function listing($base_query, $md5_get = false)
{
global $db_driver, $db_link;
$md5_i = false;
if ($md5_get) {
preg_match('#_(\\d+)$#', $md5_get, $match);
$md5_i = $match[1];
}
$base_query = trim($base_query);
$base_query = str_cut_end($base_query, ';');
$query = $base_query;
$ret = array('msg' => '', 'error' => '', 'data_html' => false);
$limit = 25;
$offset = get('offset', 'int');
$page = floor($offset / $limit + 1);
if ($query) {
if (is_select($query) && !preg_match('#\\s+LIMIT\\s+\\d+#i', $query) && !preg_match('#into\\s+outfile\\s+#', $query)) {
$query = db_limit($query, $offset, $limit);
} else {
$limit = false;
}
$time = time_start();
if (!db_is_safe($query, true)) {
$ret['error'] = 'Detected UPDATE/DELETE without WHERE condition (put WHERE 1=1 if you want to execute this query)';
return $ret;
}
$rs = @db_query($query);
if ($rs) {
if ($rs === true) {
if ('mysql' == $db_driver) {
$affected = mysql_affected_rows($db_link);
$time = time_end($time);
$ret['data_html'] = '<b>' . $affected . '</b> rows affected.<br>Time: <b>' . $time . '</b> sec';
return $ret;
}
} else {
if ('pgsql' == $db_driver) {
$affected = @pg_affected_rows($rs);
if ($affected || preg_match('#^\\s*(DELETE|UPDATE)\\s+#i', $query)) {
$time = time_end($time);
$ret['data_html'] = '<p><b>' . $affected . '</b> rows affected. Time: <b>' . $time . '</b> sec</p>';
return $ret;
}
}
}
$rows = array();
while ($row = db_row($rs)) {
$rows[] = $row;
if ($limit) {
if (count($rows) == $limit) {
break;
}
}
}
db_free($rs);
if (is_select($base_query)) {
$found = @db_one("SELECT COUNT(*) FROM ({$base_query}) AS sub");
if (!is_numeric($found) || count($rows) && !$found) {
global $COUNT_ERROR;
$COUNT_ERROR = ' (COUNT ERROR) ';
$found = count($rows);
}
} else {
if (count($rows)) {
$found = count($rows);
} else {
$found = false;
}
}
if ($limit) {
$pages = ceil($found / $limit);
} else {
$pages = 1;
}
$time = time_end($time);
} else {
$ret['error'] = db_error();
return $ret;
}
} else {
$ret['error'] = 'No query found.';
return $ret;
}
ob_start();
?>
<?php
if (is_numeric($found)) {
?>
<p>
Found: <b><?php
echo $found;
?>
</b><?php
echo isset($GLOBALS['COUNT_ERROR']) ? $GLOBALS['COUNT_ERROR'] : '';
?>
.
Time: <b><?php
echo $time;
?>
</b> sec.
<?php
$params = array('md5' => $md5_get, 'offset' => get('offset', 'int'));
if (get('only_marked') || post('only_marked')) {
$params['only_marked'] = 1;
}
if (get('only_select') || post('only_select')) {
$params['only_select'] = 1;
}
?>
/ <a href="<?php
echo url(self(), $params);
?>
">Refetch</a>
/ Export to CSV:
<a href="<?php
echo $_SERVER['PHP_SELF'];
?>
?export=csv&separator=<?php
echo urlencode('|');
?>
&query=<?php
echo base64_encode($base_query);
?>
">pipe</a>
-
<a href="<?php
echo $_SERVER['PHP_SELF'];
?>
?export=csv&separator=<?php
echo urlencode("\t");
?>
&query=<?php
echo base64_encode($base_query);
?>
">tab</a>
-
<a href="<?php
echo $_SERVER['PHP_SELF'];
?>
?export=csv&separator=<?php
echo urlencode(',');
?>
&query=<?php
echo base64_encode($base_query);
?>
">comma</a>
-
<a href="<?php
echo $_SERVER['PHP_SELF'];
?>
?export=csv&separator=<?php
echo urlencode(';');
?>
&query=<?php
echo base64_encode($base_query);
?>
">semicolon</a>
</p>
<?php
} else {
?>
<p>Result: <b>OK</b>. Time: <b><?php
echo $time;
?>
</b> sec</p>
<?php
}
?>
<?php
if (is_numeric($found)) {
?>
<?php
if ($pages > 1) {
?>
<p>
<?php
if ($page > 1) {
?>
<?php
$ofs = ($page - 1) * $limit - $limit;
?>
<?php
$params = array('md5' => $md5_get, 'offset' => $ofs);
if (get('only_marked') || post('only_marked')) {
$params['only_marked'] = 1;
}
if (get('only_select') || post('only_select')) {
$params['only_select'] = 1;
}
?>
<a href="<?php
echo url(self(), $params);
?>
"><< Prev</a>
<?php
}
?>
Page <b><?php
echo $page;
?>
</b> of <b><?php
echo $pages;
?>
</b>
<?php
if ($pages > $page) {
?>
<?php
$ofs = $page * $limit;
?>
<?php
$params = array('md5' => $md5_get, 'offset' => $ofs);
if (get('only_marked') || post('only_marked')) {
$params['only_marked'] = 1;
}
if (get('only_select') || post('only_select')) {
$params['only_select'] = 1;
}
?>
<a href="<?php
echo url(self(), $params);
?>
">Next >></a>
<?php
}
?>
</p>
<?php
}
?>
<script>
function mark_row(tr)
{
var els = tr.getElementsByTagName('td');
if (tr.marked) {
for (var i = 0; i < els.length; i++) {
els[i].style.backgroundColor = '';
}
tr.marked = false;
} else {
tr.marked = true;
for (var i = 0; i < els.length; i++) {
els[i].style.backgroundColor = '#ddd';
}
}
}
</script>
<?php
if ($found) {
?>
<?php
$edit_table = table_from_query($base_query);
if ($edit_table) {
$edit_pk = array_first_key($rows[0]);
if (is_numeric($edit_pk)) {
$edit_table = false;
}
}
if ($edit_table) {
$types = table_types2($edit_table);
if ($types && count($types)) {
if (in_array($edit_pk, array_keys($types))) {
if (!array_col_match_unique($rows, $edit_pk, '#^\\d+$#')) {
$edit_pk = guess_pk($rows);
if (!$edit_pk) {
$edit_table = false;
}
}
} else {
$edit_table = false;
}
} else {
$edit_table = false;
}
}
$edit_url = '';
if ($edit_table) {
$edit_url = url(self(true), array('action' => 'editrow', 'table' => $edit_table, 'pk' => $edit_pk, 'id' => '%s'));
}
?>
<table class="ls" cellspacing="1">
<tr>
<?php
if ($edit_url) {
?>
<th>#</th><?php
}
?>
<?php
foreach ($rows[0] as $col => $v) {
?>
<th><?php
echo $col;
?>
</th>
<?php
}
?>
</tr>
<?php
foreach ($rows as $row) {
?>
<tr ondblclick="mark_row(this)">
<?php
if ($edit_url) {
?>
<td><a href="javascript:void(0)" onclick="popup('<?php
echo sprintf($edit_url, $row[$edit_pk]);
?>
', 620, 500)">Edit</a> </td>
<?php
}
?>
<?php
$count_cols = 0;
foreach ($row as $v) {
$count_cols++;
}
?>
<?php
foreach ($row as $k => $v) {
?>
<?php
if (preg_match('#^\\s*<a[^>]+>[^<]+</a>\\s*$#iU', $v) && strlen(strip_tags($v)) < 50) {
$v = strip_tags($v, '<a>');
$v = create_links($v);
} else {
$v = strip_tags($v);
$v = str_replace(' ', ' ', $v);
$v = preg_replace('#[ ]+#', ' ', $v);
$v = create_links($v);
if (!get('full_content') && strlen($v) > 50) {
if (1 == $count_cols) {
$v = truncate_html($v, 255);
} else {
$v = truncate_html($v, 50);
}
}
// $v = html_once($v); - create_links() disabling
}
$nl2br = get('nl2br');
if (get('full_content')) {
$v = str_wrap($v, 80, '<br>', true);
}
if (get('nl2br')) {
$v = nl2br($v);
}
//$v = stripslashes(stripslashes($v));
if (@$types[$k] == 'int' && (preg_match('#time#i', $k) || preg_match('#date#i', $k)) && preg_match('#^\\d+$#', $v)) {
$tmp = @date('Y-m-d H:i', $v);
if ($tmp) {
$v = $tmp;
}
}
global $post;
if (str_has($post['sql'], '@gethostbyaddr') && preg_match('#^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$#', $v)) {
$v = $v . '<br>' . @gethostbyaddr($v);
}
?>
<td onclick="mark_col(this)" <?php
echo $nl2br ? 'valign="top"' : '';
?>
nowrap><?php
echo is_null($row[$k]) ? '-' : $v;
?>
</td>
<?php
}
?>
</tr>
<?php
}
?>
</table>
<?php
}
?>
<?php
if ($pages > 1) {
?>
<p>
<?php
if ($page > 1) {
?>
<?php
$ofs = ($page - 1) * $limit - $limit;
?>
<?php
$params = array('md5' => $md5_get, 'offset' => $ofs);
if (get('only_marked') || post('only_marked')) {
$params['only_marked'] = 1;
}
if (get('only_select') || post('only_select')) {
$params['only_select'] = 1;
}
?>
<a href="<?php
echo url(self(), $params);
?>
"><< Prev</a>
<?php
}
?>
Page <b><?php
echo $page;
?>
</b> of <b><?php
echo $pages;
?>
</b>
<?php
if ($pages > $page) {
?>
<?php
$ofs = $page * $limit;
?>
<?php
$params = array('md5' => $md5_get, 'offset' => $ofs);
if (get('only_marked') || post('only_marked')) {
$params['only_marked'] = 1;
}
if (get('only_select') || post('only_select')) {
$params['only_select'] = 1;
}
?>
<a href="<?php
echo url(self(), $params);
?>
">Next >></a>
<?php
}
?>
</p>
<?php
}
?>
<?php
}
?>
<?php
$cont = ob_get_contents();
ob_end_clean();
$ret['data_html'] = $cont;
return $ret;
}
/**
* WARNING: proper string/expression escaping is missing
* @param array|Zend_Db_Expr|string $expr
* @param string|null $alias
* @param string|null $separator
* @param bool|null $distinct
* @param null|array|int|string|Zend_Db_Expr $order
* @return $this
*/
public function groupConcatSet($expr, $alias = null, $separator = null, $distinct = null, $order = null)
{
debug_assert(is_string($expr) || is_array($expr) || is_object($expr) && $expr instanceof Zend_Db_Expr, "Invalid expression value `" . var_dump_human_compact($expr) . "`");
debug_assert(is_null($alias) || is_string($alias), "Invalid alias value `" . var_dump_human_compact($alias) . "`");
debug_assert(is_null($separator) || is_string($separator), "Invalid separator value `" . var_dump_human_compact($separator) . "`");
debug_assert(is_null($distinct) || is_bool($distinct), "Invalid distinct value `" . var_dump_human_compact($distinct) . "`");
debug_assert(is_null($order) || is_array($order) || is_int($order) || is_string($order) || is_object($order) && $order instanceof Zend_Db_Expr, "Invalid order value `" . var_dump_human_compact($order) . "`");
$convertToString = function ($expr) {
if (is_object($expr)) {
$expr = strval($expr);
} else {
if (array_key_exists($expr, $this->schemaColumnsGet())) {
$expr = str_wrap($this->getAlias(), '`') . '.' . str_wrap($expr, '`');
} elseif (is_string($expr)) {
$expr = str_wrap($expr, '\'');
}
}
return $expr;
};
if (is_array($expr)) {
$expr = array_chain($expr, array_map_val_dg(tuple_get(0, $convertToString)), array_implode_dg(','));
} else {
$expr = $convertToString(strval($expr));
}
if ($distinct !== null) {
$expr = "DISTINCT {$expr}";
}
if ($order !== null) {
if (is_array($order)) {
$order = array_chain($expr, array_map_val_dg(tuple_get(0, $convertToString)), array_implode_dg(','));
} else {
$order = $convertToString(strval($order));
}
$expr = "{$expr} ORDER BY {$order}";
}
if ($separator !== null) {
$expr = "{$expr} SEPARATOR '{$separator}'";
}
$expr = "GROUP_CONCAT({$expr})";
if ($alias !== null) {
$expr = [$alias => $expr];
}
return $this->setColumns($expr, $this->getAlias());
}
function listing($base_query, $md5_get = false)
{
// @listing
GET("full_content", "bool");
GET("only_select", "bool");
GET("offset", "int");
POST("full_content", "bool");
POST("only_select", "bool");
global $db_driver, $db_link;
$full_content = $_GET["full_content"] || $_POST["full_content"];
$md5_i = false;
if ($md5_get) {
preg_match('#_(\\d+)$#', $md5_get, $match);
$md5_i = $match[1];
}
$base_query = trim($base_query);
if (";" == substr($base_query, -1)) {
$base_query = substr($base_query, 0, -1);
}
$query = $base_query;
$ret = array('msg' => '', 'error' => '', 'data_html' => false);
$limit = 25;
$offset = $_GET["offset"];
$page = floor($offset / $limit + 1);
if ($query) {
if (is_select($query) && !preg_match('#\\s+LIMIT\\s+\\d+#i', $query) && !preg_match('#into\\s+outfile\\s+#', $query)) {
$query = db_limit($query, $offset, $limit);
} else {
$limit = false;
}
$time = time_start();
if (!db_is_safe($query, true)) {
$ret['error'] = 'Detected UPDATE/DELETE without WHERE condition (put WHERE 1=1 if you want to execute this query)';
return $ret;
}
$rs = @db_query($query);
if ($rs) {
if ($rs === true) {
if ('mysql' == $db_driver) {
$affected = mysql_affected_rows($db_link);
$time = time_end($time);
$ret['data_html'] = '<b>' . $affected . '</b> rows affected.<br>Time: <b>' . $time . '</b> sec';
return $ret;
}
} else {
if ('pgsql' == $db_driver) {
$affected = @pg_affected_rows($rs);
if ($affected || preg_match('#^\\s*(DELETE|UPDATE)\\s+#i', $query)) {
$time = time_end($time);
$ret['data_html'] = '<p><b>' . $affected . '</b> rows affected. Time: <b>' . $time . '</b> sec</p>';
return $ret;
}
}
}
$rows = array();
while ($row = db_row($rs)) {
$rows[] = $row;
if ($limit) {
if (count($rows) == $limit) {
break;
}
}
}
db_free($rs);
if (is_select($base_query)) {
$found = @db_one("SELECT COUNT(*) FROM ({$base_query}) AS sub");
if (!is_numeric($found) || count($rows) && !$found) {
global $COUNT_ERROR;
$COUNT_ERROR = ' (COUNT ERROR) ';
$found = count($rows);
}
} else {
if (count($rows)) {
$found = count($rows);
} else {
$found = false;
}
}
if ($limit) {
$pages = ceil($found / $limit);
} else {
$pages = 1;
}
$time = time_end($time);
} else {
$ret['error'] = db_error();
return $ret;
}
} else {
$ret['error'] = 'No query found.';
return $ret;
}
ob_start();
// ----------------------------------------------------------------
// @sqleditor LISTING HTML
// ----------------------------------------------------------------
?>
<?php
if (is_numeric($found)) {
?>
<p>
Found: <b><?php
echo $found;
?>
</b><?php
echo isset($GLOBALS['COUNT_ERROR']) ? $GLOBALS['COUNT_ERROR'] : '';
?>
.
Time: <b><?php
echo $time;
?>
</b> sec.
<?php
$params = array('md5' => $md5_get, 'offset' => $_GET["offset"]);
if ($_GET['only_select'] || $_POST['only_select']) {
$params['only_select'] = 1;
}
if ($_GET['full_content'] || $_POST['full_content']) {
$params['full_content'] = 1;
}
?>
/ <a href="<?php
echo url(self(), $params);
?>
">Refetch</a>
/ Export to CSV:
<a href="<?php
echo $_SERVER['PHP_SELF'];
?>
?export=csv&separator=<?php
echo urlencode('|');
?>
&query=<?php
echo base64_encode($base_query);
?>
">pipe</a>
-
<a href="<?php
echo $_SERVER['PHP_SELF'];
?>
?export=csv&separator=<?php
echo urlencode("\t");
?>
&query=<?php
echo base64_encode($base_query);
?>
">tab</a>
-
<a href="<?php
echo $_SERVER['PHP_SELF'];
?>
?export=csv&separator=<?php
echo urlencode(',');
?>
&query=<?php
echo base64_encode($base_query);
?>
">comma</a>
-
<a href="<?php
echo $_SERVER['PHP_SELF'];
?>
?export=csv&separator=<?php
echo urlencode(';');
?>
&query=<?php
echo base64_encode($base_query);
?>
">semicolon</a>
</p>
<?php
} else {
?>
<p>Result: <b>OK</b>. Time: <b><?php
echo $time;
?>
</b> sec</p>
<?php
}
?>
<?php
if (is_numeric($found)) {
?>
<?php
if ($pages > 1) {
?>
<p>
<?php
if ($page > 1) {
?>
<?php
$ofs = ($page - 1) * $limit - $limit;
?>
<?php
$params = array('md5' => $md5_get, 'offset' => $ofs);
if ($_GET['only_select'] || $_POST['only_select']) {
$params['only_select'] = 1;
}
?>
<a href="<?php
echo url(self(), $params);
?>
"><< Prev</a>
<?php
}
?>
Page <b><?php
echo $page;
?>
</b> of <b><?php
echo $pages;
?>
</b>
<?php
if ($pages > $page) {
?>
<?php
$ofs = $page * $limit;
?>
<?php
$params = array('md5' => $md5_get, 'offset' => $ofs);
if ($_GET['only_select'] || $_POST['only_select']) {
$params['only_select'] = 1;
}
?>
<a href="<?php
echo url(self(), $params);
?>
">Next >></a>
<?php
}
?>
</p>
<?php
}
?>
<?php
if ($found) {
?>
<?php
$edit_table = table_from_query($base_query);
if ($edit_table) {
$edit_pk = array_first_key($rows[0]);
if (is_numeric($edit_pk)) {
$edit_table = false;
}
}
if ($edit_table) {
$types = table_columns($edit_table);
if ($types && count($types)) {
if (in_array($edit_pk, array_keys($types))) {
if (!array_col_match_unique($rows, $edit_pk, '#^\\d+$#')) {
$edit_pk = guess_pk($rows);
if (!$edit_pk) {
$edit_table = false;
}
}
} else {
$edit_table = false;
}
} else {
$edit_table = false;
}
}
$edit_url = '';
if ($edit_table) {
$edit_url = url(self(true), array('action' => 'editrow', 'table' => $edit_table, 'pk' => $edit_pk, 'id' => '%s'));
}
?>
<table class="ls" cellspacing="1">
<tr>
<?php
if ($edit_url) {
?>
<th>#</th><?php
}
?>
<?php
foreach ($rows[0] as $col => $v) {
?>
<th><?php
echo $col;
?>
</th>
<?php
}
?>
</tr>
<?php
foreach ($rows as $row) {
?>
<tr onclick="mark_row(this, event)">
<?php
if ($edit_url) {
?>
<td valign=top><a href="javascript:void(0)" onclick="popup('<?php
echo sprintf($edit_url, $row[$edit_pk]);
?>
', <?php
echo EDITROW_POPUP_WIDTH;
?>
, <?php
echo EDITROW_POPUP_HEIGHT;
?>
)">Edit</a> </td>
<?php
}
?>
<?php
$count_cols = 0;
foreach ($row as $v) {
$count_cols++;
}
?>
<?php
foreach ($row as $k => $v) {
?>
<?php
if (preg_match('#^\\s*<a[^>]+>[^<]+</a>\\s*$#iU', $v) && strlen(strip_tags($v)) < 50) {
$v = strip_tags($v, '<a>');
$v = create_links($v);
} else {
$v = strip_tags($v);
$v = str_replace(' ', ' ', $v);
$v = preg_replace('#[ ]+#', ' ', $v);
$v = create_links($v);
if (!$full_content && strlen($v) > 50) {
if (1 == $count_cols) {
$v = truncate_html($v, 255);
} else {
$v = truncate_html($v, 50);
}
}
// $v = html_once($v); - create_links() disabling
}
if ($full_content) {
$v = str_wrap($v, 80, '<br>', true);
}
if ($full_content) {
$v = nl2br($v);
}
//$v = stripslashes(stripslashes($v));
if (isset($types[$k]) && $types && $types[$k] == 'int' && IsTimestampColumn($k, $v)) {
// 100 000 000 == 1973-03-03 10:46:40
// Only big integers change to dates, so a low one like "1054"
// does not get changed into a date, cause that would probably be wrong.
$tmp = date('Y-m-d H:i', $v);
if ($tmp) {
$v = $tmp;
}
}
?>
<td <?php
echo $full_content ? 'valign="top"' : '';
?>
nowrap><?php
echo is_null($row[$k]) ? '-' : $v;
?>
</td>
<?php
}
?>
</tr>
<?php
}
?>
</table>
<?php
}
?>
<?php
if ($pages > 1) {
?>
<p>
<?php
if ($page > 1) {
?>
<?php
$ofs = ($page - 1) * $limit - $limit;
?>
<?php
$params = array('md5' => $md5_get, 'offset' => $ofs);
if ($_GET['only_select'] || $_POST['only_select']) {
$params['only_select'] = 1;
}
?>
<a href="<?php
echo url(self(), $params);
?>
"><< Prev</a>
<?php
}
?>
Page <b><?php
echo $page;
?>
</b> of <b><?php
echo $pages;
?>
</b>
<?php
if ($pages > $page) {
?>
<?php
$ofs = $page * $limit;
?>
<?php
$params = array('md5' => $md5_get, 'offset' => $ofs);
if ($_GET['only_select'] || $_POST['only_select']) {
$params['only_select'] = 1;
}
?>
<a href="<?php
echo url(self(), $params);
?>
">Next >></a>
<?php
}
?>
</p>
<?php
}
?>
<?php
}
?>
<?php
$cont = ob_get_contents();
ob_end_clean();
$ret['data_html'] = $cont;
return $ret;
}
/**
* @param string $name
* @param array $attr
* @param string $content
* @return string
*/
function html_tag($name, $attr, $content)
{
$attrChain = array(array_filter_key_dg(function ($val, $key) {
$skip = $val === false;
return !$skip;
}));
if (Doctype::isXhtml()) {
$attrChain[] = array_map_val_dg(function ($val, $key) {
if (true === $val) {
$val = $key;
}
return $val;
});
}
$attrChain[] = array_map_key_dg(function ($val, $key) {
return preg_replace('/([\\t\\n\\f \\/>"\'=]+)/', '', $key);
});
$flags = htmlspecialchars_flags();
$attrChain[] = array_map_val_dg(function ($val, $key) use($flags) {
$val = str_wrap(htmlspecialchars($val, ENT_QUOTES | $flags), '"');
return " {$key}={$val}";
});
$attrChain[] = array_implode_dg('');
$attr = call_user_func_array('array_chain', array_merge(array($attr), $attrChain));
if (empty($content)) {
if (Doctype::isXhtml()) {
$ret = "<{$name}{$attr}/>";
} else {
$ret = "<{$name}{$attr}>";
}
} else {
$ret = "<{$name}{$attr}>{$content}</{$name}>";
}
return $ret;
}
/**
* Returns delegate that wraps $string with another string ( or character )
* @param string $with
* @return callable
*/
function str_wrap_dg($with)
{
return function ($string) use($with) {
return str_wrap($string, $with);
};
}