caharkness/QueryRunnerBS5
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8170ab2855
QueryRunnerBS5/pages/run.php

611 lines
22 KiB
PHP
Raw Blame History

<?php
global $c;
global $varPosted;
global $varRows;
$strQueryDir = "files/sql";
// $varFiles = is_dir($strQueryDir)? scandir($strQueryDir) : [];
// $varFiles = array_diff($varFiles, [".", ".."]);
function removeQueryDir(&$strInput)
{
global $strQueryDir;
$strInput = substr($strInput, strlen($strQueryDir) + 1);
}
$strFind = shell_exec("find files/sql | grep -Ei \"\.sql$\"");
$varFiles = explode("\n", $strFind);
$varFiles = array_filter($varFiles);
array_walk($varFiles, "removeQueryDir");
$strSelection = implode("/", Request::getArgs());
$varInputs = [[]];
$varRows = null;
$strError = null;
$varOptions = [];
$intAllowed = 1;
if ($strSelection !== null && strlen($strSelection) > 0)
{
$strSelection = urldecode($strSelection);
$strFileData = file_get_contents("{$strQueryDir}/{$strSelection}");
// Translate occurrences of {{ Date: next monday }} into yyyy-MM-dd format:
// Can be used in string literals or default values in comments!
preg_match_all(
"/\{\{\s*?Date\:\s*?(.*)\s*?\}\}/i",
$strFileData,
$varDateReplacements);
for ($i = 0; $i < count($varDateReplacements[0]); $i++)
{
try
{
$strMatch = $varDateReplacements[0][$i];
$strMatchSafe = preg_quote($strMatch);
$strDateString = $varDateReplacements[1][$i];
$strFileData = preg_replace(
"/{$strMatchSafe}/i",
date_create($strDateString)->format("Y-m-d"),
$strFileData);
}
catch (Exception $x) {}
}
// WARNING: Can be abused.
// Translate occurrences of {{ SQL: select 'test' }} into the string value of the first cell of the first row:
// Can be used in string literals or default values in comments!
preg_match_all(
"/\{\{\s*SQL\:\s*(.*)\s+?\}\}/i",
$strFileData,
$varSQLReplacements);
for ($i = 0; $i < count($varSQLReplacements[0]); $i++)
{
try
{
$strMatch = $varSQLReplacements[0][$i];
$strMatchSafe = preg_quote($strMatch);
$strSQLString = $varSQLReplacements[1][$i];
$varTempRows = $c->query($strSQLString);
//Respond::json($varTempRows);
$strFirstCell = "";
if (count($varTempRows) > 0)
foreach ($varTempRows[0] as $k => $v)
{
$strFirstCell = $varTempRows[0][$k];
break;
}
$strFileData = preg_replace(
"/{$strMatchSafe}/i",
$strFirstCell,
$strFileData);
}
catch (Exception $x) {}
}
//Respond::json($strFileData);
//foreach ($varReplacements as $k => $v)
// $strFileData = preg_replace("/\{\{{$k}\}\}/i", $v, $strFileData);
// Get the inputs:
preg_match_all(
"/declare\s+\@([A-Za-z0-9]{1,})\s+(.+)\s+=\s+\?;(\s+-- ([A-Za-z0-9]{1,})\:\s(.*))?/i",
$strFileData,
$varInputs);
// Get the options defined in comments:
preg_match_all(
"/--\s+([A-Za-z0-9]{1,})\:\s+(.+)/i",
$strFileData,
$varOptionMatches);
if (count($varOptionMatches[0]) > 0)
{
for ($i = 0; $i < count($varOptionMatches[0]); $i++)
{
$strKey = strtolower($varOptionMatches[1][$i]);
$strValue = $varOptionMatches[2][$i];
$varOptions[$strKey] = $strValue;
}
}
if (array_key_exists("allow", $varOptions))
{
$intAllowed = 0;
$strAllowedObjects = strtolower($varOptions["allow"]);
$varAllowedObjects = explode(",", $strAllowedObjects);
$varUserObjects = [];
if (class_exists("UserAuth"))
{
$varUser = UserAuth::getUser();
if ($varUser !== null)
{
foreach (UserAuth::getUserGroups() as $strGroup)
$varUserObjects[] = strtolower($strGroup);
$varUserObjects[] = strtolower($varUser["cn"]);
}
}
foreach ($varAllowedObjects as $strObject)
if (in_array($strObject, $varUserObjects))
$intAllowed = 1;
}
$intRun = Request::getParam("run");
$strFormat = Request::getParam("format");
//if (Request::posts("run_query"))
if ($intRun !== null && $intRun == 1 && $intAllowed == 1)
{
$varPosted = Request::getParams();
// Remove these keys from submitted fields:
foreach (["run", "format"] as $k)
if (array_key_exists($k, $varPosted))
unset($varPosted[$k]);
try
{
$varRows = $c->query("{$strQueryDir}/{$strSelection}", $varPosted);
$strView = "files/views/{$strSelection}.php";
// Allow returning the data as JSON for APIs, maybe:
if (strtolower($strFormat) == "json")
Respond::json($varRows);
// Load a custom view if there is one:
if (file_exists($strView))
{
ob_clean();
require $strView;
ob_end_flush();
exit;
}
}
catch (Exception $x)
{
$strMessage = $x->getMessage();
$strError = $strMessage;
$strError .= "\n\n";
$strFile = $x->getFile();
$intLine = $x->getLine();
$strError .= "#-1 {$strFile}({$intLine}): {$strMessage}\n";
$strError .= $x->getTraceAsString();
}
}
}
// Fancier title processing:
$strTitle = null;
if (array_key_exists("title", $varOptions))
$strTitle = $varOptions["title"];
$strTitle = $strTitle ?? $strSelection ?? "Report";
?>
<?php if (array_key_exists("scale", $varOptions)): ?>
<style>
table {
font-size: <?= $varOptions["scale"]; ?>em;
}
</style>
<?php endif; ?>
<title><?= $strTitle; ?></title>
<div class="navbar navbar-expand bg-primary navbar-dark d-print-none">
<div class="container-fluid justify-content-between">
<div class="d-inline-flex align-items-center">
<a class="nav-item btn btn-outline-light me-2" onclick="fnShowPage('#page-input');"><i class="fa fa-fw fa-cog"></i> <span class="d-none d-lg-inline">Options</span></a>
<?php if ($varRows !== null && count($varRows) > 0): ?>
<a class="nav-item btn btn-outline-light me-2" onclick="fnShowPage('#page-output');"><i class="fa fa-fw fa-table"></i> <span class="d-none d-lg-inline">Results</span></a>
<a class="nav-item btn btn-outline-light me-2" onclick="fnExport();"><i class="fa fa-fw fa-download"></i> <span class="d-none d-lg-inline">.csv</span></a>
<?php endif; ?>
</div>
</div>
</div>
<div class="page" id="page-input">
<div class="container my-3">
<?php if ($strError !== null): ?>
<div class="row">
<div class="col-md-12">
<div class="alert alert-danger">
<pre class="mb-0"><?= $strError; ?></pre>
</div>
</div>
</div>
<?php endif; ?>
<?php if ($varRows !== null && count($varRows) < 1): ?>
<div class="row">
<div class="col-md-12">
<div class="alert alert-warning">
No rows returned.
</div>
</div>
</div>
<?php endif; ?>
<div class="row">
<div class="col-md-6">
<div class="mb-3">
<label>Choose Query</label>
<div class="input-group">
<span class="input-group-text"><i class="fa fa-fw fa-folder"></i></span>
<input type="text" class="form-control" name="query" placeholder="Search files..." value="<?= $strSelection; ?>" id="query-search" />
</div>
<div class="query-search-results">
<?php foreach ($varFiles as $f): ?>
<div class="d-none border p-3">
<a class="link-underline link-underline-opacity-0" href="/run/<?= $f; ?>">
<i class="fa fa-fw fa-scroll me-2"></i>
<?= $f; ?>
</a>
</div>
<?php endforeach; ?>
</div>
</div>
</div>
</div>
<?php if ($intAllowed == 1): ?>
<?php foreach (["description"] as $strClass): ?>
<?php if (array_key_exists($strClass, $varOptions)): ?>
<div class="row">
<div class="col-md-6">
<div class="mb-3">
<?= $varOptions[$strClass]; ?>
</div>
</div>
</div>
<?php endif; ?>
<?php endforeach; ?>
<?php foreach (["danger", "warning", "info"] as $strClass): ?>
<?php if (array_key_exists($strClass, $varOptions)): ?>
<div class="row">
<div class="col-md-6">
<div class="alert alert-<?= $strClass; ?>">
<strong><?= ucfirst($strClass); ?>:</strong> <?= $varOptions[$strClass]; ?>
</div>
</div>
</div>
<?php endif; ?>
<?php endforeach; ?>
<form method="get">
<?php if (count($varInputs[0]) > 0): ?>
<?php for ($i = 0; $i < count($varInputs[0]); $i++): ?>
<?php
$strInputName = $varInputs[1][$i];
$strInputType = $varInputs[2][$i];
$strInputTypeHTML = "text";
if ($strInputType == "datetime")
$strInputTypeHTML = "date";
$strInputDefaultValue = "";
if (strtolower($varInputs[4][$i]) == "default")
if (strlen($varInputs[5][$i]) > 0)
$strInputDefaultValue = $varInputs[5][$i];
$varOptions = [];
if (strtolower($varInputs[4][$i]) == "options")
{
$strOptionsList = $varInputs[5][$i];
$varOptions = explode(",", $strOptionsList);
}
?>
<div class="row">
<div class="col-md-6">
<div class="mb-3">
<label><?= $strInputName; ?> <code><?= $strInputType; ?></code></label>
<?php if (count($varOptions) > 0): ?>
<div class="input-group">
<span class="input-group-text"><i class="fa fa-fw fa-at"></i></span>
<select class="form-select" name="<?= $strInputName; ?>">
<?php foreach ($varOptions as $o): ?>
<?php
$strLabel = $o;
$strValue = $o;
if (preg_match("/=.+$/i", $o))
{
preg_match("/(.+)=(.+)$/i", $o, $varTempMatches);
$strLabel = $varTempMatches[1];
$strValue = $varTempMatches[2];
}
?>
<option
value="<?= $strValue; ?>"
<?= Request::getParam($strInputName) == $strValue? "selected": ""; ?>
><?= $strLabel; ?></option>
<?php endforeach; ?>
</select>
</div>
<?php else: ?>
<div class="input-group">
<span class="input-group-text"><i class="fa fa-fw fa-at"></i></span>
<input type="<?= $strInputTypeHTML; ?>" class="form-control" name="<?= $strInputName; ?>" value="<?= Request::getParam($strInputName) ?? $strInputDefaultValue; ?>" />
</div>
<?php endif; ?>
</div>
</div>
</div>
<?php endfor; ?>
<?php endif; ?>
<div class="row">
<div class="col-md-6">
<div class="mb-3">
<label>Actions</label>
<div>
<a class="btn btn-primary" onclick="fnSubmit(this);"><i class="fa fa-fw fa-server me-1"></i> Execute</a>
</div>
</div>
</div>
</div>
<input type="hidden" name="run" value="1" />
</form>
<?php else: ?>
<div class="row">
<div class="col-md-6">
<div class="text-danger mb-3">
The selected report requires being logged in as a user with permission to run it.
</div>
</div>
</div>
<?php endif; ?>
<?php
$varDirectories = [];
foreach ($varFiles as $f)
{
preg_match("/^(.*\/)[^\/]/", $f, $varMatches);
$strDirectory = $varMatches[1];
if (strlen($strDirectory) > 0)
$varDirectories[$strDirectory] = 1;
}
//Respond::json($varDirectoryKeys);
?>
<div class="row">
<div class="col-md-6">
<div class="mb-3">
<label>Directories</label>
<div class="">
<?php foreach ($varDirectories as $d => $a): ?>
<div class="border p-3">
<a class="link-underline link-underline-opacity-0" href="/run?q=<?= $d; ?>">
<i class="fa fa-fw fa-folder me-2"></i>
<?= $d; ?>
</a>
</div>
<?php endforeach; ?>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="page" id="page-output">
<?php if ($varRows !== null && count($varRows) > 0): ?>
<?php
$varRow1 = $varRows[0];
$varColumns = [];
foreach ($varRow1 as $k => $v)
$varColumns[] = $k;
?>
<div class="d-none d-print-block">
<div class="container-fluid">
<div class="row">
<div class="col-md-12">
<h1><?= $strTitle; ?></h1>
<?php foreach (["description"] as $strClass): ?>
<?php if (array_key_exists($strClass, $varOptions)): ?>
<p><?= $varOptions[$strClass]; ?></p>
<?php endif; ?>
<?php endforeach; ?>
<ul>
<?php foreach ($varPosted as $k => $v): ?>
<li><?= $k; ?>: <?= $v; ?></li>
<?php endforeach; ?>
<li>Printed: <?= date("Y-m-d H:i:s"); ?></li>
</ul>
</div>
</div>
</div>
</div>
<div class="table-responsive">
<table class="table table-sm table-striped table-bordered w-100" id="table">
<thead>
<tr>
<?php foreach ($varColumns as $col): ?>
<?php
// Hide columns that begin with underscore:
if ($col[0] == "_")
continue;
?>
<th class="text-nowrap sorting"><?= $col; ?> <?php DataTable::sortIcon(); ?></th>
<?php endforeach; ?>
</tr>
</thead>
<tbody>
<?php foreach ($varRows as $r): ?>
<?php
// Allow SQL data to control row classes with _row_class column:
$strRowClass = "";
if (array_key_exists("_row_class", $r))
$strRowClass = $r["_row_class"];
$strNextCellClass = "";
?>
<tr>
<?php foreach ($varColumns as $col): ?>
<?php
$strCellClass = "";
if (strlen($strRowClass) > 0)
$strCellClass = $strRowClass;
if (strlen($strNextCellClass) > 0)
$strCellClass = $strNextCellClass;
// Allow SQL data to controll next cell class with _next_cell_class column:
if (preg_match("/^_next_cell_class/i", $col))
$strNextCellClass = $r[$col];
// Hide columns that begin with underscore:
if ($col[0] == "_")
continue;
?>
<td class="<?= $strCellClass; ?>"><?= $r[$col]; ?></td>
<?php
$strNextCellClass = "";
?>
<?php endforeach; ?>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php endif; ?>
</div>
<script>
$(function() {
var fileSearch = $("#query-search").first();
fileSearch.on("focus", function() {
fileSearch.trigger("input");
fileSearch.select();
});
fileSearch.on("input", function() {
var q = fileSearch.val();
$(".query-search-results div").each(function(i, x) {
x = $(x);
x.addClass("d-none");
//if (q.length < 1)
// return;
var fileName = x.text();
if (fileName.includesAll(q))
x.removeClass("d-none");
});
});
fnShowPage = function(id)
{
$("div.page").addClass("d-none");
$(id).removeClass("d-none");
};
fnSubmit = function(x)
{
x = $(x);
x.parents("form").first().submit();
};
fnExport = function()
{
fnShowPage("#page-output");
$("#table").exportCSV({name: "<?= $strSelection; ?>"});
};
});
</script>
<?php if ($varRows !== null && count($varRows) > 0): ?>
<script>
$(function() {
fnShowPage("#page-output");
});
</script>
<?php DataTable::js("#table"); ?>
<?php endif; ?>
<?php $intAutorun = Request::getParam("autorun"); ?>
<?php if ($intAutorun !== null && $intAutorun == 1): ?>
<script>
$(function() {
$("#page-input form")
.first()
.submit();
});
</script>
<?php endif; ?>
<?php
$strSearchQuery = Request::getParam("q");
?>
<?php if ($strSearchQuery !== null && strlen($strSearchQuery) > 0): ?>
<script>
$(function() {
$("#query-search")
.first()
.val("<?= $strSearchQuery; ?>")
.trigger("input");
});
</script>
<?php endif; ?>
Reference in New Issue View Git Blame Copy Permalink