function wfSpecialAsksql() { global $wgUser, $wgOut, $action; if ( ! $wgUser->isSysop() ) { $wgOut->sysopRequired(); return; } $fields = array( "wpSqlQuery" ); wfCleanFormFields( $fields ); $f = new SqlQueryForm(); if ( "submit" == $action ) { $f->doSubmit(); } else { $f->showForm( "" ); } } class SqlQueryForm { function showForm( $err ) { global $wgOut, $wgUser, $wgLang; global $wpSqlQuery; $wgOut->setPagetitle( wfMsg( "asksql" ) ); $wgOut->addWikiText( wfMsg( "asksqltext" ) ); if ( "" != $err ) { $wgOut->addHTML( "
" . htmlspecialchars($err) . "\n" ); } if ( ! $wpSqlQuery ) { $wpSqlQuery = "SELECT ... FROM ... WHERE ..."; } $q = wfMsg( "sqlquery" ); $qb = wfMsg( "querybtn" ); $action = wfLocalUrlE( $wgLang->specialPage( "Asksql" ), "action=submit" ); $wgOut->addHTML( "
\n" ); } function doSubmit() { global $wgOut, $wgUser, $wgServer, $wgScript, $wgArticlePath; global $wpSqlQuery; global $wgDBsqluser, $wgDBsqlpassword; # Use a limit, folks! $wpSqlQuery = trim( $wpSqlQuery ); if( preg_match( "/^SELECT/i", $wpSqlQuery ) and !preg_match( "/LIMIT/i", $wpSqlQuery ) ) { $wpSqlQuery .= " LIMIT 100"; } if ( ! $wgUser->isDeveloper() ) { $connection = wfGetDB( $wgDBsqluser, $wgDBsqlpassword ); } $res = wfQuery( $wpSqlQuery, "SpecialAsksql::doSubmit" ); $n = 0; @$n = wfNumFields( $res ); if ( $n ) { $k = array(); for ( $x = 0; $x < $n; ++$x ) { array_push( $k, wfFieldName( $res, $x ) ); } $a = array(); while ( $s = wfFetchObject( $res ) ) { array_push( $a, $s ); } wfFreeResult( $res ); $r = "
" . htmlspecialchars( $x ) . " | "; $r .= "
---|
" . $o . " | \n"; } $r .= "