<input type="submit" name="sho" value="<?php
echo $sholbl;
?>
">
<p>
<input type="hidden" name="off" value="<?php
echo $nof;
?>
">
<input type="submit" name="p" value=" < ">
<input type="submit" name="n" value=" > ">
<p>
<input type="submit" name="del" value="<?php
echo $dellbl;
?>
" onclick="return confirm('<?php
echo $dellbl;
?>
, <?php
echo $cfmmsg;
?>
')" >
</th></tr>
</table></form>
<p>
<?php
}
Condition($in, $op, $st, $co);
Events($dlim, $in, $op, $st, $co);
include_once "inc/footer.php";
function GenQuery($tbl, $do = 's', $col = '*', $ord = '', $lim = '', $rawin = array(), $rawop = array(), $rawst = array(), $rawco = array(), $jn = '')
{
global $debug;
$tbl = pg_escape_string($tbl);
# Mitigate SQL injection
$ord = pg_escape_string($ord);
$lim = pg_escape_string($lim);
$in = array_map('pg_escape_string', $rawin);
$op = array_map('pg_escape_string', $rawop);
$st = array_map('pg_escape_string', $rawst);
$co = array_map('pg_escape_string', $rawco);
if ($do == 'i') {
$qry = "INSERT INTO {$tbl} (" . implode(',', $in) . ") VALUES ('" . implode("','", $st) . "')";
} elseif ($do == 'u') {
if ($in[0]) {
$x = 0;
foreach ($in as $c) {
$o = array_key_exists($x, $op) ? $op[$x] : '=';
# Use '=' if no operator is set
if ($c) {
$s[] = "{$c} {$o} '{$st[$x]}'";
}
$x++;
}
$qry = "UPDATE {$tbl} SET " . implode(',', $s) . " WHERE {$col} {$ord} '{$lim}'";
}
} elseif ($do == 'b') {
$qry = "SELECT datname FROM pg_database WHERE datistemplate = false and datname {$col} '{$tbl}'";
} elseif ($do == 'p') {
$qry = "DROP DATABASE {$tbl}";
} elseif ($do == 'h') {
$qry = "SELECT relname from pg_stat_user_tables ORDER BY relname";
} elseif ($do == 't') {
$qry = "TRUNCATE {$tbl}";
} elseif ($do == 'o') {
$qry = "VACUUM {$tbl}";
} elseif ($do == 'c') {
$qry = "SELECT column_name,data_type,is_nullable,column_default from INFORMATION_SCHEMA.COLUMNS where table_name = '{$tbl}' ORDER BY ordinal_position";
} elseif ($do == 'r') {
$qry = "VACUUM FULL {$tbl}";
} elseif ($do == 'v') {
$qry = "SELECT VERSION()";
} elseif ($do == 'x') {
$qry = "SELECT procpid,usename,datname FROM pg_stat_activity";
} else {
$l = $lim ? "LIMIT {$lim}" : "";
if (strstr($ord, 'ifname')) {
$desc = strpos($ord, 'desc') ? " desc" : "";
$ord = $desc ? substr($ord, 0, -5) : $ord;
# Cut away desc for proper handling below
$oar = explode(".", $ord);
# Handle table in join queries
$icol = ($oar[0] == 'ifname' or $oar[0] == 'nbrifname') ? 'ifname' : "{$oar['0']}.ifname";
$dcol = ($oar[0] == 'ifname' or $oar[0] == 'nbrifname') ? 'device' : "{$oar['0']}.device";
$od = "ORDER BY {$dcol} {$desc},substring({$icol} from '.*/')";
#TODO rework? GH:$od = "ORDER BY $dcol $desc,SUBSTRING_INDEX($icol, '/', 1), case when SUBSTRING_INDEX($icol, '/', -1) ~ '^\d+$' then cast(SUBSTRING_INDEX($icol, '/', -1) as bigint) else 0 end";
} elseif ($ord) {
$od = "ORDER BY {$ord}";
} else {
$od = "";
}
$w = Condition($in, $op, $st, $co, 2);
if (isset($_SESSION['view']) and $_SESSION['view'] and (strstr($jn, 'JOIN devices') or $tbl == 'devices')) {
$viewq = explode(' ', $_SESSION['view']);
$w = ($w ? "{$w} AND " : "WHERE ") . AdOpVal($viewq[0], $viewq[1], $viewq[2]);
}
if ($do == 'd') {
$qry = "DELETE FROM {$tbl} WHERE ctid IN (SELECT ctid FROM {$tbl} {$w} {$od} {$l})";
} elseif ($do == 's') {
$qry = "SELECT {$col} FROM {$tbl} {$jn} {$w} {$od} {$l}";
} else {
$cal = '';
$hav = '';
if (strpos($col, ';')) {
$xcol = explode(";", $col);
$col = $xcol[0];
if ($xcol[1] != '-') {
$cal = ", {$xcol['1']}";
}
if (array_key_exists(2, $xcol) and $xcol[2]) {
$hav = "having({$xcol['2']})";
}
}
$qry = "SELECT {$col},count(*) as cnt{$cal} FROM {$tbl} {$jn} {$w} GROUP BY {$col} {$hav} {$od} {$l}";
}
}
if ($debug) {
echo "<div class=\"textpad code warn\" style=\"width:600px\">";
debug_print_backtrace();
echo "<p><a href=\"System-Export.php?act=c&query=" . urlencode($qry) . "\">{$qry}</a></div>\n";
}
return $qry;
}
</script>
<?PHP
}elseif($fmt == 'svg'){
if( !isset($_GET['print']) ){echo "<h2>SVG Map</h2>";}
Map();
WriteSVG( Condition($in,$op,$st,$co,1) );
?>
<embed width="<?= $xm ?>" height="<?= $ym ?>" src="map/map_<?= $_SESSION[user] ?>.svg" name="SVG Map" type="image/svg+xml" style="display:block;margin-left:auto;margin-right:auto;border:1px solid black">
<?php
}else{
if($fmt){
if( !isset($_GET['print']) ){
echo "<h2><a href=\"Reports-Combination.php?map=1\"><img src=\"img/16/chrt.png\" title=\"$sholbl $cmblbl Report\"></a> PNG Map</h2>";
}
Map();
WritePNG( Condition($in,$op,$st,$co,1) );
}else{
if( !isset($_GET['print']) ){echo "<h3>PNG Map ($laslbl)</h3>";}
}
if (file_exists("map/map_$_SESSION[user].php")) {
?>
<img style="display:block;margin-left:auto;margin-right:auto;border:1px solid black" usemap="#net" src="map/map_<?= $_SESSION['user'] ?>.php">
<map name="net">
<?= $imgmap ?>
</map>
<?php
}
}
include_once ("inc/footer.php");
function GenQuery($tbl, $do = 's', $col = '*', $ord = '', $lim = '', $rawin = array(), $rawop = array(), $rawst = array(), $rawco = array(), $jn = '')
{
global $debug;
$tbl = mysql_real_escape_string($tbl);
# Mitigate SQL injection
$ord = mysql_real_escape_string($ord);
$lim = mysql_real_escape_string($lim);
$in = array_map('mysql_real_escape_string', $rawin);
$op = array_map('mysql_real_escape_string', $rawop);
$st = array_map('mysql_real_escape_string', $rawst);
$co = array_map('mysql_real_escape_string', $rawco);
if ($do == 'i') {
$qry = "INSERT INTO {$tbl} (" . implode(',', $in) . ") VALUES ('" . implode("','", $st) . "')";
} elseif ($do == 'u') {
if ($in[0]) {
$x = 0;
foreach ($in as $c) {
$o = array_key_exists($x, $op) ? $op[$x] : '=';
# Use '=' if no operator is set
if ($c) {
$s[] = "{$c} {$o} '{$st[$x]}'";
}
$x++;
}
$qry = "UPDATE {$tbl} SET " . implode(',', $s) . " WHERE {$col} {$ord} '{$lim}'";
}
} elseif ($do == 'b') {
$qry = "SHOW DATABASES {$col} '{$tbl}'";
} elseif ($do == 'p') {
$qry = "DROP DATABASE {$tbl}";
} elseif ($do == 'h') {
$qry = "SHOW TABLES {$tbl}";
} elseif ($do == 't') {
$qry = "TRUNCATE {$tbl}";
} elseif ($do == 'o') {
$qry = "OPTIMIZE TABLE {$tbl}";
} elseif ($do == 'c') {
$qry = "SHOW COLUMNS FROM {$tbl}";
} elseif ($do == 'r') {
$qry = "REPAIR TABLE {$tbl}";
} elseif ($do == 'v') {
$qry = "SELECT VERSION()";
} elseif ($do == 'x') {
$qry = "SHOW processlist";
} else {
$l = $lim ? "LIMIT {$lim}" : "";
if (strstr($ord, 'ifname')) {
$desc = strpos($ord, 'desc') ? " desc" : "";
$ord = $desc ? substr($ord, 0, -5) : $ord;
# Cut away desc for proper handling below
$oar = explode(".", $ord);
# Handle table in join queries
$icol = ($oar[0] == 'ifname' or $oar[0] == 'nbrifname') ? 'ifname' : "{$oar['0']}.ifname";
$dcol = ($oar[0] == 'ifname' or $oar[0] == 'nbrifname') ? 'device' : "{$oar['0']}.device";
$od = "ORDER BY {$dcol} {$desc},SUBSTRING_INDEX({$icol}, '/', 1), SUBSTRING_INDEX({$icol}, '/', -1)*1+0";
} elseif ($ord) {
$od = "ORDER BY {$ord}";
} else {
$od = "";
}
$w = Condition($in, $op, $st, $co, 2);
if (isset($_SESSION['view']) and $_SESSION['view'] and (strstr($jn, 'JOIN devices') or $tbl == 'devices')) {
$viewq = explode(' ', $_SESSION['view']);
$w = ($w ? "{$w} AND " : "WHERE ") . AdOpVal($viewq[0], $viewq[1], $viewq[2]);
}
if ($do == 'd') {
$qry = "DELETE FROM {$tbl} {$w} {$od} {$l}";
} elseif ($do == 's') {
$qry = "SELECT {$col} FROM {$tbl} {$jn} {$w} {$od} {$l}";
} else {
$cal = '';
$hav = '';
if (strpos($col, ';')) {
$xcol = explode(";", $col);
$col = $xcol[0];
if ($xcol[1] != '-') {
$cal = ", {$xcol['1']}";
}
if (array_key_exists(2, $xcol) and $xcol[2]) {
$hav = "having({$xcol['2']})";
}
}
$qry = "SELECT {$col},count(*) as cnt{$cal} FROM {$tbl} {$jn} {$w} GROUP BY {$col} {$hav} {$od} {$l}";
}
}
if ($debug) {
echo "<div class=\"textpad code warn\" style=\"width:600px\">";
debug_print_backtrace();
echo "<p><a href=\"System-Export.php?act=c&query=" . urlencode($qry) . "\">{$qry}</a></div>\n";
}
return $qry;
}
