nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2025-12-30 00:53:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update sql_query.php

Browse Source
This commit is contained in:
FusionPBX
2019-12-07 00:40:53 -07:00
committed by GitHub
parent b7e16ac035
commit 6d26f3c88a
1 changed files with 44 additions and 162 deletions
Download Patch File Download Diff File Expand all files Collapse all files

206
app/sql_query/sql_query.php
View File

@@ -31,7 +31,7 @@
require_once "resources/check_auth.php";
//permissions
if (permission_exists('exec_view')) {
if (permission_exists('sql_query')) {
//access granted
}
else {
@@ -51,7 +51,6 @@
$setting_numbering = ($_SESSION["editor"]["line_numbers"]["boolean"] != '') ? $_SESSION["editor"]["line_numbers"]["boolean"] : 'true';
//get the html values and set them as variables
$handler = ($_REQUEST["handler"] != '') ? trim($_REQUEST["handler"]) : ((permission_exists('exec_switch')) ? 'switch' : null);
$code = trim($_POST["code"]);
$command = trim($_POST["command"]);
@@ -64,20 +63,14 @@
}
//set editor moder
switch ($handler) {
case 'php': $mode = 'php'; break;
case 'sql': $mode = 'sql'; break;
default: $mode = 'text';
}
$mode = 'sql';
//show the header
require_once "resources/header.php";
$document['title'] = $text['title-command'];
//pdo database connection
if (permission_exists('exec_sql')) {
require_once "sql_query_pdo.php";
}
require_once "sql_query_pdo.php";
//scripts and styles
?>
@@ -86,7 +79,6 @@
document.getElementById('command').value = editor.getSession().getValue();
if (document.getElementById('mode').value == 'sql') {
$('#frm').prop('target', 'iframe').prop('action', 'sql_query_result.php?code='+ document.getElementById('code').value);
$('#sql_response').show();
}
else {
if (document.getElementById('command').value == '') {
@@ -124,60 +116,12 @@
function set_handler(handler) {
switch (handler) {
<?php if (permission_exists('exec_switch')) { ?>
case 'switch':
document.getElementById('description').innerHTML = "<?php echo $text['description-switch'];?>";
editor.getSession().setMode('ace/mode/text');
$('#mode option[value=text]').prop('selected',true);
<?php if (permission_exists('exec_sql')) { ?>
$('.sql_controls').hide();
document.getElementById('sql_type').selectedIndex = 0;
document.getElementById('table_name').selectedIndex = 0;
$('#iframe').prop('src','');
$('#sql_response').hide();
<?php } ?>
$('#response').show();
break;
<?php } ?>
<?php if (permission_exists('exec_php')) { ?>
case 'php':
document.getElementById('description').innerHTML = "<?php echo $text['description-php'];?>";
editor.getSession().setMode({path:'ace/mode/php', inline:true}); //highlight without opening tag
$('#mode option[value=php]').prop('selected',true);
<?php if (permission_exists('exec_sql')) { ?>
$('.sql_controls').hide();
document.getElementById('sql_type').selectedIndex = 0;
document.getElementById('table_name').selectedIndex = 0;
$('#iframe').prop('src','');
$('#sql_response').hide();
<?php } ?>
$('#response').show();
break;
<?php } ?>
<?php if (permission_exists('exec_command')) { ?>
case 'shell':
document.getElementById('description').innerHTML = "<?php echo $text['description-shell'];?>";
editor.getSession().setMode('ace/mode/text');
$('#mode option[value=text]').prop('selected',true);
<?php if (permission_exists('exec_sql')) { ?>
$('.sql_controls').hide();
document.getElementById('sql_type').selectedIndex = 0;
document.getElementById('table_name').selectedIndex = 0;
$('#iframe').prop('src','');
$('#sql_response').hide();
<?php } ?>
$('#response').show();
break;
<?php } ?>
<?php if (permission_exists('exec_sql')) { ?>
case 'sql':
document.getElementById('description').innerHTML = "<?php echo $text['description-sql'];?>";
editor.getSession().setMode('ace/mode/sql');
$('#mode option[value=sql]').prop('selected',true);
$('.sql_controls').show();
$('#response').hide();
break;
<?php } ?>
case 'sql':
document.getElementById('description').innerHTML = "<?php echo $text['description-sql'];?>";
editor.getSession().setMode('ace/mode/sql');
$('#mode option[value=sql]').prop('selected',true);
$('#response').hide();
break;
default:
break;
}
@@ -186,12 +130,7 @@
function reset_editor() {
editor.getSession().setValue('');
$('#command').val('');
$('#response').hide();
<?php if (permission_exists('exec_sql')) { ?>
$('#iframe').prop('src','');
$('#sql_response').hide();
<?php } ?>
$('#iframe').prop('src','');
focus_editor();
}
</script>
@@ -238,56 +177,38 @@
echo " <img src=\"data:image/png;base64, ".$image_base64."\" /><input type='text' class='txt' style='width: 150px; margin-left: 15px;' name='code' id='code' value=''>\n";
echo " &nbsp; &nbsp; &nbsp;\n";
if (permission_exists('exec_switch') || permission_exists('exec_php') || permission_exists('exec_command') || permission_exists('exec_sql')) {
echo " <select name='handler' id='handler' class='formfld' style='width:100px;' onchange=\"handler=this.value;set_handler(this.value);\">\n";
if (permission_exists('exec_switch')) { echo "<option value='switch' ".(($handler == 'switch') ? "selected='selected'" : null).">".$text['label-switch']."</option>\n"; }
if (permission_exists('exec_php')) { echo "<option value='php' ".(($handler == 'php') ? "selected='selected'" : null).">".$text['label-php']."</option>\n"; }
if (permission_exists('exec_command')) { echo "<option value='shell' ".(($handler == 'shell') ? "selected='selected'" : null).">".$text['label-shell']."</option>\n"; }
if (permission_exists('exec_sql')) { echo "<option value='sql' ".(($handler == 'sql') ? "selected='selected'" : null).">".$text['label-sql']."</option>\n"; }
echo " </select>\n";
}
//sql controls
if (permission_exists('exec_sql')) {
echo " <span class='sql_controls' ".(($handler != 'sql') ? "style='display: none;'" : null).">";
//echo " ".$text['label-table']."<br />";
echo " <select name='table_name' id='table_name' class='formfld'>\n";
echo " <option value=''></option>\n";
switch ($db_type) {
case 'sqlite': $sql = "select name from sqlite_master where type='table' order by name;"; break;
case 'pgsql': $sql = "select table_name as name from information_schema.tables where table_schema='public' and table_type='BASE TABLE' order by table_name"; break;
case 'mysql': $sql = "show tables"; break;
}
$database = new database;
$result = $database->select($sql, null, 'all');
if (is_array($result) && @sizeof($result) != 0) {
foreach ($result as &$row) {
$row = array_values($row);
echo " <option value='".escape($row[0])."'>".escape($row[0])."</option>\n";
}
}
unset($sql, $result, $row);
echo " </select>\n";
//echo " <br /><br />\n";
//echo " ".$text['label-result_type']."<br />";
echo " <select name='sql_type' id='sql_type' class='formfld'>\n";
echo " <option value=''>".$text['option-result_type_view']."</option>\n";
echo " <option value='csv'>".$text['option-result_type_csv']."</option>\n";
echo " <option value='inserts'>".$text['option-result_type_insert']."</option>\n";
echo " </select>\n";
echo " </span>";
echo " <span class='sql_controls'>";
//echo " ".$text['label-table']."<br />";
echo " <select name='table_name' id='table_name' class='formfld'>\n";
echo " <option value=''></option>\n";
switch ($db_type) {
case 'sqlite': $sql = "select name from sqlite_master where type='table' order by name;"; break;
case 'pgsql': $sql = "select table_name as name from information_schema.tables where table_schema='public' and table_type='BASE TABLE' order by table_name"; break;
case 'mysql': $sql = "show tables"; break;
}
echo " <input type='button' class='btn' style='margin-top: 0px;' title=\"".$text['button-execute']." [Ctrl+Enter]\" value=\" ".$text['button-execute']." \" onclick=\"$('form#frm').submit();\">";
echo " <input type='button' class='btn' style='margin-top: 0px;' title=\"\" value=\" ".$text['button-reset']." \" onclick=\"reset_editor();\">";
$database = new database;
$result = $database->select($sql, null, 'all');
if (is_array($result) && @sizeof($result) != 0) {
foreach ($result as &$row) {
$row = array_values($row);
echo " <option value='".escape($row[0])."'>".escape($row[0])."</option>\n";
}
}
unset($sql, $result, $row);
echo " </select>\n";
//echo " <br /><br />\n";
//echo " ".$text['label-result_type']."<br />";
echo " <select name='sql_type' id='sql_type' class='formfld'>\n";
echo " <option value=''>".$text['option-result_type_view']."</option>\n";
echo " <option value='csv'>".$text['option-result_type_csv']."</option>\n";
echo " <option value='inserts'>".$text['option-result_type_insert']."</option>\n";
echo " </select>\n";
echo " </span>";
echo " <input type='button' class='btn' style='margin-top: 0px;' title=\"".$text['button-execute']." [Ctrl+Enter]\" value=\" ".$text['button-execute']." \" onclick=\"$('form#frm').submit();\">";
echo " <input type='button' class='btn' style='margin-top: 0px;' title=\"\" value=\" ".$text['button-reset']." \" onclick=\"reset_editor();\">";
//if (permission_exists('exec_sql')) {
// echo " <span class='sql_controls' ".(($handler != 'sql') ? "style='display: none;'" : null).">";
// //echo " <input type='button' class='btn' alt='".$text['button-select_database']."' onclick=\"document.location.href='sql_query_db.php'\" value='".$text['button-select_database']."'>\n";
// if (permission_exists('exec_sql_backup')) {
// echo " <input type='button' class='btn' alt='".$text['button-backup']."' onclick=\"document.location.href='sql_backup.php".((strlen($_REQUEST['id']) > 0) ? "?id=".$_REQUEST['id'] : null)."'\" value='".$text['button-backup']."'>\n";
// }
// echo " </span>";
//}
echo " </td>";
echo " </tr>";
echo " <tr><td colspan='2'>\n";
@@ -456,51 +377,12 @@
<?php
//show the result
if (is_array($_POST)) {
if ($command != '') {
$result = '';
switch ($handler) {
case 'shell':
if (permission_exists('exec_command') && $command_authorized) {
$result = shell_exec($command . " 2>&1");
}
break;
case 'php':
if (permission_exists('exec_php') && $command_authorized) {
ob_start();
eval($command);
$result = ob_get_contents();
ob_end_clean();
}
break;
case 'switch':
if (permission_exists('exec_switch') && $command_authorized) {
$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
if ($fp) {
$result = event_socket_request($fp, 'api '.$command);
}
}
break;
}
if ($result != '') {
echo "<span id='response'>";
echo "<b>".$text['label-response']."</b>\n";
echo "<br /><br />\n";
echo ($handler == 'switch') ? "<textarea style='width: 100%; height: 450px; font-family: monospace; padding: 15px;' wrap='off'>".$result."</textarea>\n" : "<pre>".escape($result)."</pre>";
echo "</span>";
}
}
}
//sql result
if (permission_exists('exec_sql')) {
echo "<span id='sql_response' style='display: none;'>";
echo "<b>".$text['label-results']."</b>\n";
echo "<br /><br />\n";
echo "<iframe name='iframe' id='iframe' style='width: calc(100% - 3px); height: 500px; background-color: #fff; border: 1px solid #c0c0c0;'></iframe>\n";
echo "</span>";
}
echo "<span id='sql_response'>";
//echo "<b>".$text['label-results']."</b>\n";
//echo "<br /><br />\n";
echo "<iframe name='iframe' id='iframe' style='width: calc(100% - 3px); height: 500px; background-color: #fff; border: 0px solid #c0c0c0;'></iframe>\n";
echo "</span>";
//show the footer
require_once "resources/footer.php";