/**
* Creates data provider instance with search query applied
*
* @param array $params
*
* @return ActiveDataProvider
*/
public function search($params)
{
$query = Sqlscript::find();
$dataProvider = new ActiveDataProvider(['query' => $query]);
$this->load($params);
if (!$this->validate()) {
// uncomment the following line if you do not want to return any records when validation fails
// $query->where('0=1');
return $dataProvider;
}
$query->andFilterWhere(['id' => $this->id, 'd_update' => $this->d_update]);
$query->andFilterWhere(['like', 'topic', $this->topic])->andFilterWhere(['like', 'sql_script', $this->sql_script])->andFilterWhere(['like', 'user', $this->user]);
return $dataProvider;
}
/**
* Finds the Sqlscript model based on its primary key value.
* If the model is not found, a 404 HTTP exception will be thrown.
* @param integer $id
* @return Sqlscript the loaded model
* @throws NotFoundHttpException if the model cannot be found
*/
protected function findModel($id)
{
if (($model = Sqlscript::findOne($id)) !== null) {
return $model;
} else {
throw new NotFoundHttpException('The requested page does not exist.');
}
}
public function actionIndex()
{
$saved = false;
if (\Yii::$app->request->isPost) {
$sql = trim($_POST['sql_code']);
$break = FALSE;
//if (substr($sql, 0, 6)=='delete') {
if (strpos($sql, 'delete') !== false) {
$break = true;
}
if (strpos($sql, 'insert') !== false) {
$break = true;
}
if (strpos($sql, 'update') !== false) {
$break = true;
}
if (strpos($sql, 'alter') !== false) {
$break = true;
}
if (strpos($sql, 'drop') !== false) {
$break = true;
}
if (strpos($sql, 'show') !== false) {
$break = true;
}
if (strpos($sql, 'truncate') !== false) {
$break = true;
}
if (strpos($sql, 'empty') !== false) {
$break = true;
}
if (strpos($sql, 'create') !== false) {
$break = true;
}
if (strpos($sql, 'replace') !== false) {
$break = true;
}
if ($break) {
throw new \yii\web\ConflictHttpException('ไม่อนุญาตให้ใช้คำสั่งนี้');
return;
}
try {
$this->exec_sql('DROP PROCEDURE IF EXISTS tmp_store_proc');
$sp1 = "CREATE PROCEDURE tmp_store_proc()\r\n";
$sp1 .= " BEGIN \r\n";
$sp1 .= trim($sql);
$sp1 .= "\r\n END";
$this->exec_sql($sp1);
$rawData = $this->call('tmp_store_proc', NULL);
} catch (\yii\db\Exception $e) {
throw new \yii\web\ConflictHttpException($e->getCode() . ' : คำสั่งผิดพลาด SQL ERROR');
//return;
}
if (isset($_POST['save'])) {
$model = new Sqlscript();
$model->topic = 'กรุณาแก้ชื่อ script';
$model->sql_script = $sql;
$model->user = Yii::$app->user->identity->username;
$model->d_update = date('Y-m-d H:i:s');
if ($model->save()) {
$saved = true;
}
}
$dataProvider = new \yii\data\ArrayDataProvider(['allModels' => $rawData, 'pagination' => FALSE]);
return $this->render('index', ['dataProvider' => $dataProvider, 'sql_code' => $sql, 'saved' => $saved ? '[บันทึก script แล้ว]' : '']);
}
return $this->render('index', ['saved' => '']);
}
