9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
# File 'app/controllers/little_sql_client/client_controller.rb', line 9
def search
params[:limit_number] = 200 if params[:limit_number].blank?
params[:limit_number] = 1000 if params[:limit_number].to_i > 1000
(render :text=>"<script>alert('Illegal operate:delete,update,drop,alter,modify,create!');history.back()</script>"; return) if params[:sql_text]&¶ms[:sql_text]=~/^(update|create|alter|modify|drop|delete)/
@total_number = params[:sql_text].blank? ? 0 : ActiveRecord::Base.connection.select_all("select count(*) from (#{params[:sql_text]}) as must_has_alias").rows.first.first
@results = params[:sql_text].blank? ? nil : ActiveRecord::Base.connection.select_all("select * from (#{params[:sql_text]}) as must_has_alias limit #{params[:limit_number]}")
render template: "little_sql_client/client/index"
rescue => e
@total_number = 0
@results = nil
@error = e.message
end
|