web-api/commit-execute-query.php - www.eclipse.org/projects - Git at Google

 Version 30 <br>
 <?php
 $logfile = "/home/data/httpd/writable/community/commit-inserts.log";
 if( !preg_match( "/24.20.10.28/", $_SERVER['REMOTE_ADDR'] ) // Bjorn's home office
  && !preg_match( "/168.103.234.47/", $_SERVER['REMOTE_ADDR'] ) // Eclipse Portland office
  ) {
    $log = fopen( $logfile, "a" );
    fwrite( $log, date('Y-m-d.H:i:s') . " " . $_SERVER['REMOTE_ADDR'] . " is an invalid caller of commit-execute-query\n" );
    fclose( $log );
    echo $_SERVER['REMOTE_ADDR'] . " is an invalid caller<br>\n";
    exit;
 }
 ?>include..<br><?php
 /*
  * Execute the query in the writable/community/query.txt file
  * Check that it is owned by Bjorn and not group or world writable
  * in order to prevent db attacks.
  */
 include "/home/data/httpd/eclipse-php-classes/system/dbconnection_foundation_ro.class.php";

 ?>exists..<br><?php
   $filename = "/home/data/httpd/writable/community/query.txt";
   if( !file_exists( $filename ) ) {
     echo "query.txt does not exist - exiting";
     exit;
   }
 ?>group..<br><?php
 //  $a = posix_getpwuid( fileowner( $filename ));
 //  if( $a['name'] != "bfreeman" ) {
 //    echo "query.txt is not owned by bfreeman - exiting";
 //    exit;
 //  }
 ?>permissions..<br><?php
   $p = fileperms( $filename );
   if( ($p & 0x0012) != 0 ) {
     echo "query.txt is group or world writable - exiting";
     exit;
   }
 ?>load..<br><?php
   $q1 = file( $filename );
   $q2 = implode( "", $q1 );
   $q3 = explode( ";", $q2 );

   $_dbc = new DBConnectionFoundation();
   $_dbh = $_dbc->connect();
   for( $j = 0; $j < count($q3); $j++ ) {
     $_query = $q3[$j];
     $_query = rtrim( $_query );
     if( $_query == "" ) continue;
     echo "<b>/$_query/</b><br>\n";
     flush();

     $result = mysql_query($_query,$_dbh);
     if (!$result) {
         echo("MySQL Error: ".mysql_error());
     } else {
       while( $row = mysql_fetch_array($result) ) {
         for( $i = 0; $i < count($row); $i++ ) {
           echo "/$row[$i]/\t";
         }
         echo "<br>\n";
       }
     }
   }
 ?>
 <p>
 End of query.
	Version 30 <br>
	<?php
	$logfile = "/home/data/httpd/writable/community/commit-inserts.log";
	if( !preg_match( "/24.20.10.28/", $_SERVER['REMOTE_ADDR'] ) // Bjorn's home office
	&& !preg_match( "/168.103.234.47/", $_SERVER['REMOTE_ADDR'] ) // Eclipse Portland office
	) {
	$log = fopen( $logfile, "a" );
	fwrite( $log, date('Y-m-d.H:i:s') . " " . $_SERVER['REMOTE_ADDR'] . " is an invalid caller of commit-execute-query\n" );
	fclose( $log );
	echo $_SERVER['REMOTE_ADDR'] . " is an invalid caller<br>\n";
	exit;
	}
	?>include..<br><?php
	/*
	* Execute the query in the writable/community/query.txt file
	* Check that it is owned by Bjorn and not group or world writable
	* in order to prevent db attacks.
	*/
	include "/home/data/httpd/eclipse-php-classes/system/dbconnection_foundation_ro.class.php";

	?>exists..<br><?php
	$filename = "/home/data/httpd/writable/community/query.txt";
	if( !file_exists( $filename ) ) {
	echo "query.txt does not exist - exiting";
	exit;
	}
	?>group..<br><?php
	// $a = posix_getpwuid( fileowner( $filename ));
	// if( $a['name'] != "bfreeman" ) {
	// echo "query.txt is not owned by bfreeman - exiting";
	// exit;
	// }
	?>permissions..<br><?php
	$p = fileperms( $filename );
	if( ($p & 0x0012) != 0 ) {
	echo "query.txt is group or world writable - exiting";
	exit;
	}
	?>load..<br><?php
	$q1 = file( $filename );
	$q2 = implode( "", $q1 );
	$q3 = explode( ";", $q2 );

	$_dbc = new DBConnectionFoundation();
	$_dbh = $_dbc->connect();
	for( $j = 0; $j < count($q3); $j++ ) {
	$_query = $q3[$j];
	$_query = rtrim( $_query );
	if( $_query == "" ) continue;
	echo "<b>/$_query/</b><br>\n";
	flush();

	$result = mysql_query($_query,$_dbh);
	if (!$result) {
	echo("MySQL Error: ".mysql_error());
	} else {
	while( $row = mysql_fetch_array($result) ) {
	for( $i = 0; $i < count($row); $i++ ) {
	echo "/$row[$i]/\t";
	}
	echo "<br>\n";
	}
	}
	}
	?>
	<p>
	End of query.