src/http/pages/execquerypage.cpp

   1 #include "../../../include/http/pages/execquerypage.h"\r
   2 #include "../../../include/stringfunctions.h"\r
   3 \r
   4 #ifdef XMEM\r
   5         #include <xmem.h>\r
   6 #endif\r
   7 \r
   8 const std::string ExecQueryPage::GeneratePage(const std::string &method, const std::map<std::string,std::string> &queryvars)\r
   9 {\r
  10         std::string content="";\r
  11         std::string query="";\r
  12 \r
  13         if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="execute" && queryvars.find("query")!=queryvars.end() && (*queryvars.find("query")).second!="" && ValidateFormPassword(queryvars))\r
  14         {\r
  15                 query=(*queryvars.find("query")).second;\r
  16                 SQLite3DB::Recordset rs=m_db->Query(query);\r
  17 \r
  18                 content+="<table>";\r
  19                 if(rs.Count()>0)\r
  20                 {\r
  21                         content+="<tr>";\r
  22                         for(int i=0; i<rs.Cols(); i++)\r
  23                         {\r
  24                                 content+="<th>";\r
  25                                 if(rs.GetColumnName(i))\r
  26                                 {\r
  27                                         content+=rs.GetColumnName(i);\r
  28                                 }\r
  29                                 content+="</th>";\r
  30                         }\r
  31                         content+="<tr>";\r
  32                 }\r
  33                 while(!rs.AtEnd())\r
  34                 {\r
  35                         content+="<tr>";\r
  36                         for(int i=0; i<rs.Cols(); i++)\r
  37                         {\r
  38                                 content+="<td>";\r
  39                                 if(rs.GetField(i))\r
  40                                 {\r
  41                                         content+=SanitizeOutput(std::string(rs.GetField(i)));\r
  42                                 }\r
  43                                 content+="</td>";\r
  44                         }\r
  45                         content+="</tr>";\r
  46                         rs.Next();\r
  47                 }\r
  48                 content+="</table>";\r
  49         }\r
  50 \r
  51         content+="<h2>Execute Query</h2>";\r
  52         content+="<form name=\"frmquery\" method=\"POST\">";\r
  53         content+=CreateFormPassword();\r
  54         content+="<input type=\"hidden\" name=\"formaction\" value=\"execute\">";\r
  55         content+="<textarea name=\"query\" rows=\"10\" cols=\"80\">"+StringFunctions::Replace(query,"<","&lt;")+"</textarea>";\r
  56         content+="<input type=\"submit\" value=\"Execute Query\">";\r
  57         content+="</form>";\r
  58 \r
  59         return StringFunctions::Replace(m_template,"[CONTENT]",content);\r
  60 }\r
  61 \r
  62 const bool ExecQueryPage::WillHandleURI(const std::string &uri)\r
  63 {\r
  64         if(uri.find("execquery.")!=std::string::npos)\r
  65         {\r
  66                 return true;\r
  67         }\r
  68         else\r
  69         {\r
  70                 return false;\r
  71         }\r
  72 }\r