コード例 #1
0
ファイル: DatabaseBackup.php プロジェクト: ellymakuba/AIRADS
function backup_tables($host, $user, $pass, $tables = '*', $db)
{
    //get all of the tables
    if ($tables == '*') {
        $tables = array();
        $result = DB_query('SHOW TABLES', $db);
        while ($row = DB_fetch_row($result)) {
            $tables[] = $row[0];
        }
    } else {
        $tables = is_array($tables) ? $tables : explode(',', $tables);
    }
    //cycle through
    foreach ($tables as $table) {
        $result = DB_query('SELECT * FROM ' . $table, $db);
        $num_fields = DB_num_fields($result);
        $num_rows = DB_num_rows($result);
        $return .= 'DROP TABLE IF EXISTS ' . $table . ';';
        $row2 = DB_fetch_row(DB_query('SHOW CREATE TABLE ' . $table, $db));
        $return .= "\n\n" . $row2[1] . ";\n\n";
        $return .= 'INSERT INTO ' . $table . ' VALUES';
        for ($i = 0; $i < $num_fields; $i++) {
            $last = 0;
            while ($row = DB_fetch_row($result)) {
                $last = $last + 1;
                $return .= '(';
                for ($j = 0; $j < $num_fields; $j++) {
                    $row[$j] = addslashes($row[$j]);
                    $row[$j] = ereg_replace("\n", "\\n", $row[$j]);
                    if (isset($row[$j])) {
                        $return .= '"' . $row[$j] . '"';
                    } else {
                        $return .= '""';
                    }
                    if ($j < $num_fields - 1 and isset($row[$j])) {
                        $return .= ',';
                    }
                }
                if ($last == $num_rows) {
                    $return .= ");\n";
                } else {
                    $return .= "),";
                }
            }
        }
        $return .= "\n\n\n";
    }
    //save file
    $handle = fopen('db-backup-' . time() . '-' . md5(implode(',', $tables)) . '.sql', 'w+');
    fwrite($handle, $return);
    fclose($handle);
    prnMsg(_(' back up successful'), 'success');
}
コード例 #2
0
function module_article_search()
{
    global $months;
    echo "<!-- start search for article -->";
    echo "<table class=\"default_table\"><tr><td colspan=2><div class=\"default_header\">Artikkelsøk</td></tr></div>";
    if (isset($_REQUEST['searchtype'])) {
        $searchtype = $_REQUEST['searchtype'];
    }
    if (isset($searchtype)) {
        if (!isset($_REQUEST['table'])) {
            $_REQUEST['table'] = "";
        }
        if (!isset($_REQUEST['column'])) {
            $_REQUEST['column'] = "";
        }
        if (!isset($_REQUEST['condition'])) {
            $_REQUEST['condition'] = "";
        }
        $table = strip_tags($_REQUEST['table']);
        $column = strip_tags($_REQUEST['column']);
        $condition = strip_tags($_REQUEST['condition']);
        if ($searchtype == "selectquery" && ($table && $column) && $_SESSION['valid_admin']) {
            if ($condition) {
                $query = "SELECT " . $_GET['column'] . " FROM " . $_GET['table'] . " WHERE " . stripslashes($_GET['condition']) . ";";
            } else {
                $query = "SELECT " . $_GET['column'] . " FROM " . $_GET['table'] . ";";
            }
            $result = DB_get_table($query);
            $num_results = DB_rows_affected($result);
            $field_count = DB_num_fields($result);
            for ($i = 0; $i < $num_results; $i++) {
                $row = DB_next_row_numeric($result);
                echo '<tr><td colspan=2>';
                for ($j = 0; $j < $field_count; $j++) {
                    echo strip_tags($row[$j]) . " - ";
                }
                $j = 0;
                echo "</td></tr>";
            }
        } else {
            if ($searchtype == "commentquery") {
                global $article_author;
                $comment_query = "SELECT title,articleid,author_username,author,intro,body,date_posted,time_posted FROM articles WHERE author='" . strip_tags($_GET['author']) . "' AND is_deleted IS NULL AND (is_draft=0 OR is_draft IS NULL) AND (comment_to IS NOT NULL) ORDER BY date_posted, time_posted DESC;";
                $result = DB_get_table($comment_query);
                $num_results = DB_rows_affected($result);
                if (!$num_results || $num_results == 0) {
                    echo "Fant ingen artikler.";
                } else {
                    list_articles($result, $num_results);
                }
            } elseif ($searchtype == "bymonth") {
                $month = $_REQUEST['month'];
                $year = $_REQUEST['year'];
                $query = "SELECT * FROM articles WHERE (date_posted <= '" . date("Y-m-d") . "' OR (time_posted <= '" . date("H:i") . "' AND date_posted <= '" . date("Y-m-d") . "'))  AND date_posted LIKE '" . $year . "-" . $month . "-%' AND is_deleted IS NULL AND comment_to IS NULL AND is_draft IS NULL ORDER BY date_posted DESC, time_posted DESC;\t";
                debug($query);
                $result = DB_get_table($query);
                $num_rows = DB_rows_affected($result);
                if ($result && $num_rows > 0) {
                    echo $num_rows . " artikler funnet.<br/>";
                    list_articles($result, $num_rows);
                } else {
                    $month += 0;
                    // VERY corny way of converting $month from string to int to remove leading zero
                    echo "Fant ingen artikler fra " . $months[$month] . " " . $year . ".<br/><br/>";
                }
            } else {
                if ($searchtype == "username") {
                    $query = "SELECT comment_to,title,articleid,author_username,author,intro,body,date_posted,time_posted FROM articles WHERE author_username='" . strip_tags($_REQUEST['username']) . "' AND is_deleted IS NULL AND is_draft IS NULL ORDER BY date_posted DESC, time_posted DESC;";
                    $result = DB_get_table($query);
                    $num_results = DB_rows_affected($result);
                    if (!$num_results || $num_results == 0) {
                        echo "Fant ingen artikler.";
                    } else {
                        list_articles($result, $num_results);
                    }
                }
            }
        }
    } else {
        //echo "Ugyldig søk.";
    }
    if (isset($_SESSION['valid_admin'])) {
        echo '<tr><td>';
        echo "Altmuligsøk, eksklusivt for admins</td><td>";
        form_start_get();
        form_hidden("searchtype", "selectquery");
        form_hidden("m_c", "module_article_search");
        echo "<br/>SELECT ";
        form_textfield("column", "");
        echo "<br/>FROM ";
        form_textfield("table", "");
        echo "<br/>WHERE ";
        form_textfield("condition", "");
        echo "<br/>";
        form_submit("submit", "Søk");
        form_end();
        echo "</td></tr>";
    }
    echo '<tr><td>';
    $query = "SELECT firstname,username FROM user;";
    $result = DB_get_table($query);
    $num_results = DB_rows_affected($result);
    form_start_get();
    form_hidden("searchtype", "username");
    form_hidden("m_c", "module_article_search");
    echo "Vis alle artikler og kommentarer skrevet av forfatter:</td><td>";
    echo '<select name="username">';
    while ($row = DB_next_row($result)) {
        echo '<option value="' . $row['username'] . '" >' . $row['firstname'] . " (" . $row['username'] . ')</option>';
    }
    echo '</select>';
    form_submit("submit", "Søk");
    form_end();
    echo '</td></tr>';
    echo '<tr><td>';
    form_start_get();
    form_hidden("searchtype", "commentquery");
    form_hidden("m_c", "module_article_search");
    echo "Vis alle kommentarer skrevet av forfatter:</td><td>";
    form_textfield("author", "");
    form_submit("submit", "Søk");
    form_end();
    echo '</td></tr><tr><td>';
    form_start_get();
    form_hidden("searchtype", "bymonth");
    form_hidden("m_c", "module_article_search");
    echo "Vis alle artikler publisert i:</td><td>";
    echo '<select name="month">';
    for ($i = 1; $i < 10; $i++) {
        echo '<option value="0' . $i . '">' . $months[$i] . '</option>\\n';
    }
    for ($i = 10; $i < 13; $i++) {
        echo '<option value="' . $i . '">' . $months[$i] . '</option>\\n';
    }
    echo '</select>';
    form_select_number("year", 2004, date("Y"), date("Y"));
    form_submit("submit", "Søk");
    form_end();
    echo '</td><tr>';
    echo '</table>';
}