if (isset($_POST['acc_view_create_doit'])) {
     $s_viewdefs['source'] = trim($_POST['def_view_source']);
     $s_viewdefs['check'] = isset($_POST['def_view_check']) ? 'yes' : 'no';
     if (($vname = create_view($s_viewdefs)) == TRUE) {
         $s_tables[$vname] = array('status' => 'close', 'is_view' => TRUE);
         $s_viewdefs = array('name' => '', 'source' => '', 'check' => 'no');
         $s_tables_valid = FALSE;
     } else {
         $view_add_flag = TRUE;
     }
 }
 // the Modify button
 if (isset($_POST['acc_view_mod']) && $_POST['acc_modview_name'] != '') {
     $vname = $_POST['acc_modview_name'];
     $vsource = get_view_source($vname);
     $s_viewdefs = array('name' => $vname, 'source' => 'CREATE VIEW ' . $vname . ' (' . implode(', ', table_columns($vname)) . ")\nAS\n" . str_replace('WITH CHECK OPTION', '', $vsource), 'check' => stristr($vsource, 'WITH CHECK OPTION') !== FALSE ? 'yes' : 'no');
     $viewdefs = $s_viewdefs;
     $view_mod_flag = TRUE;
 }
 // modifying a View was canceled
 if (isset($_POST['acc_modview_cancel'])) {
     $s_viewdefs = array('name' => '', 'source' => '', 'check' => 'no');
 }
 // modify the View
 if (isset($_POST['acc_modview_doit'])) {
     $viewdefs['source'] = get_magic_quotes_gpc() ? stripslashes(trim($_POST['def_view_source'])) : $_POST['def_view_source'];
     $viewdefs['check'] = isset($_POST['def_view_check']) ? 'yes' : 'no';
     if (drop_view($s_viewdefs['name'])) {
         if (create_view($viewdefs)) {
             unset($s_tables[$s_viewdefs['name']]);
             $s_tables[get_viewname($viewdefs['source'])] = array('status' => 'close', 'is_view' => TRUE);
Beispiel #2
0
    function listing($base_query, $md5_get = false)
    {
        // @listing
        GET("full_content", "bool");
        GET("only_select", "bool");
        GET("offset", "int");
        POST("full_content", "bool");
        POST("only_select", "bool");
        global $db_driver, $db_link;
        $full_content = $_GET["full_content"] || $_POST["full_content"];
        $md5_i = false;
        if ($md5_get) {
            preg_match('#_(\\d+)$#', $md5_get, $match);
            $md5_i = $match[1];
        }
        $base_query = trim($base_query);
        if (";" == substr($base_query, -1)) {
            $base_query = substr($base_query, 0, -1);
        }
        $query = $base_query;
        $ret = array('msg' => '', 'error' => '', 'data_html' => false);
        $limit = 25;
        $offset = $_GET["offset"];
        $page = floor($offset / $limit + 1);
        if ($query) {
            if (is_select($query) && !preg_match('#\\s+LIMIT\\s+\\d+#i', $query) && !preg_match('#into\\s+outfile\\s+#', $query)) {
                $query = db_limit($query, $offset, $limit);
            } else {
                $limit = false;
            }
            $time = time_start();
            if (!db_is_safe($query, true)) {
                $ret['error'] = 'Detected UPDATE/DELETE without WHERE condition (put WHERE 1=1 if you want to execute this query)';
                return $ret;
            }
            $rs = @db_query($query);
            if ($rs) {
                if ($rs === true) {
                    if ('mysql' == $db_driver) {
                        $affected = mysql_affected_rows($db_link);
                        $time = time_end($time);
                        $ret['data_html'] = '<b>' . $affected . '</b> rows affected.<br>Time: <b>' . $time . '</b> sec';
                        return $ret;
                    }
                } else {
                    if ('pgsql' == $db_driver) {
                        $affected = @pg_affected_rows($rs);
                        if ($affected || preg_match('#^\\s*(DELETE|UPDATE)\\s+#i', $query)) {
                            $time = time_end($time);
                            $ret['data_html'] = '<p><b>' . $affected . '</b> rows affected. Time: <b>' . $time . '</b> sec</p>';
                            return $ret;
                        }
                    }
                }
                $rows = array();
                while ($row = db_row($rs)) {
                    $rows[] = $row;
                    if ($limit) {
                        if (count($rows) == $limit) {
                            break;
                        }
                    }
                }
                db_free($rs);
                if (is_select($base_query)) {
                    $found = @db_one("SELECT COUNT(*) FROM ({$base_query}) AS sub");
                    if (!is_numeric($found) || count($rows) && !$found) {
                        global $COUNT_ERROR;
                        $COUNT_ERROR = ' (COUNT ERROR) ';
                        $found = count($rows);
                    }
                } else {
                    if (count($rows)) {
                        $found = count($rows);
                    } else {
                        $found = false;
                    }
                }
                if ($limit) {
                    $pages = ceil($found / $limit);
                } else {
                    $pages = 1;
                }
                $time = time_end($time);
            } else {
                $ret['error'] = db_error();
                return $ret;
            }
        } else {
            $ret['error'] = 'No query found.';
            return $ret;
        }
        ob_start();
        // ----------------------------------------------------------------
        // @sqleditor LISTING HTML
        // ----------------------------------------------------------------
        ?>
		<?php 
        if (is_numeric($found)) {
            ?>
			<p>
				Found: <b><?php 
            echo $found;
            ?>
</b><?php 
            echo isset($GLOBALS['COUNT_ERROR']) ? $GLOBALS['COUNT_ERROR'] : '';
            ?>
.
				Time: <b><?php 
            echo $time;
            ?>
</b> sec.
				<?php 
            $params = array('md5' => $md5_get, 'offset' => $_GET["offset"]);
            if ($_GET['only_select'] || $_POST['only_select']) {
                $params['only_select'] = 1;
            }
            if ($_GET['full_content'] || $_POST['full_content']) {
                $params['full_content'] = 1;
            }
            ?>
				/ <a href="<?php 
            echo url(self(), $params);
            ?>
">Refetch</a>
				/ Export to CSV:&nbsp;

				<a href="<?php 
            echo $_SERVER['PHP_SELF'];
            ?>
?export=csv&separator=<?php 
            echo urlencode('|');
            ?>
&query=<?php 
            echo base64_encode($base_query);
            ?>
">pipe</a>
				-
				<a href="<?php 
            echo $_SERVER['PHP_SELF'];
            ?>
?export=csv&separator=<?php 
            echo urlencode("\t");
            ?>
&query=<?php 
            echo base64_encode($base_query);
            ?>
">tab</a>
				-
				<a href="<?php 
            echo $_SERVER['PHP_SELF'];
            ?>
?export=csv&separator=<?php 
            echo urlencode(',');
            ?>
&query=<?php 
            echo base64_encode($base_query);
            ?>
">comma</a>
				-
				<a href="<?php 
            echo $_SERVER['PHP_SELF'];
            ?>
?export=csv&separator=<?php 
            echo urlencode(';');
            ?>
&query=<?php 
            echo base64_encode($base_query);
            ?>
">semicolon</a>
			</p>
		<?php 
        } else {
            ?>
			<p>Result: <b>OK</b>. Time: <b><?php 
            echo $time;
            ?>
</b> sec</p>
		<?php 
        }
        ?>

		<?php 
        if (is_numeric($found)) {
            ?>

			<?php 
            if ($pages > 1) {
                ?>
			<p>
				<?php 
                if ($page > 1) {
                    ?>
					<?php 
                    $ofs = ($page - 1) * $limit - $limit;
                    ?>
					<?php 
                    $params = array('md5' => $md5_get, 'offset' => $ofs);
                    if ($_GET['only_select'] || $_POST['only_select']) {
                        $params['only_select'] = 1;
                    }
                    ?>
					<a href="<?php 
                    echo url(self(), $params);
                    ?>
">&lt;&lt; Prev</a> &nbsp;
				<?php 
                }
                ?>
				Page <b><?php 
                echo $page;
                ?>
</b> of <b><?php 
                echo $pages;
                ?>
</b> &nbsp;
				<?php 
                if ($pages > $page) {
                    ?>
					<?php 
                    $ofs = $page * $limit;
                    ?>
					<?php 
                    $params = array('md5' => $md5_get, 'offset' => $ofs);
                    if ($_GET['only_select'] || $_POST['only_select']) {
                        $params['only_select'] = 1;
                    }
                    ?>
					<a href="<?php 
                    echo url(self(), $params);
                    ?>
">Next &gt;&gt;</a>
				<?php 
                }
                ?>
			</p>
			<?php 
            }
            ?>

			<?php 
            if ($found) {
                ?>

				<?php 
                $edit_table = table_from_query($base_query);
                if ($edit_table) {
                    $edit_pk = array_first_key($rows[0]);
                    if (is_numeric($edit_pk)) {
                        $edit_table = false;
                    }
                }
                if ($edit_table) {
                    $types = table_columns($edit_table);
                    if ($types && count($types)) {
                        if (in_array($edit_pk, array_keys($types))) {
                            if (!array_col_match_unique($rows, $edit_pk, '#^\\d+$#')) {
                                $edit_pk = guess_pk($rows);
                                if (!$edit_pk) {
                                    $edit_table = false;
                                }
                            }
                        } else {
                            $edit_table = false;
                        }
                    } else {
                        $edit_table = false;
                    }
                }
                $edit_url = '';
                if ($edit_table) {
                    $edit_url = url(self(true), array('action' => 'editrow', 'table' => $edit_table, 'pk' => $edit_pk, 'id' => '%s'));
                }
                ?>

				<table class="ls" cellspacing="1">
				<tr>
					<?php 
                if ($edit_url) {
                    ?>
<th>#</th><?php 
                }
                ?>
					<?php 
                foreach ($rows[0] as $col => $v) {
                    ?>
						<th><?php 
                    echo $col;
                    ?>
</th>
					<?php 
                }
                ?>
				</tr>
				<?php 
                foreach ($rows as $row) {
                    ?>
				<tr onclick="mark_row(this, event)">
					<?php 
                    if ($edit_url) {
                        ?>
						<td valign=top><a href="javascript:void(0)" onclick="popup('<?php 
                        echo sprintf($edit_url, $row[$edit_pk]);
                        ?>
', <?php 
                        echo EDITROW_POPUP_WIDTH;
                        ?>
, <?php 
                        echo EDITROW_POPUP_HEIGHT;
                        ?>
)">Edit</a>&nbsp;</td>
					<?php 
                    }
                    ?>
					<?php 
                    $count_cols = 0;
                    foreach ($row as $v) {
                        $count_cols++;
                    }
                    ?>
					<?php 
                    foreach ($row as $k => $v) {
                        ?>
						<?php 
                        if (preg_match('#^\\s*<a[^>]+>[^<]+</a>\\s*$#iU', $v) && strlen(strip_tags($v)) < 50) {
                            $v = strip_tags($v, '<a>');
                            $v = create_links($v);
                        } else {
                            $v = strip_tags($v);
                            $v = str_replace('&nbsp;', ' ', $v);
                            $v = preg_replace('#[ ]+#', ' ', $v);
                            $v = create_links($v);
                            if (!$full_content && strlen($v) > 50) {
                                if (1 == $count_cols) {
                                    $v = truncate_html($v, 255);
                                } else {
                                    $v = truncate_html($v, 50);
                                }
                            }
                            // $v = html_once($v); - create_links() disabling
                        }
                        if ($full_content) {
                            $v = str_wrap($v, 80, '<br>', true);
                        }
                        if ($full_content) {
                            $v = nl2br($v);
                        }
                        //$v = stripslashes(stripslashes($v));
                        if (isset($types[$k]) && $types && $types[$k] == 'int' && IsTimestampColumn($k, $v)) {
                            // 100 000 000 == 1973-03-03 10:46:40
                            // Only big integers change to dates, so a low one like "1054"
                            // does not get changed into a date, cause that would probably be wrong.
                            $tmp = date('Y-m-d H:i', $v);
                            if ($tmp) {
                                $v = $tmp;
                            }
                        }
                        ?>
						<td <?php 
                        echo $full_content ? 'valign="top"' : '';
                        ?>
 nowrap><?php 
                        echo is_null($row[$k]) ? '-' : $v;
                        ?>
</td>
					<?php 
                    }
                    ?>
				</tr>
				<?php 
                }
                ?>
				</table>

			<?php 
            }
            ?>

			<?php 
            if ($pages > 1) {
                ?>
			<p>
				<?php 
                if ($page > 1) {
                    ?>
					<?php 
                    $ofs = ($page - 1) * $limit - $limit;
                    ?>
					<?php 
                    $params = array('md5' => $md5_get, 'offset' => $ofs);
                    if ($_GET['only_select'] || $_POST['only_select']) {
                        $params['only_select'] = 1;
                    }
                    ?>
					<a href="<?php 
                    echo url(self(), $params);
                    ?>
">&lt;&lt; Prev</a> &nbsp;
				<?php 
                }
                ?>
				Page <b><?php 
                echo $page;
                ?>
</b> of <b><?php 
                echo $pages;
                ?>
</b> &nbsp;
				<?php 
                if ($pages > $page) {
                    ?>
					<?php 
                    $ofs = $page * $limit;
                    ?>
					<?php 
                    $params = array('md5' => $md5_get, 'offset' => $ofs);
                    if ($_GET['only_select'] || $_POST['only_select']) {
                        $params['only_select'] = 1;
                    }
                    ?>
					<a href="<?php 
                    echo url(self(), $params);
                    ?>
">Next &gt;&gt;</a>
				<?php 
                }
                ?>
			</p>
			<?php 
            }
            ?>

		<?php 
        }
        ?>

	<?php 
        $cont = ob_get_contents();
        ob_end_clean();
        $ret['data_html'] = $cont;
        return $ret;
    }
function table_pk($table)
{
    $cols = table_columns($table);
    if (!$cols) {
        return null;
    }
    foreach ($cols as $col) {
        return $col;
    }
}
        $sql = "ALTER TABLE {$s_modify_name} ADD \n";
        $sql .= build_coldef('add', 'alter');
        $sql .= ';';
        $add_flag = TRUE;
    }
}
//
// script is called via the Delete Column button from the modify table form
//
if (isset($_POST['tb_modify_del']) && isset($_POST['tb_modify_dname']) && !empty($_POST['tb_modify_dname'])) {
    $cname = $_POST['tb_modify_dname'];
    $deps = get_dependencies(OT_RELATION, $s_modify_name, $cname);
    if (count($deps) > 0) {
        $message = sprintf($MESSAGES['HAVE_DEPENDENCIES'], $tb_strings['Column'], $cname, dependencies_string($deps));
    } else {
        $drop_statement = count(table_columns($s_modify_name)) > 1 ? 'ALTER TABLE ' . $s_modify_name . ' DROP ' . $cname : 'DROP TABLE ' . $s_modify_name;
        if ($s_cust['askdel'] == TRUE) {
            $s_confirmations['column'] = array('msg' => sprintf($MESSAGES['CONFIRM_COLUMN_DELETE'], $cname, $s_modify_name), 'sql' => $drop_statement);
        } else {
            $sql = $drop_statement;
        }
    }
}
//
// script is called via the Modify Column button from the modify table form
//
if (isset($_POST['tb_modify_col']) && isset($_POST['tb_modify_mname']) && !empty($_POST['tb_modify_mname'])) {
    $s_modify_col = $_POST['tb_modify_mname'];
    foreach ($s_fields[$s_modify_name] as $field) {
        if ($field['name'] == $s_modify_col) {
            $s_coldefs['mod'] = $field;