/** Escape column key used in where()
* @param string
* @return string
*/
function escape_key($key)
{
if (preg_match('(^([\\w(]+)(' . str_replace("_", ".*", preg_quote(idf_escape("_"))) . ')([ \\w)]+)$)', $key, $match)) {
//! columns looking like functions
return $match[1] . idf_escape(idf_unescape($match[2])) . $match[3];
//! SQL injection
}
return idf_escape($key);
}
}
query_adminer_redirect("ALTER DATABASE " . idf_escape($name) . (preg_match('~^[a-z0-9_]+$~i', $row["collation"]) ? " COLLATE {$row['collation']}" : ""), substr(ME, 0, -1), lang('Database has been altered.'));
}
}
page_header(DB != "" ? lang('Alter database') : lang('Create database'), $error, array(), h(DB));
$collations = collations();
$name = DB;
if ($_POST) {
$name = $row["name"];
} elseif (DB != "") {
$row["collation"] = db_collation(DB, $collations);
} elseif ($jush == "sql") {
// propose database name with limited privileges
foreach (get_vals("SHOW GRANTS") as $grant) {
if (preg_match('~ ON (`(([^\\\\`]|``|\\\\.)*)%`\\.\\*)?~', $grant, $match) && $match[1]) {
$name = stripcslashes(idf_unescape("`{$match['2']}`"));
break;
}
}
}
?>
<form action="" method="post">
<p>
<?php
echo ($_POST["add_x"] || strpos($name, "\n") ? '<textarea id="name" name="name" rows="10" cols="40">' . h($name) . '</textarea><br>' : '<input name="name" id="name" value="' . h($name) . '" maxlength="64" autocapitalize="off">') . "\n" . ($collations ? html_select("collation", array("" => "(" . lang('collation') . ")") + $collations, $row["collation"]) . doc_link(array('sql' => "charset-charsets.html", 'mssql' => "ms187963.aspx")) : "");
?>
<script type='text/javascript'>focus(document.getElementById('name'));</script>
<input type="submit" value="<?php
echo lang('Save');
?>
function insert($table, $set)
{
$params = array("DomainName" => $table);
$i = 0;
foreach ($set as $name => $value) {
if ($value != "NULL") {
$name = idf_unescape($name);
if ($name == "itemName()") {
$params["ItemName"] = idf_unescape($value);
} else {
foreach ((array) $value as $val) {
$params["Attribute.{$i}.Name"] = $name;
$params["Attribute.{$i}.Value"] = is_array($value) ? $val : idf_unescape($value);
$i++;
}
}
}
}
return sdb_request('PutAttributes', $params);
}
function foreign_keys($table)
{
global $mysql, $on_actions;
static $pattern = '(?:[^`]+|``)+';
$return = array();
$result = $mysql->query("SHOW CREATE TABLE " . idf_escape($table));
if ($result) {
$create_table = $mysql->result($result, 1);
$result->free();
preg_match_all("~CONSTRAINT `({$pattern})` FOREIGN KEY \\(((?:`{$pattern}`,? ?)+)\\) REFERENCES `({$pattern})`(?:\\.`({$pattern})`)? \\(((?:`{$pattern}`,? ?)+)\\)(?: ON DELETE (" . implode("|", $on_actions) . "))?(?: ON UPDATE (" . implode("|", $on_actions) . "))?~", $create_table, $matches, PREG_SET_ORDER);
foreach ($matches as $match) {
preg_match_all("~`({$pattern})`~", $match[2], $source);
preg_match_all("~`({$pattern})`~", $match[5], $target);
$return[$match[1]] = array("db" => idf_unescape(strlen($match[4]) ? $match[3] : $match[4]), "table" => idf_unescape(strlen($match[4]) ? $match[4] : $match[3]), "source" => array_map('idf_unescape', $source[1]), "target" => array_map('idf_unescape', $target[1]), "on_delete" => $match[6], "on_update" => $match[7]);
}
}
return $return;
}
<?php
if ($_GET["script"] == "kill") {
$connection->query("KILL " . +$_POST["kill"]);
} elseif (list($table, $id, $name) = $adminer->_foreignColumn(column_foreign_keys($_GET["source"]), $_GET["field"])) {
$limit = 11;
$result = $connection->query("SELECT {$id}, {$name} FROM " . table($table) . " WHERE " . (preg_match('~^[0-9]+$~', $_GET["value"]) ? "{$id} = {$_GET['value']} OR " : "") . "{$name} LIKE " . q("{$_GET['value']}%") . " ORDER BY 2 LIMIT {$limit}");
for ($i = 1; ($row = $result->fetch_row()) && $i < $limit; $i++) {
echo "<a href='" . h(ME . "edit=" . urlencode($table) . "&where" . urlencode("[" . bracket_escape(idf_unescape($id)) . "]") . "=" . urlencode($row[0])) . "'>" . h($row[1]) . "</a><br>\n";
}
if ($row) {
echo "...\n";
}
}
exit;
// don't print footer
/** Get foreign keys in table
* @param string
* @return array array($name => array("db" => , "ns" => , "table" => , "source" => array(), "target" => array(), "on_delete" => , "on_update" => ))
*/
function foreign_keys($table)
{
global $connection, $on_actions;
static $pattern = '`(?:[^`]|``)+`';
$return = array();
$create_table = $connection->result("SHOW CREATE TABLE " . table($table), 1);
if ($create_table) {
preg_match_all("~CONSTRAINT ({$pattern}) FOREIGN KEY ?\\(((?:{$pattern},? ?)+)\\) REFERENCES ({$pattern})(?:\\.({$pattern}))? \\(((?:{$pattern},? ?)+)\\)(?: ON DELETE ({$on_actions}))?(?: ON UPDATE ({$on_actions}))?~", $create_table, $matches, PREG_SET_ORDER);
foreach ($matches as $match) {
preg_match_all("~{$pattern}~", $match[2], $source);
preg_match_all("~{$pattern}~", $match[5], $target);
$return[idf_unescape($match[1])] = array("db" => idf_unescape($match[4] != "" ? $match[3] : $match[4]), "table" => idf_unescape($match[4] != "" ? $match[4] : $match[3]), "source" => array_map('idf_unescape', $source[0]), "target" => array_map('idf_unescape', $target[0]), "on_delete" => $match[6] ? $match[6] : "RESTRICT", "on_update" => $match[7] ? $match[7] : "RESTRICT");
}
}
return $return;
}
