home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
ftp.ee.pdx.edu
/
2014.02.ftp.ee.pdx.edu.tar
/
ftp.ee.pdx.edu
/
oss
/
cvs-2004
/
bahasa
/
web
/
sql.php,v
< prev
next >
Wrap
Text File
|
2003-10-20
|
8KB
|
472 lines
head 1.6;
access;
symbols
Initial:1.1.1.1 bule:1.1.1;
locks; strict;
comment @# @;
1.6
date 2003.10.20.00.21.46; author bule; state Exp;
branches;
next 1.5;
1.5
date 2003.10.18.00.33.42; author bule; state Exp;
branches;
next 1.4;
1.4
date 2003.10.06.00.39.27; author bule; state Exp;
branches;
next 1.3;
1.3
date 2003.10.01.06.51.30; author bule; state Exp;
branches;
next 1.2;
1.2
date 2003.08.19.19.24.21; author bule; state Exp;
branches;
next 1.1;
1.1
date 2003.08.12.19.18.23; author bule; state Exp;
branches
1.1.1.1;
next ;
1.1.1.1
date 2003.08.12.19.18.23; author bule; state Exp;
branches;
next ;
desc
@@
1.6
log
@*** empty log message ***
@
text
@<?
session_start();
require_once("../php/Indonesia.php");
require_once("../php/Web.php");
//////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////
// Project Name: Bahasa Indonesia Dictionary
// Directory: bahasa/web
// File Name: sql.php
// Author(s): John L. Whiteman
// Created: June 23, 2003
// Modified: October 19, 2003
// Description: The purpose of this restricted access PHP web
// client page is allow an administrator to run
// custom SQL commands against the database.
//
// Copyright (c) 2003 John L. Whiteman
//
// Permission is herby granted, free of charge, to any person obtaining a
// copy of this software, data, and associated documentation files
// (the "Software"), to deal in the Software without restriction,
// including without limitation the rights to use, copy, modify, merge,
// publish, distribute, sublicense, and/or sell copies of Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR
// ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHERE IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING IN THE SOFTWARE.
//////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////
$web = new Web();
if (!$_SESSION['ADMIN']) {
$web->redirect("login.php");
exit;
}
if ($_SESSION['NODUP_SQL']) {
unset($_SESSION['NODUP_SQL']);
$web->redirect("admin.php");
exit;
}
$indonesia = new Indonesia();
$status = $indonesia->get_dictionary_status();
if ($status["status"] == 1 || $status["status"] == 2) {
$web->redirect("admin.php");
exit;
}
?>
<html>
<head>
<title>Bahasa Indonesia Dictionary: SQL</title>
<link href="bahasa.css" rel="stylesheet" type="text/css">
<script type="text/javascript" src="bahasa.js"></script>
<script language="Javascript" type="text/javascript">
<!--
//////////////////////////////////////////////////////////////////////////////
function verify() {
statement = document.sql.statement.value;
statement = trim(statement);
if (is_white_space(statement)) {
alert("You must enter a SQL value!");
document.sql.statement.focus();
return(false);
}
name = document.sql.name.value;
name = trim(name);
if (is_white_space(name)) {
alert("You must enter a name value!");
document.sql.name.focus();
return(false);
}
password = document.sql.password.value;
if (is_white_space(password)) {
alert("You must enter a password value!");
document.sql.password.focus();
return(false);
}
return(true);
}
//////////////////////////////////////////////////////////////////////////////
// -->
</script>
</head>
<body>
<?
$web->show_logo("SQL");
?>
<a href="admin.php">Administration</a>
<br><br>
<?
show_sql_form($web, $indonesia);
if (
(isset($_POST['statement'])) &&
(isset($_POST['name'])) &&
(isset($_POST['password']))) {
run_sql(
$web, $indonesia, $_POST['statement'],
$_POST['name'], $_POST['password']);
}
?>
</body>
</html>
<?
//////////////////////////////////////////////////////////////////////////////
function run_sql($web, $indonesia, $statement, $name, $password) {
$results = array();
$name = trim($name);
if ($name == "") {
print
"<br><hr><b>You must provide a name value!</b><hr><br>\n";
return;
}
$password = trim($password);
if ($password == "") {
print
"<br><hr><b>You must provide a password value!</b><hr><br>\n";
return;
}
$statement = trim($statement);
if ($statement == "") {
print
"<br><hr><b>You must provide an SQL value!</b><hr><br>\n";
return;
}
$errstr =
$indonesia->login_db_user($name, $password);
if ($errstr != "") {
print "<br><hr><b>${errstr}</b><hr><br>\n";
return;
}
$errstr = $indonesia->open_dictionary();
if ($errstr != "") {
print "<br><hr><b>${errstr}</b><hr><br>\n";
return;
}
$statement = stripslashes($statement);
$rows = mysql_query($statement);
$errstr = mysql_error();
if ($errstr != "") {
print "<br><hr><b>${errstr}</b><hr><br>\n";
return;
}
if (preg_match("/delete/i", "$statement")) {
$arows = mysql_affected_rows();
print
"<br><hr><b>Affected Deleted Rows: ${arows}</b><hr><br>\n";
return;
}
if (preg_match("/update/i", "$statement")) {
$arows = mysql_affected_rows();
print
"<br><hr><b>Affected Updated Rows: ${arows}</b><hr><br>\n";
return;
}
$nrows = mysql_num_rows($rows);
if (!$nrows) {
return;
}
$count = mysql_num_fields($rows);
$table =
"<table cellpadding=\"3\" cellspacing=\"3\" border=\"1\">\n";
for($i = 0; $i < $count; $i++) {
$col = mysql_field_name($rows, $i);
$table .= "<th>${col}</th>\n";
}
while($row = mysql_fetch_row($rows)) {
$table .= "<tr>\n";
foreach($row as $value) {
$table .= "<td>${value} </td>\n";
}
$table .= "</tr>\n";
}
$table .= "</table>";
$indonesia->close_dictionary();
print "$table";
return;
}
//////////////////////////////////////////////////////////////////////////////
function show_sql_form($web, $indonesia) {
print <<<EOFSSF
<form name="sql" method="post" onsubmit='return verify()'>
<table cellpadding="3" cellspacing="3" border="0">
<tr>
<td>SQL:</td>
</tr><tr>
<td>
<textarea name="statement" rows="7" cols="65" wrap="soft"></textarea>
</td>
</tr><tr>
<td align="right">
<input type="submit" value="Run SQL!">
Name:
<input type="text" name="name">
Password:
<input type="password" name="password">
</td>
</tr>
</table>
</form>
<script language="Javascript" type="text/javascript">
document.sql.statement.focus();
</script>
EOFSSF;
return;
}
//////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////
?>
@
1.5
log
@*** empty log message ***
@
text
@d12 1
a12 1
// Modified: October 17, 2003
d71 2
@
1.4
log
@*** empty log message ***
@
text
@d12 1
a12 1
// Modified: October 05, 2003
d72 2
d75 2
a76 26
function is_white_space(stoken) {
if (stoken == null) return(true);
if (stoken == '') return(true);
if (stoken == "") return(true);
return(false);
}
function trim(stoken) {
if (is_white_space(stoken)) {
return(stoken);
}
stoken = stoken.replace(/^\s*/, "");
stoken = stoken.replace(/\s*$/, "");
return(stoken);
}
d118 2
@
1.3
log
@*** empty log message ***
@
text
@d12 1
a12 1
// Modified: September 30, 2003
d143 3
a145 1
<h2>Bahasa Indonesia Dictionary: SQL</h2>
@
1.2
log
@*** empty log message ***
@
text
@d12 1
a12 1
// Modified: August 19, 2003
d40 1
a40 1
if (!session_is_registered("ADMIN")) {
d47 1
a47 1
if (session_is_registered("NODUP_SQL")) {
d49 1
a49 1
session_unregister("NODUP_SQL");
@
1.1
log
@Initial revision
@
text
@d5 33
a37 1
a324 1
@
1.1.1.1
log
@Bahasa Indonesia Dictionary
@
text
@@
