<?php if( !function_exists("db_query")) { function Ausgabe_Daten($SQL) { global $con; $Erg = mysql_query($SQL, $con); echo mysql_error($con); $Zeilen = mysql_num_rows($Erg); $Anzahl_Felder = mysql_num_fields($Erg); $Diff = "<table border=1>"; $Diff .= "<tr>"; for ($m = 0 ; $m < $Anzahl_Felder ; $m++) $Diff .= "<th>". mysql_field_name($Erg, $m). "</th>"; $Diff .= "</tr>"; for ($n = 0 ; $n < $Zeilen ; $n++) { $Diff .= "<tr>"; for ($m = 0 ; $m < $Anzahl_Felder ; $m++) $Diff .= "<td>".mysql_result($Erg, $n, $m). "</td>"; $Diff .= "</tr>"; } $Diff .= "</table>"; return $Diff; } function db_querry_getDatenAssocArray($SQL) { global $con; $Erg = mysql_query($SQL, $con); echo mysql_error($con); $Daten = array(); for( $i=0; $i<mysql_num_rows($Erg); $i++) $Daten[$i] = mysql_fetch_assoc($Erg); return $Daten; } function db_querry_diffDaten($Daten1, $Daten2) { $Gefunden = false; $Diff = "\n<table border=1>\n"; $Diff .= "<tr>\n<th>Feldname</th>\n<th>old Value</th>\n<th>new Value</th>\n"; $Diff .= "</tr>\n"; foreach($Daten1 as $DataKey => $Data1) { if(isset( $Daten2[$DataKey])) { $Data2 = $Daten2[$DataKey]; foreach($Data1 as $key => $value) if( $value != $Data2[$key]) { $Gefunden = true; $Diff .= "<tr>\n<td>$key</td>\n<td>$value</td>\n<td>" . $Data2[$key] . "</rd>\n</tr>"; } } else foreach($Data1 as $key => $value) { $Gefunden = true; $Diff .= "<tr>\n<td>$key</td>\n<td>$value</td>\n<td></rd>\n</tr>"; } } $Diff .= "</table>\n"; if($Gefunden) return $Diff; else return "\nno changes Fount\n"; } function db_query( $SQL, $comment) { global $con, $Page; $Diff = ""; // commed anlyse udn daten sicherung if(strpos("#$SQL", "UPDATE") > 0) { // Tabellen name ermitteln $Table_Start = strpos( $SQL, "`"); $Table_End = strpos( $SQL, "`", $Table_Start+1); $Table = substr( $SQL, $Table_Start, ($Table_End-$Table_Start+1)); //SecureTest if( $Table_Start == 0 || $Table_End == 0) die("<h1>funktion_db ERROR SQL: '$SQL' nicht OK</h1>"); //WHERE ermitteln $Where_Start = strpos( $SQL, "WHERE"); $Where = substr( $SQL, $Where_Start); if( $Where_Start == 0) $Where = ";"; if( strlen( $Where) < 2) { $Diff = "can't show, too mutch data (no filter was set)"; $querry_erg = mysql_query($SQL, $con); } else { $Daten1 = db_querry_getDatenAssocArray( "SELECT * FROM $Table $Where"); $querry_erg = mysql_query($SQL, $con); $Daten2 = db_querry_getDatenAssocArray( "SELECT * FROM $Table $Where"); $Diff = db_querry_diffDaten($Daten1, $Daten2); } } elseif( strpos( "#$SQL", "DELETE") > 0) { $TableWhere = substr( $SQL, 6); $Diff .= Ausgabe_Daten( "SELECT * $TableWhere"); //execute command $querry_erg = mysql_query($SQL, $con); } elseif( strpos( "#$SQL", "INSERT") > 0) { //execute command $querry_erg = mysql_query($SQL, $con); } else { //execute command $querry_erg = mysql_query($SQL, $con); } $SQLCommand = "SQL:<br />". htmlentities( $SQL, ENT_QUOTES); if( strlen($Diff) > 0) $SQLCommand .= "<br /><br />Diff:<br />$Diff"; $Commend = htmlentities( ($Page["Name"]. ": ". $comment), ENT_QUOTES); //LOG commands in DB $SQL_SEC = "INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ". " VALUES ( '". $_SESSION['UID']. "', ". "'". mysql_escape_string( $SQLCommand). "', ". "'". mysql_escape_string( $Commend). "' );"; $erg = mysql_query($SQL_SEC, $con); echo mysql_error($con); return $querry_erg; }//function db_query( } ?>