0) { $SQL_ARRAY = file($sf); } } function WriteSQL() { global $SQL_ARRAY, $config; $sf = $config['paths']['config'].'sql_statements'; $str = ''; for ($i = 0; $i < count($SQL_ARRAY); ++$i) { $str .= $SQL_ARRAY[$i]; if ("\n" != substr($str, -1) && $i != (count($SQL_ARRAY) - 1)) { $str .= "\n"; } } $fp = fopen($sf, 'wb'); fwrite($fp, $str); fclose($fp); } function SQL_Name($index) { global $SQL_ARRAY; $s = explode('|', $SQL_ARRAY[$index]); return $s[0]; } function SQL_String($index) { global $SQL_ARRAY; if (isset($SQL_ARRAY[$index]) && !empty($SQL_ARRAY[$index])) { $s = explode('|', $SQL_ARRAY[$index], 2); return (isset($s[1])) ? $s[1] : ''; } } function SQL_ComboBox() { global $SQL_ARRAY, $tablename, $nl; $s = ''; if (is_array($SQL_ARRAY) && count($SQL_ARRAY) > 0) { $s = $nl.$nl.''.$nl.$nl; } return $s; } function Table_ComboBox() { global $db, $config, $lang, $nl; $tabellen = mysqli_query($config['dbconnection'], 'SHOW TABLES FROM `'.$db.'`'); $num_tables = 0; if (is_resource($tabellen)) { $num_tables = mysqli_num_rows($tabellen); } $s = $nl.$nl.''.$nl.$nl; return $s; } function TableComboBox($default = '') { global $db, $config, $lang, $nl; $sql = "SHOW TABLES FROM $db"; $tabellen = mod_query($sql); $s = ''.$nl; while ($row = mysqli_fetch_row($tabellen)) { $t = $row[0]; $s .= ''.$nl; } return $s; } function DB_Exists($db) { global $config; if (!isset($config['dbconnection'])) { mod_mysqli_connect(); } $erg = false; $dbs = mod_query('SHOW DATABASES'); while ($row = mysqli_fetch_assoc($dbs)) { if (strtolower($row['Database']) == strtolower($db)) { $erg = true; break; } } return $erg; } function Table_Exists($db, $table) { global $config; if (!isset($config['dbconnection'])) { mod_mysqli_connect(); } $sqlt = "SHOW TABLES FROM `$db`"; $res = mod_query($sqlt); if ($res) { $tables = []; while ($row = mysqli_fetch_row($res)) { $tables[] = $row[0]; } if (in_array($table, $tables)) { return true; } } return false; } function DB_Empty($dbn) { $r = "DROP DATABASE `$dbn`;\nCREATE DATABASE `$dbn`;"; return MOD_DoSQL($r); } function sqlReturnsRecords($sql) { global $mysql_SQLhasRecords; $s = explode(' ', $sql); return in_array(strtoupper($s[0]), $mysql_SQLhasRecords) ? 1 : 0; } function getCountSQLStatements($sql) { $z = 0; $l = strlen($sql); $inQuotes = false; for ($i = 0; $i < $l; ++$i) { if ("'" == $sql[$i] || '"' == $sql[$i]) { $inQuotes = !$inQuotes; } if ((';' == $sql[$i] && false == $inQuotes) || $i == $l - 1) { ++$z; } } return $z; } function splitSQLStatements2Array($sql) { $z = 0; $sqlArr = []; $tmp = ''; $sql = str_replace("\n", '', $sql); $l = strlen($sql); $inQuotes = false; for ($i = 0; $i < $l; ++$i) { $tmp .= $sql[$i]; if ("'" == $sql[$i] || '"' == $sql[$i]) { $inQuotes = !$inQuotes; } if (';' == $sql[$i] && false == $inQuotes) { ++$z; $sqlArr[] = $tmp; $tmp = ''; } } if ('' != trim($tmp)) { $sqlArr[] = $tmp; } return $sqlArr; } function DB_Copy($source, $destination, $drop_source = 0, $insert_data = 1) { global $config; if (!isset($config['dbconnection'])) { mod_mysqli_connect(); } $SQL_Array = $t = ''; if (!DB_Exists($destination)) { $res = MOD_DoSQL("CREATE DATABASE `$destination`;"); if (!$res) { return false; } } $SQL_Array .= "USE `$destination` ;\n"; $sql = "SHOW TABLES FROM $source"; $tabellen = mod_query($sql); while ($row = mysqli_fetch_row($tabellen)) { $table = strtolower($row[0]); $sqlt = "SHOW CREATE TABLE `$source`.`$table`"; $res = mod_query($sqlt); if ($res) { $row = mysqli_fetch_row($res); $c = $row[1]; if (';' == substr($c, -1)) { $c = substr($c, 0, strlen($c) - 1); } $SQL_Array .= (1 == $insert_data) ? "$c SELECT * FROM `$source`.`$table` ;\n" : "$c ;\n"; } else { return false; } } mysqli_select_db($config['dbconnection'], $destination); $res = MOD_DoSQL($SQL_Array); if (1 == $drop_source && $res) { mod_query("DROP DATABASE `$source`;"); } return $res; } function Table_Copy($source, $destination, $insert_data, $destinationdb = '') { global $config; if (!isset($config['dbconnection'])) { mod_mysqli_connect(); } $SQL_Array = $t = ''; $sqlc = "SHOW CREATE TABLE $source"; $res = mod_query($sqlc); $row = mysqli_fetch_row($res); $c = $row[1]; $a1 = strpos($c, '`'); $a2 = strpos($c, '`', $a1 + 1); $c = substr($c, 0, $a1 + 1).$destination.substr($c, $a2); if (';' == substr($c, -1)) { $c = substr($c, 0, strlen($c) - 1); } $SQL_Array .= (1 == $insert_data) ? "$c SELECT * FROM $source ;\n" : "$c ;\n"; //echo "

$SQL_Array

"; MOD_DoSQL($SQL_Array); } function MOD_DoSQL($sqlcommands, $limit = '') { global $config, $out, $numrowsabs, $numrows, $num_befehle, $time_used, $sql; if (!isset($sql['parser']['sql_commands'])) { $sql['parser']['sql_commands'] = 0; } if (!isset($sql['parser']['sql_errors'])) { $sql['parser']['sql_errors'] = 0; } $sql['parser']['time_used'] = getmicrotime(); if (!isset($config['dbconnection'])) { mod_mysqli_connect(); } $out = $sqlcommand = ''; $allSQL = splitSQLStatements2Array($sqlcommands); //explode(';',preg_replace('/\r\n|\n/', '', $sqlcommands)); $sql_queries = count($allSQL); if (!isset($allSQL[$sql_queries - 1])) { --$sql_queries; } if (1 == $sql_queries) { SQLParser($allSQL[0]); ++$sql['parser']['sql_commands']; $out .= Stringformat(($sql['parser']['sql_commands']), 4).': '.$allSQL[0]."\n"; $result = mod_query($allSQL[0]); } else { $result = true; for ($i = 0; $i < $sql_queries; ++$i) { $allSQL[$i] = trim(rtrim($allSQL[$i])); if ('' != $allSQL[$i]) { $sqlcommand .= $allSQL[$i]; $sqlcommand = SQLParser($sqlcommand); if (0 == $sql['parser']['start'] && 0 == $sql['parser']['end'] && '' != $sqlcommand) { //sql complete ++$sql['parser']['sql_commands']; $out .= Stringformat(($sql['parser']['sql_commands']), 4).': '.$sqlcommand."\n"; $result = $result && mod_query($sqlcommand); $sqlcommand = ''; } } } } $sql['parser']['time_used'] = getmicrotime() - $sql['parser']['time_used']; return $result; } function SQLParser($command, $debug = 0) { global $sql; $sql['parser']['start'] = $sql['parser']['end'] = 0; $sql['parser']['sqlparts'] = 0; if (!isset($sql['parser']['drop'])) { $sql['parser']['drop'] = 0; } if (!isset($sql['parser']['create'])) { $sql['parser']['create'] = 0; } if (!isset($sql['parser']['insert'])) { $sql['parser']['insert'] = 0; } if (!isset($sql['parser']['update'])) { $sql['parser']['update'] = 0; } if (!isset($sql['parser']['comment'])) { $sql['parser']['comment'] = 0; } $Backslash = chr(92); $s = rtrim(trim(($command))); //Was ist das für eine Anfrage ? if ('#' == substr($s, 0, 1) || '--' == substr($s, 0, 2)) { ++$sql['parser']['comment']; $s = ''; } elseif ('DROP ' == strtoupper(substr($s, 0, 5))) { ++$sql['parser']['drop']; } elseif ('CREATE ' == strtoupper(substr($s, 0, 7))) { //Hier nur die Anzahl der Klammern zählen $sql['parser']['start'] = 1; $kl1 = substr_count($s, '('); $kl2 = substr_count($s, ')'); if (0 == $kl2 - $kl1) { $sql['parser']['start'] = 0; ++$sql['parser']['create']; } } elseif ('INSERT ' == strtoupper(substr($s, 0, 7)) || 'UPDATE ' == strtoupper(substr($s, 0, 7))) { if ('INSERT ' == strtoupper(substr($s, 0, 7))) { ++$sql['parser']['insert']; } else { ++$sql['parser']['update']; } $i = strpos(strtoupper($s), ' VALUES') + 7; $st = substr($s, $i); $i = strpos($st, '(') + 1; $st = substr($st, $i); $st = substr($st, 0, strlen($st) - 2); $tb = explode(',', $st); for ($i = 0; $i < count($tb); ++$i) { $first = $B_Esc = $B_Ticks = $B_Dashes = 0; $v = trim($tb[$i]); //Ticks + Dashes zählen for ($cpos = 2; $cpos <= strlen($v); ++$cpos) { if ("'" == substr($v, (-1 * $cpos), 1)) { ++$B_Ticks; } else { break; } } for ($cpos = 2; $cpos <= strlen($v); ++$cpos) { if ('"' == substr($v, (-1 * $cpos), 1)) { ++$B_Dashes; } else { break; } } //Backslashes zählen for ($cpos = 2 + $B_Ticks; $cpos <= strlen($v); ++$cpos) { if ('\\' == substr($v, (-1 * $cpos), 1)) { ++$B_Esc; } else { break; } } if ('NULL' == $v && 0 == $sql['parser']['start']) { $sql['parser']['start'] = 1; $sql['parser']['end'] = 1; } if (0 == $sql['parser']['start'] && is_numeric($v)) { $sql['parser']['start'] = 1; $sql['parser']['end'] = 1; } if (0 == $sql['parser']['start'] && '0X' == substr($v, 0, 2) && false == strpos($v, ' ')) { $sql['parser']['start'] = 1; $sql['parser']['end'] = 1; } if (0 == $sql['parser']['start'] && is_object($v)) { $sql['parser']['start'] = 1; $sql['parser']['end'] = 1; } if ("'" == substr($v, 0, 1) && 0 == $sql['parser']['start']) { $sql['parser']['start'] = 1; if (1 == strlen($v)) { $first = 1; } $DELIMITER = "'"; } if ('"' == substr($v, 0, 1) && 0 == $sql['parser']['start']) { $sql['parser']['start'] = 1; if (1 == strlen($v)) { $first = 1; } $DELIMITER = '"'; } if (1 == $sql['parser']['start'] && 1 != $sql['parser']['end'] && 0 == $first) { if (substr($v, -1) == $DELIMITER) { $B_Delimiter = ("'" == $DELIMITER) ? $B_Ticks : $B_Dashes; //ist Delimiter maskiert? if (($B_Esc % 2) == 1 && ($B_Delimiter % 2) == 1 && strlen($v) > 2) { $sql['parser']['end'] = 1; } elseif (($B_Delimiter % 2) == 1 && strlen($v) > 2) { //ist mit `'` maskiert $sql['parser']['end'] = 0; } elseif (($B_Esc % 2) == 1) { //ist mit Backslash maskiert $sql['parser']['end'] = 0; } else { $sql['parser']['end'] = 1; } } } if (1 == $debug) { echo "".$sql['parser']['start'].'/'.$sql['parser']['end']." Feld $i: ".htmlspecialchars($tb[$i]).'- '.$sql['parser']['sqlparts']." ($B_Ticks / $B_Esc)
"; } if (1 == $sql['parser']['start'] && 1 == $sql['parser']['end']) { ++$sql['parser']['sqlparts']; $sql['parser']['start'] = $sql['parser']['end'] = 0; } } } return $s; } function SQLOutput($sqlcommand, $meldung = '') { global $sql, $lang; $s = '

'.$lang['L_SQL_OUTPUT'].'

'; if ('' != $meldung) { $s .= trim($meldung); } if (isset($sql['parser']['sql_commands'])) { $s .= ' '.$sql['parser']['sql_commands'].''.$lang['L_SQL_COMMANDS_IN'].round($sql['parser']['time_used'], 4).$lang['L_SQL_COMMANDS_IN2'].'

'; $s .= $lang['L_SQL_OUT1'].''.$sql['parser']['drop'].' DROP-, '; $s .= ''.$sql['parser']['create'].' CREATE-, '; $s .= ''.$sql['parser']['insert'].' INSERT-, '; $s .= ''.$sql['parser']['update'].' UPDATE-'.$lang['L_SQL_OUT2'].'
'; $s .= $lang['L_SQL_OUT3'].''.$sql['parser']['comment'].' '.$lang['L_SQL_OUT4'].'
'; if ($sql['parser']['sql_commands'] < 50) { $s .= '

'.Highlight_SQL($sqlcommand).'

'; } else { $s .= $lang['L_SQL_OUT5']; } } elseif ('' != $sqlcommand) { $s .= '

'.$lang['L_SQL_OUTPUT'].'

'.Highlight_SQL($sqlcommand).'

'; } return $s.'

'; } function GetCreateTable($db, $tabelle) { global $config; if (!isset($config['dbconnection'])) { mod_mysqli_connect(); } $res = mysqli_query($config['dbconnection'], "SHOW CREATE TABLE `$db`.`$tabelle`"); if ($res) { $row = mysqli_fetch_array($res); if (isset($row['Create Table'])) { return $row['Create Table']; } elseif (isset($row['Create View'])) { return $row['Create View']; } else { return false; } } else { return mysqli_error($config['dbconnection']); } } function KindSQL($sql) { if (preg_match('@^((-- |#)[^\n]*\n|/\*.*?\*/)*(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@im', $sql)) { return 2; } elseif (preg_match('@^((-- |#)[^\n]*\n|/\*.*?\*/)*(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@im', $sql)) { return 1; } } function GetPostParams() { global $db, $dbid, $tablename, $context, $limitstart, $order, $orderdir, $sql; $db = $_POST['db']; $dbid = $_POST['dbid']; $tablename = $_POST['tablename']; $context = $_POST['context']; $limitstart = $_POST['limitstart']; $order = $_POST['order']; $orderdir = $_POST['orderdir']; $sql['sql_statement'] = (isset($_POST['sql_statement'])) ? $_POST['sql_statement'] : "SELECT * FROM `$tablename`"; } // when fieldnames contain spaces or dots they are replaced with underscores // we need to built the same index to get the postet values for inserts and updates function correct_post_index($index) { $index = str_replace(' ', '_', $index); $index = str_replace('.', '_', $index); return $index; } function ComboCommandDump($when, $index, $disabled = '') { global $SQL_ARRAY, $nl, $databases, $lang; if ((is_array($SQL_ARRAY) && 0 == count($SQL_ARRAY)) || !is_array($SQL_ARRAY)) { $r = ''.$lang['L_SQL_BEFEHLE'].''; if (0 == $when) { $r .= ''; } else { $r .= ''; } } else { if (0 == $when) { $r = ''; $csql = $databases['command_after_dump'][$index]; } $r .= ''."\n"; if (is_array($SQL_ARRAY) && count($SQL_ARRAY) > 0) { for ($i = 0; $i < count($SQL_ARRAY); ++$i) { $s = trim(SQL_String($i)); $r .= ''."\n"; } } $r .= ''; } return $r; } function EngineCombo($default = '') { global $config; if (!$config['dbconnection']) { mod_mysqli_connect(); } $r = ''; if (!MOD_NEW_VERSION) { //BDB | HEAP | ISAM | InnoDB | MERGE | MRG_MYISAM | MYISAM $r .= ''; $r .= ''; $r .= ''; $r .= ''; $r .= ''; $r .= ''; $r .= ''; } else { $res = mysqli_query($config['dbconnection'], 'SHOW ENGINES'); $num = mysqli_num_rows($res); for ($i = 0; $i < $num; ++$i) { $row = mysqli_fetch_array($res); $r .= ''; } } return $r; } function CharsetCombo($default = '') { global $config; if (!MOD_NEW_VERSION) { return ''; } else { if (!isset($config['dbconnection'])) { mod_mysqli_connect(); } $res = mysqli_query($config['dbconnection'], 'SHOW Charset'); $num = mysqli_num_rows($res); $r = ''; $charsets = []; for ($i = 0; $i < $num; ++$i) { $charsets[] = mysqli_fetch_array($res); } if (is_array($charsets)) { $charsets = mu_sort($charsets, 'Charset'); foreach ($charsets as $row) { $r .= ''; } } return $r; } } function GetCollationArray() { global $config; if (!isset($config['dbconnection'])) { mod_mysqli_connect(); } $res = mysqli_query($config['dbconnection'], 'SHOW Collation'); $num = mysqli_num_rows($res); $r = []; if (is_array($r)) { for ($i = 0; $i < $num; ++$i) { $row = mysqli_fetch_array($res); $r[$i]['Collation'] = isset($row['Collation']) ? $row['Collation'] : ''; $r[$i]['Charset'] = isset($row['Charset']) ? $row['Charset'] : ''; $r[$i]['Id'] = isset($row['Id']) ? $row['Id'] : ''; $r[$i]['Default'] = isset($row['Default']) ? $row['Default'] : ''; $r[$i]['Compiled'] = isset($row['Compiled']) ? $row['Compiled'] : ''; $r[$i]['Sortlen'] = isset($row['Sortlen']) ? $row['Sortlen'] : ''; } } return $r; } function CollationCombo($default = '', $withcharset = 0) { if (!MOD_NEW_VERSION) { return ''; } else { $r = GetCollationArray(); sort($r); $s = ''; $s = ''; $group = ''; for ($i = 0; $i < count($r); ++$i) { $gc = $r[$i]['Charset']; if ($gc != $group) { $group = $gc; if ($i > 0) { $s .= ''; } $s .= ''; } $s .= ''; } return $s.''; } } function AttributeCombo($default = '') { $s = ''; $s .= ''; $s .= ''; return $s; } function simple_bbcode_conversion($a) { global $config; $tag_start = ''; $tag_end = ''; //replacements $a = nl2br($a); $a = str_replace('
', '
', $a); $a = str_replace('
', '
', $a); $a = preg_replace("/\[url=(.*?)\](.*?)\[\/url\]/si", '$2', $a); $a = preg_replace("/\[urltargetself=(.*?)\](.*?)\[\/urltargetself\]/si", '$2', $a); $a = preg_replace("/\[url\](.*?)\[\/url\]/si", '$1', $a); $a = preg_replace("/\[ed2k=\+(.*?)\](.*?)\[\/ed2k\]/si", '$2', $a); $a = preg_replace("/\[ed2k=(.*?)\](.*?)\[\/ed2k\]/si", '$2', $a); $a = preg_replace("/\[center\](.*?)\[\/center\]/si", '

', $a); $a = preg_replace("/\[size=([1-2]?[0-9])\](.*?)\[\/size\]/si", '$2', $a); $a = preg_replace("/\[size=([1-2]?[0-9]):(.*?)\](.*?)\[\/size(.*?)\]/si", '$3', $a); $a = preg_replace("/\[font=(.*?)\](.*?)\[\/font\]/si", '$2', $a); $a = preg_replace("/\[color=(.*?)\](.*?)\[\/color\]/si", '$2', $a); $a = preg_replace("/\[color=(.*?):(.*?)\](.*?)\[\/color(.*?)\]/si", '$3', $a); $a = preg_replace("/\[img\](.*?)\[\/img\]/si", '

', $a); //$a=preg_replace("/\[b\](.*?)\[\/b\]/si", "$1", $a); $a = preg_replace("/\[b(.*?)\](.*?)\[\/b(.*?)\]/si", '$2', $a); //$a=preg_replace("/\[u\](.*?)\[\/u\]/si", "$1", $a); $a = preg_replace("/\[u(.*?)\](.*?)\[\/u(.*?)\]/si", '$2', $a); //$a=preg_replace("/\[i\](.*?)\[\/i\]/si", "$1", $a); $a = preg_replace("/\[i(.*?)\](.*?)\[\/i(.*?)\]/si", '$2', $a); //$a=preg_replace("/\[quote\](.*?)\[\/quote\]/si", "

", $a); $a = preg_replace("/\[quote(.*?)\](.*?)\[\/quote(.*?)\]/si", '

', $a); $a = preg_replace("/\[code(.*?)\](.*?)\[\/code(.*?)\]/si", '

', $a); $a = preg_replace("/\[hide\](.*?)\[\/hide\]/si", '

', $a); $a = preg_replace("/(^|\s)+((http:\/\/)|(www.))(.+)(\s|$)+/Uis", ' http://$4$5 ', $a); return $tag_start.$a.$tag_end; } function ExtractTablenameFromSQL($q) { global $databases, $db, $dbid; $tablename = ''; if (strlen($q) > 100) { $q = substr($q, 0, 100); } $p = trim($q); // if we get a list of tables - no current table is selected -> return '' if ('SHOW TABLE STATUS' == strtoupper(substr($p, 0, 17))) { return ''; } // check for SELECT-Statement to extract tablename after FROM if ('SELECT ' == strtoupper(substr($p, 0, 7))) { $parts = []; $p = substr($p, strpos(strtoupper($p), 'FROM') + 5); $parts = explode(' ', $p); $p = $parts[0]; } // remove keyword DATABASES and the database name after that $p = preg_replace('/DATABASE [`]*\w+[`]*/i', '', $p); // remove other keywords $suchen = [ 'SHOW DATABASES', 'SHOW ', 'SELECT', 'DROP', 'INSERT', 'UPDATE', 'DELETE', 'CREATE', 'TABLE', 'STATUS', 'FROM', '*', ]; $ersetzen = [ '', '', '', '', '', '', '', '', '', '', '', '', ]; $cleaned = trim(str_ireplace($suchen, $ersetzen, $p)); $tablename = $cleaned; if (strpos($cleaned, ' ')) { $tablename = substr($cleaned, 0, strpos($cleaned, ' ')); } $tablename = str_replace('`', '', $tablename); // remove backticks // take care of db-name.tablename if (strpos($tablename, '.')) { $p = explode('.', $tablename); $databases['db_actual'] = $p[0]; // if database is changed in Query we need to get the index of the actual db $db_temp = array_flip($databases['Name']); if (isset($db_temp[$databases['db_actual']])) { $databases['db_selected_index'] = $db_temp[$databases['db_actual']]; $dbid = $databases['db_selected_index']; } if (isset($_GET['tablename'])) { unset($_GET['tablename']); } //echo "
" . $db; $tablename = $p[1]; } // if (Table_Exists($databases['db_actual'], $tablename)) return $tablename; // else return ''; return $tablename; } function GetOptionsCombo($arr, $default) { global $feldtypen, $feldattribute, $feldnull, $feldextras, $feldkeys, $feldrowformat; $r = ''; foreach ($arr as $s) { $r .= ''."\n"; } return $r; } function make_options($arr, $selected) { $r = ''; foreach ($arr as $key => $val) { $r .= '