コード例 #1
0
ファイル: dbTableExecuter_1.php プロジェクト: necktwi/ferry
         if (!$error1 and !$error2) {
             if (!$error3) {
                 echo '<status>success</status>';
             } else {
                 echo '<status>' . $error3 . '</status>';
             }
             echo '<permissions>' . $qc . '</permissions>';
             echo '<users>' . $grexe['users'] . '</users>';
             echo '<comment>' . $comment . '</comment>';
         } else {
             echo '<status>' . $error1 . $error2 . '</status>';
         }
     }
     break;
 case 'createTable':
     $tableAllowed = tableAllowed($dbTable);
     if ($tableAllowed) {
         $columns = stripslashes(sqlinjection_free($_POST['columns']));
         $maxRs = sqlinjection_free($_POST['maxRs']);
         $dbTable = sqlinjection_free($_POST['dbTable']);
         $asObj = sqlinjection_free($_POST['role']);
         if ($asObj == 'INDIVIDUAL') {
             $asObj = 'u' . $_SESSION['uid'];
         } else {
             $asObj = 'o' . $asObj;
         }
         $comment = " COMMENT '{w" . $asObj . ",{*}}'";
         $query = "CREATE TABLE " . $dbTable . "(`index` INT(" . $maxRs . ") UNIQUE AUTO_INCREMENT" . $comment . "," . $columns . ") COMMENT='al:" . sqlinjection_free($_SESSION['function'][$_POST['role']]['aL']) . ",o:" . substr($asObj, 1) . "'";
         $result = mysql_query($query, $dbc);
         $error1 = mysql_error($dbc);
         if (!$error1) {
コード例 #2
0
ファイル: dbTableExecuter.php プロジェクト: necktwi/ferry
             $dbtUpdate['tables'][$dbTable]['op']['permitColUsers'][$colName] = $comment;
             if (!$error3) {
                 echo '<status>success</status>';
             } else {
                 echo '<status>' . $error3 . '</status>';
             }
             echo '<permissions>' . $qc . '</permissions>';
             echo '<users>' . $grexe['users'] . '</users>';
             echo '<comment>' . $comment . '</comment>';
         } else {
             echo '<status>' . $error1 . $error2 . '</status>';
         }
     }
     break;
 case 'createTable':
     $tableAllowed = tableAllowed($nTable | $dbTable);
     if ($tableAllowed) {
         $columns = $columns ? $columns : stripslashes(sqlinjection_free($_POST['columns']));
         $maxRs = $maxRs ? $maxRs : sqlinjection_free($_POST['maxRs']);
         $nTable = $nTable ? $nTable : sqlinjection_free($_POST['dbTable']);
         $asObj = sqlinjection_free($_POST['role']);
         if ($asObj == 'INDIVIDUAL') {
             $asObj = 'u' . $_SESSION['uid'];
         } else {
             $asObj = 'o' . $asObj;
         }
         $comment = " COMMENT '{w" . $asObj . ",{*}}'";
         $query = "CREATE TABLE " . $nTable . "(`index` INT(" . $maxRs . ") UNIQUE AUTO_INCREMENT" . $comment . ", " . $columns . ") COMMENT = 'al:" . sqlinjection_free($_SESSION['function'][$_POST['role']]['aL']) . ",o:" . substr($asObj, 1) . "'";
         $result = mysql_query($query, $dbc);
         $error1 = mysql_error($dbc);
         if (!$error1) {
コード例 #3
0
ファイル: dbTableExecuterForm.php プロジェクト: necktwi/ferry
            }
            onload=dbTableExecuter.init;
        </script>
    </head>
    <body>
        <div id="dbTableExecuterBdy" class="gdgBody">
            <?php 
if (!$userAuthorizationInfo) {
    if ($result || $liveDBTable['liveD']) {
        if (!$authorizeTransit and !$sm) {
            echo "<span>U r not authorized to view the table ~:|~</span>";
        } else {
            include 'dbTableExecuterOpener.php';
        }
    } else {
        if (tableAllowed($dbTable)) {
            include 'dbTableExecuterCreator.php';
        } else {
            echo "<span class='display' id='dbTableExecuter'>Table don exist n u r not authorized to create table with this name.</span></body></html>";
        }
    }
} else {
    echo $userAuthorizationInfo;
}
?>
        </div>
    </body>
</html>

<?php 
/* $spv=shm_put_var($dbtShmId, $dbtKey, $liveDBTable);