2009-05-01 17:01:52 +02:00
< ? php
2009-06-08 20:26:14 +02:00
//Pandora FMS- http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2009 Artica Soluciones Tecnologicas
2009-05-01 17:01:52 +02:00
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
2009-05-04 15:11:16 +02:00
function dbmanager_query ( $sql , & $error ) {
2009-05-02 01:41:09 +02:00
global $config ;
$retval = array ();
if ( $sql == '' )
return false ;
// This following two lines are for real clean the string coming from the PHP
// because add ' for single quote and " for the double, you cannot
// see with a simple echo and mysql reject it, so dont forget to do this.
$sql = unsafe_string ( $sql );
2009-05-04 15:11:16 +02:00
$sql = htmlspecialchars_decode ( $sql , ENT_QUOTES );
2009-05-02 01:41:09 +02:00
$result = mysql_query ( $sql );
if ( $result === false ) {
$backtrace = debug_backtrace ();
2009-05-04 15:11:16 +02:00
$error = mysql_error ();
2009-05-02 01:41:09 +02:00
return false ;
2009-05-04 15:11:16 +02:00
}
if ( $result === true ) {
2009-05-02 01:41:09 +02:00
if ( $rettype == " insert_id " ) {
return mysql_insert_id ();
} elseif ( $rettype == " info " ) {
return mysql_info ();
}
2009-05-04 15:11:16 +02:00
return mysql_affected_rows ();
}
while ( $row = mysql_fetch_array ( $result , MYSQL_ASSOC )) {
array_push ( $retval , $row );
2009-05-02 01:41:09 +02:00
}
2009-05-04 15:11:16 +02:00
mysql_free_result ( $result );
2009-05-02 01:41:09 +02:00
if ( ! empty ( $retval ))
return $retval ;
//Return false, check with === or !==
return false ;
}
2009-05-01 17:01:52 +02:00
function dbmgr_extension_main () {
2009-05-04 15:11:16 +02:00
require_css_file ( 'dbmanager' , 'extensions/dbmanager/' );
2009-05-01 17:01:52 +02:00
2009-05-04 15:11:16 +02:00
$sql = ( string ) get_parameter ( 'sql' );
2009-05-01 17:01:52 +02:00
2009-05-04 15:11:16 +02:00
echo " <h1>Database interface</h1> " ;
echo '<div class="notify">' ;
echo " This is an advanced extension to interface with Pandora FMS database directly from WEB console using native SQL sentences. Please note that <b>you can damage</b> your Pandora FMS installation if you don't know </b>exactly</b> what are you doing, this means that you can severily damage your setup using this extension. This extension is intended to be used <b>only by experienced users</b> with a depth knowledgue of Pandora FMS internals. " ;
echo '</div>' ;
2009-05-01 17:01:52 +02:00
2009-05-04 15:11:16 +02:00
echo " <br /> " ;
echo " Some samples of usage: <blockquote><em>SHOW STATUS;<br />DESCRIBE tagente<br />SELECT * FROM tserver<br />UPDATE tagente SET id_grupo = 15 WHERE nombre LIKE '%194.179%'</em></blockquote> " ;
2009-05-01 17:01:52 +02:00
2009-05-04 15:11:16 +02:00
echo " <br /><br /> " ;
2009-05-01 17:01:52 +02:00
echo " <form method='post' action=''> " ;
2009-05-04 15:11:16 +02:00
print_textarea ( 'sql' , 5 , 50 , unsafe_string ( $sql ));
echo '<br />' ;
echo '<div class="action-buttons" style="width: 100%">' ;
print_submit_button ( __ ( 'Execute SQL' ), '' , false , 'class="sub next"' );
echo '</div>' ;
2009-05-01 17:01:52 +02:00
echo " </form> " ;
// Processing SQL Code
2009-05-04 15:11:16 +02:00
if ( $sql == '' )
return ;
echo " <br /> " ;
echo " <hr /> " ;
echo " <br /> " ;
$error = '' ;
$result = dbmanager_query ( $sql , $error );
if ( $result === false ) {
echo '<strong>An error has occured when querying the database.</strong><br />' ;
echo $error ;
return ;
}
if ( ! is_array ( $result )) {
echo " <strong>Output: <strong> " . $result ;
return ;
}
$table -> width = '90%' ;
$table -> class = 'dbmanager' ;
$table -> head = array_keys ( $result [ 0 ]);
$table -> data = $result ;
print_table ( $table );
2009-05-01 17:01:52 +02:00
}
/* This adds a option in the operation menu */
2009-05-04 15:11:16 +02:00
add_godmode_menu_option ( __ ( 'DB interface' ), 'PM' );
2009-05-01 17:01:52 +02:00
/* This sets the function to be called when the extension is selected in the operation menu */
add_extension_godmode_function ( 'dbmgr_extension_main' );
?>