Files
#jpgraph
#pma
CKEditor_4.6.1
Date
backup
bibelpopup
classes
config
fetch_bibel
fetch_chorbuch
html2pdf-master
html2pdf_v4.03
images
jpgraph
kalender
language
lib
lieder
livesearch
msd
msd2
msd
ReadMe
css
images
inc
js
language
msd_cron
tpl
config.php
config.php_orig
config_overview.php
dump.php
filemanagement.php
help.php
index.php
install.php
log.php
main.php
menu.php
refresh_dblist.php
restore.php
sql.php
myoos
phpBB3
tracking
wordpress
.gitattributes
.gitignore
README.md
willkommen.txt
overlib
pma
templates
templates_c
validation
++ Umstellung Luther 2017.sql
.gitattributes
.htaccess
Version8_bugs.txt
ajax.js_20170928
ansicht.php
ansicht.php_20200212
ansicht.php_20200915
ansicht.php_lut84_20180219
ansicht2.php
ansicht2.php_20200212
ansicht2.php_20200915
ansicht2.php_lut84_20180219
ausgabe.php
bes_gd.php
bibellookup.php_lut84_20180219
bibellookup_1984.php
bibellookup_2017.php
bibellookup_2017.php_20200212
changelog.php
config.inc.php
copy.js
faq_text.php
faq_text_ber.php
favicon.ico
fetch_data.php
ftp_ansicht.php
ftp_ansicht.php_20181214
func_agent.php
func_ansicht.php
func_ansicht.php_20200212
func_ansicht.php_20200915
func_ansicht.php_lut84_20180219
func_genUser.php
func_highlight.php
func_htmlclean.php
func_make_knk.php
func_make_knk_fa.php
func_make_knk_fa.php_lut84_20180219
func_make_reference_fa.php
func_make_reference_fa.php_lut84_20180219
func_rollenrechte.php
func_rollenrechte_20220202.php
func_write_lue_kat.php
further_publication.php
getSubCat.php
graph.php
graph_einzel.php
graph_hauptframe.php
graph_user.php
graph_user_hauptframe.php
hauptframe.php
hello.cgi
hello.pl
hilfe.php
historie.php
index.php
index2.php
indexframe.php
info.php
job_mail_delete_neue_user.php
job_mail_inaktiv.php
job_user_delete_neue_user.php
job_user_inaktiv.php
jquery.min.js
kat_cont.php
kat_cont.php_20201230
kat_cont.php_20221013
kat_cont_fa.php
kat_main.php
kat_main.php_lut84_20180219
kat_main_fa.php
kat_main_fa.php_lut84_20180219
katechismus.php
katechismus_fa.php
lesung.php
lieder.php
lieder.zip
livesearch.php
livestat.js
livestat.php
livestat2.php
login_log.php
logininfo.php
logout_admin.php
lue_ansicht.php
lue_bearbeiten.php
lue_erfassen.php
lue_inhalt.php
lue_inhalt.php_20200915
lue_inhalt.php_lut84_20180219
lue_notizen.php
lue_suche.php
lue_wahl.php
mail.php
make_ical.php
menuframe.php
nachsenden.php
notizen.php
outlook.php
outlook.php_20200212
outlook_ics.php
outlook_vcs.php
passwort_switch.php
pdf_gen.php
pdf_gen.php_20200915
pdf_gen.php_lut84_20180219
preview.php
profil.php
rollen.php
search_note.php
stichworte.php
suche.php
suche.php_20170928
suche_change.php
suche_simp.php
systemmail.php
test.php
test2.php
testmail.php
testmail2.php
topframe.php
upload.php
user_anlegen.php
user_bearbeiten.php
useronline.php
verweise.php
wort_bearbeiten.php
wort_bearbeiten.php_20170928
wort_erfassen.php
wort_erfassen.php_20170928
wort_exegese.php
wort_wahl.php
Leitgedanken/msd2/msd/sql.php
2023-01-23 11:03:31 +01:00

318 lines
11 KiB
PHP

<?php
/* ----------------------------------------------------------------------
MyOOS [Dumper]
http://www.oos-shop.de/
Copyright (c) 2016 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
MySqlDumper
http://www.mysqldumper.de
Copyright (C)2004-2011 Daniel Schlichtholz (admin@mysqldumper.de)
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
define('OOS_VALID_MOD', true);
if (!@ob_start("ob_gzhandler")) @ob_start();
$download = (isset($_POST['f_export_submit']) && (isset($_POST['f_export_sendresult']) && $_POST['f_export_sendresult'] == 1));
include ('./inc/header.php');
include ('language/'.$config['language'].'/lang.php');
include ('language/'.$config['language'].'/lang_sql.php');
include ('./inc/functions_sql.php');
include ('./'.$config['files']['parameter']);
include ('./inc/template.php');
include ('./inc/define_icons.php');
$key = '';
// stripslashes and trimming is done in runtime.php which is included and executet above
if (isset($_GET['rk']))
{
$rk = urldecode($_GET['rk']);
$key = urldecode($rk);
if (!$rk = @unserialize($key)) $rk = $key;
}
else
$rk = '';
$mode = isset($_GET['mode']) ? $_GET['mode'] : '';
if (isset($_GET['recordkey']))
{
$recordkey = $_GET['recordkey'];
$key = isset($_GET['recordkey']) ? urldecode($recordkey) : $recordkey;
if (!$recordkey = @unserialize(urldecode($key))) $recordkey = urldecode($key);
}
if (isset($_POST['recordkey'])) $recordkey = urldecode($_POST['recordkey']);
$context = (!isset($_GET['context'])) ? 0 : $_GET['context'];
$context = (!isset($_POST['context'])) ? $context : $_POST['context'];
if (!$download)
{
echo MSDHeader();
ReadSQL();
echo '<script language = "JavaScript" type = "text/javascript">
var auswahl = "document.getElementsByName(\"f_export_tables[]\")[0]";
var msg1 = "'.$lang['L_SQL_NOTABLESSELECTED'].'";
</script>';
}
//Variabeln
$mysql_help_ref = 'http://dev.mysql.com/doc/';
$mysqli_errorhelp_ref = 'http://dev.mysql.com/doc/mysql/en/error-handling.html';
$no_order = false;
$tdcompact = (isset($_GET['tdc'])) ? $_GET['tdc'] : $config['interface_table_compact'];
$db = (!isset($_GET['db'])) ? $databases['db_actual'] : $_GET['db'];
$dbid = (!isset($_GET['dbid'])) ? $databases['db_selected_index'] : $_GET['dbid'];
$context = (!isset($_GET['context'])) ? 0 : $_GET['context'];
$context = (!isset($_POST['context'])) ? $context : $_POST['context'];
$tablename = (!isset($_GET['tablename'])) ? '' : $_GET['tablename'];
$limitstart = (isset($_POST['limitstart'])) ? intval($_POST['limitstart']) : 0;
if (isset($_GET['limitstart'])) $limitstart = intval($_GET['limitstart']);
$orderdir = (!isset($_GET['orderdir'])) ? '' : $_GET['orderdir'];
$order = (!isset($_GET['order'])) ? '' : $_GET['order'];
$sqlconfig = (isset($_GET['sqlconfig'])) ? 1 : 0;
$norder = ($orderdir == "DESC") ? 'ASC' : 'DESC';
$sql['order_statement'] = ($order != '') ? ' ORDER BY `'.$order.'` '.$norder : '';
$sql['sql_statement'] = (isset($_GET['sql_statement'])) ? urldecode($_GET['sql_statement']) : '';
if (isset($_POST['sql_statement'])) $sql['sql_statement'] = $_POST['sql_statement'];
$showtables = (!isset($_GET['showtables'])) ? 0 : $_GET['showtables'];
$limit = $add_sql = '';
$bb = (isset($_GET['bb'])) ? $_GET['bb'] : -1;
if (isset($_POST['tablename'])) $tablename = $_POST['tablename'];
$search = (isset($_GET['search'])) ? $_GET['search'] : 0;
//SQL-Statement geposted
if (isset($_POST['execsql']))
{
$sql['sql_statement'] = (isset($_POST['sqltextarea'])) ? $_POST['sqltextarea'] : '';
$db = $_POST['db'];
$dbid = $_POST['dbid'];
$tablename = $_POST['tablename'];
if (isset($_POST['tablecombo']) && $_POST['tablecombo']>'')
{
$sql['sql_statement'] = $_POST['tablecombo'];
$tablename = ExtractTablenameFromSQL($sql['sql_statement']);
}
if (isset($_POST['sqltextarea']) && $_POST['sqltextarea']>'') $tablename = ExtractTablenameFromSQL($_POST['sqltextarea']);
if ($tablename == '') $tablename = ExtractTablenameFromSQL($sql['sql_statement']);
}
if ($sql['sql_statement'] == '')
{
if ($tablename != '' && $showtables == 0)
{
$sql['sql_statement'] = "SELECT * FROM `$tablename`";
}
else
{
$sql['sql_statement'] = "SHOW TABLE STATUS FROM `$db`";
$showtables = 1;
}
}
//sql-type
$sql_to_display_data = 0;
$Anzahl_SQLs = getCountSQLStatements($sql['sql_statement']);
$sql_to_display_data = sqlReturnsRecords($sql['sql_statement']);
if ($Anzahl_SQLs>1) $sql_to_display_data = 0;
if ($sql_to_display_data == 1)
{
//nur ein SQL-Statement
$limitende = ($limitstart+$config['sql_limit']);
//Darf editiert werden?
$no_edit = (strtoupper(substr($sql['sql_statement'],0,6)) != "SELECT"||$showtables == 1||preg_match('@^((-- |#)[^\n]*\n|/\*.*?\*/)*(UNION|JOIN)@im',$sql['sql_statement']));
if ($no_edit) $no_order = true;
//Darf sortiert werden?
$op = strpos(strtoupper($sql['sql_statement'])," ORDER ");
if ($op>0)
{
//is order by last ?
$sql['order_statement'] = substr($sql['sql_statement'],$op);
if (strpos($sql['order_statement'],')')>0) $sql['order_statement'] = '';
else
$sql['sql_statement'] = substr($sql['sql_statement'],0,$op);
}
}
if (isset($_POST['tableselect']) && $_POST['tableselect'] != '1') $tablename = $_POST['tableselect'];
MSD_mysql_connect();
mysqli_select_db($config['dbconnection'], $db);
///*** EDIT / UPDATES / INSERTS ***///
///*** ***///
// handle update action after submitting it
if (isset($_POST['update'])||isset($_GET['update']))
{
GetPostParams();
$f = explode('|',$_POST['feldnamen']);
$sqlu = 'UPDATE `'.$_POST['db'].'`.`'.$tablename.'` SET ';
for ($i = 0; $i<count($f); $i++)
{
$index = isset($_POST[$f[$i]]) ? $f[$i] : correct_post_index($f[$i]);
// Check if field is set to null
if (isset($_POST['null_'.$index]))
{
// Yes, set it to NULL in Querystring
$sqlu .= '`'.$f[$i].'` = NULL, ';
}
else
$sqlu .= '`'.$f[$i].'` = \''.db_escape(convert_to_latin1($_POST[$index])).'\', ';
}
$sqlu = substr($sqlu,0,strlen($sqlu)-2).' WHERE '.$recordkey;
$res = MSD_query($sqlu);
$msg = '<p class = "success">'.$lang['L_SQL_RECORDUPDATED'].'</p>';
if (isset($mode) && $mode == 'searchedit') $search = 1;
$sql_to_display_data = 1;
}
// handle insert action after submitting it
if (isset($_POST['insert']))
{
GetPostParams();
$f = explode('|',$_POST['feldnamen']);
$sqlu = 'INSERT INTO `'.$tablename.'` SET ';
for ($i = 0; $i<count($f); $i++)
{
$index = isset($_POST[$f[$i]]) ? $f[$i] : correct_post_index($f[$i]);
if (isset($_POST['null_'.$index]))
{
// Yes, set it to NULL in Querystring
$sqlu .= '`'.$f[$i].'` = NULL, ';
}
else
$sqlu .= '`'.$f[$i].'` = \''.db_escape(convert_to_latin1($_POST[$index])).'\', ';
}
$sqlu = substr($sqlu,0,strlen($sqlu)-2);
$res = MSD_query($sqlu);
$msg = '<p class = "success">'.$lang['L_SQL_RECORDINSERTED'].'</p>';
$sql_to_display_data = 1;
}
if (isset($_POST['cancel'])) GetPostParams();
//Tabellenansicht
$showtables = (substr(strtoupper($sql['sql_statement']),0,10) == 'SHOW TABLE') ? 1 : 0;
$tabellenansicht = (substr(strtoupper($sql['sql_statement']),0,5) == 'SHOW ') ? 1 : 0;
if (!isset($limitstart)) $limitstart = 0;
$limitende = $config['sql_limit'];
if (strtolower(substr($sql['sql_statement'],0,6)) == 'select') $limit = ' LIMIT '.$limitstart.', '.$limitende.';';
$params = "sql.php?db=".$db."&amp;tablename=".$tablename."&amp;dbid=".$dbid.'&amp;context='.$context.'&amp;sql_statement='.urlencode($sql['sql_statement']).'&amp;tdc='.$tdcompact.'&amp;showtables='.$showtables;
if ($order != "") $params .= "&amp;order=".$order."&amp;orderdir=".$orderdir.'&amp;context='.$context;
if ($bb>-1) $params .= "&amp;bb=".$bb;
$aus = headline($lang['L_SQL_BROWSER']);
if ($search == 0 && !$download)
{
echo $aus;
$aus = '';
include ('./inc/sqlbrowser/sqlbox.php');
if ($mode>'' && $context == 0)
{
if (isset($recordkey) && $recordkey>'') $rk = urldecode($recordkey);
if (isset($_GET['tablename'])) $tablename = $_GET['tablename'];
if ($mode == 'kill'||$mode == 'kill_view')
{
if ($showtables == 0)
{
$sqlk = "DELETE FROM `$tablename` WHERE ".$rk." LIMIT 1";
$res = MSD_query($sqlk);
//echo "<br>".$sqlk;
$aus .= '<p class = "success">'.$lang['L_SQL_RECORDDELETED'].'</p>';
}
else
{
$sqlk = "DROP TABLE `$rk`";
if ($mode == 'kill_view') $sqlk = 'DROP VIEW `'.$rk.'`';
$res = MSD_query($sqlk);
$aus .= '<p class = "success">'.sprintf($lang['L_SQL_RECORDDELETED'],$rk).'</p>';
}
}
if ($mode == "empty")
{
if ($showtables != 0)
{
$sqlk = "TRUNCATE `$rk`";
$res = MSD_query($sqlk);
$aus .= '<p class = "success">'.sprintf($lang['L_SQL_TABLEEMPTIED'],$rk).'</p>';
}
}
if ($mode == "emptyk")
{
if ($showtables != 0)
{
$sqlk = "TRUNCATE `$rk`;";
$res = MSD_query($sqlk);
$sqlk = "ALTER TABLE `$rk` AUTO_INCREMENT = 1;";
$res = MSD_query($sqlk);
$aus .= '<p class = "success">'.sprintf($lang['L_SQL_TABLEEMPTIEDKEYS'],$rk).'</p>';
}
}
$javascript_switch = '<script language = "javascript" type = "text/javascript">
function switch_area(textarea)
{
var t = document.getElementById(\'area_\'+textarea);
var c = document.getElementById(\'null_\'+textarea);
if (c.checked == true) { t.className = "off";t.disabled = true; }
else { t.className = "";t.disabled = false; }
}
</script>';
if ($mode == 'edit'||$mode == 'searchedit') include ('./inc/sqlbrowser/sql_record_update_inputmask.php');
if ($mode == 'new') include ('./inc/sqlbrowser/sql_record_insert_inputmask.php');
}
if ($context == 0) include_once ('./inc/sqlbrowser/sql_dataview.php');
if ($context == 1) include ('./inc/sqlbrowser/sql_commands.php');
if ($context == 2) include ('./inc/sqlbrowser/sql_tables.php');
if ($context == 3) include ('./inc/sql_tools.php');
}
if ($context == 4) include ('./inc/sql_importexport.php');
if ($search == 1) include ('./inc/sqlbrowser/mysql_search.php');
if (!$download)
{
?>
<script language = "JavaScript" type = "text/javascript">
function BrowseInput(el)
{
var txt = document.getElementsByName('imexta')[0].value;
var win = window.open('about:blank','MSD_Output','resizable = 1,scrollbars = yes');
win.document.write(txt);
win.document.close();
win.focus();
}
</script>
<?php
echo '<br><br><br>';
echo MSDFooter();
ob_end_flush();
}
function FormHiddenParams()
{
global $db,$dbid,$tablename,$context,$limitstart,$order,$orderdir;
$s = '<input type = "hidden" name = "db" value = "'.$db.'">';
$s .= '<input type = "hidden" name = "dbid" value = "'.$dbid.'">';
$s .= '<input type = "hidden" name = "tablename" value = "'.$tablename.'">';
$s .= '<input type = "hidden" name = "context" value = "'.$context.'">';
$s .= '<input type = "hidden" name = "limitstart" value = "'.$limitstart.'">';
$s .= '<input type = "hidden" name = "order" value = "'.$order.'">';
$s .= '<input type = "hidden" name = "orderdir" value = "'.$orderdir.'">';
return $s;
}