jpstacey · June 27, 2011 11:42
diff --git a/db_search.php b/db_search.php
 <?php
 /**
 * Search all Drupal database tables for a string
 * Uses simple concat(), so could 
 *   (a) have false positives through concat or 
 *   (b) have false negatives through TEXT trimming
 */

 require_once './includes/bootstrap.inc';
 drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);

 # Loop over all tables
 $result = db_query("SHOW TABLES");
 while($row = db_fetch_array($result)) {
  # Omit table if it begins 'cache' or is watchdog
  $table = array_pop($row);
  if (strpos($table, 'cache') !== FALSE) {
    continue;
  }
  if ($table == 'watchdog') {
    continue;
  }

  # Start reporting
  print "<h2>$table</h2>";

  # Get fields from table
  $result2 = db_query("SHOW FIELDS FROM %s", $table);
  $fields = array();
  while($field = db_fetch_array($result2)) {
    $fields[] = $field['Field'];
  }

  # Construct SQL from field names
  $concat = "concat(". join(", ", $fields) .")";
  $matches_sql = "SELECT *, $concat concat_result FROM $table WHERE $concat LIKE '%%%s%%'";
  $match_result = db_query($matches_sql, $_GET['for']);

  # Print out all fields for any matches
  while($match = db_fetch_array($match_result)) {
    print "<dl>";
    foreach($fields as $field) {
      print "<dt>$field</dt><dd>" . $match[$field] . "</dd>";
    }
    print "<dt>Raw match</dt><dd>" . str_replace($_GET['for'], '<b>'.$_GET['for'].'</b>', check_plain($match['concat_result'])) . "</dd>";
    print "</dl>";
  }
 }
	<?php
	/**
	* Search all Drupal database tables for a string
	* Uses simple concat(), so could
	* (a) have false positives through concat or
	* (b) have false negatives through TEXT trimming
	*/

	require_once './includes/bootstrap.inc';
	drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);

	# Loop over all tables
	$result = db_query("SHOW TABLES");
	while($row = db_fetch_array($result)) {
	# Omit table if it begins 'cache' or is watchdog
	$table = array_pop($row);
	if (strpos($table, 'cache') !== FALSE) {
	continue;
	}
	if ($table == 'watchdog') {
	continue;
	}

	# Start reporting
	print "<h2>$table</h2>";

	# Get fields from table
	$result2 = db_query("SHOW FIELDS FROM %s", $table);
	$fields = array();
	while($field = db_fetch_array($result2)) {
	$fields[] = $field['Field'];
	}

	# Construct SQL from field names
	$concat = "concat(". join(", ", $fields) .")";
	$matches_sql = "SELECT *, $concat concat_result FROM $table WHERE $concat LIKE '%%%s%%'";
	$match_result = db_query($matches_sql, $_GET['for']);

	# Print out all fields for any matches
	while($match = db_fetch_array($match_result)) {
	print "<dl>";
	foreach($fields as $field) {
	print "<dt>$field</dt><dd>" . $match[$field] . "</dd>";
	}
	print "<dt>Raw match</dt><dd>" . str_replace($_GET['for'], '<b>'.$_GET['for'].'</b>', check_plain($match['concat_result'])) . "</dd>";
	print "</dl>";
	}
	}