Ejemplo n.º 1
0
/**
 * Displays a table of results returned by a SQL query.
 * This function is called by the "sql.php" script.
 *
 * @param   integer the link id associated to the query which results have
 *                  to be displayed
 * @param   array   the display mode
 * @param   array   the analyzed query
 *
 * @uses    $_SESSION['userconf']['pos']
 * @global  string   $db                the database name
 * @global  string   $table             the table name
 * @global  string   $goto              the URL to go back in case of errors
 * @global  string   $sql_query         the current SQL query
 * @global  integer  $num_rows          the total number of rows returned by the
 *                                      SQL query
 * @global  integer  $unlim_num_rows    the total number of rows returned by the
 *                                      SQL query without any programmatically
 *                                      appended "LIMIT" clause
 * @global  array    $fields_meta       the list of fields properties
 * @global  integer  $fields_cnt        the total number of fields returned by
 *                                      the SQL query
 * @global  array    $vertical_display  informations used with vertical display
 *                                      mode
 * @global  array    $highlight_columns column names to highlight
 * @global  array    $cfgRelation       the relation settings
 *
 * @access  private
 *
 * @see     PMA_showMessage(), PMA_setDisplayMode(),
 *          PMA_displayTableNavigation(), PMA_displayTableHeaders(),
 *          PMA_displayTableBody(), PMA_displayResultsOperations()
 */
function PMA_displayTable(&$dt_result, &$the_disp_mode, $analyzed_sql)
{
    global $db, $table, $goto;
    global $sql_query, $num_rows, $unlim_num_rows, $fields_meta, $fields_cnt;
    global $vertical_display, $highlight_columns;
    global $cfgRelation;
    global $showtable;
    PMA_displayTable_checkConfigParams();
    /**
     * @todo move this to a central place
     * @todo for other future table types
     */
    $is_innodb = isset($showtable['Type']) && $showtable['Type'] == 'InnoDB';
    if ($is_innodb && !isset($analyzed_sql[0]['queryflags']['union']) && !isset($analyzed_sql[0]['table_ref'][1]['table_name']) && (empty($analyzed_sql[0]['where_clause']) || $analyzed_sql[0]['where_clause'] == '1 ')) {
        // "j u s t   b r o w s i n g"
        $pre_count = '~';
        $after_count = '[sup]1[/sup]';
    } else {
        $pre_count = '';
        $after_count = '';
    }
    // 1. ----- Prepares the work -----
    // 1.1 Gets the informations about which functionalities should be
    //     displayed
    $total = '';
    $is_display = PMA_setDisplayMode($the_disp_mode, $total);
    // 1.2 Defines offsets for the next and previous pages
    if ($is_display['nav_bar'] == '1') {
        if ($_SESSION['userconf']['max_rows'] == 'all') {
            $pos_next = 0;
            $pos_prev = 0;
        } else {
            $pos_next = $_SESSION['userconf']['pos'] + $_SESSION['userconf']['max_rows'];
            $pos_prev = $_SESSION['userconf']['pos'] - $_SESSION['userconf']['max_rows'];
            if ($pos_prev < 0) {
                $pos_prev = 0;
            }
        }
    }
    // end if
    // 1.3 URL-encodes the query to use in input form fields
    $encoded_sql_query = urlencode($sql_query);
    // 2. ----- Displays the top of the page -----
    // 2.1 Displays a messages with position informations
    if ($is_display['nav_bar'] == '1' && isset($pos_next)) {
        if (isset($unlim_num_rows) && $unlim_num_rows != $total) {
            $selectstring = ', ' . $unlim_num_rows . ' ' . $GLOBALS['strSelectNumRows'];
        } else {
            $selectstring = '';
        }
        $last_shown_rec = $_SESSION['userconf']['max_rows'] == 'all' || $pos_next > $total ? $total - 1 : $pos_next - 1;
        PMA_showMessage($GLOBALS['strShowingRecords'] . ' ' . $_SESSION['userconf']['pos'] . ' - ' . $last_shown_rec . ' (' . $pre_count . PMA_formatNumber($total, 0) . $after_count . ' ' . $GLOBALS['strTotal'] . $selectstring . ', ' . sprintf($GLOBALS['strQueryTime'], $GLOBALS['querytime']) . ')');
        if (PMA_Table::isView($db, $table) && $total == $GLOBALS['cfg']['MaxExactCount']) {
            echo '<div class="notice">' . "\n";
            echo PMA_sanitize(sprintf($GLOBALS['strViewMaxExactCount'], PMA_formatNumber($GLOBALS['cfg']['MaxExactCount'], 0), '[a@./Documentation.html#cfg_MaxExactCount@_blank]', '[/a]')) . "\n";
            echo '</div>' . "\n";
        }
        if ($pre_count) {
            echo '<div class="notice">' . "\n";
            echo '<sup>1</sup>' . PMA_sanitize($GLOBALS['strApproximateCount']) . "\n";
            echo '</div>' . "\n";
        }
    } elseif (!isset($GLOBALS['printview']) || $GLOBALS['printview'] != '1') {
        PMA_showMessage($GLOBALS['strSQLQuery']);
    }
    // 2.3 Displays the navigation bars
    if (!strlen($table)) {
        if (isset($analyzed_sql[0]['query_type']) && $analyzed_sql[0]['query_type'] == 'SELECT') {
            // table does not always contain a real table name,
            // for example in MySQL 5.0.x, the query SHOW STATUS
            // returns STATUS as a table name
            $table = $fields_meta[0]->table;
        } else {
            $table = '';
        }
    }
    if ($is_display['nav_bar'] == '1') {
        PMA_displayTableNavigation($pos_next, $pos_prev, $sql_query);
        echo "\n";
    } elseif (!isset($GLOBALS['printview']) || $GLOBALS['printview'] != '1') {
        echo "\n" . '<br /><br />' . "\n";
    }
    // 2b ----- Get field references from Database -----
    // (see the 'relation' configuration variable)
    // loic1, 2002-03-02: extended to php3
    // initialize map
    $map = array();
    // find tables
    $target = array();
    if (isset($analyzed_sql[0]['table_ref']) && is_array($analyzed_sql[0]['table_ref'])) {
        foreach ($analyzed_sql[0]['table_ref'] as $table_ref_position => $table_ref) {
            $target[] = $analyzed_sql[0]['table_ref'][$table_ref_position]['table_true_name'];
        }
    }
    $tabs = '(\'' . join('\',\'', $target) . '\')';
    if ($cfgRelation['displaywork']) {
        if (!strlen($table)) {
            $exist_rel = false;
        } else {
            $exist_rel = PMA_getForeigners($db, $table, '', 'both');
            if ($exist_rel) {
                foreach ($exist_rel as $master_field => $rel) {
                    $display_field = PMA_getDisplayField($rel['foreign_db'], $rel['foreign_table']);
                    $map[$master_field] = array($rel['foreign_table'], $rel['foreign_field'], $display_field, $rel['foreign_db']);
                }
                // end while
            }
            // end if
        }
        // end if
    }
    // end if
    // end 2b
    // 3. ----- Displays the results table -----
    PMA_displayTableHeaders($is_display, $fields_meta, $fields_cnt, $analyzed_sql);
    $url_query = '';
    echo '<tbody>' . "\n";
    PMA_displayTableBody($dt_result, $is_display, $map, $analyzed_sql);
    // vertical output case
    if ($_SESSION['userconf']['disp_direction'] == 'vertical') {
        PMA_displayVerticalTable();
    }
    // end if
    unset($vertical_display);
    echo '</tbody>' . "\n";
    ?>
</table>

    <?php 
    // 4. ----- Displays the link for multi-fields delete
    if ($is_display['del_lnk'] == 'dr' && $is_display['del_lnk'] != 'kp') {
        $delete_text = $is_display['del_lnk'] == 'dr' ? $GLOBALS['strDelete'] : $GLOBALS['strKill'];
        $uncheckall_url = 'sql.php?' . PMA_generate_common_url($db, $table) . '&amp;sql_query=' . urlencode($sql_query) . '&amp;goto=' . $goto;
        $checkall_url = $uncheckall_url . '&amp;checkall=1';
        if ($_SESSION['userconf']['disp_direction'] == 'vertical') {
            $checkall_params['onclick'] = 'if (setCheckboxes(\'rowsDeleteForm\', true)) return false;';
            $uncheckall_params['onclick'] = 'if (setCheckboxes(\'rowsDeleteForm\', false)) return false;';
        } else {
            $checkall_params['onclick'] = 'if (markAllRows(\'rowsDeleteForm\')) return false;';
            $uncheckall_params['onclick'] = 'if (unMarkAllRows(\'rowsDeleteForm\')) return false;';
        }
        $checkall_link = PMA_linkOrButton($checkall_url, $GLOBALS['strCheckAll'], $checkall_params, false);
        $uncheckall_link = PMA_linkOrButton($uncheckall_url, $GLOBALS['strUncheckAll'], $uncheckall_params, false);
        if ($_SESSION['userconf']['disp_direction'] != 'vertical') {
            echo '<img class="selectallarrow" width="38" height="22"' . ' src="' . $GLOBALS['pmaThemeImage'] . 'arrow_' . $GLOBALS['text_dir'] . '.png' . '"' . ' alt="' . $GLOBALS['strWithChecked'] . '" />';
        }
        echo $checkall_link . "\n" . ' / ' . "\n" . $uncheckall_link . "\n" . '<i>' . $GLOBALS['strWithChecked'] . '</i>' . "\n";
        if ($GLOBALS['cfg']['PropertiesIconic']) {
            PMA_buttonOrImage('submit_mult', 'mult_submit', 'submit_mult_change', $GLOBALS['strChange'], 'b_edit.png');
            PMA_buttonOrImage('submit_mult', 'mult_submit', 'submit_mult_delete', $delete_text, 'b_drop.png');
            if ($analyzed_sql[0]['querytype'] == 'SELECT') {
                PMA_buttonOrImage('submit_mult', 'mult_submit', 'submit_mult_export', $GLOBALS['strExport'], 'b_tblexport.png');
            }
            echo "\n";
        } else {
            echo ' <input type="submit" name="submit_mult"' . ' value="' . htmlspecialchars($GLOBALS['strEdit']) . '"' . ' title="' . $GLOBALS['strEdit'] . '" />' . "\n";
            echo ' <input type="submit" name="submit_mult"' . ' value="' . htmlspecialchars($delete_text) . '"' . ' title="' . $delete_text . '" />' . "\n";
            if ($analyzed_sql[0]['querytype'] == 'SELECT') {
                echo ' <input type="submit" name="submit_mult"' . ' value="' . htmlspecialchars($GLOBALS['strExport']) . '"' . ' title="' . $GLOBALS['strExport'] . '" />' . "\n";
            }
        }
        echo '<input type="hidden" name="sql_query"' . ' value="' . htmlspecialchars($sql_query) . '" />' . "\n";
        echo '<input type="hidden" name="url_query"' . ' value="' . $GLOBALS['url_query'] . '" />' . "\n";
        echo '</form>' . "\n";
    }
    // 5. ----- Displays the navigation bar at the bottom if required -----
    if ($is_display['nav_bar'] == '1') {
        echo '<br />' . "\n";
        PMA_displayTableNavigation($pos_next, $pos_prev, $sql_query);
    } elseif (!isset($GLOBALS['printview']) || $GLOBALS['printview'] != '1') {
        echo "\n" . '<br /><br />' . "\n";
    }
    // 6. ----- Displays "Query results operations"
    if (!isset($GLOBALS['printview']) || $GLOBALS['printview'] != '1') {
        PMA_displayResultsOperations($the_disp_mode, $analyzed_sql);
    }
}
Ejemplo n.º 2
0
 *
 * This test may be bypassed if $is_js_confirmed = 1 (already checked with js)
 * but since a malicious user may pass this variable by url/form, we don't take
 * into account this case.
 */
if (! defined('PMA_CHK_DROP')
    && ! $cfg['AllowUserDropDatabase']
    && $is_drop_database
    && ! $is_superuser
) {
    include_once 'libraries/header.inc.php';
    PMA_mysqlDie(__('"DROP DATABASE" statements are disabled.'), '', '', $err_url);
} // end if

require_once 'libraries/display_tbl.lib.php';
PMA_displayTable_checkConfigParams();

/**
 * Need to find the real end of rows?
 */
if (isset($find_real_end) && $find_real_end) {
    $unlim_num_rows = PMA_Table::countRecords($db, $table, $force_exact = true);
    $_SESSION['tmp_user_values']['pos'] = @((ceil($unlim_num_rows / $_SESSION['tmp_user_values']['max_rows']) - 1) * $_SESSION['tmp_user_values']['max_rows']);
}


/**
 * Bookmark add
 */
if (isset($store_bkm)) {
    PMA_Bookmark_save($fields, (isset($bkm_all_users) && $bkm_all_users == 'true' ? true : false));