }
37. else
38. {
39.  
40. $server = $_SESSION['server'];
41. $dbuser = $_SESSION['dbuser'];
42. $dbpass = $_SESSION['pass'];
43. $dbname = $_SESSION['dbname'];
44.  
45. $link = @mysql_connect($server, $dbuser, $dbpass);
46. if (!$link) { session_destroy(); header("Refresh:0;url=http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].'?error_message=Username OR password Missmatch');}
47. if(!@mysql_select_db($dbname, $link)){ session_destroy(); header("Refresh:0;url=http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'].'?error_message=Database Not found');};
48.  
49. html_header();
50. ?>
51.  
52. <div>
53. <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="POST">
54. <input type="text" name="search_text" <?php if(!empty($_POST['search_text'])) echo 'value="'.$_POST['search_text'].'"'; ?> />
55. <input type="submit" value="Search" />
56. </form>
57. </div>
58. <?php
59. if(strlen($_POST['search_text']) >= 5){
60. $search_text = mysql_real_escape_string($_POST['search_text']);
61. $result_in_tables = 0;
62.  
63. echo '<a href="javascript:hide_all()">Tout réduire</a>
64. <a href="javascript:show_all()">Tout montrer</a>';
65. echo "<h4>Résultat pour: <i>". $search_text.'</i></h4>';
66.  
67. $sql= 'show tables';
68. $res = mysql_query($sql);
69. $tables = fetch_array($res);
70.  
71. for($i=0;$i<sizeof($tables);$i++)
72. {
73. $sql = 'select count(*) from '.$tables[$i]['Tables_in_'.$dbname];
74. $res = mysql_query($sql);
75. if($res === false ) {
76. echo 'Erreur SQL : '.mysql_error();
77. }
78. if(mysql_num_rows($res)>0)
79.  
80. {
81. $sql = 'desc '.$tables[$i]['Tables_in_'.$dbname];
82. $res = mysql_query($sql);
83. $collum = fetch_array($res);
84.  
85. $search_sql = 'select * from '.$tables[$i]['Tables_in_'.$dbname].' where ';
86. $no_varchar_field = 0;
87.  
88. for($j=0;$j<sizeof($collum);$j++)
89.  
90. {
91. if($no_varchar_field!=0){$search_sql .= ' or ' ;}
92. $search_sql .= '`'.$collum[$j]['Field'] .'` like \'%'.$search_text.'%\' ';
93. $no_varchar_field++;
94. }
95.  
96.  
97. if($no_varchar_field>0)
98. {
99. $res = mysql_query($search_sql);
100.  
101. $search_result = fetch_array($res);
102. if(sizeof($search_result))
103. {
104. $result_in_tables++;
105.  
106. echo '<h4>Table : '. $tables[$i]['Tables_in_'.$dbname].' &nbsp;&nbsp;</div>
107. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'.
108. '<span class="number_result">Nombre de résultats pour <i>"'.$search_text .'"</i>: '.mysql_affected_rows().'</span>
109. <br/>
110. <div class="link_wrapper"><a href="javascript:toggle(\''.$tables[$i]['Tables_in_'.$dbname].'_wrapper'.'\')">Résultats</a></div>
111. <script language="JavaScript">
112. table_id.push("'.$tables[$i]['Tables_in_'.$dbname].'_wrapper");
113. </script>
114. ';
115.  
116. table_arrange($search_result);
117. echo '</div><br/><br/>';
118. }
119.  
120. }
121. }
122.  
123.  
124.  
125. }
126.  
127. if(!$result_in_tables)
128.  
129. {
130. echo '<p style="color:red;">Désolez, Aucun résultat pour <i>'.
131. $search_text.
132. '</i>';
133. }
134.  
135. mysql_close($link);
136. }
137. }
138.  
139. ?>
140.  
141. <?php
142. function fetch_array($res)
143. {
144. $data = array();
145. while ($row = mysql_fetch_assoc($res))
146. {
147. $data[] = $row;
148. }
149. return $data;
150. }
151. function table_arrange($array)
152. {
153. $table_data = '';
154. $max =0;
155. $max_i =0;
156. $search_text = $_POST["search_text"];
157.  
158. for($i=0;$i<sizeof($array);$i++)
159. {
160. $table_data .= '<tr class='.(($i&1)?'"odd_row"':'"even_row"') .' >';
161.  
162. $j=0;
163.  
164. foreach($array[$i] as $key => $data)
165. {
166. $data = preg_replace("|($search_text)|Ui" , "<pre class=\"search_text\"><b>$1</b></pre>" , htmlspecialchars($data));
167.  
168. $table_data .= '<td>'. $data .' &nbsp;</td>';
169.  
170. $j++;
171. }
172.  
173. if($max<$j)
174. {
175. $max = $j;
176. $max_i = $i;
177. }
178. $table_data .= '</tr>'."\n";
179. }
180. $table_data .= '</table></div>';
181. unset($data);
182.  
183. $data_a = $array[$max_i];
184.  
185. $table_head = '<tr>';
186. foreach($data_a as $key => $value)
187. {
188. $table_head .= '<td class="keys">'. $key.'</td>';
189. }
190.  
191. $table_head .= '</tr>'."\n";
192.  
193. echo '<div class="table_bor">
194. <table cellspacing="0" cellpadding="3" border="0" class="data_table">'.$table_head.$table_data;
195. }
196. function html_header()
197. {
198. ?>
199. <html>
200. <head>
201. <script language="JavaScript">
202. var table_id =new Array();
203.  
204. function hide_all()
205.  
206. {
207. for(i=0;i<table_id.length;i++){
208. document.getElementById(table_id[i]).style.display = 'none';
209. }
210. }
211.  
212. function show_all()
213.  
214. {
215. for(i=0;i<table_id.length;i++){
216. document.getElementById(table_id[i]).style.display = 'block';
217. }
218. }
219. function toggle(id)
220.  
221. {
222.  
223. if(get_style(id,'display') =='block')
224. {
225. document.getElementById(id).style.display = 'none';
226. }else {
227.  
228. document.getElementById(id).style.display = 'block';
229.  
230. }
231.  
232. }
233.  
234. function get_style(el,styleProp)
235.  
236. {
237. var x = document.getElementById(el);
238. if (x.currentStyle)
239. var y = x.currentStyle[styleProp];
240. else if (window.getComputedStyle)
241. var y = document.defaultView.getComputedStyle(x,null).getPropertyValue(styleProp);
242. return y;
243. }
244. </script>
245. <style>
246. h1{color: #233E99;}
247. td{ font-size:11px; font-family:arial;vertical-align:top;border:1px solid #fff;}
248. a{font-size:11px; font-family:arial;}
249. .table_name{background: #233E99 none repeat scroll 0% 0%;display:inline;font-size: 18px;color: rgb(255, 255, 255);border-bottom: 4px solid rgb(35, 62, 153);margin-top: 20px;}
250. .wrapper{width:90%; overflow:scroll;overflow-y:hidden; margin-bottom:50px; padding:10px}
251. .number_result{font-size:13px;color: #002db3;}
252. .search_text{background: #00cc00;}
253. .table_bor{margin: 0pt auto;}
254. .data_table{text-align: center;width:680px;cellspacing:0;cellpadding:10px;border:0;}
255. .keys{background-color:#cccccc;font-size:11px; font-family:arial;}
256. .odd_row{background-color:#E5E5E5 ;}
257. .even_row{background-color:#f5f5f5;}
258. .sql{display:none;width:680px;padding:10px;border:0;}
259. .link_wrapper{margin-top:10px;}
260. .me{font-size:11px; font-family:arial;color:#333;}
261. </style>
262. </head>
263. <body>
264. <?php
265. }