$last_message = '';
$warning_message = '';
foreach ($query as $query_index => $single_query) {
if ($cfg['IgnoreMultiSubmitErrors']) {
$result = PMA_DBI_try_query($single_query);
} else {
$result = PMA_DBI_query($single_query);
}
if (isset($GLOBALS['warning'])) {
$warning_message .= $GLOBALS['warning'] . '[br]';
}
if (!$result) {
$message .= PMA_DBI_getError();
} else {
if (@PMA_DBI_affected_rows()) {
$total_affected_rows += @PMA_DBI_affected_rows();
}
$insert_id = PMA_DBI_insert_id();
if ($insert_id != 0) {
$last_message .= '[br]' . $strInsertedRowId . ' ' . $insert_id;
}
}
// end if
PMA_DBI_free_result($result);
unset($result);
}
if ($total_affected_rows != 0) {
$message .= $total_affected_rows;
} else {
$message .= $strModifications;
}
/**
* runs a query and returns the result
*
* @param string $query query to run
* @param resource $link mysql link resource
* @param integer $options query options
* @param bool $cache_affected_rows whether to cache affected row
*
* @return mixed
*/
function PMA_DBI_try_query($query, $link = null, $options = 0, $cache_affected_rows = true)
{
if (empty($link)) {
if (isset($GLOBALS['userlink'])) {
$link = $GLOBALS['userlink'];
} else {
return false;
}
}
if ($GLOBALS['cfg']['DBG']['sql']) {
$time = microtime(true);
}
$r = PMA_DBI_real_query($query, $link, $options);
if ($cache_affected_rows) {
$GLOBALS['cached_affected_rows'] = PMA_DBI_affected_rows($link, $get_from_cache = false);
}
if ($GLOBALS['cfg']['DBG']['sql']) {
$time = microtime(true) - $time;
$hash = md5($query);
if (isset($_SESSION['debug']['queries'][$hash])) {
$_SESSION['debug']['queries'][$hash]['count']++;
} else {
$_SESSION['debug']['queries'][$hash] = array();
if ($r == false) {
$_SESSION['debug']['queries'][$hash]['error'] = '<b style="color:red">' . mysqli_error($link) . '</b>';
}
$_SESSION['debug']['queries'][$hash]['count'] = 1;
$_SESSION['debug']['queries'][$hash]['query'] = $query;
$_SESSION['debug']['queries'][$hash]['time'] = $time;
}
$trace = array();
foreach (debug_backtrace() as $trace_step) {
$trace[] = PMA_Error::relPath($trace_step['file']) . '#' . $trace_step['line'] . ': ' . (isset($trace_step['class']) ? $trace_step['class'] : '') . (isset($trace_step['type']) ? $trace_step['type'] : '') . (isset($trace_step['function']) ? $trace_step['function'] : '') . '(' . (isset($trace_step['params']) ? implode(', ', $trace_step['params']) : '') . ')';
}
$_SESSION['debug']['queries'][$hash]['trace'][] = $trace;
}
if ($r != false && PMA_Tracker::isActive() == true) {
PMA_Tracker::handleQuery($query);
}
return $r;
}
/**
* Handles requests for executing a routine
*/
function PMA_RTN_handleExecute()
{
global $_GET, $_POST, $_REQUEST, $GLOBALS, $db, $cfg;
/**
* Handle all user requests other than the default of listing routines
*/
if (!empty($_REQUEST['execute_routine']) && !empty($_REQUEST['item_name'])) {
// Build the queries
$routine = PMA_RTN_getDataFromName($_REQUEST['item_name'], $_REQUEST['item_type'], false);
if ($routine !== false) {
$queries = array();
$end_query = array();
$args = array();
for ($i = 0; $i < $routine['item_num_params']; $i++) {
if (isset($_REQUEST['params'][$routine['item_param_name'][$i]])) {
$value = $_REQUEST['params'][$routine['item_param_name'][$i]];
if (is_array($value)) {
// is SET type
$value = implode(',', $value);
}
$value = PMA_sqlAddSlashes($value);
if (!empty($_REQUEST['funcs'][$routine['item_param_name'][$i]]) && in_array($_REQUEST['funcs'][$routine['item_param_name'][$i]], $cfg['Functions'])) {
$queries[] = "SET @p{$i}={$_REQUEST['funcs'][$routine['item_param_name'][$i]]}('{$value}');\n";
} else {
$queries[] = "SET @p{$i}='{$value}';\n";
}
$args[] = "@p{$i}";
} else {
$args[] = "@p{$i}";
}
if ($routine['item_type'] == 'PROCEDURE') {
if ($routine['item_param_dir'][$i] == 'OUT' || $routine['item_param_dir'][$i] == 'INOUT') {
$end_query[] = "@p{$i} AS " . PMA_backquote($routine['item_param_name'][$i]);
}
}
}
if ($routine['item_type'] == 'PROCEDURE') {
$queries[] = "CALL " . PMA_backquote($routine['item_name']) . "(" . implode(', ', $args) . ");\n";
if (count($end_query)) {
$queries[] = "SELECT " . implode(', ', $end_query) . ";\n";
}
} else {
$queries[] = "SELECT " . PMA_backquote($routine['item_name']) . "(" . implode(', ', $args) . ") " . "AS " . PMA_backquote($routine['item_name']) . ";\n";
}
// Execute the queries
$affected = 0;
$result = null;
$outcome = true;
foreach ($queries as $query) {
$resource = PMA_DBI_try_query($query);
if ($resource === false) {
$outcome = false;
break;
}
while (true) {
if (!PMA_DBI_more_results()) {
break;
}
PMA_DBI_next_result();
}
if (substr($query, 0, 6) == 'SELECT') {
$result = $resource;
} else {
if (substr($query, 0, 4) == 'CALL') {
$result = $resource ? $resource : $result;
$affected = PMA_DBI_affected_rows() - PMA_DBI_num_rows($resource);
}
}
}
// Generate output
if ($outcome) {
$message = __('Your SQL query has been executed successfully');
if ($routine['item_type'] == 'PROCEDURE') {
$message .= '<br />';
$message .= sprintf(_ngettext('%d row affected by the last statement inside the procedure', '%d rows affected by the last statement inside the procedure', $affected), $affected);
}
$message = PMA_message::success($message);
// Pass the SQL queries through the "pretty printer"
$output = '<code class="sql" style="margin-bottom: 1em;">';
$output .= PMA_SQP_formatHtml(PMA_SQP_parse(implode($queries)));
$output .= '</code>';
// Display results
if ($result) {
$output .= "<fieldset><legend>";
$output .= sprintf(__('Execution results of routine %s'), PMA_backquote(htmlspecialchars($routine['item_name'])));
$output .= "</legend>";
$output .= "<table><tr>";
foreach (PMA_DBI_get_fields_meta($result) as $key => $field) {
$output .= "<th>";
$output .= htmlspecialchars($field->name);
$output .= "</th>";
}
$output .= "</tr>";
// Stored routines can only ever return ONE ROW.
$data = PMA_DBI_fetch_single_row($result);
foreach ($data as $key => $value) {
if ($value === null) {
$value = '<i>NULL</i>';
} else {
$value = htmlspecialchars($value);
}
$output .= "<td class='odd'>" . $value . "</td>";
}
$output .= "</table></fieldset>";
} else {
$notice = __('MySQL returned an empty result set (i.e. zero rows).');
$output .= PMA_message::notice($notice)->getDisplay();
}
} else {
$output = '';
$message = PMA_message::error(sprintf(__('The following query has failed: "%s"'), $query) . '<br /><br />' . __('MySQL said: ') . PMA_DBI_getError(null));
}
// Print/send output
if ($GLOBALS['is_ajax_request']) {
$extra_data = array('dialog' => false);
PMA_ajaxResponse($message->getDisplay() . $output, $message->isSuccess(), $extra_data);
} else {
echo $message->getDisplay() . $output;
if ($message->isError()) {
// At least one query has failed, so shouldn't
// execute any more queries, so we quit.
exit;
}
unset($_POST);
// Now deliberately fall through to displaying the routines list
}
} else {
$message = __('Error in processing request') . ' : ';
$message .= sprintf(PMA_RTE_getWord('not_found'), htmlspecialchars(PMA_backquote($_REQUEST['item_name'])), htmlspecialchars(PMA_backquote($db)));
$message = PMA_message::error($message);
if ($GLOBALS['is_ajax_request']) {
PMA_ajaxResponse($message, $message->isSuccess());
} else {
echo $message->getDisplay();
unset($_POST);
}
}
} else {
if (!empty($_GET['execute_dialog']) && !empty($_GET['item_name'])) {
/**
* Display the execute form for a routine.
*/
$routine = PMA_RTN_getDataFromName($_GET['item_name'], $_GET['item_type'], true);
if ($routine !== false) {
$form = PMA_RTN_getExecuteForm($routine);
if ($GLOBALS['is_ajax_request'] == true) {
$extra_data = array();
$extra_data['dialog'] = true;
$extra_data['title'] = __("Execute routine") . " ";
$extra_data['title'] .= PMA_backquote(htmlentities($_GET['item_name'], ENT_QUOTES));
PMA_ajaxResponse($form, true, $extra_data);
} else {
echo "\n\n<h2>" . __("Execute routine") . "</h2>\n\n";
echo $form;
include './libraries/footer.inc.php';
// exit;
}
} else {
if ($GLOBALS['is_ajax_request'] == true) {
$message = __('Error in processing request') . ' : ';
$message .= sprintf(PMA_RTE_getWord('not_found'), htmlspecialchars(PMA_backquote($_REQUEST['item_name'])), htmlspecialchars(PMA_backquote($db)));
$message = PMA_message::error($message);
PMA_ajaxResponse($message, false);
}
}
}
}
}
/**
* runs a query and returns the result
*
* @param string $query query to run
* @param resource $link mysql link resource
* @param integer $options query options
* @param bool $cache_affected_rows whether to cache affected row
*
* @return mixed
*/
function PMA_DBI_try_query($query, $link = null, $options = 0, $cache_affected_rows = true)
{
if (empty($link)) {
if (isset($GLOBALS['userlink'])) {
$link = $GLOBALS['userlink'];
} else {
return false;
}
}
if ($GLOBALS['cfg']['DBG']['sql']) {
$time = microtime(true);
}
$result = PMA_DBI_real_query($query, $link, $options);
if ($cache_affected_rows) {
$GLOBALS['cached_affected_rows'] = PMA_DBI_affected_rows($link, $get_from_cache = false);
}
if ($GLOBALS['cfg']['DBG']['sql']) {
$time = microtime(true) - $time;
PMA_DBI_DBG_query($query, $link, $result, $time);
}
if ($result != false && PMA_Tracker::isActive() == true) {
PMA_Tracker::handleQuery($query);
}
return $result;
}
? $err_url . '&show_query=1&sql_query=' . urlencode($sql_query)
: $err_url;
PMA_mysqlDie($error, $full_sql_query, '', $full_err_url);
}
exit;
}
unset($error);
// Gets the number of rows affected/returned
// (This must be done immediately after the query because
// mysql_affected_rows() reports about the last query done)
if (! $is_affected) {
$num_rows = ($result) ? @PMA_DBI_num_rows($result) : 0;
} elseif (! isset($num_rows)) {
$num_rows = @PMA_DBI_affected_rows();
}
// Grabs the profiling results
if (isset($_SESSION['profiling']) && PMA_profilingSupported()) {
$profiling_results = PMA_DBI_fetch_result('SHOW PROFILE;');
}
// Checks if the current database has changed
// This could happen if the user sends a query like "USE `database`;"
/**
* commented out auto-switching to active database - really required?
* bug #1814718 win: table list disappears (mixed case db names)
* https://sourceforge.net/support/tracker.php?aid=1814718
* @todo RELEASE test and comit or rollback before release
$current_db = PMA_DBI_fetch_value('SELECT DATABASE()');
/**
* runs a query and returns the result
*
* @uses PMA_DBI_QUERY_STORE
* @uses PMA_DBI_QUERY_UNBUFFERED
* @uses $GLOBALS['userlink']
* @uses MYSQLI_STORE_RESULT
* @uses MYSQLI_USE_RESULT
* @uses mysqli_query()
* @uses defined()
* @param string $query query to execute
* @param object mysqli $link mysqli object
* @param integer $options
* @param boolean $cache_affected_rows
* @return mixed true, false or result object
*/
function PMA_DBI_try_query($query, $link = null, $options = 0, $cache_affected_rows = true)
{
if ($options == ($options | PMA_DBI_QUERY_STORE)) {
$method = MYSQLI_STORE_RESULT;
} elseif ($options == ($options | PMA_DBI_QUERY_UNBUFFERED)) {
$method = MYSQLI_USE_RESULT;
} else {
$method = 0;
}
if (empty($link)) {
if (isset($GLOBALS['userlink'])) {
$link = $GLOBALS['userlink'];
} else {
return false;
}
}
if ($GLOBALS['cfg']['DBG']['sql']) {
$time = microtime(true);
}
$r = mysqli_query($link, $query, $method);
if ($cache_affected_rows) {
$GLOBALS['cached_affected_rows'] = PMA_DBI_affected_rows($link, $get_from_cache = false);
}
if ($GLOBALS['cfg']['DBG']['sql']) {
$time = microtime(true) - $time;
$hash = md5($query);
if (isset($_SESSION['debug']['queries'][$hash])) {
$_SESSION['debug']['queries'][$hash]['count']++;
} else {
$_SESSION['debug']['queries'][$hash] = array();
$_SESSION['debug']['queries'][$hash]['count'] = 1;
$_SESSION['debug']['queries'][$hash]['query'] = $query;
$_SESSION['debug']['queries'][$hash]['time'] = $time;
}
$trace = array();
foreach (debug_backtrace() as $trace_step) {
$trace[] = PMA_Error::relPath($trace_step['file']) . '#' . $trace_step['line'] . ': ' . (isset($trace_step['class']) ? $trace_step['class'] : '') . (isset($trace_step['type']) ? $trace_step['type'] : '') . (isset($trace_step['function']) ? $trace_step['function'] : '') . '(' . (isset($trace_step['params']) ? implode(', ', $trace_step['params']) : '') . ')';
}
$_SESSION['debug']['queries'][$hash]['trace'][] = $trace;
}
if ($r != FALSE && PMA_Tracker::isActive() == TRUE) {
PMA_Tracker::handleQuery($query);
}
return $r;
// From the PHP manual:
// "note: returns true on success or false on failure. For SELECT,
// SHOW, DESCRIBE or EXPLAIN, mysqli_query() will return a result object"
// so, do not use the return value to feed mysqli_num_rows() if it's
// a boolean
}
/**
* Runs query inside import buffer. This is needed to allow displaying
* of last SELECT or SHOW results and simmilar nice stuff.
*
* @param string query to run
* @param string query to display, this might be commented
* @access public
*/
function PMA_importRunQuery($sql = '', $full = '')
{
global $import_run_buffer, $go_sql, $complete_query, $display_query, $sql_query, $cfg, $my_die, $error, $reload, $finished, $timeout_passed, $skip_queries, $executed_queries, $max_sql_len, $read_multiply, $cfg, $sql_query_disabled, $db, $run_query, $is_superuser;
$read_multiply = 1;
if (isset($import_run_buffer)) {
// Should we skip something?
if ($skip_queries > 0) {
$skip_queries--;
} else {
if (!empty($import_run_buffer['sql']) && trim($import_run_buffer['sql']) != '') {
if (!$cfg['AllowUserDropDatabase'] && !$is_superuser && preg_match('@DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE @i', $import_run_buffer['sql'])) {
$message = $GLOBALS['strNoDropDatabases'];
$show_error_header = TRUE;
$error = TRUE;
return;
}
$max_sql_len = max($max_sql_len, strlen($import_run_buffer['sql']));
if (!$sql_query_disabled) {
$sql_query .= $import_run_buffer['full'];
}
$executed_queries++;
if ($run_query && $finished && empty($sql) && !$error && (!empty($import_run_buffer['sql']) && preg_match('/^[\\s]*(SELECT|SHOW)/i', $import_run_buffer['sql']) || $executed_queries == 1)) {
$go_sql = TRUE;
if (!$sql_query_disabled) {
$complete_query = $sql_query;
$display_query = $sql_query;
} else {
$complete_query = '';
$display_query = '';
}
$sql_query = $import_run_buffer['sql'];
} elseif ($run_query) {
$result = PMA_DBI_try_query($import_run_buffer['sql']);
$msg = '# ';
if ($result === FALSE) {
// execution failed
if (!isset($my_die)) {
$my_die = array();
}
$my_die[] = array('sql' => $import_run_buffer['full'], 'error' => PMA_DBI_getError());
if ($cfg['VerboseMultiSubmit']) {
$msg .= $GLOBALS['strError'];
}
if (!$cfg['IgnoreMultiSubmitErrors']) {
$error = TRUE;
return;
}
} elseif ($cfg['VerboseMultiSubmit']) {
$a_num_rows = (int) @PMA_DBI_num_rows($result);
$a_aff_rows = (int) @PMA_DBI_affected_rows();
if ($a_num_rows > 0) {
$msg .= $GLOBALS['strRows'] . ': ' . $a_num_rows;
} elseif ($a_aff_rows > 0) {
$a_rows = $msg .= $GLOBALS['strAffectedRows'] . ' ' . $a_aff_rows;
} else {
$msg .= $GLOBALS['strEmptyResultSet'];
}
}
if (!$sql_query_disabled) {
$sql_query .= $msg . "\n";
}
// If a 'USE <db>' SQL-clause was found and the query succeeded, set our current $db to the new one
if ($result != FALSE && preg_match('@^[\\s]*USE[[:space:]]*([\\S]+)@i', $import_run_buffer['sql'], $match)) {
$db = trim($match[1]);
$reload = TRUE;
}
if ($result != FALSE && preg_match('@^[\\s]*(DROP|CREATE)[\\s]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@im', $import_run_buffer['sql'])) {
$reload = TRUE;
}
}
// end run query
} elseif (!empty($import_run_buffer['full'])) {
if ($go_sql) {
$complete_query .= $import_run_buffer['full'];
$display_query .= $import_run_buffer['full'];
} else {
if (!$sql_query_disabled) {
$sql_query .= $import_run_buffer['full'];
}
}
}
// check length of query unless we decided to pass it to sql.php
if (!$go_sql) {
if ($cfg['VerboseMultiSubmit'] && !empty($sql_query)) {
if (strlen($sql_query) > 50000 || $executed_queries > 50 || $max_sql_len > 1000) {
$sql_query = '';
$sql_query_disabled = TRUE;
}
} else {
if (strlen($sql_query) > 10000 || $executed_queries > 10 || $max_sql_len > 500) {
$sql_query = '';
$sql_query_disabled = TRUE;
}
}
}
}
// end do query (no skip)
}
// end buffer exists
// Do we have something to push into buffer?
if (!empty($sql) || !empty($full)) {
$import_run_buffer = array('sql' => $sql, 'full' => $full);
} else {
unset($GLOBALS['import_run_buffer']);
}
}
/**
* Executes the sql query and get the result, then move back to the calling page
*
* @param array $url_params url paramters array
* @param string $query built query from PMA_buildSqlQuery()
*
* @return array $url_params, $total_affected_rows, $last_messages
* $warning_messages, $error_messages, $return_to_sql_query
*/
function PMA_executeSqlQuery($url_params, $query)
{
$return_to_sql_query = '';
if (!empty($GLOBALS['sql_query'])) {
$url_params['sql_query'] = $GLOBALS['sql_query'];
$return_to_sql_query = $GLOBALS['sql_query'];
}
$GLOBALS['sql_query'] = implode('; ', $query) . ';';
// to ensure that the query is displayed in case of
// "insert as new row" and then "insert another new row"
$GLOBALS['display_query'] = $GLOBALS['sql_query'];
$total_affected_rows = 0;
$last_messages = array();
$warning_messages = array();
$error_messages = array();
foreach ($query as $single_query) {
if ($_REQUEST['submit_type'] == 'showinsert') {
$last_messages[] = PMA_Message::notice(__('Showing SQL query'));
continue;
}
if ($GLOBALS['cfg']['IgnoreMultiSubmitErrors']) {
$result = PMA_DBI_try_query($single_query);
} else {
$result = PMA_DBI_query($single_query);
}
if (!$result) {
$error_messages[] = PMA_Message::sanitize(PMA_DBI_getError());
} else {
// The next line contains a real assignment, it's not a typo
if ($tmp = @PMA_DBI_affected_rows()) {
$total_affected_rows += $tmp;
}
unset($tmp);
$insert_id = PMA_DBI_insert_id();
if ($insert_id != 0) {
// insert_id is id of FIRST record inserted in one insert, so if we
// inserted multiple rows, we had to increment this
if ($total_affected_rows > 0) {
$insert_id = $insert_id + $total_affected_rows - 1;
}
$last_message = PMA_Message::notice(__('Inserted row id: %1$d'));
$last_message->addParam($insert_id);
$last_messages[] = $last_message;
}
PMA_DBI_free_result($result);
}
$warning_messages = PMA_getWarningMessages();
}
return array($url_params, $total_affected_rows, $last_messages, $warning_messages, $error_messages, $return_to_sql_query);
}
$error_messages = array();
foreach ($query as $single_query) {
if ($_REQUEST['submit_type'] == 'showinsert') {
$last_messages[] = PMA_Message::notice(__('Showing SQL query'));
continue;
}
if ($GLOBALS['cfg']['IgnoreMultiSubmitErrors']) {
$result = PMA_DBI_try_query($single_query);
} else {
$result = PMA_DBI_query($single_query);
}
if (!$result) {
$error_messages[] = PMA_Message::sanitize(PMA_DBI_getError());
} else {
// The next line contains a real assignment, it's not a typo
if ($tmp = @PMA_DBI_affected_rows()) {
$total_affected_rows += $tmp;
}
unset($tmp);
$insert_id = PMA_DBI_insert_id();
if ($insert_id != 0) {
// insert_id is id of FIRST record inserted in one insert, so if we
// inserted multiple rows, we had to increment this
if ($total_affected_rows > 0) {
$insert_id = $insert_id + $total_affected_rows - 1;
}
$last_message = PMA_Message::notice(__('Inserted row id: %1$d'));
$last_message->addParam($insert_id);
$last_messages[] = $last_message;
}
PMA_DBI_free_result($result);
echo ' <input type="hidden" name="tablename" value="' . htmlspecialchars($tablename) . '" />' . "\n";
}
}
echo ' <b>' . $strEditPrivileges . '</b><br />' . "\n";
PMA_displayPrivTable(empty($dbname) ? '*' : $dbname, empty($dbname) || empty($tablename) ? '*' : $tablename, TRUE, 3);
echo ' </form>' . "\n" . ' </li>' . "\n";
if (empty($tablename)) {
echo ' <li>' . "\n" . ' <b>' . (empty($dbname) ? $strDbPrivileges : $strTblPrivileges) . '</b><br />' . "\n" . ' <table border="0" cellpadding="2" cellspacing="1">' . "\n" . ' <tr>' . "\n" . ' <th> ' . (empty($dbname) ? $strDatabase : $strTable) . ' </th>' . "\n" . ' <th> ' . $strPrivileges . ' </th>' . "\n" . ' <th> ' . $strGrantOption . ' </th>' . "\n" . ' <th> ' . (empty($dbname) ? $strTblPrivileges : $strColumnPrivileges) . ' </th>' . "\n" . ' <th colspan="2"> ' . $strAction . ' </th>' . "\n" . ' </tr>' . "\n";
$user_host_condition = ' WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted');
if (empty($dbname)) {
$sql_query = 'SELECT * FROM `db`' . $user_host_condition . ' ORDER BY `Db` ASC;';
} else {
$sql_query = 'SELECT `Table_name`, `Table_priv`, IF(`Column_priv` = ' . (PMA_MYSQL_INT_VERSION >= 40100 ? '_latin1 ' : '') . ' \'\', 0, 1) AS \'Column_priv\' FROM `tables_priv`' . $user_host_condition . ' AND ' . PMA_convert_using('Db') . ' = ' . PMA_convert_using($dbname, 'quoted') . ' ORDER BY `Table_name` ASC;';
}
$res = PMA_DBI_query($sql_query, NULL, PMA_DBI_QUERY_STORE);
if (PMA_DBI_affected_rows() == 0) {
echo ' <tr>' . "\n" . ' <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="6"><center><i>' . $strNone . '</i></center></td>' . "\n" . ' </tr>' . "\n";
} else {
$useBgcolorOne = TRUE;
if (empty($dbname)) {
$res2 = PMA_DBI_query('SELECT `Db` FROM `tables_priv`' . $user_host_condition . ' GROUP BY `Db` ORDER BY `Db` ASC;');
$row2 = PMA_DBI_fetch_assoc($res2);
}
$found_rows = array();
while ($row = PMA_DBI_fetch_assoc($res)) {
while (empty($dbname) && $row2 && $row['Db'] > $row2['Db']) {
$found_rows[] = $row2['Db'];
echo ' <tr>' . "\n" . ' <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . htmlspecialchars($row2['Db']) . '</td>' . "\n" . ' <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><tt>' . "\n" . ' <dfn title="' . $strPrivDescUsage . '">USAGE</dfn>' . "\n" . ' </tt></td>' . "\n" . ' <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . $strNo . '</td>' . "\n" . ' <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . $strYes . '</td>' . "\n" . ' <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><a href="server_privileges.php?' . $url_query . '&username='******'&hostname=' . urlencode($hostname) . '&dbname=' . urlencode($row2['Db']) . '">' . $strEdit . '</a></td>' . "\n" . ' <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><a href="server_privileges.php?' . $url_query . '&username='******'&hostname=' . urlencode($hostname) . '&dbname=' . urlencode($row2['Db']) . '&revokeall=1">' . $strRevoke . '</a></td>' . "\n" . ' </tr>' . "\n";
$row2 = PMA_DBI_fetch_assoc($res2);
$useBgcolorOne = !$useBgcolorOne;
}
$my_die = array();
$my_die[] = $a_sql_query;
} else {
$my_die = $a_sql_query;
}
if ($cfg['VerboseMultiSubmit']) {
$info_msg .= $a_sql_query . '; # ' . $strError . "\n";
$info_count++;
}
if (!$cfg['IgnoreMultiSubmitErrors']) {
break;
}
} else {
if ($cfg['VerboseMultiSubmit']) {
$a_num_rows = (int) @PMA_DBI_num_rows($result);
$a_aff_rows = (int) @PMA_DBI_affected_rows();
if ($a_num_rows > 0) {
$a_rows = $a_num_rows;
$a_switch = $strRows . ': ';
} elseif ($a_aff_rows > 0) {
$a_rows = $a_aff_rows;
$a_switch = $strAffectedRows;
} else {
$a_rows = '';
$a_switch = $strEmptyResultSet;
}
$info_msg .= $a_sql_query . "; # " . $a_switch . $a_rows . "\n";
$info_count++;
}
}
// If a 'USE <db>' SQL-clause was found and the query succeeded, set our current $db to the new one
/**
* Generate table html when SQL statement have multiple queries
* which return displayable results
*
* @param PMA_DisplayResults $displayResultsObject object
* @param string $db database name
* @param array $sql_data information about SQL statement
* @param string $goto URL to go back in case of errors
* @param string $pmaThemeImage path for theme images directory
* @param string $text_dir text direction
* @param string $printview whether printview is enabled
* @param string $url_query URL query
* @param array $disp_mode the display mode
* @param string $sql_limit_to_append limit clause
* @param bool $editable whether result set is editable
*
* @return string $table_html html content
*/
function getTableHtmlForMultipleQueries($displayResultsObject, $db, $sql_data, $goto, $pmaThemeImage, $text_dir, $printview, $url_query, $disp_mode, $sql_limit_to_append, $editable)
{
$table_html = '';
$tables_array = PMA_DBI_get_tables($db);
$databases_array = PMA_DBI_get_databases_full();
$multi_sql = implode(";", $sql_data['valid_sql']);
$querytime_before = array_sum(explode(' ', microtime()));
// Assignment for variable is not needed since the results are
// looiping using the connection
@PMA_DBI_try_multi_query($multi_sql);
$querytime_after = array_sum(explode(' ', microtime()));
$querytime = $querytime_after - $querytime_before;
$sql_no = 0;
do {
$analyzed_sql = array();
$is_affected = false;
$result = PMA_DBI_store_result();
$fields_meta = $result !== false ? PMA_DBI_get_fields_meta($result) : array();
$fields_cnt = count($fields_meta);
// Initialize needed params related to each query in multiquery statement
if (isset($sql_data['valid_sql'][$sql_no])) {
// 'Use' query can change the database
if (stripos($sql_data['valid_sql'][$sql_no], "use ")) {
$db = PMA_getNewDatabase($sql_data['valid_sql'][$sql_no], $databases_array);
}
$parsed_sql = PMA_SQP_parse($sql_data['valid_sql'][$sql_no]);
$table = PMA_getTableNameBySQL($sql_data['valid_sql'][$sql_no], $tables_array);
$analyzed_sql = PMA_SQP_analyze($parsed_sql);
$is_select = isset($analyzed_sql[0]['queryflags']['select_from']);
$unlim_num_rows = PMA_Table::countRecords($db, $table, true);
$showtable = PMA_Table::sGetStatusInfo($db, $table, null, true);
$url_query = PMA_generate_common_url($db, $table);
list($is_group, $is_func, $is_count, $is_export, $is_analyse, $is_explain, $is_delete, $is_affected, $is_insert, $is_replace, $is_show, $is_maint) = PMA_getDisplayPropertyParams($sql_data['valid_sql'][$sql_no], $is_select);
// Handle remembered sorting order, only for single table query
if ($GLOBALS['cfg']['RememberSorting'] && !($is_count || $is_export || $is_func || $is_analyse) && isset($analyzed_sql[0]['select_expr']) && count($analyzed_sql[0]['select_expr']) == 0 && isset($analyzed_sql[0]['queryflags']['select_from']) && count($analyzed_sql[0]['table_ref']) == 1) {
PMA_handleSortOrder($db, $table, $analyzed_sql, $sql_data['valid_sql'][$sql_no]);
}
// Do append a "LIMIT" clause?
if ($_SESSION['tmp_user_values']['max_rows'] != 'all' && !($is_count || $is_export || $is_func || $is_analyse) && isset($analyzed_sql[0]['queryflags']['select_from']) && !isset($analyzed_sql[0]['queryflags']['offset']) && empty($analyzed_sql[0]['limit_clause'])) {
$sql_limit_to_append = ' LIMIT ' . $_SESSION['tmp_user_values']['pos'] . ', ' . $_SESSION['tmp_user_values']['max_rows'] . " ";
$sql_data['valid_sql'][$sql_no] = PMA_getSqlWithLimitClause($sql_data['valid_sql'][$sql_no], $analyzed_sql, $sql_limit_to_append);
}
// Set the needed properties related to executing sql query
$displayResultsObject->__set('db', $db);
$displayResultsObject->__set('table', $table);
$displayResultsObject->__set('goto', $goto);
}
if (!$is_affected) {
$num_rows = $result ? @PMA_DBI_num_rows($result) : 0;
} elseif (!isset($num_rows)) {
$num_rows = @PMA_DBI_affected_rows();
}
if (isset($sql_data['valid_sql'][$sql_no])) {
$displayResultsObject->__set('sql_query', $sql_data['valid_sql'][$sql_no]);
$displayResultsObject->setProperties($unlim_num_rows, $fields_meta, $is_count, $is_export, $is_func, $is_analyse, $num_rows, $fields_cnt, $querytime, $pmaThemeImage, $text_dir, $is_maint, $is_explain, $is_show, $showtable, $printview, $url_query, $editable);
}
if ($num_rows == 0) {
continue;
}
// With multiple results, operations are limied
$disp_mode = 'nnnn000000';
$is_limited_display = true;
// Collect the tables
$table_html .= $displayResultsObject->getTable($result, $disp_mode, $analyzed_sql, $is_limited_display);
// Free the result to save the memory
PMA_DBI_free_result($result);
$sql_no++;
} while (PMA_DBI_more_results() && PMA_DBI_next_result());
return $table_html;
}
*/
require './' . PMA_securePath($goto);
} else {
$full_err_url = preg_match('@^(db|tbl)_@', $err_url) ? $err_url . '&show_query=1&sql_query=' . urlencode($sql_query) : $err_url;
PMA_mysqlDie($error, $full_sql_query, '', $full_err_url);
}
exit;
}
unset($error);
// Gets the number of rows affected/returned
// (This must be done immediately after the query because
// mysql_affected_rows() reports about the last query done)
if (!$is_affected) {
$num_rows = $result ? @PMA_DBI_num_rows($result) : 0;
} elseif (!isset($num_rows)) {
$num_rows = @PMA_DBI_affected_rows($result);
}
// Grabs the profiling results
if (isset($_SESSION['profiling']) && PMA_profilingSupported()) {
$profiling_results = PMA_DBI_fetch_result('SHOW PROFILE');
}
// Checks if the current database has changed
// This could happen if the user sends a query like "USE `database`;"
/**
* commented out auto-switching to active database - really required?
* bug #1814718 win: table list disappears (mixed case db names)
* https://sourceforge.net/support/tracker.php?aid=1814718
* @todo RELEASE test and comit or rollback before release
$current_db = PMA_DBI_fetch_value('SELECT DATABASE()');
if ($db !== $current_db) {
$db = $current_db;
/**
* Runs query inside import buffer. This is needed to allow displaying
* of last SELECT, SHOW or HANDLER results and similar nice stuff.
*
* @param string $sql query to run
* @param string $full query to display, this might be commented
* @param bool $controluser whether to use control user for queries
* @param array &$sql_data
*
* @return void
* @access public
*/
function PMA_importRunQuery($sql = '', $full = '', $controluser = false, &$sql_data = array())
{
global $import_run_buffer, $go_sql, $complete_query, $display_query, $sql_query, $my_die, $error, $reload, $last_query_with_results, $skip_queries, $executed_queries, $max_sql_len, $read_multiply, $cfg, $sql_query_disabled, $db, $run_query, $is_superuser;
$read_multiply = 1;
if (isset($import_run_buffer)) {
// Should we skip something?
if ($skip_queries > 0) {
$skip_queries--;
} else {
if (!empty($import_run_buffer['sql']) && trim($import_run_buffer['sql']) != '') {
// USE query changes the database, son need to track
// while running multiple queries
$is_use_query = stripos($import_run_buffer['sql'], "use ") !== false ? true : false;
$max_sql_len = max($max_sql_len, strlen($import_run_buffer['sql']));
if (!$sql_query_disabled) {
$sql_query .= $import_run_buffer['full'];
}
if (!$cfg['AllowUserDropDatabase'] && !$is_superuser && preg_match('@^[[:space:]]*DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE @i', $import_run_buffer['sql'])) {
$GLOBALS['message'] = PMA_Message::error(__('"DROP DATABASE" statements are disabled.'));
$error = true;
} else {
$executed_queries++;
if ($run_query && $GLOBALS['finished'] && empty($sql) && !$error && (!empty($import_run_buffer['sql']) && preg_match('/^[\\s]*(SELECT|SHOW|HANDLER)/i', $import_run_buffer['sql']) || $executed_queries == 1)) {
$go_sql = true;
if (!$sql_query_disabled) {
$complete_query = $sql_query;
$display_query = $sql_query;
} else {
$complete_query = '';
$display_query = '';
}
$sql_query = $import_run_buffer['sql'];
$sql_data['valid_sql'][] = $import_run_buffer['sql'];
$sql_data['valid_queries']++;
// If a 'USE <db>' SQL-clause was found,
// set our current $db to the new one
list($db, $reload) = PMA_lookForUse($import_run_buffer['sql'], $db, $reload);
} elseif ($run_query) {
if ($controluser) {
$result = PMA_queryAsControlUser($import_run_buffer['sql']);
} else {
$result = PMA_DBI_try_query($import_run_buffer['sql']);
}
$msg = '# ';
if ($result === false) {
// execution failed
if (!isset($my_die)) {
$my_die = array();
}
$my_die[] = array('sql' => $import_run_buffer['full'], 'error' => PMA_DBI_getError());
$msg .= __('Error');
if (!$cfg['IgnoreMultiSubmitErrors']) {
$error = true;
return;
}
} else {
$a_num_rows = (int) @PMA_DBI_num_rows($result);
$a_aff_rows = (int) @PMA_DBI_affected_rows();
if ($a_num_rows > 0) {
$msg .= __('Rows') . ': ' . $a_num_rows;
$last_query_with_results = $import_run_buffer['sql'];
} elseif ($a_aff_rows > 0) {
$message = PMA_Message::getMessageForAffectedRows($a_aff_rows);
$msg .= $message->getMessage();
} else {
$msg .= __('MySQL returned an empty result set (i.e. zero rows).');
}
if ($a_num_rows > 0 || $is_use_query) {
$sql_data['valid_sql'][] = $import_run_buffer['sql'];
$sql_data['valid_queries']++;
}
}
if (!$sql_query_disabled) {
$sql_query .= $msg . "\n";
}
// If a 'USE <db>' SQL-clause was found and the query
// succeeded, set our current $db to the new one
if ($result != false) {
list($db, $reload) = PMA_lookForUse($import_run_buffer['sql'], $db, $reload);
}
if ($result != false && preg_match('@^[\\s]*(DROP|CREATE)[\\s]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@im', $import_run_buffer['sql'])) {
$reload = true;
}
}
// end run query
}
// end if not DROP DATABASE
// end non empty query
} elseif (!empty($import_run_buffer['full'])) {
if ($go_sql) {
$complete_query .= $import_run_buffer['full'];
$display_query .= $import_run_buffer['full'];
} else {
if (!$sql_query_disabled) {
$sql_query .= $import_run_buffer['full'];
}
}
}
// check length of query unless we decided to pass it to sql.php
// (if $run_query is false, we are just displaying so show
// the complete query in the textarea)
if (!$go_sql && $run_query) {
if (!empty($sql_query)) {
if (strlen($sql_query) > 50000 || $executed_queries > 50 || $max_sql_len > 1000) {
$sql_query = '';
$sql_query_disabled = true;
}
}
}
}
// end do query (no skip)
}
// end buffer exists
// Do we have something to push into buffer?
if (!empty($sql) || !empty($full)) {
$import_run_buffer = array('sql' => $sql, 'full' => $full);
} else {
unset($GLOBALS['import_run_buffer']);
}
}
/**
* runs a query and returns the result
*
* @param string $query query to run
* @param resource $link mysql link resource
* @param integer $options
* @return mixed
*/
function PMA_DBI_try_query($query, $link = null, $options = 0, $cache_affected_rows = true)
{
//print_r($query);
if (empty($link)) {
if (isset($GLOBALS['userlink'])) {
$link = $GLOBALS['userlink'];
} else {
return false;
}
}
if ($GLOBALS['cfg']['DBG']['sql']) {
$time = microtime(true);
}
/*
if ($options == ($options | PMA_DBI_QUERY_STORE)) {
$r = mysql_query($query, $link);
} elseif ($options == ($options | PMA_DBI_QUERY_UNBUFFERED)) {
$r = mysql_unbuffered_query($query, $link);
} else {
$r = mysql_query($query, $link);
}
*/
$stid = oci_parse($link, $query);
if (!$stid) {
$e = oci_error($link);
// For oci_execute errors pass the statement handle
PMA_mysqlDie($e['message'], $query);
}
$result_sql = oci_execute($stid);
if (!$result_sql) {
$e = oci_error($stid);
// For oci_execute errors pass the statement handle
//$error_str = ($e['message'])
//. ($e['sqltext']);
$sql_str = substr_replace($e['sqltext'], '^', $e['offset'], 0);
PMA_mysqlDie($e['message'], $sql_str);
}
$r = $stid;
if ($cache_affected_rows) {
$GLOBALS['cached_affected_rows'] = PMA_DBI_affected_rows($r, $get_from_cache = false);
}
if ($GLOBALS['cfg']['DBG']['sql']) {
$time = microtime(true) - $time;
$hash = md5($query);
if (isset($_SESSION['debug']['queries'][$hash])) {
$_SESSION['debug']['queries'][$hash]['count']++;
} else {
$_SESSION['debug']['queries'][$hash] = array();
$_SESSION['debug']['queries'][$hash]['count'] = 1;
$_SESSION['debug']['queries'][$hash]['query'] = $query;
$_SESSION['debug']['queries'][$hash]['time'] = $time;
}
$trace = array();
foreach (debug_backtrace() as $trace_step) {
$trace[] = PMA_Error::relPath($trace_step['file']) . '#' . $trace_step['line'] . ': ' . (isset($trace_step['class']) ? $trace_step['class'] : '') . (isset($trace_step['type']) ? $trace_step['type'] : '') . (isset($trace_step['function']) ? $trace_step['function'] : '') . '(' . (isset($trace_step['params']) ? implode(', ', $trace_step['params']) : '') . ')';
}
$_SESSION['debug']['queries'][$hash]['trace'][] = $trace;
}
if ($r != FALSE && PMA_Tracker::isActive() == TRUE) {
PMA_Tracker::handleQuery($query);
}
return $r;
}
if ($_REQUEST['submit_type'] == 'showinsert') {
$last_messages[] = PMA_Message::notice(__('Showing SQL query'));
continue;
}
if ($GLOBALS['cfg']['IgnoreMultiSubmitErrors']) {
$result = PMA_DBI_try_query($single_query);
} else {
$result = PMA_DBI_query($single_query);
}
$error_messages[] = PMA_Message::sanitize(PMA_DBI_getError($result));
if (!$result) {
$error_messages[] = PMA_Message::sanitize(PMA_DBI_getError($result));
print_r('sdfadfas');
} else {
// The next line contains a real assignment, it's not a typo
if ($tmp = @PMA_DBI_affected_rows($result)) {
$total_affected_rows += $tmp;
}
unset($tmp);
/*
$insert_id = PMA_DBI_insert_id();
if ($insert_id != 0) {
// insert_id is id of FIRST record inserted in one insert, so if we
// inserted multiple rows, we had to increment this
if ($total_affected_rows > 0) {
$insert_id = $insert_id + $total_affected_rows - 1;
}
$last_message = PMA_Message::notice(__('Inserted row id: %1$d'));
$last_message->addParam($insert_id);
$last_messages[] = $last_message;
