<?php
// Purpose working with data (import/export, type in, ...)
// Author Lutz Brueckner <[email protected]>
// Copyright (c) 2000-2006 by Lutz Brueckner,
// published under the terms of the GNU General Public Licence v.2,
// see file LICENCE for details
require './inc/script_start.inc.php';
require './inc/foreign_keys.inc.php';
require './inc/DataForm.php';
//
// setup $s_tables[] and $s_fields[] if necessary
//
if ($s_connected && $s_tables_valid == FALSE) {
include_once './inc/get_tables.inc.php';
if (get_tables($dbhandle)) {
$s_tables_valid = TRUE;
}
}
require './inc/handle_watchtable.inc.php';
//
// handle foreign key lookup configuration
//
$customize_changed = FALSE;
if (isset($_POST['dt_column_config_save'])) {
$column = get_request_data('dt_column_config_column');
$table = get_request_data('dt_column_config_table');
$fk_column = get_request_data('dt_column_config_fk_column');
if ($fk_column == '') {
unset($s_cust['fk_lookups'][$table][$column]);
if (empty($s_cust['fk_lookups'][$table])) {
/**
* Used to test whether we are able to connect to the database the user has specified
* and identify any problems (eg there are already tables with the names we want to use
* @param array $dbms should be of the format of an element of the array returned by {@link get_available_dbms get_available_dbms()} necessary extensions should be loaded already
*/
function connect_check_db($error_connect, &$error, $dbms_details, $table_prefix, $dbhost, $dbuser, $dbpasswd, $dbname, $dbport, $prefix_may_exist = false, $load_dbal = true, $unicode_check = true)
{
global $config, $lang;
$dbms = $dbms_details['DRIVER'];
if ($load_dbal) {
// Include the DB layer
include $phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx;
}
// Instantiate it and set return on error true
$sql_db = 'dbal_' . $dbms;
$db = new $sql_db();
$db->sql_return_on_error(true);
// Check that we actually have a database name before going any further.....
if ($dbms_details['DRIVER'] != 'sqlite' && $dbms_details['DRIVER'] != 'oracle' && $dbname === '') {
$error[] = $lang['INST_ERR_DB_NO_NAME'];
return false;
}
// Make sure we don't have a daft user who thinks having the SQLite database in the forum directory is a good idea
if ($dbms_details['DRIVER'] == 'sqlite' && stripos(phpbb_realpath($dbhost), phpbb_realpath('../')) === 0) {
$error[] = $lang['INST_ERR_DB_FORUM_PATH'];
return false;
}
// Check the prefix length to ensure that index names are not too long and does not contain invalid characters
switch ($dbms_details['DRIVER']) {
case 'mysql':
case 'mysqli':
if (strspn($table_prefix, '-./\\') !== 0) {
$error[] = $lang['INST_ERR_PREFIX_INVALID'];
return false;
}
break;
}
if (strlen($table_prefix) > $prefix_length) {
$error[] = sprintf($lang['INST_ERR_PREFIX_TOO_LONG'], $prefix_length);
return false;
}
// Try and connect ...
if (is_array($db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, true))) {
$db_error = $db->sql_error();
$error[] = $lang['INST_ERR_DB_CONNECT'] . '<br />' . ($db_error['message'] ? $db_error['message'] : $lang['INST_ERR_DB_NO_ERROR']);
} else {
// Likely matches for an existing phpBB installation
if (!$prefix_may_exist) {
$temp_prefix = strtolower($table_prefix);
$table_ary = array($temp_prefix . 'attachments', $temp_prefix . 'config', $temp_prefix . 'sessions', $temp_prefix . 'topics', $temp_prefix . 'users');
$tables = get_tables($db);
$tables = array_map('strtolower', $tables);
$table_intersect = array_intersect($tables, $table_ary);
if (sizeof($table_intersect)) {
$error[] = $lang['INST_ERR_PREFIX'];
}
}
// Make sure that the user has selected a sensible DBAL for the DBMS actually installed
switch ($dbms_details['DRIVER']) {
case 'mysqli':
if (version_compare(mysqli_get_server_info($db->db_connect_id), '4.1.3', '<')) {
$error[] = $lang['INST_ERR_DB_NO_MYSQLI'];
}
break;
}
}
if ($error_connect && (!isset($error) || !sizeof($error))) {
return true;
}
return false;
}
/**
* Table Exists
*
* Check if a table exists in the DB or not
*
* @param string $table_name The table name to check for
*
* @return bool true if the table exists, false if not
*/
function table_exists($table_name)
{
$this->get_table_name($table_name);
// Use sql_table_exists if available
if (method_exists($this->db_tools, 'sql_table_exists')) {
$roe = $this->db->return_on_error;
$result = $this->db_tools->sql_table_exists($table_name);
// db_tools::sql_table_exists resets the return_on_error to false always after completing, so we must make sure we set it to true again if it was before
if ($roe) {
$this->db->sql_return_on_error(true);
}
return $result;
}
if (!function_exists('get_tables')) {
global $phpbb_root_path, $phpEx;
include $phpbb_root_path . 'includes/functions_install.' . $phpEx;
}
$tables = get_tables($this->db);
if (in_array($table_name, $tables)) {
return true;
} else {
return false;
}
}
function get_logtables($link)
{
// Create an array of the column names in the default table
$query = "DESCRIBE " . DEFAULTLOGTABLE;
$result = perform_query($query, $link);
$defaultFieldArray = array();
while ($row = mysql_fetch_array($result)) {
array_push($defaultFieldArray, $row['Field']);
}
// Create an array with the names of all the log tables
$logTableArray = array();
$allTablesArray = get_tables($link);
foreach ($allTablesArray as $value) {
// Create an array of the column names in the current table
$query = "DESCRIBE " . $value;
$result = perform_query($query, $link);
// Get the names of columns in current table
$fieldArray = array();
while ($row = mysql_fetch_array($result)) {
array_push($fieldArray, $row['Field']);
}
// If the current array is identical to the one from the
// DEFAULTLOGTABLE then the name is added to the result
// array.
$diffArray = array_diff_assoc($defaultFieldArray, $fieldArray);
if (!$diffArray) {
array_push($logTableArray, $value);
}
}
return $logTableArray;
}
/**
* Used to test whether we are able to connect to the database the user has specified
* and identify any problems (eg there are already tables with the names we want to use
* @param array $dbms should be of the format of an element of the array returned by {@link get_available_dbms get_available_dbms()}
* necessary extensions should be loaded already
*/
function connect_check_db($error_connect, &$error, $dbms_details, $table_prefix, $dbhost, $dbuser, $dbpasswd, $dbname, $dbport, $prefix_may_exist = false, $load_dbal = true, $unicode_check = true)
{
global $phpbb_root_path, $phpEx, $config, $lang;
$dbms = $dbms_details['DRIVER'];
if ($load_dbal) {
// Include the DB layer
include $phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx;
}
// Instantiate it and set return on error true
$sql_db = 'dbal_' . $dbms;
$db = new $sql_db();
$db->sql_return_on_error(true);
// Check that we actually have a database name before going any further.....
if ($dbms_details['DRIVER'] != 'sqlite' && $dbms_details['DRIVER'] != 'oracle' && $dbname === '') {
$error[] = $lang['INST_ERR_DB_NO_NAME'];
return false;
}
// Make sure we don't have a daft user who thinks having the SQLite database in the forum directory is a good idea
if ($dbms_details['DRIVER'] == 'sqlite' && stripos(phpbb_realpath($dbhost), phpbb_realpath('../')) === 0) {
$error[] = $lang['INST_ERR_DB_FORUM_PATH'];
return false;
}
// Check the prefix length to ensure that index names are not too long and does not contain invalid characters
switch ($dbms_details['DRIVER']) {
case 'mysql':
case 'mysqli':
if (strspn($table_prefix, '-./\\') !== 0) {
$error[] = $lang['INST_ERR_PREFIX_INVALID'];
return false;
}
// no break;
// no break;
case 'postgres':
$prefix_length = 36;
break;
case 'mssql':
case 'mssql_odbc':
case 'mssqlnative':
$prefix_length = 90;
break;
case 'sqlite':
$prefix_length = 200;
break;
case 'firebird':
case 'oracle':
$prefix_length = 6;
break;
}
if (strlen($table_prefix) > $prefix_length) {
$error[] = sprintf($lang['INST_ERR_PREFIX_TOO_LONG'], $prefix_length);
return false;
}
// Try and connect ...
if (is_array($db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, true))) {
$db_error = $db->sql_error();
$error[] = $lang['INST_ERR_DB_CONNECT'] . '<br />' . ($db_error['message'] ? $db_error['message'] : $lang['INST_ERR_DB_NO_ERROR']);
} else {
// Likely matches for an existing phpBB installation
if (!$prefix_may_exist) {
$temp_prefix = strtolower($table_prefix);
$table_ary = array($temp_prefix . 'attachments', $temp_prefix . 'config', $temp_prefix . 'sessions', $temp_prefix . 'topics', $temp_prefix . 'users');
$tables = get_tables($db);
$tables = array_map('strtolower', $tables);
$table_intersect = array_intersect($tables, $table_ary);
if (sizeof($table_intersect)) {
$error[] = $lang['INST_ERR_PREFIX'];
}
}
// Make sure that the user has selected a sensible DBAL for the DBMS actually installed
switch ($dbms_details['DRIVER']) {
case 'mysqli':
if (version_compare(mysqli_get_server_info($db->db_connect_id), '4.1.3', '<')) {
$error[] = $lang['INST_ERR_DB_NO_MYSQLI'];
}
break;
case 'sqlite':
if (version_compare(sqlite_libversion(), '2.8.2', '<')) {
$error[] = $lang['INST_ERR_DB_NO_SQLITE'];
}
break;
case 'firebird':
// check the version of FB, use some hackery if we can't get access to the server info
if ($db->service_handle !== false && function_exists('ibase_server_info')) {
$val = @ibase_server_info($db->service_handle, IBASE_SVC_SERVER_VERSION);
preg_match('#V([\\d.]+)#', $val, $match);
if ($match[1] < 2) {
$error[] = $lang['INST_ERR_DB_NO_FIREBIRD'];
}
$db_info = @ibase_db_info($db->service_handle, $dbname, IBASE_STS_HDR_PAGES);
preg_match('/^\\s*Page size\\s*(\\d+)/m', $db_info, $regs);
$page_size = intval($regs[1]);
if ($page_size < 8192) {
$error[] = $lang['INST_ERR_DB_NO_FIREBIRD_PS'];
}
//.........这里部分代码省略.........
/**
* Get all tables used by phpBB
*/
function get_phpbb_tables()
{
global $db, $table_prefix;
static $_tables = array();
if (!empty($_tables)) {
return $_tables;
}
if (!function_exists('get_tables')) {
include PHPBB_ROOT_PATH . 'includes/functions_install.' . PHP_EXT;
}
// Function returns all tables in the database
$all_tables = get_tables($db);
// Only get tables using the phpBB prefix
if (!empty($table_prefix)) {
foreach ($all_tables as $table) {
if (strpos($table, $table_prefix) === 0) {
$_tables[] = $table;
}
}
} else {
// Use is using an empty table prefix (Bug #62537)
// no way to determine the phpBB tables, in this case
// we'll show everything with a warning that the tool
// most likely want to trash a lot of tables '-,-
global $template;
$template->assign_vars(array('ERROR_MESSAGE' => user_lang('EMPTY_PREFIX_EXPLAIN'), 'ERROR_TITLE' => user_lang('EMPTY_PREFIX')));
$_tables = $all_tables;
}
sort($_tables);
return $_tables;
}
function delete_suggestion(){
global $conn;
$tablename = $_GET['tableName'];
$suggestion_id = $_GET['suggestion_id'];
$token = $_GET['jwt'];
//we dont have to worry about checking what the result is, as as soon as it realizes we arent logged in 401 response header sent and caight by HTTP interceptor
userLoggedIn($token);
flush();
$accepted_tables = get_tables();
if(in_array($tablename, $accepted_tables)){
$tablename = htmlspecialchars($tablename);
$suggestion_id = htmlspecialchars($suggestion_id);
if($sql = $conn->prepare("DELETE FROM $tablename WHERE suggestion_id = ?")){
$sql->bind_param('s', $suggestion_id);
if( !($sql->execute()) ){
echo false;
}
}
}
}
//.........这里部分代码省略.........
include PHPBB_ROOT_PATH . 'phpbb/db/tools.' . PHP_EXT;
}
// Instantiate it and set return on error true
$sql_db = 'dbal_' . $dbms;
switch ($dbms_details['SCHEMA']) {
case 'mysql':
case 'mysqli':
$db = new phpbb\db\driver\mysql();
break;
case 'mssql':
case 'mssqlnative':
case 'mssql_odbc':
$db = new phpbb\db\driver\mssql();
break;
case 'postgres':
$db = new phpbb\db\driver\postgres();
break;
case 'sqlite':
case 'sqlite3':
$db = new phpbb\db\driver\sqlite();
break;
case 'postgres':
$db = new phpbb\db\driver\postgres();
break;
}
$db->sql_return_on_error(true);
// Check the prefix length to ensure that index names are not too long and does not contain invalid characters
switch ($dbms_details['SCHEMA']) {
case 'mysql':
case 'mysqli':
if (strspn($table_prefix, '-./\\') !== 0) {
$error[] = $user->lang['INST_ERR_PREFIX_INVALID'];
return false;
}
// no break;
// no break;
case 'postgres':
$prefix_length = 36;
break;
case 'mssql':
case 'mssqlnative':
case 'mssql_odbc':
$prefix_length = 90;
break;
case 'sqlite':
case 'sqlite3':
$prefix_length = 200;
break;
case 'oracle':
$prefix_length = 6;
break;
}
if (strlen($table_prefix) > $prefix_length) {
$error[] = $user->lang['INST_ERR_PREFIX_TOO_LONG'];
return false;
}
// Try and connect ...
if (is_array($db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, true))) {
$db_error = $db->sql_error();
$error[] = ' ' . $user->lang['INST_ERR_DB_CONNECT'] . '' . '<br />' . ($db_error['message'] ? $db_error['message'] : '' . $user->lang['INST_ERR_DB_NO_ERROR'] . '');
} else {
// Make sure that the user has selected a sensible DBAL for the DBMS actually installed
switch ($dbms_details['SCHEMA']) {
case 'mysqli':
if (version_compare(mysqli_get_server_info($db->db_connect_id), '4.1.3', '<')) {
$error[] = $user->lang['INST_ERR_DB_NO_MYSQLI'];
}
break;
case 'sqlite':
if (version_compare(sqlite_libversion(), '2.8.2', '<')) {
$error[] = $user->lang['INST_ERR_DB_NO_SQLITE'];
}
break;
case 'sqlite3':
if (version_compare(sqlite_libversion(), '3.6.15', '<')) {
$error[] = $user->lang['INST_ERR_DB_NO_SQLITE3'];
}
break;
case 'postgres':
if ($unicode_check) {
$sql = "SHOW server_encoding;";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row['server_encoding'] !== 'UNICODE' && $row['server_encoding'] !== 'UTF8') {
$error[] = $user->lang['INST_ERR_DB_NO_POSTGRES'];
}
}
break;
}
$tables = get_tables($db);
if (!in_array($table_prefix . 'acl_options', $tables) || !in_array($table_prefix . 'config', $tables) || !in_array($table_prefix . 'forums', $tables)) {
$error[] = $user->lang['CONFIG_REPAIR_NO_TABLES'];
}
}
if ($error_connect && empty($error)) {
return true;
}
return false;
}
function get_rows($table_id, $id = false)
{
global $dbh;
global $cms_user;
$results = array();
// Get table name info based on ID... forces to check if table exists
$tables = get_tables();
$table = $tables[$table_id];
if ($table) {
// If the user has header preferences for this table
$results['header_fields'] = false;
$results['sort_field'] = false;
$sth = $dbh->prepare("SELECT * FROM `directus_preferences` WHERE `user` = :user AND `name` = :name ");
$sth->bindParam(':user', $cms_user['id']);
$sth->bindParam(':name', $table);
$sth->execute();
while ($user_table_preferences = $sth->fetch()) {
$results[$user_table_preferences['type']] = $user_table_preferences['value'];
}
// Set the table names
$results['table_id'] = $table_id;
$results['name'] = $table;
$results['name_uc'] = uc_table($table);
// Get and set the table info
$table_info = get_rows_info($table);
$results['info'] = $table_info['info'];
$results['active'] = $table_info['active'];
$results['sort'] = $table_info['sort'];
$results['num'] = $table_info['num'];
$results['fields'] = $table_info['fields'];
// Get the rows
if ($id != 'bypass') {
$query_rows = "SELECT * FROM `{$table}` WHERE 1=1 ";
if ($id !== false) {
// Check to make sure this is JUST an ID
$id = intval($id);
// Limit results to just this ID if given
$query_rows .= "AND `id` = '{$id}' LIMIT 1 ";
$results['item_id'] = $id;
} else {
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Add or Update user field sort preference
// Clean variables
$_GET['direction'] = $_GET['direction'] == 'DESC' ? 'DESC' : 'ASC';
$_GET['sort'] = $_GET['sort'] == 'sort' || in_array($_GET['sort'], $results['fields']) ? $_GET['sort'] : false;
if ($_GET['sort'] && $_GET['direction']) {
if ($results['sort_field']) {
$query = "UPDATE `directus_preferences` SET `value` = :value WHERE `user` = :user AND `name` = :name AND `type` = 'sort_field' ";
} else {
$query = "INSERT INTO `directus_preferences` SET `value` = :value, `user` = :user, `name` = :name, `type` = 'sort_field' ";
}
$results['sort_field'] = $_GET['sort'] . ' ' . $_GET['direction'];
$sth = $dbh->prepare($query);
$sth->bindParam(':user', $cms_user['id']);
$sth->bindParam(':name', $table);
$sth->bindParam(':value', $results['sort_field']);
$sth->execute();
}
if ($results['sort_field']) {
// Sort by user preferences
$query_rows .= $table_info['sort'] ? "ORDER BY " . $results['sort_field'] . ", `sort` ASC " : "ORDER BY " . $results['sort_field'] . " ";
} else {
// Sort by SORT and ID if there is an sort field, or just ID if not
$query_rows .= $table_info['sort'] ? "ORDER BY `sort` ASC, `id` ASC " : "ORDER BY `id` ASC ";
}
}
$results['sql'] = $query_rows;
$results['rows'] = array();
$sth = $dbh->query($query_rows);
while ($row_rows = $sth->fetch()) {
$results['rows'][$row_rows['id']] = $row_rows;
}
}
return $results;
} else {
return false;
}
}
客服电话
APP下载
官方微信
请发表评论