단순디비검색및 쿼리브라우져..
보안에 취약..필히 관리자세션체킹..
show table 결과가 항상위에위치함.
-------------------------------------
<?php
include "configs.php";
//함수라이브러리
$db_con=start();
require "login_admin.php";
//관리세션체크
if( AUTH_ADMIN()){
$_content = "";
$_pre_qry = " select * from `TBL_NAME` order by 1 desc limit 0,100 "; //초기입력값
$_Rs = query("show tables",$db_con); // 선택디비
테이블목록출력
$_cnt = mysql_num_rows($_Rs);
$i=0;
$_contents = "<div class='body'><table border='0' width='100%'>";
while($i < $_cnt ){
$_res = mysql_fetch_row($_Rs);
$cc = count($_res);
if($i == 0){
$_contents .="<tr class='header'>";
for($co=0; $co < $cc ; $co++){
$_contents .="<td colspan='5'>".mysql_field_name($_Rs, $co )."</td>";
}
$_contents .="</tr>";
}
if($i % 5 == "0"){
$_contents .="<tr>";
}
for($o=0 ; $o < $cc ; $o++){
$_contents .="<td height='18'> ".$_res[$o]." </td>";
}
if($i % 5 == "4"){
$_contents .="</tr>";
}
$i++;
}
$_contents .="</table></div>";
$_infos =$_contents;
if($_POST['mode'] == "_Qry") {
$_qry = stripslashes($_POST['_Val']);
$_pre_qry = $_qry;
$_old_qry = $_qry."\n-------------------------\n".stripslashes($_POST['_OVal']);
$_Rs1 = query($_qry,$db_con);
if(eregi("update" ,$_qry ) || eregi("delete" ,$_qry ) ){
$_row_cnt = mysql_affected_rows($db_con);
$_content = "
<br><div class='cell'>Result : Affected <b>".$_row_cnt."</b>Data !</div>";
}else{
if($_cnt1 = mysql_num_rows($_Rs1)) {
$i=0;
$_contents1 = "<div class='cell'>Result : ".$_cnt1." Rows</div>";
while($i < $_cnt1 ){
$_res1 = mysql_fetch_row($_Rs1);
$cc = count($_res1);
if($i == 0){
$_contents1 .="<table cellspacing='1' cellpadding='1' bgcolor='#EaEaEa' border='0'><tr>";
for($co=0; $co < $cc ; $co++){
$_contents1 .="<td class='header'>".mysql_field_name($_Rs1, $co )."</td>";
}
$_contents1 .="</tr>";
}
$_contents1 .="<tr>";
for($o=0 ; $o < $cc ; $o++){
$_contents1 .="
<td class='cell' height='18' nowrap> ".$_res1[$o]." </td>";
}
$_contents1 .="</tr>";
$i++;
}
$_contents1 .="</table><div class='cell'>Result : ".$_cnt1." Rows</div>";;
$_content = $_contents1;
}else{
$_content = "<br><div class='cell'>Result : No Data !</div>";
}
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title> <?=$_SERVER['HTTP_HOST']?>_ Simple Qry
Browser.. </title>
<meta http-equiv="Content-Type" content="text/html; charset=euc-kr" />
<link rel="stylesheet" type="text/css" href='../css.css' />
<style type='text/css'>
td{
font-size:11px;
font-family:Tahoma;
}
.header{
border:1px solid #D0D0D0;
padding:5px;
background-color:#DFDFDF;
font-weight:bold;
font-size:11px;
font-family:Tahoma;
}
.body{
border:1px solid #DFDFDF;
padding:0px;
font-size:11px;
font-family:Tahoma;
}
.cell{
border:0px solid #DFDFDF;
padding:0px;
background-color:#FFFFFF;
font-size:11px;
font-family:Tahoma;
}
.text{
border:1px solid #DFDFDF;
padding:0px;
background-color:#FFFFFF;
font-size:11px;
font-family:Tahoma;
width:580px;
}
</style>
</head>
<body bgcolor='' background='' leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<div style='padding:10px;width:600px;'>
<?=$_infos?>
<hr>
<form method=post action="<?=$PHP_SELF?>">
<input type="hidden" name='mode' value='_Qry' />
<div class='cell'><strong>Qry Input..</strong><textarea name="_Val" rows="2" cols="70" class='text'><?=$_pre_qry?></textarea></div>
<div style='padding:5px;' >
<input type="submit" value='Execute Now!' />
<input type="button" value='Reset' onclick="location.replace('<?=$PHP_SELF?>')" />
</div>
<div class='cell'><strong>History..</strong> <textarea name="_OVal" rows="10" cols="70" readonly class='text'><?=$_old_qry?></textarea></div>
<hr>
<?=$_content?>
<br><br>
</form>
</div>
</body>
</html>
<?}?>
-------------------------------------
'프로그램.코딩' 카테고리의 다른 글
| Snoopy 소켓 클래스 라이브러리 (0) | 2007.09.20 |
|---|---|
| 플래시8을 이용한 업로더.. (0) | 2007.09.03 |
| mysql Dump 용 간단스크립제작 (0) | 2007.08.24 |
| latin1_swedish_ci >>> euckr (0) | 2007.08.20 |
| mime 타입 헤더정보보낼때 유용 (0) | 2006.10.16 |
댓글