Exemple #1
0
/**
 * prints the sql query boxes
 *
 * @usedby  server_sql.php
 * @usedby  db_details.php
 * @usedby  tbl_properties.php
 * @usedby  tbl_properties_structure.php
 * @usedby  querywindow.php
 * @uses    $GLOBALS['table']
 * @uses    $GLOBALS['db']
 * @uses    $GLOBALS['server']
 * @uses    $GLOBALS['goto']
 * @uses    $GLOBALS['is_upload']           from common.lib.php
 * @uses    $GLOBALS['sql_query']           from grab_globals.lib.php
 * @uses    $GLOBALS['cfg']['DefaultQueryTable']
 * @uses    $GLOBALS['cfg']['DefaultQueryDatabase']
 * @uses    $GLOBALS['cfg']['Servers']
 * @uses    $GLOBALS['cfg']['DefaultTabDatabase']
 * @uses    $GLOBALS['cfg']['DefaultQueryDatabase']
 * @uses    $GLOBALS['cfg']['DefaultQueryTable']
 * @uses    $GLOBALS['cfg']['Bookmark']['db']
 * @uses    $GLOBALS['cfg']['Bookmark']['table']
 * @uses    $GLOBALS['strSuccess']
 * @uses    PMA_generate_common_url()
 * @uses    PMA_backquote()
 * @uses    PMA_DBI_fetch_result()
 * @uses    PMA_showMySQLDocu()
 * @uses    PMA_generate_common_hidden_inputs()
 * @uses    PMA_sqlQueryFormBookmark()
 * @uses    PMA_sqlQueryFormInsert()
 * @uses    PMA_sqlQueryFormUpload()
 * @uses    PMA_DBI_QUERY_STORE
 * @uses    PMA_set_enc_form()
 * @uses    sprintf()
 * @uses    htmlspecialchars()
 * @uses    str_replace()
 * @uses    md5()
 * @uses    function_exists()
 * @param   boolean|string  $query          query to display in the textarea
 *                                          or true to display last executed
 * @param   boolean|string  $display_tab    sql|files|history|full|FALSE
 *                                          what part to display
 *                                          false if not inside querywindow
 */
function PMA_sqlQueryForm($query = true, $display_tab = false)
{
    // check tab to display if inside querywindow
    if (!$display_tab) {
        $display_tab = 'full';
        $is_querywindow = false;
    } else {
        $is_querywindow = true;
    }
    // query to show
    if (true === $query) {
        $query = empty($GLOBALS['sql_query']) ? '' : $GLOBALS['sql_query'];
    }
    // set enctype to multipart for file uploads
    if ($GLOBALS['is_upload']) {
        $enctype = ' enctype="multipart/form-data"';
    } else {
        $enctype = '';
    }
    $table = '';
    $db = '';
    if (!isset($GLOBALS['db']) || !strlen($GLOBALS['db'])) {
        // prepare for server related
        $goto = empty($GLOBALS['goto']) ? 'server_sql.php' : $GLOBALS['goto'];
    } elseif (!isset($GLOBALS['table']) || !strlen($GLOBALS['table'])) {
        // prepare for db related
        $db = $GLOBALS['db'];
        $goto = empty($GLOBALS['goto']) ? 'db_details.php' : $GLOBALS['goto'];
    } else {
        $table = $GLOBALS['table'];
        $db = $GLOBALS['db'];
        $goto = empty($GLOBALS['goto']) ? 'tbl_properties.php' : $GLOBALS['goto'];
    }
    // start output
    if ($is_querywindow) {
        ?>
        <form method="post" id="sqlqueryform" target="frame_content"
              action="import.php"<?php 
        echo $enctype;
        ?>
 name="sqlform"
              onsubmit="var save_name = window.opener.parent.frames[1].name;
                        window.opener.parent.frames[1].name = save_name + '<?php 
        echo time();
        ?>
';
                        this.target = window.opener.parent.frames[1].name;
                        return checkSqlQuery( this );" >
        <?php 
    } else {
        echo '<form method="post" action="import.php" ' . $enctype . ' id="sqlqueryform"' . ' onsubmit="return checkSqlQuery(this)" name="sqlform">' . "\n";
    }
    if ($is_querywindow) {
        echo '<input type="hidden" name="focus_querywindow" value="true" />' . "\n";
        if ($display_tab != 'sql' && $display_tab != 'full') {
            echo '<input type="hidden" name="sql_query" value="" />' . "\n";
            echo '<input type="hidden" name="show_query" value="1" />' . "\n";
        }
    }
    echo '<input type="hidden" name="is_js_confirmed" value="0" />' . "\n" . PMA_generate_common_hidden_inputs($db, $table) . "\n" . '<input type="hidden" name="pos" value="0" />' . "\n" . '<input type="hidden" name="goto" value="' . htmlspecialchars($goto) . '" />' . "\n" . '<input type="hidden" name="zero_rows" value="' . htmlspecialchars($GLOBALS['strSuccess']) . '" />' . "\n" . '<input type="hidden" name="prev_sql_query" value="' . htmlspecialchars($query) . '" />' . "\n";
    // display querybox
    if ($display_tab === 'full' || $display_tab === 'sql') {
        PMA_sqlQueryFormInsert($query, $is_querywindow);
    }
    // display uploads
    if ($display_tab === 'files' && $GLOBALS['is_upload']) {
        PMA_sqlQueryFormUpload();
    }
    // Bookmark Support
    if ($display_tab === 'full' || $display_tab === 'history') {
        if (!empty($GLOBALS['cfg']['Bookmark']) && $GLOBALS['cfg']['Bookmark']['db'] && $GLOBALS['cfg']['Bookmark']['table']) {
            PMA_sqlQueryFormBookmark();
        }
    }
    // Encoding setting form appended by Y.Kawada
    if (function_exists('PMA_set_enc_form')) {
        echo PMA_set_enc_form('    ');
    }
    echo '</form>' . "\n";
}
/**
 * prints the sql query boxes
 *
 * @param boolean|string $query       query to display in the textarea
 *                                    or true to display last executed
 * @param boolean|string $display_tab sql|files|history|full|false
 *                                    what part to display
 *                                    false if not inside querywindow
 * @param string         $delimiter   delimeter
 *
 * @usedby  server_sql.php
 * @usedby  db_sql.php
 * @usedby  tbl_sql.php
 * @usedby  tbl_structure.php
 * @usedby  tbl_tracking.php
 * @usedby  querywindow.php
 */
function PMA_sqlQueryForm($query = true, $display_tab = false, $delimiter = ';')
{
    // check tab to display if inside querywindow
    if (!$display_tab) {
        $display_tab = 'full';
        $is_querywindow = false;
    } else {
        $is_querywindow = true;
    }
    // query to show
    if (true === $query) {
        $query = $GLOBALS['sql_query'];
    }
    // set enctype to multipart for file uploads
    if ($GLOBALS['is_upload']) {
        $enctype = ' enctype="multipart/form-data"';
    } else {
        $enctype = '';
    }
    $table = '';
    $db = '';
    if (!strlen($GLOBALS['db'])) {
        // prepare for server related
        $goto = empty($GLOBALS['goto']) ? 'server_sql.php' : $GLOBALS['goto'];
    } elseif (!strlen($GLOBALS['table'])) {
        // prepare for db related
        $db = $GLOBALS['db'];
        $goto = empty($GLOBALS['goto']) ? 'db_sql.php' : $GLOBALS['goto'];
    } else {
        $table = $GLOBALS['table'];
        $db = $GLOBALS['db'];
        $goto = empty($GLOBALS['goto']) ? 'tbl_sql.php' : $GLOBALS['goto'];
    }
    // start output
    if ($is_querywindow) {
        ?>
        <form method="post" id="sqlqueryform" target="frame_content"
              action="import.php"<?php 
        echo $enctype;
        ?>
 name="sqlform"
              onsubmit="var save_name = window.opener.parent.frame_content.name;
              window.opener.parent.frame_content.name = save_name + '<?php 
        echo time();
        ?>
';
              this.target = window.opener.parent.frame_content.name;
              return checkSqlQuery(this)">
        <?php 
    } else {
        echo '<form method="post" action="import.php" ' . $enctype;
        if ($GLOBALS['cfg']['AjaxEnable']) {
            echo ' class="ajax"';
        }
        echo ' id="sqlqueryform" name="sqlform">' . "\n";
    }
    if ($is_querywindow) {
        echo '<input type="hidden" name="focus_querywindow" value="true" />' . "\n";
        if ($display_tab != 'sql' && $display_tab != 'full') {
            echo '<input type="hidden" name="sql_query" value="" />' . "\n";
            echo '<input type="hidden" name="show_query" value="1" />' . "\n";
        }
    }
    echo '<input type="hidden" name="is_js_confirmed" value="0" />' . "\n" . PMA_generate_common_hidden_inputs($db, $table) . "\n" . '<input type="hidden" name="pos" value="0" />' . "\n" . '<input type="hidden" name="goto" value="' . htmlspecialchars($goto) . '" />' . "\n" . '<input type="hidden" name="message_to_show" value="' . __('Your SQL query has been executed successfully') . '" />' . "\n" . '<input type="hidden" name="prev_sql_query" value="' . htmlspecialchars($query) . '" />' . "\n";
    // display querybox
    if ($display_tab === 'full' || $display_tab === 'sql') {
        PMA_sqlQueryFormInsert($query, $is_querywindow, $delimiter);
    }
    // display uploads
    if ($display_tab === 'files' && $GLOBALS['is_upload']) {
        PMA_sqlQueryFormUpload();
    }
    // Bookmark Support
    if ($display_tab === 'full' || $display_tab === 'history') {
        if (!empty($GLOBALS['cfg']['Bookmark'])) {
            PMA_sqlQueryFormBookmark();
        }
    }
    // Encoding setting form appended by Y.Kawada
    if (function_exists('PMA_set_enc_form')) {
        echo PMA_set_enc_form('    ');
    }
    echo '</form>' . "\n";
    if ($is_querywindow) {
        ?>
        <script type="text/javascript">
        //<![CDATA[
            if (window.opener) {
                window.opener.parent.insertQuery();
            }
        //]]>
        </script>
        <?php 
    }
    // print an empty div, which will be later filled with the sql query results by ajax
    echo '<div id="sqlqueryresults"></div>';
}