) ---- $auth = $_SERVER['HTTP_AUTHORIZATION'] ?? ($_SERVER['Authorization'] ?? ''); if (stripos($auth, 'Bearer ') !== 0) { http_response_code(401); echo "Fehlender Bearer-Token"; exit; } $token = substr($auth, 7); if (!token_is_valid($token)) { http_response_code(403); echo "Ungültiger oder abgelaufener Token"; exit; } // ---- 2) Master-verschlüsselte DB laden & entschlüsseln ---- $dbPath = __DIR__ . '/uploads/questionnaire_database'; if (!file_exists($dbPath)) { http_response_code(404); echo "Datenbank nicht gefunden"; exit; } $enc = file_get_contents($dbPath); if ($enc === false) { http_response_code(500); echo "Lesefehler"; exit; } try { $plain = aes256_cbc_decrypt_bytes($enc, get_master_key_bytes()); } catch (Throwable $e) { http_response_code(500); echo "Entschlüsselung fehlgeschlagen"; exit; } // ---- 3) In temporäre SQLite-Datei schreiben ---- $tmp = tempnam(sys_get_temp_dir(), 'qdb_'); file_put_contents($tmp, $plain); // ---- 4) Tabellen lesen & als HTML ausgeben ---- try { $pdo = new PDO("sqlite:$tmp"); $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // Tabellenliste $tables = []; $rs = $pdo->query("SELECT name FROM sqlite_master WHERE type='table' AND name NOT LIKE 'sqlite_%' ORDER BY name"); foreach ($rs as $row) $tables[] = $row['name']; // Ausgabe echo ""; echo "

Tabellen: " . htmlspecialchars(implode(', ', $tables)) . "

"; foreach ($tables as $t) { echo "

" . htmlspecialchars($t) . "

"; // Spaltenüberschriften via PRAGMA $cols = []; $cr = $pdo->query("PRAGMA table_info(" . $pdo->quote($t) . ")"); // PRAGMA table_info akzeptiert kein quote(..) direkt, also besser plain escapen: // Workaround: $t_esc = preg_replace('/[^A-Za-z0-9_]/', '', $t); $cr = $pdo->query("PRAGMA table_info($t_esc)"); foreach ($cr as $c) $cols[] = $c['name']; // Daten holen (ohne Limit; bei sehr großen Tabellen ggf. LIMIT einbauen) $stmt = $pdo->query("SELECT * FROM $t_esc"); echo ""; foreach ($cols as $c) echo ""; echo ""; while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { echo ""; foreach ($cols as $c) { $val = $row[$c]; if ($val === null) { echo ""; } else { echo ""; } } echo ""; } echo "
" . htmlspecialchars($c) . "
NULL" . htmlspecialchars((string)$val) . "
"; } } catch (Throwable $e) { http_response_code(500); echo "SQLite-Fehler: " . htmlspecialchars($e->getMessage()); } finally { @unlink($tmp); }