<?php
//===============================================================================
// Retrieve DB command from the "request" cookie
// Execute the command
// Save the DB output in a "response" cookie 
// Redirect back (callback) the page that called me
// Important: request  data cannot include "+" nor "|" (used for parsing)
//            response data cannot include "." nor "|" (used for parsing) 
//===============================================================================

    error_reporting(E_ALL & ~E_NOTICE & ~E_WARNING);
//  error_reporting(E_ERROR);			  //only major errors 

    $request = $_COOKIE['request'];		  //retrieve the 'request' cookie

    $str     = process($request);

    setcookie('response', $str);   	   	  //store a 'response' cookie 

    header("Location: $_SERVER[HTTP_REFERER]");	  //forward back to referer

//===============================================================================
function process($request)
{
    global $connect, $sql;

    if (! $request) 
        return("'request' cookie is empty");

    list($host_port,$DBuser,$DBpswd,$DBname,$sql) = explode('|',$request);

    $connect = mysqli_connect($host_port,$DBuser,$DBpswd);	//connect to db server
 
    if (! $connect) 
        return('Could not connect: ' . mysqli_connect_error());

    $selectDB = mysqli_select_db($connect, $DBname);		//select a database
 
    if (! $selectDB) 
        return('Could not select a DB: ' . mysqli_error($connect));

    if ( preg_match('/^\s*(select|desc|show|explain)/i', $sql) )  //(not case sensitive)  
        $str = db_read();                                         //select, desc, show or explain	
    else                                                          //then call db_read( )
        $str = db_write();                                        //else call db_write( )

    mysqli_close($connect);					//close connection

    return($str);
}

//===============================================================================
function db_read()
{
    global $connect, $sql;

    $cursor = mysqli_query($connect, $sql);              		//execute the query

    if (! $cursor)
        return('Could not execute query: ' . mysqli_error($connect));

    $numCols = mysqli_num_fields($cursor);               //number of columns returned
    $numRows = mysqli_num_rows($cursor);                 //number of rows returned

    $str     = '';

    for ($i=0; $i < $numCols; $i++)                         //loop thru columns
    {
    	$col  = mysqli_fetch_field_direct($cursor, $i);		//get column metadata
        $str .= $col->name . '.';                           //get the column name
    }
    $str .= '|';
 
    for ($i=0; $i < $numRows; $i++)                     //loop thru rows
    {
        $row   = mysqli_fetch_row($cursor);		//store row in 2 dim data array
        $str  .= implode('.',$row);
        $str  .= "|";
    }    
        
    $str = substr($str,0,3500);				//maximum is 3500 bytes

    mysqli_free_result($cursor);                         //free result buffer

    return($str);
}

//===============================================================================
function db_write()
{

    global $connect, $sql, $str;

    $result = mysqli_query($sql);          		//execute the update

    if (! $result)
        return('Could not execute sql: ' . mysqli_error($connect));

    $str  = 'Sucessfully completed - ';	
    $str .= 'Rows effected: ' . mysqli_affected_rows();	

    return($str);
}
//===============================================================================
?>