<?
/*

   *******************************************
   *                         *      ***      *
   * Release: MySQLInfTool   *  ***********  *
   * Version: 1.0            *  ****   ****  *
   * Best with: Firefox      *  ***  *  ***  *
   *                         *  ****   ****  *
   *                         *  ***********  *
   *                         *      ***      *
   *******************************************

   Credits
   *******
   DarkFig (gmdarkfig@gmail.com - acid-root.new.fr)

   Description
   ***********
   Un script php permettant de se connecter à un serveur MySQL à distance ou en local.
   Liste les bases de données, les tables, donne des informations concernant les tables.
   Affiche les données(ou un aperçue) contenu dans une table, option de telechargement.

*/

// Vars
if(isset($_GET['host'])  && !empty($_GET['host'])   && is_string($_GET['host']))   { $host = htmlentities($_GET['host']);   } else {$host = '';}
if(isset($_GET['login']) && !empty($_GET['login'])  && is_string($_GET['login']))  { $login= htmlentities($_GET['login']);  } else {$login= '';}
if(isset($_GET['passwd'])&& !empty($_GET['passwd']) && is_string($_GET['passwd'])) { $pass = htmlentities($_GET['passwd']); } else {$pass = '';}
if(isset($_GET['port'])  && !empty($_GET['port'])   && is_string($_GET['port']))   { $port = intval($_GET['port']);         } else {$port = '';}
if(isset($_GET['bdd'])   && !empty($_GET['bdd'])    && is_string($_GET['bdd']))    { $bdd  = addslashes(htmlentities($_GET['bdd'])); } else {$bdd  = '';}
if(isset($_GET['tables'])&& !empty($_GET['tables']) && is_string($_GET['tables'])) { $table = str_replace("`", "",$_GET['tables']); $table = addslashes(htmlentities($table));} else {$table= '';}
if(isset($_GET['select'])&& !empty($_GET['select']) && is_string($_GET['select'])) { $select = 'Yes'; } else { $select = 'No'; }
if(isset($_GET['limit']) && is_string($_GET['limit'])) { $select = 'Yes'; $limit = 'Yes'; } else { $limit = 'No'; }
if(isset($_GET['download']) && is_string($_GET['download'])) { $download = 'Yes'; $select = 'Yes'; } else { $download = 'No'; }

// Sock
$err0 = 'No';$err1 = 'No'; $err2 = 'No';
$data = '';$res0 = '';
if(!empty($host) | !empty($login) | !empty($pass) | !empty($port)) {
    if($sock = @mysql_connect("$host:$port", $login, $pass)) { $err0 = 'No'; } else { $err0 = 'Yes'; }
}


// Authentification
ob_start();
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\n";
echo "<html><head><title>MSIT</title></head><body>\n";
echo "<!-- (C) DarkFig 2006 (gmdarkfig@gmail.com) acid-root.new.fr -->\n";
echo "<div align=\"center\">\n";
echo "<table width=\"381\" height=\"337\" border=\"0\">\n";
echo "<tr><td width=\"375\"><div align=\"left\">\n";
echo "<h1 align=\"center\">MySQLInfTool</h1>\n\n";
echo "<!-- Authentification -->\n";
if(empty($host)) { echo "<b>mysql -h ".htmlentities("<host> -u <user> --password=<pass>")."</b><br/>\n"; } else { echo "<b>mysql -h $host -u $login --password=\"$pass\"</b><br/>\n"; }
echo "<form action=\"$PHP_SELF\" method=\"GET\">\n";
echo "<input type=\"text\" name=\"host\" value=\"localhost\">\n";
echo "<input type=\"text\" name=\"login\" value=\"root\"><br/>\n";
echo "<input type=\"password\" name=\"passwd\" value=\"toor\">\n";
echo "<input type=\"text\" name=\"port\" value=\"3306\">\n";
echo "<input type=\"submit\" value=\"list_bdd\">\n";
echo "</form>\n\n";


// Databases
echo "<!-- Bases de données -->\n";
echo "<b>show databases;</b>\n";
echo "<form action=\"$PHP_SELF\" method=\"GET\">\n";
echo "<input type=\"hidden\" name=\"host\" value=\"$host\">\n";
echo "<input type=\"hidden\" name=\"login\" value=\"$login\">\n";
echo "<input type=\"hidden\" name=\"passwd\" value=\"$pass\">\n";
echo "<input type=\"hidden\" name=\"port\" value=\"$port\">\n";
echo "<select name=\"bdd\">\n";
if($err0 == 'No') {
    $alldatab = mysql_list_dbs($sock);
    $numbrdat = mysql_num_rows($alldatab);
    for($x = 0; $x < $numbrdat; $x++) {
    $database = htmlentities(mysql_db_name($alldatab, $x));
    echo "<option value=\"".$database."\"";
    if($bdd == $database) { echo " selected"; }
    echo ">".$database."</option>\n";
  }
}
echo "</select>\n";
echo "<input type=\"submit\" value=\"list_tables\">\n";
echo "</form>\n\n";


// Tables
echo "<!-- Tables -->\n";
if(empty($bdd)) { echo "<b>use ".htmlentities("<database>")."; show tables;</b><br/>\n"; } else { echo "<b>use $bdd; show tables;</b><br/>\n"; }
echo "<form action=\"$PHP_SELF\" method=\"GET\">\n";
echo "<input type=\"hidden\" name=\"host\" value=\"$host\">\n";
echo "<input type=\"hidden\" name=\"login\" value=\"$login\">\n";
echo "<input type=\"hidden\" name=\"passwd\" value=\"$pass\">\n";
echo "<input type=\"hidden\" name=\"port\" value=\"$port\">\n";
echo "<input type=\"hidden\" name=\"bdd\" value=\"$bdd\">\n";
echo "<select name=\"tables\">\n";
if($err0 == 'No' && !empty($bdd)) {
    if(!$alltable = mysql_list_tables($bdd,$sock)) { $err2 = 'Yes'; }
    $num = mysql_num_rows($alltable);
    for($x = 0; $x < $num; $x++) {
    $tables = htmlentities(mysql_tablename($alltable, $x));
    echo "<option value=\"".$tables."\"";
    if($table == $tables) { echo " selected"; }
    echo ">".$tables."</option>\n";
  }
}
echo "</select>\n";
echo "<input type=\"submit\" value=\"explain_table\">\n";
echo "<input type=\"submit\" name=\"select\" value=\"select *\"><br/>\n";
echo "<input type=\"submit\" name=\"download\" value=\"download *\">\n";
echo "<input type=\"submit\" name=\"limit\" value=\"limit 0,30\">\n";
echo "</form>\n\n";


// Explain / Select
echo "<!-- Explain / Select -->\n";
if($err0 == 'No' && !empty($bdd) && !empty($table)) {
    mysql_select_db($bdd);
    if($req0 = mysql_query("SELECT COUNT(*) FROM `$table`")) {
    $res0 = mysql_fetch_array($req0);
    $res0 = intval($res0[0]);
    if($select == 'No') { echo "<b>explain $table;</b>"; } elseif ($limit == 'Yes') { echo "<b>select * from $table limit 0,30;</b>"; } else { echo "<b>select * from $table;</b>"; }
    echo "<b> -- count=$res0;"."</b><br/>\n";
}}
echo "<textarea cols=50 rows=10 name=\"\" READONLY>\n";
if($err0 == 'No' && !empty($bdd) && !empty($table) && $select == 'No') {
    if($fields = @mysql_list_fields($bdd, $table)) {
    $err1 = 'No';
    $num = mysql_num_fields($fields);
    for($x = 0; $x < $num; $x++) {
    $field = htmlentities(mysql_field_name($fields, $x));
    echo $field."\n";
  }
} else {
    $err1 = 'Yes';
}}

elseif($err0 == 'No' && !empty($bdd) && !empty($table) && $select == 'Yes') {
         
         if($limit == 'Yes' && $res0 > 30) { $res0 = '30'; }
         $req1 = mysql_query("SELECT * FROM `$table`");
         if($fields = @mysql_list_fields($bdd, $table)) {
         $err1 = 'No';
         $num = mysql_num_fields($fields);
         for($i = 0; $i < $res0; $i++) {
         $res1 = mysql_fetch_array($req1);
         for($x = 0; $x < $num; $x++) {
         $field = mysql_field_name($fields, $x);
         $data .= $field.': '.$res1[$field]."\n";
         }
         $data .= "\n";
  }
if($download == 'Yes') {
        ob_end_clean();
        $length = strlen($data);
        header("Content-disposition: attachment; filename=data.txt");
        header("Content-Type: application/force-download");
        header("Content-Transfer-Encoding: text/plain\n");
        header("Content-Length: $length");
        header("Expires: -1");
        echo $data;
        }
        else { echo htmlentities($data); }
} else {
    $err1 = 'Yes';
}
}

if($download != 'Yes') { echo "</textarea></div></td></tr></table></body></html>\n"; }
if($err0 == 'Yes') { echo "<br/><b>Erreur lors de la connexion au serveur MySQL</b>\n"; }
if($err2 == 'Yes') { echo "<br/><b>Impossible d'accéder à la base de donnée</b>\n"; }
if($err1 == 'Yes') { echo "<br/><b>Problème concernant la table sélectionnée</b>\n"; }

$buffer = ob_get_contents();
ob_end_clean();
echo $buffer;

?>