代码语言：php

所属分类：其他

下面为部分代码预览，完整代码请点击下载或在bfwstudio webide中打开

<?php
/*
 PHP Mini MySQL Admin
 (c) 2004-2019 Oleg Savchuk <osalabs@gmail.com> http://osalabs.com
 Light standalone PHP script for quick and easy access MySQL databases.
 http://phpminiadmin.sourceforge.net
 Dual licensed: GPL v2 and MIT, see texts at http://opensource.org/licenses/
*/
$ACCESS_PWD=''; #!!!IMPORTANT!!! this is script access password, SET IT if you want to protect you DB from public access
#DEFAULT db connection settings
# --- WARNING! --- if you set defaults - it's recommended to set $ACCESS_PWD to protect your db!
$DBDEF=array(
'user'=>"",#required
'pwd'=>"", #required
'db'=>"",  #optional, default DB
'host'=>"",#optional
'port'=>"",#optional
'socket'=>"",#optional
'chset'=>"utf8",#optional, default charset
);
$IS_COUNT=false; #set to true if you want to see Total records when pagination occurs (SLOWS down all select queries!)
$DUMP_FILE=dirname(__FILE__).'/pmadump'; #path to file without extension used for server-side exports (timestamp, .sql/.csv/.gz extension added) or imports(.sql)
file_exists($f=dirname(__FILE__) . '/phpminiconfig.php')&&require($f); // Read from config (easier to update)
if (function_exists('date_default_timezone_set')) date_default_timezone_set('UTC');#required by PHP 5.1+
//constants
$VERSION='1.9.190822';
$MAX_ROWS_PER_PAGE=50; #max number of rows in select per one page
$D="\r\n"; #default delimiter for export
$BOM=chr(239).chr(187).chr(191);
$SHOW_D="SHOW DATABASES";
$SHOW_T="SHOW TABLE STATUS";
$DB=array(); #working copy for DB settings
$self=$_SERVER['PHP_SELF'];
session_set_cookie_params(0, null, null, false, true);
session_start();
if (!isset($_SESSION['XSS'])) $_SESSION['XSS']=get_rand_str(16);
$xurl='XSS='.$_SESSION['XSS'];
ini_set('display_errors',0);  #turn on to debug db or script issues
error_reporting(E_ALL ^ E_NOTICE);
//strip quotes if they set
if (get_magic_quotes_gpc()){
  $_COOKIE=array_map('killmq',$_COOKIE);
  $_REQUEST=array_map('killmq',$_REQUEST);
}
if ($_REQUEST['login']){
  if ($_REQUEST['pwd']!=$ACCESS_PWD){
    $err_msg="Invalid password. Try again";
  }else{
    $_SESSION['is_logged']=true;
    loadcfg();
  }
}
if ($_REQUEST['logoff']){
  check_xss();
  $_SESSION = array();
  savecfg();
  session_destroy();
  $url=$self;
  if (!$ACCESS_PWD) $url='/';
  header("location: $url");
  exit;
}
if (!$_SESSION['is_logged']){
  if (!$ACCESS_PWD) {
    $_SESSION['is_logged']=true;
    loadcfg();
  }else{
    print_login();
    exit;
  }
}
if ($_REQUEST['savecfg']){
  check_xss();
  savecfg();
}
loadsess();
if ($_REQUEST['showcfg']){
  print_cfg();
  exit;
}
//get initial values
$SQLq=trim(b64d($_REQUEST['q']));
$page=$_REQUEST['p']+0;
if ($_REQUEST['refresh'] && $DB['db'] && preg_match('/^show/',$SQLq) ) $SQLq=$SHOW_T;
if (db_connect('nodie')){
  $time_start=microtime_float();
  if ($_REQUEST['pi']){
    ob_start();phpinfo();$html=ob_get_clean();preg_match("/<body[^>]*>(.*?)<\/body>/is",$html,$m);
    $sqldr='<div class="pi">'.$m[1].'</div>';
  }else{
   if ($DB['db']){
    if ($_REQUEST['shex']){
     print_export();
    }elseif ($_REQUEST['doex']){
     check_xss();do_export();
    }elseif ($_REQUEST['shim']){
     print_import();
    }elseif ($_REQUEST['doim']){
     check_xss();do_import();
    }elseif ($_REQUEST['dosht']){
     check_xss();do_sht();
    }elseif (!$_REQUEST['refresh'] || preg_match('/^select|show|explain|desc/i',$SQLq) ){
     if ($SQLq)check_xss();
     do_sql($SQLq);#perform non-select SQL only if not refresh (to avoid dangerous delete/drop)
    }
   }else{
    if ( $_REQUEST['refresh'] ){
       check_xss();do_sql($SHOW_D);
    }elseif ($_REQUEST['crdb']){
      check_xss();do_sql('CREATE DATABASE `'.$_REQUEST['new_db'].'`');do_sql($SHOW_D);
    }elseif ( preg_match('/^(?:show\s+(?:databases|status|variables|process)|create\s+database|grant\s+)/i',$SQLq) ){
       check_xss();do_sql($SQLq);
    }else{
       $err_msg="Select Database first";
       if (!$SQLq) do_sql($SHOW_D);
    }
   }
  }
  $time_all=ceil((microtime_float()-$time_start)*10000)/10000;
  print_screen();
}else{
  print_cfg();
}
function do_sql($q){
 global $dbh,$last_sth,$last_sql,$reccount,$out_message,$SQLq,$SHOW_T;
 $SQLq=$q;
 if (!do_multi_sql($q)){
    $out_message="Error: ".mysqli_error($dbh);
 }else{
    if ($last_sth && $last_sql){
       $SQLq=$last_sql;
       if (preg_match("/^select|show|explain|desc/i",$last_sql)) {
          if ($q!=$last_sql) $out_message="Results of the last select displayed:";
          display_select($last_sth,$last_sql);
       } else {
         $reccount=mysqli_affected_rows($dbh);
         $out_message="Done.";
         if (preg_match("/^insert|replace/i",$last_sql)) $out_message.=" Last inserted id=".get_identity();
         if (preg_match("/^drop|truncate/i",$last_sql)) do_sql($SHOW_T);
       }
    }
 }
}
function display_select($sth,$q){
 global $dbh,$DB,$sqldr,$reccount,$is_sht,$xurl,$is_sm;
 $rc=array("o","e");
 $dbn=ue($DB['db']);
 $sqldr='';
 $is_shd=(preg_match('/^show\s+databases/i',$q));
 $is_sht=(preg_match('/^show\s+tables|^SHOW\s+TABLE\s+STATUS/',$q));
 $is_show_crt=(preg_match('/^show\s+create\s+table/i',$q));
 if ($sth===FALSE or $sth===TRUE) return;#check if $sth is not a mysql resource
 $reccount=mysqli_num_rows($sth);
 $fields_num=mysqli_field_count($dbh);
 $w='';
 if ($is_sm) $w='sm ';
 if ($is_sht || $is_shd) {$w='wa';
   $url='?'.$xurl."&db=$dbn";
   $sqldr.="<div class='dot'>
 MySQL Server:
 &#183; <a href='$url&q=".b64u("show variables")."'>Show Configuration Variables</a>
 &#183; <a href='$url&q=".b64u("show status")."'>Show Statistics</a>
 &#183; <a href='$url&q=".b64u("show processlist")."'>Show Processlist</a> ";
   if ($is_shd) $sqldr.="&#183; <label>Create new database: <input type='text' name='new_db' placeholder='type db name here'></label> <input type='submit' name='crdb' value='Create'>";
   $sqldr.="<br>";
   if ($is_sht) $sqldr.="Database: &#183; <a href='$url&q=".b64u("show table status")."'>Show Table Status</a>";
   $sqldr.="</div>";
 }
 if ($is_sht){
   $abtn="<div><input type='submit' value='Export' onclick=\"sht('exp')\">
 <input type='submit' value='Drop' onclick=\"if(ays()){sht('drop')}else{return false}\">
 <input type='submit' value='Truncate' onclick=\"if(ays()){sht('trunc')}else{return false}\">
 <input type='submit' value='Optimize' onclick=\"sht('opt')\">
 <b>selected tables</b></div>";
   $sqldr.=$abtn."<input type='hidden' name='dosht' value=''>";
 }
 $sqldr.="<div><table id='res' class='res $w'>";
 $headers="<tr class='h'>";
 if ($is_sht) $headers.="<td><input type='checkbox' name='cball' value='' onclick='chkall(this)'></td>";
 for($i=0;$i<$fields_num;$i++){
    if ($is_sht && $i>0) break;
    $meta=mysqli_fetch_field($sth);
    $headers.="<th><div>".hs($meta->name)."</div></th>";
 }.........完整代码请登录后点击上方下载按钮下载查看

网友评论0

取消

评论提交中...

提交评论