errorpage( 'nosuchspecialpage', 'nospecialpagetext' );
return;
}
if( !$wgUser->isAllowed('asksql') ) {
$wgOut->sysopRequired();
return;
}
if( $wgRequest->wasPosted() ) {
$query = $wgRequest->getVal( 'wpSqlQuery' );
$action = $wgRequest->getVal( 'action' );
} else {
$query = '';
$action = '';
}
$f = new SqlQueryForm( $query);
if ( "submit" == $action ) {
$f->doSubmit();
} else {
$f->showForm( '' );
}
}
/**
* @access private
* @package MediaWiki
* @subpackage SpecialPage
*/
class SqlQueryForm {
var $query = '';
function SqlQueryForm( $query ) {
$this->query = $query;
}
function showForm( $err ) {
global $wgOut, $wgUser, $wgLang;
global $wgLogQueries;
$wgOut->setPagetitle( wfMsg( 'asksql' ) );
$note = wfMsg( 'asksqltext' );
if($wgLogQueries)
$note .= ' ' . wfMsg( 'sqlislogged' );
$wgOut->addWikiText( $note );
if ( '' != $err ) {
$wgOut->addHTML( '' . htmlspecialchars($err) . "\n" );
}
if ( ! $this->query ) { $this->query = 'SELECT ... FROM ... WHERE ...'; }
$q = wfMsg( 'sqlquery' );
$qb = wfMsg( 'querybtn' );
$titleObj = Title::makeTitle( NS_SPECIAL, 'Asksql' );
$action = $titleObj->escapeLocalURL( 'action=submit' );
$wgOut->addHTML( "
\n" );
}
function doSubmit() {
global $wgOut, $wgUser, $wgServer, $wgScript, $wgArticlePath, $wgLang, $wgContLang;
global $wgDBserver, $wgDBsqluser, $wgDBsqlpassword, $wgDBname, $wgSqlTimeout;
# Use a limit, folks!
$this->query = trim( $this->query );
if( preg_match( '/^SELECT/i', $this->query )
and !preg_match( '/LIMIT/i', $this->query ) ) {
$this->query .= ' LIMIT 100';
}
$conn = Database::newFromParams( $wgDBserver, $wgDBsqluser, $wgDBsqlpassword, $wgDBname );
$this->logQuery( $this->query );
# Start timer, will kill the DB thread in $wgSqlTimeout seconds
$conn->startTimer( $wgSqlTimeout );
$res = $conn->query( $this->query, 'SpecialAsksql::doSubmit' );
$conn->stopTimer();
$this->logFinishedQuery();
$n = 0;
@$n = $conn->numFields( $res );
$titleList = false;
if ( $n ) {
$k = array();
for ( $x = 0; $x < $n; ++$x ) {
array_push( $k, $conn->fieldName( $res, $x ) );
}
if ( $n == 2 && in_array( 'page_title', $k ) && in_array( 'page_namespace', $k ) ) {
$titleList = true;
}
$a = array();
while ( $s = $conn->fetchObject( $res ) ) {
array_push( $a, $s );
}
$conn->freeResult( $res );
if ( $titleList ) {
$r = "";
foreach ( $a as $y ) {
$sTitle = htmlspecialchars( $y->page_title );
if ( $y->page_namespace ) {
$sNamespace = $wgContLang->getNsText( $y->page_namespace );
$link = "$sNamespace:$sTitle";
} else {
$link = "$sTitle";
}
$skin = $wgUser->getSkin();
$link = $skin->makeLink( $link );
$r .= "* [[$link]]
\n";
}
} else {
$r = "\n";
foreach ( $k as $x ) $r .= "| " . htmlspecialchars( $x ) . " | ";
$r .= "
\n";
foreach ( $a as $y ) {
$r .= '';
foreach ( $k as $x ) {
$o = $y->$x ;
if ( $x == 'page_title' or $x == 'rc_title') {
$namespace = 0;
if( $x == 'page_title' && isset( $y->page_namespace ) ) $namespace = $y->page_namespace;
if( $x == 'rc_title' && isset( $y->rc_namespace ) ) $namespace = $y->rc_namespace;
$title =& Title::makeTitle( $namespace, $o );
$o = "escapeLocalUrl() . "\" class='internal'>" .
htmlspecialchars( $y->$x ) . '' ;
} else {
$o = htmlspecialchars( $o );
}
$r .= '| ' . $o . " | \n";
}
$r .= "
\n";
}
$r .= "
\n";
}
}
$this->showForm( wfMsg( "querysuccessful" ) );
$wgOut->addHTML( "
{$r}\n" );
}
function logQuery( $q ) {
global $wgSqlLogFile, $wgLogQueries, $wgUser;
if(!$wgLogQueries) return;
$f = fopen( $wgSqlLogFile, 'a' );
fputs( $f, "\n\n" . wfTimestampNow() .
" query by " . $wgUser->getName() .
":\n$q\n" );
fclose( $f );
$this->starttime = wfTime();
}
function logFinishedQuery() {
global $wgSqlLogFile, $wgLogQueries;
if(!$wgLogQueries) return;
$interval = wfTime() - $this->starttime;
$f = fopen( $wgSqlLogFile, 'a' );
fputs( $f, 'finished at ' . wfTimestampNow() . "; took $interval secs\n" );
fclose( $f );
}
}
?>