Location: PHPKode > projects > Warp.cms - php/mysql content management > warp_121/ax_op.php
<?php

// [warp administration module - main op v.1.2.1]
// xantis.warp.cms - version 1.2
// (c) 2002 xantis - all rights reserved
// this code is registered and protected by international copyrights laws


//####### Register Globals !

extract($HTTP_ENV_VARS);
extract($HTTP_GET_VARS);
extract($HTTP_POST_VARS);
extract($HTTP_COOKIE_VARS);
extract($HTTP_SERVER_VARS);

//#########################


$xnt_control_var = 'xnt2002warp.cms';
require("lib_main.php");




function xdo_data_process () {

//----- secure checks
global	$wxu, $wxp;
global	$REQUEST_METHOD, $QUERY_STRING ;

//---- cfg
global	$arr_var_result, $xmy_wr_ok_msg, $xmy_wr_aff_msg, $ax_website_addr, $ax_backup_sql_dir, $dbname ;

//----- internal
global	$my_form;
global	$d, $op, $xid, $offset, $qval, $q_url;


//------------------------ check http referer (apache specific)
$hlx_apache_headers = getallheaders();
$hlx_apache_headers_reff = $hlx_apache_headers['Referer'];
$hlx_warp_ax_location = "$ax_website_addr".'ax_main.php';
if (!eregi($hlx_warp_ax_location, $hlx_apache_headers_reff)) {
	xtext_error ('Bad HTTP Referer !<br>');
	die ('');
} //end if
//------------------------

//------------------------ check request method
//check request method and admin
if ( ($REQUEST_METHOD <> 'POST') OR (!empty($QUERY_STRING)) ) {
	xtext_error ('Bad Request Method !<br>');
	die ('');
} //end if
//------------------------

//------------------------ check admin auth
//read from admins
xmysql_read_data_ax ("SELECT id, x_insert, x_edit, x_delete, x_full FROM admins WHERE ( (MD5(name)='$wxu') AND (MD5(pass)='$wxp') )");
$ylocal_ax_admid = $arr_var_result[0];
if (empty($ylocal_ax_admid)) {
	xtext_error ('Authorization failed !<br>');
	die ('');
} //end if
$ylocal_ax_adm_r_insert = $arr_var_result[1];
$ylocal_ax_adm_r_edit = $arr_var_result[2];
$ylocal_ax_adm_r_delete = $arr_var_result[3];
$ylocal_ax_adm_r_full = $arr_var_result[4];
//------------------------

//------------------------ check special table
xmysql_read_data_ax ("SELECT special, id FROM warp_tables_defs WHERE (tbl_name='$d')");
if ( ($arr_var_result[0] == 'y') AND ($ylocal_ax_adm_r_full != 'y') ) {
	xtext_error ('You have not enough ADMINISTRATIVE PRIVILEGES in order to complete this operation. Operation FAILED !');
	die('');
} //end if
//------------------------


$vop_done = 'notok';


//----------------------------------------------------------------- BACKUP
if ( ($op == 'bkp') AND ($ylocal_ax_adm_r_full == 'y') ) {

	$vop_done = 'ok';

	ini_set(max_execution_time, '900');

	xmysql_read_data_ax (" SELECT tbl_name FROM warp_tables_defs ORDER BY tbl_name ASC ");
	$arr_xdb_xwarp_tables = array();
	$arr_xdb_xwarp_tables = $arr_var_result;
	$arr_var_result = array();


	$build_querry = "\n";

	$build_querry .= '# :: warp.cms :: '.$ax_website_addr."\n" ;
	$build_querry .= '#==========================================================================='."\n" ;
	$build_querry .= '# DATABASE : '.$dbname."\n" ;
	$build_querry .= '# WARP TABLE CHK [@hide@address.com@hide@address.com@hide@address.com@hide@address.com@hide@address.com@database:'.$dbname.'%w%a%r%p%.%c%m%s%v%1.2%]'."\n" ;
	$build_querry .= '#==========================================================================='."\n\n" ;


	for ($ivh=0; $ivh<count($arr_xdb_xwarp_tables); $ivh++) {

		$ax_hlx_db_tbl_name = $arr_xdb_xwarp_tables[$ivh] ;

		//table info
		xmysql_read_data_ax (" SHOW CREATE TABLE $ax_hlx_db_tbl_name ");
		//$arr_var_result
		$build_querry_structure = $arr_var_result[1];

		// do querry
		$result = @mysql_query(" SELECT * FROM $ax_hlx_db_tbl_name ");
		$number_of_rows = @mysql_num_rows($result);
		$number_of_fields = @mysql_num_fields($result);

		$build_querry .= '#---------------------------------------------------------------------------'."\n" ;
		$build_querry .= '# TABLE : '.$ax_hlx_db_tbl_name.' [ '.date("Y-m-d").'  '.date("H:i:s").' ]'."\n" ;
		$build_querry .= "# Total $number_of_rows records \n" ;
		$build_querry .= '#---------------------------------------------------------------------------'."\n\n" ;
		$build_querry .= 'DROP TABLE IF EXISTS `'.$ax_hlx_db_tbl_name."` ;\n" ;
		$build_querry .= $build_querry_structure." ;\n" ;
		$build_querry .= '#---------------------------------------------------------------------------'."\n\n" ;

		//check mysql error
		if (@mysql_errno() == 0) {
			for ($i=0; $i < $number_of_rows; $i++) {
				$build_querry .= "INSERT INTO $ax_hlx_db_tbl_name VALUES (" ;
				$record = @mysql_fetch_row($result);
				for ($ii=0; $ii < $number_of_fields; $ii++) {
					$record_ii_tmp = '';
					$record_ii_tmp = "'".addslashes($record[$ii])."'" ;
					$record_ii_tmp = str_replace("\r", '\r', $record_ii_tmp);
					$record_ii_tmp = str_replace("\n", '\n', $record_ii_tmp);
					$record_ii_tmp = str_replace("\t", '\t', $record_ii_tmp);
					if ($ii < ($number_of_fields - 1)) {
						$build_querry .= $record_ii_tmp.', ' ;
					} //end if
					else {
						$build_querry .= $record_ii_tmp.')'." ;\n" ;
					} //end else
				} // end for
			} //end for
		} //end if
		else {
			$xresult = @mysql_error();
			xtext_admin_error ('<br>&nbsp;&nbsp;&nbsp;MySQL ERROR : '.htmlspecialchars($xresult));
			xtext_admin ('<br>MySQL Query : '.htmlspecialchars($queryval));
			die('');
		} //end else

		@mysql_free_result ($result);

		$build_querry .= "\n" ;
		$build_querry .= '#---------------------------------------------------------------------------'."\n\n\n" ;

	} //end for

	$build_querry .= '#==========================================================================='."\n\n" ;
	$build_querry .= "SELECT BENCHMARK(100, SUM(1+1)) \n" ;
	$build_querry .= "# END OF FILE\n" ;

	$ax_hlx_tmpx_file_namex = 'warp_backup'.'_'.time().'_'.rand(100,999).'.sql';
	$file_backup_xx = fopen ($ax_backup_sql_dir.'/'.$ax_hlx_tmpx_file_namex, "w+");
	fwrite ($file_backup_xx, $build_querry);
	fclose ($file_backup_xx);

	$x_output = 'The backup SQL File has been saved under `'.$ax_backup_sql_dir.'` folder as : `'.$ax_hlx_tmpx_file_namex.'` !';
	$x_output = rawurlencode($x_output);
	$x_response_addr = "$ax_website_addr"."ax_main.php?d=$d&op=answer&anstxt=$x_output&offset=0&qval=";
	header("Location: $x_response_addr");

} //end if


//----------------------------------------------------------------- EMPTY
if ( ($op == 'empty') AND ($ylocal_ax_adm_r_delete == 'y') ) {

	$vop_done = 'ok';

	xmysql_write_data_ax (" DELETE FROM $d ");
	if ($xmy_wr_ok_msg == 'okmysqlwriteoperation') {
		$x_output = 'Operation Completed ! - '.' Table '.$d.' has been emptied !' ;
	} //end if
	else {
		$x_output = 'Errors reported while trying to empty Table $d !' ;
	} //end else

	$x_output = rawurlencode($x_output);
	$x_response_addr = "$ax_website_addr"."ax_main.php?d=$d&op=answer&anstxt=$x_output&offset=0&qval=";
	header("Location: $x_response_addr");

} //end if



//----------------------------------------------------------------- DELETE
if ( ($op == 'del') AND ($ylocal_ax_adm_r_delete == 'y') ) {

	$vop_done = 'ok';

	xmysql_write_data_ax (" DELETE FROM $d WHERE (id='$xid') ");
	if ($xmy_wr_ok_msg == 'okmysqlwriteoperation') {
		$x_output = 'Operation Completed ! - '.'MySQL Rows Deleted on Table '.$d.' : '.$xmy_wr_aff_msg ;
	} //end if
	else {
		$x_output = 'Errors reported ! - '.'MySQL Rows Deleted on Table '.$d.' : '.$xmy_wr_aff_msg ;
	} //end else

	$x_output = rawurlencode($x_output);
	$x_response_addr = "$ax_website_addr"."ax_main.php?d=$d&op=answer&anstxt=$x_output&offset=0&qval=$qval";
	header("Location: $x_response_addr");

} //end if


//----------------------------------------------------------------- INSERT
if ( ($op == 'add') AND ($ylocal_ax_adm_r_insert == 'y') ) {

	$vop_done = 'ok';

	//init
	$buli_querr_add_all = " INSERT INTO $d ";
	$buli_querr_add_flds = ' ( ';
	$buli_querr_add_vals = ' VALUES ( ';

	while (list($key, $val) = each($my_form)) {

		$key = rawurldecode($key);

		xmysql_read_data_ax (" SELECT field_write_proc FROM warp_tables_fields WHERE ( (field_name='$key') AND (table_own='$d') ) ");
		//$arr_var_result

		if (empty($arr_var_result[0])) {
			if (is_array($val)) {
				$val_x = implode(',', $val);
			} //end if
			else {
				$val_x = $val;
			} //end if
		} //end if
		else {
			$val = stripslashes($val); //remove slashes for processing
				//$val_x = _process_list_($val);
				eval (' '."\n"."$arr_var_result[0]".' '."\n");
			$val_x = addslashes($val_x); //restoring slashes if any
		} //end else

	        $buli_querr_add_flds = $buli_querr_add_flds.' '.$key.',';
		$buli_querr_add_vals = $buli_querr_add_vals."'".$val_x."',";

	} //end while

	//remove last comma
	$buli_querr_add_flds = substr($buli_querr_add_flds, 0, -1);
	$buli_querr_add_vals = substr($buli_querr_add_vals, 0, -1);

	//end
	$buli_querr_add_flds = $buli_querr_add_flds.' ) ';
	$buli_querr_add_vals = $buli_querr_add_vals.' ) ';
	$buli_querr_add_all = $buli_querr_add_all.$buli_querr_add_flds.$buli_querr_add_vals ;

	xmysql_write_data_ax (" $buli_querr_add_all ");
	if ($xmy_wr_ok_msg == 'okmysqlwriteoperation') {
		$x_output = 'Operation Completed ! - '.'MySQL Rows Inserted on Table '.$d.' : '.$xmy_wr_aff_msg ;
	} //end if
	else {
		$x_output = 'Errors reported ! - '.'MySQL Rows Inserted on Table '.$d.' : '.$xmy_wr_aff_msg ;
	} //end else

	$x_output = rawurlencode($x_output);
	$x_response_addr = "$ax_website_addr"."ax_main.php?d=$d&op=answer&anstxt=$x_output&offset=$offset&qval=$qval";
	header("Location: $x_response_addr");

} //end if


//----------------------------------------------------------------- EDIT / UPDATE
if ( ($op == 'upd') AND ($ylocal_ax_adm_r_edit == 'y') ) {

	$vop_done = 'ok';

	//init
	$buli_querr_upd = " UPDATE $d SET  ";

	while (list($key, $val) = each($my_form)) {

		$key = rawurldecode($key);

		xmysql_read_data_ax (" SELECT field_write_proc FROM warp_tables_fields WHERE ( (field_name='$key') AND (table_own='$d') ) ");
		//$arr_var_result

		$val_x = '';
		$val_x_ctrlx = ''; // must be `skip` for skipping

		if (empty($arr_var_result[0])) {
			if (is_array($val)) {
				$val_x = implode(',', $val);
			} //end if
			else {
				$val_x = $val;
			} //end if
		} //end if
		else {
			$val = stripslashes($val); //remove slashes for processing
				//$val_x = _process_list_($val);
				eval (' '."\n"."$arr_var_result[0]".' '."\n");
			$val_x = addslashes($val_x); //restoring slashes if any
		} //end else

		//build if not skipped
		if ($val_x_ctrlx != 'skip') {
	       		$buli_querr_upd = $buli_querr_upd.' '.$key."='".$val_x."',";
		} //end if

	} //end while

	//remove last comma
	$buli_querr_upd = substr($buli_querr_upd, 0, -1);

	//end
	$buli_querr_upd = $buli_querr_upd."  WHERE (id='$xid') ";


	xmysql_write_data_ax (" $buli_querr_upd ");
	if ($xmy_wr_ok_msg == 'okmysqlwriteoperation') {
		$x_output = 'Operation Completed ! - '.'MySQL Rows Updated on Table '.$d.' : '.$xmy_wr_aff_msg ;
	} //end if
	else {
		$x_output = 'Errors reported ! - '.'MySQL Rows Updated on Table '.$d.' : '.$xmy_wr_aff_msg ;
	} //end else

	$x_output = rawurlencode($x_output);
	$x_response_addr = "$ax_website_addr"."ax_main.php?d=$d&op=answer&anstxt=$x_output&offset=$offset&qval=$qval";
	header("Location: $x_response_addr");

} //end if


//----------------------------------------------------------------- ELSE

if ($vop_done != 'ok') {

	$x_output = 'You have not enough ADMINISTRATIVE PRIVILEGES in order to complete this operation. Operation FAILED !';
	$x_output = rawurlencode($x_output);
	$x_response_addr = "$ax_website_addr"."ax_main.php?d=$d&op=answer&anstxt=$x_output&offset=$offset&qval=$qval";
	header("Location: $x_response_addr");

} //end if


} //END FUNCTION




//-------------------------
xdo_data_process ();
//-------------------------


// end of php code
?>
Return current item: Warp.cms - php/mysql content management