if ($key == "COUNT(*)") {
//! columns looking like functions
$link = h(ME . "select=" . urlencode($TABLE));
$i = 0;
foreach ((array) $_GET["where"] as $v) {
if (!array_key_exists($v["col"], $unique_array)) {
$link .= h(where_link($i++, $v["col"], $v["val"], $v["op"]));
}
}
foreach ($unique_array as $k => $v) {
$link .= h(where_link($i++, $k, $v));
}
}
}
if (!$link) {
if (is_mail($val)) {
$link = "mailto:{$val}";
}
if ($protocol = is_url($row[$key])) {
$link = $protocol == "http" && $HTTPS ? $row[$key] : "{$protocol}://www.adminer.org/redirect/?url=" . urlencode($row[$key]);
}
}
$id = h("val[{$unique_idf}][" . bracket_escape($key) . "]");
$value = $_POST["val"][$unique_idf][bracket_escape($key)];
$h_value = h($value !== null ? $value : $row[$key]);
$long = strpos($val, "<i>...</i>");
$editable = is_utf8($val) && $rows[$n][$key] == $row[$key] && !$functions[$key];
$text = ereg('text|lob', $field["type"]);
echo $_GET["modify"] && $editable || $value !== null ? "<td>" . ($text ? "<textarea name='{$id}' cols='30' rows='" . (substr_count($row[$key], "\n") + 1) . "'>{$h_value}</textarea>" : "<input name='{$id}' value='{$h_value}' size='{$lengths[$key]}'>") : "<td id='{$id}' ondblclick=\"" . ($editable ? "selectDblClick(this, event" . ($long ? ", 2" : ($text ? ", 1" : "")) . ")" : "alert('" . h(lang('Use edit link to modify this value.')) . "')") . ";\">" . $adminer->selectVal($val, $link, $field);
}
}
/** Format value to use in select
* @param string
* @param string
* @param array
* @param int
* @return string HTML
*/
function select_value($val, $link, $field, $text_length)
{
global $adminer, $HTTPS;
if (is_array($val)) {
$return = "";
foreach ($val as $k => $v) {
$return .= "<tr>" . ($val != array_values($val) ? "<th>" . h($k) : "") . "<td>" . select_value($v, $link, $field, $text_length);
}
return "<table cellspacing='0'>{$return}</table>";
}
if (!$link) {
$link = $adminer->selectLink($val, $field);
}
if ($link === null) {
if (is_mail($val)) {
$link = "mailto:{$val}";
}
if ($protocol = is_url($val)) {
$link = $protocol == "http" && $HTTPS || preg_match('~WebKit~i', $_SERVER["HTTP_USER_AGENT"]) ? $val : "https://www.adminer.org/redirect/?url=" . urlencode($val);
}
}
$return = $adminer->editVal($val, $field);
if ($return !== null) {
if ($return === "") {
// === - may be int
$return = " ";
} elseif (!is_utf8($return)) {
$return = "";
// htmlspecialchars of binary data returns an empty string
} elseif ($text_length != "" && is_shortable($field)) {
$return = shorten_utf8($return, max(0, +$text_length));
// usage of LEFT() would reduce traffic but complicate query - expected average speedup: .001 s VS .01 s on local network
} else {
$return = h($return);
}
}
return $adminer->selectVal($return, $link, $field, $val);
}
function info_check()
{
if (!isset($this->user_info['user']) || empty($this->user_info['user'])) {
return "用户名为空";
}
if (strlen($this->user_info['user']) > 20 || strlen($this->user_info['user']) < 4) {
return "用户名长度不符";
}
if (is_numeric($this->user_info['user'])) {
return "用户名不能全为数字";
}
if (is_numeric($this->user_info['user'][0])) {
return "用户名首位不能为数字";
}
if (!isset($this->user_info['pwd']) || !isset($this->user_info['pwd2']) || $this->user_info['pwd'] == '') {
return "密码为空";
}
if (strlen($this->user_info['pwd']) < 6) {
return "密码必须大于6位";
}
if (strlen($this->user_info['pwd']) > 16) {
return "密码必须不能大于16位";
}
if ($this->user_info['pwd'] != $this->user_info['pwd2']) {
return "两次密码不一致";
}
if (isset($this->user_info['email'])) {
if (!is_mail($this->user_info['email'])) {
return "邮箱不正确";
}
}
if (isset($this->user_info['tel']) && strlen($this->user_info['tel']) != 11) {
return "手机号码错误";
}
return 'OK';
}
$max_len = $field["type"] == "textarea" ? 65536 : 1024;
// 65 kilobytes max for textarea and 1024 for other
$value = $_POST["wb_input_{$idx}"];
$value = htmlspecialchars($value);
$value = @substr($value, 0, $max_len);
if ($field["type"] == "select") {
$options = explode(";", $field["options"]);
$data[$idx] = trim($options[intval($value)]);
} else {
$data[$idx] = $value;
}
if ($field["fidx"] == 0) {
$mail_from_name = $value;
}
if ($field["fidx"] == 1) {
$mail_from = is_mail($value);
}
}
if (!$mail_from_name) {
$mail_from_name = "Anonymous";
}
if (!$mail_from) {
$mail_from = $mail_to;
}
global $wb_form_send_state;
$wb_form_send_state = false;
if ($mail_to) {
$mailer = new PHPMailer();
$mailer->PluginDir = dirname(__FILE__) . "/phpmailer/";
$style = "* { font: 12px Arial; }\nstrong { font-weight: bold; }";
$mailer->AddAddress($mail_to);
function handleForms($page_id)
{
global $forms, $formErrors, $def_lang, $lang, $user_domain;
$formErrors = new stdClass();
// check to ensure that all parameters are ok as well as protect from bots
// and hackers
if (!isset($_POST['wb_form_id']) || $_POST['message'] !== '' || !isset($forms) || !is_array($forms) || !isset($page_id) || !(isset($forms[$page_id]) || isset($forms['blog'])) || !(isset($forms[$page_id][$_POST['wb_form_id']]) || isset($forms['blog'][$_POST['wb_form_id']])) || !(isset($forms[$page_id][$_POST['wb_form_id']]['fields']) || isset($forms['blog'][$_POST['wb_form_id']]['fields'])) || isset($_POST['forms']) || isset($_GET['forms'])) {
return;
}
$replyToMode = true;
if (!class_exists('PHPMailer')) {
include dirname(__FILE__) . '/phpmailer/class.phpmailer.php';
}
$form = isset($forms[$page_id][$_POST['wb_form_id']]) ? $forms[$page_id][$_POST['wb_form_id']] : $forms['blog'][$_POST['wb_form_id']];
$fields = $form['fields'];
$email_list = array_map('trim', explode(';', $form['email']));
$mail_to = array();
foreach ($email_list as $eml) {
if ($m = is_mail($eml)) {
$mail_to[] = $m;
}
}
$mail_from = reset($mail_to);
$mail_from_name = 'NoName';
global $wb_form_send_state;
$wb_form_send_state = false;
$data = array();
foreach ($fields as $idx => $field) {
if (!isset($_POST["wb_input_{$idx}"])) {
return;
// all fields must be present
}
$max_len = $field["type"] == "textarea" ? 65536 : 1024;
// 65 kilobytes max for textarea and 1024 for other
$value = $_POST["wb_input_{$idx}"];
if (empty($value) && strlen($value) == 0) {
if (!isset($formErrors->required)) {
$formErrors->required = array();
}
$formErrors->required[] = "wb_input_{$idx}";
}
$value = htmlspecialchars($value);
$value = @substr($value, 0, $max_len);
if ($field["type"] == "select") {
$options = explode(";", tr_($field["options"], $lang));
$data[$idx] = trim($options[intval($value)]);
} else {
$data[$idx] = $value;
}
if ($field["fidx"] == 0) {
$mail_from_name = $value;
}
if ($field["fidx"] == 1) {
$mail_from = is_mail($value);
}
}
$formErrors_t = (array) $formErrors;
if (!empty($formErrors_t)) {
return;
}
// must not have any errors
if (!$mail_from_name) {
$mail_from_name = "Anonymous";
}
if (!$mail_from) {
$mail_from = reset($mail_to);
}
if (!empty($mail_to)) {
$mailer = new PHPMailer();
// $mailer->PluginDir = dirname(__FILE__) . "/phpmailer/";
if (isset($form['smtpEnable']) && $form['smtpEnable']) {
include dirname(__FILE__) . '/phpmailer/class.smtp.php';
$mailer->isSMTP();
$mailer->Host = isset($form['smtpHost']) && $form['smtpHost'] ? $form['smtpHost'] : 'localhost';
$mailer->Port = isset($form['smtpPort']) && intval($form['smtpPort']) ? intval($form['smtpPort']) : 25;
$mailer->SMTPSecure = isset($form['smtpEncryption']) && $form['smtpEncryption'] ? $form['smtpEncryption'] : '';
if (isset($form['smtpUsername']) && $form['smtpUsername'] && isset($form['smtpPassword']) && $form['smtpPassword']) {
$mailer->SMTPAuth = true;
$mailer->Username = isset($form['smtpUsername']) && $form['smtpUsername'] ? $form['smtpUsername'] : '';
$mailer->Password = isset($form['smtpPassword']) && $form['smtpPassword'] ? $form['smtpPassword'] : '';
}
}
$style = "* { font: 12px Arial; }\nstrong { font-weight: bold; }";
foreach ($mail_to as $eml) {
$mailer->AddAddress($eml);
}
if ($replyToMode) {
$mailer->SetFrom('no-reply@' . $user_domain, $mail_from_name);
$mailer->addReplyTo($mail_from, $mail_from_name);
} else {
$mailer->SetFrom($mail_from, $mail_from_name);
}
$mailer->CharSet = 'utf-8';
//$mailer->MsgHTML(preg_replace('/([\x{80}-\x{FFFFFF}])/ue', "mb_convert_encoding('$1', 'HTML-ENTITIES', 'UTF-8')", $tpl->getHTML()));
$message = '<table cellspacing="5" cellpadding="0">';
foreach ($fields as $idx => $field) {
$name = tr_($field["name"]);
$value = $data[$idx];
if ($field["type"] == "textarea") {
$message .= "<tr><td colspan=\"2\"><strong>{$name}: </strong></td></tr>\n<tr><td colspan=\"2\">" . nl2br($value) . "</td></tr>\n";
} else {
$message .= "<tr><td><strong>{$name}: </strong></td><td>" . nl2br($value) . "</td></tr>\n";
}
}
$message .= '</table>';
$html = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>' . $form["subject"] . '</title>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
' . ($style ? "<style><!--\n{$style}\n--></style>\n\t\t" : "") . '</head>
<body>' . $message . '</body>
</html>';
$mailer->MsgHTML($html);
$mailer->AltBody = strip_tags(str_replace("</tr>", "</tr>\n", $message));
$mailer->Subject = $form["subject"];
ob_start();
$res = $mailer->Send();
$err = ob_get_clean();
if ($res) {
$wb_form_send_state = isset($form['sentMessage']) && $form['sentMessage'] ? $form['sentMessage'] : 'Form was sent.';
} else {
$wb_form_send_state = 'Form sending failed.';
}
} else {
$wb_form_send_state = 'Form configuration error.';
}
}
$unique_idf = "";
foreach ($unique_array as $key => $val) {
if (($jush == "sql" || $jush == "pgsql") && strlen($val) > 64) {
$key = strpos($key, '(') ? $key : idf_escape($key);
//! columns looking like functions
$key = "MD5(" . ($jush == 'sql' && preg_match("~^utf8_~", $fields[$key]["collation"]) ? $key : "CONVERT({$key} USING " . charset($connection) . ")") . ")";
$val = md5($val);
}
$unique_idf .= "&" . ($val !== null ? urlencode("where[" . bracket_escape($key) . "]") . "=" . urlencode($val) : "null%5B%5D=" . urlencode($key));
}
echo "<tr" . odd() . ">" . (!$group && $select ? "" : "<td>" . checkbox("check[]", substr($unique_idf, 1), in_array(substr($unique_idf, 1), (array) $_POST["check"]), "", "this.form['all'].checked = false; formUncheck('all-page');") . ($is_group || information_schema(DB) ? "" : " <a data-toggle='tooltip' data-placement='top' title='" . lang('edit') . "' class='btn btn-xs btn-default' href='" . h(ME . "edit=" . urlencode($TABLE) . $unique_idf) . "'><i class='fa fa-pencil fa-fw'></i></a>"));
foreach ($row as $key => $val) {
if (isset($names[$key])) {
$field = $fields[$key];
if ($val != "" && (!isset($email_fields[$key]) || $email_fields[$key] != "")) {
$email_fields[$key] = is_mail($val) ? $names[$key] : "";
//! filled e-mails can be contained on other pages
}
$link = "";
if (preg_match('~blob|bytea|raw|file~', $field["type"]) && $val != "") {
$link = ME . 'download=' . urlencode($TABLE) . '&field=' . urlencode($key) . $unique_idf;
}
if (!$link && $val !== null) {
// link related items
foreach ((array) $foreign_keys[$key] as $foreign_key) {
if (count($foreign_keys[$key]) == 1 || end($foreign_key["source"]) == $key) {
$link = "";
foreach ($foreign_key["source"] as $i => $source) {
$link .= where_link($i, $foreign_key["target"][$i], $rows[$n][$source]);
}
$link = ($foreign_key["db"] != "" ? preg_replace('~([?&]db=)[^&]+~', '\\1' . urlencode($foreign_key["db"]), ME) : ME) . 'select=' . urlencode($foreign_key["table"]) . $link;
