Файл: sql/sql2.0.php
Строк: 47
<?php
header("Content-type: text/html; charset=windows-1251");
echo '
<html>
<head>
<title>MySql</title>
</head>
<body>';
if($mode!="do")
{
echo '
<form action="'.$_SERVER['PHP_SELF'].'?mode=do" method="post">
<input type="hidden" name="host" value="$(host)"/>
<input type="hidden" name="db" value="$(db)"/>
<input type="hidden" name="user" value="$(user)"/>
<input type="hidden" name="password" value="$(password)"/>
<input type="hidden" name="address" value="$(address)"/>
MySQL host:<br/>
<input type="text" name="host" value="localhost"/>
<br/>MySQL DataBase Name:<br/>
<input type="text" name="db"/><br/>
MySQL User Name:<br/>
<input type="text" name="user"/><br/>
MySQL Password:<br/>
<input type="text" name="password"/><br/>
SQL File address (full or local):<br/>
<input type="text" name="address" value="http://"/>
<br/><input type="submit" value="GO!">
</form>';
}
if($mode=="do")
{
$data=@file_get_contents($address) or die("Could not read ".$address."! </body></html>");
$queryes=preg_split("#(SELECT|CREATE|DROP|UPDATE|INSERT|SHOW|REVOKE|MATCH|LIKE|GRANT|DESCRIBE|OPTIMIZE|COUNT|ALTER|AGAINST|)[-a-z0-9_.:@&?=+,!/~*'%$"sn]*;#i", $data);
$connect=mysql_connect($host, $user, $password) or die("Could not connect with MySQL server Because ".mysql_error()."</body></html>");
@mysql_select_db($db) or die("Could not select the database because ".mysql_error()."</body></html>");
$i=0;
$ie=0;
foreach($queryes as $query)
{
if(!@mysql_query($query))
{
echo '<strong>ERROR!</strong><br/>
<u>query:</u> '.$query.'<br/>
<u>server reply:</u> '.mysql_error().'<br/>------<br/>';
$ie++;
}
else $i++;
}
if($ie=="0")
echo 'Process finish!<br/>We have all '.$i. 'query and 0 errors!';
else echo 'We have '.($i+$ie).' query. '.$ie.' errors!';
@mysql_close();
}
echo '</body></html>';
?>