<?php
echo show_header();
if (!$user[perm]) {
die(redirect_js("index.php"));
}
echo "<span class='name'>Запросы</span><br>\n<center><form method='POST'>\nSELECT <br>\n<textarea name='sql' cols=30 rows=4>" . ($_POST[sql] ?: "* FROM rt_merchant") . "</textarea><br>\n<input type=submit value='OK'>\n</form>\n</center>\n";
if ($_POST[sql]) {
$sql = make_sql($_POST[sql]);
echo "<table><tr>";
if ($sql) {
foreach ($sql[0] as $k => $v) {
echo "<td>{$k}</td>";
}
echo "</tr>";
foreach ($sql as $r) {
echo "<tr>";
foreach ($r as $k => $v) {
echo "<td>{$v}</td>";
}
echo "</tr>";
}
} else {
echo "Ничего нет!";
}
echo "</center>";
}
echo show_footer();
sess();
if (strpos($_REQUEST[page], "/") !== false || strpos($_REQUEST[page], "\\") !== false) {
redirect("index.php");
die;
}
//страница
if ($_REQUEST[page]) {
$page = $_REQUEST[page];
} else {
$page = "home";
}
if (!$_SESSION[userid] && $_GET[js] && $page != "login") {
if ($page == "islogin") {
die;
}
echo redirect_js("index.php");
die;
}
//проверка наличия страницы
if (!file_exists("pages/" . $page . ".php")) {
$page = "home";
}
//залогинен ли?
$user = islogin();
if (!$user) {
$page = "login";
$_GET[page] = "login";
} elseif ($page == 'login') {
$page = 'home';
}
header('Content-Type: text/html; charset=windows-1251');
