1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
<?PHP
if( !function_exists("db_query"))
{
function db_querry_getDatenAssocArray($SQL)
{
global $con;
$Erg = mysql_query($SQL, $con);
echo mysql_error($con);
$Daten = array();
for( $i=0; $i<mysql_num_rows($Erg); $i++)
$Daten[$i] = mysql_fetch_assoc($Erg);
return $Daten;
}
function db_querry_diffDaten($Daten1, $Daten2)
{
$gefunden=False;
$Diff = "\n<table border=1>\n";
$Diff .= "<tr>\n\t<th>Feldname</th>\n\t<th>old Value</th>\n\t<th>new Value</th>\n";
$Diff .= "</tr>\n";
foreach($Daten1 as $DataKey => $Data1)
{
$Data2 = $Daten2[$DataKey];
foreach($Data1 as $key => $value)
if( $value != $Data2[$key])
{
$Gefunden=TRUE;
$Diff .= "<tr>\n\t<td>$key</td>\n\t<td>$value</td>\n\t<td>".$Data2[$key]."</rd>\n</tr>";
}
}
$Diff .= "</table>\n";
if( $Gefunden)
return $Diff;
else
return "\nno changes Fount\n";
}
function db_query( $SQL, $comment)
{
global $con, $Page;
$Diff = "";
//commed anlyse udn daten sicherung
if( strpos( "#$SQL", "UPDATE") > 0)
{
//Tabellen name ermitteln
$Table_Start = strpos( $SQL, "`");
$Table_End = strpos( $SQL, "`", $Table_Start+1);
$Table = substr( $SQL, $Table_Start, ($Table_End-$Table_Start+1));
//SecureTest
if( $Table_Start == 0 || $Table_End == 0) die("<h1>funktion_db ERROR SQL: '$SQL' nicht OK</h1>");
//WHERE ermitteln
$Where_Start = strpos( $SQL, "WHERE");
$Where = substr( $SQL, $Where_Start);
if( $Where_Start == 0) $Where = ";";
if( strlen( $Where) < 2)
{
$Diff = "can't show, too mutch data (no filter was set)";
$querry_erg = mysql_query($SQL, $con);
}
else
{
$Daten1 = db_querry_getDatenAssocArray( "SELECT * FROM $Table $Where");
$querry_erg = mysql_query($SQL, $con);
$Daten2 = db_querry_getDatenAssocArray( "SELECT * FROM $Table $Where");
$Diff = db_querry_diffDaten($Daten1, $Daten2);
}
}
elseif( strpos( "#$SQL", "DELETE") > 0)
{
$TableWhere = substr( $SQL, 6);
$Diff .= Ausgabe_Daten( "SELECT * $TableWhere");
//execute command
$querry_erg = mysql_query($SQL, $con);
}
elseif( strpos( "#$SQL", "INSERT") > 0)
{
//execute command
$querry_erg = mysql_query($SQL, $con);
}
else
{
//execute command
$querry_erg = mysql_query($SQL, $con);
}
$SQLCommand = "SQL:<br>". htmlentities( $SQL, ENT_QUOTES);
if( strlen($Diff) > 0)
$SQLCommand .= "<br><br>Diff:<br>$Diff";
$Commend = htmlentities( ($Page["Name"]. ": ". $comment), ENT_QUOTES);
//LOG commands in DB
$SQL_SEC = "INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ".
" VALUES ( '". $_SESSION['UID']. "', ".
"'". mysql_escape_string( $SQLCommand). "', ".
"'". mysql_escape_string( $Commend). "' );";
$erg = mysql_query($SQL_SEC, $con);
echo mysql_error($con);
return $querry_erg;
}//function db_query(
}
?>
|
