Ejemplo n.º 1
0
        $rows = get_rows("SELECT" . limit(implode(", ", $select) . " FROM " . table($TABLE), " WHERE {$where}", isset($_GET["select"]) ? 2 : 1));
        $row = isset($_GET["select"]) && count($rows) != 1 ? null : reset($rows);
    }
}
if ($row === false) {
    echo "<p class='error'>" . lang('No rows.') . "\n";
}
?>

<form action="" method="post" enctype="multipart/form-data" id="form">
<?php 
if ($fields) {
    echo "<table cellspacing='0' onkeydown='return editingKeydown(event);'>\n";
    foreach ($fields as $name => $field) {
        echo "<tr><th>" . $adminer->fieldName($field);
        $default = $_GET["set"][bracket_escape($name)];
        $value = $row !== null ? $row[$name] != "" && $jush == "sql" && ereg("enum|set", $field["type"]) ? is_array($row[$name]) ? array_sum($row[$name]) : +$row[$name] : $row[$name] : (!$update && $field["auto_increment"] ? "" : (isset($_GET["select"]) ? false : ($default !== null ? $default : $field["default"])));
        if (!$_POST["save"] && is_string($value)) {
            $value = $adminer->editVal($value, $field);
        }
        $function = $_POST["save"] ? (string) $_POST["function"][$name] : ($update && $field["on_update"] == "CURRENT_TIMESTAMP" ? "now" : ($value === false ? null : ($value !== null ? '' : 'NULL')));
        if ($field["type"] == "timestamp" && $value == "CURRENT_TIMESTAMP") {
            $value = "";
            $function = "now";
        }
        input($field, $value, $function);
        echo "\n";
    }
    echo "</table>\n";
}
?>
Ejemplo n.º 2
0
/** Print edit data form
* @param string
* @param array
* @param mixed
* @param bool
* @return null
*/
function edit_form($TABLE, $fields, $row, $update)
{
    global $adminer, $jush, $token, $error;
    $table_name = $adminer->tableName(table_status1($TABLE, true));
    page_header($update ? lang('Edit') : lang('Insert'), $error, array("select" => array($TABLE, $table_name)), $table_name);
    if ($row === false) {
        echo "<p class='error'>" . lang('No rows.') . "\n";
    }
    ?>
<form action="" method="post" enctype="multipart/form-data" id="form">
<?php 
    if (!$fields) {
        echo "<p class='error'>" . lang('You have no privileges to update this table.') . "\n";
    } else {
        echo "<table cellspacing='0' onkeydown='return editingKeydown(event);'>\n";
        foreach ($fields as $name => $field) {
            echo "<tr><th>" . $adminer->fieldName($field);
            $default = $_GET["set"][bracket_escape($name)];
            if ($default === null) {
                $default = $field["default"];
                if ($field["type"] == "bit" && preg_match("~^b'([01]*)'\$~", $default, $regs)) {
                    $default = $regs[1];
                }
            }
            $value = $row !== null ? $row[$name] != "" && $jush == "sql" && preg_match("~enum|set~", $field["type"]) ? is_array($row[$name]) ? array_sum($row[$name]) : +$row[$name] : $row[$name] : (!$update && $field["auto_increment"] ? "" : (isset($_GET["select"]) ? false : $default));
            if (!$_POST["save"] && is_string($value)) {
                $value = $adminer->editVal($value, $field);
            }
            $function = $_POST["save"] ? (string) $_POST["function"][$name] : ($update && $field["on_update"] == "CURRENT_TIMESTAMP" ? "now" : ($value === false ? null : ($value !== null ? '' : 'NULL')));
            if (preg_match("~time~", $field["type"]) && $value == "CURRENT_TIMESTAMP") {
                $value = "";
                $function = "now";
            }
            input($field, $value, $function);
            echo "\n";
        }
        if (!support("table")) {
            echo "<tr>" . "<th><input name='field_keys[]' onkeyup='keyupChange.call(this);' onchange='fieldChange(this);' value=''>" . "<td class='function'>" . html_select("field_funs[]", $adminer->editFunctions(array("null" => isset($_GET["select"])))) . "<td><input name='field_vals[]'>" . "\n";
        }
        echo "</table>\n";
    }
    echo "<p>\n";
    if ($fields) {
        echo "<input type='submit' value='" . lang('Save') . "'>\n";
        if (!isset($_GET["select"])) {
            echo "<input type='submit' name='insert' value='" . ($update ? lang('Save and continue edit') . "' onclick='return !ajaxForm(this.form, \"" . lang('Saving') . '...", this)' : lang('Save and insert next')) . "' title='Ctrl+Shift+Enter'>\n";
        }
    }
    echo $update ? "<input type='submit' name='delete' value='" . lang('Delete') . "'" . confirm() . ">\n" : ($_POST || !$fields ? "" : "<script type='text/javascript'>focus(document.getElementById('form').getElementsByTagName('td')[1].firstChild);</script>\n");
    if (isset($_GET["select"])) {
        hidden_fields(array("check" => (array) $_POST["check"], "clone" => $_POST["clone"], "all" => $_POST["all"]));
    }
    ?>
<input type="hidden" name="referer" value="<?php 
    echo h(isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]);
    ?>
">
<input type="hidden" name="save" value="1">
<input type="hidden" name="token" value="<?php 
    echo $token;
    ?>
">
</form>
<?php 
}
Ejemplo n.º 3
0
                     }
                     foreach ($unique_array as $k => $v) {
                         $link .= h(where_link($i++, $k, $v));
                     }
                 }
             }
             if (!$link) {
                 if (is_mail($val)) {
                     $link = "mailto:{$val}";
                 }
                 if ($protocol = is_url($row[$key])) {
                     $link = $protocol == "http" && $HTTPS ? $row[$key] : "{$protocol}://www.adminer.org/redirect/?url=" . urlencode($row[$key]);
                 }
             }
             $id = h("val[{$unique_idf}][" . bracket_escape($key) . "]");
             $value = $_POST["val"][$unique_idf][bracket_escape($key)];
             $h_value = h($value !== null ? $value : $row[$key]);
             $long = strpos($val, "<i>...</i>");
             $editable = is_utf8($val) && $rows[$n][$key] == $row[$key] && !$functions[$key];
             $text = ereg('text|lob', $field["type"]);
             echo $_GET["modify"] && $editable || $value !== null ? "<td>" . ($text ? "<textarea name='{$id}' cols='30' rows='" . (substr_count($row[$key], "\n") + 1) . "'>{$h_value}</textarea>" : "<input name='{$id}' value='{$h_value}' size='{$lengths[$key]}'>") : "<td id='{$id}' ondblclick=\"" . ($editable ? "selectDblClick(this, event" . ($long ? ", 2" : ($text ? ", 1" : "")) . ")" : "alert('" . h(lang('Use edit link to modify this value.')) . "')") . ";\">" . $adminer->selectVal($val, $link, $field);
         }
     }
     if ($backward_keys) {
         echo "<td>";
     }
     $adminer->backwardKeysPrint($backward_keys, $rows[$n]);
     echo "</tr>\n";
     // close to allow white-space: pre
 }
 if (is_ajax()) {
Ejemplo n.º 4
0
/** Print select result
* @param Min_Result
* @param Min_DB connection to examine indexes
* @param array
* @param int
* @return array $orgtables
*/
function select($result, $connection2 = null, $orgtables = array(), $limit = 0)
{
    global $jush;
    $links = array();
    // colno => orgtable - create links from these columns
    $indexes = array();
    // orgtable => array(column => colno) - primary keys
    $columns = array();
    // orgtable => array(column => ) - not selected columns in primary key
    $blobs = array();
    // colno => bool - display bytes for blobs
    $types = array();
    // colno => type - display char in <code>
    $return = array();
    // table => orgtable - mapping to use in EXPLAIN
    odd('');
    // reset odd for each result
    for ($i = 0; (!$limit || $i < $limit) && ($row = $result->fetch_row()); $i++) {
        if (!$i) {
            echo "<table cellspacing='0' class='nowrap'>\n";
            echo "<thead><tr>";
            for ($j = 0; $j < count($row); $j++) {
                $field = $result->fetch_field();
                $name = $field->name;
                $orgtable = $field->orgtable;
                $orgname = $field->orgname;
                $return[$field->table] = $orgtable;
                if ($orgtables && $jush == "sql") {
                    // MySQL EXPLAIN
                    $links[$j] = $name == "table" ? "table=" : ($name == "possible_keys" ? "indexes=" : null);
                } elseif ($orgtable != "") {
                    if (!isset($indexes[$orgtable])) {
                        // find primary key in each table
                        $indexes[$orgtable] = array();
                        foreach (indexes($orgtable, $connection2) as $index) {
                            if ($index["type"] == "PRIMARY") {
                                $indexes[$orgtable] = array_flip($index["columns"]);
                                break;
                            }
                        }
                        $columns[$orgtable] = $indexes[$orgtable];
                    }
                    if (isset($columns[$orgtable][$orgname])) {
                        unset($columns[$orgtable][$orgname]);
                        $indexes[$orgtable][$orgname] = $j;
                        $links[$j] = $orgtable;
                    }
                }
                if ($field->charsetnr == 63) {
                    // 63 - binary
                    $blobs[$j] = true;
                }
                $types[$j] = $field->type;
                echo "<th" . ($orgtable != "" || $field->name != $orgname ? " title='" . h(($orgtable != "" ? "{$orgtable}." : "") . $orgname) . "'" : "") . ">" . h($name) . ($orgtables ? doc_link(array('sql' => "explain-output.html#explain_" . strtolower($name))) : "");
            }
            echo "</thead>\n";
        }
        echo "<tr" . odd() . ">";
        foreach ($row as $key => $val) {
            if ($val === null) {
                $val = "<i>NULL</i>";
            } elseif ($blobs[$key] && !is_utf8($val)) {
                $val = "<i>" . lang('%d byte(s)', strlen($val)) . "</i>";
                //! link to download
            } elseif (!strlen($val)) {
                // strlen - SQLite can return int
                $val = "&nbsp;";
                // some content to print a border
            } else {
                $val = h($val);
                if ($types[$key] == 254) {
                    // 254 - char
                    $val = "<code>{$val}</code>";
                }
            }
            if (isset($links[$key]) && !$columns[$links[$key]]) {
                if ($orgtables && $jush == "sql") {
                    // MySQL EXPLAIN
                    $table = $row[array_search("table=", $links)];
                    $link = $links[$key] . urlencode($orgtables[$table] != "" ? $orgtables[$table] : $table);
                } else {
                    $link = "edit=" . urlencode($links[$key]);
                    foreach ($indexes[$links[$key]] as $col => $j) {
                        $link .= "&where" . urlencode("[" . bracket_escape($col) . "]") . "=" . urlencode($row[$j]);
                    }
                }
                $val = "<a href='" . h(ME . $link) . "'>{$val}</a>";
            }
            echo "<td>{$val}";
        }
    }
    echo ($i ? "</table>" : "<p class='message'>" . lang('No rows.')) . "\n";
    return $return;
}
Ejemplo n.º 5
0
function process_input($name, $field)
{
    global $mysql;
    $name = bracket_escape($name);
    $value = $_POST["fields"][$name];
    if ($field["type"] != "enum" && !$field["auto_increment"] ? $_POST["null"][$name] : !strlen($value)) {
        return "NULL";
    } elseif ($field["type"] == "enum") {
        return isset($_GET["default"]) ? "'" . $mysql->escape_string($value) . "'" : intval($value);
    } elseif ($field["type"] == "set") {
        return isset($_GET["default"]) ? "'" . implode(",", array_map(array($mysql, 'escape_string'), (array) $value)) . "'" : array_sum((array) $value);
    } elseif (preg_match('~binary|blob~', $field["type"])) {
        $file = get_file($name);
        if (!is_string($file) && ($file != UPLOAD_ERR_NO_FILE || !$field["null"])) {
            return false;
        }
        return "_binary'" . (is_string($file) ? $mysql->escape_string($file) : "") . "'";
    } elseif ($field["type"] == "timestamp" && $value == "CURRENT_TIMESTAMP") {
        return $value;
    } else {
        return "'" . $mysql->escape_string($value) . "'";
    }
}
Ejemplo n.º 6
0
<?php

if ($_GET["script"] == "kill") {
    $connection->query("KILL " . +$_POST["kill"]);
} elseif (list($table, $id, $name) = $adminer->_foreignColumn(column_foreign_keys($_GET["source"]), $_GET["field"])) {
    $limit = 11;
    $result = $connection->query("SELECT {$id}, {$name} FROM " . table($table) . " WHERE " . (preg_match('~^[0-9]+$~', $_GET["value"]) ? "{$id} = {$_GET['value']} OR " : "") . "{$name} LIKE " . q("{$_GET['value']}%") . " ORDER BY 2 LIMIT {$limit}");
    for ($i = 1; ($row = $result->fetch_row()) && $i < $limit; $i++) {
        echo "<a href='" . h(ME . "edit=" . urlencode($table) . "&where" . urlencode("[" . bracket_escape(idf_unescape($id)) . "]") . "=" . urlencode($row[0])) . "'>" . h($row[1]) . "</a><br>\n";
    }
    if ($row) {
        echo "...\n";
    }
}
exit;
// don't print footer
Ejemplo n.º 7
0
 function fields($table)
 {
     $return = array();
     foreach ((array) $_POST["field_keys"] as $key => $val) {
         if ($val != "") {
             $val = bracket_escape($val);
             $_POST["function"][$val] = $_POST["field_funs"][$key];
             $_POST["fields"][$val] = $_POST["field_vals"][$key];
         }
     }
     foreach ((array) $_POST["fields"] as $key => $val) {
         $name = bracket_escape($key, 1);
         // 1 - back
         $return[$name] = array("field" => $name, "privileges" => array("insert" => 1, "update" => 1), "null" => 1);
     }
     return $return;
 }
Ejemplo n.º 8
0
/** Process edit input field
* @param one field from fields()
* @return string
*/
function process_input($field)
{
    global $adminer;
    $idf = bracket_escape($field["field"]);
    $function = $_POST["function"][$idf];
    $value = $_POST["fields"][$idf];
    if ($field["type"] == "enum") {
        if ($value == -1) {
            return false;
        }
        if ($value == "") {
            return "NULL";
        }
        return +$value;
    }
    if ($field["auto_increment"] && $value == "") {
        return null;
    }
    if ($function == "orig") {
        return $field["on_update"] == "CURRENT_TIMESTAMP" ? idf_escape($field["field"]) : false;
    }
    if ($function == "NULL") {
        return "NULL";
    }
    if ($field["type"] == "set") {
        return array_sum((array) $value);
    }
    if (ereg('blob|bytea|raw|file', $field["type"]) && ini_bool("file_uploads")) {
        $file = get_file("fields-{$idf}");
        if (!is_string($file)) {
            return false;
            //! report errors
        }
        return q($file);
    }
    return $adminer->processInput($field, $value, $function);
}