if (!$error1 and !$error2) {
if (!$error3) {
echo '<status>success</status>';
} else {
echo '<status>' . $error3 . '</status>';
}
echo '<permissions>' . $qc . '</permissions>';
echo '<users>' . $grexe['users'] . '</users>';
echo '<comment>' . $comment . '</comment>';
} else {
echo '<status>' . $error1 . $error2 . '</status>';
}
}
break;
case 'createTable':
$tableAllowed = tableAllowed($dbTable);
if ($tableAllowed) {
$columns = stripslashes(sqlinjection_free($_POST['columns']));
$maxRs = sqlinjection_free($_POST['maxRs']);
$dbTable = sqlinjection_free($_POST['dbTable']);
$asObj = sqlinjection_free($_POST['role']);
if ($asObj == 'INDIVIDUAL') {
$asObj = 'u' . $_SESSION['uid'];
} else {
$asObj = 'o' . $asObj;
}
$comment = " COMMENT '{w" . $asObj . ",{*}}'";
$query = "CREATE TABLE " . $dbTable . "(`index` INT(" . $maxRs . ") UNIQUE AUTO_INCREMENT" . $comment . "," . $columns . ") COMMENT='al:" . sqlinjection_free($_SESSION['function'][$_POST['role']]['aL']) . ",o:" . substr($asObj, 1) . "'";
$result = mysql_query($query, $dbc);
$error1 = mysql_error($dbc);
if (!$error1) {
$dbtUpdate['tables'][$dbTable]['op']['permitColUsers'][$colName] = $comment;
if (!$error3) {
echo '<status>success</status>';
} else {
echo '<status>' . $error3 . '</status>';
}
echo '<permissions>' . $qc . '</permissions>';
echo '<users>' . $grexe['users'] . '</users>';
echo '<comment>' . $comment . '</comment>';
} else {
echo '<status>' . $error1 . $error2 . '</status>';
}
}
break;
case 'createTable':
$tableAllowed = tableAllowed($nTable | $dbTable);
if ($tableAllowed) {
$columns = $columns ? $columns : stripslashes(sqlinjection_free($_POST['columns']));
$maxRs = $maxRs ? $maxRs : sqlinjection_free($_POST['maxRs']);
$nTable = $nTable ? $nTable : sqlinjection_free($_POST['dbTable']);
$asObj = sqlinjection_free($_POST['role']);
if ($asObj == 'INDIVIDUAL') {
$asObj = 'u' . $_SESSION['uid'];
} else {
$asObj = 'o' . $asObj;
}
$comment = " COMMENT '{w" . $asObj . ",{*}}'";
$query = "CREATE TABLE " . $nTable . "(`index` INT(" . $maxRs . ") UNIQUE AUTO_INCREMENT" . $comment . ", " . $columns . ") COMMENT = 'al:" . sqlinjection_free($_SESSION['function'][$_POST['role']]['aL']) . ",o:" . substr($asObj, 1) . "'";
$result = mysql_query($query, $dbc);
$error1 = mysql_error($dbc);
if (!$error1) {
}
onload=dbTableExecuter.init;
</script>
</head>
<body>
<div id="dbTableExecuterBdy" class="gdgBody">
<?php
if (!$userAuthorizationInfo) {
if ($result || $liveDBTable['liveD']) {
if (!$authorizeTransit and !$sm) {
echo "<span>U r not authorized to view the table ~:|~</span>";
} else {
include 'dbTableExecuterOpener.php';
}
} else {
if (tableAllowed($dbTable)) {
include 'dbTableExecuterCreator.php';
} else {
echo "<span class='display' id='dbTableExecuter'>Table don exist n u r not authorized to create table with this name.</span></body></html>";
}
}
} else {
echo $userAuthorizationInfo;
}
?>
</div>
</body>
</html>
<?php
/* $spv=shm_put_var($dbtShmId, $dbtKey, $liveDBTable);