From c3d30d3591934218cd72152fb76380c7d73904b5 Mon Sep 17 00:00:00 2001 From: lia Date: Thu, 15 Mar 2007 15:55:08 +0000 Subject: [PATCH] admin db tools : added checkup for rate and comment table, still experimental !! --- e107_admin/db.php | 318 +++++++++++++++++++++++- e107_languages/English/admin/lan_db.php | 23 +- 2 files changed, 333 insertions(+), 8 deletions(-) diff --git a/e107_admin/db.php b/e107_admin/db.php index a2d02fd7a..b408d5862 100644 --- a/e107_admin/db.php +++ b/e107_admin/db.php @@ -11,9 +11,9 @@ | GNU General Public License (http://gnu.org). | | $Source: /cvs_backup/e107_0.8/e107_admin/db.php,v $ -| $Revision: 1.2 $ -| $Date: 2007-02-14 21:17:03 $ -| $Author: e107steved $ +| $Revision: 1.3 $ +| $Date: 2007-03-15 15:55:08 $ +| $Author: lisa_ $ +----------------------------------------------------------------------------+ */ @@ -76,7 +76,11 @@ if (isset($_POST['plugin_scan']) || e_QUERY == "plugin" || $_POST['delplug']) { exit; } - +if (isset($_POST['verify_sql_record']) || isset($_POST['check_verify_sql_record']) || isset($_POST['delete_verify_sql_record']) ) { + verify_sql_record(); + require_once("footer.php"); + exit; +} @@ -116,6 +120,12 @@ $text = "
+ + + ".DBLAN_35." + + +
"; @@ -299,6 +309,304 @@ function delete_plugin_entry() $ns -> tablerender($caption,$message); } +function verify_sql_record(){ + global $ns, $sql, $sql2, $tp; + + if(!is_object($sql)){ $sql = new db; } + if(!is_object($sql2)){ $sql2 = new db; } + if(!is_object($sql3)){ $sql3 = new db; } + + $tables = array(); + $tables[] = 'rate'; + $tables[] = 'comments'; + + if(isset($_POST['delete_verify_sql_record'])){ + + $text = "
"; + $text .= "ok, so you want to delete some records? not a problem at all!
"; + $text .= "but, since this is still an experimental procedure, i won't actually delete anything
"; + $text .= "instead, i will show you the queries that would be performed
"; + $text .= "
"; + + foreach($_POST['del_dbrec'] as $k=>$v){ + + if($k=='rate'){ + + $keys = implode(", ", array_keys($v)); + $qry .= "DELETE * FROM rate WHERE rate_id IN (".$keys.")
"; + + }elseif($k=='comments'){ + + $keys = implode(", ", array_keys($v)); + $qry .= "DELETE * FROM comments WHERE comment_id IN (".$keys.")
"; + + } + + } + $text .= $qry; + + $text .= "
+
+ + +
+
+
"; + + $ns->tablerender($caption, $text); + + return; + } + + if(!isset($_POST['check_verify_sql_record'])){ + //select table to verify + $text = " +
+ + +
".DBLAN_37."

"; + foreach($tables as $t){ + $text .= "{$t}
+ +
+
"; + + $ns->tablerender(DBLAN_39, $text); + }else{ + + + //function to sort the results + function verify_sql_record_cmp($a, $b) { + + $orderby=array('type'=>'asc', 'itemid'=>'asc'); + + $result= 0; + foreach( $orderby as $key => $value ) { + if( $a[$key] == $b[$key] ) continue; + $result = ($a[$key] < $b[$key])? -1 : 1; + if( $value=='desc' ) $result = -$result; + break; + } + return $result; + } + + //function to display the results + //$err holds the error data + //$ctype holds the tablename + function verify_sql_record_displayresult($err, $ctype){ + + usort($err, 'verify_sql_record_cmp'); + + $text = ''; + if(is_array($err) && !empty($err)){ + + $text .= " + + + + + + + + "; + + foreach($err as $k=>$v){ + $delkey = $v['sqlid']; + $text .= " + + + + + + "; + } + $text .= " + + + + +
".DBLAN_40." ".$ctype."
".DBLAN_41."".DBLAN_42."".DBLAN_43."".DBLAN_44."
".$v['type']."".$v['itemid']."".($v['table_exist'] ? DBLAN_45 : DBLAN_46)." ".DBLAN_47."
+ + +

"; + } + + return $text; + } + + function verify_sql_record_gettables(){ + global $sql2; + + //array which will hold all db tables + $dbtables = array(); + + //get all tables in the db + $sql2 -> db_Select_gen("SHOW TABLES"); + while($row2=$sql2->db_Fetch()){ + $dbtables[] = $row2[0]; + } + return $dbtables; + } + + $text = ''; + + //validate rate table records + if(isset($_POST['table_rate'])){ + + $query = " + SELECT r.* + FROM #rate AS r + WHERE r.rate_id!='' + ORDER BY r.rate_table, r.rate_itemid"; + $data = array('type'=>'rate', 'table'=>'rate_table', 'itemid'=>'rate_itemid', 'id'=>'rate_id'); + + if(!$sql -> db_Select_gen($query)){ + $text = DBLAN_49; + }else{ + + //the master error array + $err=array(); + + //array which will hold all db tables + $dbtables = verify_sql_record_gettables(); + + while($row=$sql->db_Fetch()){ + + $ctype = $data['type']; + $cid = $row[$data['id']]; + $citemid = $row[$data['itemid']]; + $ctable = $row[$data['table']]; + + //if the rate_table is an existing table, we need to do more validation + //else if the rate_table is not an existing table, this is an invalid reference + if(in_array($ctable, $dbtables)){ + + $sql3 -> db_Select_gen("SHOW COLUMNS FROM {$ctable}"); + while($row3=$sql3->db_Fetch()){ + //find the auto_increment field, since that's the most likely key used + if($row3['Extra']=='auto_increment'){ + $aif = $row3['Field']; + break; + } + } + + //we need to check if the itemid (still) exists in this table + //if the record is not found, this could well be an obsolete record + //if the record is found, we need to keep this record since it's a valid reference + if(!$sql2 -> db_Select("{$ctable}", "*", "{$aif}='{$citemid}' ORDER BY {$aif} ")){ + $err[] = array('type'=>$ctable, 'sqlid'=>$cid, 'table'=>$ctable, 'itemid'=>$citemid, 'table_exist'=>TRUE); + } + + }else{ + $err[] = array('type'=>$ctable, 'sqlid'=>$cid, 'table'=>$ctable, 'itemid'=>$citemid, 'table_exist'=>FALSE); + } + } + + $text .= verify_sql_record_displayresult($err, $ctype); + } + } + + //validate comments table records + if(isset($_POST['table_comments'])){ + + $query = " + SELECT c.* + FROM #comments AS c + WHERE c.comment_id!='' + ORDER BY c.comment_type, c.comment_item_id"; + $data = array('type'=>'comments', 'table'=>'comment_type', 'itemid'=>'comment_item_id', 'id'=>'comment_id'); + + if(!$sql -> db_Select_gen($query)){ + $text = DBLAN_49; + }else{ + + //the master error array + $err=array(); + + //array which will hold all db tables + $dbtables = verify_sql_record_gettables(); + + //get all e_comment files and variables + require_once(e_HANDLER."comment_class.php"); + $cobj = new comment; + $e_comment = $cobj->get_e_comment(); + + while($row=$sql->db_Fetch()){ + + $ctype = $data['type']; + $cid = $row[$data['id']]; + $citemid = $row[$data['itemid']]; + $ctable = $row[$data['table']]; + + //for each comment we need to validate the referencing record exists + //we need to check if the itemid (still) exists in this table + //if the record is not found, this could well be an obsolete record + //if the record is found, we need to keep this record since it's a valid reference + + // news + if($ctable == "0"){ + if(!$sql2 -> db_Select("news", "*", "news_id='{$citemid}' ")){ + $err[] = array('type'=>'news', 'sqlid'=>$cid, 'table'=>$ctable, 'itemid'=>$citemid, 'table_exist'=>TRUE); + } + // article, review or content page + }elseif($ctable == "1"){ + + // downloads + }elseif($ctable == "2"){ + if(!$sql2 -> db_Select("download", "*", "download_id='{$citemid}' ")){ + $err[] = array('type'=>'download', 'sqlid'=>$cid, 'table'=>$ctable, 'itemid'=>$citemid, 'table_exist'=>TRUE); + } + + // poll + }elseif($ctable == "4"){ + if(!$sql2 -> db_Select("polls", "*", "poll_id='{$citemid}' ")){ + $err[] = array('type'=>'polls', 'sqlid'=>$cid, 'table'=>$ctable, 'itemid'=>$citemid, 'table_exist'=>TRUE); + } + + // userprofile + }elseif($ctable == "profile"){ + if(!$sql2 -> db_Select("user", "*", "user_id='{$citemid}' ")){ + $err[] = array('type'=>'user', 'sqlid'=>$cid, 'table'=>$ctable, 'itemid'=>$citemid, 'table_exist'=>TRUE); + } + + //else if this is a plugin comment + }elseif(isset($e_comment[$ctable]) && is_array($e_comment[$ctable])){ + $var = $e_comment[$ctable]; + $qryp=''; + //new method must use the 'qry' variable + if(isset($var) && $var['qry']!=''){ + if($installed = $sql2 -> db_Select("plugin", "*", "plugin_path = '".$var['plugin_path']."' AND plugin_installflag = '1' ")){ + $qryp = str_replace("{NID}", $citemid, $var['qry']); + if(!$sql2 -> db_Select_gen($qryp)){ + $err[] = array('type'=>$ctable, 'sqlid'=>$cid, 'table'=>$ctable, 'itemid'=>$citemid, 'table_exist'=>TRUE); + } + } + //old method + }else{ + if(!$sql2 -> db_Select($var['db_table'], $var['db_title'], $var['db_id']." = '{$citemid}' ")){ + $err[] = array('type'=>$ctable, 'sqlid'=>$cid, 'table'=>$ctable, 'itemid'=>$citemid, 'table_exist'=>TRUE); + } + } + //in all other cases + }else{ + $err[] = array('type'=>$ctable, 'sqlid'=>$cid, 'table'=>$ctable, 'itemid'=>$citemid, 'table_exist'=>FALSE); + } + + } + + $text .= verify_sql_record_displayresult($err, $ctype); + } + } + + $text = "
".$text."
"; + $ns->tablerender(DBLAN_50,$text); + } +} + require_once("footer.php"); -?> +?> \ No newline at end of file diff --git a/e107_languages/English/admin/lan_db.php b/e107_languages/English/admin/lan_db.php index 12d30678e..71fd70a39 100644 --- a/e107_languages/English/admin/lan_db.php +++ b/e107_languages/English/admin/lan_db.php @@ -4,9 +4,9 @@ | e107 website system - Language File. | | $Source: /cvs_backup/e107_0.8/e107_languages/English/admin/lan_db.php,v $ -| $Revision: 1.2 $ -| $Date: 2007-02-14 21:17:15 $ -| $Author: e107steved $ +| $Revision: 1.3 $ +| $Date: 2007-03-15 15:55:08 $ +| $Author: lisa_ $ +----------------------------------------------------------------------------+ */ define("DBLAN_1", "Core settings backed up in database."); @@ -44,5 +44,22 @@ define("DBLAN_32", "Error"); define("DBLAN_33", "Inaccessible"); define("DBLAN_34", "Not checked"); +define("DBLAN_35", "Click button to check validity of e107 database records"); +define("DBLAN_36", "Check database record validity"); +define("DBLAN_37", "Choose table(s) to validate"); +define("DBLAN_38", "Start Verify"); +define("DBLAN_39", "Database Record Validation"); +define("DBLAN_40", "Record Validation : "); +define("DBLAN_41", "table"); +define("DBLAN_42", "id"); +define("DBLAN_43", "remark"); +define("DBLAN_44", "options"); +define("DBLAN_45", "Id Not Found!"); +define("DBLAN_46", "Table Not Found!"); +define("DBLAN_47", "delete"); +define("DBLAN_48", "Delete Checked"); +define("DBLAN_49", "no records present in the table, so nothing to validate"); +define("DBLAN_50", "Sql Record Validation"); + ?>