<?php
session_start();
/***************************************************************************
* Copyright (C) 2007, Paul Lutus *
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with this program; if not, write to the *
* Free Software Foundation, Inc., *
* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
***************************************************************************/
class PHPWriter {
const program_name = "PHP Writer";
const program_version = "1.7";
// to increase error reporting detail
const debug = false;
// maximum allowed memory
const mem_max_meg = 100;
// distance of the highlighted record
// from the top of the display
const record_list_offset = 6;
// whether table lines wrap by default
const default_wrap = true;
// text field width in characters
const textfield_width = 10;
// user-definable defaults
const default_server = 'localhost';
const default_user = 'guest';
const default_db = NULL;
const default_table = NULL;
const default_query = '.*';
/*
*
* defaults can also be placed on the command line, like this:
*
* php_writer.php?database=name&table=name&query=string
*
*/
// end of user-definable area
var $changedFlag;
var $acceptRecordFlag;
var $insertRecordFlag;
var $newCopyFlag;
var $newEmptyFlag;
var $deleteRecordFlag;
var $execDelete;
var $query_result;
var $header_result;
var $record_count;
var $old_values;
var $error;
// global connection variable
var $connection;
function PHPWriter() {
$this->connection = NULL;
$this->old_values = NULL;
$this->error = NULL;
ini_set("memory_limit",PHPWriter::mem_max_meg . "M");
// print lots of error messages
if(PHPWriter::debug) {
error_reporting(E_ALL|E_STRICT);
ini_set('display_errors', true);
ini_set('html_errors', true);
}
$_POST['server'] = PHPWriter::fetch_value_if_exists($_GET,'server',PHPWriter::default_server);
$_POST['user'] = PHPWriter::fetch_value_if_exists($_GET,'user',PHPWriter::default_user);
$_POST['database'] = PHPWriter::fetch_value_if_exists($_GET,'database',PHPWriter::default_db);
$_POST['table'] = PHPWriter::fetch_value_if_exists($_GET,'table',PHPWriter::default_table);
$_POST['query'] = PHPWriter::fetch_value_if_exists($_GET,'query',PHPWriter::default_query);
}
function preserve_error()
{
if(mysql_errno() != 0) {
$this->error .= mysql_error() . "<br/>\n";
}
}
function dump_array($array)
{
$output = "<b>" . time() . "</b><br/>\n";
if($array) {
$keys = array_keys($array);
for($i = 0;$i < count($keys);$i++) {
$output .= $keys[$i] . " = [" . $array[$keys[$i]] . "]<br/>\n";
}
}
return $output;
}
function wrap_tag($data,$tag,$extra = "") {
return "<$tag $extra>$data</$tag>\n";
}
function fetch_value_strict($base,$name,$default = '') {
$result = NULL;
if($base && array_key_exists($name,$base) && strlen($base[$name]) > 0) {
$result = $base[$name];
}
else if ($default && strlen($default) > 0) {
$result = $default;
}
return $result;
}
function fetch_value_if_exists($base,$name,$default = '') {
$result = NULL;
if($base && array_key_exists($name,$base) && sizeof($base[$name]) > 0) {
$result = $base[$name];
}
else if ($default && strlen($default) > 0) {
$result = $default;
}
else if($this->old_values && array_key_exists($name,$this->old_values) && strlen($this->old_values[$name]) > 0) {
$result = $this->old_values[$name];
}
return $result;
}
function get_assoc_values($base) {
return array(
$this->fetch_value_if_exists($base,'server'),
$this->fetch_value_if_exists($base,'user'),
$this->fetch_value_if_exists($base,'password'),
$this->fetch_value_if_exists($base,'database'),
$this->fetch_value_if_exists($base,'table'),
$this->fetch_value_if_exists($base,'query'),
$this->fetch_value_if_exists($base,'record')
);
}
function set_values($names,$values) {
$n = 0;
$base = array();
foreach($names as $name) {
$base[$name] = $values[$n];
$n++;
}
return $base;
}
function make_text_field($type,$title,$name,$value,$tip, $width = PHPWriter::textfield_width)
{
$btitle = $this->wrap_tag($title . ":","b");
$result = $this->wrap_tag(" " . $btitle,"td");
$input = "<input class=\"inputfield\" type=\"$type\" title=\"$tip\" size=\"$width\" name=\"$name\" value=\"$value\" onChange=\"submit();\"/>\n";
$result .= $this->wrap_tag($input,"td");
return $result;
}
function make_dropdown_list($title,$name,$value,$val_array,$tip) {
$btitle = $this->wrap_tag($title . ":","b");
$result = $this->wrap_tag(" " . $btitle,"td");
$list = "";
if($val_array) {
foreach ($val_array as $item) {
$sel = ($item == $value)?"selected":"";
$list .= $this->wrap_tag($item,"option",$sel);
}
}
$substr = "name = \"$name\" title=\"$tip\" onChange=\"submit();\"";
$list = $this->wrap_tag($list,"select",$substr);
$result .= $this->wrap_tag($list,"td");
return $result;
}
function create_table_header() {
$row = "";
mysql_data_seek($this->header_result,0);
while($field = mysql_fetch_row($this->header_result)) {
$row .= $this->wrap_tag($field[0],"td","class=\"cellTitle\"");
}
return $this->wrap_tag($row,"tr");
}
function create_table_rows() {
$result = NULL;
if($this->query_result) {
$result = array();
$record = $this->fetch_value_if_exists($_POST,'record');
$n = 0;
mysql_data_seek($this->query_result,0);
while($rec = mysql_fetch_assoc($this->query_result)) {
$selected = ($record == $n);
$to_mark = ($record == $n+PHPWriter::record_list_offset);
$row = "";
mysql_data_seek($this->header_result,0);
while($field = mysql_fetch_row($this->header_result)) {
$fdata = $rec[$field[0]];
$fdata = htmlspecialchars($fdata);
$fdata = preg_replace("/\n/m","<br/>\n",$fdata);
if($to_mark) {
$fdata .= "<a name=\"r\"></a>";
}
$row .= $this->wrap_tag($fdata,"td");
}
$class = ($selected)?"selectcell":"cell" . ($n % 2);
$result[] = $this->wrap_tag($row,"tr","class=\"$class\" onClick=\"choose_row(" . $n . ");\"");
$n++;
}
}
return $result;
}
function print_data_table() {
list($server,$user,$password,$database,$table) = $this->get_assoc_values($_POST);
if($server && $user && $database && $table) {
if($this->header_result) {
$table = "";
if($header = $this->create_table_header()) {
$table .= $header;
if($table_rows = $this->create_table_rows()) {
$table .= join($table_rows,"\n");
$table = $this->wrap_tag($table,"table","width=100% title=\"Click a record to edit it below\"");
$wraptable = $this->fetch_value_if_exists($_POST,'Wraptable');
if(!$wraptable[0]) {
print "<style type=\"text/css\">\ntr.cell0 td,tr.cell1 td, tr.selectcell td { white-space:nowrap; }\n</style>\n";
}
print $table;
}
else { // no matching records note
print "<table height=\"100%\" width=\"100%\"><tr><td><div style=\"font-weight:bold;text-align:center;font-size:120%;\">No matching records.</div></td></tr></table>\n";
}
}
}
}
}
function create_data_form_rows($del_name,$newEmptyFlag) {
$result = array();
if($this->query_result) {
$lines = $this->get_field_lines();
$record = $this->fetch_value_if_exists($_POST,'record',0);
$record = $this->set_record_range($this->record_count,$record);
$_POST['record'] = $record;
mysql_data_seek($this->query_result,$record);
$rdata = mysql_fetch_assoc($this->query_result);
mysql_data_seek($this->header_result,0);
while($field = mysql_fetch_row($this->header_result)) {
$name = $field[0];
$value = NULL;
// automagically create a date or time
// for fields with those names
if($newEmptyFlag) {
if(preg_match("/^date$/i",$name)) {
$value = date("Y-m-d");
}
if(preg_match("/^time$/i",$name)) {
$value = date("H:i:s");
}
}
else if (isset($rdata[$name])) {
$value = $rdata[$name];
}
$title = $this->wrap_tag($name .":","b");
$row = $this->wrap_tag($title,"td","width=1%");
$format_val = htmlspecialchars($value,ENT_QUOTES);
// delete possible primary key
if($name == $del_name) {
$format_val = "";
}
if($lines < 2) {
$entry_field = "<input type=\"text\" class=\"datafield\" name=\"$name\" value=\"$format_val\" onKeyUp=\"alert_edit(this);\"/>";
}
else {
$entry_field = "<textarea rows=\"$lines\" class=\"datafield\" name=\"$name\" onKeyUp=\"alert_edit(this);\">$format_val</textarea>";
}
$row .= $this->wrap_tag($entry_field,"td");
$result[] = $this->wrap_tag($row,"tr");
}
//$_SESSION['record'] = $record;
}
return $result;
}
function get_field_names($server,$user,$password,$database,$table) {
$this->preserve_error();
mysql_select_db($database);
return mysql_query("show columns from " . $table,$this->connection);
}
function build_query($table,$query) {
$sql = "";
if($query && strlen($query) > 0) { // data from query field
if ($query == "*") {
$query = ".*";
}
$queryhtml = htmlspecialchars($query,ENT_QUOTES);
$_POST['query'] = $queryhtml;
$sql = "select * from " . $table . " where ";
$equery = mysql_real_escape_string($query);
mysql_data_seek($this->header_result,0);
$args = array();
while ($row = mysql_fetch_row($this->header_result)) {
$name = $row[0];
$args[] = " `" . $name . "` regexp '" . $equery . "' ";
}
$sql .= join($args," or ");
}
else {
$sql = "select * from $table";
}
return $sql;
}
function perform_standard_query($server,$user,$password,$database,$table,$query) {
$this->connection = mysql_connect($server,$user,$password);
$this->preserve_error();
$this->header_result = $this->get_field_names($server,$user,$password,$database,$table);
$arg = $this->build_query($table,$query);
mysql_select_db($database);
if($this->query_result = mysql_query($arg,$this->connection)) {
$this->record_count = mysql_num_rows($this->query_result);
}
}
function set_test_flags() {
$this->insertRecordFlag = false;
$this->changedFlag = (array_key_exists('changed',$_POST) && $_POST['changed'] == 'true');
$this->acceptRecordFlag = array_key_exists('AcceptRecord',$_POST);
$this->newCopyFlag = array_key_exists('NewCopy',$_POST);
$this->newEmptyFlag = array_key_exists('NewEmpty',$_POST);
$this->deleteRecordFlag = array_key_exists('DeleteRecord',$_POST);
$this->execDelete = array_key_exists('DeleteRecordConfirm',$_POST);
}
function create_data_form() {
$dtable = NULL;
list($server,$user,$password,$database,$table,$query,$record) = $this->get_assoc_values($_POST);
if($server && $user && $database && $table) {
$this->set_test_flags();
$del_name = NULL;
// look for primary key
if($this->newCopyFlag) {
$del_name = $this->test_fields_for_key($server,$user,$password,$database,$table);
}
$table_rows = $this->create_data_form_rows($del_name,$this->newEmptyFlag);
$dtable = join($table_rows,"\n");
$dtable = $this->wrap_tag($dtable,"table");
}
$also = "";
if($this->newCopyFlag || $this->newEmptyFlag) { // carry this forward
$spec = ($this->newCopyFlag)?"Copy":"Empty";
$also .= "<p><input type=\"hidden\" name=\"New$spec\" value=\"New$spec\"/>\n";
$also .= "<p><b><font color=\"#00aa00\">New $spec record: enter record data, then press \"Accept\" to save your new entry.</font></b><br>\n";
$also .= "<i>Use \"Tab\", not \"Enter\", to move between fields.</i><br/>\n";
}
else if($this->deleteRecordFlag) { // also carry forward
$also .= "<p><b><font color=\"#ff0000\">Delete: press ";
$also .= " <input type=\"submit\" class=\"button\" name=\"DeleteRecordConfirm\" value=\" Confirm \" title=\"Delete the current record (cannot be undone)\">";
$also .= " to delete record " . ($record+1) . ", or ";
$also .= "<input type=\"submit\" class=\"button\" name=\"Cancel\" value=\" Cancel \" title=\"Cancel this operation\">";
$also .= "</font></b>\n";
// this prevents multiple deletes if the user
// reloads the page after a delete
$_SESSION['arm_delete'] = true;
}
else {
$lines = $this->get_field_lines();
$note = ($lines == 1)?"or \"Enter\" ":"";
$item = "Press \"Accept\" $note to commit changes to the database.";
$also .= "<p><i>$item</i><br/>";
}
if($this->error) {
$also .= "<b>SQL Error: $this->error</b><br/>\n";
}
if($this->acceptRecordFlag && !$this->changedFlag) {
$also .= "<b><font color=\"#ff0000\">NOTE: No changes to commit.</font></b><br/>\n";
}
return $dtable . $also;
}
function get_database_list() {
$result = NULL;
list($server,$user,$password,$database) = $this->get_assoc_values($_POST);
if($server && $user) {
$this->connection = mysql_connect($server,$user,$password);
$this->preserve_error();
if($this->connection) {
$result = array();
$db_list = mysql_list_dbs($this->connection);
while ($row = mysql_fetch_row($db_list)) {
$result[] = $row[0];
}
}
}
return $result;
}
function get_table_list() {
$result = NULL;
list($server,$user,$password,$database,$table) = $this->get_assoc_values($_POST);
if($server && $user && $database) {
$this->connection = mysql_connect($server,$user,$password);
$this->preserve_error();
if($this->connection) {
$result = array();
$table_list = mysql_query("show tables from " . $database,$this->connection);
while ($row = mysql_fetch_row($table_list)) {
$result[] = $row[0];
}
mysql_free_result($table_list);
}
}
return $result;
}
function get_data_table($force = false) {
list($server,$user,$password,$database,$table,$query,$record) = $this->get_assoc_values($_POST);
list($oserver,$ouser,$opassword,$odatabase,$otable,$oquery,$orecord) = $this->get_assoc_values($this->old_values);
// preconditions for creating a new data table
if($server && $user && $database && $table) {
$no_table = $this->query_result == NULL;
if($force || $no_table || ($database != $odatabase || $table != $otable || $query != $oquery)) {
$this->perform_standard_query($server,$user,$password,$database,$table,$query);
if($this->query_result) {
// new table, test record value
$record = $this->set_record_range($this->record_count,$record);
$_POST['record'] = $record;
}
}
}
}
function get_field_lines() {
return $this->fetch_value_if_exists($_POST,'fieldlines',1);
}
function build_field_lines_control() {
$lines = $this->get_field_lines();
$output="";
$n = 1;
while($n < 32) {
$ch = ($n == $lines)?"selected":"";
$output .= "<option $ch>$n</option>\n";
$n <<= 1;
}
$title = $this->wrap_tag("<b>Field rows:</b>","td");
$output = $this->wrap_tag($output,"select","name=\"fieldlines\" title=\"Select number of entry rows\" onChange=\"submit();\"");
return $title . $this->wrap_tag($output,"td");
}
function make_control_tables($add_this) {
$tables = "";
$output = $add_this;
$query = $this->fetch_value_if_exists($_POST,'query','.*');
if(strlen($query) < 1) {
$query = '.*';
}
$output .= $this->make_text_field("text","Query","query",$query,"Enter a search query (applied to all fields)",18);
$record = $this->fetch_value_if_exists($_POST,'record');
$output .= "<td align=center><input class=\"button\" type=\"submit\" name=\"AcceptRecord\" value=\" Accept \" title=\"Commit any editorial changes to the current record\"/></td>\n";
$output .= "<td align=center><input class=\"button 