dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
fusionpbx/app/exec/sql_query_result.php

345 lines
9.9 KiB
PHP
Raw Normal View History

SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
<?php
/*
FusionPBX
Version: MPL 1.1
The contents of this file are subject to the Mozilla Public License Version
1.1 (the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
for the specific language governing rights and limitations under the
License.
The Original Code is FusionPBX
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Update sql_query_result.php
2019-04-17 17:38:54 +02:00
Portions created by the Initial Developer are Copyright (C) 2008-2019
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
the Initial Developer. All Rights Reserved.
Contributor(s):
Mark J Crane <markjcrane@fusionpbx.com>
*/
Update sql_query_result.php Prevent php warnings.
2016-12-01 13:40:51 +01:00
//includes
include "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
//check permissions
if (permission_exists('exec_sql')) {
//access granted
}
else {
echo "access denied";
exit;
}
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
//add multi-lingual support
$language = new text;
$text = $language->get();
//pdo database connection
if (strlen($_REQUEST['id']) > 0) {
require_once "sql_query_pdo.php";
}
Update sql_query_result.php
2019-04-25 18:36:47 +02:00
//check the captcha
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
$code = trim($_REQUEST["code"]);
Update sql_query_result.php
2019-04-25 18:36:47 +02:00
$command_authorized = false;
if (strtolower($_SESSION['captcha']) == strtolower($code)) {
$command_authorized = true;
}
if (!$command_authorized) {
Update sql_query_result.php
2019-04-27 17:37:26 +02:00
//catpcha invalid
Update sql_query_result.php
2019-04-25 18:36:47 +02:00
exit;
}
Update sql_query_result.php
2019-09-06 20:36:54 +02:00
//get allowed table names
switch ($db_type) {
case 'sqlite': $sql = "select name from sqlite_master where type='table' order by name;"; break;
case 'pgsql': $sql = "select table_name as name from information_schema.tables where table_schema='public' and table_type='BASE TABLE' order by table_name"; break;
case 'mysql': $sql = "show tables"; break;
}
$database = new database;
$rows = $database->select($sql, null, 'all');
if (is_array($rows) && @sizeof($rows) != 0) {
foreach ($rows as $row) {
$tables[] = $row['name'];
}
}
unset($sql, $rows, $row);
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
//show the content
if (is_array($_POST)) {
$sql_type = trim($_POST["sql_type"]);
$sql_cmd = trim($_POST["command"]);
$table_name = trim($_POST["table_name"]);
$header = "<html>\n";
$header .= "<head>\n";
$header .= "<style type='text/css'>\n";
$header .= "\n";
$header .= "body {\n";
$header .= " font-family: arial;\n";
$header .= " font-size: 12px;\n";
$header .= " color: #444;\n";
$header .= "}\n";
$header .= "\n";
$header .= "th {\n";
$header .= " border-top: 1px solid #444;\n";
$header .= " border-bottom: 1px solid #444;\n";
$header .= " color: #fff;\n";
$header .= " font-size: 12px;\n";
$header .= " font-family: arial;\n";
$header .= " font-weight: bold;\n";
$header .= " background-color: #777;\n";
$header .= " padding: 4px 7px;\n";
$header .= " text-align: left;\n";
$header .= "}\n";
$header .= "\n";
$header .= ".row_style0 {\n";
$header .= " background-color: #eee;\n";
$header .= " border-bottom: 1px solid #999;\n";
$header .= " border-left: 1px solid #fff;\n";
$header .= " font-size: 12px;\n";
$header .= " color: #444;\n";
$header .= " text-align: left;\n";
$header .= " padding: 4px 7px;\n";
$header .= " text-align: left;\n";
$header .= " vertical-align: top;\n";
$header .= "}\n";
$header .= "\n";
$header .= ".row_style0 a:link{ color:#444; }\n";
$header .= ".row_style0 a:visited{ color:#444; }\n";
$header .= ".row_style0 a:hover{ color:#444; }\n";
$header .= ".row_style0 a:active{ color:#444; }\n";
$header .= "\n";
$header .= ".row_style1 {\n";
$header .= " border-bottom: 1px solid #999;\n";
$header .= " border-left: 1px solid #eee;\n";
$header .= " background-color: #fff;\n";
$header .= " font-size: 12px;\n";
$header .= " color: #444;\n";
$header .= " text-align: left;\n";
$header .= " padding: 4px 7px;\n";
$header .= " text-align: left;\n";
$header .= " vertical-align: top;\n";
$header .= "}\n";
$header .= "</style>";
$header .= "</head>\n";
$header .= "<body style='margin: 0; padding: 8;'>\n";
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
$footer = "<body>\n";
$footer .= "<html>\n";
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
if ($sql_type == '') {
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
echo $header;
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
$c = 0;
$row_style["0"] = "row_style0";
$row_style["1"] = "row_style1";
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
//determine queries to run and show
if ($sql_cmd != '') { $sql_array = array_filter(explode(";", $sql_cmd)); }
Update sql_query_result.php
2019-09-06 20:36:54 +02:00
if ($table_name != '' && in_array($table_name, $tables)) { $sql_array[] = "select * from ".$table_name; }
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
$show_query = (sizeof($sql_array) > 1) ? true : false;
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
if (is_array($sql_array)) foreach($sql_array as $sql_index => $sql) {
$sql = trim($sql);
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
if (sizeof($sql_array) > 1 || $show_query) {
if ($sql_index > 0) { echo "<br /><br /><br />"; }
Command: Database class integration.
2019-08-07 01:35:45 +02:00
echo "<span style='display: block; font-family: monospace; padding: 8px; color: green; background-color: #eefff0;'>".escape($sql).";</span><br />";
Update sql_query_result.php Prevent php warnings.
2016-12-01 13:40:51 +01:00
}
Command: Database class integration.
2019-08-07 01:35:45 +02:00
$database = new database;
$result = $database->execute($sql, null, 'all');
$message = $database->message;
if ($message['message'] == 'OK' && $message['code'] == 200) {
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
echo "<b>".$text['label-records'].": ".count($result)."</b>";
echo "<br /><br />\n";
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
}
Command: Database class integration.
2019-08-07 01:35:45 +02:00
else {
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
echo "<b>".$text['label-error']."</b>";
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
echo "<br /><br />\n";
Command: Database class integration.
2019-08-07 01:35:45 +02:00
echo $message['message'].' ['.$message['code']."]<br />\n";
if (is_array($message['error']) && @sizeof($message['error']) != 0) {
foreach ($message['error'] as $error) {
echo "<pre>".$error."</pre><br /><br />\n";
}
}
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
}
Command: Database class integration.
2019-08-07 01:35:45 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
$x = 0;
Update sql_query_result.php Prevent php warnings.
2016-12-01 13:40:51 +01:00
if (is_array($result[0])) {
Command: Database class integration.
2019-08-07 01:35:45 +02:00
echo "<thead>\n";
echo " <tr>\n";
Update sql_query_result.php Prevent php warnings.
2016-12-01 13:40:51 +01:00
foreach ($result[0] as $key => $value) {
Command: Database class integration.
2019-08-07 01:35:45 +02:00
echo "<th>".escape($key)."</th>\n";
Update sql_query_result.php Prevent php warnings.
2016-12-01 13:40:51 +01:00
$column_array[$x++] = $key;
}
Command: Database class integration.
2019-08-07 01:35:45 +02:00
echo " </tr>\n";
echo "</thead>\n";
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
}
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
$x = 1;
if (is_array($result)) {
Command: Database class integration.
2019-08-07 01:35:45 +02:00
echo "<tbody>\n";
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
foreach ($result as &$row) {
if ($x++ > 1000) { break; }
echo "<tr>\n";
if (is_array($column_array)) {
foreach ($column_array as $column_index => $column) {
Command: Database class integration.
2019-08-07 01:35:45 +02:00
echo "<td class='".$row_style[$c]."' ".(($column_index == 0) ? "style='border-left: none;'" : null).">".escape($row[$column])."&nbsp;</td>\n";
Update sql_query_result.php Prevent php warnings.
2016-12-01 13:40:51 +01:00
}
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
}
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
echo "</tr>\n";
$c = ($c == 0) ? 1 : 0;
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
}
Command: Database class integration.
2019-08-07 01:35:45 +02:00
echo "</tbody>\n";
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
}
echo "</table>\n";
echo "<br>\n";
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
unset($result, $column_array);
}
echo $footer;
}
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
if ($sql_type == "inserts") {
echo $header;
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
$sql = trim($sql);
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
//get the table data
Update sql_query_result.php
2019-09-06 20:36:54 +02:00
$sql = (strlen($sql_cmd) == 0 && in_array($table_name, $tables)) ? "select * from ".$table_name : $sql_cmd;
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
if (strlen($sql) > 0) {
Command: Database class integration.
2019-08-07 01:35:45 +02:00
$database = new database;
$result = $database->execute($sql);
$message = $database->message;
if ($message['message'] != 'OK' || $message['code'] != 200) {
echo "<b>".$text['label-error']."</b>";
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
echo "<br /><br />\n";
Command: Database class integration.
2019-08-07 01:35:45 +02:00
echo $message['message'].' ['.$message['code']."]<br />\n";
if (is_array($message['error']) && @sizeof($message['error']) != 0) {
foreach ($message['error'] as $error) {
echo "<pre>".$error."</pre><br /><br />\n";
}
}
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
exit;
}
Command: Database class integration.
2019-08-07 01:35:45 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
$x = 0;
if (is_array($result[0])) {
foreach ($result[0] as $key => $value) {
$column_array[$x++] = $key;
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
}
}
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
$column_array_count = count($column_array);
Update sql_query_result.php
2019-09-06 20:36:54 +02:00
if (is_array($result)) {
foreach ($result as $index => &$row) {
echo "<div style='font-family: monospace; border-bottom: 1px solid #ccc; padding-bottom: 8px; ".($index != 0 ? 'padding-top: 8px;' : null)."'>\n";
echo "insert into ".$table_name." (";
if (is_array($column_array)) {
foreach ($column_array as $column) {
if ($column != "menuid" && $column != "menuparentid") {
$columns[] = $column;
}
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
}
}
Update sql_query_result.php
2019-09-06 20:36:54 +02:00
if (is_array($columns) && sizeof($columns) > 0) {
echo implode(', ', $columns);
}
echo ") values (";
if (is_array($column_array)) {
foreach ($column_array as $column) {
if ($column != "menuid" && $column != "menuparentid") {
$values[] = $row[$column] != '' ? "'".escape($row[$column])."'" : 'null';
}
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
}
}
Update sql_query_result.php
2019-09-06 20:36:54 +02:00
if (is_array($values) && sizeof($values) > 0) {
echo implode(', ', $values);
}
echo ");\n";
echo "</div>\n";
unset($columns, $values);
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
}
Command: Fix SQL insert statement generation (insert comma after null, use single-quotes instead of double).
2016-06-07 01:24:08 +02:00
}
Command: Database class integration.
2019-08-07 01:35:45 +02:00
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
}
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
echo $footer;
}
Update sql_query_result.php
2019-08-09 17:55:24 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
if ($sql_type == "csv") {
Update sql_query_result.php
2019-07-11 20:20:46 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
//set the headers
header('Content-type: application/octet-binary');
Update sql_query_result.php
2019-07-11 20:20:46 +02:00
if (strlen($sql_cmd) > 0) {
header('Content-Disposition: attachment; filename=data.csv');
}
Update sql_query_result.php
2019-09-06 20:36:54 +02:00
else if (in_array($table_name, $tables)) {
header('Content-Disposition: attachment; filename='.$table_name.'.csv');
Update sql_query_result.php
2019-07-11 20:20:46 +02:00
}
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
//get the table data
Update sql_query_result.php
2019-07-11 20:20:46 +02:00
if (strlen($sql_cmd) > 0) {
$sql = $sql_cmd;
}
Update sql_query_result.php
2019-09-06 20:36:54 +02:00
else if (in_array($table_name, $tables)) {
Update sql_query_result.php
2019-07-11 20:20:46 +02:00
$sql = "select * from ".$table_name;
}
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
if (strlen($sql) > 0) {
Command: Database class integration.
2019-08-07 01:35:45 +02:00
$database = new database;
$result = $database->execute($sql);
$message = $database->message;
if ($message['message'] != 'OK' || $message['code'] != 200) {
echo "<b>".$text['label-error']."</b>";
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
echo "<br /><br />\n";
Command: Database class integration.
2019-08-07 01:35:45 +02:00
echo $message['message'].' ['.$message['code']."]<br />\n";
if (is_array($message['error']) && @sizeof($message['error']) != 0) {
foreach ($message['error'] as $error) {
echo "<pre>".$error."</pre><br /><br />\n";
}
}
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
exit;
}
Update sql_query_result.php
2019-07-11 20:20:46 +02:00
//build the column array
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
$x = 0;
if (is_array($result[0])) {
foreach ($result[0] as $key => $value) {
Update sql_query_result.php
2019-07-11 20:20:46 +02:00
$column_array[$x] = $key;
$x++;
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
}
}
Update sql_query_result.php
2019-07-11 20:20:46 +02:00
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
//column names
Update sql_query_result.php
2019-07-11 20:20:46 +02:00
echo '"'.implode('","', $column_array).'"'."\r\n";
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
//column values
if (is_array($result)) {
foreach ($result as &$row) {
$x = 1;
foreach ($column_array as $column) {
Update sql_query_result.php
2019-09-06 20:36:54 +02:00
echo '"'.$row[$column].'"'.($x++ < count($column_array) ? ',' : null);
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
}
echo "\n";
Update sql_query_result.php Prevent php warnings.
2016-12-01 13:40:51 +01:00
}
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
}
}
Update sql_query_result.php
2019-04-27 16:40:12 +02:00
}
SQL Query: Removed. Command: Integrate SQL Query functionality within Command app. (Note: Permission and Menu modifications - please Restore Defaults)
2016-03-19 06:18:00 +01:00
}
Update sql_query_result.php
2019-09-06 20:36:54 +02:00
?>