jan-vandenberg / cruddiy Goto Github PK

The columns.php file has 3 columns. Can it not be reduced to two with the checkbox text being on the title of the checkbox column on each table?

See https://j11g.com/2020/04/09/cruddiy-a-no-code-bootstrap-crud-generator/#comment-8307

FYI I did find on glitch in search. With Server version: 10.2.37-MariaDB – MariaDB Server, the CONCAT on the search pages needs to be CONCAT_WS to see records where more than one exists. Hope this helps someone else.

Line 44 of columns.php yields an error as $auto_keys is not initialised before the loop when there is no auto_increment key in the table. The fix is attached.
columns.php.txt

The MySQL/MariaDB function CONCAT_WS takes a separator as the first parameter. It looks like the generator does not take this into account and it should emit a first parameter that's an empty string or some other delimiter.

When you use a foreign key to connect two tables (for example books and author).
In the book_create and book_update you see de author id and name.

In the book_index file you only see the author_id. Is it possible to add here also the name (first field after the id.
explanation in dutch is possible

The config.php file that is generated has the db parameters after the hardcoded mysqli_connect statement. The db parameters should be first set and they should be used in the mysqli_connect statement.

This might be me being thick again, but when you add a visible name to all the selected tables, It only applies the change to the first button (eg, I change them to this):

• Airports,
• Airlines
• Runwayws
• etc

And when it is all generated, it shows the actual table name except for the first button

Hi,
Some potential security vulnerabilities has been identified in this repository.
Please Validate reports submitted on huntr and if are valid please mark them valid there.
The report links are the following:

https://huntr.dev/bounties/b32f3a6d-e532-4ad3-a280-0e8f719805be/
https://huntr.dev/bounties/d59110a2-0329-4460-88fc-44e331b5cb4a/
https://huntr.dev/bounties/69d295f3-05e1-467a-b3eb-aae002cb6a91/
https://huntr.dev/bounties/d5e617d4-81a1-43dc-b2f5-509726812e9f/

We need a check to see if the Foreign Key constraints have been made in the table or merely stored in the session for generation purposes. MyISAM tables do not support Foreign Keys and hence the cascades would need to be in code.

Hey Jan,

Lovin' your work, great job!

just wondering if you are still thinking of adding dark mode and export facilities?

C

On last screen of app generating wizard, I get:

Warning: count(): Parameter must be an array or an object that implements Countable in C:\Wamp.NET\sites\grocery\public\core\generate.php on line 3

Hello,

CERT PL found a security vulnerability in this repository. How can we report this privately? We don't see any security policy describing how such vulnerabilities should be reported.

Looks like some code has been copy/pasted from tables.php to columns.php. The latter should have the text:
Display table name in frontend
changed to
Display field name in frontend

Also line 30 $primary_keys needs to be initialised before the while loop.
Verify if the $fks initialisation to a blank element is okay in the function get_foreign_keys.
columns.php.txt

Hi
I know it's not an issue but it would really be great to have the login page with the script so that i can upload it to our website as a subdomain

All columns are primary keys, that seems wrong. Probably something in the get_primary_key() function.

It will be a good choice to create REST api endpoints for generated crud.
Use http verbs like GET, POST, PUT and DELETE for crud operations.

Easily secure with an time limited JWT api key and/or http basic authentication.

Hello,

In the generated CRUD if have some nvarchar data with char as é ' à the field stay empty.

My data from php my admin

data view from the generated crud

Regards

Crudity is an awesome program, and I have gotten plenty of use out of it so far. However, would it be possible to have the date display format be configurable? (changing to m/d/Y or d/m/Y, for example)

Hi, neat little tool! I was just following some CRUD example to make all this manually for some quick hack I need. I just found out that 1 index file is broken with:

And in the .php file itself I can see that:

But that table index is actually iccid.

Hi,
I tried cruddiy. Uploaded it, entered all credentials and after clicking "Submit" only the following message is shown:
"Unable to open file!".

In the error is nothing suspicious.

Can you help?

In PR #74

• Fixed some issues with default orderby / groupby
• Disabled broken Action buttons

Before:

After:

This markup will be generated:

<span data-toggle='tooltip' data-placement='top' title='It's a mandatory field since last month.'>

We need to addslashes().

Hi!

I'd like to request a few things:

• Automatically generate enum dropdown based on column definitions
• Input maxlength based on column sizes
• Add hint text for columns
• Show datatype for columns, maybe allow some loose validation in the form
• Wrap updates in transactions, and rollback/display verbose error if an issue occurs.
• Maybe a little deduplication for the database logic?

I spent money on some really complex PHP Crud thingy and then I found this simple beauty after the thing that I bought started acting up :) It looks very modifiable and I'm very happy to have found it. Wish I'd found it earlier!

Hi, once I configure the db and go to the step when I select the table and fields I want to create I get the following error several times:
"Notice: Undefined variable: column_id in /home/goingbeautiful/domains/goingbeautiful.com/public_html/reports/core/generate.php on line 378"
And the same error for lines 539, 580, 582, 583, and 584
And if I continue to access the app it prints another error:
"ERROR: Could not able to execute SELECT * FROM pros_prime ORDER BY desc LIMIT 0, 10. You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'desc LIMIT 0, 10' at line 1"

I'm using PHP 7.4

Thanks in advanced

I have 56 tables, and only 27 of them get generated by CRUDDIY.

Observations:
table.php - Shows all 56 tables to select
columns.php - Shows all 56 tables and their relevant columns
generate.php - Shows only 27 tables
app/index.php - Shows only 27 buttons
directory - Only files for the 27 tables were generated into the directory

I presume there is an issue / limit with the generation of the tables?

All files are being generated for all tables correctly but, once the generation process is complete only one link (button) is created and displayed on the index page, and that seems to be for the first table only. There is an easy workaround - but - wanted to see if there is a way to fix that.

These types are handled incorrectly:

• a_timestamp TIMESTAMP
• a_char CHAR(10)
• a_binary BINARY(10)
• a_json JSON
• a_point POINT
• a_linestring LINESTRING
• a_polygon POLYGON

Here is a table schema for all field types.

fopen seems to stop writing app/index.php after some character limit. This results in buttons not being added to the list:

Probably related to germain-italic@76f3073

Investigating on that.

I ran cruddiy for the first time with a table and it worked very well, in the field that is linked by a foreign key it showed the description of the foreign table and in the record insertion form it showed a drop-down list from which the data of the foreign table id ok i deleted the initial app, created all my foreign keys and regenerated the app, unfortunately i have done this 4 times already and the pages now don't take foreign keys into account anymore

What should I do?

Is there somewhere where foreign keys are saved and then not regenerated?

I even tried recreating the foreign keys with the cruddiy tool itself and it didn't work for me

please help

Hello,
when I set up everything, fields with relations (foreign key) show their ID values instead of lookup values from referenced table. It would be very useful to enhance app with this basic functionality.

Hi, trying to generate a crud from some tables that have already set a relation in phpmyadmin. The key is shown, not the actual 'name' set in table. Can cruddiy automagically generate those? Thanks.

Hi, I just found this project and I liked it.
I am using it for a non-profit association in Spain.
I am adapting the code to their needs and I have found a problem with the pagination when using https, I have found that when generating $protocol:

$protocol=strpos(strtolower($_SERVER['SERVER_PROTOCOL']),'https') === FALSE ? 'http' : 'https';

But $_SERVER['SERVER_PROTOCOL'] = "HTTP 1.1", so it always returns http.
I have changed that line to:

$protocol=($_SERVER['HTTPS'] == "on" ? "https" : "http");

and now it seems to work correctly.

Translated with www.DeepL.com/Translator (free version)

Hi,

You are using the execute method with parameters to pass variables in a prepared statement rather than the "bindparam" way. According to the documentation this only appeared in PHP 8.1 and indeed it failed on my PHP 7.4 install.

Please update the documentation file as it says "PHP 7+".

Thanks

Happens on generated -index.php when the ONLY_FULL_GROUP_BY SQL mode is activated.

Fixed in #74 in e2ef4e9

I quite like to access the CRUD pages by just typing:
domain.com/crud
With the core (generation files) being as such:
domain.com/crud/core

currently, it generates the files to a nested 'app' folder, so to access the CRUD pages, I have to type:
domain.com/crud/core/app

I have moved them out of the app folder, but it is a big hassle whenever we make a database change and have to start from scratch with CRUDDIY again each time.

Would be nice if during the configuration step and file it allows you to enter a path to generate the files into a specified folder.
Eg.

Install Directory:
[ ../crud ]

This way not only will it generate the files into a different directory, but will also allow the changing of the folder from 'app' to something else

When I type anything (which I know exists as is in the table below the search bar) it returns No records were found.

This only happens on 1 table for some reason

When you filter by a column (eg. name) and click next page, it removes the filtering completely from the URL and just shows: pageno=2

Following Feature/save columns names where table names and columns names are saved in config for futur re-runs of the generator, we should also save the values of the checkboxes.

New keys to be added to app/config-tables-columns.php (this file is auto-generated after first run).

error_log.txt
having problems with 'viewing' and 'updating' all 3 different sets of tables, and on two of the tables, it won't allow me to 'add' (will show page, but then error 500 page on submit)

When we choose a database with no relations between it's tables, we get an error in line 129 of relations.php where $row is an invalid argument for the foreach construct. The fix is attached.
relations.php.txt

Given the following schema

DROP TABLE IF EXISTS `products`;
CREATE TABLE `products` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `ean` varchar(13) NOT NULL,
  `product_name` varchar(255) DEFAULT NULL,
  `brand_id` int(11) DEFAULT NULL,
  `supplier_id` int(11) DEFAULT NULL,
  `visual_url` text,
  `packaging_details` text,
  `recycled_material_incorporation` decimal(5,2) DEFAULT NULL,
  `hazardous_substance_presence` tinyint(1) DEFAULT NULL,
  PRIMARY KEY (`id`),
  UNIQUE KEY `ean` (`ean`),
  KEY `supplier_id` (`supplier_id`),
  KEY `product_data_ibfk_1` (`brand_id`),
  CONSTRAINT `products_ibfk_1` FOREIGN KEY (`brand_id`) REFERENCES `brands` (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

The generated query on relations.php will be:

SELECT i.TABLE_NAME as 'Table Name', k.COLUMN_NAME as 'Foreign Key', k.REFERENCED_TABLE_NAME as 'Primary Table', k.REFERENCED_COLUMN_NAME as 'Primary Key', i.CONSTRAINT_NAME as 'Constraint Name', 'Delete' as 'Delete' FROM information_schema.TABLE_CONSTRAINTS i LEFT JOIN information_schema.KEY_COLUMN_USAGE k ON i.CONSTRAINT_NAME = k.CONSTRAINT_NAME WHERE i.CONSTRAINT_TYPE = 'FOREIGN KEY' AND i.TABLE_SCHEMA = DATABASE()

It displays the relation twice:

I'm working on it.

Hi , Thank you for the code really helped me speed up the process but I tried generating the app using my two tables ( payment & Payment_status) , but keep getting wrong value for my foreign key

when I try to add a payment record the status field is showing the ID value from the reference table instead of showing the status text like paid or canceled .. instead its showing 1 , 2 ...

but on the display page its showing values properly but not in create record page !?

please see the below setup

payment table:

CREATE TABLE payments(
    ID int NOT NULL,
    student name varchar(255) NOT NULL,
    title varchar(255),
    details varchar(255),
    Status varchar(255),
    PRIMARY KEY (ID)
    INDEX KEY (STATUS)
FOREIGN KEY (STATUS) REFERENCES PAYMENT_STATUS(STATUS)
); 

and for the payment_status table I've got the below
CREATE TABLE payments( ID int NOT NULL, status varchar(255), PRIMARY KEY (ID) INDEX KEY (STATUS) );

Line 54 in templates.php

Change

$parameters = $GET ? $_SERVER['QUERY_STRING'] : "" ;

to

$parameters = $_GET ? $_SERVER['QUERY_STRING'] : "" ;

Solves the problem of the search parameter not being passed along in the URL when paging.

When we start cruddiy for generating the application, the MySQL server parameters are not defined and hence we get errors for missing variables.

The fix is:

--- index.php	Fri Aug 06 06:32:00 2021
+++ index.php	Mon Aug 30 22:59:39 2021
@@ -31,30 +31,30 @@
                     <!-- Text input-->
                     <div class="form-group">
                         <label class="col-form-label" for="textinput">Server</label>
-                        <input id="server" name="server" type="text" placeholder="localhost" class="form-control " value="<?php echo $db_server; ?>">
+                        <input id="server" name="server" type="text" placeholder="localhost" class="form-control " value="<?php if(isset($db_server)) echo $db_server; ?>">
                     </div>
 
                     <!-- Text input-->
                     <div class="form-group">
                         <label class="col-form-label" for="textinput">Database</label>
-                        <input id="database" name="database" type="text" placeholder="" class="form-control input-md" value="<?php echo $db_name; ?>">
+                        <input id="database" name="database" type="text" placeholder="" class="form-control input-md" value="<?php if(isset($db_name)) echo $db_name; ?>">
                     </div>
                     <!-- Text input-->
                     <div class="form-group">
                         <label class="col-form-label" for="textinput">Username</label>
-                        <input id="username" name="username" type="text" placeholder="" class="form-control input-md" value="<?php echo $db_user; ?>">
+                        <input id="username" name="username" type="text" placeholder="" class="form-control input-md" value="<?php if(isset($db_user)) echo $db_user; ?>">
                     </div>
 
                     <!-- Password input-->
                     <div class="form-group">
                         <label class="col-form-label" for="passwordinput">Password</label>
-                        <input id="password" name="password" type="password" placeholder="" class="form-control input-md" value="<?php echo $db_password; ?>">
+                        <input id="password" name="password" type="password" placeholder="" class="form-control input-md" value="<?php if(isset($db_password)) echo $db_password; ?>">
                     </div>
 
                     <!-- Number records per page-->
                     <div class="form-group">
                         <label class="col-form-label" for="recordsperpage">Items per generated page</label>
-                        <input id="numrecordsperpage" name="numrecordsperpage" type="number" min="1" max="1000" placeholder="Number of items per page" class="form-control input-md" value="10" value="<?php echo $no_of_records_per_page ?>">
+                        <input id="numrecordsperpage" name="numrecordsperpage" type="number" min="1" max="1000" placeholder="Number of items per page" class="form-control input-md" value="10" value="<?php if(isset($no_of_records_per_page)) echo $no_of_records_per_page ?>">
                     </div>
 
 

Another small bug is that if you sort clicking the header of the table, and switch to another page, the sorting is lost. So it is quite difficult to use pagination in any way.

Hello:
I found your project and I like it. But, the same has 2 errors and I like your answer.
When display the information:
Notice: Undefined index: HTTPS in C:\xampp\htdocs\CRUD_DIY\app\autores-index.php on line 51
When search:
ERROR: Could not able to execute SELECT * FROM materias WHERE CONCAT_WS (descriptores) LIKE '%historia%' ORDER BY id desc LIMIT 0, 10. Incorrect parameter count in the call to native function 'CONCAT_WS'
Thanks!

Hey there!

I'd like to report a security issue but cannot find contact instructions on your repository.

If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.

Thank you for your consideration, and I look forward to hearing from you!

(cc @huntr-helper)

The following generated code for a foreign key doesn't display correctly, especially when the table (task_types) has only an ID and one other column:

                                <label>TaskID</label>
                                    <select class="form-control" id="TaskID" name="TaskID">
                                    <?php
                                        $sql = "SELECT *,ID FROM task_types";
                                        $result = mysqli_query($link, $sql);
                                        while($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
                                            array_pop($row);
                                            $value = implode(" | ", $row);
                                            if ($row["ID"] == $TaskID){
                                            echo '<option value="' . "$row[ID]" . '"selected="selected">' . "$value" . '</option>';
                                            } else {
                                                echo '<option value="' . "$row[ID]" . '">' . "$value" . '</option>';
                                        }
                                        }
                                    ?>
                                    </select>
                                <span class="form-text"><?php echo $TaskID_err; ?></span>

The row returned by mysqli_query has ID as its first column and the resulting array_pop removes Name entirely, leaving just ID in the dropdown.

The same issue happens for other queries in this generated code - ID is the first column returned by mysqli_fetch_array and the last column always gets stripped out.

A generalized solution would be something like the following:

                                        while($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
                                            $duprow = $row;
                                            unset($duprow['ID']);
                                            $value = implode(" | ", $duprow);
                                            // ...

I'm having trouble in the create section, when I submit, it goes to an error page