Nemcio/adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2026-04-14 08:28:35 +02:00
Code Issues Packages Projects Releases Activity

Cottage homework

Browse Source 
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@77 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
jakubvrana
2007-07-09 06:12:22 +00:00
parent 505b79d82c
commit 430034c38a
18 changed files with 420 additions and 191 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
sql.inc.php
View File

@@ -1,38 +1,61 @@
<?php
if ($_POST) {
$result = mysql_query($_POST["query"]); //! multiple commands
if ($result === true) {
redirect($SELF . "sql=", sprintf(lang('Query executed OK, %d row(s) affected.'), mysql_affected_rows()));
}
$error = mysql_error();
}
page_header(lang('SQL command'));
if ($_POST) {
if (!$result) {
echo "<p class='error'>" . lang('Error in query') . ": " . htmlspecialchars($error) . "</p>\n";
} else {
if (!mysql_num_rows($result)) {
echo "<p class='message'>" . lang('No rows.') . "</p>\n";
} else {
echo "<table border='1' cellspacing='0' cellpadding='2'>\n";
for ($i=0; $row = mysql_fetch_assoc($result); $i++) {
if (!$i) {
echo "<thead><tr><th>" . implode("</th><th>", array_map('htmlspecialchars', array_keys($row))) . "</th></tr></thead>\n";
if ($_POST && $error) {
echo "<p class='error'>$error</p>\n";
} elseif ($_POST && is_string($query = (isset($_POST["query"]) ? $_POST["query"] : get_file("sql_file")))) {
$delimiter = ";";
$offset = 0;
$empty = true;
while (rtrim($query)) {
if (!$offset && preg_match('~^\\s*DELIMITER\\s+(.+)~i', $query, $match)) {
$delimiter = preg_quote($match[1], '~');
$query = substr($query, strlen($match[0]));
} elseif (preg_match("~$delimiter|['`\"]|\$~", $query, $match, PREG_OFFSET_CAPTURE, $offset)) {
if ($match[0][0] && $match[0][0] != $delimiter) {
preg_match('~\\G([^\\\\' . $match[0][0] . ']*|\\\\.)+(' . $match[0][0] . '|$)~s', $query, $match, PREG_OFFSET_CAPTURE, $match[0][1] + 1);
$offset = $match[0][1] + strlen($match[0][0]);
} else {
$empty = false;
echo "<pre>" . htmlspecialchars(substr($query, 0, $match[0][1])) . "</pre>\n";
$result = mysql_query(substr($query, 0, $match[0][1]));
$query = substr($query, $match[0][1] + strlen($match[0][0]));
$offset = 0;
if (!$result) {
echo "<p class='error'>" . lang('Error in query') . ": " . htmlspecialchars(mysql_error()) . "</p>\n";
} elseif ($result === true) {
//~ if (token_delete()) {
//~ $token = token();
//~ }
echo "<p class='message'>" . lang('Query executed OK, %d row(s) affected.', mysql_affected_rows()) . "</p>\n";
} else {
select($result);
mysql_free_result($result);
}
echo "<tr>";
foreach ($row as $val) {
echo "<td>" . (isset($val) ? nl2br(htmlspecialchars($val)) : "<i>NULL</i>") . "</td>";
}
echo "</tr>\n";
}
echo "</table>\n";
}
mysql_free_result($result);
}
if ($empty) {
echo "<p class='message'>" . lang('No commands to execute.') . "</p>\n";
}
} elseif ($_GET["sql"] == "upload") {
echo "<p class='error'>" . lang('Unable to upload a file.') . "</p>\n";
}
?>
<form action="" method="post">
<form action="<?php echo htmlspecialchars($SELF); ?>sql=" method="post">
<p><textarea name="query" rows="20" cols="80"><?php echo htmlspecialchars($_POST["query"]); ?></textarea></p>
<p><input type="submit" value="<?php echo lang('Execute'); ?>" /></p>
<p><input type="hidden" name="token" value="<?php echo $token; ?>" /><input type="submit" value="<?php echo lang('Execute'); ?>" /></p>
</form>
<?php
if (!ini_get("file_uploads")) {
echo "<p>" . lang('File uploads are disabled.') . "</p>\n";
} else { ?>
<form action="<?php echo htmlspecialchars($SELF); ?>sql=upload" method="post" enctype="multipart/form-data">
<p>
<?php echo lang('File upload'); ?>: <input type="file" name="sql_file" />
<input type="hidden" name="token" value="<?php echo $token; ?>" />
<input type="submit" value="<?php echo lang('Execute'); ?>" />
</p>
</form>
<?php } ?>