Werbung
PHP Archiv Blog
Codeschnipsel und Scripts
Jede Menge neue Twitter Follower bekommen. Die Software hat einen kostenlosen Trial Mode, der bis zu 250 Follower bringt.
MySQL Querys in PHP
Das Script erlaubt INSERT / UPDATE Querys in einer MySQL Datenbank. Die Werte von $url, $dbuser und $pwrd müssen angepasst werden.
<?php
session_start();
if (!ob_start("ob_gzhandler"))
ob_start();
header("Expires: Mon, 26 Jul 1997 03:00:00 GMT");
header("Cache-Control: no-cache");
header("Pragma: no-cache");
// url to host
$url = "localhost";
// database user
$dbuser = "Your dbuser name";
// database user's password
$pwrd = "dbuser password";
// Show the information_schema
$show_information_schema = 1;
$con = mysql_connect($url, $dbuser, $pwrd) or die(mysql_error());
mysql_set_charset("utf8", $con);
?>
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=utf-8" />
<script type="text/javascript">
function GetXmlHttpObject(handler)
{
var objXMLHttp=null
if (window.XMLHttpRequest)
{
objXMLHttp=new XMLHttpRequest()
}
else if (window.ActiveXObject)
{
objXMLHttp=new ActiveXObject("Microsoft.XMLHTTP")
}
return objXMLHttp
}
function stateChanged()
{
if (xmlHttp.readyState==4 || xmlHttp.readyState=="complete")
{
document.getElementById("txtResult").innerHTML= xmlHttp.responseText;
}
else {
//alert(xmlHttp.status);
}
}
// Will populate data based on input
function htmlData(url, qStr)
{
if (url.length==0)
{
document.getElementById("txtResult").innerHTML="";
return;
}
xmlHttp=GetXmlHttpObject()
if (xmlHttp==null)
{
alert ('Please use a browser that support "HTTP Request"');
return;
}
url=url+"?"+qStr;
url=url+"&sid="+Math.random();
xmlHttp.onreadystatechange=stateChanged;
xmlHttp.open("GET",url,true) ;
xmlHttp.send(null);
}
</script>
</head>
<body>
<?php
// ############## # FUNCTION START # ##############
function get_db($con)
{
$i = 0;
$res = array();
$db_list = mysql_list_dbs($con);
$cnt = mysql_num_rows($db_list);
while ($i < $cnt)
{
array_push($res, mysql_db_name($db_list, $i));
$i++;
}
if (count($res) >= 1)
{
array_unshift($res, "Select database");
return $res;
}
else
return array(" No tables :-( ");
}
// -------------- -
function desc_table($use_table, $con)
{
$sql = "desc $use_table";
$result = mysql_query($sql, $con);
if (!is_object($result) && !$result == false)
{
$array = array();
while ($ar = mysql_fetch_assoc($result))
{
$tmp[0] = $ar['Field'];
$tmp[1] = $ar['Type'];
array_push($array, $tmp);
}
}
return $array;
}
// -------------- -
function sql_insert($array, $use_table)
{
$sql_value = "";
$sql_str = "\$sql_query = \"INSERT INTO " . $use_table . " (";
foreach ($array as $key => $value)
{
$sql_str .= $value[0] . ", ";
}
$sql_str = substr_replace($sql_str, "", -2) . " )VALUES (";
foreach ($array as $key => $value)
{
switch (substr($value[1], 0, 4))
{
case "char":
$sql_value .= ' "$' . $value[0] . '" ,';
break;
case "date":
$sql_value .= ' "$' . $value[0] . '" ,';
break;
case "int(":
$sql_value .= ' $' . $value[0] . ' ,';
break;
case "text":
$sql_value .= ' "$' . $value[0] . '" ,';
break;
case "date":
$sql_value .= ' "$' . $value[0] . '" ,';
break;
case "tiny":
$sql_value .= ' $' . $value[0] . ' ,';
break;
case "varc":
$sql_value .= ' "$' . $value[0] . '" ,';
break;
}
}
$sql_str .= substr_replace($sql_value, "", -2) . " )";
return $sql_str . '";';
}
// -------------- -
function sql_update($array, $use_table)
{
$sql_str = "\$sql_query = 'UPDATE " . $use_table . " SET ";
foreach ($array as $key => $value)
{
switch (substr($value[1], 0, 4))
{
case "char":
$sql_str .= $value[0] . ' = "\'.$' . $value[0] . '.\'" ,';
break;
case "date":
$sql_str .= $value[0] . ' = \'.$' . $value[0] . '.\', ';
break;
case "int(":
$sql_str .= $value[0] . ' = \'.$' . $value[0] . '.\', ';
break;
case "text":
$sql_str .= $value[0] . ' = "\'.$' . $value[0] . '.\'", ';
break;
case "time":
$sql_str .= $value[0] . ' = \'.$' . $value[0] . '.\', ';
break;
case "tiny":
$sql_str .= $value[0] . ' = \'.$' . $value[0] . '.\', ';
break;
case "varc":
$sql_str .= $value[0] . ' = "\'.$' . $value[0] . '.\'", ';
break;
}
}
return substr_replace($sql_str, "", -2) . " WHERE ";
}
// -------------- -
function get_tables($con, $dbname)
{
$sql = "SHOW TABLES FROM $dbname";
$result = mysql_query($sql);
$res = array();
if (!$result)
{
echo "DB Error, could not list tables\n";
echo 'MySQL Error: ' . mysql_error();
die;
}
while ($row = mysql_fetch_row($result))
{
array_push($res, $row[0]);
}
array_unshift($res, "Select table");
return $res;
}
// -------------- -
function create_post_var($ar)
{
foreach ($ar as $k => $v)
{
echo '$' . $v[0] . ' = mysql_real_escape_string($_POST[' . "'$v[0]'" . ']);<br>';
}
}
// -------------- -
function create_get_var($ar)
{
foreach ($ar as $k => $v)
{
echo '$' . $v[0] . ' = mysql_real_escape_string($_GET[' . "'$v[0]'" . ']);<br>';
}
}
// ############## # FUNCTION END # ##############
if (isset($_GET['db']))
{
if ($_GET['db'] == 'Select database')
die;
$_SESSION['database'] = $_GET['db'];
$dbname = mysql_real_escape_string($_GET['db']);
$table_list = get_tables($con, $dbname);
?>
<p></p>
<select value="lopper" name="table_list"
onchange="htmlData('m_insert.php', 'table='+this.value)" />
<?php
foreach ($table_list as $k => $v)
{
echo '<option>' . $v . '</option>';
}
echo '</select></p>';
die;
}
if (isset($_GET['table']))
{
$db_selected = mysql_select_db($_SESSION['database'], $con);
$table = mysql_real_escape_string($_GET['table']);
$table_array = desc_table($table, $con);
$sql_str = sql_insert($table_array, $table);
$sql_update = sql_update($table_array, $table);
echo '<p>Table: ' . $table . '</p>';
echo '<p>' . $sql_str . '</p>';
echo '<p>' . $sql_update . '</p><br>';
echo '<p>$_POST to variable</p>';
create_post_var($table_array);
echo '<p>$_GET to variable</p>';
create_get_var($table_array);
}
else
{
$dbs = get_db($con);
if ($show_information_schema)
{
// remove information_schema from database list
$res = array_search('information_schema', $dbs);
unset($dbs[$res]);
}
?>
<select name="db_list"
onchange="htmlData('m_insert.php', 'db='+this.value)" />
<?php
foreach ($dbs as $k => $v)
{
echo '<option>' . $v . '</option>';
}
echo '</select>';
echo '<div id="txtResult"> </div>';
die;
}
?>Admin Usernamen bei WordPress ändern
Aus Sicherheitsgründen kann es ratsam sein den WordPress Standart-Usernamen admin zu ändern. Im WordPress Backend selbst gibt es keine Möglichkeit dazu. Dazu wird einfach in einem MySQL Adminprogramm folgender Code ausgeführt.
UPDATE tableprefix_users
SET user_login='neuername'
WHERE
user_login='admin';