summaryrefslogtreecommitdiff
path: root/includes/funktion_db.php
diff options
context:
space:
mode:
authorichdasich <ichdasich@29ba0400-6e00-0410-a75a-ca02368028f8>2008-09-10 03:42:44 +0000
committerichdasich <ichdasich@29ba0400-6e00-0410-a75a-ca02368028f8>2008-09-10 03:42:44 +0000
commitb00d5b96c6d33572b6d7c68688d6d1c4fbd0f0f4 (patch)
treecf02da8b2839bea3b6a966b575f2ba84966676bb /includes/funktion_db.php
parent34aff10f383fe963cd3f8fd7f096321302e1efb6 (diff)
moved /inc to ../includes
git-svn-id: svn://svn.cccv.de/engel-system@281 29ba0400-6e00-0410-a75a-ca02368028f8
Diffstat (limited to 'includes/funktion_db.php')
-rw-r--r--includes/funktion_db.php149
1 files changed, 149 insertions, 0 deletions
diff --git a/includes/funktion_db.php b/includes/funktion_db.php
new file mode 100644
index 00000000..cbfb198f
--- /dev/null
+++ b/includes/funktion_db.php
@@ -0,0 +1,149 @@
+<?PHP
+
+if( !function_exists("db_query"))
+{
+ function Ausgabe_Daten($SQL)
+ {
+ global $con;
+ $Erg = mysql_query($SQL, $con);
+
+ echo mysql_error($con);
+
+ $Zeilen = mysql_num_rows($Erg);
+ $Anzahl_Felder = mysql_num_fields($Erg);
+
+ $Diff = "<table border=1>";
+ $Diff .= "<tr>";
+ for ($m = 0 ; $m < $Anzahl_Felder ; $m++)
+ $Diff .= "<th>". mysql_field_name($Erg, $m). "</th>";
+ $Diff .= "</tr>";
+
+ for ($n = 0 ; $n < $Zeilen ; $n++)
+ {
+ $Diff .= "<tr>";
+ for ($m = 0 ; $m < $Anzahl_Felder ; $m++)
+ $Diff .= "<td>".mysql_result($Erg, $n, $m). "</td>";
+ $Diff .= "</tr>";
+ }
+ $Diff .= "</table>";
+ return $Diff;
+ }
+
+ function db_querry_getDatenAssocArray($SQL)
+ {
+ global $con;
+
+ $Erg = mysql_query($SQL, $con);
+ echo mysql_error($con);
+
+ $Daten = array();
+ for( $i=0; $i<mysql_num_rows($Erg); $i++)
+ $Daten[$i] = mysql_fetch_assoc($Erg);
+
+ return $Daten;
+ }
+
+ function db_querry_diffDaten($Daten1, $Daten2)
+ {
+ $Gefunden=False;
+
+ $Diff = "\n<table border=1>\n";
+ $Diff .= "<tr>\n\t<th>Feldname</th>\n\t<th>old Value</th>\n\t<th>new Value</th>\n";
+ $Diff .= "</tr>\n";
+ foreach($Daten1 as $DataKey => $Data1)
+ {
+ if( isset( $Daten2[$DataKey]))
+ {
+ $Data2 = $Daten2[$DataKey];
+ foreach($Data1 as $key => $value)
+ if( $value != $Data2[$key])
+ {
+ $Gefunden=TRUE;
+ $Diff .= "<tr>\n\t<td>$key</td>\n\t<td>$value</td>\n\t<td>".$Data2[$key]."</rd>\n</tr>";
+ }
+ }
+ else
+ foreach($Data1 as $key => $value)
+ {
+ $Gefunden=TRUE;
+ $Diff .= "<tr>\n\t<td>$key</td>\n\t<td>$value</td>\n\t<td></rd>\n</tr>";
+ }
+ }
+ $Diff .= "</table>\n";
+
+ if( $Gefunden)
+ return $Diff;
+ else
+ return "\nno changes Fount\n";
+ }
+
+ function db_query( $SQL, $comment)
+ {
+ global $con, $Page;
+ $Diff = "";
+
+ //commed anlyse udn daten sicherung
+ if( strpos( "#$SQL", "UPDATE") > 0)
+ {
+ //Tabellen name ermitteln
+ $Table_Start = strpos( $SQL, "`");
+ $Table_End = strpos( $SQL, "`", $Table_Start+1);
+ $Table = substr( $SQL, $Table_Start, ($Table_End-$Table_Start+1));
+
+ //SecureTest
+ if( $Table_Start == 0 || $Table_End == 0) die("<h1>funktion_db ERROR SQL: '$SQL' nicht OK</h1>");
+
+ //WHERE ermitteln
+ $Where_Start = strpos( $SQL, "WHERE");
+ $Where = substr( $SQL, $Where_Start);
+ if( $Where_Start == 0) $Where = ";";
+
+ if( strlen( $Where) < 2)
+ {
+ $Diff = "can't show, too mutch data (no filter was set)";
+ $querry_erg = mysql_query($SQL, $con);
+ }
+ else
+ {
+ $Daten1 = db_querry_getDatenAssocArray( "SELECT * FROM $Table $Where");
+ $querry_erg = mysql_query($SQL, $con);
+ $Daten2 = db_querry_getDatenAssocArray( "SELECT * FROM $Table $Where");
+ $Diff = db_querry_diffDaten($Daten1, $Daten2);
+ }
+ }
+ elseif( strpos( "#$SQL", "DELETE") > 0)
+ {
+ $TableWhere = substr( $SQL, 6);
+ $Diff .= Ausgabe_Daten( "SELECT * $TableWhere");
+
+ //execute command
+ $querry_erg = mysql_query($SQL, $con);
+ }
+ elseif( strpos( "#$SQL", "INSERT") > 0)
+ {
+ //execute command
+ $querry_erg = mysql_query($SQL, $con);
+ }
+ else
+ {
+ //execute command
+ $querry_erg = mysql_query($SQL, $con);
+ }
+
+ $SQLCommand = "SQL:<br>". htmlentities( $SQL, ENT_QUOTES);
+ if( strlen($Diff) > 0)
+ $SQLCommand .= "<br><br>Diff:<br>$Diff";
+
+ $Commend = htmlentities( ($Page["Name"]. ": ". $comment), ENT_QUOTES);
+ //LOG commands in DB
+ $SQL_SEC = "INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ".
+ " VALUES ( '". $_SESSION['UID']. "', ".
+ "'". mysql_escape_string( $SQLCommand). "', ".
+ "'". mysql_escape_string( $Commend). "' );";
+ $erg = mysql_query($SQL_SEC, $con);
+ echo mysql_error($con);
+ return $querry_erg;
+ }//function db_query(
+}
+
+?>