186 lines
6.1 KiB
PHP
186 lines
6.1 KiB
PHP
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Execute Query</title>
|
|
<script>
|
|
// JavaScript function to populate the textarea with the clicked query
|
|
function populateQuery(query) {
|
|
document.getElementById('query').value = query;
|
|
}
|
|
</script>
|
|
<style>
|
|
table { border: 1px solid grey; border-collapse: collapse; }
|
|
</style>
|
|
</head>
|
|
<body>
|
|
|
|
<?php
|
|
// Allowed IP address
|
|
$allowed_ip1 = '47.45.92.162';
|
|
$ip2 = '207.62.201.30';
|
|
|
|
function get_client_ip() {
|
|
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
|
|
// It may contain multiple IPs separated by commas, so we take the first one
|
|
$ip_list = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
|
|
$ip = trim($ip_list[0]);
|
|
} elseif (isset($_SERVER['HTTP_X_REAL_IP'])) {
|
|
// Some proxies may use this header
|
|
$ip = $_SERVER['HTTP_X_REAL_IP'];
|
|
} else {
|
|
// Fallback to REMOTE_ADDR
|
|
$ip = $_SERVER['REMOTE_ADDR'];
|
|
}
|
|
return $ip;
|
|
}
|
|
|
|
// Get client IP address
|
|
$client_ip = get_client_ip();
|
|
|
|
// Check if the incoming IP address matches the allowed IP
|
|
if ($client_ip !== $allowed_ip1 && $client_ip !== $ip2) {
|
|
die("Access denied. Unauthorized IP address.");
|
|
}
|
|
?>
|
|
|
|
<h2>Execute Query</h2>
|
|
<form method="post" action="">
|
|
<textarea id="query" name="query" rows="4" cols="50" placeholder="Enter your MySQL query here"><?php
|
|
echo $_POST['query'];
|
|
?></textarea><br><br>
|
|
<button type="submit" name="submit">Execute Query</button>
|
|
</form>
|
|
|
|
<h3>Available Queries</h3>
|
|
<ul>
|
|
<?php
|
|
$file = 'queries.txt';
|
|
|
|
// Check if the file exists, if not, create it
|
|
/*
|
|
if (!file_exists($file)) {
|
|
$writeResult = file_put_contents($file, ""); // Create the file if it doesn't exist
|
|
|
|
// Check if the file write was successful
|
|
if ($writeResult === false) {
|
|
echo "<p>Error: Could not write {$file}</p>";
|
|
}
|
|
|
|
} */
|
|
|
|
// Open the queries.txt file and read each line
|
|
/*if (file_exists($file)) {
|
|
$queries = file($file, FILE_IGNORE_NEW_LINES); // Read lines into an array
|
|
foreach ($queries as $query) {
|
|
// Create a link for each query in the file
|
|
echo '<li><a href="#" onclick="populateQuery(\'' . addslashes($query) . '\')">' . htmlspecialchars($query) . '</a></li>';
|
|
}
|
|
} else {
|
|
echo "<p>{$file} file not found.</p>";
|
|
}
|
|
*/
|
|
|
|
|
|
if (file_exists($file)) {
|
|
$queries = file($file, FILE_IGNORE_NEW_LINES); // Read lines into an array
|
|
echo '<select id="querySelect" onchange="populateQuery(this.value)">';
|
|
echo '<option value="">Select a query...</option>'; // Default placeholder option
|
|
|
|
foreach ($queries as $line) {
|
|
list($label, $query) = explode('|', $line, 2); // Split label and query
|
|
echo '<option value="' . $query . '">' . htmlspecialchars($label) . '</option>';
|
|
}
|
|
|
|
echo '</select>';
|
|
} else {
|
|
echo "<p>{$file} file not found.</p>";
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
?>
|
|
</ul>
|
|
|
|
|
|
<?php
|
|
if (isset($_POST['submit'])) {
|
|
// Connection parameters (adjust for your MySQL server)
|
|
include_once("peter_db.php");
|
|
$peter_db = new peter_db();
|
|
$conn = $peter_db -> getConnection();
|
|
|
|
// Check connection
|
|
if ($conn->connect_error) {
|
|
die("Connection failed: " . $conn->connect_error);
|
|
}
|
|
|
|
$query = $_POST['query']; // Get the query from the text area
|
|
|
|
// Split the query if multiple queries are entered
|
|
$queries = explode(';', $query);
|
|
|
|
// Process each query
|
|
foreach ($queries as $sql) {
|
|
$sql = trim($sql); // Remove extra spaces
|
|
|
|
echo $sql;
|
|
echo "<p>\n";
|
|
if ($sql) {
|
|
$result = $conn->query($sql);
|
|
|
|
print_r($result);
|
|
|
|
|
|
|
|
if ($result === FALSE) {
|
|
echo "<p>Error: " . $conn->error . "</p>";
|
|
} elseif ($result === TRUE) {
|
|
echo "<p>Query executed successfully.</p>";
|
|
} else {
|
|
// If it's a SELECT query, display results in a table
|
|
echo "<table border='1'><tr>";
|
|
// Display table headers
|
|
$fields = $result->fetch_fields();
|
|
foreach ($fields as $field) {
|
|
echo "<th>" . $field->name . "</th>";
|
|
}
|
|
echo "</tr>";
|
|
|
|
// Display rows
|
|
while ($row = $result->fetch_assoc()) {
|
|
echo "<tr>";
|
|
foreach ($row as $value) {
|
|
//echo "<td>" . htmlspecialchars($value) . "</td>";
|
|
echo "<td>" . $value . "</td>";
|
|
}
|
|
echo "</tr>";
|
|
}
|
|
echo "</table><br><br>";
|
|
}
|
|
}
|
|
}
|
|
|
|
/*
|
|
// Now let's append the query to queries.txt if it's not already there
|
|
$queries = file($file, FILE_IGNORE_NEW_LINES); // Read the existing queries into an array
|
|
if (!in_array($query, $queries)) {
|
|
$queries[] = $query; // Add the new query to the array
|
|
sort($queries); // Sort the queries alphabetically
|
|
file_put_contents($file, implode(PHP_EOL, $queries) . PHP_EOL); // Save the sorted queries back to the file
|
|
//echo "<p>Query added to queries.txt.</p>";
|
|
} else {
|
|
echo "";
|
|
//echo "<p>Query already exists in queries.txt.</p>";
|
|
}
|
|
*/
|
|
|
|
|
|
$conn->close();
|
|
}
|
|
?>
|
|
</body>
|
|
</html>
|