head	1.6;
access;
symbols
	Initial:1.1.1.1 bule:1.1.1;
locks; strict;
comment	@# @;


1.6
date	2003.10.20.00.21.46;	author bule;	state Exp;
branches;
next	1.5;

1.5
date	2003.10.18.00.33.42;	author bule;	state Exp;
branches;
next	1.4;

1.4
date	2003.10.06.00.39.27;	author bule;	state Exp;
branches;
next	1.3;

1.3
date	2003.10.01.06.51.30;	author bule;	state Exp;
branches;
next	1.2;

1.2
date	2003.08.19.19.24.21;	author bule;	state Exp;
branches;
next	1.1;

1.1
date	2003.08.12.19.18.23;	author bule;	state Exp;
branches
	1.1.1.1;
next	;

1.1.1.1
date	2003.08.12.19.18.23;	author bule;	state Exp;
branches;
next	;


desc
@@


1.6
log
@*** empty log message ***
@
text
@<?
session_start();
require_once("../php/Indonesia.php");
require_once("../php/Web.php");
//////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////
// Project Name: Bahasa Indonesia Dictionary
// Directory:    bahasa/web
// File Name:    sql.php
// Author(s):    John L. Whiteman
// Created:      June 23, 2003  
// Modified:     October 19, 2003
// Description:  The purpose of this restricted access PHP web 
//               client page is allow an administrator to run
//               custom SQL commands against the database. 
// 
// Copyright (c) 2003 John L. Whiteman
//
// Permission is herby granted, free of charge, to any person obtaining a 
// copy of this software, data, and associated documentation files 
// (the "Software"), to deal in the Software without restriction, 
// including without limitation the rights to use, copy, modify, merge, 
// publish, distribute, sublicense, and/or sell copies of Software, and to
// permit persons to whom the Software is furnished to do so, subject to 
// the following conditions:
//
// The above copyright notice and this permission notice shall be 
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR 
// ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHERE IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING IN THE SOFTWARE.  
//////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////
$web = new Web();

if (!$_SESSION['ADMIN']) {

	$web->redirect("login.php");

	exit;
}

if ($_SESSION['NODUP_SQL']) {

	unset($_SESSION['NODUP_SQL']);

	$web->redirect("admin.php");

	exit;
}

$indonesia = new Indonesia();

$status = $indonesia->get_dictionary_status();

if ($status["status"] == 1 || $status["status"] == 2) {

	$web->redirect("admin.php");

	exit;
}

?>
<html>
<head>
<title>Bahasa Indonesia Dictionary: SQL</title>

<link href="bahasa.css" rel="stylesheet" type="text/css">

<script type="text/javascript" src="bahasa.js"></script>

<script language="Javascript" type="text/javascript"> 
<!--
//////////////////////////////////////////////////////////////////////////////
function verify() {

	statement = document.sql.statement.value;

	statement = trim(statement);

	if (is_white_space(statement)) {

		alert("You must enter a SQL value!");

		document.sql.statement.focus();

		return(false);
	}

	name = document.sql.name.value;

	name = trim(name);

	if (is_white_space(name)) {

		alert("You must enter a name value!");

		document.sql.name.focus();

		return(false);
	}

	password = document.sql.password.value;

	if (is_white_space(password)) {

		alert("You must enter a password value!");

		document.sql.password.focus();

		return(false);
	}

	return(true);
}
//////////////////////////////////////////////////////////////////////////////
// -->
</script>
</head>
<body>
<?
$web->show_logo("SQL");
?>
<a href="admin.php">Administration</a>
<br><br>
<?
show_sql_form($web, $indonesia);

if (
(isset($_POST['statement'])) &&
(isset($_POST['name'])) &&
(isset($_POST['password']))) {

	run_sql(
	$web, $indonesia, $_POST['statement'], 
	$_POST['name'], $_POST['password']);
}
?>
</body>
</html>

<?
//////////////////////////////////////////////////////////////////////////////
function run_sql($web, $indonesia, $statement, $name, $password) {

	$results = array();

	$name = trim($name);

	if ($name == "") {

		print 
		"<br><hr><b>You must provide a name value!</b><hr><br>\n";

		return;
	}

	$password = trim($password);

	if ($password == "") {

		print 
		"<br><hr><b>You must provide a password value!</b><hr><br>\n";

		return;
	}

	$statement = trim($statement);

	if ($statement == "") {

		print 
		"<br><hr><b>You must provide an SQL value!</b><hr><br>\n";

		return;
	}

	$errstr = 
	$indonesia->login_db_user($name, $password);

	if ($errstr != "") {

		print "<br><hr><b>${errstr}</b><hr><br>\n";

		return;
	}

	$errstr = $indonesia->open_dictionary();

	if ($errstr != "") {

		print "<br><hr><b>${errstr}</b><hr><br>\n";

		return;
	}

	$statement = stripslashes($statement);

	$rows = mysql_query($statement);

	$errstr = mysql_error();

	if ($errstr != "") {

		print "<br><hr><b>${errstr}</b><hr><br>\n";

		return;
	}

	if (preg_match("/delete/i", "$statement")) {

		$arows = mysql_affected_rows();

		print 
		"<br><hr><b>Affected Deleted Rows: ${arows}</b><hr><br>\n";

		return;
	}

	if (preg_match("/update/i", "$statement")) {

		$arows = mysql_affected_rows();

		print 
		"<br><hr><b>Affected Updated Rows: ${arows}</b><hr><br>\n";

		return;
	}


	$nrows = mysql_num_rows($rows);

	if (!$nrows) {

		return;
	}

	$count = mysql_num_fields($rows);

	$table =
	"<table cellpadding=\"3\" cellspacing=\"3\" border=\"1\">\n";

	for($i = 0; $i < $count; $i++) {

		$col = mysql_field_name($rows, $i);

		$table .= "<th>${col}</th>\n";
	}

	while($row = mysql_fetch_row($rows)) {

		$table .= "<tr>\n";

		foreach($row as $value) {

			$table .= "<td>${value}&nbsp;</td>\n";
		}

		$table .= "</tr>\n";
	}

	$table .= "</table>";
	
	$indonesia->close_dictionary();

	print "$table";

	return;
}
//////////////////////////////////////////////////////////////////////////////
function show_sql_form($web, $indonesia) {

	print <<<EOFSSF
<form name="sql" method="post" onsubmit='return verify()'>
<table cellpadding="3" cellspacing="3" border="0">
<tr>
<td>SQL:</td>
</tr><tr>
<td>
<textarea name="statement" rows="7" cols="65" wrap="soft"></textarea>
</td>
</tr><tr>
<td align="right">
<input type="submit" value="Run SQL!">
&nbsp;&nbsp;
Name:&nbsp;
<input type="text" name="name">
&nbsp;&nbsp;
Password:&nbsp;
<input type="password" name="password">
</td>
</tr>
</table>
</form>
<script language="Javascript" type="text/javascript"> 
document.sql.statement.focus();
</script>
EOFSSF;

	return;
}
//////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////
?>
@


1.5
log
@*** empty log message ***
@
text
@d12 1
a12 1
// Modified:     October 17, 2003
d71 2
@


1.4
log
@*** empty log message ***
@
text
@d12 1
a12 1
// Modified:     October 05, 2003
d72 2
d75 2
a76 26

function is_white_space(stoken) {

	if (stoken == null) return(true);

	if (stoken == '') return(true);

	if (stoken == "") return(true);

	return(false);
}

function trim(stoken) {

	if (is_white_space(stoken)) {

		return(stoken);
	}

	stoken = stoken.replace(/^\s*/, "");

	stoken = stoken.replace(/\s*$/, "");

	return(stoken);
}

d118 2
@


1.3
log
@*** empty log message ***
@
text
@d12 1
a12 1
// Modified:     September 30, 2003
d143 3
a145 1
<h2>Bahasa Indonesia Dictionary: SQL</h2>
@


1.2
log
@*** empty log message ***
@
text
@d12 1
a12 1
// Modified:     August 19, 2003
d40 1
a40 1
if (!session_is_registered("ADMIN")) {
d47 1
a47 1
if (session_is_registered("NODUP_SQL")) {
d49 1
a49 1
	session_unregister("NODUP_SQL");
@


1.1
log
@Initial revision
@
text
@d5 33
a37 1

a324 1

@


1.1.1.1
log
@Bahasa Indonesia Dictionary
@
text
@@