errorpage( 'nosuchspecialpage', 'nospecialpagetext' ); return; } if( !$wgUser->isAllowed('asksql') ) { $wgOut->sysopRequired(); return; } if( $wgRequest->wasPosted() ) { $query = $wgRequest->getVal( 'wpSqlQuery' ); $action = $wgRequest->getVal( 'action' ); } else { $query = ''; $action = ''; } $f = new SqlQueryForm( $query); if ( "submit" == $action ) { $f->doSubmit(); } else { $f->showForm( '' ); } } /** * @access private * @package MediaWiki * @subpackage SpecialPage */ class SqlQueryForm { var $query = ''; function SqlQueryForm( $query ) { $this->query = $query; } function showForm( $err ) { global $wgOut, $wgUser, $wgLang; global $wgLogQueries; $wgOut->setPagetitle( wfMsg( 'asksql' ) ); $note = wfMsg( 'asksqltext' ); if($wgLogQueries) $note .= ' ' . wfMsg( 'sqlislogged' ); $wgOut->addWikiText( $note ); if ( '' != $err ) { $wgOut->addHTML( '
' . htmlspecialchars($err) . "\n" ); } if ( ! $this->query ) { $this->query = 'SELECT ... FROM ... WHERE ...'; } $q = wfMsg( 'sqlquery' ); $qb = wfMsg( 'querybtn' ); $titleObj = Title::makeTitle( NS_SPECIAL, 'Asksql' ); $action = $titleObj->escapeLocalURL( 'action=submit' ); $wgOut->addHTML( "
\n" ); } function doSubmit() { global $wgOut, $wgUser, $wgServer, $wgScript, $wgArticlePath, $wgLang, $wgContLang; global $wgDBserver, $wgDBsqluser, $wgDBsqlpassword, $wgDBname, $wgSqlTimeout; # Use a limit, folks! $this->query = trim( $this->query ); if( preg_match( '/^SELECT/i', $this->query ) and !preg_match( '/LIMIT/i', $this->query ) ) { $this->query .= ' LIMIT 100'; } $conn = Database::newFromParams( $wgDBserver, $wgDBsqluser, $wgDBsqlpassword, $wgDBname ); $this->logQuery( $this->query ); # Start timer, will kill the DB thread in $wgSqlTimeout seconds $conn->startTimer( $wgSqlTimeout ); $res = $conn->query( $this->query, 'SpecialAsksql::doSubmit' ); $conn->stopTimer(); $this->logFinishedQuery(); $n = 0; @$n = $conn->numFields( $res ); $titleList = false; if ( $n ) { $k = array(); for ( $x = 0; $x < $n; ++$x ) { array_push( $k, $conn->fieldName( $res, $x ) ); } if ( $n == 2 && in_array( 'page_title', $k ) && in_array( 'page_namespace', $k ) ) { $titleList = true; } $a = array(); while ( $s = $conn->fetchObject( $res ) ) { array_push( $a, $s ); } $conn->freeResult( $res ); if ( $titleList ) { $r = ""; foreach ( $a as $y ) { $sTitle = htmlspecialchars( $y->page_title ); if ( $y->page_namespace ) { $sNamespace = $wgContLang->getNsText( $y->page_namespace ); $link = "$sNamespace:$sTitle"; } else { $link = "$sTitle"; } $skin = $wgUser->getSkin(); $link = $skin->makeLink( $link ); $r .= "* [[$link]]
" . htmlspecialchars( $x ) . " | "; $r .= "
---|
' . $o . " | \n"; } $r .= "