displays the selection form */ if (!isset($param) || $param[0] == '') { include('./header.inc.php3'); $result = mysql_list_fields($db, $table); if (!$result) { mysql_die(); } else { // Gets the list and number of fields $fields_count = mysql_num_fields($result); for ($i = 0; $i < $fields_count; $i++) { $fields_list[] = mysql_field_name($result, $i); $fields_type[] = mysql_field_type($result, $i); $fields_len[] = mysql_field_len($result, $i); } ?>
       :
     
    
do the work */ else { // Builds the query $sql_query = 'SELECT ' . backquote(urldecode($param[0])); $i = 0; $c = count($param); while ($i < $c) { if ($i > 0) { $sql_query .= ',' . backquote(urldecode($param[$i])); } $i++; } $sql_query .= ' FROM ' . backquote($table); // The where clause if ($where != '') { $sql_query .= ' WHERE ' . ((get_magic_quotes_gpc()) ? stripslashes($where) : $where); } else { $sql_query .= ' WHERE 1'; for ($i = 0; $i < count($fields); $i++) { if (!empty($fields) && $fields[$i] != '') { $quot = ''; if ($types[$i] == 'string' || $types[$i] == 'blob') { $quot = '"'; $cmp = 'LIKE'; if (!get_magic_quotes_gpc()) { $fields[$i] = str_replace('"', '\\"', $fields[$i]); } } else if ($types[$i] == 'date' || $types[$i] == 'time') { $quot = '"'; $cmp = '='; } else { if (strstr($fields[$i], '%')) { $cmp = 'LIKE'; $quot = '"'; } else { $cmp = '='; $quot = ''; } if (substr($fields[$i], 0, 1) == '<' || substr($fields[$i], 0, 1) == '>') { $cmp = ''; } } // end if $sql_query .= ' AND ' . backquote(urldecode($names[$i])) . ' ' . "$cmp $quot$fields[$i]$quot"; } // end if } // end for } // end if $url_query = 'lang=' . $lang . '&server=' . urlencode($server) . '&db=' . urlencode($db) . '&table=' . urlencode($table) . '&sql_query=' . urlencode($sql_query) . '&pos=0' . '&sessionMaxRows=' . $sessionMaxRows . '&goto=db_details.php3'; header('Location: sql.php3?' . $url_query); } ?>