1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
<?php
require_once("DataFeeder.php");
class DbFeeder extends DataFeeder
{
var $db = NULL;
function DbFeeder($name_, $specific_) {
parent::DataFeeder($name_, $specific_);
}
function Exploit() {
global $LIBPATH;
global $db_name;
global $db_host;
global $db_password;
global $db_usrName;
$test = parent::ParseGetPost($this->specific[3]);
if($test)
return $test;
if($this->db == NULL) {
$this->db = new DbMysql($db_host, $db_usrName, $db_password, $db_name);
if(!$this->db->bConnected)
return 2;
}
$values = $this->specific[3];
$fields = $this->specific[2];
$tableName = $this->specific[0];
global $$tableName;
global $gagets;
// parser for filter
if(!strpos($this->name, ":noFilter")) {
if(isset($gagets)) {
if(in_array("filter", $gagets)) { // check what selection was specified
if($values == NULL)
$values = array();
if($fields == NULL)
$fields = array();
$table =$$tableName;
$rows = $table->GetTableRows();
foreach($rows as $row_) {
if(array_key_exists($row_, $_POST)) {
if($_POST[$row_] && $_POST[$row_] != -1) {
$fields[]= $row_;
$values[]= $_POST[$row_];
}
}
}
}
}
}
if(!array_key_exists(7, $this->specific))
$this->specific[7] = "";
if(!array_key_exists(8, $this->specific))
$this->specific[8] = "";
$this->resultArr = $this->db->Select($$tableName, $this->specific[1], $fields, $values, $this->specific[4], $this->specific[5], $this->specific[6], $this->specific[7], $this->specific[8]);
// echo "<pre>";
// print_r($$tableName);
return $this->resultArr;
}
}
?>
|