SQL Query: Removed.

Command: Integrate SQL Query functionality within Command app.
(Note: Permission and Menu modifications - please Restore Defaults)

app_config.php

@@ -1,36 +1,43 @@
-<?php
-
-	//application details
-		$apps[$x]['name'] = "Exec";
-		$apps[$x]['uuid'] = "1dd98ca6-95f1-e728-7e8f-137fe18dc23c";
-		$apps[$x]['category'] = "System";
-		$apps[$x]['subcategory'] = "";
-		$apps[$x]['version'] = "";
-		$apps[$x]['license'] = "Mozilla Public License 1.1";
-		$apps[$x]['url'] = "http://www.fusionpbx.com";
-		$apps[$x]['description']['en-us'] = "Provides a conventient way to execute system, PHP, and switch commands.";
-		$apps[$x]['description']['es-cl'] = "Provee un modo conveniente de ejecutar comandos de sistema, PHP o del switch.";
-		$apps[$x]['description']['es-mx'] = "Provee un modo conveniente de ejecutar comandos de sistema, PHP o del switch.";
-		$apps[$x]['description']['de-de'] = "";
-		$apps[$x]['description']['de-ch'] = "";
-		$apps[$x]['description']['de-at'] = "";
-		$apps[$x]['description']['fr-fr'] = "Offre un mode pour exécuter des commandes système, PHP ou switch.";
-		$apps[$x]['description']['fr-ca'] = "Il offre un mode d'exécuter des commandes du système, PHP ou switch.";
-		$apps[$x]['description']['fr-ch'] = "";
-		$apps[$x]['description']['pt-pt'] = "Ofereçe uma forma conveniente para executar comandos de sistema, PHP e switch.";
-		$apps[$x]['description']['pt-br'] = "";
-
-	//permission details
-		$apps[$x]['permissions'][0]['name'] = "exec_command_line";
-		$apps[$x]['permissions'][0]['menu']['uuid'] = "06493580-9131-ce57-23cd-d42d69dd8526";
-		$apps[$x]['permissions'][0]['groups'][] = "superadmin";
-
-		$apps[$x]['permissions'][1]['name'] = "exec_php_command";
-		$apps[$x]['permissions'][1]['menu']['uuid'] = "06493580-9131-ce57-23cd-d42d69dd8526";
-		$apps[$x]['permissions'][1]['groups'][] = "superadmin";
-
-		$apps[$x]['permissions'][2]['name'] = "exec_switch";
-		$apps[$x]['permissions'][2]['menu']['uuid'] = "06493580-9131-ce57-23cd-d42d69dd8526";
-		$apps[$x]['permissions'][2]['groups'][] = "superadmin";
-
+<?php
+
+	//application details
+		$apps[$x]['name'] = "Exec";
+		$apps[$x]['uuid'] = "1dd98ca6-95f1-e728-7e8f-137fe18dc23c";
+		$apps[$x]['category'] = "System";
+		$apps[$x]['subcategory'] = "";
+		$apps[$x]['version'] = "";
+		$apps[$x]['license'] = "Mozilla Public License 1.1";
+		$apps[$x]['url'] = "http://www.fusionpbx.com";
+		$apps[$x]['description']['en-us'] = "Provides a conventient way to execute system, PHP, switch and SQL commands.";
+		$apps[$x]['description']['es-cl'] = "Provee un modo conveniente de ejecutar comandos de sistema, PHP o del switch.";
+		$apps[$x]['description']['es-mx'] = "Provee un modo conveniente de ejecutar comandos de sistema, PHP o del switch.";
+		$apps[$x]['description']['de-de'] = "";
+		$apps[$x]['description']['de-ch'] = "";
+		$apps[$x]['description']['de-at'] = "";
+		$apps[$x]['description']['fr-fr'] = "Offre un mode pour exécuter des commandes système, PHP ou switch.";
+		$apps[$x]['description']['fr-ca'] = "Il offre un mode d'exécuter des commandes du système, PHP ou switch.";
+		$apps[$x]['description']['fr-ch'] = "";
+		$apps[$x]['description']['pt-pt'] = "Ofereçe uma forma conveniente para executar comandos de sistema, PHP e switch.";
+		$apps[$x]['description']['pt-br'] = "";
+
+	//permission details
+		$apps[$x]['permissions'][0]['name'] = "exec_view";
+		$apps[$x]['permissions'][0]['menu']['uuid'] = "06493580-9131-ce57-23cd-d42d69dd8526";
+		$apps[$x]['permissions'][0]['groups'][] = "superadmin";
+	
+		$apps[$x]['permissions'][1]['name'] = "exec_command";
+		$apps[$x]['permissions'][1]['groups'][] = "superadmin";
+
+		$apps[$x]['permissions'][2]['name'] = "exec_php";
+		$apps[$x]['permissions'][2]['groups'][] = "superadmin";
+
+		$apps[$x]['permissions'][3]['name'] = "exec_switch";
+		$apps[$x]['permissions'][3]['groups'][] = "superadmin";
+
+		$apps[$x]['permissions'][4]['name'] = "exec_sql";
+		$apps[$x]['permissions'][4]['groups'][] = "superadmin";
+		
+		$apps[$x]['permissions'][5]['name'] = "exec_sql_backup";
+		$apps[$x]['permissions'][5]['groups'][] = "superadmin";
+
 ?>

app_languages.php

@@ -1,5 +1,15 @@
 <?php
 
+$text['title-databases']['en-us'] = "Databases";
+$text['title-databases']['es-cl'] = "Bases de datos";
+$text['title-databases']['pt-pt'] = "Bases de Dados";
+$text['title-databases']['fr-fr'] = "Bases de données";
+$text['title-databases']['pt-br'] = "Base de dados";
+$text['title-databases']['pl'] = "Bazy danych";
+$text['title-databases']['sv-se'] = "Databaser";
+$text['title-databases']['uk'] = "Бази даних";
+$text['title-databases']['de-at'] = "Datenbanken";
+
 $text['title-command']['en-us'] = "Command";
 $text['title-command']['es-cl'] = "Comando";
 $text['title-command']['pt-pt'] = "Comando";
@@ -10,6 +20,46 @@ $text['title-command']['sv-se'] = "Kommando";
 $text['title-command']['uk'] = "Команди";
 $text['title-command']['de-at'] = "Befehl";
 
+$text['option-result_type_view']['en-us'] = "View";
+$text['option-result_type_view']['es-cl'] = "Ver";
+$text['option-result_type_view']['pt-pt'] = "Ver";
+$text['option-result_type_view']['fr-fr'] = "Voir";
+$text['option-result_type_view']['pt-br'] = "Visualizar";
+$text['option-result_type_view']['pl'] = "Widok";
+$text['option-result_type_view']['sv-se'] = "Granska";
+$text['option-result_type_view']['uk'] = "Перегляд";
+$text['option-result_type_view']['de-at'] = "Ansicht";
+
+$text['option-result_type_insert']['en-us'] = "SQL Inserts";
+$text['option-result_type_insert']['es-cl'] = "Inserciones SQL";
+$text['option-result_type_insert']['pt-pt'] = "Inserções SQL";
+$text['option-result_type_insert']['fr-fr'] = "Insertion SQL";
+$text['option-result_type_insert']['pt-br'] = "Inserir SQL";
+$text['option-result_type_insert']['pl'] = "Wstawianie SQL";
+$text['option-result_type_insert']['sv-se'] = "SQL Inserts";
+$text['option-result_type_insert']['uk'] = "SQL Inserts ";
+$text['option-result_type_insert']['de-at'] = "SQL Inserts";
+
+$text['option-result_type_csv']['en-us'] = "CSV Download";
+$text['option-result_type_csv']['es-cl'] = "Descargar CSV";
+$text['option-result_type_csv']['pt-pt'] = "Descarregar CSV";
+$text['option-result_type_csv']['fr-fr'] = "Télécharger le CSV";
+$text['option-result_type_csv']['pt-br'] = "Download CSV";
+$text['option-result_type_csv']['pl'] = "Pobieranie w formacie CSV";
+$text['option-result_type_csv']['sv-se'] = "Ladda Ned CSV";
+$text['option-result_type_csv']['uk'] = "CSV Download ";
+$text['option-result_type_csv']['de-at'] = "CSV Download";
+
+$text['label-table']['en-us'] = "Table";
+$text['label-table']['es-cl'] = "Tabla";
+$text['label-table']['pt-pt'] = "Tabela";
+$text['label-table']['fr-fr'] = "Table";
+$text['label-table']['pt-br'] = "Tabela";
+$text['label-table']['pl'] = "Tabela";
+$text['label-table']['sv-se'] = "TAbell";
+$text['label-table']['uk'] = "Таблиця";
+$text['label-table']['de-at'] = "Tabelle";
+
 $text['label-switch']['en-us'] = "Switch";
 $text['label-switch']['es-cl'] = "Comando de switch";
 $text['label-switch']['pt-pt'] = "Comando Freeswitch";
@@ -30,6 +80,26 @@ $text['label-shell']['sv-se'] = "Shell";
 $text['label-shell']['uk'] = "Консоль";
 $text['label-shell']['de-at'] = "Shell";
 
+$text['label-results']['en-us'] = "Results";
+$text['label-results']['es-cl'] = "Resultados";
+$text['label-results']['pt-pt'] = "Resultados";
+$text['label-results']['fr-fr'] = "Résultats";
+$text['label-results']['pt-br'] = "Resultados";
+$text['label-results']['pl'] = "Rezultaty";
+$text['label-results']['sv-se'] = "Resultat";
+$text['label-results']['uk'] = "Результати";
+$text['label-results']['de-at'] = "Ergebnisse";
+
+$text['label-result_type']['en-us'] = "Result";
+$text['label-result_type']['es-cl'] = "Resultado";
+$text['label-result_type']['pt-pt'] = "Resultado";
+$text['label-result_type']['fr-fr'] = "Résultat";
+$text['label-result_type']['pt-br'] = "Resultado";
+$text['label-result_type']['pl'] = "Rezultat";
+$text['label-result_type']['sv-se'] = "Resultat";
+$text['label-result_type']['uk'] = "Результат";
+$text['label-result_type']['de-at'] = "Ergebnis";
+
 $text['label-response']['en-us'] = "Response";
 $text['label-response']['es-cl'] = "Respuesta";
 $text['label-response']['pt-pt'] = "Resposta";
@@ -54,6 +124,26 @@ $text['label-reset']['ro'] = "Inițializare";
 $text['label-reset']['fa'] = "";
 $text['label-reset']['ar-eg'] = "إعادة تعيين";
 
+$text['label-records']['en-us'] = "Records";
+$text['label-records']['es-cl'] = "Archivos";
+$text['label-records']['pt-pt'] = "Registros";
+$text['label-records']['fr-fr'] = "Enregistrements";
+$text['label-records']['pt-br'] = "Registros";
+$text['label-records']['pl'] = "Dokumentacja";
+$text['label-records']['sv-se'] = "Uppgifter";
+$text['label-records']['uk'] = "документація";
+$text['label-records']['de-at'] = "Aufzeichnungen";
+
+$text['label-sql']['en-us'] = "SQL";
+$text['label-sql']['es-cl'] = "SQL";
+$text['label-sql']['pt-pt'] = "SQL";
+$text['label-sql']['fr-fr'] = "SQL";
+$text['label-sql']['pt-br'] = "SQL";
+$text['label-sql']['pl'] = "SQL";
+$text['label-sql']['sv-se'] = "SQL";
+$text['label-sql']['uk'] = "SQL";
+$text['label-sql']['de-at'] = "SQL";
+
 $text['label-php']['en-us'] = "PHP";
 $text['label-php']['es-cl'] = "Comando PHP";
 $text['label-php']['pt-pt'] = "Comandos PHP";
@@ -74,7 +164,27 @@ $text['label-execute']['sv-se'] = "Utför Kommando";
 $text['label-execute']['uk'] = "Виконання команд";
 $text['label-execute']['de-at'] = "Ausführen";
 
-$text['description-switch']['en-us'] = "For a list of the valid commands use: help";
+$text['label-error']['en-us'] = "Error";
+$text['label-error']['es-cl'] = "Error";
+$text['label-error']['pt-pt'] = "Erro";
+$text['label-error']['fr-fr'] = "Erreur";
+$text['label-error']['pt-br'] = "Erro";
+$text['label-error']['pl'] = "Błąd";
+$text['label-error']['sv-se'] = "Fel";
+$text['label-error']['uk'] = "Помилка";
+$text['label-error']['de-at'] = "Fehler";
+
+$text['header-databases']['en-us'] = "Databases";
+$text['header-databases']['es-cl'] = "Bases de datos";
+$text['header-databases']['pt-pt'] = "Bases de Dados";
+$text['header-databases']['fr-fr'] = "Bases de données";
+$text['header-databases']['pt-br'] = "Base de dados";
+$text['header-databases']['pl'] = "Bazy danych";
+$text['header-databases']['sv-se'] = "Databaser";
+$text['header-databases']['uk'] = "Бази даних";
+$text['header-databases']['de-at'] = "Datenbanken";
+
+$text['description-switch']['en-us'] = "Switch CLI. View valid commands with: 'help'.";
 $text['description-switch']['es-cl'] = "Para un listado de comandos válidos use: help";
 $text['description-switch']['pt-pt'] = "Para uma lista dos comandos válidos utilize: help";
 $text['description-switch']['fr-fr'] = "Pour la liste des commandes valides, utiliser : help";
@@ -84,7 +194,7 @@ $text['description-switch']['sv-se'] = "För en lista med giltiga kommandon anv
 $text['description-switch']['uk'] = "Для перегляду списку команд виконайте команду: help";
 $text['description-switch']['de-at'] = "Um eine Liste der gültigen Befehle zu bekommen tippen Sie: 'help'";
 
-$text['description-shell']['en-us'] = "System commands.";
+$text['description-shell']['en-us'] = "Execute system commands.";
 $text['description-shell']['es-cl'] = "Comandos de sistema";
 $text['description-shell']['pt-pt'] = "Comandos do sistema.";
 $text['description-shell']['fr-fr'] = "Commande Système";
@@ -94,17 +204,27 @@ $text['description-shell']['sv-se'] = "System Kommandon.";
 $text['description-shell']['uk'] = "Системні команди";
 $text['description-shell']['de-at'] = "System Befehle";
 
-$text['description-php']['en-us'] = "Use the following link as a reference for PHP: <a href='http://php.net/manual/en/index.php' target='_blank'>PHP Manual";
-$text['description-php']['es-cl'] = "Utilice el siguiente enlace como referencia para PHP: <a href='http://php.net/manual/en/index.php' target='_blank'>Manual PHP";
-$text['description-php']['pt-pt'] = "Utilize a ligação seguinte como referência para o PHP: <a href='http://php.net/manual/en/index.php' target='_blank'>PHP Manual";
-$text['description-php']['fr-fr'] = "Utiliser le lien suivant comme référence pour le PHP: <a href='http://php.net/manual/fr/index.php' target='_blank'>Manuel PHP";
-$text['description-php']['pt-br'] = "Utilize a ligação seguinte como referência para o PHP: PHP Manual ";
-$text['description-php']['pl'] = "Aby użyć odniesienia do PHP kliknij na ten link: PHP manual";
-$text['description-php']['sv-se'] = "Använd följande länk som en referens gällande PHP: PHP Manual ";
-$text['description-php']['uk'] = "Посилання на довідку PHP: PHP Manual";
-$text['description-php']['de-at'] = "Benutzen Sie folgenden Link als PHP Referenz: <a href='http://php.net/manual/en/index.php' target='_blank'>PHP Manual</a>";
-
-$text['description-execute']['en-us'] = "Provides a conventient way to execute system, PHP, and switch commands.";
+$text['description-sql']['en-us'] = "Execute statements against the database.";
+$text['description-sql']['es-cl'] = "Ejecutar instrucciones de consulta contra la base de datos.";
+$text['description-sql']['pt-pt'] = "Executar instruções de consulta no banco de dados.";
+$text['description-sql']['fr-fr'] = "Exécuter les instructions de requête contre la base de données.";
+$text['description-sql']['pt-br'] = "Executar instruções de consulta no banco de dados.";
+$text['description-sql']['pl'] = "Wykonać polecenie zapytania do bazy danych.";
+$text['description-sql']['sv-se'] = "Utför fråge uttalanden mot databasen.";
+$text['description-sql']['uk'] = "Виконання операторів запитів до бази даних.";
+$text['description-sql']['de-at'] = "Führen Sie Abfrage-Anweisungen für die Datenbank.";
+
+$text['description-php']['en-us'] = "Execute PHP commands.  See: <a href='http://php.net/manual/' target='_blank'>PHP Manual</a>";
+$text['description-php']['es-cl'] = "Utilice el siguiente enlace como referencia para PHP: <a href='http://php.net/manual/' target='_blank'>Manual PHP</a>";
+$text['description-php']['pt-pt'] = "Utilize a ligação seguinte como referência para o PHP: <a href='http://php.net/manual/' target='_blank'>PHP Manual</a>";
+$text['description-php']['fr-fr'] = "Utiliser le lien suivant comme référence pour le PHP: <a href='http://php.net/manual/' target='_blank'>Manuel PHP</a>";
+$text['description-php']['pt-br'] = "Utilize a ligação seguinte como referência para o PHP: <a href='http://php.net/manual/' target='_blank'>PHP Manual</a>";
+$text['description-php']['pl'] = "Aby użyć odniesienia do PHP kliknij na ten link: <a href='http://php.net/manual/' target='_blank'>PHP Manual</a>";
+$text['description-php']['sv-se'] = "Använd följande länk som en referens gällande PHP: <a href='http://php.net/manual/' target='_blank'>PHP Manual</a>";
+$text['description-php']['uk'] = "Посилання на довідку PHP: <a href='http://php.net/manual/' target='_blank'>PHP Manual</a>";
+$text['description-php']['de-at'] = "Benutzen Sie folgenden Link als PHP Referenz: <a href='http://php.net/manual/>PHP Manual</a>";
+
+$text['description-execute']['en-us'] = "Provides a conventient way to execute system, PHP, switch and SQL commands.";
 $text['description-execute']['es-cl'] = "Provee un modo conveniente de ejecutar comandos de sistema, PHP o del switch.";
 $text['description-execute']['pt-pt'] = "Oferece uma maneira fácil de executar comandos de sistema, PHP, e switch.";
 $text['description-execute']['fr-fr'] = "Fournir un moyen pour executer des commandes système, PHP et switch. ";
@@ -114,4 +234,44 @@ $text['description-execute']['sv-se'] = "Erbjuder ett smidigt sätt att köra sy
 $text['description-execute']['uk'] = "Забезпечує зручний спосіб виконати команди PHP, switch, а також системні команди";
 $text['description-execute']['de-at'] = "Bietet die Möglichkeit System, PHP und Switch Kommandos auszuführen.";
 
+$text['description-databases']['en-us'] = "Select the database to execute SQL query statements against.";
+$text['description-databases']['es-cl'] = "Seleccione la base de datos para ejecutar la consulta SQL.";
+$text['description-databases']['pt-pt'] = "Escolha a base de dados a utilizar.";
+$text['description-databases']['fr-fr'] = "Choisir la base de données utilisée par la requête SQL.";
+$text['description-databases']['pt-br'] = "Informações sobre a base de dados";
+$text['description-databases']['pl'] = "Informacje o bazie danych.";
+$text['description-databases']['sv-se'] = "Välj databas att använda för SQL Fråga.";
+$text['description-databases']['uk'] = "Інформація про базу даних.";
+$text['description-databases']['de-at'] = "Wählen Sie die Datenbank für die SQL Abfrage aus.";
+
+$text['button-select_database']['en-us'] = "Select Database";
+$text['button-select_database']['es-cl'] = "Seleccionar Base de Datos";
+$text['button-select_database']['pt-pt'] = "Seleccionar Base de Dados";
+$text['button-select_database']['fr-fr'] = "Choisir la Base de données";
+$text['button-select_database']['pt-br'] = "Selecionar base de dados";
+$text['button-select_database']['pl'] = "Wybierz bazę danych";
+$text['button-select_database']['sv-se'] = "Välj Databas";
+$text['button-select_database']['uk'] = "Вибрати БД";
+$text['button-select_database']['de-at'] = "Datenbank wählen";
+
+$text['button-manage']['en-us'] = "Manage";
+$text['button-manage']['es-cl'] = "Administrar";
+$text['button-manage']['pt-pt'] = "Gerir";
+$text['button-manage']['fr-fr'] = "Gérer";
+$text['button-manage']['pt-br'] = "Gerenciar";
+$text['button-manage']['pl'] = "Zarządzaj";
+$text['button-manage']['sv-se'] = "Hantera";
+$text['button-manage']['uk'] = "Керувати";
+$text['button-manage']['de-at'] = "Verwalten";
+
+$text['button-backup']['en-us'] = "Backup";
+$text['button-backup']['es-cl'] = "Respaldar";
+$text['button-backup']['pt-pt'] = "Backup";
+$text['button-backup']['fr-fr'] = "Sauvegarder";
+$text['button-backup']['pt-br'] = "Backup";
+$text['button-backup']['pl'] = "Kopia Zapasowa";
+$text['button-backup']['sv-se'] = "Backup";
+$text['button-backup']['uk'] = "Резервна копія";
+$text['button-backup']['de-at'] = "Sichern";
+
 ?>

exec.php

@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <[email protected]>
-	Portions created by the Initial Developer are Copyright (C) 2008-2012
+	Portions created by the Initial Developer are Copyright (C) 2008-2016
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -27,7 +27,7 @@
 include "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('exec_command_line') || permission_exists('exec_php_command') || permission_exists('exec_switch')) {
+if (permission_exists('exec_view')) {
 	//access granted
 }
 else {
@@ -48,12 +48,13 @@ else {
 	$setting_preview = ($_SESSION["editor"]["live_preview"]["boolean"] != '') ? $_SESSION["editor"]["live_preview"]["boolean"] : 'true';
 
 //get the html values and set them as variables
-	$handler = ($_POST["handler"] != '') ? trim($_POST["handler"]) : 'switch';
+	$handler = ($_REQUEST["handler"] != '') ? trim($_REQUEST["handler"]) : ((permission_exists('exec_switch')) ? 'switch' : null);
 	$cmd = trim($_POST["cmd"]);
 
 //set editor mode
 	switch ($handler) {
 		case 'php': $mode = 'php'; break;
+		case 'sql': $mode = 'sql'; break;
 		default: $mode = 'text';
 	}
 
@@ -61,14 +62,26 @@ else {
 	require_once "resources/header.php";
 	$document['title'] = $text['title-command'];
 
+//pdo voicemail database connection
+	if (permission_exists('exec_sql')) {
+		require_once "sql_query_pdo.php";
+	}
+
 //scripts and styles
 	?>
 	<script language="JavaScript" type="text/javascript">
 		function submit_check() {
 			document.getElementById('cmd').value = editor.getSession().getValue();
-			if (document.getElementById('cmd').value == '') {
-				focus_editor();
-				return false;
+			if (document.getElementById('handler_sql') && document.getElementById('handler_sql').checked) {
+				$('#frm').prop('target', 'iframe').prop('action', 'sql_query_result.php');
+				$('#sql_response').show();
+			}
+			else {
+				if (document.getElementById('cmd').value == '') {
+					focus_editor();
+					return false;
+				}
+				$('#frm').prop('target', '').prop('action', '');
 			}
 			return true;
 		}
@@ -99,20 +112,57 @@ else {
 
 		function set_handler(handler) {
 			switch (handler) {
-				case 'switch':
-					document.getElementById('description').innerHTML = "<?php echo $text['description-switch'];?>";
-					editor.getSession().setMode('ace/mode/text');
-					$('#mode option[value=text]').prop('selected',true);
-					break;
-				case 'php':
-					document.getElementById('description').innerHTML = "<?php echo $text['description-php'];?>";
-					editor.getSession().setMode({path:'ace/mode/php', inline:true}); //highlight without opening tag
-					$('#mode option[value=php]').prop('selected',true);
-					break;
-				case 'shell':
-					document.getElementById('description').innerHTML = "<?php echo $text['description-shell'];?>";
-					editor.getSession().setMode('ace/mode/text');
-					$('#mode option[value=text]').prop('selected',true);
+				<?php if (permission_exists('exec_switch')) { ?>
+					case 'switch':
+						document.getElementById('description').innerHTML = "<?php echo $text['description-switch'];?>";
+						editor.getSession().setMode('ace/mode/text');
+						$('#mode option[value=text]').prop('selected',true);
+						<?php if (permission_exists('exec_sql')) { ?>
+							$('.sql_controls').hide();
+							document.getElementById('sql_type').selectedIndex = 0;
+							document.getElementById('table_name').selectedIndex = 0;
+							$('#iframe').prop('src','');
+							$('#sql_response').hide();
+						<?php } ?>
+						break;
+				<?php } ?>
+				<?php if (permission_exists('exec_php')) { ?>
+					case 'php':
+						document.getElementById('description').innerHTML = "<?php echo $text['description-php'];?>";
+						editor.getSession().setMode({path:'ace/mode/php', inline:true}); //highlight without opening tag
+						$('#mode option[value=php]').prop('selected',true);
+						<?php if (permission_exists('exec_sql')) { ?>
+							$('.sql_controls').hide();
+							document.getElementById('sql_type').selectedIndex = 0;
+							document.getElementById('table_name').selectedIndex = 0;
+							$('#iframe').prop('src','');
+							$('#sql_response').hide();
+						<?php } ?>
+						break;
+				<?php } ?>
+				<?php if (permission_exists('exec_command')) { ?>
+					case 'shell':
+						document.getElementById('description').innerHTML = "<?php echo $text['description-shell'];?>";
+						editor.getSession().setMode('ace/mode/text');
+						$('#mode option[value=text]').prop('selected',true);
+						<?php if (permission_exists('exec_sql')) { ?>
+							$('.sql_controls').hide();
+							document.getElementById('sql_type').selectedIndex = 0;
+							document.getElementById('table_name').selectedIndex = 0;
+							$('#iframe').prop('src','');
+							$('#sql_response').hide();
+						<?php } ?>
+						break;
+				<?php } ?>
+				<?php if (permission_exists('exec_sql')) { ?>
+					case 'sql':
+						document.getElementById('description').innerHTML = "<?php echo $text['description-sql'];?>";
+						editor.getSession().setMode('ace/mode/sql');
+						$('#mode option[value=sql]').prop('selected',true);
+						$('.sql_controls').show();
+						break;
+				<?php } ?>
+				default:
 					break;
 			}
 			focus_editor();
@@ -122,6 +172,10 @@ else {
 			editor.getSession().setValue('');
 			$('#cmd').val('');
 			$('#response').hide();
+			<?php if (permission_exists('exec_sql')) { ?>
+				$('#iframe').prop('src','');
+				$('#sql_response').hide();
+			<?php } ?>
 			focus_editor();
 		}
 	</script>
@@ -150,32 +204,82 @@ else {
 <?php
 
 //show the header
-	echo "<b>".$text['label-execute']."</b>\n";
-	echo "<br><br>";
-	echo $text['description-execute']."\n";
-	echo "<br><br>";
+	echo "<table cellpadding='0' cellspacing='0' border='0'>";
+	echo "	<tr>";
+	echo "		<td valign='top' align='left' width='100%'>";
+	echo "			<b>".$text['label-execute']."</b>\n";
+	echo "			<br><br>";
+	echo 			$text['description-execute']."\n";
+	echo "		</td>";
+	if (permission_exists('exec_sql')) {
+		echo "		<td valign='top' align='right' nowrap>";
+		echo "			<span class='sql_controls' ".(($handler != 'sql') ? "style='display: none;'" : null).">";
+		echo "				<input type='button' class='btn' alt='".$text['button-select_database']."' onclick=\"document.location.href='sql_query_db.php'\" value='".$text['button-select_database']."'>\n";
+		if (permission_exists('exec_sql_backup')) {
+			echo "			<input type='button' class='btn' alt='".$text['button-backup']."' onclick=\"document.location.href='sql_backup.php".((strlen($_REQUEST['id']) > 0) ? "?id=".$_REQUEST['id'] : null)."'\" value='".$text['button-backup']."'>\n";
+		}
+		echo "			</span>";
+		echo "		</td>";
+	}
+	echo "	</tr>";
+	echo "</table>";
+	echo "<br>";
 
 //html form
-	echo "<form method='post' name='frm' id='frm' action='' style='margin: 0;' onsubmit='return submit_check();'>\n";
+	echo "<form method='post' name='frm' id='frm' action='exec.php' style='margin: 0;' onsubmit='return submit_check();'>\n";
+	echo "<input type='hidden' name='id' value='".$_REQUEST['id']."'>\n"; //sql db id
 	echo "<textarea name='cmd' id='cmd' style='display: none;'></textarea>";
 	echo "<table cellpadding='0' cellspacing='0' border='0' width='100%'>\n";
 	echo "	<tr>";
 	echo "		<td width='210' valign='top' nowrap>";
+
 	echo "			<table cellpadding='0' cellspacing='0' border='0' width='100%' height='100%'>";
-	echo "				<tr>";
-	echo "					<td valign='top' height='130'>";
-	echo "						<table cellpadding='0' cellspacing='3' border='0'>\n";
-	if (permission_exists('exec_switch')) { echo "<tr><td valign='middle'><input type='radio' name='handler' id='handler_switch' value='switch' ".(($handler == 'switch') ? 'checked' : null)." onclick=\"set_handler('switch');\"></td><td valign='bottom' style='padding-top: 3px;'><label for='handler_switch'> ".$text['label-switch']."</label></td></tr>\n"; }
-	if (permission_exists('exec_php_command')) { echo "<tr><td valign='middle'><input type='radio' name='handler' id='handler_php' value='php' ".(($handler == 'php') ? 'checked' : null)." onclick=\"set_handler('php');\"></td><td valign='bottom' style='padding-top: 3px;'><label for='handler_php'> ".$text['label-php']."</label></td></tr>\n"; }
-	if (permission_exists('exec_command_line')) { echo "<tr><td valign='middle'><input type='radio' name='handler' id='handler_shell' value='shell' ".(($handler == 'shell') ? 'checked' : null)." onclick=\"set_handler('shell');\"></td><td valign='bottom' style='padding-top: 3px;'><label for='handler_shell'> ".$text['label-shell']."</label></td></tr>\n"; }
-	echo "						</table>\n";
-	echo "						<br />";
-	echo "						<input type='button' class='btn' title=\"".$text['button-execute']." [Ctrl+Enter]\" value=\"    ".$text['button-execute']."    \" onclick=\"$('form#frm').submit();\">";
-	echo "						&nbsp;&nbsp;&nbsp;&nbsp;<a href='javascript:void(0)' onclick='reset_editor();'>".$text['label-reset']."</a>\n";
-	echo "						<br /><br /><br />";
-	echo "					</td>";
-	echo "				</tr>";
-	if (file_exists($_SERVER["PROJECT_ROOT"]."/app/edit/") && permission_exists('script_editor_view')) {
+	if (permission_exists('exec_switch') || permission_exists('exec_php') || permission_exists('exec_command') || permission_exists('exec_sql')) {
+		echo "			<tr>";
+		echo "				<td valign='top'>";
+		echo "					<table cellpadding='0' cellspacing='3' border='0'>\n";
+		if (permission_exists('exec_switch')) { echo "<tr><td valign='middle'><input type='radio' name='handler' id='handler_switch' value='switch' ".(($handler == 'switch') ? 'checked' : null)." onclick=\"set_handler('switch');\"></td><td valign='bottom' style='padding-top: 3px;'><label for='handler_switch'> ".$text['label-switch']."</label></td></tr>\n"; }
+		if (permission_exists('exec_php')) { echo "<tr><td valign='middle'><input type='radio' name='handler' id='handler_php' value='php' ".(($handler == 'php') ? 'checked' : null)." onclick=\"set_handler('php');\"></td><td valign='bottom' style='padding-top: 3px;'><label for='handler_php'> ".$text['label-php']."</label></td></tr>\n"; }
+		if (permission_exists('exec_command')) { echo "<tr><td valign='middle'><input type='radio' name='handler' id='handler_shell' value='shell' ".(($handler == 'shell') ? 'checked' : null)." onclick=\"set_handler('shell');\"></td><td valign='bottom' style='padding-top: 3px;'><label for='handler_shell'> ".$text['label-shell']."</label></td></tr>\n"; }
+		if (permission_exists('exec_sql')) { echo "<tr><td valign='middle'><input type='radio' name='handler' id='handler_sql' value='sql' ".(($handler == 'sql') ? 'checked' : null)." onclick=\"set_handler('sql');\"></td><td valign='bottom' style='padding-top: 3px;'><label for='handler_sql'> ".$text['label-sql']."</label></td></tr>\n"; }
+		echo "					</table>\n";
+		echo "					<br />";
+		//sql controls
+		if (permission_exists('exec_sql')) {
+			echo "				<span class='sql_controls' ".(($handler != 'sql') ? "style='display: none;'" : null).">";
+			echo "					".$text['label-table']."<br />";
+			echo "					<select name='table_name' id='table_name' class='formfld' style='width: calc(100% - 15px);'>\n";
+			echo "						<option value=''></option>\n";
+			switch ($db_type) {
+				case 'sqlite': $sql = "select name from sqlite_master where type='table' order by name;"; break;
+				case 'pgsql': $sql = "select table_name as name from information_schema.tables where table_schema='public' and table_type='BASE TABLE' order by table_name"; break;
+				case 'mysql': $sql = "show tables"; break;
+			}
+			$prep_statement = $db->prepare(check_sql($sql));
+			$prep_statement->execute();
+			$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+			foreach ($result as &$row) {
+				$row = array_values($row);
+				echo "					<option value='".$row[0]."'>".$row[0]."</option>\n";
+			}
+			echo "					</select>\n";
+			echo "					<br /><br />\n";
+			echo "					".$text['label-result_type']."<br />";
+			echo "					<select name='sql_type' id='sql_type' class='formfld'>\n";
+			echo "						<option value=''>".$text['option-result_type_view']."</option>\n";
+			echo "						<option value='csv'>".$text['option-result_type_csv']."</option>\n";
+			echo "						<option value='inserts'>".$text['option-result_type_insert']."</option>\n";
+			echo "					</select>\n";
+			echo "					<br /><br />\n";
+			echo "				</span>";
+		}
+		echo "					<input type='button' class='btn' style='margin-top: 5px;' title=\"".$text['button-execute']." [Ctrl+Enter]\" value=\"    ".$text['button-execute']."    \" onclick=\"$('form#frm').submit();\">";
+		echo "					&nbsp;&nbsp;&nbsp;&nbsp;<a href='javascript:void(0)' onclick='reset_editor();'>".$text['label-reset']."</a>\n";
+		echo "					<br /><br /><br />";
+		echo "				</td>";
+		echo "			</tr>";
+	}
+	if (permission_exists('script_editor_view') && file_exists($_SERVER["PROJECT_ROOT"]."/app/edit/")) {
 		echo "			<tr>";
 		echo "				<td valign='top' height='100%'>";
 		echo "					<iframe id='clip_list' src='".PROJECT_PATH."/app/edit/cliplist.php' style='border: none; border-top: 1px solid #ccc; height: 100%; width: calc(100% - 15px);'></iframe>\n";
@@ -183,12 +287,13 @@ else {
 		echo "			</tr>";
 	}
 	echo "			</table>";
+
 	echo "		</td>";
-	echo "		<td width='100%' valign='top' style='height: 400px;'>"
+	echo "		<td width='100%' valign='top' style='height: 450px;'>"
 	?>
 	<table cellpadding='0' cellspacing='0' border='0' style='width: 100%;'>
 		<tr>
-			<td valign='middle' style='padding: 0 6px;' width='100%'><span id='description'><?php echo $text['description-'.(($handler != '') ? $handler : 'switch')]; ?></span></td>
+			<td valign='middle' style='padding: 0 6px;' width='100%'><span id='description'><?php echo $text['description-'.$handler]; ?></span></td>
 			<td valign='middle' style='padding: 0;'><img src='resources/images/blank.gif' style='width: 1px; height: 30px; border: none;'></td>
 			<td valign='middle' style='padding-left: 6px;'><img src='resources/images/icon_numbering.png' title='Toggle Line Numbers' class='control' onclick="toggle_option('numbering');"></td>
 			<td valign='middle' style='padding-left: 6px;'><img src='resources/images/icon_invisibles.png' title='Toggle Invisibles' class='control' onclick="toggle_option('invisibles');"></td>
@@ -286,7 +391,8 @@ else {
 		</tr>
 	</table>
 	<div id='editor'><?php echo htmlentities($cmd); ?></div>
-	<?php
+
+<?php
 	echo "		</td>";
 	echo "	</tr>\n";
 	echo "</table>";
@@ -313,7 +419,9 @@ else {
 				highlightGutterLine: false,
 				useSoftTabs: false
 				});
-			<?php if ($mode == 'php') { ?>editor.getSession().setMode({path:'ace/mode/php', inline:true});<?php } ?>
+			<?php if ($mode == 'php') { ?>
+				editor.getSession().setMode({path:'ace/mode/php', inline:true});
+			<?php } ?>
 			document.getElementById('editor').style.fontSize='<?php echo $setting_size;?>';
 			focus_editor();
 
@@ -329,6 +437,8 @@ else {
 					return true;
 				}
 			});
+		//remove certain keyboard shortcuts
+			editor.commands.bindKey("Ctrl-T", null); //new browser tab
 	</script>
 
 <?php
@@ -338,12 +448,12 @@ else {
 		if ($cmd != '') {
 			switch ($handler) {
 				case 'shell':
-					if (permission_exists('exec_command_line')) {
+					if (permission_exists('exec_command')) {
 						$result = htmlentities(shell_exec($cmd));
 					}
 					break;
 				case 'php':
-					if (permission_exists('exec_php_command')) {
+					if (permission_exists('exec_php')) {
 						ob_start();
 						eval($cmd);
 						$result = ob_get_contents();
@@ -366,6 +476,14 @@ else {
 			}
 		}
 	}
+	//for sql
+	if (permission_exists('exec_sql')) {
+		echo "<span id='sql_response' style='display: none;'>";
+		echo "<b>".$text['label-results']."</b>\n";
+		echo "<br /><br />\n";
+		echo "<iframe name='iframe' id='iframe' style='width: calc(100% - 3px); height: 500px; background-color: #fff; border: 1px solid #c0c0c0;'></iframe>\n";
+		echo "</span>";
+	}
 
 //show the footer
 	require_once "resources/footer.php";

sql_backup.php

@@ -0,0 +1,177 @@
+<?php
+/*
+	FusionPBX
+	Version: MPL 1.1
+
+	The contents of this file are subject to the Mozilla Public License Version
+	1.1 (the "License"); you may not use this file except in compliance with
+	the License. You may obtain a copy of the License at
+	http://www.mozilla.org/MPL/
+
+	Software distributed under the License is distributed on an "AS IS" basis,
+	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+	for the specific language governing rights and limitations under the
+	License.
+
+	The Original Code is FusionPBX
+
+	The Initial Developer of the Original Code is
+	Mark J Crane <[email protected]>
+	Portions created by the Initial Developer are Copyright (C) 2008-2014
+	the Initial Developer. All Rights Reserved.
+
+	Contributor(s):
+	Mark J Crane <[email protected]>
+*/
+include "root.php";
+require_once "resources/require.php";
+require_once "resources/check_auth.php";
+if (permission_exists('exec_sql_backup')) {
+	//access granted
+}
+else {
+	echo "access denied";
+	exit;
+}
+
+//add multi-lingual support
+	$language = new text;
+	$text = $language->get();
+
+//pdo database connection
+	if (strlen($_REQUEST['id']) > 0) {
+		require_once "sql_query_pdo.php";
+	}
+
+//get the $apps array from the installed apps from the core and mod directories
+	$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
+	$x = 0;
+	foreach ($config_list as &$config_path) {
+		include($config_path);
+		$x++;
+	}
+
+//define a function that checks if the field exists
+	function field_exists($apps, $table_name, $field_name) {
+		$result = false;
+		foreach ($apps as &$row) {
+			$tables = $row["db"];
+			foreach ($tables as &$table) {
+				if ($table['table'] == $table_name) {
+					foreach ($table["fields"] as &$field) {
+						if ($field['deprecated'] != "true") {
+							if (is_array($field["name"])) {
+								if ($field["name"]["text"] == $field_name) {
+									$result = true;
+									break;
+								}
+							}
+							else {
+								if ($field["name"] == $field_name) {
+									$result = true;
+									break;
+								}
+							}
+						}
+					}
+				}
+			}
+		}
+		return $result;
+	}
+
+//set the headers
+	header('Content-type: application/octet-binary');
+	header('Content-Disposition: attachment; filename=database_backup.sql');
+
+//get the list of tables
+	if ($db_type == "sqlite") {
+		$sql = "SELECT name FROM sqlite_master ";
+		$sql .= "WHERE type='table' ";
+		$sql .= "order by name;";
+	}
+	if ($db_type == "pgsql") {
+		$sql = "select table_name as name ";
+		$sql .= "from information_schema.tables ";
+		$sql .= "where table_schema='public' ";
+		$sql .= "and table_type='BASE TABLE' ";
+		$sql .= "order by table_name ";
+	}
+	if ($db_type == "mysql") {
+		$sql = "show tables";
+	}
+	$prep_statement = $db->prepare(check_sql($sql));
+	$prep_statement->execute();
+	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+	foreach ($result as &$row) {
+		$row = array_values($row);
+		$table_name = $row[0];
+
+		//get the table data
+			$sql = "select * from $table_name";
+			if (strlen($sql) > 0) {
+				$prep_statement_2 = $db->prepare(check_sql($sql));
+				if ($prep_statement_2) {
+					$prep_statement_2->execute();
+					$result2 = $prep_statement_2->fetchAll(PDO::FETCH_ASSOC);
+				}
+				else {
+					echo "<b>".$text['label-error'].":</b>\n";
+					echo "<pre>\n";
+					print_r($db->errorInfo());
+					echo "</pre>\n";
+				}
+
+				$x = 0;
+				foreach ($result2[0] as $key => $value) {
+					if ($row[$column] != "db") {
+						if (field_exists($apps, $table_name, $key)) {
+							$column_array[$x] = $key;
+						}
+						$x++;
+					}
+				}
+
+				$column_array_count = count($column_array);
+
+				foreach ($result2 as &$row) {
+					$sql = "INSERT INTO $table_name (";
+					$x = 1;
+					foreach ($column_array as $column) {
+						if ($x < $column_array_count) {
+							if (strlen($row[$column]) > 0) {
+								$sql .= ''.$column.',';
+							}
+						}
+						else {
+							if (strlen($row[$column]) > 0) {
+								$sql .= ''.$column.'';
+							}
+						}
+						$x++;
+					}
+					$sql .= ") ";
+					$sql .= "VALUES( ";
+					$x = 1;
+					foreach ($column_array as $column) {
+						if ($x < $column_array_count) {
+							if (strlen($row[$column])> 0) {
+								$sql .= "'".check_str($row[$column])."',";
+							}
+						}
+						else {
+							if (strlen($row[$column])> 0) {
+								$sql .= "'".check_str($row[$column])."'";
+							}
+						}
+						$x++;
+					}
+					$sql .= ");\n";
+					echo str_replace(",)", ")", $sql);
+				}
+			}
+
+		unset($column_array);
+	}
+
+?>

sql_db_conversion.php

@@ -0,0 +1,499 @@
+<?php
+/*
+	FusionPBX
+	Version: MPL 1.1
+
+	The contents of this file are subject to the Mozilla Public License Version
+	1.1 (the "License"); you may not use this file except in compliance with
+	the License. You may obtain a copy of the License at
+	http://www.mozilla.org/MPL/
+
+	Software distributed under the License is distributed on an "AS IS" basis,
+	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+	for the specific language governing rights and limitations under the
+	License.
+
+	The Original Code is FusionPBX
+
+	The Initial Developer of the Original Code is
+	Mark J Crane <[email protected]>
+	Portions created by the Initial Developer are Copyright (C) 2008-2012
+	the Initial Developer. All Rights Reserved.
+
+	Contributor(s):
+	Mark J Crane <[email protected]>
+*/
+include "root.php";
+require_once "resources/require.php";
+require_once "resources/check_auth.php";
+require_once "resources/schema.php";
+
+if (if_group("superadmin")) {
+	//access granted
+}
+else {
+	echo "access denied";
+	exit;
+}
+
+//add multi-lingual support
+	$language = new text;
+	$text = $language->get();
+
+//show errors
+	ini_set('display_errors', '1');
+	//error_reporting (E_ALL); // Report everything
+	error_reporting(E_ALL ^ E_NOTICE ^ E_WARNING ); //hide notices and warnings
+
+//define the db file exists function
+	function db_field_exists ($tmp_array, $column) {
+		$result = false;
+		foreach ($tmp_array as &$row) {
+			if ($row[0] == $column) {
+				$result = true;
+			}
+			return $result;
+		}
+	}
+	//db_field_exists ($result_dest, $column)
+
+//destination info
+	//set the domain_uuid
+		$dest_domain_uuid = '1';
+
+	//set the database type
+		$db_dest_type = 'mysql'; //sqlite, mysql, pgsql, others with a manually created PDO connection
+
+	//sqlite: the dbfilename and db_file_path are automatically assigned however the values can be overidden by setting the values here.
+		//$dbfilename = 'fusionpbx.db'; //host name/ip address + '.db' is the default database filename
+		//$db_file_path = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/secure'; //the path is determined by a php variable
+
+	//mysql: database connection information
+		$db_host = '127.0.0.1'; //set the host only if the database is not local
+		$db_port = '3306';
+		$db_name = 'fusionpbx';
+		$db_username = 'fusionpbx';
+		$db_password = '';
+		$db_create_username = 'root';
+		$db_create_password = '';
+
+	//pgsql: database connection information
+		//$db_host = ''; //set the host only if the database is not local
+		//$db_port = '';
+		//$db_name = '';
+		//$db_username = '';
+		//$db_password = '';
+		//$db_create_username = '';
+		//$db_create_password = '';
+
+	//load data into the database
+
+		//create the sqlite database
+			if ($db_dest_type == "sqlite") {
+				//sqlite database will be created when the config.php is loaded and only if the database file does not exist
+				$filename = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/resources/install/sql/sqlite.sql';
+				$file_contents = file_get_contents($filename);
+				unset($filename);
+				try {
+					$db_dest = new PDO('sqlite:'.$db_filepath.'/'.$db_filename); //sqlite 3
+					//$db_dest = new PDO('sqlite::memory:'); //sqlite 3
+					$db_dest->beginTransaction();
+				}
+				catch (PDOException $error) {
+					print $text['label-error'].": " . $error->getMessage() . "<br/>";
+					die();
+				}
+
+				//replace \r\n with \n then explode on \n
+					$file_contents = str_replace("\r\n", "\n", $file_contents);
+
+				//loop line by line through all the lines of sql code
+					$stringarray = explode("\n", $file_contents);
+					$x = 0;
+					foreach($stringarray as $sql) {
+						try {
+							if(stristr($sql, 'CREATE TABLE') === FALSE) {
+								//not found do not execute
+							}
+							else {
+								//execute create table sql strings
+								$db_dest->query($sql);
+							}
+						}
+						catch (PDOException $error) {
+							echo $text['label-error'].": " . $error->getMessage() . " sql: $sql<br/>";
+						}
+						$x++;
+					}
+					unset ($file_contents, $sql);
+					$db_dest->commit();
+			}
+
+		//create the postgres database
+			if ($db_dest_type == "pgsql") {
+				$filename = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/resources/install/sql/pgsql.sql';
+				$file_contents = file_get_contents($filename);
+
+				//if $db_create_username provided, attempt to create new PG role and database
+					if (strlen($db_create_username) > 0) {
+						//create the database connection
+							try {
+								if (strlen($db_port) == 0) { $db_port = "5432"; }
+								if (strlen($db_host) > 0) {
+									$db_dest = new PDO("pgsql:host={$db_host} port={$db_port} user={$db_create_username} password={$db_create_password} dbname=template1");
+								} else {
+									$db_dest = new PDO("pgsql:host=localhost port={$db_port} user={$db_create_username} password={$db_create_password} dbname=template1");
+								}
+							} catch (PDOException $error) {
+								print $text['label-error'].": " . $error->getMessage() . "<br/>";
+								die();
+							}
+						//create the database, user, grant perms
+							$db_dest->exec("CREATE DATABASE {$db_name}");
+							$db_dest->exec("CREATE USER {$db_username} WITH PASSWORD '{$db_password}'");
+							$db_dest->exec("GRANT ALL ON {$db_name} TO {$db_username}");
+						//close database connection_aborted
+							$db_dest = null;
+					}
+
+				//open database connection with $db_name
+					try {
+						if (strlen($db_port) == 0) { $db_port = "5432"; }
+						if (strlen($db_host) > 0) {
+							$db_dest = new PDO("pgsql:host={$db_host} port={$db_port} dbname={$db_name} user={$db_username} password={$db_password}");
+						} else {
+							$db_dest = new PDO("pgsql:host=localhost port={$db_port} user={$db_username} password={$db_password} dbname={$db_name}");
+						}
+					}
+					catch (PDOException $error) {
+						print $text['label-error'].": " . $error->getMessage() . "<br/>";
+						die();
+					}
+
+				//replace \r\n with \n then explode on \n
+					$file_contents = str_replace("\r\n", "\n", $file_contents);
+
+				//loop line by line through all the lines of sql code
+					$stringarray = explode("\n", $file_contents);
+					$x = 0;
+					foreach($stringarray as $sql) {
+						if (strlen($sql) > 3) {
+							try {
+								if(stristr($sql, 'CREATE TABLE') === FALSE) {
+									//not found do not execute
+								}
+								else {
+									//execute create table sql strings
+									$db_dest->query($sql);
+								}
+							}
+							catch (PDOException $error) {
+								echo $text['label-error'].": " . $error->getMessage() . " sql: $sql<br/>";
+								die();
+							}
+						}
+						$x++;
+					}
+					unset ($file_contents, $sql);
+			}
+
+		//create the mysql database
+		if ($db_dest_type == "mysql") {
+			$filename = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/resources/install/sql/mysql.sql';
+			$file_contents = file_get_contents($filename);
+
+			//database connection
+				try {
+					if (strlen($db_host) == 0 && strlen($db_port) == 0) {
+						//if both host and port are empty use the unix socket
+						if (strlen($db_create_username) == 0) {
+							$db_dest = new PDO("mysql:host=$db_host;unix_socket=/var/run/mysqld/mysqld.sock;", $db_username, $db_password, array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));
+						}
+						else {
+							$db_dest = new PDO("mysql:host=$db_host;unix_socket=/var/run/mysqld/mysqld.sock;", $db_create_username, $db_create_password, array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));						}
+					}
+					else {
+						if (strlen($db_port) == 0) {
+							//leave out port if it is empty
+							if (strlen($db_create_username) == 0) {
+								$db_dest = new PDO("mysql:host=$db_host;", $db_username, $db_password, array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));
+							}
+							else {
+								$db_dest = new PDO("mysql:host=$db_host;", $db_create_username, $db_create_password, array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));
+							}
+						}
+						else {
+							if (strlen($db_create_username) == 0) {
+								$db_dest = new PDO("mysql:host=$db_host;port=$db_port;", $db_username, $db_password, array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));
+							}
+							else {
+								$db_dest = new PDO("mysql:host=$db_host;port=$db_port;", $db_create_username, $db_create_password, array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));
+							}
+						}
+					}
+					$db_dest->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+					$db_dest->setAttribute(PDO::ATTR_EMULATE_PREPARES, true);
+				}
+				catch (PDOException $error) {
+					if ($v_debug) {
+						print $text['label-error'].": " . $error->getMessage() . "<br/>";
+					}
+				}
+
+			//create the table, user and set the permissions only if the db_create_username was provided
+				if (strlen($db_create_username) > 0) {
+					//select the mysql database
+						try {
+							$db_dest->query("USE mysql;");
+						}
+						catch (PDOException $error) {
+							if ($v_debug) {
+								print $text['label-error'].": " . $error->getMessage() . "<br/>";
+							}
+						}
+					//create user and set the permissions
+						try {
+							$tmp_sql = "CREATE USER '".$db_username."'@'%' IDENTIFIED BY '".$db_password."'; ";
+							$db_dest->query($tmp_sql);
+						}
+						catch (PDOException $error) {
+							if ($v_debug) {
+								print $text['label-error'].": " . $error->getMessage() . "<br/>";
+							}
+						}
+					//set account to unlimitted use
+						try {
+							$tmp_sql = "GRANT USAGE ON * . * TO '".$db_username."'@'localhost' ";
+							$tmp_sql .= "IDENTIFIED BY '".$db_password."' ";
+							$tmp_sql .= "WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0; ";
+							$db_dest->query($tmp_sql);
+						}
+						catch (PDOException $error) {
+							if ($v_debug) {
+								print $text['label-error'].": " . $error->getMessage() . "<br/>";
+							}
+						}
+					//create the database and set the create user with permissions
+						try {
+							$tmp_sql = "CREATE DATABASE IF NOT EXISTS ".$db_name."; ";
+							$db_dest->query($tmp_sql);
+						}
+						catch (PDOException $error) {
+							if ($v_debug) {
+								print $text['label-error'].": " . $error->getMessage() . "<br/>";
+							}
+						}
+					//set user permissions
+						try {
+							$db_dest->query("GRANT ALL PRIVILEGES ON ".$db_name.".* TO '".$db_username."'@'%'; ");
+						}
+						catch (PDOException $error) {
+							if ($v_debug) {
+								print $text['label-error'].": " . $error->getMessage() . "<br/>";
+							}
+						}
+					//make the changes active
+						try {
+							$tmp_sql = "FLUSH PRIVILEGES; ";
+							$db_dest->query($tmp_sql);
+						}
+						catch (PDOException $error) {
+							if ($v_debug) {
+								print $text['label-error'].": " . $error->getMessage() . "<br/>";
+							}
+						}
+				} //if (strlen($db_create_username) > 0)
+			//select the database
+				try {
+					$db_dest->query("USE ".$db_name.";");
+				}
+				catch (PDOException $error) {
+					if ($v_debug) {
+						print $text['label-error'].": " . $error->getMessage() . "<br/>";
+					}
+				}
+
+			//add the defaults data into the database
+				//replace \r\n with \n then explode on \n
+					$file_contents = str_replace("\r\n", "\n", $file_contents);
+
+				//loop line by line through all the lines of sql code
+					$stringarray = explode("\n", $file_contents);
+					$x = 0;
+					foreach($stringarray as $sql) {
+						if (strlen($sql) > 3) {
+							try {
+								if(stristr($sql, 'CREATE TABLE') === FALSE) {
+									//not found do not execute
+								}
+								else {
+									//execute create table sql strings
+									$db_dest->query($sql);
+								}
+							}
+							catch (PDOException $error) {
+								//echo "error on line $x: " . $error->getMessage() . " sql: $sql<br/>";
+								//die();
+							}
+						}
+						$x++;
+					}
+					unset ($file_contents, $sql);
+		}
+
+//get the list of tables
+	if ($db_dest_type == "sqlite") {
+		$sql = "SELECT name FROM sqlite_master ";
+		$sql .= "WHERE type='table' ";
+		$sql .= "order by name;";
+	}
+	if ($db_dest_type == "pgsql") {
+		$sql = "select table_name as name ";
+		$sql .= "from information_schema.tables ";
+		$sql .= "where table_schema='public' ";
+		$sql .= "and table_type='BASE TABLE' ";
+		$sql .= "order by table_name ";
+	}
+	if ($db_dest_type == "mysql") {
+		$sql = "show tables";
+	}
+	//get the default schema structure
+		$prep_statement = $db_dest->prepare(check_sql($sql));
+		$prep_statement->execute();
+		$result_dest = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+	//clean the content from the table
+		foreach ($result_dest as &$row) {
+			$table_name = $row[0];
+			$sql = 'delete from '.$table_name;
+			//$db_dest->query($sql);
+		}
+
+	//add data into each table
+		foreach ($result_dest as &$row) {
+			//get the table name
+				$table_name = $row[0];
+
+			//$table_name = 'v_extensions';
+			//$db_dest_type = "sqlite";
+
+			//get the table source data
+				$destination_column_array='';
+				unset($destination_column_array);
+				if ($db_dest_type == "sqlite") {
+					$tmp_sql = "PRAGMA table_info($table_name);";
+				}
+				if ($db_dest_type == "pgsql") {
+
+				}
+				if ($db_dest_type == "mysql") {
+					$tmp_sql = "show columns from $table_name;";
+				}
+				if (strlen($tmp_sql) > 0) {
+					$prep_statement_2 = $db_dest->prepare(check_sql($tmp_sql));
+					//$prep_statement_2 = $db->prepare(check_sql($tmp_sql));
+					if ($prep_statement_2) {
+						$prep_statement_2->execute();
+						$result2 = $prep_statement_2->fetchAll(PDO::FETCH_ASSOC);
+					}
+					else {
+						echo "<b>".$text['label-error'].":</b>\n";
+						echo "<pre>\n";
+						print_r($db_dest->errorInfo());
+						echo "</pre>\n";
+					}
+					$x = 0;
+					foreach ($result2 as $row2) {
+						if ($db_dest_type == "sqlite") {
+							$destination_column_array[$x] = $row2['name'];
+						}
+						if ($db_dest_type == "mysql") {
+							$destination_column_array[$x] = $row2['Field'];
+						}
+						if ($db_dest_type == "pgsql") {
+
+						}
+						$x++;
+					}
+					/*
+						$x = 0;
+						foreach ($result2[0] as $key => $value) {
+							if ($db_dest_type == "sqlite" && $key == "name") {
+								$destination_column_array[$x] = $key;
+							}
+							$x++;
+						}
+					*/
+					$destination_column_array_count = count($destination_column_array);
+				}
+				unset($prep_statement_2, $result2);
+				//echo "<pre>\n";
+				//print_r($destination_column_array);
+				//echo "</pre>\n";
+
+			//get the table source data
+				$tmp_sql = "select * from $table_name";
+				if (strlen($tmp_sql) > 0) {
+					$prep_statement_2 = $db->prepare(check_sql($tmp_sql));
+					if ($prep_statement_2) {
+						$prep_statement_2->execute();
+						$result2 = $prep_statement_2->fetchAll(PDO::FETCH_ASSOC);
+					}
+					else {
+						echo "<b>".$text['label-error'].":</b>\n";
+						echo "<pre>\n";
+						print_r($db->errorInfo());
+						echo "</pre>\n";
+					}
+
+					$x = 0;
+					foreach ($result2[0] as $key => $value) {
+						$column_array[$x] = $key;
+						$x++;
+					}
+
+					foreach ($result2 as &$row) {
+						//build the sql query string
+							if (substr($table_name, 0, 2) == 'v_') {
+								$sql = "INSERT INTO $table_name (";
+								$x = 1;
+								foreach ($destination_column_array as $column) {
+									if ($x < $destination_column_array_count) {
+										$sql .= "".$column.", ";
+									}
+									else {
+										$sql .= "".$column."";
+									}
+									$x++;
+								}
+								$sql .= ") ";
+								$sql .= "VALUES( ";
+								$x = 1;
+								foreach ($destination_column_array as $column) {
+									if ($x < $destination_column_array_count) {
+										//if ($column == "domain_uuid") {
+										//	$sql .= "'".$dest_domain_uuid."',";
+										//}
+										//else {
+											$sql .= "'".check_str($row[$column])."', ";
+										//}
+									}
+									else {
+										//if ($column == "domain_uuid") {
+										//	$sql .= "'".$dest_domain_uuid."'";
+										//}
+										//else {
+											$sql .= "'".check_str($row[$column])."'";
+										//}
+									}
+									$x++;
+								}
+								$sql .= ");\n";
+							}
+						//add the sql into the destination database
+							echo $sql."<br />\n";
+							$db_dest->query($sql);
+					}
+				}
+		}
+
+?>

sql_query_db.php

@@ -0,0 +1,132 @@
+<?php
+/*
+	FusionPBX
+	Version: MPL 1.1
+
+	The contents of this file are subject to the Mozilla Public License Version
+	1.1 (the "License"); you may not use this file except in compliance with
+	the License. You may obtain a copy of the License at
+	http://www.mozilla.org/MPL/
+
+	Software distributed under the License is distributed on an "AS IS" basis,
+	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+	for the specific language governing rights and limitations under the
+	License.
+
+	The Original Code is FusionPBX
+
+	The Initial Developer of the Original Code is
+	Mark J Crane <[email protected]>
+	Portions created by the Initial Developer are Copyright (C) 2008-2016
+	the Initial Developer. All Rights Reserved.
+
+	Contributor(s):
+	Mark J Crane <[email protected]>
+*/
+require_once "root.php";
+require_once "resources/require.php";
+require_once "resources/check_auth.php";
+if (permission_exists('exec_sql')) {
+	//access granted
+}
+else {
+	echo "access denied";
+	exit;
+}
+
+//add multi-lingual support
+	$language = new text;
+	$text = $language->get();
+
+require_once "resources/header.php";
+$document['title'] = $text['title-databases'];
+
+require_once "resources/paging.php";
+
+//get variables used to control the order
+	$order_by = $_GET["order_by"];
+	$order = $_GET["order"];
+
+//show the content
+
+	echo "<table width='100%' cellpadding='0' cellspacing='0' border='0'>\n";
+	echo "	<tr>\n";
+	echo "		<td width='50%' align='left' nowrap='nowrap'><b>".$text['header-databases']."</b></td>\n";
+	echo "		<td width='50%' align='right'>";
+	echo "		<input type='button' class='btn' alt='".$text['button-back']."' onclick=\"document.location.href='exec.php';\" value='".$text['button-back']."'>\n";
+	if (if_group("superadmin")) {
+		echo "	<input type='button' class='btn' alt='".$text['button-manage']."' onclick=\"document.location.href='/core/databases/databases.php';\" value='".$text['button-manage']."'>\n";
+	}
+	echo "		</td>\n";
+	echo "	</tr>\n";
+	echo "	<tr>\n";
+	echo "		<td align='left' colspan='2'>\n";
+	echo "			".$text['description-databases'].".<br /><br />\n";
+	echo "		</td>\n";
+	echo "	</tr>\n";
+	echo "</table>\n";
+
+	//prepare to page the results
+		$sql = "select count(*) as num_rows from v_databases ";
+		if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
+		$prep_statement = $db->prepare($sql);
+		if ($prep_statement) {
+		$prep_statement->execute();
+			$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
+			$num_rows = ($row['num_rows'] > 0) ? $row['num_rows'] : '0';
+		}
+
+	//prepare to page the results
+		$rows_per_page = 100;
+		$param = "";
+		$page = $_GET['page'];
+		if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; }
+		list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page);
+		$offset = $rows_per_page * $page;
+
+	//get the  list
+		$sql = "select * from v_databases ";
+		if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
+		$sql .= "limit $rows_per_page offset $offset ";
+		$prep_statement = $db->prepare(check_sql($sql));
+		$prep_statement->execute();
+		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+		$result_count = count($result);
+		unset ($prep_statement, $sql);
+
+	$c = 0;
+	$row_style["0"] = "row_style0";
+	$row_style["1"] = "row_style1";
+
+	echo "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
+	echo "<tr>\n";
+	echo th_order_by('database_type', $text['label-type'], $order_by, $order);
+	echo th_order_by('database_host', $text['label-host'], $order_by, $order);
+	echo th_order_by('database_name', $text['label-name'], $order_by, $order);
+	echo th_order_by('database_description', $text['label-description'], $order_by, $order);
+	echo "<td class='list_control_icons' style='width: 25px;'>&nbsp;</td>\n";
+	echo "<tr>\n";
+
+	if ($result_count > 0) {
+		foreach($result as $row) {
+			$tr_link = "href='exec.php?id=".$row['database_uuid']."'";
+			echo "<tr ".$tr_link.">\n";
+			echo "	<td valign='top' class='".$row_style[$c]."'>".$row['database_type']."&nbsp;</td>\n";
+			echo "	<td valign='top' class='".$row_style[$c]."'>".$row['database_host']."&nbsp;</td>\n";
+			echo "	<td valign='top' class='".$row_style[$c]."'><a href='exec.php?id=".$row['database_uuid']."'>".$row['database_name']."</a>&nbsp;</td>\n";
+			echo "	<td valign='top' class='row_stylebg'>".$row['database_description']."&nbsp;</td>\n";
+			echo "	<td class='list_control_icons' style='width: 25px;'>";
+			echo "		<a href='exec.php?id=".$row['database_uuid']."' alt='".$text['button-edit']."'>".$v_link_label_edit."</a>\n";
+			echo "	</td>\n";
+			echo "</tr>\n";
+			$c = ($c == 0) ? 1 : 0;
+		} //end foreach
+		unset($sql, $result, $row_count);
+	} //end if results
+
+	echo "</table>";
+	echo "<br><br>";
+
+//include the footer
+	require_once "resources/footer.php";
+?>

sql_query_pdo.php

@@ -0,0 +1,238 @@
+<?php
+/*
+ FusionPBX
+ Version: MPL 1.1
+
+ The contents of this file are subject to the Mozilla Public License Version
+ 1.1 (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+ http://www.mozilla.org/MPL/
+
+ Software distributed under the License is distributed on an "AS IS" basis,
+ WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ for the specific language governing rights and limitations under the
+ License.
+
+ The Original Code is FusionPBX
+
+ The Initial Developer of the Original Code is
+ Mark J Crane <[email protected]>
+ Portions created by the Initial Developer are Copyright (C) 2008-2012
+ the Initial Developer. All Rights Reserved.
+
+ Contributor(s):
+ Mark J Crane <[email protected]>
+ */
+require_once "root.php";
+require_once "resources/require.php";
+require_once "resources/check_auth.php";
+if (if_group("admin") || if_group("superadmin")) {
+	//access granted
+}
+else {
+	echo "access denied";
+	exit;
+}
+
+ //set the default values
+	if (isset($db_file_path) > 0) {
+		$db_path = $db_file_path;
+		$db_name = $dbfilename;
+	}
+
+//get the db connection information
+	if (strlen($_REQUEST['id']) > 0) {
+		$sql = "select * from v_databases ";
+		$sql .= "where database_uuid = '".$_REQUEST['id']."' ";
+		$prep_statement = $db->prepare($sql);
+		$prep_statement->execute();
+		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+		foreach ($result as &$row) {
+			$db_type = $row["database_type"];
+			$db_host = $row["database_host"];
+			$db_port = $row["database_port"];
+			$db_name = $row["database_name"];
+			$db_username = $row["database_username"];
+			$db_password = $row["database_password"];
+			$db_path = $row["database_path"];
+			break;
+		}
+	}
+
+//unset the database connection
+	unset($db);
+
+if (!function_exists('get_db_field_names')) {
+	function get_db_field_names($db, $table, $db_name='fusionpbx') {
+		$query = sprintf('SELECT * FROM %s LIMIT 1', $table);
+		foreach ($db->query($query, PDO::FETCH_ASSOC) as $row) {
+			return array_keys($row);
+		}
+
+		// if we're still here, we need to try something else
+		$fields 	= array();
+		$driver = $db->getAttribute(PDO::ATTR_DRIVER_NAME);
+		if ($driver == 'sqlite') {
+			$query 		= sprintf("Pragma table_info(%s);", $table);
+			$stmt 		= $db->prepare($query);
+			$result 	= $stmt->execute();
+			$rows 		= $stmt->fetchAll(PDO::FETCH_NAMED);
+			//printf('<pre>%s</pre>', print_r($rows, true));
+			$row_count 	= count($rows);
+			//printf('<pre>%s</pre>', print_r($rows, true));
+			for ($i = 0; $i < $row_count; $i++) {
+				array_push($fields, $rows[$i]['name']);
+			}
+			return $fields;
+		} else {
+			$query 		= sprintf("SELECT * FROM information_schema.columns
+			WHERE table_schema='%s' AND table_name='%s';"
+			, $db_name, $table
+			);
+			$stmt 		= $db->prepare($query);
+			$result 	= $stmt->execute();
+			$rows 		= $stmt->fetchAll(PDO::FETCH_NAMED);
+			$row_count 	= count($rows);
+			//printf('<pre>%s</pre>', print_r($rows, true));
+			for ($i = 0; $i < $row_count; $i++) {
+				array_push($fields, $rows[$i]['COLUMN_NAME']);
+			}
+			return $fields;
+		}
+	}
+}
+
+if ($db_type == "sqlite") {
+	if (!function_exists('phpmd5')) {
+		function phpmd5($string) {
+			return md5($string);
+		}
+	}
+
+	if (!function_exists('php_unix_timestamp')) {
+		function php_unix_timestamp($string) {
+			return strtotime($string);
+		}
+	}
+
+	if (!function_exists('phpnow')) {
+		function phpnow() {
+			return date("Y-m-d H:i:s");
+		}
+	}
+
+	if (!function_exists('php_left')) {
+		function php_left($string, $num) {
+			return substr($string, 0, $num);
+		}
+	}
+
+	if (!function_exists('php_right')) {
+		function php_right($string, $num) {
+			return substr($string, (strlen($string)-$num), strlen($string));
+		}
+	}
+
+	if (!function_exists('php_sqlite_data_type')) {
+		function php_sqlite_data_type($string, $field) {
+
+			//get the string between the start and end characters
+			$start = '(';
+			$end = ')';
+			$ini = stripos($string,$start);
+			if ($ini == 0) return "";
+			$ini += strlen($start);
+			$len = stripos($string,$end,$ini) - $ini;
+			$string = substr($string,$ini,$len);
+
+			$str_data_type = '';
+			$string_array = explode(',', $string);
+			foreach($string_array as $lnvalue) {
+				$fieldlistarray = explode (" ", $value);
+				unset($fieldarray, $string, $field);
+			}
+
+			return $str_data_type;
+		}
+	} //end function
+
+	//database connection
+	try {
+		//$db = new PDO('sqlite2:example.db'); //sqlite 2
+		//$db = new PDO('sqlite::memory:'); //sqlite 3
+		$db = new PDO('sqlite:'.realpath($db_path).'/'.$db_name); //sqlite 3
+
+		//add additional functions to SQLite so that they are accessible inside SQL
+		//bool PDO::sqliteCreateFunction ( string function_name, callback callback [, int num_args] )
+		$db->sqliteCreateFunction('md5', 'phpmd5', 1);
+		$db->sqliteCreateFunction('unix_timestamp', 'php_unix_timestamp', 1);
+		$db->sqliteCreateFunction('now', 'phpnow', 0);
+		$db->sqliteCreateFunction('sqlitedatatype', 'php_sqlite_data_type', 2);
+		$db->sqliteCreateFunction('strleft', 'php_left', 2);
+		$db->sqliteCreateFunction('strright', 'php_right', 2);
+	}
+	catch (PDOException $error) {
+		print "error: " . $error->getMessage() . "<br/>";
+		die();
+	}
+} //end if db_type sqlite
+
+if ($db_type == "mysql") {
+	//database connection
+	try {
+		//mysql pdo connection
+			if (strlen($db_host) == 0 && strlen($db_port) == 0) {
+				//if both host and port are empty use the unix socket
+				$db = new PDO("mysql:host=$db_host;unix_socket=/var/run/mysqld/mysqld.sock;dbname=$db_name", $db_username, $db_password);
+			}
+			else {
+				if (strlen($db_port) == 0) {
+					//leave out port if it is empty
+					$db = new PDO("mysql:host=$db_host;dbname=$db_name;", $db_username, $db_password, array(
+					PDO::ATTR_ERRMODE,
+					PDO::ERRMODE_EXCEPTION
+					));
+				}
+				else {
+					$db = new PDO("mysql:host=$db_host;port=$db_port;dbname=$db_name;", $db_username, $db_password, array(
+					PDO::ATTR_ERRMODE,
+					PDO::ERRMODE_EXCEPTION
+					));
+				}
+			}
+	}
+	catch (PDOException $error) {
+		print "error: " . $error->getMessage() . "<br/>";
+		die();
+	}
+} //end if db_type mysql
+
+if ($db_type == "pgsql") {
+	//database connection
+	try {
+		if (strlen($db_host) > 0) {
+			if (strlen($db_port) == 0) { $db_port = "5432"; }
+			$db = new PDO("pgsql:host=$db_host port=$db_port dbname=$db_name user=$db_username password=$db_password");
+		}
+		else {
+			$db = new PDO("pgsql:dbname=$db_name user=$db_username password=$db_password");
+		}
+	}
+	catch (PDOException $error) {
+		print "error: " . $error->getMessage() . "<br/>";
+		die();
+	}
+} //end if db_type pgsql
+
+if ($db_type == "odbc") {
+	//database connection
+		try {
+			unset($db);
+			$db = new PDO("odbc:$db_name", "$db_username", "$db_password");
+		}
+		catch (PDOException $e) {
+		   echo 'Connection failed: ' . $e->getMessage();
+		}
+} //end if db_type odbc
+
+?>

sql_query_result.php

@@ -0,0 +1,267 @@
+<?php
+/*
+	FusionPBX
+	Version: MPL 1.1
+
+	The contents of this file are subject to the Mozilla Public License Version
+	1.1 (the "License"); you may not use this file except in compliance with
+	the License. You may obtain a copy of the License at
+	http://www.mozilla.org/MPL/
+
+	Software distributed under the License is distributed on an "AS IS" basis,
+	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+	for the specific language governing rights and limitations under the
+	License.
+
+	The Original Code is FusionPBX
+
+	The Initial Developer of the Original Code is
+	Mark J Crane <[email protected]>
+	Portions created by the Initial Developer are Copyright (C) 2008-2012
+	the Initial Developer. All Rights Reserved.
+
+	Contributor(s):
+	Mark J Crane <[email protected]>
+*/
+include "root.php";
+require_once "resources/require.php";
+require_once "resources/check_auth.php";
+if (permission_exists('exec_sql')) {
+	//access granted
+}
+else {
+	echo "access denied";
+	exit;
+}
+
+//add multi-lingual support
+	$language = new text;
+	$text = $language->get();
+
+//pdo database connection
+	if (strlen($_REQUEST['id']) > 0) {
+		require_once "sql_query_pdo.php";
+	}
+
+if (count($_POST)>0) {
+	$sql_type = trim($_POST["sql_type"]);
+	$sql_cmd = trim($_POST["cmd"]);
+	$table_name = trim($_POST["table_name"]);
+
+	$header = "<html>\n";
+	$header .= "<head>\n";
+	$header .= "<style type='text/css'>\n";
+	$header .= "\n";
+	$header .= "body {\n";
+	$header .= "	font-family: arial;\n";
+	$header .= "	font-size: 12px;\n";
+	$header .= "	color: #444;\n";
+	$header .= "}\n";
+	$header .= "\n";
+	$header .= "th {\n";
+	$header .= "	border-top: 1px solid #444;\n";
+	$header .= "	border-bottom: 1px solid #444;\n";
+	$header .= "	color: #fff;\n";
+	$header .= "	font-size: 12px;\n";
+	$header .= "	font-family: arial;\n";
+	$header .= "	font-weight: bold;\n";
+	$header .= "	background-color: #777;\n";
+	$header .= "	padding: 4px 7px;\n";
+	$header .= "	text-align: left;\n";
+	$header .= "}\n";
+	$header .= "\n";
+	$header .= ".row_style0 {\n";
+	$header .= "	background-color: #eee;\n";
+	$header .= "	border-bottom: 1px solid #999;\n";
+	$header .= "	border-left: 1px solid #fff;\n";
+	$header .= "	font-size: 12px;\n";
+	$header .= "	color: #444;\n";
+	$header .= "	text-align: left;\n";
+	$header .= "	padding: 4px 7px;\n";
+	$header .= "	text-align: left;\n";
+	$header .= "	vertical-align: top;\n";
+	$header .= "}\n";
+	$header .= "\n";
+	$header .= ".row_style0 a:link{ color:#444; }\n";
+	$header .= ".row_style0 a:visited{ color:#444; }\n";
+	$header .= ".row_style0 a:hover{ color:#444; }\n";
+	$header .= ".row_style0 a:active{ color:#444; }\n";
+	$header .= "\n";
+	$header .= ".row_style1 {\n";
+	$header .= "	border-bottom: 1px solid #999;\n";
+	$header .= "	border-left: 1px solid #eee;\n";
+	$header .= "	background-color: #fff;\n";
+	$header .= "	font-size: 12px;\n";
+	$header .= "	color: #444;\n";
+	$header .= "	text-align: left;\n";
+	$header .= "	padding: 4px 7px;\n";
+	$header .= "	text-align: left;\n";
+	$header .= "	vertical-align: top;\n";
+	$header .= "}\n";
+	$header .= "\n";
+	$header .= "</style>";
+	$header .= "</head>\n";
+	$header .= "<body style='margin: 0; padding: 8;'>\n";
+
+	$footer = "<body>\n";
+	$footer .= "<html>\n";
+
+
+	if ($sql_type == '') {
+
+		echo $header;
+
+		$c = 0;
+		$row_style["0"] = "row_style0";
+		$row_style["1"] = "row_style1";
+
+		//determine queries to run and show
+		if ($sql_cmd != '') { $sql_array = array_filter(explode(";", $sql_cmd)); }
+		if ($table_name != '') { $sql_array[] = "select * from ".$table_name; }
+		$show_query = (sizeof($sql_array) > 1) ? true : false;
+
+		reset($sql_array);
+		foreach($sql_array as $sql_index => $sql) {
+			$sql = trim($sql);
+
+			if (sizeof($sql_array) > 1 || $show_query) {
+				if ($sql_index > 0) { echo "<br /><br /><br />"; }
+				echo "<span style='display: block; padding: 8px; color: green; background-color: #eefff0;'>".$sql.";</span><br />";
+			}
+
+			$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+			try {
+				$prep_statement = $db->prepare(check_sql($sql));
+				$prep_statement->execute();
+				$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
+				echo "<b>".$text['label-records'].": ".count($result)."</b>";
+				echo "<br /><br />\n";
+			}
+			catch(PDOException $e) {
+				echo "<b>".$text['label-error']."</b>";
+				echo "<br /><br />\n";
+				echo $e->getMessage();
+				echo "<br /><br />\n";
+				exit;
+			}
+
+			echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
+			$x = 0;
+			foreach ($result[0] as $key => $value) {
+				echo "<th>".$key."</th>";
+				$column_array[$x++] = $key;
+			}
+
+			$x = 1;
+			foreach ($result as &$row) {
+				if ($x++ > 1000) { break; }
+				echo "<tr>\n";
+				foreach ($column_array as $column_index => $column) {
+					echo "<td class='".$row_style[$c]."' ".(($column_index == 0) ? "style='border-left: none;'" : null).">".$row[$column]."&nbsp;</td>";
+				}
+				echo "</tr>\n";
+				$c = ($c == 0) ? 1 : 0;
+			}
+			echo "</table>\n";
+			echo "<br>\n";
+
+			unset($result, $column_array);
+		}
+		echo $footer;
+	}
+
+	if ($sql_type == "inserts") {
+		echo $header;
+
+		$sql = trim($sql);
+
+		//get the table data
+			$sql = (strlen($sql_cmd) == 0) ? "select * from ".$table_name : $sql_cmd;
+
+			if (strlen($sql) > 0) {
+				$prep_statement = $db->prepare(check_sql($sql));
+				if ($prep_statement) {
+					$prep_statement->execute();
+					$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
+				}
+				else {
+					echo "<b>".$text['label-error']."</b>\n";
+					echo "<br /><br />\n";
+					echo "<pre>".print_r($db->errorInfo(), true)."</pre>\n";
+					echo "<br /><br />\n";
+					exit;
+				}
+
+				$x = 0;
+				foreach ($result[0] as $key => $value) {
+					$column_array[$x++] = $key;
+				}
+
+				$column_array_count = count($column_array);
+
+				foreach ($result as &$row) {
+					echo "insert into ".$table_name." (";
+					$x = 1;
+					foreach ($column_array as $column) {
+						if ($column != "menuid" && $column != "menuparentid") {
+							echo $column.(($x < $column_array_count) ? "," : null);
+						}
+						$x++;
+					}
+					echo ") ";
+					echo "values ( ";
+					$x = 1;
+					foreach ($column_array as $column) {
+						if ($column != "menuid" && $column != "menuparentid") {
+							echo (!is_null($row[$column])) ? "\"".check_str($row[$column])."\"".(($x < $column_array_count) ? ',' : null) : 'null';
+						}
+						$x++;
+					}
+					echo ");<br />\n";
+				}
+			}
+		echo $footer;
+	}
+
+	if ($sql_type == "csv") {
+
+		//set the headers
+			header('Content-type: application/octet-binary');
+			header('Content-Disposition: attachment; filename='.$table_name.'.csv');
+
+		//get the table data
+			$sql = trim($sql);
+			$sql = "select * from ".$table_name;
+			if (strlen($sql) > 0) {
+				$prep_statement = $db->prepare(check_sql($sql));
+				if ($prep_statement) {
+					$prep_statement->execute();
+					$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
+				}
+				else {
+					echo "<b>".$text['label-error']."</b>\n";
+					echo "<br /><br />\n";
+					echo "<pre>".print_r($db->errorInfo(), true)."</pre>\n";
+					echo "<br /><br />\n";
+					exit;
+				}
+
+				$x = 0;
+				foreach ($result[0] as $key => $value) {
+					$column_array[$x++] = $key;
+				}
+				//column names
+				echo '"'.implode('","', $column_array).'"'."\r\n";
+				//column values
+				foreach ($result as &$row) {
+					$x = 1;
+					foreach ($column_array as $column) {
+						echo '"'.check_str($row[$column]).'"'.(($x++ < count($column_array)) ? ',' : null);
+					}
+					echo "\n";
+				}
+			}
+	}
+}
+
+?>