Jump to content
Sign in to follow this  
Alek

freeware list project.

Recommended Posts

Hi,

Maybe i'm to late but here some PHP to help you on your way,

if you plan on doing it with PHP i will write a full handler class for you if you like (and if i got the time)

but maybe this is all you need to get it done yourself, but keep in mind if you don't filter/escape your data

correct it's realy easy to mess with SQL injection etc. would suck if you lost all your data.

Im not someone who comments code usualy so if you need i will add it.

anyways here the code....

<?php
// Author:          Robjong
// Date:            4 Nov. 2007  
// Description:     PHP script for the freeware list project. (http://www.autoitscript.com/forum/index.php?showtopic=55716)
// Comments:        This script will only work on PHP >= 4.3.0  because of mysql_real_escape_string
//                  its set for UTF-8 charset
// ToDoList:        Comment script
//                  Table to XML/INI format file    Fix Bugs (XMl invalid, chars ? urlencode)
// 
// USAGE:
// http://domain.com/filename.php   show all items
// http://domain.com/filename.php?action=list   show all items
// http://domain.com/filename.php?action=listfile       create INI format file 
// http://domain.com/filename.php?action=listfile&mode=xml  create XML format file 
// http://domain.com/filename.php?action=install    Create mysql table and insert 4 items
// http://domain.com/filename.php?action=install&drop=true  Drop table if it exists and create mysql table and insert 4 items
// http://domain.com/filename.php?action=insert&name=string&location=string&section=string&version=string&desc=string   Create new item
// http://domain.com/filename.php?action=update&id=1&location=newlocation   Update an item
// http://domain.com/filename.php?action=delete&id=1    delete an item 
error_reporting('E_STRICT');

if(phpversion() < '4.3.0')
{
    die("Your PHP version (" . phpversion() . ") does not support <em>mysql_real_escape_string()</em>,"
        ."therefor this script will not work on this version. <br />\n <strong>Aborting....</strong>");
}

$cfg['mysql_hostname']  = 'SQL06.FREEMYSQL.NET';
$cfg['mysql_username']  = 'alek900';
$cfg['mysql_password']  = 'fallout2';
$cfg['mysql_database']  = 'autoit';
$cfg['mysql_table']     = 'Software';
$cfg['list_dir_url']    = 'http://domain.ext/path/to/dir/';

$cfg['list_dir']        = './';
$cfg['list_file']       = "{$cfg['list_dir']}{$cfg['mysql_database']}_{$cfg['mysql_table']}"; // list file name, no extension

if(!file_exists($cfg['list_dir']))
{
    mkdir($cfg['list_dir']);
    chmod($cfg['list_dir'], 0777);
}

$db_connection = @mysql_connect($cfg['mysql_hostname'], $cfg['mysql_username'], $cfg['mysql_password']) // the @ in front of a function prevends it from showing an error message
    or die('Unable to connect to the database <br /><strong>Mysql Error (' . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n");
@mysql_select_db($cfg['mysql_database'], $db_connection) 
    or die( 'Unable to select the database <br /><strong>Mysql Error (' . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n"); 

function write2file($file, $content)
{
    global $cfg;
    $filename = basename($file);
    
    if(!$handle = fopen($file, 'w')) 
    {
        return "Unable to open the file ($filename).";  
    }
    if(!fwrite($handle, $content)) 
    {
        return "Unable to write the content to the file ($filename).";
    }
    fclose($handle);
    return "Successfully written the content to the file (<a href=\"{$cfg['list_dir_url']}$filename\" target=\"_blank\">{$cfg['list_dir_url']}$filename</a>)";
}

if(isset($_GET['action']) && strtolower($_GET['action']) == 'install')
{
    $mysql = array();
    if(isset($_GET['drop']) && strtolower($_GET['drop']) == 'true')
    { // watch out with this, delete or comment this part if its not behing a login
        $mysql['drop_sql'] = "DROP TABLE IF EXISTS `{$cfg['mysql_table']}`;";
        mysql_query($mysql['drop_sql']) or die("<strong>Mysql Error (" . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n");
    }
    $mysql['create_sql'] = '';
    $mysql['create_sql'] .= "CREATE TABLE IF NOT EXISTS `{$cfg['mysql_table']}`
                        (
                          `Id` int(11) auto_increment,
                          `Name` varchar(255),
                          `Location` text,
                          `Section` varchar(255),
                          `Version` varchar(255),
                          `Description` text,
                          UNIQUE KEY `Id` (`Id`)
                        );";
    $mysql['insert_sql_1'] = "INSERT INTO `{$cfg['mysql_table']}` VALUES ('1', 'Autoit', 'http://www.autoitscript.com/cgi-bin/getfile.pl?autoit3/autoit-v3-setup.exe', 'Autoit', '3.2.8.1', 'AutoIt v3 is a freeware BASIC-like scripting language \r\ndesigned for automating the Windows GUI and general scripting.');";
    $mysql['insert_sql_2'] = "INSERT INTO `{$cfg['mysql_table']}` VALUES ('2', 'Autoit Beta', 'http://www.autoitscript.com/autoit3/files/beta/autoit/autoit-v3.2.9.3-beta-setup.exe', 'Autoit', '3.2.9.3', '[Beta] AutoIt v3 is a freeware BASIC-like scripting language \r\ndesigned for automating the Windows GUI and general scripting.');";
    $mysql['insert_sql_3'] = "INSERT INTO `{$cfg['mysql_table']}` VALUES ('3', 'VLC Media Player', 'http://downloads.videolan.org/pub/videolan/vlc/0.8.6c/win32/vlc-0.8.6c-win32.exe', 'Media Player', '0.8.6', 'VLC is a media player that can play almost every  \r\nsingle media file it can also play DVD''s.');";
    $mysql['insert_sql_4'] = "INSERT INTO `{$cfg['mysql_table']}` VALUES ('4', 'Firefox', 'http://download.mozilla.org/?product=firefox-2.0.0.8&os=win&lang=en-US', 'Browsers', 'v2.0.0.8', 'A free open source browser for almost any operating system');";
    
    
    mysql_query($mysql['create_sql']) or die("<strong>Mysql Error (" . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n");
    mysql_query($mysql['insert_sql_1']) or die("<strong>Mysql Error (" . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n");
    mysql_query($mysql['insert_sql_2']) or die("<strong>Mysql Error (" . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n");
    mysql_query($mysql['insert_sql_3']) or die("<strong>Mysql Error (" . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n");
    mysql_query($mysql['insert_sql_4']) or die("<strong>Mysql Error (" . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n");
    
    $mysql['check_sql'] = "Select * FROM `{$cfg['mysql_table']}` WHERE id='4'";
    $mysql['check_query'] = @mysql_query($mysql['check_sql']);
    $mysql['check_num'] = @mysql_num_rows($mysql['check_query']);
    
    if($mysql['check_num'] == 1)
    {
        echo "Created table 'Software' successfully.";
    }
    else
    {
        echo "Unable to Created table 'Software' successfully. <br /> <strong>Mysql Error (" . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n";       
    }   
}
elseif(isset($_GET['action']) && strtolower($_GET['action']) == 'insert')
{
    $mysql = array();
    $error = false;
    
    if(isset($_GET['name']))
    {
        $mysql['name'] = mysql_real_escape_string($_GET['name']);
    }
    else
    {
        $error['Name'] = 'You did not enter a valid Name';
    }
    
    if(isset($_GET['location']))
    {
        $mysql['location'] = mysql_real_escape_string($_GET['location']);
    }
    else
    {
        $error['Location'] = 'You did not enter a valid Location';
    }
    
    if(isset($_GET['section']))
    {
        $mysql['section'] = mysql_real_escape_string($_GET['section']);
    }
    else
    {
        $error['Section'] = 'You did not enter a valid Section';
    }
    
    if(isset($_GET['version']))
    {
        $mysql['version'] = mysql_real_escape_string($_GET['version']);
    }
    else
    {
        $error['Version'] = 'You did not enter a valid Version';
    }
    
    if(isset($_GET['desc']))
    {
        $mysql['description'] = mysql_real_escape_string($_GET['desc']);
    }
    else
    {
        $error['Description'] = 'You did not enter a valid Description';
    }
        
    if(is_array($error))
    {
        echo "<strong>The following error(s) occurred:</strong> <br /> \n";
        foreach($error as $key => $val)
        {
            echo "$key: $val <br /> \n"; 
        }
    }
    else
    {
        $result = @mysql_query("SELECT * FROM `{$cfg['mysql_table']}`");
        $num = mysql_num_rows($result) + 1;
        $mysql['insert_sql'] = "INSERT INTO `{$cfg['mysql_table']}` 
                                VALUES ('$num',
                                        '{$mysql['name']}', 
                                        '{$mysql['location']}', 
                                        '{$mysql['section']}', 
                                        '{$mysql['location']}', 
                                        '{$mysql['description']}');";
        #debug# print($mysql['insert_sql']);
        @mysql_query($mysql['insert_sql']);
        $affected = mysql_affected_rows($db_connection);
        
        if($affected == 1)
        {
            echo "Insert successfully. ($affected)";
        }
        else
        {
            echo "Unable to insert. ($affected) <br /> <strong>Mysql Error (" . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n";      
        }
    }
}
elseif(isset($_GET['action']) && strtolower($_GET['action']) == 'update')
{
    if(isset($_GET['id']))
    {
        $mysql = array();
        $update_query = false;
        $mysql['id'] = mysql_real_escape_string($_GET['id']);
        $mysql['check_sql'] = "Select * FROM `{$cfg['mysql_table']}` WHERE `id`={$mysql['id']}";
        $mysql['check_query'] = @mysql_query($mysql['check_sql']);
        $mysql['check_num'] = @mysql_num_rows($mysql['check_query']);
        
        if($mysql['check_num'] == 1)
        {
            if(isset($_GET['name']))
            {
                $mysql['name'] = mysql_real_escape_string($_GET['name']);
                $update_query[] = "`Name`='{$mysql['name']}'";
            }
            
            if(isset($_GET['location']))
            {
                $mysql['location'] = mysql_real_escape_string($_GET['location']);
                $update_query[] = "`Location`='{$mysql['location']}'";
            }
            
            if(isset($_GET['section']))
            {
                $mysql['section'] = mysql_real_escape_string($_GET['section']);
                $update_query[] = "`Section`='{$mysql['section']}'";
            }
            
            if(isset($_GET['version']))
            {
                $mysql['version'] = mysql_real_escape_string($_GET['version']);
                $update_query[] = "`Version`='{$mysql['version']}'";
            }
            
            if(is_array($update_query))
            {
                if(isset($_GET['desc']))
                {
                    $mysql['description'] = mysql_real_escape_string($_GET['desc']);
                    $update_query[] = "`Description`='{$mysql['description']}'";
                }
                
                $mysql['query'] = '';
                $to = count($update_query) - 1;
                for($i = 0; $i <= $to; $i++)
                {
                    $mysql['query'] .= $update_query[$i];
                    if($i != $to)
                    {
                        $mysql['query'] .= ', ';
                    }
                }
                
                $mysql['update_sql'] = "UPDATE `{$cfg['mysql_table']}` SET {$mysql['query']} WHERE id={$mysql['id']}";
                #debug# print($mysql['update_sql']);
                $query = @mysql_query($mysql['update_sql']);
                $affected = @mysql_affected_rows($db_connection);
                
                if($affected >= 1)
                {
                    echo "Updated successfully. ($affected)";
                }
                else
                {
                    echo "Unable to update. ($affected) <br /> <strong>Mysql Error (" . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n";      
                }
            }   
            else
            {
                echo "Unable to update, no data entered. <br /> \n";
            }
        }
        elseif($mysql['check_num'] > 1)
        {
            echo "Unable to update, the item exists more then once.<br /> \n";  
        }
        else
        {
            echo "Unable to update, the item does not exist.<br /> \n";     
        }
    }   
    else
    {
        echo "Unable to update, no item entered.<br /> \n";         
    }   
}
elseif(isset($_GET['action']) && strtolower($_GET['action']) == 'delete')
{
    if(isset($_GET['id']))
    {
        $mysql = array();
        $mysql['id'] = mysql_real_escape_string($_GET['id']);
        $mysql['check_sql'] = "Select * FROM `{$cfg['mysql_table']}` WHERE `id`={$mysql['id']}";
        $mysql['check_query'] = @mysql_query($mysql['check_sql']);
        $mysql['check_num'] = @mysql_num_rows($mysql['check_query']);
        
        if($mysql['check_num'] == 1)
        {
            $mysql['delete_sql'] = "DELETE FROM `{$cfg['mysql_table']}` WHERE id={$mysql['id']}";
            #debug# print($mysql['delete_sql']);
            $query = @mysql_query($mysql['delete_sql']);
            $affected = @mysql_affected_rows($db_connection);
            
            if($affected >= 1)
            {
                echo "Deleted successfully. ($affected)";
            }
            else
            {
                echo "Unable to delete. ($affected) <br /> <strong>Mysql Error (" . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n";      
            }
        }
        elseif($mysql['check_num'] > 1)
        {
            echo "Unable to delete, the item exists more then once.<br /> \n";  
        }
        else
        {
            echo "Unable to delete, the item does not exist.<br /> \n";     
        }
    }   
    else
    {
        echo "Unable to delete, no item entered.<br /> \n";         
    }   
}
elseif(isset($_GET['action']) && strtolower($_GET['action']) == 'listfile')
{
    $mysql['select_sql'] = "SELECT * FROM `{$cfg['mysql_table']}`";
    $mysql['query'] = mysql_query($mysql['select_sql']) 
                        or die('<strong>Mysql Error (' . mysql_errno() . '):</strong> ' . mysql_error() . " <br /> \n"); 
    $array = mysql_fetch_assoc($mysql['query']);
    $mysql['check_num'] = mysql_num_rows($mysql['query']);
    
    header('Content-type: text/html');
    header('Pragma: public');       
    header('Cache-control: private');
    header('Expires: -1');
    
    if(isset($_GET['mode']) && strtolower($_GET['mode']) == 'xml')
    { // XML format
        $filename = "{$cfg['list_file']}.xml";
        if(file_exists($filename))
        {
            unlink($filename);
        }
        $content     = "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"; 
        $content    .= "<root>\n";
        $content    .= " <info>\n";
        $content    .= "   <date>" . date('d/m/Y') . "</date>\n";
        $content    .= "   <time>" . date('H:i:s') . "</time>\n";
        $content    .= "   <total>{$mysql['check_num']}</total>\n";
        $content    .= " </info>\n";
        
        if($mysql['check_num'] > 0)
        {
            do
            {
                $content .= " <row>\n";
                foreach ($array as $key => $val) 
                {
                    $content .= "   <$key>$val</$key>\n";
                }
            $content .= " </row>\n";
            } 
            while ($array = mysql_fetch_assoc($mysql['query']));
        }
        
        $content .= "</root>";
    }
    else
    { // INI format     
        $filename = "{$cfg['list_file']}.ini";
        if(file_exists($filename))
        {
            unlink($filename);
        }
        $content = "[info]\n";
        $content .= "date=" . date('d/m/Y') . "\n";
        $content .= "time=" . date('H:i:s') . "\n";
        $content .= "total={$mysql['check_num']}\n\n";
        
        if($mysql['check_num'] > 0)
        {
            $i = 1;
            do
            {
                $content .= "[item_$i]\n";
                foreach ($array as $key => $val) 
                {
                    $content .= "$key=$val\n";
                }
            $content .= "\n";
            $i++;
            } 
            while ($array = mysql_fetch_assoc($mysql['query']));
        }
    }
    
    mysql_free_result($mysql['query']);
    echo write2file($filename, $content);

}
else//if(isset($_GET['action']) && strtolower($_GET['action']) == 'list')
{
    $mysql = array();
    $html = array();
    $mysql['check_sql'] = "Select * FROM `{$cfg['mysql_table']}`";
    $mysql['check_query'] = mysql_query($mysql['check_sql']);
    $mysql['check_num'] = mysql_num_rows($mysql['check_query']);
    
    if($mysql['check_num'] >= 1)
    {
        while($array = mysql_fetch_array($mysql['check_query']))
        {
            $html['id'] = htmlentities($array['Id'], ENT_QUOTES, 'UTF-8');
            $html['name'] = htmlentities($array['Name'], ENT_QUOTES, 'UTF-8');
            $html['location'] = htmlentities($array['Location'], ENT_QUOTES, 'UTF-8');
            $html['section'] = htmlentities($array['Section'], ENT_QUOTES, 'UTF-8');
            $html['version'] = htmlentities($array['Version'], ENT_QUOTES, 'UTF-8');
            $html['description'] = htmlentities($array['Description'], ENT_QUOTES, 'UTF-8');
            
            echo "<p>Id: {$html['id']} <br /> \n"
                ."Name: {$html['name']} <br /> \n"
                ."Location: {$html['location']} <br /> \n"
                ."Section: {$html['section']} <br /> \n"
                ."Version: {$html['version']} <br /> \n"
                ."Description: {$html['description']} <br /> </p>\n";
        }
    }
    else
    {
        echo "No items in the databse.<br /> \n";   
    }
}
mysql_close($db_connection);
?>

Hope it helps you (or someone else)

Edit: small correction in the code

=======

Robjong

Edited by Robjong

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...