From 6d26f3c88a2a158843d5750d1e9e9c58e9ea0f31 Mon Sep 17 00:00:00 2001 From: FusionPBX Date: Sat, 7 Dec 2019 00:40:53 -0700 Subject: [PATCH] Update sql_query.php --- app/sql_query/sql_query.php | 206 ++++++++---------------------------- 1 file changed, 44 insertions(+), 162 deletions(-) diff --git a/app/sql_query/sql_query.php b/app/sql_query/sql_query.php index 06f7436062..b9c156e446 100644 --- a/app/sql_query/sql_query.php +++ b/app/sql_query/sql_query.php @@ -31,7 +31,7 @@ require_once "resources/check_auth.php"; //permissions - if (permission_exists('exec_view')) { + if (permission_exists('sql_query')) { //access granted } else { @@ -51,7 +51,6 @@ $setting_numbering = ($_SESSION["editor"]["line_numbers"]["boolean"] != '') ? $_SESSION["editor"]["line_numbers"]["boolean"] : 'true'; //get the html values and set them as variables - $handler = ($_REQUEST["handler"] != '') ? trim($_REQUEST["handler"]) : ((permission_exists('exec_switch')) ? 'switch' : null); $code = trim($_POST["code"]); $command = trim($_POST["command"]); @@ -64,20 +63,14 @@ } //set editor moder - switch ($handler) { - case 'php': $mode = 'php'; break; - case 'sql': $mode = 'sql'; break; - default: $mode = 'text'; - } + $mode = 'sql'; //show the header require_once "resources/header.php"; $document['title'] = $text['title-command']; //pdo database connection - if (permission_exists('exec_sql')) { - require_once "sql_query_pdo.php"; - } + require_once "sql_query_pdo.php"; //scripts and styles ?> @@ -86,7 +79,6 @@ document.getElementById('command').value = editor.getSession().getValue(); if (document.getElementById('mode').value == 'sql') { $('#frm').prop('target', 'iframe').prop('action', 'sql_query_result.php?code='+ document.getElementById('code').value); - $('#sql_response').show(); } else { if (document.getElementById('command').value == '') { @@ -124,60 +116,12 @@ function set_handler(handler) { switch (handler) { - - case 'switch': - document.getElementById('description').innerHTML = ""; - editor.getSession().setMode('ace/mode/text'); - $('#mode option[value=text]').prop('selected',true); - - $('.sql_controls').hide(); - document.getElementById('sql_type').selectedIndex = 0; - document.getElementById('table_name').selectedIndex = 0; - $('#iframe').prop('src',''); - $('#sql_response').hide(); - - $('#response').show(); - break; - - - case 'php': - document.getElementById('description').innerHTML = ""; - editor.getSession().setMode({path:'ace/mode/php', inline:true}); //highlight without opening tag - $('#mode option[value=php]').prop('selected',true); - - $('.sql_controls').hide(); - document.getElementById('sql_type').selectedIndex = 0; - document.getElementById('table_name').selectedIndex = 0; - $('#iframe').prop('src',''); - $('#sql_response').hide(); - - $('#response').show(); - break; - - - case 'shell': - document.getElementById('description').innerHTML = ""; - editor.getSession().setMode('ace/mode/text'); - $('#mode option[value=text]').prop('selected',true); - - $('.sql_controls').hide(); - document.getElementById('sql_type').selectedIndex = 0; - document.getElementById('table_name').selectedIndex = 0; - $('#iframe').prop('src',''); - $('#sql_response').hide(); - - $('#response').show(); - break; - - - case 'sql': - document.getElementById('description').innerHTML = ""; - editor.getSession().setMode('ace/mode/sql'); - $('#mode option[value=sql]').prop('selected',true); - $('.sql_controls').show(); - $('#response').hide(); - break; - + case 'sql': + document.getElementById('description').innerHTML = ""; + editor.getSession().setMode('ace/mode/sql'); + $('#mode option[value=sql]').prop('selected',true); + $('#response').hide(); + break; default: break; } @@ -186,12 +130,7 @@ function reset_editor() { editor.getSession().setValue(''); - $('#command').val(''); - $('#response').hide(); - - $('#iframe').prop('src',''); - $('#sql_response').hide(); - + $('#iframe').prop('src',''); focus_editor(); } @@ -238,56 +177,38 @@ echo " \n"; echo "      \n"; - if (permission_exists('exec_switch') || permission_exists('exec_php') || permission_exists('exec_command') || permission_exists('exec_sql')) { - echo " \n"; - } - //sql controls - if (permission_exists('exec_sql')) { - echo " "; - //echo " ".$text['label-table']."
"; - echo " \n"; - //echo "

\n"; - //echo " ".$text['label-result_type']."
"; - echo " \n"; - echo " "; + echo " "; + //echo " ".$text['label-table']."
"; + echo " "; - echo " "; + $database = new database; + $result = $database->select($sql, null, 'all'); + if (is_array($result) && @sizeof($result) != 0) { + foreach ($result as &$row) { + $row = array_values($row); + echo " \n"; + } + } + unset($sql, $result, $row); + echo " \n"; + //echo "

\n"; + //echo " ".$text['label-result_type']."
"; + echo " \n"; + echo " "; + + echo " "; + echo " "; - //if (permission_exists('exec_sql')) { - // echo " "; - // //echo " \n"; - // if (permission_exists('exec_sql_backup')) { - // echo " 0) ? "?id=".$_REQUEST['id'] : null)."'\" value='".$text['button-backup']."'>\n"; - // } - // echo " "; - //} echo " "; echo " "; echo " \n"; @@ -456,51 +377,12 @@ &1"); - } - break; - case 'php': - if (permission_exists('exec_php') && $command_authorized) { - ob_start(); - eval($command); - $result = ob_get_contents(); - ob_end_clean(); - } - break; - case 'switch': - if (permission_exists('exec_switch') && $command_authorized) { - $fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']); - if ($fp) { - $result = event_socket_request($fp, 'api '.$command); - } - } - break; - } - if ($result != '') { - echo ""; - echo "".$text['label-response']."\n"; - echo "

\n"; - echo ($handler == 'switch') ? "\n" : "
".escape($result)."
"; - echo ""; - } - } - } - //sql result - if (permission_exists('exec_sql')) { - echo ""; - } + echo ""; + //echo "".$text['label-results']."\n"; + //echo "

\n"; + echo "\n"; + echo ""; //show the footer require_once "resources/footer.php";