public function actionUpload() { $model = new UploadForm(); if (Yii::$app->request->isPost) { $model->file = UploadedFile::getInstances($model, 'file'); if ($model->file && $model->validate()) { foreach ($model->file as $file) { $model_script = new Sqlscript(); $save_name = ''; if (strtolower($file->extension) === 'txt' || strtolower($file->extension) === 'sql') { $path = \Yii::getAlias('@webroot') . "/scripts/"; $fname = iconv('UTF-8', 'tis-620', $file->name); // win $save_name = $path . $fname; $file->saveAs($save_name); $model_script->topic = iconv('tis-620', 'UTF-8', $fname); $model_script->sql_script = iconv('tis-620', 'UTF-8', file_get_contents($save_name)); $model_script->user = Yii::$app->user->identity->username; $model_script->d_update = date('Y-m-d H:i:s'); } $model_script->save(); } return $this->redirect(['sqlscript/index']); } } return $this->render('upload', ['model' => $model]); }
public function actionIndex() { $saved = false; if (\Yii::$app->request->isPost) { $sql = trim($_POST['sql_code']); $break = FALSE; //if (substr($sql, 0, 6)=='delete') { if (strpos($sql, 'delete') !== false) { $break = true; } if (strpos($sql, 'insert') !== false) { $break = true; } if (strpos($sql, 'update') !== false) { $break = true; } if (strpos($sql, 'alter') !== false) { $break = true; } if (strpos($sql, 'drop') !== false) { $break = true; } if (strpos($sql, 'show') !== false) { $break = true; } if (strpos($sql, 'truncate') !== false) { $break = true; } if (strpos($sql, 'empty') !== false) { $break = true; } if (strpos($sql, 'create') !== false) { $break = true; } if (strpos($sql, 'replace') !== false) { $break = true; } if ($break) { throw new \yii\web\ConflictHttpException('ไม่อนุญาตให้ใช้คำสั่งนี้'); return; } try { $this->exec_sql('DROP PROCEDURE IF EXISTS tmp_store_proc'); $sp1 = "CREATE PROCEDURE tmp_store_proc()\r\n"; $sp1 .= " BEGIN \r\n"; $sp1 .= trim($sql); $sp1 .= "\r\n END"; $this->exec_sql($sp1); $rawData = $this->call('tmp_store_proc', NULL); } catch (\yii\db\Exception $e) { throw new \yii\web\ConflictHttpException($e->getCode() . ' : คำสั่งผิดพลาด SQL ERROR'); //return; } if (isset($_POST['save'])) { $model = new Sqlscript(); $model->topic = 'กรุณาแก้ชื่อ script'; $model->sql_script = $sql; $model->user = Yii::$app->user->identity->username; $model->d_update = date('Y-m-d H:i:s'); if ($model->save()) { $saved = true; } } $dataProvider = new \yii\data\ArrayDataProvider(['allModels' => $rawData, 'pagination' => FALSE]); return $this->render('index', ['dataProvider' => $dataProvider, 'sql_code' => $sql, 'saved' => $saved ? '[บันทึก script แล้ว]' : '']); } return $this->render('index', ['saved' => '']); }