-
Notifications
You must be signed in to change notification settings - Fork 0
/
SqlQuery.php
93 lines (78 loc) · 3.15 KB
/
SqlQuery.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
<?php
//Values to use to connect to the db
$host = 'zac353.encs.concordia.ca';
$username = 'zac353_4';
$password = 'K1cKAl35';
$dbname = 'zac353_4';
//Checks if a session is already taking place. If not, starts a session.
if (empty(session_id()) && !headers_sent()) {
session_start();
}
//Checking if a custom query has been posted.
if (isset($_POST['query'])) {
$query = $_POST['query'];
//Setting up a connection to the database.
$connection = new mysqli($host, $username, $password, $dbname);
if ($connection->connect_error) {
die("The connection failed");
}
//Pulling the query and storing it.
$result = $connection->query($query);
//If statement will check if the query has run successfully.
if ($result) {
//checking if the query is a select query
if (stripos(trim($query), "select") === 0) {
//Getting the number of columns in the table and setting up the output.
$output = "<h2>Query Results</h2>";
$nbrofColumns = mysqli_num_fields($result);
$output .= "<table>";
$output .= "<tr>";
//fetching the column name and setting up the table
for ($i = 0; $i < $nbrofColumns; $i++) {
$output .= "<th>" . mysqli_fetch_field_direct($result, $i)->name . "</th>";
}
$output .= "</tr>";
//fetching the row and inserting the value
while ($row = mysqli_fetch_row($result)) {
$output .= "<tr>";
for ($i = 0; $i < $nbrofColumns; $i++) {
$output .= "<td>" . $row[$i] . "</td>";
}
$output .= "</tr>";
}
$output .= "</table>";
} else { //if it is not a select query, then we do not need to display a table.
$output = "<p>Successful query</p>";
}
} else {
$output = "<p>There has been an error, error code is : " . mysqli_error($connection) . "</p>";
}
//Adds it to the output history
$_SESSION['query_output'][] = "<details><summary>Custom Query: $query</summary>$output</details>";
//Closing the connection to the db
$connection->close();
} else if (isset($_POST['submit'])) { // Checking if a query other than select has been run.
$query = $_POST['query'];
//Setting up a connection to the database.
$connection = new mysqli($host, $username, $password, $dbname);
if ($connection->connect_error) {
die("Connection failed");
}
// Execute the query
$result = $connection->query($query);
//Since we expect only an insert/create or delete, we know the query is successfull if it returns true.
if ($result) {
$output = "<p>Successful query</p>";
} else {
$output = "<p>There has been an error, error code is : " . mysqli_error($connection) . "</p>";
}
//Adds it to the output history
$_SESSION['query_output'][] = "<details><summary>Insert/Create/Delete Query: $query</summary>$output</details>";
//Closing the connection to the db
$connection->close();
}
// Clear session
if (isset($_POST['clear_session'])) {
session_unset();
session_destroy();
}