0) { $SQL_ARRAY=file($sf); } } function WriteSQL() { global $SQL_ARRAY,$config; $sf=$config['paths']['config'] . 'sql_statements'; $str=""; for ($i=0; $i < count($SQL_ARRAY); $i++) { $str.=$SQL_ARRAY[$i]; if (substr($str,-1) != "\n" && $i != ( count($SQL_ARRAY) - 1 )) $str.="\n"; } if ($config['magic_quotes_gpc']) $str=stripslashes($str); $fp=fopen($sf,"wb"); fwrite($fp,$str); fclose($fp); } function SQL_Name($index) { global $SQL_ARRAY; $s=explode('|',$SQL_ARRAY[$index]); return $s[0]; } function SQL_String($index) { global $SQL_ARRAY; if (isset($SQL_ARRAY[$index]) && !empty($SQL_ARRAY[$index])) { $s=explode('|',$SQL_ARRAY[$index],2); return ( isset($s[1]) ) ? $s[1] : ''; } } function SQL_ComboBox() { global $SQL_ARRAY,$tablename,$nl; $s=''; if (count($SQL_ARRAY) > 0) { $s=$nl . $nl . '' . $nl . $nl; } return $s; } function Table_ComboBox() { global $db,$config,$lang,$nl; $tabellen=mysql_query('SHOW TABLES FROM `' . $db . '`',$config['dbconnection']); $num_tables=mysql_num_rows($tabellen); $s=$nl . $nl . '' . $nl . $nl; return $s; } function TableComboBox($default='') { global $db,$config,$lang,$nl; $tabellen=mysql_list_tables($db,$config['dbconnection']); $num_tables=mysql_num_rows($tabellen); $s='' . $nl; for ($i=0; $i < $num_tables; $i++) { $t=mysql_tablename($tabellen,$i); $s.='' . $nl; } return $s; } function DB_Exists($db) { global $config; if (!isset($config['dbconnection'])) MSD_mysql_connect(); $erg=false; $dbs=mysql_list_dbs($config['dbconnection']); while ($row=mysql_fetch_object($dbs)) { if (strtolower($row->Database) == strtolower($db)) { $erg=true; break; } } return $erg; } function Table_Exists($db, $table) { global $config; if (!isset($config['dbconnection'])) MSD_mysql_connect(); $sqlt="SHOW TABLES FROM `$db`"; $res=MSD_query($sqlt); if ($res) { $tables=array(); WHILE ($row=mysql_fetch_row($res)) { $tables[]=$row[0]; } if (in_array($table,$tables)) return true; } return false; } function DB_Empty($dbn) { $r="DROP DATABASE `$dbn`;\nCREATE DATABASE `$dbn`;"; MSD_DoSQL($r); } function sqlReturnsRecords($sql) { global $mysql_SQLhasRecords; $s=explode(' ',$sql); return in_array(strtoupper($s[0]),$mysql_SQLhasRecords) ? 1 : 0; } function getCountSQLStatements($sql) { $z=0; $l=strlen($sql); $inQuotes=false; for ($i=0; $i < $l; $i++) { if ($sql[$i] == "'" || $sql[$i] == '"') $inQuotes=!$inQuotes; if (( $sql[$i] == ';' && $inQuotes == false ) || $i == $l - 1) $z++; } return $z; } function splitSQLStatements2Array($sql) { $z=0; $sqlArr=array(); $tmp=''; $sql=str_replace("\n",'',$sql); $l=strlen($sql); $inQuotes=false; for ($i=0; $i < $l; $i++) { $tmp.=$sql[$i]; if ($sql[$i] == "'" || $sql[$i] == '"') $inQuotes=!$inQuotes; if ($sql[$i] == ';' && $inQuotes == false) { $z++; $sqlArr[]=$tmp; $tmp=''; } } if (trim($tmp) != '') $sqlArr[]=$tmp; return $sqlArr; } function DB_Copy($source, $destination, $drop_source=0, $insert_data=1) { global $config; if (!isset($config['dbconnection'])) MSD_mysql_connect(); $SQL_Array=$t=""; if (!DB_Exists($destination)) $SQL_Array.="CREATE DATABASE `$destination` ;\n"; $SQL_Array.="USE `$destination` ;\n"; $tabellen=mysql_list_tables($source,$config['dbconnection']); $num_tables=mysql_num_rows($tabellen); for ($i=0; $i < $num_tables; $i++) { $table=mysql_tablename($tabellen,$i); $sqlt="SHOW CREATE TABLE `$source`.`$table`"; $res=MSD_query($sqlt); $row=mysql_fetch_row($res); $c=$row[1]; if (substr($c,-1) == ";") $c=substr($c,0,strlen($c) - 1); $SQL_Array.=( $insert_data == 1 ) ? "$c SELECT * FROM `$source`.`$table` ;\n" : "$c ;\n"; } if ($drop_source == 1) $SQL_Array.="DROP DATABASE `$source` ;"; mysql_select_db($destination); MSD_DoSQL($SQL_Array); } function Table_Copy($source, $destination, $insert_data, $destinationdb="") { global $config; if (!isset($config['dbconnection'])) MSD_mysql_connect(); $SQL_Array=$t=""; $sqlc="SHOW CREATE TABLE $source"; $res=MSD_query($sqlc); $row=mysql_fetch_row($res); $c=$row[1]; $a1=strpos($c,"`"); $a2=strpos($c,"`",$a1 + 1); $c=substr($c,0,$a1 + 1) . $destination . substr($c,$a2); if (substr($c,-1) == ";") $c=substr($c,0,strlen($c) - 1); $SQL_Array.=( $insert_data == 1 ) ? "$c SELECT * FROM $source ;\n" : "$c ;\n"; //echo "
$SQL_Array
"; MSD_DoSQL($SQL_Array); } function MSD_DoSQL($sqlcommands, $limit="") { global $config,$out,$numrowsabs,$numrows,$num_befehle,$time_used,$sql; if (!isset($sql['parser']['sql_commands'])) $sql['parser']['sql_commands']=0; if (!isset($sql['parser']['sql_errors'])) $sql['parser']['sql_errors']=0; $sql['parser']['time_used']=getmicrotime(); if (!isset($config['dbconnection'])) MSD_mysql_connect(); $out=$sqlcommand=''; $allSQL=splitSQLStatements2Array($sqlcommands); #explode(';',preg_replace('/\r\n|\n/', '', $sqlcommands)); $sql_queries=count($allSQL); if (!isset($allSQL[$sql_queries - 1])) $sql_queries--; if ($sql_queries == 1) { SQLParser($allSQL[0]); $sql['parser']['sql_commands']++; $out.=Stringformat(( $sql['parser']['sql_commands'] ),4) . ': ' . $allSQL[0] . "\n"; $result=MSD_query($allSQL[0]); } else { for ($i=0; $i < $sql_queries; $i++) { $allSQL[$i]=trim(rtrim($allSQL[$i])); if ($allSQL[$i] != "") { $sqlcommand.=$allSQL[$i]; $sqlcommand=SQLParser($sqlcommand); if ($sql['parser']['start'] == 0 && $sql['parser']['end'] == 0 && $sqlcommand != '') { //sql complete $sql['parser']['sql_commands']++; $out.=Stringformat(( $sql['parser']['sql_commands'] ),4) . ': ' . $sqlcommand . "\n"; $result=MSD_query($sqlcommand); $sqlcommand=""; } } } } $sql['parser']['time_used']=getmicrotime() - $sql['parser']['time_used']; } function SQLParser($command, $debug=0) { global $sql; $sql['parser']['start']=$sql['parser']['end']=0; $sql['parser']['sqlparts']=0; if (!isset($sql['parser']['drop'])) $sql['parser']['drop']=0; if (!isset($sql['parser']['create'])) $sql['parser']['create']=0; if (!isset($sql['parser']['insert'])) $sql['parser']['insert']=0; if (!isset($sql['parser']['update'])) $sql['parser']['update']=0; if (!isset($sql['parser']['comment'])) $sql['parser']['comment']=0; $Backslash=chr(92); $s=rtrim(trim(( $command ))); //Was ist das für eine Anfrage ? if (substr($s,0,1) == "#" || substr($s,0,2) == "--") { $sql['parser']['comment']++; $s=""; } elseif (strtoupper(substr($s,0,5)) == "DROP ") { $sql['parser']['drop']++; } elseif (strtoupper(substr($s,0,7)) == "CREATE ") { //Hier nur die Anzahl der Klammern zählen $sql['parser']['start']=1; $kl1=substr_count($s,"("); $kl2=substr_count($s,")"); if ($kl2 - $kl1 == 0) { $sql['parser']['start']=0; $sql['parser']['create']++; } } elseif (strtoupper(substr($s,0,7)) == "INSERT " || strtoupper(substr($s,0,7)) == "UPDATE ") { if (strtoupper(substr($s,0,7)) == "INSERT ") $sql['parser']['insert']++; else $sql['parser']['update']++; $i=strpos(strtoupper($s)," VALUES") + 7; $st=substr($s,$i); $i=strpos($st,"(") + 1; $st=substr($st,$i); $st=substr($st,0,strlen($st) - 2); $tb=explode(",",$st); for ($i=0; $i < count($tb); $i++) { $first=$B_Esc=$B_Ticks=$B_Dashes=0; $v=trim($tb[$i]); //Ticks + Dashes zählen for ($cpos=2; $cpos <= strlen($v); $cpos++) { if (substr($v,( -1 * $cpos ),1) == "'") { $B_Ticks++; } else { break; } } for ($cpos=2; $cpos <= strlen($v); $cpos++) { if (substr($v,( -1 * $cpos ),1) == '"') { $B_Dashes++; } else { break; } } //Backslashes zählen for ($cpos=2 + $B_Ticks; $cpos <= strlen($v); $cpos++) { if (substr($v,( -1 * $cpos ),1) == "\\") { $B_Esc++; } else { break; } } if ($v == "NULL" && $sql['parser']['start'] == 0) { $sql['parser']['start']=1; $sql['parser']['end']=1; } if ($sql['parser']['start'] == 0 && is_numeric($v)) { $sql['parser']['start']=1; $sql['parser']['end']=1; } if ($sql['parser']['start'] == 0 && substr($v,0,2) == "0X" && strpos($v," ") == false) { $sql['parser']['start']=1; $sql['parser']['end']=1; } if ($sql['parser']['start'] == 0 && is_object($v)) { $sql['parser']['start']=1; $sql['parser']['end']=1; } if (substr($v,0,1) == "'" && $sql['parser']['start'] == 0) { $sql['parser']['start']=1; if (strlen($v) == 1) $first=1; $DELIMITER="'"; } if (substr($v,0,1) == '"' && $sql['parser']['start'] == 0) { $sql['parser']['start']=1; if (strlen($v) == 1) $first=1; $DELIMITER='"'; } if ($sql['parser']['start'] == 1 && $sql['parser']['end'] != 1 && $first == 0) { if (substr($v,-1) == $DELIMITER) { $B_Delimiter=( $DELIMITER == "'" ) ? $B_Ticks : $B_Dashes; //ist Delimiter maskiert? if (( $B_Esc % 2 ) == 1 && ( $B_Delimiter % 2 ) == 1 && strlen($v) > 2) { $sql['parser']['end']=1; } elseif (( $B_Delimiter % 2 ) == 1 && strlen($v) > 2) { //ist mit `'` maskiert $sql['parser']['end']=0; } elseif (( $B_Esc % 2 ) == 1) { //ist mit Backslash maskiert $sql['parser']['end']=0; } else { $sql['parser']['end']=1; } } } if ($debug == 1) echo "" . $sql['parser']['start'] . "/" . $sql['parser']['end'] . " Feld $i: " . htmlspecialchars($tb[$i]) . "- " . $sql['parser']['sqlparts'] . " ($B_Ticks / $B_Esc)
"; if ($sql['parser']['start'] == 1 && $sql['parser']['end'] == 1) { $sql['parser']['sqlparts']++; $sql['parser']['start']=$sql['parser']['end']=0; } } } return $s; } function SQLOutput($sqlcommand, $meldung='') { global $sql,$lang; $s='
' . $lang['L_SQL_OUTPUT'] . '
'; if ($meldung != '') $s.=$meldung; if (isset($sql['parser']['sql_commands'])) { $s.='' . $sql['parser']['sql_commands'] . '' . $lang['L_SQL_COMMANDS_IN'] . round($sql['parser']['time_used'],4) . $lang['L_SQL_COMMANDS_IN2'] . '

'; $s.=$lang['L_SQL_OUT1'] . '' . $sql['parser']['drop'] . ' DROP-, '; $s.='' . $sql['parser']['create'] . ' CREATE-, '; $s.='' . $sql['parser']['insert'] . ' INSERT-, '; $s.='' . $sql['parser']['update'] . ' UPDATE-' . $lang['L_SQL_OUT2'] . '
'; $s.=$lang['L_SQL_OUT3'] . '' . $sql['parser']['comment'] . ' ' . $lang['L_SQL_OUT4'] . '
'; if ($sql['parser']['sql_commands'] < 50) $s.='
' . Highlight_SQL($sqlcommand) . '
'; else $s.=$lang['L_SQL_OUT5']; } elseif ($sqlcommand != '') $s.='
' . $lang['L_SQL_OUTPUT'] . '
' . Highlight_SQL($sqlcommand) . '
'; return $s . '
'; } function GetCreateTable($db, $tabelle) { global $config; if (!isset($config['dbconnection'])) MSD_mysql_connect(); $res=mysql_query("SHOW CREATE TABLE `$db`.`$tabelle`"); if ($res) { $row=mysql_fetch_array($res); if (isset($row['Create Table'])) return $row['Create Table']; elseif (isset($row['Create View'])) return $row['Create View']; else return false; } else return mysql_error(); } function KindSQL($sql) { if (preg_match('@^((-- |#)[^\n]*\n|/\*.*?\*/)*(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@im',$sql)) { return 2; } elseif (preg_match('@^((-- |#)[^\n]*\n|/\*.*?\*/)*(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@im',$sql)) { return 1; } } function GetPostParams() { global $db,$dbid,$tablename,$context,$limitstart,$order,$orderdir,$sql; $db=$_POST['db']; $dbid=$_POST['dbid']; $tablename=$_POST['tablename']; $context=$_POST['context']; $limitstart=$_POST['limitstart']; $order=$_POST['order']; $orderdir=$_POST['orderdir']; $sql['sql_statement']=( isset($_POST['sql_statement']) ) ? $_POST['sql_statement'] : "SELECT * FROM `$tablename`"; } // when fieldnames contain spaces or dots they are replaced with underscores // we need to built the same index to get the postet values for inserts and updates function correct_post_index($index) { $index=str_replace(' ','_',$index); $index=str_replace('.','_',$index); return $index; } function ComboCommandDump($when, $index) { global $SQL_ARRAY,$nl,$databases,$lang; if (count($SQL_ARRAY) == 0) { $r='' . $lang['L_SQL_BEFEHLE'] . ''; if ($when == 0) $r.=''; else $r.=''; } else { if ($when == 0) { $r=''; $csql=$databases['command_after_dump'][$index]; } $r.='' . "\n"; if (count($SQL_ARRAY) > 0) { for ($i=0; $i < count($SQL_ARRAY); $i++) { $s=trim(SQL_String($i)); $r.='' . "\n"; } } $r.=''; } return $r; } function EngineCombo($default="") { global $config; if (!$config['dbconnection']) MSD_mysql_connect(); $r=''; if (!MSD_NEW_VERSION) { //BDB | HEAP | ISAM | InnoDB | MERGE | MRG_MYISAM | MYISAM $r.=''; $r.=''; $r.=''; $r.=''; $r.=''; $r.=''; $r.=''; } else { $res=mysql_query("SHOW ENGINES"); $num=mysql_num_rows($res); for ($i=0; $i < $num; $i++) { $row=mysql_fetch_array($res); $r.=''; } } return $r; } function CharsetCombo($default="") { global $config; if (!MSD_NEW_VERSION) { return ""; } else { if (!isset($config['dbconnection'])) MSD_mysql_connect(); $res=mysql_query("SHOW Charset"); $num=mysql_num_rows($res); $r=''; $charsets=array(); for ($i=0; $i < $num; $i++) { $charsets[]=mysql_fetch_array($res); } if (is_array($charsets)) { $charsets=mu_sort($charsets,'Charset'); foreach ($charsets as $row) { $r.=''; } } return $r; } } function GetCollationArray() { global $config; if (!isset($config['dbconnection'])) MSD_mysql_connect(); $res=mysql_query("SHOW Collation"); $num=@mysql_num_rows($res); $r=Array(); if (is_array($r)) { for ($i=0; $i < $num; $i++) { $row=mysql_fetch_array($res); $r[$i]['Collation']=isset($row['Collation']) ? $row['Collation'] : ''; $r[$i]['Charset']=isset($row['Charset']) ? $row['Charset'] : ''; $r[$i]['Id']=isset($row['Id']) ? $row['Id'] : ''; $r[$i]['Default']=isset($row['Default']) ? $row['Default'] : ''; $r[$i]['Compiled']=isset($row['Compiled']) ? $row['Compiled'] : ''; $r[$i]['Sortlen']=isset($row['Sortlen']) ? $row['Sortlen'] : ''; } } return $r; } function CollationCombo($default="", $withcharset=0) { if (!MSD_NEW_VERSION) { return ""; } else { $r=GetCollationArray(); sort($r); $s=''; $s=''; $group=''; for ($i=0; $i < count($r); $i++) { $gc=$r[$i]['Charset']; if ($gc != $group) { $group=$gc; if ($i > 0) $s.=''; $s.=''; } $s.=''; } return $s . ''; } } function AttributeCombo($default='') { $s=''; $s.=''; $s.=''; return $s; } function simple_bbcode_conversion($a) { global $config; $tag_start=''; $tag_end=''; //replacements $a=nl2br($a); $a=str_replace('
','
',$a); $a=str_replace('
','
',$a); $a=preg_replace("/\[url=(.*?)\](.*?)\[\/url\]/si","$2",$a); $a=preg_replace("/\[urltargetself=(.*?)\](.*?)\[\/urltargetself\]/si","$2",$a); $a=preg_replace("/\[url\](.*?)\[\/url\]/si","$1",$a); $a=preg_replace("/\[ed2k=\+(.*?)\](.*?)\[\/ed2k\]/si","$2",$a); $a=preg_replace("/\[ed2k=(.*?)\](.*?)\[\/ed2k\]/si","$2",$a); $a=preg_replace("/\[center\](.*?)\[\/center\]/si","
$1
",$a); $a=preg_replace("/\[size=([1-2]?[0-9])\](.*?)\[\/size\]/si","$2",$a); $a=preg_replace("/\[size=([1-2]?[0-9]):(.*?)\](.*?)\[\/size(.*?)\]/si","$3",$a); $a=preg_replace("/\[font=(.*?)\](.*?)\[\/font\]/si","$2",$a); $a=preg_replace("/\[color=(.*?)\](.*?)\[\/color\]/si","$2",$a); $a=preg_replace("/\[color=(.*?):(.*?)\](.*?)\[\/color(.*?)\]/si","$3",$a); $a=preg_replace("/\[img\](.*?)\[\/img\]/si","",$a); //$a=preg_replace("/\[b\](.*?)\[\/b\]/si", "$1", $a); $a=preg_replace("/\[b(.*?)\](.*?)\[\/b(.*?)\]/si","$2",$a); //$a=preg_replace("/\[u\](.*?)\[\/u\]/si", "$1", $a); $a=preg_replace("/\[u(.*?)\](.*?)\[\/u(.*?)\]/si","$2",$a); //$a=preg_replace("/\[i\](.*?)\[\/i\]/si", "$1", $a); $a=preg_replace("/\[i(.*?)\](.*?)\[\/i(.*?)\]/si","$2",$a); //$a=preg_replace("/\[quote\](.*?)\[\/quote\]/si", "

$1

", $a); $a=preg_replace("/\[quote(.*?)\](.*?)\[\/quote(.*?)\]/si","

$2

",$a); $a=preg_replace("/\[code(.*?)\](.*?)\[\/code(.*?)\]/si","

$2

",$a); $a=preg_replace("/\[hide\](.*?)\[\/hide\]/si","
$1
",$a); $a=preg_replace("/(^|\s)+((http:\/\/)|(www.))(.+)(\s|$)+/Uis"," http://$4$5 ",$a); return $tag_start . $a . $tag_end; } function ExtractTablenameFromSQL($q) { global $databases,$db,$dbid; $tablename=''; if (strlen($q) > 100) $q=substr($q,0,100); $p=trim($q); // if we get a list of tables - no current table is selected -> return '' if (strtoupper(substr($q,0,17)) == 'SHOW TABLE STATUS') return ''; // check for SELECT-Statement to extract tablename after FROM if (strtoupper(substr($p,0,7)) == 'SELECT ') { $parts=array(); $p=substr($p,strpos(strtoupper($p),'FROM') + 5); $parts=explode(' ',$p); $p=$parts[0]; } $suchen=array( 'SHOW ', 'SELECT', 'DROP', 'INSERT', 'UPDATE', 'DELETE', 'CREATE', 'TABLE', 'STATUS', 'FROM', '*' ); $ersetzen=array( '', '', '', '', '', '', '', '', '', '', '' ); $cleaned=trim(str_ireplace($suchen,$ersetzen,$p)); $tablename=$cleaned; if (strpos($cleaned,' ')) $tablename=substr($cleaned,0,strpos($cleaned,' ')); $tablename=str_replace('`','',$tablename); // remove backticks // take care of db-name.tablename if (strpos($tablename,'.')) { $p=explode('.',$tablename); $databases['db_actual']=$p[0]; // if database is changed in Query we need to get the index of the actual db $db_temp=array_flip($databases['Name']); if (isset($db_temp[$databases['db_actual']])) { $databases['db_selected_index']=$db_temp[$databases['db_actual']]; $dbid=$databases['db_selected_index']; } if (isset($_GET['tablename'])) unset($_GET['tablename']); //echo "
" . $db; $tablename=$p[1]; } // if (Table_Exists($databases['db_actual'],$tablename)) return $tablename; // else return ''; return $tablename; } function GetOptionsCombo($arr, $default) { global $feldtypen,$feldattribute,$feldnull,$feldextras,$feldkeys,$feldrowformat; $r=''; foreach ($arr as $s) { $r.='' . "\n"; } return $r; } function make_options($arr, $selected) { $r=''; foreach ($arr as $key=>$val) { $r.='