|
1
|
<?php
|
|
2
|
|
|
3
|
/**
|
|
4
|
* Process an arbitrary SQL query - tricky! The main problem is that
|
|
5
|
* unless we implement a full SQL parser, there's no way of knowing
|
|
6
|
* how many SQL statements have been strung together with semi-colons
|
|
7
|
* @param $query The SQL query string to execute
|
|
8
|
*
|
|
9
|
* $Id: sql.php,v 1.32 2005/06/16 14:40:11 chriskl Exp $
|
|
10
|
*/
|
|
11
|
|
|
12
|
// Prevent timeouts on large exports (non-safe mode only)
|
|
13
|
if (!ini_get('safe_mode')) set_time_limit(0);
|
|
14
|
|
|
15
|
// Include application functions
|
|
16
|
include_once('./libraries/lib.inc.php');
|
|
17
|
|
|
18
|
/**
|
|
19
|
* This is a callback function to display the result of each separate query
|
|
20
|
* @param ADORecordSet $rs The recordset returned by the script execetor
|
|
21
|
*/
|
|
22
|
function sqlCallback($query, $rs, $lineno) {
|
|
23
|
global $data, $misc, $lang, $_connection;
|
|
24
|
// Check if $rs is false, if so then there was a fatal error
|
|
25
|
if ($rs === false) {
|
|
26
|
echo htmlspecialchars($_FILES['script']['name']), ':', $lineno, ': ', nl2br(htmlspecialchars($_connection->getLastError())), "<br/>\n";
|
|
27
|
}
|
|
28
|
else {
|
|
29
|
// Print query results
|
|
30
|
switch (pg_result_status($rs)) {
|
|
31
|
case PGSQL_TUPLES_OK:
|
|
32
|
// If rows returned, then display the results
|
|
33
|
$num_fields = pg_numfields($rs);
|
|
34
|
echo "<p><table>\n<tr>";
|
|
35
|
for ($k = 0; $k < $num_fields; $k++) {
|
|
36
|
echo "<th class=\"data\">", $misc->printVal(pg_fieldname($rs, $k)), "</th>";
|
|
37
|
}
|
|
38
|
|
|
39
|
$i = 0;
|
|
40
|
$row = pg_fetch_row($rs);
|
|
41
|
while ($row !== false) {
|
|
42
|
$id = (($i % 2) == 0 ? '1' : '2');
|
|
43
|
echo "<tr>\n";
|
|
44
|
foreach ($row as $k => $v) {
|
|
45
|
echo "<td class=\"data{$id}\" nowrap=\"nowrap\">", $misc->printVal($v, pg_fieldtype($rs, $k), array('null' => true)), "</td>";
|
|
46
|
}
|
|
47
|
echo "</tr>\n";
|
|
48
|
$row = pg_fetch_row($rs);
|
|
49
|
$i++;
|
|
50
|
};
|
|
51
|
echo "</table><br/>\n";
|
|
52
|
echo $i, " {$lang['strrows']}</p>\n";
|
|
53
|
break;
|
|
54
|
case PGSQL_COMMAND_OK:
|
|
55
|
// If we have the command completion tag
|
|
56
|
if (version_compare(phpversion(), '4.3', '>=')) {
|
|
57
|
echo htmlspecialchars(pg_result_status($rs, PGSQL_STATUS_STRING)), "<br/>\n";
|
|
58
|
}
|
|
59
|
// Otherwise if any rows have been affected
|
|
60
|
elseif ($data->conn->Affected_Rows() > 0) {
|
|
61
|
echo $data->conn->Affected_Rows(), " {$lang['strrowsaff']}<br/>\n";
|
|
62
|
}
|
|
63
|
// Otherwise output nothing...
|
|
64
|
break;
|
|
65
|
case PGSQL_EMPTY_QUERY:
|
|
66
|
break;
|
|
67
|
default:
|
|
68
|
break;
|
|
69
|
}
|
|
70
|
}
|
|
71
|
}
|
|
72
|
|
|
73
|
// Determine explain version of SQL
|
|
74
|
if ($data->hasFullExplain() && isset($_POST['explain']) && isset($_POST['query'])) {
|
|
75
|
$_POST['query'] = $data->getExplainSQL($_POST['query'], false);
|
|
76
|
$_REQUEST['query'] = $_POST['query'];
|
|
77
|
}
|
|
78
|
elseif ($data->hasFullExplain() && isset($_POST['explain_analyze']) && isset($_POST['query'])) {
|
|
79
|
$_POST['query'] = $data->getExplainSQL($_POST['query'], true);
|
|
80
|
$_REQUEST['query'] = $_POST['query'];
|
|
81
|
}
|
|
82
|
|
|
83
|
// Check to see if pagination has been specified. In that case, send to display
|
|
84
|
// script for pagination
|
|
85
|
if (isset($_POST['paginate']) && !isset($_POST['explain']) && !isset($_POST['explain_analyze'])) {
|
|
86
|
include('./display.php');
|
|
87
|
exit;
|
|
88
|
}
|
|
89
|
|
|
90
|
$PHP_SELF = $_SERVER['PHP_SELF'];
|
|
91
|
|
|
92
|
$misc->printHeader($lang['strqueryresults']);
|
|
93
|
$misc->printBody();
|
|
94
|
$misc->printTrail('database');
|
|
95
|
$misc->printTitle($lang['strqueryresults']);
|
|
96
|
|
|
97
|
// Set the schema search path
|
|
98
|
if ($data->hasSchemas() && isset($_REQUEST['search_path'])) {
|
|
99
|
if ($data->setSearchPath(array_map('trim',explode(',',$_REQUEST['search_path']))) != 0) {
|
|
100
|
$misc->printFooter();
|
|
101
|
exit;
|
|
102
|
}
|
|
103
|
}
|
|
104
|
|
|
105
|
// May as well try to time the query
|
|
106
|
if (function_exists('microtime')) {
|
|
107
|
list($usec, $sec) = explode(' ', microtime());
|
|
108
|
$start_time = ((float)$usec + (float)$sec);
|
|
109
|
}
|
|
110
|
else $start_time = null;
|
|
111
|
// Execute the query. If it's a script upload, special handling is necessary
|
|
112
|
if (isset($_FILES['script']) && $_FILES['script']['size'] > 0)
|
|
113
|
$data->executeScript('script', 'sqlCallback');
|
|
114
|
else {
|
|
115
|
// Set fetch mode to NUM so that duplicate field names are properly returned
|
|
116
|
$data->conn->setFetchMode(ADODB_FETCH_NUM);
|
|
117
|
$rs = $data->conn->Execute($_POST['query']);
|
|
118
|
|
|
119
|
// $rs will only be an object if there is no error
|
|
120
|
if (is_object($rs)) {
|
|
121
|
// Now, depending on what happened do various things
|
|
122
|
|
|
123
|
// First, if rows returned, then display the results
|
|
124
|
if ($rs->recordCount() > 0) {
|
|
125
|
echo "<table>\n<tr>";
|
|
126
|
foreach ($rs->f as $k => $v) {
|
|
127
|
$finfo = $rs->fetchField($k);
|
|
128
|
echo "<th class=\"data\">", $misc->printVal($finfo->name), "</th>";
|
|
129
|
}
|
|
130
|
|
|
131
|
$i = 0;
|
|
132
|
while (!$rs->EOF) {
|
|
133
|
$id = (($i % 2) == 0 ? '1' : '2');
|
|
134
|
echo "<tr>\n";
|
|
135
|
foreach ($rs->f as $k => $v) {
|
|
136
|
$finfo = $rs->fetchField($k);
|
|
137
|
echo "<td class=\"data{$id}\" nowrap=\"nowrap\">", $misc->printVal($v, $finfo->type, array('null' => true)), "</td>";
|
|
138
|
}
|
|
139
|
echo "</tr>\n";
|
|
140
|
$rs->moveNext();
|
|
141
|
$i++;
|
|
142
|
}
|
|
143
|
echo "</table>\n";
|
|
144
|
echo "<p>", $rs->recordCount(), " {$lang['strrows']}</p>\n";
|
|
145
|
}
|
|
146
|
// Otherwise if any rows have been affected
|
|
147
|
elseif ($data->conn->Affected_Rows() > 0) {
|
|
148
|
echo "<p>", $data->conn->Affected_Rows(), " {$lang['strrowsaff']}</p>\n";
|
|
149
|
}
|
|
150
|
// Otherwise output nothing...
|
|
151
|
}
|
|
152
|
}
|
|
153
|
|
|
154
|
// May as well try to time the query
|
|
155
|
if ($start_time !== null) {
|
|
156
|
list($usec, $sec) = explode(' ', microtime());
|
|
157
|
$end_time = ((float)$usec + (float)$sec);
|
|
158
|
// Get duration in milliseconds, round to 3dp's
|
|
159
|
$duration = number_format(($end_time - $start_time) * 1000, 3);
|
|
160
|
}
|
|
161
|
else $duration = null;
|
|
162
|
|
|
163
|
// Reload the browser as we may have made schema changes
|
|
164
|
$_reload_browser = true;
|
|
165
|
|
|
166
|
// Display duration if we know it
|
|
167
|
if ($duration !== null) {
|
|
168
|
echo "<p>", sprintf($lang['strruntime'], $duration), "</p>\n";
|
|
169
|
}
|
|
170
|
|
|
171
|
echo "<p>{$lang['strsqlexecuted']}</p>\n";
|
|
172
|
|
|
173
|
echo "<p><a class=\"navlink\" href=\"database.php?database=", urlencode($_REQUEST['database']),
|
|
174
|
"&server=", urlencode($_REQUEST['server']), "&action=sql&query=", urlencode($_POST['query']), "\">{$lang['streditsql']}</a>";
|
|
175
|
if ($conf['show_reports'] && isset($rs) && is_object($rs) && $rs->recordCount() > 0) {
|
|
176
|
echo " | <a class=\"navlink\" href=\"reports.php?{$misc->href}&action=create&report_sql=",
|
|
177
|
urlencode($_POST['query']), "\">{$lang['strcreatereport']}</a>";
|
|
178
|
}
|
|
179
|
echo "</p>\n";
|
|
180
|
|
|
181
|
$misc->printFooter();
|
|
182
|
?>
|