-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsqlite_cmd_executer.php
More file actions
187 lines (159 loc) · 4.6 KB
/
sqlite_cmd_executer.php
File metadata and controls
187 lines (159 loc) · 4.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
<!DOCTYPE HTML>
<html>
<head>
<style>
tr:first-child > td {
border-bottom: 1px #000000 solid;
}
</style>
</head>
<body>
<?php
// define variables and set to empty values
$nameErr = $emailErr = $genderErr = $websiteErr = "";
$name = $email = $gender = $comment = $website = "";
$real_command = "";
$errorMessage = "";
$db_file_name = "bendo_duty.db";
$errMsg2 = "";
class SQLiteDB extends SQLite3
{
function __construct($db_file_path)
{
global $db_file_name;
$this->open($db_file_path);
}
}
// Process SQLite command
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Get database file
if( $_POST["hidd_db_file_name"] ){
$db_file_name = $_POST["hidd_db_file_name"];
}
if ( empty($_POST["comment"]) || empty($db_file_name) ) {
$comment = "";
} else {
$real_command = $_POST["comment"];
$comment = test_input($_POST["comment"]);
$db = new SQLiteDB($db_file_name);
// Process SQL command here
if (!$db){
$errorMessage = $db->lastErrorMsg();
}
else{
// No error on open DB, next check command...
$first_cmd = mb_substr($real_command, 0, 9);
if ( /* isset($_POST['btn_exec']) && */
/* (stristr($first_cmd, "update") != FALSE ||
stristr($first_cmd, "insert") != FALSE ||
stristr($first_cmd, "delete") != FALSE) */
!stristr($first_cmd, "select")
)
{
$ret = $db->exec($real_command);
if (!$ret){ $errorMessage = $db->lastErrorMsg(); }
if (!$errorMessage){
$errorMessage = "No error during SQLcmd execution, returned value=$ret";
}
}
else if ( /*isset($_POST['btn_query']) &&*/ stristr($first_cmd, "select") ){
$ret = $db->query($real_command);
if ($ret == FALSE){ $errorMessage = $db->lastErrorMsg(); }
if (!$errorMessage){
}
}
else{
$errorMessage = 'must press "query" when select, "exec" when others';
}
}
}
$comment = "";
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>PHP SQLite Command Executor</h2>
<p> </p>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<input type=hidden name="hidd_db_file_name" id="hidd_db_fn" value="<?php echo $db_file_name; ?>" />
<span>SQLite DB file:
<input type=text value="<?php echo $db_file_name; ?>" onblur="setHiddenFileName()" id="txt_db_file_name" />
<input type=submit value="Load database" />
</span>
<p> </p>
SQL Command:<br>
<textarea name="comment" rows="7" cols="60"><?php echo $comment;?></textarea>
<br><br>
<input type="submit" value="SQL Exec" id="btn_exec" name='btn_exec' onclick="queryButtonPressed('btn_exec')">
<input type="submit" value="SQL Query" id="btn_query" name="btn_query" onclick="queryButtonPressed('btn_query')" />
</form>
<script type='text/javascript'>
function queryButtonPressed(btn_id){
var thisBtn = document.getElementById(btn_id);
thisBtn.disabled = true;
thisBtn.value = "Processing";
} // queryButtonPressed()
function setHiddenFileName(){
var file_name_txt_elem = document.getElementById('txt_db_file_name');
var file_name_hid_elem = document.getElementById('hidd_db_fn');
file_name_hid_elem.value = file_name_txt_elem.value;
} // setHiddenFileName()
</script>
<?php
function print_col_names_as_table_row($col_name_array){
echo "<tr>";
foreach($col_name_array as $col_name){
echo "<td>" . $col_name . "</td>";
}
echo "</tr>";
}
function print_data_from_select_as_table_row($row_data_array){
echo "<tr>";
foreach( $row_data_array as $val ){
echo "<td>" . htmlentities($val) . "</td>";
}
echo "</tr>";
}
echo "<h2>Result:</h2>";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
/* SQL command you input */
echo "<br>--------<br>";
echo "Your input: <br>";
echo $real_command;
echo "<br>--------<br>";
/* SQL execution response from system */
if ($errorMessage){
echo "System response:<br>";
echo $errorMessage;
echo "<br>--------<br>";
}
/* SQL result */
if ( !$errorMessage ){
// row count:
$i = 0;
echo '<br><table cellspacing="0" cellpadding="2">';
while($row = $ret->fetchArray(SQLITE3_ASSOC) ){
// show column names
if ($i == 0){
$col_name_ary = array_keys($row);
print_col_names_as_table_row($col_name_ary);
}
// show row data
print_data_from_select_as_table_row($row);
$i = $i + 1;
}
echo "</table><br>";
echo "number of rows: $i";
}
if($db){
$db->close();
}
}
?>
</body>
</html>