• Main Page
  • Related Pages
  • Namespaces
  • Data Structures
  • Files
  • Examples
  • File List
  • Globals

cms/modules/sqlquery.lib.php

Go to the documentation of this file.
00001 <?php
00002 if(!defined('__PRAGYAN_CMS'))
00003 { 
00004         header($_SERVER['SERVER_PROTOCOL'].' 403 Forbidden');
00005         echo "<h1>403 Forbidden<h1><h4>You are not authorized to access the page.</h4>";
00006         echo '<hr/>'.$_SERVER['SERVER_SIGNATURE'];
00007         exit(1);
00008 }
00017 class sqlquery implements module {
00018         private $userId;
00019         private $moduleComponentId;
00020         private $action;
00021 
00022         public function getHtml($userId, $moduleComponentId, $action) {
00023                 $this->userId = $userId;
00024                 $this->moduleComponentId = $moduleComponentId;
00025                 $this->action = $action;
00026 
00027                 switch($action) {
00028                         case 'view':
00029                                 return $this->actionView();
00030                         case 'edit':
00031                                 return $this->actionEdit();
00032                 }
00033         }
00034 
00035         public function actionView() {
00036                 $sqlQueryQuery = 'SELECT `sqlquery_title`, `sqlquery_query` FROM `sqlquery_desc` WHERE `page_modulecomponentid` = ' . $this->moduleComponentId;
00037                 $sqlQueryResult = mysql_query($sqlQueryQuery);
00038                 if(!$sqlQueryResult) {
00039                         displayerror('Database error. An unknown error was encountered while trying to load page data.');
00040                         return '';
00041                 }
00042                 $sqlQueryRow = mysql_fetch_row($sqlQueryResult);
00043                 if(!$sqlQueryRow) {
00044                         displayerror('Database error. Could not find data for the page requested.');
00045                         return '';
00046                 }
00047 
00048                 $pageTitle = $sqlQueryRow[0];
00049                 $pageQuery = $sqlQueryRow[1];
00050 
00051                 $pageContent = "<h2>$pageTitle</h2><br />\n";
00052                 return $pageContent . $this->generatePageData($pageQuery);
00053         }
00054 
00055         public function actionEdit() {
00056                 $editPageContent = '';
00057                 $paramSqlQuery = '';
00058                 $paramPageTitle = '';
00059                 $useParams = false;
00060 
00061                 if(isset($_POST['btnSubmitQueryData'])) {
00062                         if(!isset($_POST['pagetitle']) || !isset($_POST['sqlquery']))
00063                                 displayerror('Error. Incomplete form data.');
00064                         $pageTitle = $_POST['pagetitle'];
00065                         $sqlQuery = $_POST['sqlquery'];
00066                         if($this->saveQueryEditForm($pageTitle, $sqlQuery))
00067                                 displayinfo('Changes saved successfully.');
00068                 }
00069                 elseif(isset($_POST['btnPreviewResults'])) {
00070                         if(!isset($_POST['pagetitle']) || !isset($_POST['sqlquery']))
00071                                 displayerror('Error. Incomplete form data.');
00072                         $pageTitle = $_POST['pagetitle'];
00073                         $sqlQuery = $_POST['sqlquery'];
00074                         $editPageContent = "<h2>$pageTitle (Preview)</h2><br />\n" . $this->generatePageData(stripslashes($sqlQuery)) . "<br />\n";
00075 
00076                         $useParams = true;
00077                         $paramSqlQuery = stripslashes($sqlQuery);
00078                         $paramPageTitle = $pageTitle;
00079                 }
00080 
00081                 $editPageContent .= $this->getQueryEditForm($paramPageTitle, $paramSqlQuery, $useParams);
00082                 
00083                 $helptext = "";
00084                 if(isset($_POST['btnListTables'])||( isset($_GET['subaction']) && $_GET['subaction']=="listalltables") )
00085                 {
00086                         
00087                         $helptext.="<h2>Tables of Database ".MYSQL_DATABASE."</h2><br/><table id='sqlhelptable' name='sqlhelptable' class='display'><thead></tr><tr><th>Table Name</th><th>Columns Information</th><th>Rows Information</th></tr></thead><tbody>";
00088                         $query="SHOW TABLES";
00089                         $res=mysql_query($query);
00090                         while($row=mysql_fetch_row($res))
00091                         {
00092                                 $helptext .="<tr><td>{$row[0]}</td><td><a href='./+edit&subaction=tablecols&tablename={$row[0]}'>View Columns</a></td><td><a href='./+edit&subaction=tablerows&tablename={$row[0]}'>View Rows</a></td></tr>";
00093                         }
00094                         $helptext .="</tbody></table>";
00095                 }
00096                 if((isset($_POST['btnListRows']) && $_POST['tablename']!="") || ( isset($_GET['subaction']) && $_GET['subaction']=="tablerows") )
00097                 {
00098                         if(isset($_POST['tablename'])) $tablename=escape(safe_html($_POST['tablename']));
00099                         else if(isset($_GET['tablename'])) $tablename=escape(safe_html($_GET['tablename']));
00100                         else { displayerror("Table name missing"); return $editPageContent; }
00101                         
00102                         $query="SELECT * FROM $tablename";
00103                         $res=mysql_query($query);
00104                         $numfields=mysql_num_fields($res);
00105                         $helptext .="<table id='sqlhelptable' name='sqlhelptable' class='display'><thead><tr><th colspan=".$numfields.">Rows of Table $tablename <br/><a href='./+edit&subaction=tablecols&tablename=$tablename'>View Columns</a>  <a href='./+edit&subaction=listalltables'>View All Tables</a></th></tr>";
00106                         $helptext .="<tr>";
00107                         
00108                         for($i=0;$i<$numfields;$i++)
00109                         {
00110                                  $name = mysql_field_name($res, $i);
00111                                     if (!$name) {
00112                                         displayerror("Field name could not be retrieved");
00113                                         break;
00114                                     }
00115                                  $helptext.="<th>$name</th>";
00116                         }
00117                         $helptext .="</tr></thead><tbody>";
00118                         
00119                         
00120                         while($row=mysql_fetch_row($res))
00121                         {
00122                                 $helptext .="<tr>";
00123                                 for($i=0;$i<$numfields;$i++)
00124                                         $helptext .="<td>{$row[$i]}</td>";
00125                                 $helptext .="</tr>";
00126                         }
00127                         $helptext .="</tbody></table>";
00128                 }
00129                 if((isset($_POST['btnListColumns']) && $_POST['tablename']!="") || ( isset($_GET['subaction']) && $_GET['subaction']=="tablecols"))
00130                 {
00131                         if(isset($_POST['tablename'])) $tablename=escape(safe_html($_POST['tablename']));
00132                         else if(isset($_GET['tablename'])) $tablename=escape(safe_html($_GET['tablename']));
00133                         else { displayerror("Table name missing"); return $editPageContent; }
00134                         
00135                         $helptext .="<table id='sqlhelptable' name='sqlhelptable' class='display'><thead><tr><th colspan=6>Column Information of Table $tablename <br/><a href='./+edit&subaction=tablerows&tablename=$tablename'>View Rows</a>  <a href='./+edit&subaction=listalltables'>View All Tables</a> </th></tr>";
00136                         $helptext .="<tr><th>Column Name</th><th>Column Type</th><th>Maximum Length</th><th>Default Value</th><th>Not Null</th><th>Primary Key</th></tr></thead><tbody>";
00137                         $query="SELECT * FROM $tablename LIMIT 1";
00138                         $res=mysql_query($query);
00139                         for($i=0;$i<mysql_num_fields($res);$i++)
00140                         {
00141                                  $meta = mysql_fetch_field($res, $i);
00142                                     if (!$meta) {
00143                                         displayerror("Field information could not be retrieved");
00144                                         break;
00145                                     }
00146                                  $helptext.="<tr><td>{$meta->name}</td><td>{$meta->type}</td><td>{$meta->max_length}</td><td>{$meta->def}</td><td>{$meta->not_null}</td><td>{$meta->primary_key}</td></tr>";
00147                         }
00148                         $helptext .="</tbody></table>";
00149                 }
00150                 global $urlRequestRoot,$cmsFolder,$STARTSCRIPTS;
00151                 $smarttable = smarttable::render(array('sqlhelptable'),null);
00152                 $STARTSCRIPTS .= "initSmartTable();";
00153 
00154                 global $ICONS;
00155                 if($helptext!="") $helptext="<fieldset><legend>{$ICONS['Database Information']['small']}Database Information</legend>$smarttable $helptext</fieldset>";
00156                 return $helptext.$editPageContent;
00157         }
00158 
00159         private function getQueryEditForm($pageTitle = '', $sqlQuery = '', $useParams = false) {
00160                 if(!$useParams) {
00161                         $defaultValueQuery = 'SELECT `sqlquery_title`, `sqlquery_query` FROM `sqlquery_desc` WHERE `page_modulecomponentid` = ' . $this->moduleComponentId;
00162                         $defaultValueResult = mysql_query($defaultValueQuery);
00163                         if(!$defaultValueResult) {
00164                                 displayerror('Error. Could not retrieve data for the page requested.');
00165                                 return '';
00166                         }
00167                         $defaultValueRow = mysql_fetch_row($defaultValueResult);
00168                         if(!$defaultValueRow) {
00169                                 displayerror('Error. Could not retrieve data for the page requested.');
00170                                 return '';
00171                         }
00172                         $pageTitle = $defaultValueRow[0];
00173                         $sqlQuery = $defaultValueRow[1];
00174                 }
00175                 global $ICONS;
00176                 $dbname=MYSQL_DATABASE;
00177                 $dbprefix=MYSQL_DATABASE_PREFIX;
00178                 $queryEditForm = <<<QUERYEDITFORM
00179                 <fieldset><legend>{$ICONS['SQL Query']['small']}Custom SQL Query</legend>
00180                 <form method="POST" action="./+edit">
00181                         <table>
00182                                 <tr><td>Page Title:</td><td><input id="pagetitle" name="pagetitle" type="text" value="$pageTitle" /></td></tr>
00183                                 <tr><td>SQL Query:</td><td><textarea id="sqlquery" name="sqlquery" rows="8" cols="50">$sqlQuery</textarea></td></tr>
00184                         </table>
00185                         <input type="submit" name="btnSubmitQueryData" value="Save Changes" />
00186                         <input type="submit" name="btnPreviewResults" value="Preview Result Page" />
00187                         <br/>Need help ? Use the Database Information form below.
00188                 </form>
00189                 </fieldset>
00190                 <fieldset>
00191                 <legend>{$ICONS['Database Information']['small']} Database Information</legend>
00192                 <table style="width:100%">
00193                 <form method="POST" action="./+edit" >
00194                 <tr><td>Database Name</td><td>$dbname</td></tr>
00195                 <tr><td>Tables Prefix</td><td>$dbprefix</td></tr>
00196                 <tr><td colspan="2"><input style="width:100%" type="submit" name="btnListTables" value="List All Tables"/></td></tr>
00197                 <tr><td>Enter a Table Name </td><td><input type="text" name="tablename"/></td>
00198                 <tr><td><input type="submit" name="btnListRows" value="View Rows Information"/></td><td><input type="submit" name="btnListColumns" value="View Columns Information"/></td></tr>
00199                 
00200                 </table>
00201                 </form>
00202                 </fieldset>
00203 QUERYEDITFORM;
00204                 return $queryEditForm;
00205         }
00206 
00207         private function generatePageData($sqlQuery) {
00208                 $sqlQuery = $sqlQuery;
00209                 $result = mysql_query($sqlQuery);
00210 
00211                 if(!$result) {
00212                         return 'Error. The query used to generate this page is invalid. <a href="./+edit">Click here</a> to change the default query.<br />';
00213                 }
00214 
00215                 $pageContent = '<table>';
00216 
00217                 $pageContent .= "<tr>\n";
00218                 $fieldCount = mysql_num_fields($result);
00219                 for($i = 0; $i < $fieldCount; $i++) {
00220                         $pageContent .= "<th>" . mysql_field_name($result, $i) . "</th>";
00221                 }
00222                 $pageContent .= "</tr>\n";
00223 
00224                 while($resultrow = mysql_fetch_row($result))
00225                         $pageContent .= "<tr><td>" . implode('</td><td>', $resultrow) . "</td></tr>\n";
00226                 $pageContent .= "</table>\n";
00227 
00228                 return $pageContent;
00229         }
00230 
00231         private function saveQueryEditForm($pageTitle, $sqlQuery) {
00232                 $updateQuery = "UPDATE `sqlquery_desc` SET `sqlquery_title` = '$pageTitle', `sqlquery_query` = '$sqlQuery' WHERE `page_modulecomponentid` = {$this->moduleComponentId}";
00233                 $updateResult = mysql_query($updateQuery);
00234                 if(!$updateResult) {
00235                         displayerror('SQL Error. Could not update database settings.');
00236                         return false;
00237                 }
00238                 return true;
00239         }
00240 
00241         public function deleteModule($moduleComponentId) {
00242                 $deleteQuery = "DELETE FROM `sqlquery_desc` WHERE `page_modulecomponentid` = $moduleComponentId";
00243                 $deleteResult = mysql_query($deleteQuery);
00244                 if(mysql_affected_rows() > 0)
00245                         return true;
00246                 displayerror('An unknown error was encountered while trying to delete the module.');
00247                 return false;           
00248         }
00249 
00250         public function copyModule($moduleComponentId) {
00251                 $newComponentId = 0;
00252                 $attempts = 0;
00253 
00254                 while($attempts < 10 && $newComponentId == 0) {
00255                         $newComponentId = $this->getNextModuleComponentId();
00256                         if($newComponentId) {
00257                                 $insertQuery = "INSERT INTO `sqlquery_desc`(`page_modulecomponentid`, `sqlquery_title`, sqlquery_query) SELECT $newComponentId, `sqlquery_title`, `sqlquery_query` FROM `sqlquery_desc` WHERE `page_modulecomponentid` = $moduleComponentId";
00258                                 $insertResult = mysql_query($insertQuery);
00259                                 if(!$insertResult) {
00260                                         if(mysql_errno() != 1062) {
00261                                                 displayerror('An unknown error was encountered while trying to copy the module.');
00262                                                 return false;
00263                                         }
00264                                         $newComponentId = 0;
00265                                 }
00266                         }
00267                         else {
00268                                 displayerror('An unknown error was encountered while trying to copy the module.');
00269                                 return false;                           
00270                         }
00271                         $attempts++;
00272                 }
00273 
00274                 if($newComponentId != 0)
00275                         return $newComponentId;
00276                 return false;
00277         }
00278 
00279         private function getNextModuleComponentId() {
00280                 $moduleComponentIdQuery = 'SELECT MAX(`page_modulecomponentid`) FROM `sqlquery_desc`';
00281                 $moduleComponentIdResult = mysql_query($moduleComponentIdQuery);
00282                 if(!$moduleComponentIdResult)
00283                         return 0;
00284                 $moduleComponentIdRow = mysql_fetch_row($moduleComponentIdResult);
00285                 if(!is_null($moduleComponentIdRow[0]))
00286                         return $moduleComponentIdRow[0] + 1;
00287                 return 1;
00288         }
00289 
00290         public function createModule(&$moduleComponentId) {
00291                 $attemptNumber = 0;
00292                 $newComponentId = 0;
00293 
00294                 while($attemptNumber < 10 && $newComponentId == 0) {
00295                         $newComponentId = $this->getNextModuleComponentId();
00296                         if($newComponentId) {
00297                                 $insertQuery = "INSERT INTO `sqlquery_desc`(`page_modulecomponentid`, `sqlquery_title`, `sqlquery_query`) VALUES($newComponentId, 'New Query', 'SELECT * FROM `mytable` WHERE 1')";
00298                                 $insertResult = mysql_query($insertQuery);
00299                                 if(!$insertResult) {
00300                                         if(mysql_errno() != 1062) {
00301                                                 displayerror('An unknown error was encountered while trying to create a new page.');
00302                                                 return false;
00303                                         }
00304                                         $newComponentId = 0;
00305                                 }
00306                         }
00307                         else if($attemptNumber == 0) {
00308                                 displayerror('Error while trying to fetch new module component id.');
00309                                 return false;
00310                         }
00311                         $attemptNumber++;
00312                 }
00313 
00314                 if($newComponentId == 0) {
00315                         displayerror('Could not create new page.');
00316                         return false;
00317                 }
00318 
00319                 $moduleComponentId = $newComponentId;
00320 
00321                 return true;
00322         }
00323 }
00324 

Generated on Sun Jan 2 2011 04:55:32 for Pragyan CMS by  doxygen 1.7.1