Update sql_query.php

sql_query.php

@@ -31,7 +31,7 @@
 	require_once "resources/check_auth.php";
 
 //permissions
-	if (permission_exists('exec_view')) {
+	if (permission_exists('sql_query')) {
 		//access granted
 	}
 	else {
@@ -51,7 +51,6 @@
 	$setting_numbering = ($_SESSION["editor"]["line_numbers"]["boolean"] != '') ? $_SESSION["editor"]["line_numbers"]["boolean"] : 'true';
 
 //get the html values and set them as variables
-	$handler = ($_REQUEST["handler"] != '') ? trim($_REQUEST["handler"]) : ((permission_exists('exec_switch')) ? 'switch' : null);
 	$code = trim($_POST["code"]);
 	$command = trim($_POST["command"]);
 
@@ -64,20 +63,14 @@
 	}
 
 //set editor moder
-	switch ($handler) {
-		case 'php': $mode = 'php'; break;
-		case 'sql': $mode = 'sql'; break;
-		default: $mode = 'text';
-	}
+	$mode = 'sql';
 
 //show the header
 	require_once "resources/header.php";
 	$document['title'] = $text['title-command'];
 
 //pdo database connection
-	if (permission_exists('exec_sql')) {
-		require_once "sql_query_pdo.php";
-	}
+	require_once "sql_query_pdo.php";
 
 //scripts and styles
 	?>
@@ -86,7 +79,6 @@
 			document.getElementById('command').value = editor.getSession().getValue();
 			if (document.getElementById('mode').value == 'sql') {
 				$('#frm').prop('target', 'iframe').prop('action', 'sql_query_result.php?code='+ document.getElementById('code').value);
-				$('#sql_response').show();
 			}
 			else {
 				if (document.getElementById('command').value == '') {
@@ -124,60 +116,12 @@
 
 		function set_handler(handler) {
 			switch (handler) {
-				<?php if (permission_exists('exec_switch')) { ?>
-					case 'switch':
-						document.getElementById('description').innerHTML = "<?php echo $text['description-switch'];?>";
-						editor.getSession().setMode('ace/mode/text');
-						$('#mode option[value=text]').prop('selected',true);
-						<?php if (permission_exists('exec_sql')) { ?>
-							$('.sql_controls').hide();
-							document.getElementById('sql_type').selectedIndex = 0;
-							document.getElementById('table_name').selectedIndex = 0;
-							$('#iframe').prop('src','');
-							$('#sql_response').hide();
-						<?php } ?>
-						$('#response').show();
-						break;
-				<?php } ?>
-				<?php if (permission_exists('exec_php')) { ?>
-					case 'php':
-						document.getElementById('description').innerHTML = "<?php echo $text['description-php'];?>";
-						editor.getSession().setMode({path:'ace/mode/php', inline:true}); //highlight without opening tag
-						$('#mode option[value=php]').prop('selected',true);
-						<?php if (permission_exists('exec_sql')) { ?>
-							$('.sql_controls').hide();
-							document.getElementById('sql_type').selectedIndex = 0;
-							document.getElementById('table_name').selectedIndex = 0;
-							$('#iframe').prop('src','');
-							$('#sql_response').hide();
-						<?php } ?>
-						$('#response').show();
-						break;
-				<?php } ?>
-				<?php if (permission_exists('exec_command')) { ?>
-					case 'shell':
-						document.getElementById('description').innerHTML = "<?php echo $text['description-shell'];?>";
-						editor.getSession().setMode('ace/mode/text');
-						$('#mode option[value=text]').prop('selected',true);
-						<?php if (permission_exists('exec_sql')) { ?>
-							$('.sql_controls').hide();
-							document.getElementById('sql_type').selectedIndex = 0;
-							document.getElementById('table_name').selectedIndex = 0;
-							$('#iframe').prop('src','');
-							$('#sql_response').hide();
-						<?php } ?>
-						$('#response').show();
-						break;
-				<?php } ?>
-				<?php if (permission_exists('exec_sql')) { ?>
-					case 'sql':
-						document.getElementById('description').innerHTML = "<?php echo $text['description-sql'];?>";
-						editor.getSession().setMode('ace/mode/sql');
-						$('#mode option[value=sql]').prop('selected',true);
-						$('.sql_controls').show();
-						$('#response').hide();
-						break;
-				<?php } ?>
+				case 'sql':
+					document.getElementById('description').innerHTML = "<?php echo $text['description-sql'];?>";
+					editor.getSession().setMode('ace/mode/sql');
+					$('#mode option[value=sql]').prop('selected',true);
+					$('#response').hide();
+					break;
 				default:
 					break;
 			}
@@ -186,12 +130,7 @@
 
 		function reset_editor() {
 			editor.getSession().setValue('');
-			$('#command').val('');
-			$('#response').hide();
-			<?php if (permission_exists('exec_sql')) { ?>
-				$('#iframe').prop('src','');
-				$('#sql_response').hide();
-			<?php } ?>
+			$('#iframe').prop('src','');
 			focus_editor();
 		}
 	</script>
@@ -238,56 +177,38 @@
 	echo "				<img src=\"data:image/png;base64, ".$image_base64."\" /><input type='text' class='txt' style='width: 150px; margin-left: 15px;' name='code' id='code' value=''>\n";
 	echo "				&nbsp; &nbsp; &nbsp;\n";
 
-	if (permission_exists('exec_switch') || permission_exists('exec_php') || permission_exists('exec_command') || permission_exists('exec_sql')) {
-		echo "				<select name='handler' id='handler' class='formfld' style='width:100px;' onchange=\"handler=this.value;set_handler(this.value);\">\n";
-		if (permission_exists('exec_switch')) { echo "<option value='switch' ".(($handler == 'switch') ? "selected='selected'" : null).">".$text['label-switch']."</option>\n"; }
-		if (permission_exists('exec_php')) { echo "<option value='php' ".(($handler == 'php') ? "selected='selected'" : null).">".$text['label-php']."</option>\n"; }
-		if (permission_exists('exec_command')) { echo "<option value='shell' ".(($handler == 'shell') ? "selected='selected'" : null).">".$text['label-shell']."</option>\n"; }
-		if (permission_exists('exec_sql')) { echo "<option value='sql' ".(($handler == 'sql') ? "selected='selected'" : null).">".$text['label-sql']."</option>\n"; }
-		echo "				</select>\n";
-	}
-
 	//sql controls
-	if (permission_exists('exec_sql')) {
-		echo "				<span class='sql_controls' ".(($handler != 'sql') ? "style='display: none;'" : null).">";
-		//echo "					".$text['label-table']."<br />";
-		echo "					<select name='table_name' id='table_name' class='formfld'>\n";
-		echo "						<option value=''></option>\n";
-		switch ($db_type) {
-			case 'sqlite': $sql = "select name from sqlite_master where type='table' order by name;"; break;
-			case 'pgsql': $sql = "select table_name as name from information_schema.tables where table_schema='public' and table_type='BASE TABLE' order by table_name"; break;
-			case 'mysql': $sql = "show tables"; break;
-		}
-		$database = new database;
-		$result = $database->select($sql, null, 'all');
-		if (is_array($result) && @sizeof($result) != 0) {
-			foreach ($result as &$row) {
-				$row = array_values($row);
-				echo "					<option value='".escape($row[0])."'>".escape($row[0])."</option>\n";
-			}
+	echo "				<span class='sql_controls'>";
+	//echo "					".$text['label-table']."<br />";
+	echo "					<select name='table_name' id='table_name' class='formfld'>\n";
+	echo "						<option value=''></option>\n";
+	switch ($db_type) {
+		case 'sqlite': $sql = "select name from sqlite_master where type='table' order by name;"; break;
+		case 'pgsql': $sql = "select table_name as name from information_schema.tables where table_schema='public' and table_type='BASE TABLE' order by table_name"; break;
+		case 'mysql': $sql = "show tables"; break;
+	}
+	$database = new database;
+	$result = $database->select($sql, null, 'all');
+	if (is_array($result) && @sizeof($result) != 0) {
+		foreach ($result as &$row) {
+			$row = array_values($row);
+			echo "					<option value='".escape($row[0])."'>".escape($row[0])."</option>\n";
 		}
-		unset($sql, $result, $row);
-		echo "					</select>\n";
-		//echo "					<br /><br />\n";
-		//echo "					".$text['label-result_type']."<br />";
-		echo "					<select name='sql_type' id='sql_type' class='formfld'>\n";
-		echo "						<option value=''>".$text['option-result_type_view']."</option>\n";
-		echo "						<option value='csv'>".$text['option-result_type_csv']."</option>\n";
-		echo "						<option value='inserts'>".$text['option-result_type_insert']."</option>\n";
-		echo "					</select>\n";
-		echo "				</span>";
 	}
-	echo "					<input type='button' class='btn' style='margin-top: 0px;' title=\"".$text['button-execute']." [Ctrl+Enter]\" value=\"    ".$text['button-execute']."    \" onclick=\"$('form#frm').submit();\">";
-	echo "					<input type='button' class='btn' style='margin-top: 0px;' title=\"\" value=\"    ".$text['button-reset']."    \" onclick=\"reset_editor();\">";
-
-	//if (permission_exists('exec_sql')) {
-	//	echo "			<span class='sql_controls' ".(($handler != 'sql') ? "style='display: none;'" : null).">";
-	//	//echo "				<input type='button' class='btn' alt='".$text['button-select_database']."' onclick=\"document.location.href='sql_query_db.php'\" value='".$text['button-select_database']."'>\n";
-	//	if (permission_exists('exec_sql_backup')) {
-	//		echo "			<input type='button' class='btn' alt='".$text['button-backup']."' onclick=\"document.location.href='sql_backup.php".((strlen($_REQUEST['id']) > 0) ? "?id=".$_REQUEST['id'] : null)."'\" value='".$text['button-backup']."'>\n";
-	//	}
-	//	echo "			</span>";
-	//}
+	unset($sql, $result, $row);
+	echo "					</select>\n";
+	//echo "					<br /><br />\n";
+	//echo "					".$text['label-result_type']."<br />";
+	echo "					<select name='sql_type' id='sql_type' class='formfld'>\n";
+	echo "						<option value=''>".$text['option-result_type_view']."</option>\n";
+	echo "						<option value='csv'>".$text['option-result_type_csv']."</option>\n";
+	echo "						<option value='inserts'>".$text['option-result_type_insert']."</option>\n";
+	echo "					</select>\n";
+	echo "				</span>";
+
+	echo "				<input type='button' class='btn' style='margin-top: 0px;' title=\"".$text['button-execute']." [Ctrl+Enter]\" value=\"    ".$text['button-execute']."    \" onclick=\"$('form#frm').submit();\">";
+	echo "				<input type='button' class='btn' style='margin-top: 0px;' title=\"\" value=\"    ".$text['button-reset']."    \" onclick=\"reset_editor();\">";
+
 	echo "		</td>";
 	echo "	</tr>";
 	echo "	<tr><td colspan='2'>\n";
@@ -456,51 +377,12 @@
 
 <?php
 
-//show the result
-	if (is_array($_POST)) {
-		if ($command != '') {
-			$result = '';
-			switch ($handler) {
-				case 'shell':
-					if (permission_exists('exec_command') && $command_authorized) {
-						$result = shell_exec($command . " 2>&1");
-					}
-					break;
-				case 'php':
-					if (permission_exists('exec_php') && $command_authorized) {
-						ob_start();
-						eval($command);
-						$result = ob_get_contents();
-						ob_end_clean();
-					}
-					break;
-				case 'switch':
-					if (permission_exists('exec_switch') && $command_authorized) {
-						$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
-						if ($fp) { 
-							$result = event_socket_request($fp, 'api '.$command);
-						}
-					}
-					break;
-			}
-			if ($result != '') {
-				echo "<span id='response'>";
-				echo "<b>".$text['label-response']."</b>\n";
-				echo "<br /><br />\n";
-				echo ($handler == 'switch') ? "<textarea style='width: 100%; height: 450px; font-family: monospace; padding: 15px;' wrap='off'>".$result."</textarea>\n" : "<pre>".escape($result)."</pre>";
-				echo "</span>";
-			}
-		}
-	}
-
 //sql result
-	if (permission_exists('exec_sql')) {
-		echo "<span id='sql_response' style='display: none;'>";
-		echo "<b>".$text['label-results']."</b>\n";
-		echo "<br /><br />\n";
-		echo "<iframe name='iframe' id='iframe' style='width: calc(100% - 3px); height: 500px; background-color: #fff; border: 1px solid #c0c0c0;'></iframe>\n";
-		echo "</span>";
-	}
+	echo "<span id='sql_response'>";
+	//echo "<b>".$text['label-results']."</b>\n";
+	//echo "<br /><br />\n";
+	echo "<iframe name='iframe' id='iframe' style='width: calc(100% - 3px); height: 500px; background-color: #fff; border: 0px solid #c0c0c0;'></iframe>\n";
+	echo "</span>";
 
 //show the footer
 	require_once "resources/footer.php";