2009-05-01 17:01:52 +02:00
< ? php
2011-03-17 Raul Mateos <raulofpandora@gmail.com>
* extensions/dbmanager.php, extensions/pandora_logs.php, general/*.php,
index.php, ajax.php, operation/search_*.php, operation/menu.php,
operation/extensions.php, godmode/menu.php, godmode/extensions.php,
admin_access_logs.php: Cleaned code and updated page disclaimers.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4108 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-03-17 23:01:01 +01:00
// Pandora FMS - http://pandorafms.com
2009-06-08 20:26:14 +02:00
// ==================================================
2020-11-27 13:52:35 +01:00
// Copyright (c) 2005-2021 Artica Soluciones Tecnologicas
2011-03-17 Raul Mateos <raulofpandora@gmail.com>
* extensions/dbmanager.php, extensions/pandora_logs.php, general/*.php,
index.php, ajax.php, operation/search_*.php, operation/menu.php,
operation/extensions.php, godmode/menu.php, godmode/extensions.php,
admin_access_logs.php: Cleaned code and updated page disclaimers.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4108 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-03-17 23:01:01 +01:00
// Please see http://pandorafms.org for full contribution list
2009-05-01 17:01:52 +02:00
// This program is free software; you can redistribute it and/or
2011-03-23 Raul Mateos <raulofpandora@gmail.com>
* extensions/ssh_console.php, extensions/vnc_view.php,
extensions/update_manager.php, extensions/users_connected.php,
extensions/extension_uploader.php, extensions/insert_data.php,
extensions/module_groups.php, extensions/plugin_registration.php,
extensions/agent_modules.php, extensions/resource_registration.php,
extensions/resource_exportation.php, extensions/dbmanager.php,
extensions/pandora_logs.php, general/*.php, ajax.php,
operation/search_*.php, operation/menu.php, operation/extensions.php,
godmode/menu.php, godmode/extensions.php, godmode/admin_access_logs.php:
CReverted unwanted license changes.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4126 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-03-23 17:13:28 +01:00
// modify it under the terms of the GNU General Public License
2011-03-17 Raul Mateos <raulofpandora@gmail.com>
* extensions/dbmanager.php, extensions/pandora_logs.php, general/*.php,
index.php, ajax.php, operation/search_*.php, operation/menu.php,
operation/extensions.php, godmode/menu.php, godmode/extensions.php,
admin_access_logs.php: Cleaned code and updated page disclaimers.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4108 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-03-17 23:01:01 +01:00
// as published by the Free Software Foundation; version 2
2009-05-01 17:01:52 +02:00
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
2011-03-17 Raul Mateos <raulofpandora@gmail.com>
* extensions/dbmanager.php, extensions/pandora_logs.php, general/*.php,
index.php, ajax.php, operation/search_*.php, operation/menu.php,
operation/extensions.php, godmode/menu.php, godmode/extensions.php,
admin_access_logs.php: Cleaned code and updated page disclaimers.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4108 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-03-17 23:01:01 +01:00
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2009-05-01 17:01:52 +02:00
// GNU General Public License for more details.
2019-01-30 16:18:44 +01:00
function dbmanager_query ( $sql , & $error , $dbconnection )
{
global $config ;
$retval = [];
if ( $sql == '' ) {
return false ;
}
$sql = html_entity_decode ( $sql , ENT_QUOTES );
2019-12-20 14:18:48 +01:00
// Extract the text in quotes to add html entities before query db.
$patttern = '/(?:"|\')+([^"\']*)(?:"|\')+/m' ;
$sql = preg_replace_callback (
$patttern ,
function ( $matches ) {
return '"' . io_safe_input ( $matches [ 1 ]) . '"' ;
},
$sql
);
2019-01-30 16:18:44 +01:00
if ( $config [ 'mysqli' ]) {
$result = mysqli_query ( $dbconnection , $sql );
if ( $result === false ) {
$backtrace = debug_backtrace ();
$error = mysqli_error ( $dbconnection );
return false ;
}
} else {
$result = mysql_query ( $sql , $dbconnection );
if ( $result === false ) {
$backtrace = debug_backtrace ();
$error = mysql_error ();
return false ;
}
}
if ( $result === true ) {
if ( $config [ 'mysqli' ]) {
return mysqli_affected_rows ( $dbconnection );
} else {
return mysql_affected_rows ();
}
}
if ( $config [ 'mysqli' ]) {
while ( $row = mysqli_fetch_array ( $result , MYSQLI_ASSOC )) {
array_push ( $retval , $row );
}
} else {
while ( $row = mysql_fetch_array ( $result , MYSQL_ASSOC )) {
array_push ( $retval , $row );
}
}
if ( $config [ 'mysqli' ]) {
mysqli_free_result ( $result );
} else {
mysql_free_result ( $result );
}
if ( ! empty ( $retval )) {
return $retval ;
}
// Return false, check with === or !==
return 'Empty' ;
2009-05-02 01:41:09 +02:00
}
2009-05-01 17:01:52 +02:00
2019-01-30 16:18:44 +01:00
function dbmgr_extension_main ()
{
ui_require_css_file ( 'dbmanager' , 'extensions/dbmanager/' );
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
global $config ;
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
if ( ! is_user_admin ( $config [ 'id_user' ])) {
db_pandora_audit ( 'ACL Violation' , 'Trying to access Setup Management' );
include 'general/noaccess.php' ;
return ;
}
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
$sql = ( string ) get_parameter ( 'sql' );
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
ui_print_page_header ( __ ( 'Database interface' ), 'images/gm_db.png' , false , false , true );
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
echo '<div class="notify">' ;
echo __ (
" This is an advanced extension to interface with %s database directly from WEB console
2018-05-14 17:51:10 +02:00
using native SQL sentences . Please note that < b > you can damage </ b > your % s installation
if you don ' t know </ b > exactly </ b > what are you are doing ,
this means that you can severily damage your setup using this extension .
This extension is intended to be used < b > only by experienced users </ b >
with a depth knowledge of % s internals . " ,
2019-01-30 16:18:44 +01:00
get_product_name (),
get_product_name (),
get_product_name ()
);
echo '</div>' ;
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
echo '<br />' ;
echo " Some samples of usage: <blockquote><em>SHOW STATUS;<br />DESCRIBE tagente<br />SELECT * FROM tserver<br />UPDATE tagente SET id_grupo = 15 WHERE nombre LIKE '%194.179%'</em></blockquote> " ;
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
echo '<br /><br />' ;
echo " <form method='post' action=''> " ;
html_print_textarea ( 'sql' , 5 , 50 , html_entity_decode ( $sql , ENT_QUOTES ));
echo '<br />' ;
2021-03-11 15:40:23 +01:00
echo '<div class="action-buttons w100p">' ;
2019-01-30 16:18:44 +01:00
echo '<br />' ;
html_print_submit_button ( __ ( 'Execute SQL' ), '' , false , 'class="sub next"' );
echo '</div>' ;
echo '</form>' ;
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
// Processing SQL Code
if ( $sql == '' ) {
return ;
}
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
echo '<br />' ;
echo '<hr />' ;
echo '<br />' ;
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
$dbconnection = $config [ 'dbconnection' ];
$error = '' ;
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
$result = dbmanager_query ( $sql , $error , $dbconnection );
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
if ( $result === false ) {
echo '<strong>An error has occured when querying the database.</strong><br />' ;
echo $error ;
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
db_pandora_audit ( 'DB Interface Extension' , 'Error in SQL' , false , false , $sql );
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
return ;
}
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
if ( ! is_array ( $result )) {
echo '<strong>Output: <strong>' . $result ;
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
db_pandora_audit ( 'DB Interface Extension' , 'SQL' , false , false , $sql );
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
return ;
}
2018-10-04 17:17:39 +02:00
2021-03-11 15:40:23 +01:00
echo " <div class='overflow'> " ;
2019-01-30 16:18:44 +01:00
$table = new stdClass ();
$table -> width = '100%' ;
2019-04-17 11:49:49 +02:00
$table -> class = 'info_table' ;
2019-01-30 16:18:44 +01:00
$table -> head = array_keys ( $result [ 0 ]);
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
$table -> data = $result ;
2018-10-04 17:17:39 +02:00
2019-01-30 16:18:44 +01:00
html_print_table ( $table );
echo '</div>' ;
2009-05-01 17:01:52 +02:00
}
2019-01-30 16:18:44 +01:00
// This adds a option in the operation menu
extensions_add_godmode_menu_option ( __ ( 'DB interface' ), 'PM' , 'gextensions' , 'dbmanager/icon.png' , 'v1r1' , 'gdbman' );
// This sets the function to be called when the extension is selected in the operation menu
extensions_add_godmode_function ( 'dbmgr_extension_main' );