* finish task #1996.

2014-12-15 02:04:19 +00:00
parent 0522f5426c
commit 6a1be06be6
4 changed files with 63 additions and 0 deletions
--- a/module/api/control.php
+++ b/module/api/control.php
@@ -87,4 +87,18 @@ class api extends control
        $this->view->filePath = $filePath;
        $this->display();
    }
+
+    /**
+     * Query sql; 
+     * 
+     * @param  string    $sql this sql is base64 encode. 
+     * @access public
+     * @return void
+     */
+    public function query($sql)
+    {
+        $sql = base64_decode($sql);
+        $this->view->results = $this->api->query($sql);
+        die($this->display());
+    }
 }
--- a/module/api/lang/en.php
+++ b/module/api/lang/en.php
@@ -12,6 +12,7 @@
 $lang->api = new stdclass();
 $lang->api->common   = 'API';
 $lang->api->getModel = 'Super Model API';
+$lang->api->query    = 'SQL Query API';

 $lang->api->position  = 'Position';
 $lang->api->startLine = "%s, line %s";
@@ -24,3 +25,6 @@ $lang->api->status    = 'status';
 $lang->api->data      = 'data';
 $lang->api->noParam   = 'No params in this method';
 $lang->api->post      = 'Refer to corresponding form for debugging POST.';
+
+$lang->api->error = new stdclass();
+$lang->api->error->onlySelect = 'SQL query interface allows only SELECT query';
--- a/module/api/lang/zh-cn.php
+++ b/module/api/lang/zh-cn.php
@@ -12,6 +12,7 @@
 $lang->api = new stdclass();
 $lang->api->common   = 'API接口';
 $lang->api->getModel = '超级model调用接口';
+$lang->api->query    = 'SQL查询接口';

 $lang->api->position  = '位置';
 $lang->api->startLine = "%s,%s行";
@@ -24,3 +25,6 @@ $lang->api->status    = '状态';
 $lang->api->data      = '内容';
 $lang->api->noParam   = 'GET方式调试不需要输入参数，';
 $lang->api->post      = 'POST方式调试请参照页面表单';
+
+$lang->api->error = new stdclass();
+$lang->api->error->onlySelect = 'SQL查询接口只允许SELECT查询';
--- a/module/api/model.php
+++ b/module/api/model.php
@@ -83,4 +83,45 @@ class apiModel extends model

        return array('url' => $url, 'content' => $content);
    }
+
+    /**
+     * Query sql. 
+     * 
+     * @param  string    $sql 
+     * @access public
+     * @return array
+     */
+    public function query($sql)
+    {
+        $sql  = trim($sql);
+        $sqls = explode(';', $sql);
+
+        $results = array();
+        foreach($sqls as $sql)
+        {
+            $sql = trim($sql);
+            if(empty($sql)) continue;
+
+            $result = new stdclass();
+            $result->sql    = $sql;
+            $result->result = '';
+            if(stripos($sql, 'select ') !== 0)
+            {
+                $result->result = $this->lang->api->error->onlySelect;
+            }
+            else
+            {
+                try
+                {
+                    $result->result = $this->dao->query($sql)->fetchAll();
+                }
+                catch(PDOException $e)
+                {
+                    $result->result = $e->getMessage();
+                }
+            }
+            $results[] = $result;
+        }
+        return $results;
+    }
 }