-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathKySQL.php
102 lines (82 loc) · 2.63 KB
/
KySQL.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
// ------------------------------------------------------------------------
// KySQL.php - KRL MySQL Module
//
// Ed Orcutt, LOBOSLLC
// ------------------------------------------------------------------------
error_reporting(0);
$THEKEY = "YOUR-KEY-HERE";
$dbhost = "localhost";
$rowcnt = 0;
// ========================================================================
// It all begins here
// --------------------------------------------
// Access key is required to proceed ...
if(!isset($_POST['kykey']) || $_POST['kykey'] != $THEKEY) {
unauthorized();
exit;
}
// --------------------------------------------
// soak in the passed variables or set our own
$dbuser = isset($_POST['dbuser']) ? $_POST['dbuser'] : "";
$dbpass = isset($_POST['dbpass']) ? $_POST['dbpass'] : "";
$dbname = isset($_POST['dbname']) ? $_POST['dbname'] : "";
$kquery = isset($_POST['kquery']) ? stripslashes($_POST['kquery']) : "";
// Make connection to database ...
$dblink = mysql_connect($dbhost,$dbuser,$dbpass);
if (!$dblink) {
serviceUnavailable(mysql_error());
exit;
};
// Select database to use ...
$dbselect = mysql_select_db($dbname,$dblink);
if (!$dbselect) {
serviceUnavailable(mysql_error($dblink));
exit;
};
// Query the database ...
$dbresult = mysql_query($kquery,$dblink);
if (!$dbresult) {
serviceUnavailable(mysql_error($dblink));
exit;
};
// INSERT, UPDATE, DELETE
if ( substr(strtoupper($kquery),0,6) == 'INSERT' ||
substr(strtoupper($kquery),0,5) == 'UPDATE' ||
substr(strtoupper($kquery),0,5) == 'DELETE') {
exit;
};
// SELECT
if ( substr(strtoupper($kquery),0,6) == 'SELECT') {
$rowcnt = mysql_num_rows($dbresult);
};
// create one master array of the records
$rows = array();
if(mysql_num_rows($dbresult)) {
while($row = mysql_fetch_assoc($dbresult)) {
$rows[] = $row;
}
}
// output in JSON format
header('Content-type: application/json');
header('row-count: ' . $rowcnt);
echo json_encode(array('results'=>$rows));
// Close database connection ...
mysql_close($dblink);
// ========================================================================
// There are support routines
// --------------------------------------------
// Send a HTTP 401 response header.
function unauthorized() {
header('HTTP/1.0 401 Unauthorized');
}
// --------------------------------------------
// Send a HTTP 503 response header.
function serviceUnavailable($msg) {
header('HTTP/1.0 503 Service Unavailable');
header('status-message: ' . $msg);
}
// ------------------------------------------------------------------------
// Beyond here there be dragons :)
// ------------------------------------------------------------------------
?>