/phpliteadmin.php
PHP | 4793 lines | 4597 code | 80 blank | 116 comment | 226 complexity | 3e15b00a35eb38a2d93fff5b6fa297ae MD5 | raw file
Large files files are truncated, but you can click here to view the full file
- <?php
-
- //
- // Project: phpLiteAdmin (http://phpliteadmin.googlecode.com)
- // Version: 1.9.3
- // Summary: PHP-based admin tool to manage SQLite2 and SQLite3 databases on the web
- // Last updated: 2012-11-02
- // Developers:
- // Dane Iracleous (daneiracleous@gmail.com)
- // Ian Aldrighetti (ian.aldrighetti@gmail.com)
- // George Flanagin & Digital Gaslight, Inc (george@digitalgaslight.com)
- // Christopher Kramer (crazy4chrissi@gmail.com)
- //
- //
- // Copyright (C) 2012 phpLiteAdmin
- //
- // This program is free software: you can redistribute it and/or modify
- // it under the terms of the GNU General Public License as published by
- // the Free Software Foundation, either version 3 of the License, or
- // (at your option) any later version.
- //
- // This program is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- // GNU General Public License for more details.
- //
- // You should have received a copy of the GNU General Public License
- // along with this program. If not, see <http://www.gnu.org/licenses/>.
- //
- ///////////////////////////////////////////////////////////////////////////
-
- //please report any bugs you encounter to http://code.google.com/p/phpliteadmin/issues/list
-
-
- //BEGIN USER-DEFINED VARIABLES
- //////////////////////////////
-
- //password to gain access
- $password = "admin";
-
- //directory relative to this file to search for databases (if false, manually list databases in the $databases variable)
- $directory = false;
-
- //whether or not to scan the subdirectories of the above directory infinitely deep
- $subdirectories = false;
-
- //if the above $directory variable is set to false, you must specify the databases manually in an array as the next variable
- //if any of the databases do not exist as they are referenced by their path, they will be created automatically
- $databases = array
- (
- array
- (
- "path"=> "db/db.sqlite",
- "name"=> "Database 1"
- ),
- );
-
- //a list of custom functions that can be applied to columns in the databases
- //make sure to define every function below if it is not a core PHP function
- $custom_functions = array('md5', 'md5rev', 'sha1', 'sha1rev', 'time', 'mydate', 'strtotime', 'myreplace');
-
- //define all the non-core custom functions
- function md5rev($value)
- {
- return strrev(md5($value));
- }
- function sha1rev($value)
- {
- return strrev(sha1($value));
- }
- function mydate($value)
- {
- return date("g:ia n/j/y", intval($value));
- }
- function myreplace($value)
- {
- return ereg_replace("[^A-Za-z0-9]", "", strval($value));
- }
-
- //changing the following variable allows multiple phpLiteAdmin installs to work under the same domain.
- $cookie_name = 'pla3412';
-
- //whether or not to put the app in debug mode where errors are outputted
- $debug = false;
-
- ////////////////////////////
- //END USER-DEFINED VARIABLES
-
-
- //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- //there is no reason for the average user to edit anything below this comment
- //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-
- session_start(); //don't mess with this - required for the login session
- date_default_timezone_set(date_default_timezone_get()); //needed to fix STRICT warnings about timezone issues
-
- if($debug==true)
- {
- ini_set("display_errors", 1);
- error_reporting(E_STRICT | E_ALL);
- }
-
- $startTimeTot = microtime(true); //start the timer to record page load time
-
- //the salt and password encrypting is probably unnecessary protection but is done just for the sake of being very secure
- //create a random salt for this session if a cookie doesn't already exist for it
- if(!isset($_SESSION[$cookie_name.'_salt']) && !isset($_COOKIE[$cookie_name.'_salt']))
- {
- $n = rand(10e16, 10e20);
- $_SESSION[$cookie_name.'_salt'] = base_convert($n, 10, 36);
- }
- else if(!isset($_SESSION[$cookie_name.'_salt']) && isset($_COOKIE[$cookie_name.'_salt'])) //session doesn't exist, but cookie does so grab it
- {
- $_SESSION[$cookie_name.'_salt'] = $_COOKIE[$cookie_name.'_salt'];
- }
-
- //build the basename of this file for later reference
- $info = pathinfo($_SERVER['PHP_SELF']);
- $thisName = $info['basename'];
-
- //constants
- define("PROJECT", "phpLiteAdmin");
- define("VERSION", "1.9.3");
- define("PAGE", $thisName);
- define("COOKIENAME", $cookie_name);
- define("SYSTEMPASSWORD", $password); // Makes things easier.
- define("SYSTEMPASSWORDENCRYPTED", md5($password."_".$_SESSION[$cookie_name.'_salt'])); //extra security - salted and encrypted password used for checking
- define("FORCETYPE", false); //force the extension that will be used (set to false in almost all circumstances except debugging)
-
-
- //data types array
- $types = array("INTEGER", "REAL", "TEXT", "BLOB");
- define("DATATYPES", serialize($types));
-
- //available SQLite functions array (don't add anything here or there will be problems)
- $functions = array("abs", "hex", "length", "lower", "ltrim", "random", "round", "rtrim", "trim", "typeof", "upper");
- define("FUNCTIONS", serialize($functions));
- define("CUSTOM_FUNCTIONS", serialize($custom_functions));
-
- //function that allows SQL delimiter to be ignored inside comments or strings
- function explode_sql($delimiter, $sql)
- {
- $ign = array('"' => '"', "'" => "'", "/*" => "*/", "--" => "\n"); // Ignore sequences.
- $out = array();
- $last = 0;
- $slen = strlen($sql);
- $dlen = strlen($delimiter);
- $i = 0;
- while($i < $slen)
- {
- // Split on delimiter
- if($slen - $i >= $dlen && substr($sql, $i, $dlen) == $delimiter)
- {
- array_push($out, substr($sql, $last, $i - $last));
- $last = $i + $dlen;
- $i += $dlen;
- continue;
- }
- // Eat comments and string literals
- foreach($ign as $start => $end)
- {
- $ilen = strlen($start);
- if($slen - $i >= $ilen && substr($sql, $i, $ilen) == $start)
- {
- $i+=strlen($start);
- $elen = strlen($end);
- while($i < $slen)
- {
- if($slen - $i >= $elen && substr($sql, $i, $elen) == $end)
- {
- // SQL comment characters can be escaped by doubling the character. This recognizes and skips those.
- if($start == $end && $slen - $i >= $elen*2 && substr($sql, $i, $elen*2) == $end.$end)
- {
- $i += $elen * 2;
- continue;
- }
- else
- {
- $i += $elen;
- continue 3;
- }
- }
- $i++;
- }
- continue 2;
- }
- }
- $i++;
- }
- if($last < $slen)
- array_push($out, substr($sql, $last, $slen - $last));
- return $out;
- }
-
- //function to scan entire directory tree and subdirectories
- function dir_tree($dir)
- {
- $path = '';
- $stack[] = $dir;
- while($stack)
- {
- $thisdir = array_pop($stack);
- if($dircont = scandir($thisdir))
- {
- $i=0;
- while(isset($dircont[$i]))
- {
- if($dircont[$i] !== '.' && $dircont[$i] !== '..')
- {
- $current_file = "{$thisdir}/{$dircont[$i]}";
- if(is_file($current_file))
- {
- $path[] = "{$thisdir}/{$dircont[$i]}";
- }
- elseif (is_dir($current_file))
- {
- $path[] = "{$thisdir}/{$dircont[$i]}";
- $stack[] = $current_file;
- }
- }
- $i++;
- }
- }
- }
- return $path;
- }
-
- //the function echo the help [?] links to the documentation
- function helpLink($name)
- {
- return "<a href='javascript:void' onclick='openHelp(\"".$name."\");' class='helpq' title='Help: ".$name."'>[?]</a>";
- }
-
- // function to encode value into HTML just like htmlentities, but with adjusted default settings
- function htmlencode($value, $flags=ENT_QUOTES, $encoding ="UTF-8")
- {
- return htmlentities($value, $flags, $encoding);
- }
-
- // 22 August 2011: gkf added this function to support display of
- // default values in the form used to INSERT new data.
- function deQuoteSQL($s)
- {
- return trim(trim($s), "'");
- }
-
-
- //
- // Authorization class
- // Maintains user's logged-in state and security of application
- //
- class Authorization
- {
- public function grant($remember)
- {
- if($remember) //user wants to be remembered, so set a cookie
- {
- $expire = time()+60*60*24*30; //set expiration to 1 month from now
- setcookie(COOKIENAME, SYSTEMPASSWORD, $expire);
- setcookie(COOKIENAME."_salt", $_SESSION[COOKIENAME.'_salt'], $expire);
- }
- else
- {
- //user does not want to be remembered, so destroy any potential cookies
- setcookie(COOKIENAME, "", time()-86400);
- setcookie(COOKIENAME."_salt", "", time()-86400);
- unset($_COOKIE[COOKIENAME]);
- unset($_COOKIE[COOKIENAME.'_salt']);
- }
-
- $_SESSION[COOKIENAME.'password'] = SYSTEMPASSWORDENCRYPTED;
- }
- public function revoke()
- {
- //destroy everything - cookies and session vars
- setcookie(COOKIENAME, "", time()-86400);
- setcookie(COOKIENAME."_salt", "", time()-86400);
- unset($_COOKIE[COOKIENAME]);
- unset($_COOKIE[COOKIENAME.'_salt']);
- session_unset();
- session_destroy();
- }
- public function isAuthorized()
- {
- // Is this just session long? (What!?? -DI)
- if((isset($_SESSION[COOKIENAME.'password']) && $_SESSION[COOKIENAME.'password'] == SYSTEMPASSWORDENCRYPTED) || (isset($_COOKIE[COOKIENAME]) && isset($_COOKIE[COOKIENAME.'_salt']) && md5($_COOKIE[COOKIENAME]."_".$_COOKIE[COOKIENAME.'_salt']) == SYSTEMPASSWORDENCRYPTED))
- return true;
- else
- {
- return false;
- }
- }
- }
-
- //
- // Database class
- // Generic database abstraction class to manage interaction with database without worrying about SQLite vs. PHP versions
- //
- class Database
- {
- protected $db; //reference to the DB object
- protected $type; //the extension for PHP that handles SQLite
- protected $data;
- protected $lastResult;
- protected $fns;
-
- public function __construct($data)
- {
- $this->data = $data;
- $this->fns = array();
- try
- {
- if(!file_exists($this->data["path"]) && !is_writable(dirname($this->data["path"]))) //make sure the containing directory is writable if the database does not exist
- {
- echo "<div class='confirm' style='margin:20px;'>";
- echo "The database, '".htmlencode($this->data["path"])."', does not exist and cannot be created because the containing directory, '".htmlencode(dirname($this->data["path"]))."', is not writable. The application is unusable until you make it writable.";
- echo "<form action='".PAGE."' method='post'>";
- echo "<input type='submit' value='Log Out' name='logout' class='btn'/>";
- echo "</form>";
- echo "</div><br/>";
- exit();
- }
-
- $ver = $this->getVersion();
-
- switch(true)
- {
- case (FORCETYPE=="PDO" || ((FORCETYPE==false || $ver!=-1) && class_exists("PDO") && ($ver==-1 || $ver==3))):
- $this->db = new PDO("sqlite:".$this->data['path']);
- if($this->db!=NULL)
- {
- $this->type = "PDO";
- $cfns = unserialize(CUSTOM_FUNCTIONS);
- for($i=0; $i<sizeof($cfns); $i++)
- {
- $this->db->sqliteCreateFunction($cfns[$i], $cfns[$i], 1);
- $this->addUserFunction($cfns[$i]);
- }
- break;
- }
- case (FORCETYPE=="SQLite3" || ((FORCETYPE==false || $ver!=-1) && class_exists("SQLite3") && ($ver==-1 || $ver==3))):
- $this->db = new SQLite3($this->data['path']);
- if($this->db!=NULL)
- {
- $cfns = unserialize(CUSTOM_FUNCTIONS);
- for($i=0; $i<sizeof($cfns); $i++)
- {
- $this->db->createFunction($cfns[$i], $cfns[$i], 1);
- $this->addUserFunction($cfns[$i]);
- }
- $this->type = "SQLite3";
- break;
- }
- case (FORCETYPE=="SQLiteDatabase" || ((FORCETYPE==false || $ver!=-1) && class_exists("SQLiteDatabase") && ($ver==-1 || $ver==2))):
- $this->db = new SQLiteDatabase($this->data['path']);
- if($this->db!=NULL)
- {
- $cfns = unserialize(CUSTOM_FUNCTIONS);
- for($i=0; $i<sizeof($cfns); $i++)
- {
- $this->db->createFunction($cfns[$i], $cfns[$i], 1);
- $this->addUserFunction($cfns[$i]);
- }
- $this->type = "SQLiteDatabase";
- break;
- }
- default:
- $this->showError();
- exit();
- }
- }
- catch(Exception $e)
- {
- $this->showError();
- exit();
- }
- }
-
- public function getUserFunctions()
- {
- return $this->fns;
- }
-
- public function addUserFunction($name)
- {
- array_push($this->fns, $name);
- }
-
- public function getError()
- {
- if($this->type=="PDO")
- {
- $e = $this->db->errorInfo();
- return $e[2];
- }
- else if($this->type=="SQLite3")
- {
- return $this->db->lastErrorMsg();
- }
- else
- {
- return sqlite_error_string($this->db->lastError());
- }
- }
-
- public function showError()
- {
- $classPDO = class_exists("PDO");
- $classSQLite3 = class_exists("SQLite3");
- $classSQLiteDatabase = class_exists("SQLiteDatabase");
- if($classPDO)
- $strPDO = "installed";
- else
- $strPDO = "not installed";
- if($classSQLite3)
- $strSQLite3 = "installed";
- else
- $strSQLite3 = "not installed";
- if($classSQLiteDatabase)
- $strSQLiteDatabase = "installed";
- else
- $strSQLiteDatabase = "not installed";
- echo "<div class='confirm' style='margin:20px;'>";
- echo "There was a problem setting up your database, ".$this->getPath().". An attempt will be made to find out what's going on so you can fix the problem more easily.<br/><br/>";
- echo "<i>Checking supported SQLite PHP extensions...<br/><br/>";
- echo "<b>PDO</b>: ".$strPDO."<br/>";
- echo "<b>SQLite3</b>: ".$strSQLite3."<br/>";
- echo "<b>SQLiteDatabase</b>: ".$strSQLiteDatabase."<br/><br/>...done.</i><br/><br/>";
- if(!$classPDO && !$classSQLite3 && !$classSQLiteDatabase)
- echo "It appears that none of the supported SQLite library extensions are available in your installation of PHP. You may not use ".PROJECT." until you install at least one of them.";
- else
- {
- if(!$classPDO && !$classSQLite3 && $this->getVersion()==3)
- echo "It appears that your database is of SQLite version 3 but your installation of PHP does not contain the necessary extensions to handle this version. To fix the problem, either delete the database and allow ".PROJECT." to create it automatically or recreate it manually as SQLite version 2.";
- else if(!$classSQLiteDatabase && $this->getVersion()==2)
- echo "It appears that your database is of SQLite version 2 but your installation of PHP does not contain the necessary extensions to handle this version. To fix the problem, either delete the database and allow ".PROJECT." to create it automatically or recreate it manually as SQLite version 3.";
- else
- echo "The problem cannot be diagnosed properly. Please file an issue report at http://phpliteadmin.googlecode.com.";
- }
- echo "</div><br/>";
- }
-
- public function __destruct()
- {
- if($this->db)
- $this->close();
- }
-
- //get the exact PHP extension being used for SQLite
- public function getType()
- {
- return $this->type;
- }
-
- //get the name of the database
- public function getName()
- {
- return $this->data["name"];
- }
-
- //get the filename of the database
- public function getPath()
- {
- return $this->data["path"];
- }
-
- //get the version of the database
- public function getVersion()
- {
- if(file_exists($this->data['path'])) //make sure file exists before getting its contents
- {
- $content = strtolower(file_get_contents($this->data['path'], NULL, NULL, 0, 40)); //get the first 40 characters of the database file
- $p = strpos($content, "** this file contains an sqlite 2"); //this text is at the beginning of every SQLite2 database
- if($p!==false) //the text is found - this is version 2
- return 2;
- else
- return 3;
- }
- else //return -1 to indicate that it does not exist and needs to be created
- {
- return -1;
- }
- }
-
- //get the size of the database
- public function getSize()
- {
- return round(filesize($this->data["path"])*0.0009765625, 1)." KB";
- }
-
- //get the last modified time of database
- public function getDate()
- {
- return date("g:ia \o\\n F j, Y", filemtime($this->data["path"]));
- }
-
- //get number of affected rows from last query
- public function getAffectedRows()
- {
- if($this->type=="PDO")
- return $this->lastResult->rowCount();
- else if($this->type=="SQLite3")
- return $this->db->changes();
- else if($this->type=="SQLiteDatabase")
- return $this->db->changes();
- }
-
- public function close()
- {
- if($this->type=="PDO")
- $this->db = NULL;
- else if($this->type=="SQLite3")
- $this->db->close();
- else if($this->type=="SQLiteDatabase")
- $this->db = NULL;
- }
-
- public function beginTransaction()
- {
- $this->query("BEGIN");
- }
-
- public function commitTransaction()
- {
- $this->query("COMMIT");
- }
-
- public function rollbackTransaction()
- {
- $this->query("ROLLBACK");
- }
-
- //generic query wrapper
- public function query($query, $ignoreAlterCase=false)
- {
- global $debug;
- if(strtolower(substr(ltrim($query),0,5))=='alter' && $ignoreAlterCase==false) //this query is an ALTER query - call the necessary function
- {
- preg_match("/^\s*ALTER\s+TABLE\s+\"((?:[^\"]|\"\")+)\"\s+(.*)$/i",$query,$matches);
- if(!isset($matches[1]) || !isset($matches[2]))
- {
- if($debug) echo "<span title='".htmlencode($query)."' onclick='this.innerHTML=\"".htmlencode(str_replace('"','\"',$query))."\"' style='cursor:pointer'>SQL?</span><br />";
- return false;
- }
- $tablename = str_replace('""','"',$matches[1]);
- $alterdefs = $matches[2];
- if($debug) echo "ALTER TABLE QUERY=(".htmlencode($query)."), tablename=($tablename), alterdefs=($alterdefs)<hr>";
- $result = $this->alterTable($tablename, $alterdefs);
- }
- else //this query is normal - proceed as normal
- {
- $result = $this->db->query($query);
- if($debug) echo "<span title='".htmlencode($query)."' onclick='this.innerHTML=\"".htmlencode(str_replace('"','\"',$query))."\"' style='cursor:pointer'>SQL?</span><br />";
- }
- if(!$result)
- return false;
- $this->lastResult = $result;
- return $result;
- }
-
- //wrapper for an INSERT and returns the ID of the inserted row
- public function insert($query)
- {
- $result = $this->query($query);
- if($this->type=="PDO")
- return $this->db->lastInsertId();
- else if($this->type=="SQLite3")
- return $this->db->lastInsertRowID();
- else if($this->type=="SQLiteDatabase")
- return $this->db->lastInsertRowid();
- }
-
- //returns an array for SELECT
- public function select($query, $mode="both")
- {
- $result = $this->query($query);
- if(!$result) //make sure the result is valid
- return NULL;
- if($this->type=="PDO")
- {
- if($mode=="assoc")
- $mode = PDO::FETCH_ASSOC;
- else if($mode=="num")
- $mode = PDO::FETCH_NUM;
- else
- $mode = PDO::FETCH_BOTH;
- return $result->fetch($mode);
- }
- else if($this->type=="SQLite3")
- {
- if($mode=="assoc")
- $mode = SQLITE3_ASSOC;
- else if($mode=="num")
- $mode = SQLITE3_NUM;
- else
- $mode = SQLITE3_BOTH;
- return $result->fetchArray($mode);
- }
- else if($this->type=="SQLiteDatabase")
- {
- if($mode=="assoc")
- $mode = SQLITE_ASSOC;
- else if($mode=="num")
- $mode = SQLITE_NUM;
- else
- $mode = SQLITE_BOTH;
- return $result->fetch($mode);
- }
- }
-
- //returns an array of arrays after doing a SELECT
- public function selectArray($query, $mode="both")
- {
- $result = $this->query($query);
- if(!$result) //make sure the result is valid
- return NULL;
- if($this->type=="PDO")
- {
- if($mode=="assoc")
- $mode = PDO::FETCH_ASSOC;
- else if($mode=="num")
- $mode = PDO::FETCH_NUM;
- else
- $mode = PDO::FETCH_BOTH;
- return $result->fetchAll($mode);
- }
- else if($this->type=="SQLite3")
- {
- if($mode=="assoc")
- $mode = SQLITE3_ASSOC;
- else if($mode=="num")
- $mode = SQLITE3_NUM;
- else
- $mode = SQLITE3_BOTH;
- $arr = array();
- $i = 0;
- while($res = $result->fetchArray($mode))
- {
- $arr[$i] = $res;
- $i++;
- }
- return $arr;
- }
- else if($this->type=="SQLiteDatabase")
- {
- if($mode=="assoc")
- $mode = SQLITE_ASSOC;
- else if($mode=="num")
- $mode = SQLITE_NUM;
- else
- $mode = SQLITE_BOTH;
- return $result->fetchAll($mode);
- }
- }
-
-
- // SQlite supports multiple ways of surrounding names in quotes:
- // single-quotes, double-quotes, backticks, square brackets.
- // As sqlite does not keep this strict, we also need to be flexible here.
- // This function generates a regex that matches any of the possibilities.
- private function sqlite_surroundings_preg($name,$preg_quote=true,$notAllowedIfNone="'\"")
- {
- if($name=="*" || $name=="+")
- {
- $nameSingle = "(?:[^']|'')".$name;
- $nameDouble = "(?:[^\"]|\"\")".$name;
- $nameBacktick = "(?:[^`]|``)".$name;
- $nameSquare = "(?:[^\]]|\]\])".$name;
- $nameNo = "[^".$notAllowedIfNone."]".$name;
- }
- else
- {
- if($preg_quote) $name = preg_quote($name,"/");
-
- $nameSingle = str_replace("'","''",$name);
- $nameDouble = str_replace('"','""',$name);
- $nameBacktick = str_replace('`','``',$name);
- $nameSquare = str_replace(']',']]',$name);
- $nameNo = $name;
- }
-
- $preg = "(?:'".$nameSingle."'|". // single-quote surrounded or not in quotes (correct SQL for values/new names)
- $nameNo."|". // not surrounded (correct SQL if not containing reserved words, spaces or some special chars)
- "\"".$nameDouble."\"|". // double-quote surrounded (correct SQL for identifiers)
- "`".$nameBacktick."`|". // backtick surrounded (MySQL-Style)
- "\[".$nameSquare."\])"; // square-bracket surrounded (MS Access/SQL server-Style)
- return $preg;
- }
-
- // function that is called for an alter table statement in a query
- // code borrowed with permission from http://code.jenseng.com/db/
- // this has been completely debugged / rewritten by Christopher Kramer
- public function alterTable($table, $alterdefs)
- {
- global $debug;
- if($debug) echo "ALTER TABLE: table=($table), alterdefs=($alterdefs)<hr>";
- if($alterdefs != '')
- {
- $recreateQueries = array();
- $tempQuery = "SELECT sql,name,type FROM sqlite_master WHERE tbl_name = ".$this->quote($table)." ORDER BY type DESC";
- $result = $this->query($tempQuery);
- $resultArr = $this->selectArray($tempQuery);
- if($this->type=="PDO")
- $result->closeCursor();
- if(sizeof($resultArr)<1)
- return false;
- for($i=0; $i<sizeof($resultArr); $i++)
- {
- $row = $resultArr[$i];
- if($row['type'] != 'table')
- {
- // store the CREATE statements of triggers and indexes to recreate them later
- $recreateQueries[] = $row['sql']."; ";
- if($debug) echo "recreate=(".$row['sql'].";)<hr />";
- }
- else
- {
- // ALTER the table
- $tmpname = 't'.time();
- $origsql = $row['sql'];
- $createtemptableSQL = "CREATE TEMPORARY TABLE ".$this->quote($tmpname)." ".
- preg_replace("/^\s*CREATE\s+TABLE\s+".$this->sqlite_surroundings_preg($table)."\s*(\(.*)$/i", '$1', $origsql, 1);
- if($debug) echo "createtemptableSQL=($createtemptableSQL)<hr>";
- $createindexsql = array();
- preg_match_all("/(?:DROP|ADD|CHANGE|RENAME TO)\s+(?:\"(?:[^\"]|\"\")+\"|'(?:[^']|'')+')((?:[^,')]|'[^']*')+)?/i",$alterdefs,$matches);
- $defs = $matches[0];
-
- $get_oldcols_query = "PRAGMA table_info(".$this->quote_id($table).")";
- $result_oldcols = $this->selectArray($get_oldcols_query);
- $newcols = array();
- $coltypes = array();
- foreach($result_oldcols as $column_info)
- {
- $newcols[$column_info['name']] = $column_info['name'];
- $coltypes[$column_info['name']] = $column_info['type'];
- }
- $newcolumns = '';
- $oldcolumns = '';
- reset($newcols);
- while(list($key, $val) = each($newcols))
- {
- $newcolumns .= ($newcolumns?', ':'').$this->quote_id($val);
- $oldcolumns .= ($oldcolumns?', ':'').$this->quote_id($key);
- }
- $copytotempsql = 'INSERT INTO '.$this->quote_id($tmpname).'('.$newcolumns.') SELECT '.$oldcolumns.' FROM '.$this->quote_id($table);
- $dropoldsql = 'DROP TABLE '.$this->quote_id($table);
- $createtesttableSQL = $createtemptableSQL;
- if(count($defs)<1)
- {
- if($debug) echo "ERROR: defs<1<hr />";
- return false;
- }
- foreach($defs as $def)
- {
- if($debug) echo "def=$def<hr />";
- $parse_def = preg_match("/^(DROP|ADD|CHANGE|RENAME TO)\s+(?:\"((?:[^\"]|\"\")+)\"|'((?:[^']|'')+)')((?:\s+'((?:[^']|'')+)')?\s+(TEXT|INTEGER|BLOB|REAL).*)?\s*$/i",$def,$matches);
- if($parse_def===false)
- {
- if($debug) echo "ERROR: !parse_def<hr />";
- return false;
- }
- if(!isset($matches[1]))
- {
- if($debug) echo "ERROR: !isset(matches[1])<hr />";
- return false;
- }
- $action = strtolower($matches[1]);
- if($action == 'add' || $action == 'rename to')
- $column = str_replace("''","'",$matches[3]); // enclosed in ''
- else
- $column = str_replace('""','"',$matches[2]); // enclosed in ""
-
- $column_escaped = str_replace("'","''",$column);
-
- if($debug) echo "action=($action), column=($column), column_escaped=($column_escaped)<hr />";
-
- /* we build a regex that devides the CREATE TABLE statement parts:
- Part example Group Explanation
- 1. CREATE TABLE t... ( $1
- 2. 'col1' ..., 'col2' ..., 'colN' ..., $3 (with col1-colN being columns that are not changed and listed before the col to change)
- 3. 'colX' ..., - (with colX being the column to change/drop)
- 4. 'colX+1' ..., ..., 'colK') $5 (with colX+1-colK being columns after the column to change/drop)
- */
- $preg_create_table = "\s*(CREATE\s+TEMPORARY\s+TABLE\s+'?".preg_quote($tmpname,"/")."'?\s*\()"; // This is group $1 (keep unchanged)
- $preg_column_definiton = "\s*".$this->sqlite_surroundings_preg("+",false," '\"\[`")."(?:\s+".$this->sqlite_surroundings_preg("*",false,"'\",`\[) ").")+"; // catches a complete column definition, even if it is
- // 'column' TEXT NOT NULL DEFAULT 'we have a comma, here and a double ''quote!'
- if($debug) echo "preg_column_definition=(".$preg_column_definiton.")<hr />";
- $preg_columns_before = // columns before the one changed/dropped (keep)
- "(?:".
- "(". // group $2. Keep this one unchanged!
- "(?:".
- "$preg_column_definiton,\s*". // column definition + comma
- ")*". // there might be any number of such columns here
- $preg_column_definiton. // last column definition
- ")". // end of group $2
- ",\s*" // the last comma of the last column before the column to change. Do not keep it!
- .")?"; // there might be no columns before
- if($debug) echo "preg_columns_before=(".$preg_columns_before.")<hr />";
- $preg_columns_after = "(,\s*([^)]+))?"; // the columns after the column to drop. This is group $3 (drop) or $4(change) (keep!)
- // we could remove the comma using $6 instead of $5, but then we might have no comma at all.
- // Keeping it leaves a problem if we drop the first column, so we fix that case in another regex.
- $table_new = $table;
-
- switch($action)
- {
- case 'add':
- if(!isset($matches[4]))
- {
- return false;
- }
- $new_col_definition = "'$column_escaped' ".$matches[4];
- $preg_pattern_add = "/^".$preg_create_table."(.*)\\)\s*$/";
- // append the column definiton in the CREATE TABLE statement
- $newSQL = preg_replace($preg_pattern_add, '$1$2, ', $createtesttableSQL).$new_col_definition.')';
- if($debug)
- {
- echo $createtesttableSQL."<hr>";
- echo $newSQL."<hr>";
- echo $preg_pattern_add."<hr>";
- }
- if($newSQL==$createtesttableSQL) // pattern did not match, so column removal did not succed
- return false;
- $createtesttableSQL = $newSQL;
- break;
- case 'change':
- if(!isset($matches[5]) || !isset($matches[6]))
- {
- return false;
- }
- $new_col_name = $matches[5];
- $new_col_type = $matches[6];
- $new_col_definition = "'$new_col_name' $new_col_type";
- $preg_column_to_change = "\s*".$this->sqlite_surroundings_preg($column)."(?:\s+".preg_quote($coltypes[$column]).")?(\s+(?:".$this->sqlite_surroundings_preg("*",false,",'\")`\[").")+)?";
- // replace this part (we want to change this column)
- // group $3 contains the column constraints (keep!). the name & data type is replaced.
- $preg_pattern_change = "/^".$preg_create_table.$preg_columns_before.$preg_column_to_change.$preg_columns_after."\s*\\)\s*$/";
-
- // replace the column definiton in the CREATE TABLE statement
- $newSQL = preg_replace($preg_pattern_change, '$1$2,'.strtr($new_col_definition, array('\\' => '\\\\', '$' => '\$')).'$3$4)', $createtesttableSQL);
- // remove comma at the beginning if the first column is changed
- // probably somebody is able to put this into the first regex (using lookahead probably).
- $newSQL = preg_replace("/^\s*(CREATE\s+TEMPORARY\s+TABLE\s+'".preg_quote($tmpname,"/")."'\s+\(),\s*/",'$1',$newSQL);
- if($debug)
- {
- echo "preg_column_to_change=(".$preg_column_to_change.")<hr />";
- echo $createtesttableSQL."<hr />";
- echo $newSQL."<hr />";
- echo $preg_pattern_change."<hr />";
-
- }
- if($newSQL==$createtesttableSQL || $newSQL=="") // pattern did not match, so column removal did not succed
- return false;
- $createtesttableSQL = $newSQL;
- $newcols[$column] = str_replace("''","'",$new_col_name);
- break;
- case 'drop':
- $preg_column_to_drop = "\s*".$this->sqlite_surroundings_preg($column)."\s+(?:".$this->sqlite_surroundings_preg("*",false,",')\"\[`").")+"; // delete this part (we want to drop this column)
- $preg_pattern_drop = "/^".$preg_create_table.$preg_columns_before.$preg_column_to_drop.$preg_columns_after."\s*\\)\s*$/";
-
- // remove the column out of the CREATE TABLE statement
- $newSQL = preg_replace($preg_pattern_drop, '$1$2$3)', $createtesttableSQL);
- // remove comma at the beginning if the first column is removed
- // probably somebody is able to put this into the first regex (using lookahead probably).
- $newSQL = preg_replace("/^\s*(CREATE\s+TEMPORARY\s+TABLE\s+'".preg_quote($tmpname,"/")."'\s+\(),\s*/",'$1',$newSQL);
- if($debug)
- {
- echo $createtesttableSQL."<hr>";
- echo $newSQL."<hr>";
- echo $preg_pattern_drop."<hr>";
- }
- if($newSQL==$createtesttableSQL || $newSQL=="") // pattern did not match, so column removal did not succed
- return false;
- $createtesttableSQL = $newSQL;
- unset($newcols[$column]);
- break;
- case 'rename to':
- // don't change column definition at all
- $newSQL = $createtesttableSQL;
- // only change the name of the table
- $table_new = $column;
- break;
- default:
- if($default) echo 'ERROR: unknown alter operation!<hr />';
- return false;
- }
- }
- $droptempsql = 'DROP TABLE '.$this->quote_id($tmpname);
-
- $createnewtableSQL = "CREATE TABLE ".$this->quote($table_new)." ".preg_replace("/^\s*CREATE\s+TEMPORARY\s+TABLE\s+'?".str_replace("'","''",preg_quote($tmpname,"/"))."'?\s+(.*)$/i", '$1', $createtesttableSQL, 1);
-
- $newcolumns = '';
- $oldcolumns = '';
- reset($newcols);
- while(list($key,$val) = each($newcols))
- {
- $newcolumns .= ($newcolumns?', ':'').$this->quote_id($val);
- $oldcolumns .= ($oldcolumns?', ':'').$this->quote_id($key);
- }
- $copytonewsql = 'INSERT INTO '.$this->quote_id($table_new).'('.$newcolumns.') SELECT '.$oldcolumns.' FROM '.$this->quote_id($tmpname);
- }
- }
- $alter_transaction = 'BEGIN; ';
- $alter_transaction .= $createtemptableSQL.'; '; //create temp table
- $alter_transaction .= $copytotempsql.'; '; //copy to table
- $alter_transaction .= $dropoldsql.'; '; //drop old table
- $alter_transaction .= $createnewtableSQL.'; '; //recreate original table
- $alter_transaction .= $copytonewsql.'; '; //copy back to original table
- $alter_transaction .= $droptempsql.'; '; //drop temp table
-
- $preg_index="/^\s*(CREATE\s+(?:UNIQUE\s+)?INDEX\s+(?:".$this->sqlite_surroundings_preg("+",false," '\"\[`")."\s*)*ON\s+)(".$this->sqlite_surroundings_preg($table).")(\s*\((?:".$this->sqlite_surroundings_preg("+",false," '\"\[`")."\s*)*\)\s*;)\s*$/i";
- for($i=0; $i<sizeof($recreateQueries); $i++)
- {
- // recreate triggers / indexes
- if($table == $table_new)
- {
- // we had no RENAME TO, so we can recreate indexes/triggers just like the original ones
- $alter_transaction .= $recreateQueries[$i];
- } else
- {
- // we had a RENAME TO, so we need to exchange the table-name in the CREATE-SQL of triggers & indexes
- // first let's try if it's an index...
- $recreate_queryIndex = preg_replace($preg_index, '$1'.$this->quote_id(strtr($table_new, array('\\' => '\\\\', '$' => '\$'))).'$3 ', $recreateQueries[$i]);
- if($recreate_queryIndex!=$recreateQueries[$i] && $recreate_queryIndex != NULL)
- {
- // the CREATE INDEX regex did match
- $alter_transaction .= $recreate_queryIndex;
- } else
- {
- // the CREATE INDEX regex did not match, so we try if it's a CREATE TRIGGER
-
- $recreate_queryTrigger = $recreateQueries[$i];
- // TODO: IMPLEMENT
-
- $alter_transaction .= $recreate_queryTrigger;
- }
- }
- }
- $alter_transaction .= 'COMMIT;';
- if($debug) echo $alter_transaction;
- return $this->multiQuery($alter_transaction);
- }
- }
-
- //multiple query execution
- public function multiQuery($query)
- {
- $error = "Unknown error.";
- if($this->type=="PDO")
- {
- $success = $this->db->exec($query);
- if(!$success) $error = implode(" - ", $this->db->errorInfo());
- }
- else if($this->type=="SQLite3")
- {
- $success = $this->db->exec($query);
- if(!$success) $error = $this->db->lastErrorMsg();
- }
- else
- {
- $success = $this->db->queryExec($query, $error);
- }
- if(!$success)
- {
- return "Error in query: '".htmlencode($error)."'";
- }
- else
- {
- return true;
- }
- }
-
- //get number of rows in table
- public function numRows($table)
- {
- $result = $this->select("SELECT Count(*) FROM ".$this->quote_id($table));
- return $result[0];
- }
-
- //correctly escape a string to be injected into an SQL query
- public function quote($value)
- {
- if($this->type=="PDO")
- {
- // PDO quote() escapes and adds quotes
- return $this->db->quote($value);
- }
- else if($this->type=="SQLite3")
- {
- return "'".$this->db->escapeString($value)."'";
- }
- else
- {
- return "'".sqlite_escape_string($value)."'";
- }
- }
-
- //correctly escape an identifier (column / table / trigger / index name) to be injected into an SQL query
- public function quote_id($value)
- {
- // double-quotes need to be escaped by doubling them
- $value = str_replace('"','""',$value);
- return '"'.$value.'"';
- }
-
-
- //import sql
- public function import_sql($query)
- {
- return $this->multiQuery($query);
- }
-
- //import csv
- public function import_csv($filename, $table, $field_terminate, $field_enclosed, $field_escaped, $null, $fields_in_first_row)
- {
- // CSV import implemented by Christopher Kramer - http://www.christosoft.de
- $csv_handle = fopen($filename,'r');
- $csv_insert = "BEGIN;\n";
- $csv_number_of_rows = 0;
- // PHP requires enclosure defined, but has no problem if it was not used
- if($field_enclosed=="") $field_enclosed='"';
- // PHP requires escaper defined
- if($field_escaped=="") $field_escaped='\\';
- while(!feof($csv_handle))
- {
- $csv_data = fgetcsv($csv_handle, 0, $field_terminate, $field_enclosed, $field_escaped);
- if($csv_data[0] != NULL || count($csv_data)>1)
- {
- $csv_number_of_rows++;
- if($fields_in_first_row && $csv_number_of_rows==1) continue;
- $csv_col_number = count($csv_data);
- $csv_insert .= "INSERT INTO ".$this->quote_id($table)." VALUES (";
- foreach($csv_data as $csv_col => $csv_cell)
- {
- if($csv_cell == $null) $csv_insert .= "NULL";
- else
- {
- $csv_insert.= $this->quote($csv_cell);
- }
- if($csv_col == $csv_col_number-2 && $csv_data[$csv_col+1]=='')
- {
- // the CSV row ends with the separator (like old phpliteadmin exported)
- break;
- }
- if($csv_col < $csv_col_number-1) $csv_insert .= ",";
- }
- $csv_insert .= ");\n";
-
- if($csv_number_of_rows > 5000)
- {
- $csv_insert .= "COMMIT;\nBEGIN;\n";
- $csv_number_of_rows = 0;
- }
- }
- }
- $csv_insert .= "COMMIT;";
- fclose($csv_handle);
- return $this->multiQuery($csv_insert);
-
- }
-
- //export csv
- public function export_csv($tables, $field_terminate, $field_enclosed, $field_escaped, $null, $crlf, $fields_in_first_row)
- {
- $field_enclosed = stripslashes($field_enclosed);
- $query = "SELECT * FROM sqlite_master WHERE type='table' or type='view' ORDER BY type DESC";
- $result = $this->selectArray($query);
- for($i=0; $i<sizeof($result); $i++)
- {
- $valid = false;
- for($j=0; $j<sizeof($tables); $j++)
- {
- if($result[$i]['tbl_name']==$tables[$j])
- $valid = true;
- }
- if($valid)
- {
- $query = "PRAGMA table_info(".$this->quote_id($result[$i]['tbl_name']).")";
- $temp = $this->selectArray($query);
- $cols = array();
- for($z=0; $z<sizeof($temp); $z++)
- $cols[$z] = $temp[$z][1];
- if($fields_in_first_row)
- {
- for($z=0; $z<sizeof($cols); $z++)
- {
- echo $field_enclosed.$cols[$z].$field_enclosed;
- // do not terminate the last column!
- if($z < sizeof($cols)-1)
- echo $field_terminate;
- }
- echo "\r\n";
- }
- $query = "SELECT * FROM ".$this->quote_id($result[$i]['tbl_name']);
- $arr = $this->selectArray($query, "assoc");
- for($z=0; $z<sizeof($arr); $z++)
- {
- for($y=0; $y<sizeof($cols); $y++)
- {
- $cell = $arr[$z][$cols[$y]];
- if($crlf)
- {
- $cell = str_replace("\n","", $cell);
- $cell = str_replace("\r","", $cell);
- }
- $cell = str_replace($field_terminate,$field_escaped.$field_terminate,$cell);
- $cell = str_replace($field_enclosed,$field_escaped.$field_enclosed,$cell);
- // do not enclose NULLs
- if($cell == NULL)
- echo $null;
- else
- echo $field_enclosed.$cell.$field_enclosed;
- // do not terminate the last column!
- if($y < sizeof($cols)-1)
- echo $field_terminate;
- }
- if($z<sizeof($arr)-1)
- echo "\r\n";
- }
- if($i<sizeof($result)-1)
- echo "\r\n";
- }
- }
- }
-
- //export sql
- public function export_sql($tables, $drop, $structure, $data, $transaction, $comments)
- {
- if($comments)
- {
- echo "----\r\n";
- echo "-- phpLiteAdmin database dump (http://phpliteadmin.googlecode.com)\r\n";
- echo "-- phpLiteAdmin version: ".VERSION."\r\n";
- echo "-- Exported on ".date('M jS, Y, h:i:sA')."\r\n";
- echo "-- Database file: ".$this->getPath()."\r\n";
- echo "----\r\n";
- }
- $query = "SELECT * FROM sqlite_master WHERE type='table' OR type='index' OR type='view' OR type='trigger' ORDER BY type='trigger', type='index', type='view', type='table'";
- $result = $this->selectArray($query);
-
- if($transaction)
- echo "BEGIN TRANSACTION;\r\n";
-
- //iterate through each table
- for($i=0; $i<sizeof($result); $i++)
- {
- $valid = false;
- for($j=0; $j<sizeof($tables); $j++)
- {
- if($result[$i]['tbl_name']==$tables[$j])
- $valid = true;
- }
- if($valid)
- {
- if($drop)
- {
- if($comments)
- {
- echo "\r\n----\r\n";
- echo "-- Drop ".$result[$i]['type']." for ".$result[$i]['name']."\r\n";
- echo "----\r\n";
- }
- echo "DROP ".strtoupper($result[$i]['type'])." ".$this->quote_id($result[$i]['name']).";\r\n";
- }
- if($structure)
- {
- if($comments)
- {
- echo "\r\n----\r\n";
- if($result[$i]['type']=="table" || $result[$i]['type']=="view")
- echo "-- ".ucfirst($result[$i]['type'])." structure for ".$result[$i]['tbl_name']."\r\n";
- else // index or trigger
- echo "-- Structure for ".$result[$i]['type']." ".$result[$i]['name']." on table ".$result[$i]['tbl_name']."\r\n";
- echo "----\r\n";
- }
- echo $result[$i]['sql'].";\r\n";
- }
- if($data && $result[$i]['type']=="table")
- {
- $query = "SELECT * FROM ".$this->quote_id($result[$i]['tbl_name']);
- $arr = $this->selectArray($query, "assoc");
-
- if($comments)
- {
- echo "\r\n----\r\n";
- echo "-- Data dump for ".$result[$i]['tbl_name'].", a total of ".sizeof($arr)." rows\r\n";
- echo "----\r\n";
- }
- $query = "PRAGMA table_info(".$this->quote_id($result[$i]['tbl_name']).")";
- $temp = $this->selectArray($query);
- $cols = array();
- $cols_quoted = array();
- $vals = array();
- for($z=0; $z<sizeof($temp); $z++)
- {
- $cols[$z] = $temp[$z][1];
- $cols_quoted[$z] = $this->quote_id($temp[$z][1]);
- }
- for($z=0; $z<sizeof($arr); $z++)
- {
- for($y=0; $y<sizeof($cols); $y++)
- {
- if(!isset($vals[$z]))
- $vals[$z] = array();
- if($arr[$z][$cols[$y]] === NULL)
- $vals[$z][$cols[$y]] = 'NULL';
- else
- $vals[$z][$cols[$y]] = $this->quote($arr[$z][$cols[$y]]);
- }
- }
- for($j=0; $j<sizeof($vals); $j++)
- echo "INSERT INTO ".$this->quote_id($result[$i]['tbl_name'])." (".implode(",", $cols_quoted).") VALUES (".implode(",", $vals[$j]).");\r\n";
- }
- }
- }
- if($transaction)
- echo "COMMIT;\r\n";
- }
- }
-
- $auth = new Authorization(); //create authorization object
- if(isset($_POST['logout'])) //user has attempted to log out
- $auth->revoke();
- else if(isset($_POST['login']) || isset($_POST['proc_login'])) //user has attempted to log in
- {
- $_POST['login'] = true;
-
- if($_POST['password']==SYSTEMPASSWORD) //make sure passwords match before granting authorization
- {
- if(isset($_POST['remember']))
- $auth->grant(true);
- else
- $auth->grant(false);
- }
- }
-
- if($auth->isAuthorized())
- {
-
- //user is deleting a database
- if(isset($_GET['database_delete']))
- {
- $dbpath = $_POST['database_delete'];
- unlink($dbpath);
- unset($_SESSION[COOKIENAME.'currentDB']);
- }
-
- //user is renaming a database
- if(isset($_GET['database_rename']))
- {
- $oldpath = $_POST['oldname'];
- $newpath = $_POST['newname'];
- if(!file_exists($newpath))
- {
- copy($oldpath, $newpath);
- unlink($oldpath);
- $justrenamed = true;
- }
- else
- {
- $dbexists = true;
- }
- }
-
- //user is creating a new Database
- if(isset($_POST['new_dbname']) && $auth->isAuthorized())
- {
- $str = preg_replace('@[^\w-.]@','', $_POST['new_dbname']);
- $dbname = $str;
- $dbpath = $str;
- $info = pathinfo($dbpath);
- $tdata = array();
- $tdata['name'] = $dbname;
- $tdata['path'] = $directory."/".$dbpath;
- $td = new Database($tdata);
- $td->query("VACUUM");
- }
-
- //if the user wants to scan a directory for databases, do so
- if($directory!==false)
- {
- if($directory[strlen($directory)-1]=="/") //if user has a trailing slash in the directory, remove it
- $directory = substr($directory, 0, strlen($directory)-1);
-
- if(is_dir($directory)) //make sure the directory is valid
- {
- if($subdirectories===true)
- $arr = dir_tree($directory);
- else
- $arr = scandir($directory);
- $databases = array();
- $j = 0;
- for($i=0; $i<sizeof($arr); $i++) //iterate through all the files in the databases
- {
- if($subdirectories===false)
- $arr[$i] = $directory."/".$arr[$i];
-
- if(!is_file($arr[$i])) continue;
- $con = file_get_contents($arr[$i], NULL, NULL, 0, 60);
- if(strpos($con, "** This file contains an SQLite 2.1 database **", 0)!==false || strpos($con, "SQLite format 3", 0)!==false)
- {
- $databases[$j]['path'] = $arr[$i];
- if($subdirectories===false)
- $databases[$j]['name'] = basename($arr[$i]);
- else
- $databases[$j]['name'] = $arr[$i];
- // 22 August 2011: gkf fixed bug 49.
- $perms = 0;
- $perms += is_readable($databases[$j]['path']) ? 4 : 0;
- $perms += is_writeable($databases[$j]['path']) ? 2 : 0;
- switch($perms)
- {
- case 6: $perms = "[rw] "; break;
- case 4: $perms = "[r ] "; break;
- case 2: $perms = "[ w] "; break; // God forbid, but it might happen.
- default: $perms = "[ ] "; break;
- }
- $databases[$j]['perms'] = $perms;
- $j++;
- }
- }
- // 22 August 2011: gkf fixed bug #50.
- sort($databases);
- if(isset($tdata))
- {
- foreach($databases as $db_id => $database)
- {
- if($database['path'] == $tdata)
- {
- $_SESSION[COOKIENAME.'currentDB'] = $database;
- break;
- }
- }
- }
- if(isset($justrenamed))
- {
- foreach($databases as $db_id => $database)
- {
- if($database['path'] == $newpath)
- {
- $_SESSION[COOKIENAME.'currentDB'] = $database;
- break;
- }
- }
- }
- }
- else //the directory is not valid - display error and exit
- {
- echo "<div class='confirm' style='margin:20px;'>";
- echo "The directory you specified to scan for databases does not exist or is not a directory.";
- echo "</div>";
- exit();
- }
- }
- else
- {
- for($i=0; $i<sizeof($databases); $i++)
- {
- if(!file_exists($databases[$i]['path']))
- continue; //skip if file not found ! - probably a warning can be displayed - later
- $perms = 0;
- $perms += is_readable($databases[$i]['path']) ? 4 : 0;
- $perms += is_writeable($databases[$i]['path']) ? 2 : 0;
- switch($perms)
- {
- case 6: $perms = "[rw] "; break;
- case 4: $perms = "[r ] "; break;
- case 2: $perms = "[ w] "; break; // God forbid, but it might happen.
- default: $perms = "[ ] "; break;
- }
- $databases[$i]['perms'] = $perms;
- }
- sort($databases);
- }
-
-
- //user is downloading the exported database file
- if(isset($_POST['export']))
- {
- if($_POST['export_type']=="sql")
- {
- header('Content-Type: text/sql');
- header('Content-Disposition: attachment; filename="'.$_POST['filename'].'.'.$_POST['export_type'].'";');
- if(isset($_POST['tables']))
- $tables = $_POST['tables'];
- else
- {
- $tables = array();
- $tables[0] = $_POST['single_table'];
- }
- $drop = isset($_POST['drop']);
- $structure = isset($_POST['structure']);
- $data = isset($_POST['data']);
- $transaction = isset($_POST['transaction']);
- $comments = isset($_POST['comments']);
- $db = new Database($_SESSION[COOKIENAME.'currentDB']);
- echo $db->export_sql($tables, $drop, $structure, $data, $transaction, $comments);
- }
- else if($_POST['export_type']=="csv")
- {
- header("Content-type: application/csv");
- header('Content-Disposition: attachment; filename="'.$_POST['filename'].'.'.$_POST['export_type'].'";');
- header("Pragma: no-cache");
- header("Expires: 0");
- if(isset($_POST['tables']))
- $tables = $_POST['tables'];
- else
- {
- $tables = array();
- $tables[0] = $_POST['single_table'];
- }
- $field_terminate = $_POST['export_csv_fieldsterminated'];
- $field_enclosed = $_POST['export_csv_fieldsenclosed'];
- $field_escaped = $_POST['export_csv_fieldsescaped'];
- $null = $_POST['export_csv_replacenull'];
- $crlf = isset($_POST['export_csv_crlf']);
- $fields_in_first_row = isset($_POST['export_csv_fieldnames']);
- $db = new Database($_SESSION[COOKIENAME.'currentDB']);
- echo $db->export_csv($tables, $field_terminate, $field_enclosed, $field_escaped, $null, $crlf, $fields_in_first_row);
- }
- exit();
- }
-
- //user is importing a file
- if(isset($_POST['import']))
- {
- $db = new Database($_SESSION[COOKIENAME.'currentDB']);
- if($_POST['import_type']=="sql")
- {
- $data = file_get_contents($_FILES["file"]["tmp_name"]);
- $importSuccess = $db->import_sql($data);
- }
- else
- {
- $field_terminate = $_POST['import_csv_fieldsterminated'];
- $field_enclosed = $_POST['import_csv_fieldsenclosed'];
- $field_escaped = $_POST['import_csv_fieldsescaped'];
- $null = $_POST['import_csv_replacenull'];
- $fields_in_first_row = isset($_POST['import_csv_fieldnames']);
- $importSuccess = $db->import_csv($_FILES["file"]["tmp_name"], $_POST['single_table'], $field_terminate, $field_enclosed, $field_escaped, $null, $fields_in_first_row);
- }
- }
- }
-
- header('Content-Type: text/html; charset=utf-8');
-
- // here begins the HTML.
- ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
- <head>
- <!-- Copyright <?php echo date("Y"); ?> phpLiteAdmin (http://phpliteadmin.googlecode.com) -->
- <meta http-equiv='Content-Type' content='text/html; charset=UTF-8' />
- <title><?php echo PROJECT ?></title>
-
- <?php
- if(!file_exists("phpliteadmin.css")) //only use the inline stylesheet if an external one does not exist
- {
- ?>
- <!-- begin the customizable stylesheet/theme -->
- <style type="text/css">
- /* overall styles for entire page */
- body
- {
- margin: 0px;
- padding: 0px;
- font-family: Arial, Helvetica, sans-serif;
- font-size: 14px;
- color: #000000;
- background-color: #e0ebf6;
- }
- /* general styles for hyperlink */
- a
- {
- color: #03F;
- text-decoration: none;
- cursor :pointer;
- }
- a:hover
- {
- color: #06F;
- }
- hr
- {
- height: 1px;
- borde…
Large files files are truncated, but you can click here to view the full file