$last_message = ''; $warning_message = ''; foreach ($query as $query_index => $single_query) { if ($cfg['IgnoreMultiSubmitErrors']) { $result = PMA_DBI_try_query($single_query); } else { $result = PMA_DBI_query($single_query); } if (isset($GLOBALS['warning'])) { $warning_message .= $GLOBALS['warning'] . '[br]'; } if (!$result) { $message .= PMA_DBI_getError(); } else { if (@PMA_DBI_affected_rows()) { $total_affected_rows += @PMA_DBI_affected_rows(); } $insert_id = PMA_DBI_insert_id(); if ($insert_id != 0) { $last_message .= '[br]' . $strInsertedRowId . ' ' . $insert_id; } } // end if PMA_DBI_free_result($result); unset($result); } if ($total_affected_rows != 0) { $message .= $total_affected_rows; } else { $message .= $strModifications; }
/** * runs a query and returns the result * * @param string $query query to run * @param resource $link mysql link resource * @param integer $options query options * @param bool $cache_affected_rows whether to cache affected row * * @return mixed */ function PMA_DBI_try_query($query, $link = null, $options = 0, $cache_affected_rows = true) { if (empty($link)) { if (isset($GLOBALS['userlink'])) { $link = $GLOBALS['userlink']; } else { return false; } } if ($GLOBALS['cfg']['DBG']['sql']) { $time = microtime(true); } $r = PMA_DBI_real_query($query, $link, $options); if ($cache_affected_rows) { $GLOBALS['cached_affected_rows'] = PMA_DBI_affected_rows($link, $get_from_cache = false); } if ($GLOBALS['cfg']['DBG']['sql']) { $time = microtime(true) - $time; $hash = md5($query); if (isset($_SESSION['debug']['queries'][$hash])) { $_SESSION['debug']['queries'][$hash]['count']++; } else { $_SESSION['debug']['queries'][$hash] = array(); if ($r == false) { $_SESSION['debug']['queries'][$hash]['error'] = '<b style="color:red">' . mysqli_error($link) . '</b>'; } $_SESSION['debug']['queries'][$hash]['count'] = 1; $_SESSION['debug']['queries'][$hash]['query'] = $query; $_SESSION['debug']['queries'][$hash]['time'] = $time; } $trace = array(); foreach (debug_backtrace() as $trace_step) { $trace[] = PMA_Error::relPath($trace_step['file']) . '#' . $trace_step['line'] . ': ' . (isset($trace_step['class']) ? $trace_step['class'] : '') . (isset($trace_step['type']) ? $trace_step['type'] : '') . (isset($trace_step['function']) ? $trace_step['function'] : '') . '(' . (isset($trace_step['params']) ? implode(', ', $trace_step['params']) : '') . ')'; } $_SESSION['debug']['queries'][$hash]['trace'][] = $trace; } if ($r != false && PMA_Tracker::isActive() == true) { PMA_Tracker::handleQuery($query); } return $r; }
/** * Handles requests for executing a routine */ function PMA_RTN_handleExecute() { global $_GET, $_POST, $_REQUEST, $GLOBALS, $db, $cfg; /** * Handle all user requests other than the default of listing routines */ if (!empty($_REQUEST['execute_routine']) && !empty($_REQUEST['item_name'])) { // Build the queries $routine = PMA_RTN_getDataFromName($_REQUEST['item_name'], $_REQUEST['item_type'], false); if ($routine !== false) { $queries = array(); $end_query = array(); $args = array(); for ($i = 0; $i < $routine['item_num_params']; $i++) { if (isset($_REQUEST['params'][$routine['item_param_name'][$i]])) { $value = $_REQUEST['params'][$routine['item_param_name'][$i]]; if (is_array($value)) { // is SET type $value = implode(',', $value); } $value = PMA_sqlAddSlashes($value); if (!empty($_REQUEST['funcs'][$routine['item_param_name'][$i]]) && in_array($_REQUEST['funcs'][$routine['item_param_name'][$i]], $cfg['Functions'])) { $queries[] = "SET @p{$i}={$_REQUEST['funcs'][$routine['item_param_name'][$i]]}('{$value}');\n"; } else { $queries[] = "SET @p{$i}='{$value}';\n"; } $args[] = "@p{$i}"; } else { $args[] = "@p{$i}"; } if ($routine['item_type'] == 'PROCEDURE') { if ($routine['item_param_dir'][$i] == 'OUT' || $routine['item_param_dir'][$i] == 'INOUT') { $end_query[] = "@p{$i} AS " . PMA_backquote($routine['item_param_name'][$i]); } } } if ($routine['item_type'] == 'PROCEDURE') { $queries[] = "CALL " . PMA_backquote($routine['item_name']) . "(" . implode(', ', $args) . ");\n"; if (count($end_query)) { $queries[] = "SELECT " . implode(', ', $end_query) . ";\n"; } } else { $queries[] = "SELECT " . PMA_backquote($routine['item_name']) . "(" . implode(', ', $args) . ") " . "AS " . PMA_backquote($routine['item_name']) . ";\n"; } // Execute the queries $affected = 0; $result = null; $outcome = true; foreach ($queries as $query) { $resource = PMA_DBI_try_query($query); if ($resource === false) { $outcome = false; break; } while (true) { if (!PMA_DBI_more_results()) { break; } PMA_DBI_next_result(); } if (substr($query, 0, 6) == 'SELECT') { $result = $resource; } else { if (substr($query, 0, 4) == 'CALL') { $result = $resource ? $resource : $result; $affected = PMA_DBI_affected_rows() - PMA_DBI_num_rows($resource); } } } // Generate output if ($outcome) { $message = __('Your SQL query has been executed successfully'); if ($routine['item_type'] == 'PROCEDURE') { $message .= '<br />'; $message .= sprintf(_ngettext('%d row affected by the last statement inside the procedure', '%d rows affected by the last statement inside the procedure', $affected), $affected); } $message = PMA_message::success($message); // Pass the SQL queries through the "pretty printer" $output = '<code class="sql" style="margin-bottom: 1em;">'; $output .= PMA_SQP_formatHtml(PMA_SQP_parse(implode($queries))); $output .= '</code>'; // Display results if ($result) { $output .= "<fieldset><legend>"; $output .= sprintf(__('Execution results of routine %s'), PMA_backquote(htmlspecialchars($routine['item_name']))); $output .= "</legend>"; $output .= "<table><tr>"; foreach (PMA_DBI_get_fields_meta($result) as $key => $field) { $output .= "<th>"; $output .= htmlspecialchars($field->name); $output .= "</th>"; } $output .= "</tr>"; // Stored routines can only ever return ONE ROW. $data = PMA_DBI_fetch_single_row($result); foreach ($data as $key => $value) { if ($value === null) { $value = '<i>NULL</i>'; } else { $value = htmlspecialchars($value); } $output .= "<td class='odd'>" . $value . "</td>"; } $output .= "</table></fieldset>"; } else { $notice = __('MySQL returned an empty result set (i.e. zero rows).'); $output .= PMA_message::notice($notice)->getDisplay(); } } else { $output = ''; $message = PMA_message::error(sprintf(__('The following query has failed: "%s"'), $query) . '<br /><br />' . __('MySQL said: ') . PMA_DBI_getError(null)); } // Print/send output if ($GLOBALS['is_ajax_request']) { $extra_data = array('dialog' => false); PMA_ajaxResponse($message->getDisplay() . $output, $message->isSuccess(), $extra_data); } else { echo $message->getDisplay() . $output; if ($message->isError()) { // At least one query has failed, so shouldn't // execute any more queries, so we quit. exit; } unset($_POST); // Now deliberately fall through to displaying the routines list } } else { $message = __('Error in processing request') . ' : '; $message .= sprintf(PMA_RTE_getWord('not_found'), htmlspecialchars(PMA_backquote($_REQUEST['item_name'])), htmlspecialchars(PMA_backquote($db))); $message = PMA_message::error($message); if ($GLOBALS['is_ajax_request']) { PMA_ajaxResponse($message, $message->isSuccess()); } else { echo $message->getDisplay(); unset($_POST); } } } else { if (!empty($_GET['execute_dialog']) && !empty($_GET['item_name'])) { /** * Display the execute form for a routine. */ $routine = PMA_RTN_getDataFromName($_GET['item_name'], $_GET['item_type'], true); if ($routine !== false) { $form = PMA_RTN_getExecuteForm($routine); if ($GLOBALS['is_ajax_request'] == true) { $extra_data = array(); $extra_data['dialog'] = true; $extra_data['title'] = __("Execute routine") . " "; $extra_data['title'] .= PMA_backquote(htmlentities($_GET['item_name'], ENT_QUOTES)); PMA_ajaxResponse($form, true, $extra_data); } else { echo "\n\n<h2>" . __("Execute routine") . "</h2>\n\n"; echo $form; include './libraries/footer.inc.php'; // exit; } } else { if ($GLOBALS['is_ajax_request'] == true) { $message = __('Error in processing request') . ' : '; $message .= sprintf(PMA_RTE_getWord('not_found'), htmlspecialchars(PMA_backquote($_REQUEST['item_name'])), htmlspecialchars(PMA_backquote($db))); $message = PMA_message::error($message); PMA_ajaxResponse($message, false); } } } } }
/** * runs a query and returns the result * * @param string $query query to run * @param resource $link mysql link resource * @param integer $options query options * @param bool $cache_affected_rows whether to cache affected row * * @return mixed */ function PMA_DBI_try_query($query, $link = null, $options = 0, $cache_affected_rows = true) { if (empty($link)) { if (isset($GLOBALS['userlink'])) { $link = $GLOBALS['userlink']; } else { return false; } } if ($GLOBALS['cfg']['DBG']['sql']) { $time = microtime(true); } $result = PMA_DBI_real_query($query, $link, $options); if ($cache_affected_rows) { $GLOBALS['cached_affected_rows'] = PMA_DBI_affected_rows($link, $get_from_cache = false); } if ($GLOBALS['cfg']['DBG']['sql']) { $time = microtime(true) - $time; PMA_DBI_DBG_query($query, $link, $result, $time); } if ($result != false && PMA_Tracker::isActive() == true) { PMA_Tracker::handleQuery($query); } return $result; }
? $err_url . '&show_query=1&sql_query=' . urlencode($sql_query) : $err_url; PMA_mysqlDie($error, $full_sql_query, '', $full_err_url); } exit; } unset($error); // Gets the number of rows affected/returned // (This must be done immediately after the query because // mysql_affected_rows() reports about the last query done) if (! $is_affected) { $num_rows = ($result) ? @PMA_DBI_num_rows($result) : 0; } elseif (! isset($num_rows)) { $num_rows = @PMA_DBI_affected_rows(); } // Grabs the profiling results if (isset($_SESSION['profiling']) && PMA_profilingSupported()) { $profiling_results = PMA_DBI_fetch_result('SHOW PROFILE;'); } // Checks if the current database has changed // This could happen if the user sends a query like "USE `database`;" /** * commented out auto-switching to active database - really required? * bug #1814718 win: table list disappears (mixed case db names) * https://sourceforge.net/support/tracker.php?aid=1814718 * @todo RELEASE test and comit or rollback before release $current_db = PMA_DBI_fetch_value('SELECT DATABASE()');
/** * runs a query and returns the result * * @uses PMA_DBI_QUERY_STORE * @uses PMA_DBI_QUERY_UNBUFFERED * @uses $GLOBALS['userlink'] * @uses MYSQLI_STORE_RESULT * @uses MYSQLI_USE_RESULT * @uses mysqli_query() * @uses defined() * @param string $query query to execute * @param object mysqli $link mysqli object * @param integer $options * @param boolean $cache_affected_rows * @return mixed true, false or result object */ function PMA_DBI_try_query($query, $link = null, $options = 0, $cache_affected_rows = true) { if ($options == ($options | PMA_DBI_QUERY_STORE)) { $method = MYSQLI_STORE_RESULT; } elseif ($options == ($options | PMA_DBI_QUERY_UNBUFFERED)) { $method = MYSQLI_USE_RESULT; } else { $method = 0; } if (empty($link)) { if (isset($GLOBALS['userlink'])) { $link = $GLOBALS['userlink']; } else { return false; } } if ($GLOBALS['cfg']['DBG']['sql']) { $time = microtime(true); } $r = mysqli_query($link, $query, $method); if ($cache_affected_rows) { $GLOBALS['cached_affected_rows'] = PMA_DBI_affected_rows($link, $get_from_cache = false); } if ($GLOBALS['cfg']['DBG']['sql']) { $time = microtime(true) - $time; $hash = md5($query); if (isset($_SESSION['debug']['queries'][$hash])) { $_SESSION['debug']['queries'][$hash]['count']++; } else { $_SESSION['debug']['queries'][$hash] = array(); $_SESSION['debug']['queries'][$hash]['count'] = 1; $_SESSION['debug']['queries'][$hash]['query'] = $query; $_SESSION['debug']['queries'][$hash]['time'] = $time; } $trace = array(); foreach (debug_backtrace() as $trace_step) { $trace[] = PMA_Error::relPath($trace_step['file']) . '#' . $trace_step['line'] . ': ' . (isset($trace_step['class']) ? $trace_step['class'] : '') . (isset($trace_step['type']) ? $trace_step['type'] : '') . (isset($trace_step['function']) ? $trace_step['function'] : '') . '(' . (isset($trace_step['params']) ? implode(', ', $trace_step['params']) : '') . ')'; } $_SESSION['debug']['queries'][$hash]['trace'][] = $trace; } if ($r != FALSE && PMA_Tracker::isActive() == TRUE) { PMA_Tracker::handleQuery($query); } return $r; // From the PHP manual: // "note: returns true on success or false on failure. For SELECT, // SHOW, DESCRIBE or EXPLAIN, mysqli_query() will return a result object" // so, do not use the return value to feed mysqli_num_rows() if it's // a boolean }
/** * Runs query inside import buffer. This is needed to allow displaying * of last SELECT or SHOW results and simmilar nice stuff. * * @param string query to run * @param string query to display, this might be commented * @access public */ function PMA_importRunQuery($sql = '', $full = '') { global $import_run_buffer, $go_sql, $complete_query, $display_query, $sql_query, $cfg, $my_die, $error, $reload, $finished, $timeout_passed, $skip_queries, $executed_queries, $max_sql_len, $read_multiply, $cfg, $sql_query_disabled, $db, $run_query, $is_superuser; $read_multiply = 1; if (isset($import_run_buffer)) { // Should we skip something? if ($skip_queries > 0) { $skip_queries--; } else { if (!empty($import_run_buffer['sql']) && trim($import_run_buffer['sql']) != '') { if (!$cfg['AllowUserDropDatabase'] && !$is_superuser && preg_match('@DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE @i', $import_run_buffer['sql'])) { $message = $GLOBALS['strNoDropDatabases']; $show_error_header = TRUE; $error = TRUE; return; } $max_sql_len = max($max_sql_len, strlen($import_run_buffer['sql'])); if (!$sql_query_disabled) { $sql_query .= $import_run_buffer['full']; } $executed_queries++; if ($run_query && $finished && empty($sql) && !$error && (!empty($import_run_buffer['sql']) && preg_match('/^[\\s]*(SELECT|SHOW)/i', $import_run_buffer['sql']) || $executed_queries == 1)) { $go_sql = TRUE; if (!$sql_query_disabled) { $complete_query = $sql_query; $display_query = $sql_query; } else { $complete_query = ''; $display_query = ''; } $sql_query = $import_run_buffer['sql']; } elseif ($run_query) { $result = PMA_DBI_try_query($import_run_buffer['sql']); $msg = '# '; if ($result === FALSE) { // execution failed if (!isset($my_die)) { $my_die = array(); } $my_die[] = array('sql' => $import_run_buffer['full'], 'error' => PMA_DBI_getError()); if ($cfg['VerboseMultiSubmit']) { $msg .= $GLOBALS['strError']; } if (!$cfg['IgnoreMultiSubmitErrors']) { $error = TRUE; return; } } elseif ($cfg['VerboseMultiSubmit']) { $a_num_rows = (int) @PMA_DBI_num_rows($result); $a_aff_rows = (int) @PMA_DBI_affected_rows(); if ($a_num_rows > 0) { $msg .= $GLOBALS['strRows'] . ': ' . $a_num_rows; } elseif ($a_aff_rows > 0) { $a_rows = $msg .= $GLOBALS['strAffectedRows'] . ' ' . $a_aff_rows; } else { $msg .= $GLOBALS['strEmptyResultSet']; } } if (!$sql_query_disabled) { $sql_query .= $msg . "\n"; } // If a 'USE <db>' SQL-clause was found and the query succeeded, set our current $db to the new one if ($result != FALSE && preg_match('@^[\\s]*USE[[:space:]]*([\\S]+)@i', $import_run_buffer['sql'], $match)) { $db = trim($match[1]); $reload = TRUE; } if ($result != FALSE && preg_match('@^[\\s]*(DROP|CREATE)[\\s]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@im', $import_run_buffer['sql'])) { $reload = TRUE; } } // end run query } elseif (!empty($import_run_buffer['full'])) { if ($go_sql) { $complete_query .= $import_run_buffer['full']; $display_query .= $import_run_buffer['full']; } else { if (!$sql_query_disabled) { $sql_query .= $import_run_buffer['full']; } } } // check length of query unless we decided to pass it to sql.php if (!$go_sql) { if ($cfg['VerboseMultiSubmit'] && !empty($sql_query)) { if (strlen($sql_query) > 50000 || $executed_queries > 50 || $max_sql_len > 1000) { $sql_query = ''; $sql_query_disabled = TRUE; } } else { if (strlen($sql_query) > 10000 || $executed_queries > 10 || $max_sql_len > 500) { $sql_query = ''; $sql_query_disabled = TRUE; } } } } // end do query (no skip) } // end buffer exists // Do we have something to push into buffer? if (!empty($sql) || !empty($full)) { $import_run_buffer = array('sql' => $sql, 'full' => $full); } else { unset($GLOBALS['import_run_buffer']); } }
/** * Executes the sql query and get the result, then move back to the calling page * * @param array $url_params url paramters array * @param string $query built query from PMA_buildSqlQuery() * * @return array $url_params, $total_affected_rows, $last_messages * $warning_messages, $error_messages, $return_to_sql_query */ function PMA_executeSqlQuery($url_params, $query) { $return_to_sql_query = ''; if (!empty($GLOBALS['sql_query'])) { $url_params['sql_query'] = $GLOBALS['sql_query']; $return_to_sql_query = $GLOBALS['sql_query']; } $GLOBALS['sql_query'] = implode('; ', $query) . ';'; // to ensure that the query is displayed in case of // "insert as new row" and then "insert another new row" $GLOBALS['display_query'] = $GLOBALS['sql_query']; $total_affected_rows = 0; $last_messages = array(); $warning_messages = array(); $error_messages = array(); foreach ($query as $single_query) { if ($_REQUEST['submit_type'] == 'showinsert') { $last_messages[] = PMA_Message::notice(__('Showing SQL query')); continue; } if ($GLOBALS['cfg']['IgnoreMultiSubmitErrors']) { $result = PMA_DBI_try_query($single_query); } else { $result = PMA_DBI_query($single_query); } if (!$result) { $error_messages[] = PMA_Message::sanitize(PMA_DBI_getError()); } else { // The next line contains a real assignment, it's not a typo if ($tmp = @PMA_DBI_affected_rows()) { $total_affected_rows += $tmp; } unset($tmp); $insert_id = PMA_DBI_insert_id(); if ($insert_id != 0) { // insert_id is id of FIRST record inserted in one insert, so if we // inserted multiple rows, we had to increment this if ($total_affected_rows > 0) { $insert_id = $insert_id + $total_affected_rows - 1; } $last_message = PMA_Message::notice(__('Inserted row id: %1$d')); $last_message->addParam($insert_id); $last_messages[] = $last_message; } PMA_DBI_free_result($result); } $warning_messages = PMA_getWarningMessages(); } return array($url_params, $total_affected_rows, $last_messages, $warning_messages, $error_messages, $return_to_sql_query); }
$error_messages = array(); foreach ($query as $single_query) { if ($_REQUEST['submit_type'] == 'showinsert') { $last_messages[] = PMA_Message::notice(__('Showing SQL query')); continue; } if ($GLOBALS['cfg']['IgnoreMultiSubmitErrors']) { $result = PMA_DBI_try_query($single_query); } else { $result = PMA_DBI_query($single_query); } if (!$result) { $error_messages[] = PMA_Message::sanitize(PMA_DBI_getError()); } else { // The next line contains a real assignment, it's not a typo if ($tmp = @PMA_DBI_affected_rows()) { $total_affected_rows += $tmp; } unset($tmp); $insert_id = PMA_DBI_insert_id(); if ($insert_id != 0) { // insert_id is id of FIRST record inserted in one insert, so if we // inserted multiple rows, we had to increment this if ($total_affected_rows > 0) { $insert_id = $insert_id + $total_affected_rows - 1; } $last_message = PMA_Message::notice(__('Inserted row id: %1$d')); $last_message->addParam($insert_id); $last_messages[] = $last_message; } PMA_DBI_free_result($result);
echo ' <input type="hidden" name="tablename" value="' . htmlspecialchars($tablename) . '" />' . "\n"; } } echo ' <b>' . $strEditPrivileges . '</b><br />' . "\n"; PMA_displayPrivTable(empty($dbname) ? '*' : $dbname, empty($dbname) || empty($tablename) ? '*' : $tablename, TRUE, 3); echo ' </form>' . "\n" . ' </li>' . "\n"; if (empty($tablename)) { echo ' <li>' . "\n" . ' <b>' . (empty($dbname) ? $strDbPrivileges : $strTblPrivileges) . '</b><br />' . "\n" . ' <table border="0" cellpadding="2" cellspacing="1">' . "\n" . ' <tr>' . "\n" . ' <th> ' . (empty($dbname) ? $strDatabase : $strTable) . ' </th>' . "\n" . ' <th> ' . $strPrivileges . ' </th>' . "\n" . ' <th> ' . $strGrantOption . ' </th>' . "\n" . ' <th> ' . (empty($dbname) ? $strTblPrivileges : $strColumnPrivileges) . ' </th>' . "\n" . ' <th colspan="2"> ' . $strAction . ' </th>' . "\n" . ' </tr>' . "\n"; $user_host_condition = ' WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted'); if (empty($dbname)) { $sql_query = 'SELECT * FROM `db`' . $user_host_condition . ' ORDER BY `Db` ASC;'; } else { $sql_query = 'SELECT `Table_name`, `Table_priv`, IF(`Column_priv` = ' . (PMA_MYSQL_INT_VERSION >= 40100 ? '_latin1 ' : '') . ' \'\', 0, 1) AS \'Column_priv\' FROM `tables_priv`' . $user_host_condition . ' AND ' . PMA_convert_using('Db') . ' = ' . PMA_convert_using($dbname, 'quoted') . ' ORDER BY `Table_name` ASC;'; } $res = PMA_DBI_query($sql_query, NULL, PMA_DBI_QUERY_STORE); if (PMA_DBI_affected_rows() == 0) { echo ' <tr>' . "\n" . ' <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="6"><center><i>' . $strNone . '</i></center></td>' . "\n" . ' </tr>' . "\n"; } else { $useBgcolorOne = TRUE; if (empty($dbname)) { $res2 = PMA_DBI_query('SELECT `Db` FROM `tables_priv`' . $user_host_condition . ' GROUP BY `Db` ORDER BY `Db` ASC;'); $row2 = PMA_DBI_fetch_assoc($res2); } $found_rows = array(); while ($row = PMA_DBI_fetch_assoc($res)) { while (empty($dbname) && $row2 && $row['Db'] > $row2['Db']) { $found_rows[] = $row2['Db']; echo ' <tr>' . "\n" . ' <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . htmlspecialchars($row2['Db']) . '</td>' . "\n" . ' <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><tt>' . "\n" . ' <dfn title="' . $strPrivDescUsage . '">USAGE</dfn>' . "\n" . ' </tt></td>' . "\n" . ' <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . $strNo . '</td>' . "\n" . ' <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . $strYes . '</td>' . "\n" . ' <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><a href="server_privileges.php?' . $url_query . '&username='******'&hostname=' . urlencode($hostname) . '&dbname=' . urlencode($row2['Db']) . '">' . $strEdit . '</a></td>' . "\n" . ' <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><a href="server_privileges.php?' . $url_query . '&username='******'&hostname=' . urlencode($hostname) . '&dbname=' . urlencode($row2['Db']) . '&revokeall=1">' . $strRevoke . '</a></td>' . "\n" . ' </tr>' . "\n"; $row2 = PMA_DBI_fetch_assoc($res2); $useBgcolorOne = !$useBgcolorOne; }
$my_die = array(); $my_die[] = $a_sql_query; } else { $my_die = $a_sql_query; } if ($cfg['VerboseMultiSubmit']) { $info_msg .= $a_sql_query . '; # ' . $strError . "\n"; $info_count++; } if (!$cfg['IgnoreMultiSubmitErrors']) { break; } } else { if ($cfg['VerboseMultiSubmit']) { $a_num_rows = (int) @PMA_DBI_num_rows($result); $a_aff_rows = (int) @PMA_DBI_affected_rows(); if ($a_num_rows > 0) { $a_rows = $a_num_rows; $a_switch = $strRows . ': '; } elseif ($a_aff_rows > 0) { $a_rows = $a_aff_rows; $a_switch = $strAffectedRows; } else { $a_rows = ''; $a_switch = $strEmptyResultSet; } $info_msg .= $a_sql_query . "; # " . $a_switch . $a_rows . "\n"; $info_count++; } } // If a 'USE <db>' SQL-clause was found and the query succeeded, set our current $db to the new one
/** * Generate table html when SQL statement have multiple queries * which return displayable results * * @param PMA_DisplayResults $displayResultsObject object * @param string $db database name * @param array $sql_data information about SQL statement * @param string $goto URL to go back in case of errors * @param string $pmaThemeImage path for theme images directory * @param string $text_dir text direction * @param string $printview whether printview is enabled * @param string $url_query URL query * @param array $disp_mode the display mode * @param string $sql_limit_to_append limit clause * @param bool $editable whether result set is editable * * @return string $table_html html content */ function getTableHtmlForMultipleQueries($displayResultsObject, $db, $sql_data, $goto, $pmaThemeImage, $text_dir, $printview, $url_query, $disp_mode, $sql_limit_to_append, $editable) { $table_html = ''; $tables_array = PMA_DBI_get_tables($db); $databases_array = PMA_DBI_get_databases_full(); $multi_sql = implode(";", $sql_data['valid_sql']); $querytime_before = array_sum(explode(' ', microtime())); // Assignment for variable is not needed since the results are // looiping using the connection @PMA_DBI_try_multi_query($multi_sql); $querytime_after = array_sum(explode(' ', microtime())); $querytime = $querytime_after - $querytime_before; $sql_no = 0; do { $analyzed_sql = array(); $is_affected = false; $result = PMA_DBI_store_result(); $fields_meta = $result !== false ? PMA_DBI_get_fields_meta($result) : array(); $fields_cnt = count($fields_meta); // Initialize needed params related to each query in multiquery statement if (isset($sql_data['valid_sql'][$sql_no])) { // 'Use' query can change the database if (stripos($sql_data['valid_sql'][$sql_no], "use ")) { $db = PMA_getNewDatabase($sql_data['valid_sql'][$sql_no], $databases_array); } $parsed_sql = PMA_SQP_parse($sql_data['valid_sql'][$sql_no]); $table = PMA_getTableNameBySQL($sql_data['valid_sql'][$sql_no], $tables_array); $analyzed_sql = PMA_SQP_analyze($parsed_sql); $is_select = isset($analyzed_sql[0]['queryflags']['select_from']); $unlim_num_rows = PMA_Table::countRecords($db, $table, true); $showtable = PMA_Table::sGetStatusInfo($db, $table, null, true); $url_query = PMA_generate_common_url($db, $table); list($is_group, $is_func, $is_count, $is_export, $is_analyse, $is_explain, $is_delete, $is_affected, $is_insert, $is_replace, $is_show, $is_maint) = PMA_getDisplayPropertyParams($sql_data['valid_sql'][$sql_no], $is_select); // Handle remembered sorting order, only for single table query if ($GLOBALS['cfg']['RememberSorting'] && !($is_count || $is_export || $is_func || $is_analyse) && isset($analyzed_sql[0]['select_expr']) && count($analyzed_sql[0]['select_expr']) == 0 && isset($analyzed_sql[0]['queryflags']['select_from']) && count($analyzed_sql[0]['table_ref']) == 1) { PMA_handleSortOrder($db, $table, $analyzed_sql, $sql_data['valid_sql'][$sql_no]); } // Do append a "LIMIT" clause? if ($_SESSION['tmp_user_values']['max_rows'] != 'all' && !($is_count || $is_export || $is_func || $is_analyse) && isset($analyzed_sql[0]['queryflags']['select_from']) && !isset($analyzed_sql[0]['queryflags']['offset']) && empty($analyzed_sql[0]['limit_clause'])) { $sql_limit_to_append = ' LIMIT ' . $_SESSION['tmp_user_values']['pos'] . ', ' . $_SESSION['tmp_user_values']['max_rows'] . " "; $sql_data['valid_sql'][$sql_no] = PMA_getSqlWithLimitClause($sql_data['valid_sql'][$sql_no], $analyzed_sql, $sql_limit_to_append); } // Set the needed properties related to executing sql query $displayResultsObject->__set('db', $db); $displayResultsObject->__set('table', $table); $displayResultsObject->__set('goto', $goto); } if (!$is_affected) { $num_rows = $result ? @PMA_DBI_num_rows($result) : 0; } elseif (!isset($num_rows)) { $num_rows = @PMA_DBI_affected_rows(); } if (isset($sql_data['valid_sql'][$sql_no])) { $displayResultsObject->__set('sql_query', $sql_data['valid_sql'][$sql_no]); $displayResultsObject->setProperties($unlim_num_rows, $fields_meta, $is_count, $is_export, $is_func, $is_analyse, $num_rows, $fields_cnt, $querytime, $pmaThemeImage, $text_dir, $is_maint, $is_explain, $is_show, $showtable, $printview, $url_query, $editable); } if ($num_rows == 0) { continue; } // With multiple results, operations are limied $disp_mode = 'nnnn000000'; $is_limited_display = true; // Collect the tables $table_html .= $displayResultsObject->getTable($result, $disp_mode, $analyzed_sql, $is_limited_display); // Free the result to save the memory PMA_DBI_free_result($result); $sql_no++; } while (PMA_DBI_more_results() && PMA_DBI_next_result()); return $table_html; }
*/ require './' . PMA_securePath($goto); } else { $full_err_url = preg_match('@^(db|tbl)_@', $err_url) ? $err_url . '&show_query=1&sql_query=' . urlencode($sql_query) : $err_url; PMA_mysqlDie($error, $full_sql_query, '', $full_err_url); } exit; } unset($error); // Gets the number of rows affected/returned // (This must be done immediately after the query because // mysql_affected_rows() reports about the last query done) if (!$is_affected) { $num_rows = $result ? @PMA_DBI_num_rows($result) : 0; } elseif (!isset($num_rows)) { $num_rows = @PMA_DBI_affected_rows($result); } // Grabs the profiling results if (isset($_SESSION['profiling']) && PMA_profilingSupported()) { $profiling_results = PMA_DBI_fetch_result('SHOW PROFILE'); } // Checks if the current database has changed // This could happen if the user sends a query like "USE `database`;" /** * commented out auto-switching to active database - really required? * bug #1814718 win: table list disappears (mixed case db names) * https://sourceforge.net/support/tracker.php?aid=1814718 * @todo RELEASE test and comit or rollback before release $current_db = PMA_DBI_fetch_value('SELECT DATABASE()'); if ($db !== $current_db) { $db = $current_db;
/** * Runs query inside import buffer. This is needed to allow displaying * of last SELECT, SHOW or HANDLER results and similar nice stuff. * * @param string $sql query to run * @param string $full query to display, this might be commented * @param bool $controluser whether to use control user for queries * @param array &$sql_data * * @return void * @access public */ function PMA_importRunQuery($sql = '', $full = '', $controluser = false, &$sql_data = array()) { global $import_run_buffer, $go_sql, $complete_query, $display_query, $sql_query, $my_die, $error, $reload, $last_query_with_results, $skip_queries, $executed_queries, $max_sql_len, $read_multiply, $cfg, $sql_query_disabled, $db, $run_query, $is_superuser; $read_multiply = 1; if (isset($import_run_buffer)) { // Should we skip something? if ($skip_queries > 0) { $skip_queries--; } else { if (!empty($import_run_buffer['sql']) && trim($import_run_buffer['sql']) != '') { // USE query changes the database, son need to track // while running multiple queries $is_use_query = stripos($import_run_buffer['sql'], "use ") !== false ? true : false; $max_sql_len = max($max_sql_len, strlen($import_run_buffer['sql'])); if (!$sql_query_disabled) { $sql_query .= $import_run_buffer['full']; } if (!$cfg['AllowUserDropDatabase'] && !$is_superuser && preg_match('@^[[:space:]]*DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE @i', $import_run_buffer['sql'])) { $GLOBALS['message'] = PMA_Message::error(__('"DROP DATABASE" statements are disabled.')); $error = true; } else { $executed_queries++; if ($run_query && $GLOBALS['finished'] && empty($sql) && !$error && (!empty($import_run_buffer['sql']) && preg_match('/^[\\s]*(SELECT|SHOW|HANDLER)/i', $import_run_buffer['sql']) || $executed_queries == 1)) { $go_sql = true; if (!$sql_query_disabled) { $complete_query = $sql_query; $display_query = $sql_query; } else { $complete_query = ''; $display_query = ''; } $sql_query = $import_run_buffer['sql']; $sql_data['valid_sql'][] = $import_run_buffer['sql']; $sql_data['valid_queries']++; // If a 'USE <db>' SQL-clause was found, // set our current $db to the new one list($db, $reload) = PMA_lookForUse($import_run_buffer['sql'], $db, $reload); } elseif ($run_query) { if ($controluser) { $result = PMA_queryAsControlUser($import_run_buffer['sql']); } else { $result = PMA_DBI_try_query($import_run_buffer['sql']); } $msg = '# '; if ($result === false) { // execution failed if (!isset($my_die)) { $my_die = array(); } $my_die[] = array('sql' => $import_run_buffer['full'], 'error' => PMA_DBI_getError()); $msg .= __('Error'); if (!$cfg['IgnoreMultiSubmitErrors']) { $error = true; return; } } else { $a_num_rows = (int) @PMA_DBI_num_rows($result); $a_aff_rows = (int) @PMA_DBI_affected_rows(); if ($a_num_rows > 0) { $msg .= __('Rows') . ': ' . $a_num_rows; $last_query_with_results = $import_run_buffer['sql']; } elseif ($a_aff_rows > 0) { $message = PMA_Message::getMessageForAffectedRows($a_aff_rows); $msg .= $message->getMessage(); } else { $msg .= __('MySQL returned an empty result set (i.e. zero rows).'); } if ($a_num_rows > 0 || $is_use_query) { $sql_data['valid_sql'][] = $import_run_buffer['sql']; $sql_data['valid_queries']++; } } if (!$sql_query_disabled) { $sql_query .= $msg . "\n"; } // If a 'USE <db>' SQL-clause was found and the query // succeeded, set our current $db to the new one if ($result != false) { list($db, $reload) = PMA_lookForUse($import_run_buffer['sql'], $db, $reload); } if ($result != false && preg_match('@^[\\s]*(DROP|CREATE)[\\s]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@im', $import_run_buffer['sql'])) { $reload = true; } } // end run query } // end if not DROP DATABASE // end non empty query } elseif (!empty($import_run_buffer['full'])) { if ($go_sql) { $complete_query .= $import_run_buffer['full']; $display_query .= $import_run_buffer['full']; } else { if (!$sql_query_disabled) { $sql_query .= $import_run_buffer['full']; } } } // check length of query unless we decided to pass it to sql.php // (if $run_query is false, we are just displaying so show // the complete query in the textarea) if (!$go_sql && $run_query) { if (!empty($sql_query)) { if (strlen($sql_query) > 50000 || $executed_queries > 50 || $max_sql_len > 1000) { $sql_query = ''; $sql_query_disabled = true; } } } } // end do query (no skip) } // end buffer exists // Do we have something to push into buffer? if (!empty($sql) || !empty($full)) { $import_run_buffer = array('sql' => $sql, 'full' => $full); } else { unset($GLOBALS['import_run_buffer']); } }
/** * runs a query and returns the result * * @param string $query query to run * @param resource $link mysql link resource * @param integer $options * @return mixed */ function PMA_DBI_try_query($query, $link = null, $options = 0, $cache_affected_rows = true) { //print_r($query); if (empty($link)) { if (isset($GLOBALS['userlink'])) { $link = $GLOBALS['userlink']; } else { return false; } } if ($GLOBALS['cfg']['DBG']['sql']) { $time = microtime(true); } /* if ($options == ($options | PMA_DBI_QUERY_STORE)) { $r = mysql_query($query, $link); } elseif ($options == ($options | PMA_DBI_QUERY_UNBUFFERED)) { $r = mysql_unbuffered_query($query, $link); } else { $r = mysql_query($query, $link); } */ $stid = oci_parse($link, $query); if (!$stid) { $e = oci_error($link); // For oci_execute errors pass the statement handle PMA_mysqlDie($e['message'], $query); } $result_sql = oci_execute($stid); if (!$result_sql) { $e = oci_error($stid); // For oci_execute errors pass the statement handle //$error_str = ($e['message']) //. ($e['sqltext']); $sql_str = substr_replace($e['sqltext'], '^', $e['offset'], 0); PMA_mysqlDie($e['message'], $sql_str); } $r = $stid; if ($cache_affected_rows) { $GLOBALS['cached_affected_rows'] = PMA_DBI_affected_rows($r, $get_from_cache = false); } if ($GLOBALS['cfg']['DBG']['sql']) { $time = microtime(true) - $time; $hash = md5($query); if (isset($_SESSION['debug']['queries'][$hash])) { $_SESSION['debug']['queries'][$hash]['count']++; } else { $_SESSION['debug']['queries'][$hash] = array(); $_SESSION['debug']['queries'][$hash]['count'] = 1; $_SESSION['debug']['queries'][$hash]['query'] = $query; $_SESSION['debug']['queries'][$hash]['time'] = $time; } $trace = array(); foreach (debug_backtrace() as $trace_step) { $trace[] = PMA_Error::relPath($trace_step['file']) . '#' . $trace_step['line'] . ': ' . (isset($trace_step['class']) ? $trace_step['class'] : '') . (isset($trace_step['type']) ? $trace_step['type'] : '') . (isset($trace_step['function']) ? $trace_step['function'] : '') . '(' . (isset($trace_step['params']) ? implode(', ', $trace_step['params']) : '') . ')'; } $_SESSION['debug']['queries'][$hash]['trace'][] = $trace; } if ($r != FALSE && PMA_Tracker::isActive() == TRUE) { PMA_Tracker::handleQuery($query); } return $r; }
if ($_REQUEST['submit_type'] == 'showinsert') { $last_messages[] = PMA_Message::notice(__('Showing SQL query')); continue; } if ($GLOBALS['cfg']['IgnoreMultiSubmitErrors']) { $result = PMA_DBI_try_query($single_query); } else { $result = PMA_DBI_query($single_query); } $error_messages[] = PMA_Message::sanitize(PMA_DBI_getError($result)); if (!$result) { $error_messages[] = PMA_Message::sanitize(PMA_DBI_getError($result)); print_r('sdfadfas'); } else { // The next line contains a real assignment, it's not a typo if ($tmp = @PMA_DBI_affected_rows($result)) { $total_affected_rows += $tmp; } unset($tmp); /* $insert_id = PMA_DBI_insert_id(); if ($insert_id != 0) { // insert_id is id of FIRST record inserted in one insert, so if we // inserted multiple rows, we had to increment this if ($total_affected_rows > 0) { $insert_id = $insert_id + $total_affected_rows - 1; } $last_message = PMA_Message::notice(__('Inserted row id: %1$d')); $last_message->addParam($insert_id); $last_messages[] = $last_message;