diff options
| author | ichdasich <ichdasich@29ba0400-6e00-0410-a75a-ca02368028f8> | 2008-09-10 03:42:44 +0000 |
|---|---|---|
| committer | ichdasich <ichdasich@29ba0400-6e00-0410-a75a-ca02368028f8> | 2008-09-10 03:42:44 +0000 |
| commit | b00d5b96c6d33572b6d7c68688d6d1c4fbd0f0f4 (patch) | |
| tree | cf02da8b2839bea3b6a966b575f2ba84966676bb /includes/funktion_db.php | |
| parent | 34aff10f383fe963cd3f8fd7f096321302e1efb6 (diff) | |
moved /inc to ../includes
git-svn-id: svn://svn.cccv.de/engel-system@281 29ba0400-6e00-0410-a75a-ca02368028f8
Diffstat (limited to 'includes/funktion_db.php')
| -rw-r--r-- | includes/funktion_db.php | 149 |
1 files changed, 149 insertions, 0 deletions
diff --git a/includes/funktion_db.php b/includes/funktion_db.php new file mode 100644 index 00000000..cbfb198f --- /dev/null +++ b/includes/funktion_db.php @@ -0,0 +1,149 @@ +<?PHP + +if( !function_exists("db_query")) +{ + function Ausgabe_Daten($SQL) + { + global $con; + $Erg = mysql_query($SQL, $con); + + echo mysql_error($con); + + $Zeilen = mysql_num_rows($Erg); + $Anzahl_Felder = mysql_num_fields($Erg); + + $Diff = "<table border=1>"; + $Diff .= "<tr>"; + for ($m = 0 ; $m < $Anzahl_Felder ; $m++) + $Diff .= "<th>". mysql_field_name($Erg, $m). "</th>"; + $Diff .= "</tr>"; + + for ($n = 0 ; $n < $Zeilen ; $n++) + { + $Diff .= "<tr>"; + for ($m = 0 ; $m < $Anzahl_Felder ; $m++) + $Diff .= "<td>".mysql_result($Erg, $n, $m). "</td>"; + $Diff .= "</tr>"; + } + $Diff .= "</table>"; + return $Diff; + } + + function db_querry_getDatenAssocArray($SQL) + { + global $con; + + $Erg = mysql_query($SQL, $con); + echo mysql_error($con); + + $Daten = array(); + for( $i=0; $i<mysql_num_rows($Erg); $i++) + $Daten[$i] = mysql_fetch_assoc($Erg); + + return $Daten; + } + + function db_querry_diffDaten($Daten1, $Daten2) + { + $Gefunden=False; + + $Diff = "\n<table border=1>\n"; + $Diff .= "<tr>\n\t<th>Feldname</th>\n\t<th>old Value</th>\n\t<th>new Value</th>\n"; + $Diff .= "</tr>\n"; + foreach($Daten1 as $DataKey => $Data1) + { + if( isset( $Daten2[$DataKey])) + { + $Data2 = $Daten2[$DataKey]; + foreach($Data1 as $key => $value) + if( $value != $Data2[$key]) + { + $Gefunden=TRUE; + $Diff .= "<tr>\n\t<td>$key</td>\n\t<td>$value</td>\n\t<td>".$Data2[$key]."</rd>\n</tr>"; + } + } + else + foreach($Data1 as $key => $value) + { + $Gefunden=TRUE; + $Diff .= "<tr>\n\t<td>$key</td>\n\t<td>$value</td>\n\t<td></rd>\n</tr>"; + } + } + $Diff .= "</table>\n"; + + if( $Gefunden) + return $Diff; + else + return "\nno changes Fount\n"; + } + + function db_query( $SQL, $comment) + { + global $con, $Page; + $Diff = ""; + + //commed anlyse udn daten sicherung + if( strpos( "#$SQL", "UPDATE") > 0) + { + //Tabellen name ermitteln + $Table_Start = strpos( $SQL, "`"); + $Table_End = strpos( $SQL, "`", $Table_Start+1); + $Table = substr( $SQL, $Table_Start, ($Table_End-$Table_Start+1)); + + //SecureTest + if( $Table_Start == 0 || $Table_End == 0) die("<h1>funktion_db ERROR SQL: '$SQL' nicht OK</h1>"); + + //WHERE ermitteln + $Where_Start = strpos( $SQL, "WHERE"); + $Where = substr( $SQL, $Where_Start); + if( $Where_Start == 0) $Where = ";"; + + if( strlen( $Where) < 2) + { + $Diff = "can't show, too mutch data (no filter was set)"; + $querry_erg = mysql_query($SQL, $con); + } + else + { + $Daten1 = db_querry_getDatenAssocArray( "SELECT * FROM $Table $Where"); + $querry_erg = mysql_query($SQL, $con); + $Daten2 = db_querry_getDatenAssocArray( "SELECT * FROM $Table $Where"); + $Diff = db_querry_diffDaten($Daten1, $Daten2); + } + } + elseif( strpos( "#$SQL", "DELETE") > 0) + { + $TableWhere = substr( $SQL, 6); + $Diff .= Ausgabe_Daten( "SELECT * $TableWhere"); + + //execute command + $querry_erg = mysql_query($SQL, $con); + } + elseif( strpos( "#$SQL", "INSERT") > 0) + { + //execute command + $querry_erg = mysql_query($SQL, $con); + } + else + { + //execute command + $querry_erg = mysql_query($SQL, $con); + } + + $SQLCommand = "SQL:<br>". htmlentities( $SQL, ENT_QUOTES); + if( strlen($Diff) > 0) + $SQLCommand .= "<br><br>Diff:<br>$Diff"; + + $Commend = htmlentities( ($Page["Name"]. ": ". $comment), ENT_QUOTES); + //LOG commands in DB + $SQL_SEC = "INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ". + " VALUES ( '". $_SESSION['UID']. "', ". + "'". mysql_escape_string( $SQLCommand). "', ". + "'". mysql_escape_string( $Commend). "' );"; + $erg = mysql_query($SQL_SEC, $con); + echo mysql_error($con); + return $querry_erg; + }//function db_query( +} + +?> |