/** * Invoke method, every class will have its own * returns true/false on completion, setting both * errormsg and output as necessary */ function invoke() { parent::invoke(); $result = true; /// Set own core attributes $this->does_generate = ACTION_GENERATE_HTML; /// These are always here global $CFG, $XMLDB, $DB; /// Calculate list of available SQL generators require_once "{$CFG->libdir}/ddl/sql_generator.php"; $reserved_words = sql_generator::getAllReservedWords(); /// Now, calculate, looking into current DB (with AdoDB Metadata), which fields are /// in the list of reserved words $wronguses = array(); $dbtables = $DB->get_tables(); if ($dbtables) { foreach ($dbtables as $table) { if (array_key_exists($table, $reserved_words)) { $wronguses[] = $this->str['table'] . ' - ' . $table . ' (' . implode(', ', $reserved_words[$table]) . ')'; } $dbfields = $DB->get_columns($table); if ($dbfields) { foreach ($dbfields as $dbfield) { if (array_key_exists($dbfield->name, $reserved_words)) { $wronguses[] = $this->str['field'] . ' - ' . $table . '->' . $dbfield->name . ' (' . implode(', ', $reserved_words[$dbfield->name]) . ')'; } } } } } /// Sort the wrong uses sort($wronguses); /// The back to edit table button $b = ' <p class="centerpara buttons">'; $b .= '<a href="index.php">[' . $this->str['back'] . ']</a>'; $b .= '</p>'; $o = $b; /// The list of currently wrong field names if ($wronguses) { $o .= ' <table id="formelements" class="boxaligncenter" cellpadding="5">'; $o .= ' <tr><td align="center"><font color="red">' . $this->str['wrongreservedwords'] . '</font></td></tr>'; $o .= ' <tr><td>'; $o .= ' <ul><li>' . implode('</li><li>', $wronguses) . '</li></ul>'; $o .= ' </td></tr>'; $o .= ' </table>'; } /// The textarea showing all the reserved words $o .= ' <table id="formelements" class="boxaligncenter" cellpadding="5">'; $o .= ' <tr><td align="center">' . $this->str['listreservedwords'] . '</td></tr>'; $o .= ' <tr><td><textarea cols="80" rows="32">'; $o .= s(implode(', ', array_keys($reserved_words))); $o .= '</textarea></td></tr>'; $o .= ' </table>'; $this->output = $o; /// Launch postaction if exists (leave this here!) if ($this->getPostAction() && $result) { return $this->launch($this->getPostAction()); } /// Return ok if arrived here return $result; }
public function test_reserved_words() { $reserved = sql_generator::getAllReservedWords(); $this->assertTrue(count($reserved) > 1); }
/** * Invoke method, every class will have its own * returns true/false on completion, setting both * errormsg and output as necessary */ function invoke() { parent::invoke(); $result = true; /// Set own core attributes $this->does_generate = ACTION_GENERATE_HTML; /// These are always here global $CFG, $XMLDB; /// Do the job, setting result as needed /// Get the dir containing the file $dirpath = required_param('dir', PARAM_PATH); $dirpath = $CFG->dirroot . $dirpath; /// Get the correct dirs if (!empty($XMLDB->dbdirs)) { $dbdir =& $XMLDB->dbdirs[$dirpath]; } else { return false; } /// Check if the dir exists and copy it from dbdirs /// (because we need straight load in case of saving from here) if (!isset($XMLDB->editeddirs[$dirpath])) { $XMLDB->editeddirs[$dirpath] = unserialize(serialize($dbdir)); } if (!empty($XMLDB->editeddirs)) { $editeddir =& $XMLDB->editeddirs[$dirpath]; $structure =& $editeddir->xml_file->getStructure(); } /// ADD YOUR CODE HERE $tableparam = required_param('table', PARAM_CLEAN); if (!($table =& $structure->getTable($tableparam))) { /// Arriving here from a name change, looking for the new table name $tableparam = required_param('name', PARAM_CLEAN); $table =& $structure->getTable($tableparam); } $dbdir =& $XMLDB->dbdirs[$dirpath]; $origstructure =& $dbdir->xml_file->getStructure(); /// Add the main form $o = '<form id="form" action="index.php" method="post">'; $o .= '<div>'; $o .= ' <input type="hidden" name ="dir" value="' . str_replace($CFG->dirroot, '', $dirpath) . '" />'; $o .= ' <input type="hidden" name ="table" value="' . $tableparam . '" />'; $o .= ' <input type="hidden" name ="action" value="edit_table_save" />'; $o .= ' <input type="hidden" name ="sesskey" value="' . sesskey() . '" />'; $o .= ' <input type="hidden" name ="postaction" value="edit_table" />'; $o .= ' <table id="formelements" class="boxaligncenter">'; /// If the table is being used, we cannot rename it if ($structure->getTableUses($table->getName())) { $o .= ' <tr valign="top"><td>Name:</td><td><input type="hidden" name ="name" value="' . s($table->getName()) . '" />' . s($table->getName()) . '</td></tr>'; } else { $o .= ' <tr valign="top"><td><label for="name" accesskey="p">Name:</label></td><td><input name="name" type="text" size="28" maxlength="28" id="name" value="' . s($table->getName()) . '" /></td></tr>'; } $o .= ' <tr valign="top"><td><label for="comment" accesskey="c">Comment:</label></td><td><textarea name="comment" rows="3" cols="80" id="comment">' . s($table->getComment()) . '</textarea></td></tr>'; $o .= ' <tr valign="top"><td> </td><td><input type="submit" value="' . $this->str['change'] . '" /></td></tr>'; $o .= ' </table>'; $o .= '</div></form>'; /// Calculate the pending changes / save message $e = ''; $cansavenow = false; if ($structure->hasChanged()) { if (!is_writeable($dirpath . '/install.xml') || !is_writeable($dirpath)) { $e .= '<p class="centerpara error">' . $this->str['pendingchangescannotbesaved'] . '</p>'; } else { $e .= '<p class="centerpara warning">' . $this->str['pendingchanges'] . '</p>'; $cansavenow = true; } } /// Calculate the buttons $b = ' <p class="centerpara buttons">'; /// The view original XML button if ($origstructure->getTable($tableparam)) { $b .= ' <a href="index.php?action=view_table_xml&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '&select=original&table=' . $tableparam . '">[' . $this->str['vieworiginal'] . ']</a>'; } else { $b .= ' [' . $this->str['vieworiginal'] . ']'; } /// The view edited XML button if ($table->hasChanged()) { $b .= ' <a href="index.php?action=view_table_xml&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '&select=edited&table=' . $tableparam . '">[' . $this->str['viewedited'] . ']</a>'; } else { $b .= ' [' . $this->str['viewedited'] . ']'; } /// The new field button $b .= ' <a href="index.php?action=new_field&sesskey=' . sesskey() . '&postaction=edit_field&table=' . $tableparam . '&field=changeme&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['newfield'] . ']</a>'; /// The new key button $b .= ' <a href="index.php?action=new_key&sesskey=' . sesskey() . '&postaction=edit_key&table=' . $tableparam . '&key=changeme&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['newkey'] . ']</a>'; /// The new index button $b .= ' <a href="index.php?action=new_index&sesskey=' . sesskey() . '&postaction=edit_index&table=' . $tableparam . '&index=changeme&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['newindex'] . ']</a>'; $b .= '</p>'; $b .= ' <p class="centerpara buttons">'; /// The view sql code button $b .= '<a href="index.php?action=view_table_sql&table=' . $tableparam . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['viewsqlcode'] . ']</a>'; /// The view php code button $b .= ' <a href="index.php?action=view_table_php&table=' . $tableparam . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['viewphpcode'] . ']</a>'; /// The save button (if possible) if ($cansavenow) { $b .= ' <a href="index.php?action=save_xml_file&sesskey=' . sesskey() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '&time=' . time() . '&unload=false&postaction=edit_table&table=' . $tableparam . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['save'] . ']</a>'; } /// The back to edit xml file button $b .= ' <a href="index.php?action=edit_xml_file&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['back'] . ']</a>'; $b .= '</p>'; $o .= $e . $b; require_once "{$CFG->libdir}/ddl/sql_generator.php"; $reserved_words = sql_generator::getAllReservedWords(); /// Delete any 'changeme' field/key/index $table->deleteField('changeme'); $table->deleteKey('changeme'); $table->deleteIndex('changeme'); /// Add the fields list $fields =& $table->getFields(); if (!empty($fields)) { $o .= '<h3 class="main">' . $this->str['fields'] . '</h3>'; $o .= '<table id="listfields" border="0" cellpadding="5" cellspacing="1" class="boxaligncenter flexible">'; $row = 0; foreach ($fields as $field) { /// The field name (link to edit - if the field has no uses) if (!$structure->getFieldUses($table->getName(), $field->getName())) { $f = '<a href="index.php?action=edit_field&field=' . $field->getName() . '&table=' . $table->getName() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">' . $field->getName() . '</a>'; } else { $f = $field->getName(); } /// Calculate buttons $b = '</td><td class="button cell">'; /// The edit button (if the field has no uses) if (!$structure->getFieldUses($table->getName(), $field->getName())) { $b .= '<a href="index.php?action=edit_field&field=' . $field->getName() . '&table=' . $table->getName() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['edit'] . ']</a>'; } else { $b .= '[' . $this->str['edit'] . ']'; } $b .= '</td><td class="button cell">'; /// The up button if ($field->getPrevious()) { $b .= '<a href="index.php?action=move_updown_field&direction=up&sesskey=' . sesskey() . '&field=' . $field->getName() . '&table=' . $table->getName() . '&postaction=edit_table' . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['up'] . ']</a>'; } else { $b .= '[' . $this->str['up'] . ']'; } $b .= '</td><td class="button cell">'; /// The down button if ($field->getNext()) { $b .= '<a href="index.php?action=move_updown_field&direction=down&sesskey=' . sesskey() . '&field=' . $field->getName() . '&table=' . $table->getName() . '&postaction=edit_table' . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['down'] . ']</a>'; } else { $b .= '[' . $this->str['down'] . ']'; } $b .= '</td><td class="button cell">'; /// The delete button (if we have more than one and it isn't used if (count($fields) > 1 && !$structure->getFieldUses($table->getName(), $field->getName())) { $b .= '<a href="index.php?action=delete_field&sesskey=' . sesskey() . '&field=' . $field->getName() . '&table=' . $table->getName() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['delete'] . ']</a>'; } else { $b .= '[' . $this->str['delete'] . ']'; } $b .= '</td><td class="button cell">'; /// The view xml button $b .= '<a href="index.php?action=view_field_xml&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '&field=' . $field->getName() . '&table=' . $table->getName() . '&select=edited">[' . $this->str['viewxml'] . ']</a>'; /// Detect if the table name is a reserved word if (array_key_exists($field->getName(), $reserved_words)) { $b .= ' <a href="index.php?action=view_reserved_words"><span class="error">' . $this->str['reserved'] . '</span></a>'; } /// The readable info $r = '</td><td class="readableinfo cell">' . $field->readableInfo() . '</td>'; /// Print table row $o .= '<tr class="r' . $row . '"><td class="table cell">' . $f . $b . $r . '</tr>'; $row = ($row + 1) % 2; } $o .= '</table>'; } /// Add the keys list $keys =& $table->getKeys(); if (!empty($keys)) { $o .= '<h3 class="main">' . $this->str['keys'] . '</h3>'; $o .= '<table id="listkeys" border="0" cellpadding="5" cellspacing="1" class="boxaligncenter flexible">'; $row = 0; foreach ($keys as $key) { /// The key name (link to edit - if the key has no uses) if (!$structure->getKeyUses($table->getName(), $key->getName())) { $k = '<a href="index.php?action=edit_key&key=' . $key->getName() . '&table=' . $table->getName() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">' . $key->getName() . '</a>'; } else { $k = $key->getName(); } /// Calculate buttons $b = '</td><td class="button cell">'; /// The edit button (if the key hasn't uses) if (!$structure->getKeyUses($table->getName(), $key->getName())) { $b .= '<a href="index.php?action=edit_key&key=' . $key->getName() . '&table=' . $table->getName() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['edit'] . ']</a>'; } else { $b .= '[' . $this->str['edit'] . ']'; } $b .= '</td><td class="button cell">'; /// The up button if ($key->getPrevious()) { $b .= '<a href="index.php?action=move_updown_key&direction=up&sesskey=' . sesskey() . '&key=' . $key->getName() . '&table=' . $table->getName() . '&postaction=edit_table' . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['up'] . ']</a>'; } else { $b .= '[' . $this->str['up'] . ']'; } $b .= '</td><td class="button cell">'; /// The down button if ($key->getNext()) { $b .= '<a href="index.php?action=move_updown_key&direction=down&sesskey=' . sesskey() . '&key=' . $key->getName() . '&table=' . $table->getName() . '&postaction=edit_table' . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['down'] . ']</a>'; } else { $b .= '[' . $this->str['down'] . ']'; } $b .= '</td><td class="button cell">'; /// The delete button (if the key hasn't uses) if (!$structure->getKeyUses($table->getName(), $key->getName())) { $b .= '<a href="index.php?action=delete_key&sesskey=' . sesskey() . '&key=' . $key->getName() . '&table=' . $table->getName() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['delete'] . ']</a>'; } else { $b .= '[' . $this->str['delete'] . ']'; } $b .= '</td><td class="button cell">'; /// The view xml button $b .= '<a href="index.php?action=view_key_xml&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '&key=' . $key->getName() . '&table=' . $table->getName() . '&select=edited">[' . $this->str['viewxml'] . ']</a>'; /// The readable info $r = '</td><td class="readableinfo cell">' . $key->readableInfo() . '</td>'; /// Print table row $o .= '<tr class="r' . $row . '"><td class="table cell">' . $k . $b . $r . '</tr>'; $row = ($row + 1) % 2; } $o .= '</table>'; } /// Add the indexes list $indexes =& $table->getIndexes(); if (!empty($indexes)) { $o .= '<h3 class="main">' . $this->str['indexes'] . '</h3>'; $o .= '<table id="listindexes" border="0" cellpadding="5" cellspacing="1" class="boxaligncenter flexible">'; $row = 0; foreach ($indexes as $index) { /// The index name (link to edit) $i = '<a href="index.php?action=edit_index&index=' . $index->getName() . '&table=' . $table->getName() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">' . $index->getName() . '</a>'; /// Calculate buttons $b = '</td><td class="button cell">'; /// The edit button $b .= '<a href="index.php?action=edit_index&index=' . $index->getName() . '&table=' . $table->getName() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['edit'] . ']</a>'; $b .= '</td><td class="button cell">'; /// The up button if ($index->getPrevious()) { $b .= '<a href="index.php?action=move_updown_index&direction=up&sesskey=' . sesskey() . '&index=' . $index->getName() . '&table=' . $table->getName() . '&postaction=edit_table' . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['up'] . ']</a>'; } else { $b .= '[' . $this->str['up'] . ']'; } $b .= '</td><td class="button cell">'; /// The down button if ($index->getNext()) { $b .= '<a href="index.php?action=move_updown_index&direction=down&sesskey=' . sesskey() . '&index=' . $index->getName() . '&table=' . $table->getName() . '&postaction=edit_table' . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['down'] . ']</a>'; } else { $b .= '[' . $this->str['down'] . ']'; } $b .= '</td><td class="button cell">'; /// The delete button $b .= '<a href="index.php?action=delete_index&sesskey=' . sesskey() . '&index=' . $index->getName() . '&table=' . $table->getName() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['delete'] . ']</a>'; $b .= '</td><td class="button cell">'; /// The view xml button $b .= '<a href="index.php?action=view_index_xml&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '&index=' . $index->getName() . '&table=' . $table->getName() . '&select=edited">[' . $this->str['viewxml'] . ']</a>'; /// The readable info $r = '</td><td class="readableinfo cell">' . $index->readableInfo() . '</td>'; /// Print table row $o .= '<tr class="r' . $row . '"><td class="table cell">' . $i . $b . $r . '</tr>'; $row = ($row + 1) % 2; } $o .= '</table>'; } $this->output = $o; /// Launch postaction if exists (leave this here!) if ($this->getPostAction() && $result) { return $this->launch($this->getPostAction()); } /// Return ok if arrived here return $result; }
/** * Invoke method, every class will have its own * returns true/false on completion, setting both * errormsg and output as necessary */ function invoke() { parent::invoke(); $result = true; // Set own core attributes $this->does_generate = ACTION_GENERATE_HTML; // These are always here global $CFG, $XMLDB, $DB; // Do the job, setting $result as needed // Get the dir containing the file $dirpath = required_param('dir', PARAM_PATH); $dirpath = $CFG->dirroot . $dirpath; // Get the correct dir if (!empty($XMLDB->dbdirs)) { $dbdir =& $XMLDB->dbdirs[$dirpath]; if ($dbdir) { // Only if the directory exists and it has been loaded if (!$dbdir->path_exists || !$dbdir->xml_loaded) { return false; } // Check if the in-memory object exists and create it if (empty($XMLDB->editeddirs)) { $XMLDB->editeddirs = array(); } // Check if the dir exists and copy it from dbdirs if (!isset($XMLDB->editeddirs[$dirpath])) { $XMLDB->editeddirs[$dirpath] = unserialize(serialize($dbdir)); } // Get it $editeddir =& $XMLDB->editeddirs[$dirpath]; $structure =& $editeddir->xml_file->getStructure(); // Add the main form $o = '<form id="form" action="index.php" method="post">'; $o .= '<div>'; $o .= ' <input type="hidden" name ="dir" value="' . str_replace($CFG->dirroot, '', $dirpath) . '" />'; $o .= ' <input type="hidden" name ="action" value="edit_xml_file_save" />'; $o .= ' <input type="hidden" name ="postaction" value="edit_xml_file" />'; $o .= ' <input type="hidden" name ="path" value="' . s($structure->getPath()) . '" />'; $o .= ' <input type="hidden" name ="version" value="' . s($structure->getVersion()) . '" />'; $o .= ' <input type="hidden" name ="sesskey" value="' . sesskey() . '" />'; $o .= ' <table id="formelements" class="boxaligncenter">'; $o .= ' <tr valign="top"><td>Path:</td><td>' . s($structure->getPath()) . '</td></tr>'; $o .= ' <tr valign="top"><td>Version:</td><td>' . s($structure->getVersion()) . '</td></tr>'; $o .= ' <tr valign="top"><td><label for="comment" accesskey="c">Comment:</label></td><td><textarea name="comment" rows="3" cols="80" id="comment">' . $structure->getComment() . '</textarea></td></tr>'; $o .= ' <tr><td> </td><td><input type="submit" value="' . $this->str['change'] . '" /></td></tr>'; $o .= ' </table>'; $o .= '</div></form>'; // Calculate the pending changes / save message $e = ''; $cansavenow = false; if ($structure->hasChanged()) { if (!is_writeable($dirpath . '/install.xml') || !is_writeable($dirpath)) { $e .= '<p class="centerpara error">' . $this->str['pendingchangescannotbesaved'] . '</p>'; } else { $e .= '<p class="centerpara warning">' . $this->str['pendingchanges'] . '</p>'; $cansavenow = true; } } // Calculate the buttons $b = ' <p class="centerpara buttons">'; // The view original XML button $b .= ' <a href="index.php?action=view_structure_xml&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '&select=original">[' . $this->str['vieworiginal'] . ']</a>'; // The view edited XML button if ($structure->hasChanged()) { $b .= ' <a href="index.php?action=view_structure_xml&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '&select=edited">[' . $this->str['viewedited'] . ']</a>'; } else { $b .= ' [' . $this->str['viewedited'] . ']'; } // The new table button $b .= ' <a href="index.php?action=new_table&sesskey=' . sesskey() . '&postaction=edit_table&table=changeme&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['newtable'] . ']</a>'; // The new from MySQL button if ($DB->get_dbfamily() == 'mysql') { $b .= ' <a href="index.php?action=new_table_from_mysql&sesskey=' . sesskey() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['newtablefrommysql'] . ']</a>'; } else { $b .= ' [' . $this->str['newtablefrommysql'] . ']'; } // The view sql code button $b .= '<a href="index.php?action=view_structure_sql&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['viewsqlcode'] . ']</a>'; // The view php code button $b .= ' <a href="index.php?action=view_structure_php&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['viewphpcode'] . ']</a>'; // The save button (if possible) if ($cansavenow) { $b .= ' <a href="index.php?action=save_xml_file&sesskey=' . sesskey() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '&time=' . time() . '&unload=false&postaction=edit_xml_file&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['save'] . ']</a>'; } // The back to main menu button $b .= ' <a href="index.php?action=main_view#lastused">[' . $this->str['backtomainview'] . ']</a>'; $b .= '</p>'; $o .= $e . $b; // Join all the reserved words into one big array // Calculate list of available SQL generators require_once "{$CFG->libdir}/ddl/sql_generator.php"; $reserved_words = sql_generator::getAllReservedWords(); // Add the tables list $tables = $structure->getTables(); if ($tables) { $o .= '<h3 class="main">' . $this->str['tables'] . '</h3>'; $o .= '<table id="listtables" border="0" cellpadding="5" cellspacing="1" class="boxaligncenter flexible">'; $row = 0; foreach ($tables as $table) { // The table name (link to edit table) $t = '<a href="index.php?action=edit_table&table=' . $table->getName() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">' . $table->getName() . '</a>'; // Calculate buttons $b = '</td><td class="button cell">'; // The edit button $b .= '<a href="index.php?action=edit_table&table=' . $table->getName() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['edit'] . ']</a>'; $b .= '</td><td class="button cell">'; // The up button if ($table->getPrevious()) { $b .= '<a href="index.php?action=move_updown_table&direction=up&sesskey=' . sesskey() . '&table=' . $table->getName() . '&postaction=edit_xml_file' . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['up'] . ']</a>'; } else { $b .= '[' . $this->str['up'] . ']'; } $b .= '</td><td class="button cell">'; // The down button if ($table->getNext()) { $b .= '<a href="index.php?action=move_updown_table&direction=down&sesskey=' . sesskey() . '&table=' . $table->getName() . '&postaction=edit_xml_file' . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['down'] . ']</a>'; } else { $b .= '[' . $this->str['down'] . ']'; } $b .= '</td><td class="button cell">'; // The delete button (if we have more than one and it isn't used) if (count($tables) > 1 && !$structure->getTableUses($table->getName())) { // !$structure->getTableUses($table->getName())) { $b .= '<a href="index.php?action=delete_table&sesskey=' . sesskey() . '&table=' . $table->getName() . '&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '">[' . $this->str['delete'] . ']</a>'; } else { $b .= '[' . $this->str['delete'] . ']'; } $b .= '</td><td class="button cell">'; // The view xml button $b .= '<a href="index.php?action=view_table_xml&dir=' . urlencode(str_replace($CFG->dirroot, '', $dirpath)) . '&table=' . $table->getName() . '&select=edited">[' . $this->str['viewxml'] . ']</a>'; // Detect if the table name is a reserved word if (array_key_exists($table->getName(), $reserved_words)) { $b .= ' <a href="index.php?action=view_reserved_words"><span class="error">' . $this->str['reserved'] . '</span></a>'; } $b .= '</td>'; // Print table row $o .= '<tr class="r' . $row . '"><td class="table cell">' . $t . $b . '</tr>'; $row = ($row + 1) % 2; } $o .= '</table>'; } // Add the back to main $this->output = $o; } } // Launch postaction if exists (leave this unmodified) if ($this->getPostAction() && $result) { return $this->launch($this->getPostAction()); } return $result; }
$internal = array('change_db_encoding', 'configure_dbconnection', 'db_(detect_lobs|update_lobs)', 'execute_sql(_arr)?', 'onespace2empty', 'oracle_dirty_hack', 'rcache_(get|getforfill|releaseforfill|set|unset|unset_table)', 'where_clause'); $unsupported = array('column_type', 'table_column', 'modify_database', '(Execute|Connect|PConnect|ErrorMsg)', '(MetaTables|MetaColumns|MetaColumnNames|MetaPrimaryKeys|MetaIndexes)'); $other = array('\\$db[,; -]', "[^\$_'\"\\.-]dbfamily", "[^\$_'\"\\.-]dblibrary", "[^\$_'\"\\.-]dbtype[^s]", 'sql_substr\\(\\)', '\\$CFG->prefix', 'NEWNAMEGOESHERE', 'new\\s(XMLDBTable|XMLDBField|XMLDBIndex|XMLDBKey)', '>(addFieldInfo|addIndexInfo|addKeyInfo|setAttributes)', '>(begin|commit|rollback)_sql', '(if|while|for|return).*>get_recordset(_list|_select|_sql)?', 'SELECT DISTINCT.*\\.\\*', "get_in_or_equal\\(.*SQL_PARAMS_NAMED\\s*,\\s*'.*\\d'"); /// List of reserved words /// 1. default (common) ones $reservedlist = array('user', 'group', 'order', 'select', 'from', 'where', 'role', 'null', 'start', 'end', 'date', 'match', 'mod', 'new', 'old'); /// 2. from sql_generators if possible if ($is_moodle_root) { define('MOODLE_INTERNAL', true); // cheat, so sql_generator think we are one standard moodle script global $CFG; // cheat, again, to define some stuff needed by generators $CFG = new stdclass(); $CFG->libdir = dirname(__FILE__) . '/lib'; require_once $CFG->libdir . '/ddl/sql_generator.php'; $reservedlist = array_keys(sql_generator::getAllReservedWords()); } foreach ($reservedlist as $key => $word) { $reservedlist[$key] = '(?: AS\\s+|:)' . trim($word); } /// Define some known false positives to take them out from errors report (nested array of => file => regular expressions considered false positives) $fp = array('install.php' => array('empty\\(\\$distro-\\>dbtype\\)', '= trim\\(\\$_POST\\[\'dbtype\'\\]', 'get_driver_instance\\(\\$config-|>dbtype'), 'admin/blocks.php' => array('drop_plugin_tables.*\\/blocks'), 'admin/health.php' => array('\\. \\$CFG-\\>prefix \\.'), 'admin/modules.php' => array('drop_plugin_tables.*\\/mod'), 'admin/qtypes.php' => array('drop_plugin_tables.*\\$QTYPES\\[\\$delete\\]-\\>'), 'admin/xmldb/actions/check_bigints/check_bigints.class.php' => array('this->dbfamily'), 'auth/cas/CAS/CAS/client.php' => array('this->setAttributes'), 'backup/util/dbops/backup_structure_dbops.class.php' => array('element->get_source_.*convert_params_to_values'), 'backup/util/helper/restore_decode_content.class.php' => array('return.*get_recordset_sql'), 'blocks/html/backup/moodle2/restore_html_block_task.class.php' => array('return.*get_recordset_sql'), 'lib/adminlib.php' => array('drop_plugin_tables\\(\\$pluginname', 'used_tables = get_used_table_names', 'dbdirs = get_db_directories'), 'lib/ddl/database_manager.php' => array('dbdirs = get_db_directories'), 'lib/ddl/simpletest/testddl.php' => array('DB2 = moodle_database::get_driver_instance'), 'lib/dml/moodle_database.php' => array('cfg-\\>dbtype = \\$this-\\>get_dbtype', 'cfg-\\>dblibrary = \\$this-\\>get_dblibrary', 'return \\$this-\\>get_recordset_select\\(\\$table, \\$select, \\$params', 'return \\$this-\\>get_recordset_sql\\(\\$sql, \\$params, \\$limitfrom'), 'lib/dml/simpletest/testdml.php' => array('DB2 = moodle_database::get_driver_instance'), 'lib/form/recaptcha.php' => array('this->setAttributes'), 'mod/assignment/lib.php' => array('mform->setAttributes'), 'mod/scorm/datamodels/scorm_13.js.php' => array('max.*delimiter.*(unique|duplicate).*(:true|:false)', 'cmi\\.objectives\\.n\\..*defaultvalue.*:null'), 'mod/workshop/form/accumulative/lib.php' => array('return \\$DB-\\>get_recordset_sql\\('), 'mod/workshop/form/comments/lib.php' => array('return \\$DB-\\>get_recordset_sql\\('), 'mod/workshop/form/numerrors/lib.php' => array('return \\$DB-\\>get_recordset_sql\\('), 'mod/workshop/form/rubric/lib.php' => array('return \\$DB-\\>get_recordset_sql\\('), 'admin/xmldb/actions/generate_all_documentation/generate_all_documentation.class.php' => array('dbdirs = get_db_directories'), 'admin/xmldb/actions/get_db_directories/get_db_directories.class.php' => array('db_directories = get_db_directories')); /// List of exceptions that aren't errors (function declarations, comments, adodb usage from adodb drivers and harcoded strings). Non reportable false positives $excludes = '/(function |^\\s*\\*|^\\s*\\/\\/|\\$this-\\>adodb-\\>(Execute|Connect|PConnect|ErrorMsg|MetaTables|MetaIndexes|MetaColumns|MetaColumnNames|MetaPrimaryKeys|)|protected \\$[a-zA-Z]*db|Incorrect |check find_index_name|not available anymore|output|Replace it with the correct use of|where order of parameters is|_moodle_database|invaliddbtype|has been deprecated in Moodle 2\\.0\\. Will be out in Moodle 2\\.1|Potential SQL injection detected|requires at least two parameters|hint_database = install_db_val|Current database \\(|admin_setting_configselect|(if|while|for|return).*\\>get_recordset(_list|_select|_sql)?.*\\>valid\\(\\)|NEWNAMEGOESHERE.*XMLDB_LINEFEED|has_capability\\(.*:view.*context)|die(.*result.*:null.*errstr)|CAST\\(.+AS\\s+(INT|FLOAT|DECIMAL|NUM|REAL)/'; /// Calculating megarules $dml_megarule = calculate_megarule($dml, array('[ =@.]'), array('( )?\\('), 'i'); $helper_megarule = calculate_megarule($helper, array('[ =@.]'), array('( )?\\('), 'i'); $ddl_megarule = calculate_megarule($ddl, array('[ =@.]'), array('( )?\\('), 'i'); $coreonly_megarule = calculate_megarule($coreonly, array('[ =@.]'), array('( )?\\('), 'i'); $enum_megarule = calculate_megarule($enum); $internal_megarule = calculate_megarule($internal, array('[ =@.]'), array('( )?\\('), 'i');