LotGDocker/lotgd-web/lotgd/rawsql.php

<?php
// translator ready
// addnews ready
// mail ready
require_once("common.php");
require_once("lib/http.php");

tlschema("rawsql");

check_su_access(SU_RAW_SQL);

page_header("Raw SQL/PHP execution");
require_once("lib/superusernav.php");
superusernav();
addnav("Execution");
addnav("SQL","rawsql.php");
addnav("PHP","rawsql.php?op=php");

$op = httpget("op");
if ($op=="" || $op=="sql"){
	$sql = httppost('sql');
	if ($sql != "") {
		$sql = stripslashes($sql);
		modulehook("rawsql-execsql",array("sql"=>$sql));
		debuglog('Ran Raw SQL: ' . $sql);
		$r = db_query($sql, false);
		if (!$r) {
			output("`\$SQL Error:`& %s`0`n`n",db_error($r));
		} else {
			if (db_affected_rows() > 0) {
				output("`&%s rows affected.`n`n",db_affected_rows());
			}
			rawoutput("<table cellspacing='1' cellpadding='2' border='0' bgcolor='#999999'>");
			$number = db_num_rows($r);
			for ($i = 0; $i < $number; $i++) {
				$row = db_fetch_assoc($r);
				if ($i == 0) {
					rawoutput("<tr class='trhead'>");
					$keys = array_keys($row);
					foreach ($keys as $value) {
						rawoutput("<td>$value</td>");
					}
					rawoutput("</tr>");
				}
				rawoutput("<tr class='".($i%2==0?"trlight":"trdark")."'>");
				foreach ($keys as $value) {
					rawoutput("<td valign='top'>{$row[$value]}</td>");
				}
				rawoutput("</tr>");
			}
			rawoutput("</table>");
		}
	}

	output("Type your query");
	$execute = translate_inline("Execute");
	$ret = modulehook("rawsql-modsql",array("sql"=>$sql));
	$sql = $ret['sql'];
	rawoutput("<form action='rawsql.php' method='post'>");
	rawoutput("<textarea name='sql' class='input' cols='60' rows='10'>".htmlentities($sql, ENT_COMPAT, getsetting("charset", "ISO-8859-1"))."</textarea><br>");
	rawoutput("<input type='submit' class='button' value='$execute'>");
	rawoutput("</form>");
	addnav("", "rawsql.php");
}else{
	$php = stripslashes(httppost("php"));
	$source = translate_inline("Source:");
	$execute = translate_inline("Execute");
	if ($php>""){
		rawoutput("<div style='background-color: #FFFFFF; color: #000000; width: 100%'><b>$source</b><br>");
		rawoutput(highlight_string("<?php\n$php\n?>",true));
		rawoutput("</div>");
		output("`bResults:`b`n");
		modulehook("rawsql-execphp",array("php"=>$php));
		ob_start();
		eval($php);
		output_notl(ob_get_contents(),true);
		ob_end_clean();
		debuglog('Ran Raw PHP: ' . $php);
	}
	output("`n`nType your code:");
	$ret = modulehook("rawsql-modphp",array("php"=>$php));
	$php = $ret['php'];
	rawoutput("<form action='rawsql.php?op=php' method='post'>");
	rawoutput("&lt;?php<br><textarea name='php' class='input' cols='60' rows='10'>".htmlentities($php, ENT_COMPAT, getsetting("charset", "ISO-8859-1"))."</textarea><br>?&gt;<br>");
	rawoutput("<input type='submit' class='button' value='$execute'>");
	rawoutput("</form>");
	addnav("", "rawsql.php?op=php");
}
page_footer();
?>
Initial commit 2020-08-17 19:16:42 -04:00			`<?php`
			`// translator ready`
			`// addnews ready`
			`// mail ready`
			`require_once("common.php");`
			`require_once("lib/http.php");`

			`tlschema("rawsql");`

			`check_su_access(SU_RAW_SQL);`

			`page_header("Raw SQL/PHP execution");`
			`require_once("lib/superusernav.php");`
			`superusernav();`
			`addnav("Execution");`
			`addnav("SQL","rawsql.php");`
			`addnav("PHP","rawsql.php?op=php");`

			`$op = httpget("op");`
			`if ($op=="" \|\| $op=="sql"){`
			`$sql = httppost('sql');`
			`if ($sql != "") {`
			`$sql = stripslashes($sql);`
			`modulehook("rawsql-execsql",array("sql"=>$sql));`
			`debuglog('Ran Raw SQL: ' . $sql);`
			`$r = db_query($sql, false);`
			`if (!$r) {`
			output("`\$SQL Error:`& %s`0`n`n",db_error($r));
			`} else {`
			`if (db_affected_rows() > 0) {`
			output("`&%s rows affected.`n`n",db_affected_rows());
			`}`
			`rawoutput("<table cellspacing='1' cellpadding='2' border='0' bgcolor='#999999'>");`
			`$number = db_num_rows($r);`
			`for ($i = 0; $i < $number; $i++) {`
			`$row = db_fetch_assoc($r);`
			`if ($i == 0) {`
			`rawoutput("<tr class='trhead'>");`
			`$keys = array_keys($row);`
			`foreach ($keys as $value) {`
			`rawoutput("<td>$value</td>");`
			`}`
			`rawoutput("</tr>");`
			`}`
			`rawoutput("<tr class='".($i%2==0?"trlight":"trdark")."'>");`
			`foreach ($keys as $value) {`
			`rawoutput("<td valign='top'>{$row[$value]}</td>");`
			`}`
			`rawoutput("</tr>");`
			`}`
			`rawoutput("</table>");`
			`}`
			`}`

			`output("Type your query");`
			`$execute = translate_inline("Execute");`
			`$ret = modulehook("rawsql-modsql",array("sql"=>$sql));`
			`$sql = $ret['sql'];`
			`rawoutput("<form action='rawsql.php' method='post'>");`
			`rawoutput("<textarea name='sql' class='input' cols='60' rows='10'>".htmlentities($sql, ENT_COMPAT, getsetting("charset", "ISO-8859-1"))."</textarea><br>");`
			`rawoutput("<input type='submit' class='button' value='$execute'>");`
			`rawoutput("</form>");`
			`addnav("", "rawsql.php");`
			`}else{`
			`$php = stripslashes(httppost("php"));`
			`$source = translate_inline("Source:");`
			`$execute = translate_inline("Execute");`
			`if ($php>""){`
			`rawoutput("<div style='background-color: #FFFFFF; color: #000000; width: 100%'><b>$source</b><br>");`
			`rawoutput(highlight_string("<?php\n$php\n?>",true));`
			`rawoutput("</div>");`
			output("`bResults:`b`n");
			`modulehook("rawsql-execphp",array("php"=>$php));`
			`ob_start();`
			`eval($php);`
			`output_notl(ob_get_contents(),true);`
			`ob_end_clean();`
			`debuglog('Ran Raw PHP: ' . $php);`
			`}`
			output("`n`nType your code:");
			`$ret = modulehook("rawsql-modphp",array("php"=>$php));`
			`$php = $ret['php'];`
			`rawoutput("<form action='rawsql.php?op=php' method='post'>");`
			`rawoutput("<?php<br><textarea name='php' class='input' cols='60' rows='10'>".htmlentities($php, ENT_COMPAT, getsetting("charset", "ISO-8859-1"))."</textarea><br>?><br>");`
			`rawoutput("<input type='submit' class='button' value='$execute'>");`
			`rawoutput("</form>");`
			`addnav("", "rawsql.php?op=php");`
			`}`
			`page_footer();`
			`?>`