.
//
// ////////////////////////////////////////////////////////////////////////
//
// Please report any bugs you may encounter to our issue tracker here:
// https://bitbucket.org/phpliteadmin/public/issues?status=new&status=open
//
// This is sample configuration file
//
// You can configure phpliteadmin in one of 2 ways:
// 1. Rename phpliteadmin.config.sample.php to phpliteadmin.config.php and change parameters in there.
// You can set only your custom settings in phpliteadmin.config.php. All other settings will be set to defaults.
// 2. Change parameters directly in main phpliteadmin.php file
//
// Please see https://bitbucket.org/phpliteadmin/public/wiki/Configuration for more details
//password to gain access
$password = '';
//directory relative to this file to search for databases (if false, manually list databases in the $databases variable)
$directory = false;
//whether or not to scan the subdirectories of the above directory infinitely deep
$subdirectories = false;
//if the above $directory variable is set to false, you must specify the databases manually in an array as the next variable
//if any of the databases do not exist as they are referenced by their path, they will be created automatically
$databases = array(
array(
'path'=> '../data/data.db',
'name'=> 'php-epg'
),
);
/* ---- Interface settings ---- */
// Theme! If you want to change theme, save the CSS file in same folder of phpliteadmin or in folder "themes"
$theme = 'phpliteadmin.css';
// the default language! If you want to change it, save the language file in same folder of phpliteadmin or in folder "languages"
// More about localizations (downloads, how to translate etc.): https://bitbucket.org/phpliteadmin/public/wiki/Localization
$language = 'en';
// set default number of rows. You need to relog after changing the number
$rowsNum = 500;
// reduce string characters by a number bigger than 10
$charsNum = 300;
// maximum number of SQL queries to save in the history
$maxSavedQueries = 10;
/* ---- Custom functions ---- */
//a list of custom functions that can be applied to columns in the databases
//make sure to define every function below if it is not a core PHP function
$custom_functions = array(
'md5', 'sha1', 'time', 'strtotime',
// add the names of your custom functions to this array
/* 'leet_text', */
);
// define your custom functions here
/*
function leet_text($value)
{
return strtr($value, 'eaAsSOl', '344zZ01');
}
*/
/* ---- Advanced options ---- */
//changing the following variable allows multiple phpLiteAdmin installs to work under the same domain.
$cookie_name = 'pla3412';
//whether or not to put the app in debug mode where errors are outputted
$debug = false;
// the user is allowed to create databases with only these extensions
$allowed_extensions = array('db','db3','sqlite','sqlite3');
// English language-texts.
// Read our wiki on how to translate: https://bitbucket.org/phpliteadmin/public/wiki/Localization
$lang = array(
"direction" => "LTR",
"date_format" => 'g:ia \o\n F j, Y (T)', // see http://php.net/manual/en/function.date.php for what the letters stand for
"ver" => "版本",
"for" => "for",
"to" => "to",
"go" => "执行",
"yes" => "是",
"no" => "否",
"sql" => "SQL",
"csv" => "CSV",
"csv_tbl" => "Table that CSV pertains to",
"srch" => "搜索",
"srch_again" => "继续搜索",
"login" => "登录",
"logout" => "登出",
"view" => "预览",
"confirm" => "确认",
"cancel" => "取消",
"save_as" => "另存为",
"options" => "选项",
"no_opt" => "无选项",
"help" => "帮助",
"installed" => "已安装",
"not_installed" => "未安装",
"done" => "完成",
"insert" => "插入",
"export" => "导出",
"import" => "导入",
"rename" => "重命名",
"empty" => "清空表",
"drop" => "删除表",
"tbl" => "数据表",
"chart" => "图表",
"err" => "错误",
"act" => "动作",
"rec" => "数据量",
"col" => "所在列",
"cols" => "列",
"rows" => "行",
"edit" => "编辑",
"del" => "删除",
"add" => "添加",
"backup" => "备份数据库为文件",
"before" => "Before",
"after" => "After",
"passwd" => "密码",
"passwd_incorrect" => "密码错误",
"chk_ext" => "Checking supported SQLite PHP extensions",
"autoincrement" => "自动递增",
"not_null" => "不为 NULL",
"attention" => "Attention",
"none" => "None",
"as_defined" => "As defined",
"expression" => "Expression",
"sqlite_ext" => "SQLite 扩展",
"sqlite_ext_support" => "It appears that none of the supported SQLite library extensions are available in your installation of PHP. You may not use %s until you install at least one of them.",
"sqlite_v" => "数据库版本",
"sqlite_v_error" => "It appears that your database is of SQLite version %s but your installation of PHP does not contain the necessary extensions to handle this version. To fix the problem, either delete the database and allow %s to create it automatically or recreate it manually as SQLite version %s.",
"report_issue" => "The problem cannot be diagnosed properly. Please file an issue report at",
"sqlite_limit" => "Due to the limitations of SQLite, only the field name and data type can be modified.",
"php_v" => "PHP 版本",
"new_version" => "There is a new version!",
"db_dump" => "database dump",
"db_f" => "数据库文件",
"db_ch" => "更改数据库",
"db_event" => "Database Event",
"db_name" => "数据库名称",
"db_rename" => "重命名数据库",
"db_renamed" => "Database '%s' has been renamed to",
"db_del" => "删除数据库",
"db_path" => "数据库目录",
"db_size" => "数据库大小",
"db_mod" => "数据库上次修改时间",
"db_create" => "创建新的数据库",
"db_vac" => "The database, '%s', has been VACUUMed.",
"db_not_writeable" => "The database, '%s', does not exist and cannot be created because the containing directory, '%s', is not writable. The application is unusable until you make it writable.",
"db_setup" => "There was a problem setting up your database, %s. An attempt will be made to find out what's going on so you can fix the problem more easily",
"db_exists" => "A database, other file or directory of the name '%s' already exists.",
"exported" => "已导出",
"struct" => "结构",
"struct_for" => "structure for",
"on_tbl" => "on table",
"data_dump" => "Data dump for",
"backup_hint" => "提示:要备份数据库,最简单的方法是 %s.",
"backup_hint_linktext" => "下载数据库文件",
"total_rows" => "总共有 %s 行",
"total" => "总数",
"not_dir" => "The directory you specified to scan for databases does not exist or is not a directory.",
"bad_php_directive" => "It appears that the PHP directive, 'register_globals' is enabled. This is bad. You need to disable it before continuing.",
"page_gen" => "Page generated in %s seconds.",
"powered" => "Powered by",
"free_software" => "This is free software.",
"please_donate" => "Please donate.",
"remember" => "Remember me",
"no_db" => "Welcome to %s. It appears that you have selected to scan a directory for databases to manage. However, %s could not find any valid SQLite databases. You may use the form below to create your first database.",
"no_db2" => "The directory you specified does not contain any existing databases to manage, and the directory is not writable. This means you can't create any new databases using %s. Either make the directory writable or manually upload databases to the directory.",
"create" => "创建",
"created" => "has been created",
"create_tbl" => "创建新的数据表",
"create_tbl_db" => "在数据库中创建新的数据表",
"create_trigger" => "Creating new trigger on table",
"create_index" => "在数据表中创建索引",
"create_index1" => "创建索引",
"create_view" => "Create new view on database",
"trigger" => "Trigger",
"triggers" => "Triggers",
"trigger_name" => "Trigger name",
"trigger_act" => "Trigger Action",
"trigger_step" => "Trigger Steps (semicolon terminated)",
"when_exp" => "WHEN expression (type expression without 'WHEN')",
"index" => "Index",
"indexes" => "Indexes",
"index_name" => "索引名称",
"name" => "名称",
"unique" => "Unique",
"seq_no" => "Seq. No.",
"emptied" => "has been emptied",
"dropped" => "has been dropped",
"renamed" => "has been renamed to",
"altered" => "has been altered successfully",
"inserted" => "已插入",
"deleted" => "已删除",
"affected" => "affected",
"blank_index" => "Index name must not be blank.",
"one_index" => "You must specify at least one index column.",
"docu" => "使用文档",
"license" => "版权许可证",
"proj_site" => "项目主页",
"bug_report" => "This may be a bug that needs to be reported at",
"return" => "返回",
"browse" => "浏览",
"fld" => "字段",
"fld_num" => "Number of Fields",
"fields" => "字段",
"type" => "类型",
"operator" => "运算符",
"val" => "值",
"update" => "更新",
"comments" => "数据库备注",
"specify_fields" => "You must specify the number of table fields.",
"specify_tbl" => "You must specify a table name.",
"specify_col" => "You must specify a column.",
"tbl_exists" => "Table of the same name already exists.",
"show" => "显示",
"show_rows" => "显示 %s 行. ",
"showing" => "显示",
"showing_rows" => "显示行数范围",
"query_time" => "(本次搜查询共耗时 %s 秒)",
"syntax_err" => "There is a problem with the syntax of your query (Query was not executed)",
"run_sql" => "对数据库 '%s' 执行SQL语句",
"recent_queries" => "最近查询语句",
"full_texts" => "Show full texts",
"no_full_texts" => "Shorten long texts",
"ques_empty" => "是否要清空数据表 '%s'?",
"ques_drop" => "是否要删除数据表 '%s'?",
"ques_drop_view" => "是否要删除视图 '%s'?",
"ques_del_rows" => "是否要删除行 %s 在数据表 '%s' 中?",
"ques_del_db" => "是否要删除数据库 '%s'?",
"ques_column_delete" => "是否要删除列 %s 在数据表 '%s' 中?",
"ques_del_index" => "是否要删除索引 '%s'?",
"ques_del_trigger" => "是否要删除触发器 '%s'?",
"ques_primarykey_add" => "是否要添加主键列 %s 在数据表 '%s' 中?",
"export_struct" => "导出结构",
"export_data" => "导出数据",
"add_drop" => "添加清除表",
"add_transact" => "添加事务",
"fld_terminated" => "Fields terminated by",
"fld_enclosed" => "Fields enclosed by",
"fld_escaped" => "Fields escaped by",
"fld_names" => "Field names in first row",
"rep_null" => "Replace NULL by",
"rem_crlf" => "Remove CRLF characters within fields",
"put_fld" => "Put field names in first row",
"null_represent" => "NULL represented by",
"import_suc" => "导入成功",
"import_into" => "导入到",
"import_f" => "使用文件导入",
"rename_tbl" => "重命名表 '%s' 为",
"rows_records" => "行, 开始行数(0为第一行)为 ",
"rows_aff" => "行 被修改",
"as_a" => "在",
"readonly_tbl" => "'%s' is a view, which means it is a SELECT statement treated as a read-only table. You may not edit or insert records.",
"chk_all" => "全选",
"unchk_all" => "取消全选",
"with_sel" => "选定的项目执行",
"no_tbl" => "数据库中没有数据表",
"no_chart" => "If you can read this, it means the chart could not be generated. The data you are trying to view may not be appropriate for a chart.",
"no_rows" => "There are no rows in the table for the range you selected.",
"no_sel" => "您未选择任何数据",
"chart_type" => "Chart Type",
"chart_bar" => "Bar Chart",
"chart_pie" => "Pie Chart",
"chart_line" => "Line Chart",
"lbl" => "Labels",
"empty_tbl" => "This table is empty.",
"click" => "Click here",
"insert_rows" => "to insert rows.",
"restart_insert" => "本页显示插入框数量为",
"ignore" => "忽略",
"func" => "函数",
"new_insert" => "插入新行",
"save_ch" => "保存更改",
"def_val" => "默认值",
"prim_key" => "主键",
"tbl_end" => "个字段在表末尾",
"query_used_table" => "创建表语句",
"query_used_view" => "Query used to create this view",
"create_index2" => "创建一个索引在第",
"create_trigger2" => "创建一个新的触发器",
"new_fld" => "Adding new field(s) to table '%s'",
"add_flds" => "Add Fields",
"edit_col" => "Editing column '%s'",
"vac" => "Vacuum",
"vac_desc" => "Large databases sometimes need to be VACUUMed to reduce their footprint on the server. Click the button below to VACUUM the database '%s'.",
"event" => "Event",
"each_row" => "For Each Row",
"define_index" => "Define index properties",
"dup_val" => "Duplicate values",
"allow" => "Allowed",
"not_allow" => "Not Allowed",
"asc" => "Ascending",
"desc" => "Descending",
"warn0" => "You have been warned.",
"warn_passwd" => "You are using the default password, which can be dangerous. You can change it easily at the top of %s.",
"warn_dumbass" => "You didn't change the value dumbass ;-)",
"counting_skipped" => "Counting of records has been skipped for some tables because your database is comparably big and some tables don't have primary keys assigned to them so counting might be slow. Add a primary key to these tables or %sforce counting%s.",
"sel_state" => "Select Statement",
"delimit" => "分隔符",
"back_top" => "Back to Top",
"choose_f" => "Choose File",
"instead" => "Instead of",
"define_in_col" => "Define index column(s)",
"delete_only_managed" => "You can only delete databases managed by this tool!",
"rename_only_managed" => "You can only rename databases managed by this tool!",
"db_moved_outside" => "You either tried to move the database into a directory where it cannot be managed anylonger, or the check if you did this failed because of missing rights.",
"extension_not_allowed" => "The extension you provided is not within the list of allowed extensions. Please use one of the following extensions",
"add_allowed_extension" => "You can add extensions to this list by adding your extension to \$allowed_extensions in the configuration.",
"directory_not_writable" => "The database-file itself is writable, but to write into it, the containing directory needs to be writable as well. This is because SQLite puts temporary files in there for locking.",
"tbl_inexistent" => "Table %s does not exist",
// errors that can happen when ALTER TABLE fails. You don't necessarily have to translate these.
"alter_failed" => "Altering of Table %s failed",
"alter_tbl_name_not_replacable" => "could not replace the table name with the temporary one",
"alter_no_def" => "no ALTER definition",
"alter_parse_failed" =>"failed to parse ALTER definition",
"alter_action_not_recognized" => "ALTER action could not be recognized",
"alter_no_add_col" => "no column to add detected in ALTER statement",
"alter_pattern_mismatch"=>"Pattern did not match on your original CREATE TABLE statement",
"alter_col_not_recognized" => "could not recognize new or old column name",
"alter_unknown_operation" => "Unknown ALTER operation!",
/* Help documentation */
"help_doc" => "帮助文档",
"help1" => "SQLite Library Extensions",
"help1_x" => "%s uses PHP library extensions that allow interaction with SQLite databases. Currently, %s supports PDO, SQLite3, and SQLiteDatabase. Both PDO and SQLite3 deal with version 3 of SQLite, while SQLiteDatabase deals with version 2. So, if your PHP installation includes more than one SQLite library extension, PDO and SQLite3 will take precedence to make use of the better technology. However, if you have existing databases that are of version 2 of SQLite, %s will be forced to use SQLiteDatabase for only those databases. Not all databases need to be of the same version. During the database creation, however, the most advanced extension will be used.",
"help2" => "创建新的数据库",
"help2_x" => "When you create a new database, the name you entered will be appended with the appropriate file extension (.db, .db3, .sqlite, etc.) if you do not include it yourself. The database will be created in the directory you specified as the \$directory variable.",
"help3" => "Tables vs. Views",
"help3_x" => "On the main database page, there is a list of tables and views. Since views are read-only, certain operations will be disabled. These disabled operations will be apparent by their omission in the location where they should appear on the row for a view. If you want to change the data for a view, you need to drop that view and create a new view with the appropriate SELECT statement that queries other existing tables. For more information, see http://en.wikipedia.org/wiki/View_(database)",
"help4" => "Writing a Select Statement for a New View",
"help4_x" => "When you create a new view, you must write an SQL SELECT statement that it will use as its data. A view is simply a read-only table that can be accessed and queried like a regular table, except it cannot be modified through insertion, column editing, or row editing. It is only used for conveniently fetching data.",
"help5" => "导出数据结构为文件",
"help5_x" => "During the process for exporting to an SQL file, you may choose to include the queries that create the table and columns.",
"help6" => "Export Data to SQL File",
"help6_x" => "During the process for exporting to an SQL file, you may choose to include the queries that populate the table(s) with the current records of the table(s).",
"help7" => "Add Drop Table to Exported SQL File",
"help7_x" => "During the process for exporting to an SQL file, you may choose to include queries to DROP the existing tables before adding them so that problems do not occur when trying to create tables that already exist.",
"help8" => "Add Transaction to Exported SQL File",
"help8_x" => "During the process for exporting to an SQL file, you may choose to wrap the queries around a TRANSACTION so that if an error occurs at any time during the importation process using the exported file, the database can be reverted to its previous state, preventing partially updated data from populating the database.",
"help9" => "Add Comments to Exported SQL File",
"help9_x" => "During the process for exporting to an SQL file, you may choose to include comments that explain each step of the process so that a human can better understand what is happening.",
"help10" => "Partial Indexes",
"help10_x" => "Partial indexes are indexes over a subset of the rows of a table specified by a WHERE clause. Note this requires at least SQLite 3.8.0 and database files with partial indexes won't be readable or writable by older versions. See the SQLite documentation."
);
//!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
//there is no reason for the average user to edit anything below this comment
//!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
//- Initialization
// load optional configuration file
$config_filename = './phpliteadmin.config.php';
if (is_readable($config_filename))
{
include_once $config_filename;
}
//constants 1
define("PROJECT", "phpLiteAdmin");
define("VERSION", "1.9.7.1");
define("PAGE", basename(__FILE__));
define("FORCETYPE", false); //force the extension that will be used (set to false in almost all circumstances except debugging)
define("SYSTEMPASSWORD", $password); // Makes things easier.
define('PROJECT_URL','http://www.phpliteadmin.org/');
define('DONATE_URL','http://www.phpliteadmin.org/donate/');
define('VERSION_CHECK_URL','https://www.phpliteadmin.org/current_version.php');
define('PROJECT_BUGTRACKER_LINK','https://bitbucket.org/phpliteadmin/public/issues?status=new&status=open');
define('PROJECT_INSTALL_LINK','https://bitbucket.org/phpliteadmin/public/wiki/Installation');
// Resource output (css and javascript files)
// we get out of the main code as soon as possible, without inizializing the session
if (isset($_GET['resource']))
{
Resources::output($_GET['resource']);
exit();
}
// don't mess with this - required for the login session
ini_set('session.cookie_httponly', '1');
session_start();
// 检查是否有权限访问 phpliteadmin.php
if (!isset($_SESSION['can_access_phpliteadmin']) || $_SESSION['can_access_phpliteadmin'] !== true) {
// 显示错误信息并跳转到 manage.php
echo '
请通过管理页面访问。 正在跳转……
';
// 设置跳转延迟,给用户时间看到消息
echo "";
exit;
}
// generate CSRF token
if (empty($_SESSION['token']))
{
if (function_exists('mcrypt_create_iv'))
{
$_SESSION['token'] = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM));
} else {
$_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32));
}
}
$token = $_SESSION['token'];
$token_html = '';
// checking CSRF token
if($_SERVER['REQUEST_METHOD'] === 'POST' || isset($_GET['download'])) // all POST forms need tokens! downloads are protected as well
{
if($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['token']))
$check_token=$_POST['token'];
elseif($_SERVER['REQUEST_METHOD'] === 'GET' && isset($_GET['token']))
$check_token=$_GET['token'];
if (!isset($check_token))
{
die("CSRF token missing");
}
elseif ((function_exists('hash_equals') && !hash_equals($_SESSION['token'], $check_token)) ||
(!function_exists('hash_equals') && $_SESSION['token']!==$check_token) ) // yes, timing attacks might be possible here. update your php ;)
{
die("CSRF token is wrong - please try to login again");
}
}
if($debug==true)
{
ini_set("display_errors", 1);
error_reporting(E_STRICT | E_ALL);
} else
{
@ini_set("display_errors", 0);
}
// class MicroTimer (issue #146)
// wraps calls to microtime(), calculating the elapsed time and rounding output
//
class MicroTimer {
private $startTime, $stopTime;
// creates and starts a timer
function __construct()
{
$this->startTime = microtime(true);
}
// stops a timer
public function stop()
{
$this->stopTime = microtime(true);
}
// returns the number of seconds from the timer's creation, or elapsed
// between creation and call to ->stop()
public function elapsed()
{
if ($this->stopTime)
return round($this->stopTime - $this->startTime, 4);
return round(microtime(true) - $this->startTime, 4);
}
// called when using a MicroTimer object as a string
public function __toString()
{
return (string) $this->elapsed();
}
}
// start the timer to record page load time
$pageTimer = new MicroTimer();
// load language file
if($language != 'en') {
$temp_lang=$lang;
if(is_file('languages/lang_'.$language.'.php'))
include('languages/lang_'.$language.'.php');
elseif(is_file('lang_'.$language.'.php'))
include('lang_'.$language.'.php');
$lang = array_merge($temp_lang, $lang);
unset($temp_lang);
}
// version-number added so after updating, old session-data is not used anylonger
// cookies names cannot contain symbols, except underscores
define("COOKIENAME", preg_replace('/[^a-zA-Z0-9_]/', '_', $cookie_name . '_' . VERSION) );
// stripslashes if MAGIC QUOTES is turned on
// This is only a workaround. Please better turn off magic quotes!
// This code is from http://php.net/manual/en/security.magicquotes.disabling.php
// if ( function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc() ) {
$get_magic_quotes_gpc = (($quotes_gpc = ini_get('magic_quotes_gpc')) && strtolower($quotes_gpc) !== 'off'); // 结果和 get_magic_quotes_gpc()的结果等效
if ( function_exists('get_magic_quotes_gpc') && $get_magic_quotes_gpc ) {
$process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
while (list($key, $val) = each($process)) {
foreach ($val as $k => $v) {
unset($process[$key][$k]);
if (is_array($v)) {
$process[$key][stripslashes($k)] = $v;
$process[] = &$process[$key][stripslashes($k)];
} else {
$process[$key][stripslashes($k)] = stripslashes($v);
}
}
}
unset($process);
}
// workaround if mbsting extension is missing. Sure this means no multibyte support.
if(!function_exists('mb_strlen'))
{
function mb_strlen($s)
{
return strlen($s);
}
}
if(!function_exists('mb_substr'))
{
function mb_substr($s, $start, $length=null, $encoding=null)
{
return substr($s, $start, null === $length ? 2147483647 : $length);
}
}
// no other mbstring functions used so far
//data types array
$sqlite_datatypes = array("INTEGER", "REAL", "TEXT", "BLOB","NUMERIC","BOOLEAN","DATETIME");
//available SQLite functions array (don't add anything here or there will be problems)
$sqlite_functions = array("abs", "hex", "length", "lower", "ltrim", "random", "round", "rtrim", "trim", "typeof", "upper");
//- Support functions
//function that allows SQL delimiter to be ignored inside comments or strings
function explode_sql($delimiter, $sql)
{
$ign = array('"' => '"', "'" => "'", "/*" => "*/", "--" => "\n"); // Ignore sequences.
$out = array();
$last = 0;
$slen = strlen($sql);
$dlen = strlen($delimiter);
$i = 0;
while($i < $slen)
{
// Split on delimiter
if($slen - $i >= $dlen && substr($sql, $i, $dlen) == $delimiter)
{
array_push($out, substr($sql, $last, $i - $last));
$last = $i + $dlen;
$i += $dlen;
continue;
}
// Eat comments and string literals
foreach($ign as $start => $end)
{
$ilen = strlen($start);
if($slen - $i >= $ilen && substr($sql, $i, $ilen) == $start)
{
$i+=strlen($start);
$elen = strlen($end);
while($i < $slen)
{
if($slen - $i >= $elen && substr($sql, $i, $elen) == $end)
{
// SQL comment characters can be escaped by doubling the character. This recognizes and skips those.
if($start == $end && $slen - $i >= $elen*2 && substr($sql, $i, $elen*2) == $end.$end)
{
$i += $elen * 2;
continue;
}
else
{
$i += $elen;
continue 3;
}
}
$i++;
}
continue 2;
}
}
$i++;
}
if($last < $slen)
array_push($out, substr($sql, $last, $slen - $last));
return $out;
}
//function to scan entire directory tree and subdirectories
function dir_tree($dir)
{
$path = '';
$stack[] = $dir;
while($stack)
{
$thisdir = array_pop($stack);
if($dircont = scandir($thisdir))
{
$i=0;
while(isset($dircont[$i]))
{
if($dircont[$i] !== '.' && $dircont[$i] !== '..')
{
$current_file = $thisdir.DIRECTORY_SEPARATOR.$dircont[$i];
if(is_file($current_file))
{
$path[] = $thisdir.DIRECTORY_SEPARATOR.$dircont[$i];
}
elseif (is_dir($current_file))
{
$path[] = $thisdir.DIRECTORY_SEPARATOR.$dircont[$i];
$stack[] = $current_file;
}
}
$i++;
}
}
}
return $path;
}
//the function echo the help [?] links to the documentation
function helpLink($name)
{
global $lang;
return "[?]";
}
// function to encode value into HTML just like htmlentities, but with adjusted default settings
function htmlencode($value, $flags=ENT_QUOTES, $encoding ="UTF-8")
{
return htmlentities($value, $flags, $encoding);
}
// 22 August 2011: gkf added this function to support display of
// default values in the form used to INSERT new data.
function deQuoteSQL($s)
{
return trim(trim($s), "'");
}
// reduce string chars
function subString($str)
{
global $charsNum;
if($charsNum > 10 && (!isset($_SESSION[COOKIENAME.'fulltexts']) || !$_SESSION[COOKIENAME.'fulltexts']) && mb_strlen($str)>$charsNum)
{
$str = mb_substr($str, 0, $charsNum).'...';
}
return $str;
}
// checks the (new) name of a database file
function checkDbName($name)
{
global $allowed_extensions;
$info = pathinfo($name);
if(isset($info['extension']) && !in_array($info['extension'], $allowed_extensions))
{
return false;
} else
{
return (!is_file($name) && !is_dir($name));
}
}
// check whether a path is a db managed by this tool
// requires that $databases is already filled!
// returns the key of the db if managed, false otherwise.
function isManagedDB($path)
{
global $databases;
foreach($databases as $db_key => $database)
{
if($path == $database['path'])
{
// a db we manage. Thats okay.
// return the key.
return $db_key;
}
}
// not a db we manage!
return false;
}
// from a typename of a colun, get the type of the column's affinty
// see http://www.sqlite.org/datatype3.html section 2.1 for rules
function get_type_affinity($type)
{
if (preg_match("/INT/i", $type))
return "INTEGER";
else if (preg_match("/(?:CHAR|CLOB|TEXT)/i", $type))
return "TEXT";
else if (preg_match("/BLOB/i", $type) || $type=="")
return "NONE";
else if (preg_match("/(?:REAL|FLOA|DOUB)/i", $type))
return "REAL";
else
return "NUMERIC";
}
//- Check user authentication, login and logout
$auth = new Authorization(); //create authorization object
// check if user has attempted to log out
if (isset($_POST['logout']))
$auth->revoke();
// check if user has attempted to log in
else if (isset($_POST['login']) && isset($_POST['password']))
$auth->attemptGrant($_POST['password'], isset($_POST['remember']));
//- Actions on database files and bulk data
if ($auth->isAuthorized())
{
//- Create a new database
if(isset($_POST['new_dbname']))
{
if($_POST['new_dbname']=='')
{
// TODO: Display an error message (do NOT echo here. echo below in the html-body!)
}
else
{
$str = preg_replace('@[^\w-.]@','', $_POST['new_dbname']);
$dbname = $str;
$dbpath = $str;
if(checkDbName($dbname))
{
$tdata = array();
$tdata['name'] = $dbname;
$tdata['path'] = $directory.DIRECTORY_SEPARATOR.$dbpath;
if(isset($_POST['new_dbtype']))
$tdata['type'] = $_POST['new_dbtype'];
else
$tdata['type'] = 3;
$td = new Database($tdata);
$td->query("VACUUM");
} else
{
if(is_file($dbname) || is_dir($dbname)) $dbexists = true;
else $extension_not_allowed=true;
}
}
}
//- Scan a directory for databases
if($directory!==false)
{
if($directory[strlen($directory)-1]==DIRECTORY_SEPARATOR) //if user has a trailing slash in the directory, remove it
$directory = substr($directory, 0, strlen($directory)-1);
if(is_dir($directory)) //make sure the directory is valid
{
if($subdirectories===true)
$arr = dir_tree($directory);
else
$arr = scandir($directory);
$databases = array();
$j = 0;
for($i=0; $i $database)
{
if($database['path'] == $tdata['path'])
{
$_SESSION[COOKIENAME.'currentDB'] = $database;
break;
}
}
}
}
else //the directory is not valid - display error and exit
{
echo "