src/http/pages/execquerypage.cpp

   1 #include "../../../include/http/pages/execquerypage.h"\r
   2 #include "../../../include/stringfunctions.h"\r
   3 \r
   4 #ifdef XMEM\r
   5         #include <xmem.h>\r
   6 #endif\r
   7 \r
   8 const std::string ExecQueryPage::GeneratePage(const std::string &method, const std::map<std::string,std::string> &queryvars)\r
   9 {\r
  10         std::string content="";\r
  11         std::string query="";\r
  12 \r
  13         if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="execute" && queryvars.find("query")!=queryvars.end() && (*queryvars.find("query")).second!="" && ValidateFormPassword(queryvars))\r
  14         {\r
  15                 query=(*queryvars.find("query")).second;\r
  16                 SQLite3DB::Recordset rs=m_db->Query(query);\r
  17 \r
  18                 content+="<table>";\r
  19                 if(rs.Count()>0)\r
  20                 {\r
  21                         content+="<tr>";\r
  22                         for(int i=0; i<rs.Cols(); i++)\r
  23                         {\r
  24                                 content+="<th>";\r
  25                                 if(rs.GetColumnName(i))\r
  26                                 {\r
  27                                         content+=rs.GetColumnName(i);\r
  28                                 }\r
  29                                 content+="</th>";\r
  30                         }\r
  31                         content+="<tr>";\r
  32                 }\r
  33                 else if(m_db->GetLastResult()!=SQLITE_OK)\r
  34                 {\r
  35                         std::string error="";\r
  36                         m_db->GetLastError(error);\r
  37                         content+="<tr><td>"+error+"</td></tr>";\r
  38                 }\r
  39                 while(!rs.AtEnd())\r
  40                 {\r
  41                         content+="<tr>";\r
  42                         for(int i=0; i<rs.Cols(); i++)\r
  43                         {\r
  44                                 content+="<td>";\r
  45                                 if(rs.GetField(i))\r
  46                                 {\r
  47                                         content+=SanitizeOutput(std::string(rs.GetField(i)));\r
  48                                 }\r
  49                                 content+="</td>";\r
  50                         }\r
  51                         content+="</tr>";\r
  52                         rs.Next();\r
  53                 }\r
  54                 content+="</table>";\r
  55         }\r
  56 \r
  57         content+="<h2>Execute Query</h2>";\r
  58         content+="<form name=\"frmquery\" method=\"POST\">";\r
  59         content+=CreateFormPassword();\r
  60         content+="<input type=\"hidden\" name=\"formaction\" value=\"execute\">";\r
  61         content+="<textarea name=\"query\" rows=\"10\" cols=\"80\">"+StringFunctions::Replace(query,"<","&lt;")+"</textarea>";\r
  62         content+="<input type=\"submit\" value=\"Execute Query\">";\r
  63         content+="</form>";\r
  64 \r
  65         return StringFunctions::Replace(m_template,"[CONTENT]",content);\r
  66 }\r
  67 \r
  68 const bool ExecQueryPage::WillHandleURI(const std::string &uri)\r
  69 {\r
  70         if(uri.find("execquery.")!=std::string::npos)\r
  71         {\r
  72                 return true;\r
  73         }\r
  74         else\r
  75         {\r
  76                 return false;\r
  77         }\r
  78 }\r