$rows = get_rows("SELECT" . limit(implode(", ", $select) . " FROM " . table($TABLE), " WHERE {$where}", isset($_GET["select"]) ? 2 : 1));
$row = isset($_GET["select"]) && count($rows) != 1 ? null : reset($rows);
}
}
if ($row === false) {
echo "<p class='error'>" . lang('No rows.') . "\n";
}
?>
<form action="" method="post" enctype="multipart/form-data" id="form">
<?php
if ($fields) {
echo "<table cellspacing='0' onkeydown='return editingKeydown(event);'>\n";
foreach ($fields as $name => $field) {
echo "<tr><th>" . $adminer->fieldName($field);
$default = $_GET["set"][bracket_escape($name)];
$value = $row !== null ? $row[$name] != "" && $jush == "sql" && ereg("enum|set", $field["type"]) ? is_array($row[$name]) ? array_sum($row[$name]) : +$row[$name] : $row[$name] : (!$update && $field["auto_increment"] ? "" : (isset($_GET["select"]) ? false : ($default !== null ? $default : $field["default"])));
if (!$_POST["save"] && is_string($value)) {
$value = $adminer->editVal($value, $field);
}
$function = $_POST["save"] ? (string) $_POST["function"][$name] : ($update && $field["on_update"] == "CURRENT_TIMESTAMP" ? "now" : ($value === false ? null : ($value !== null ? '' : 'NULL')));
if ($field["type"] == "timestamp" && $value == "CURRENT_TIMESTAMP") {
$value = "";
$function = "now";
}
input($field, $value, $function);
echo "\n";
}
echo "</table>\n";
}
?>
/** Print edit data form
* @param string
* @param array
* @param mixed
* @param bool
* @return null
*/
function edit_form($TABLE, $fields, $row, $update)
{
global $adminer, $jush, $token, $error;
$table_name = $adminer->tableName(table_status1($TABLE, true));
page_header($update ? lang('Edit') : lang('Insert'), $error, array("select" => array($TABLE, $table_name)), $table_name);
if ($row === false) {
echo "<p class='error'>" . lang('No rows.') . "\n";
}
?>
<form action="" method="post" enctype="multipart/form-data" id="form">
<?php
if (!$fields) {
echo "<p class='error'>" . lang('You have no privileges to update this table.') . "\n";
} else {
echo "<table cellspacing='0' onkeydown='return editingKeydown(event);'>\n";
foreach ($fields as $name => $field) {
echo "<tr><th>" . $adminer->fieldName($field);
$default = $_GET["set"][bracket_escape($name)];
if ($default === null) {
$default = $field["default"];
if ($field["type"] == "bit" && preg_match("~^b'([01]*)'\$~", $default, $regs)) {
$default = $regs[1];
}
}
$value = $row !== null ? $row[$name] != "" && $jush == "sql" && preg_match("~enum|set~", $field["type"]) ? is_array($row[$name]) ? array_sum($row[$name]) : +$row[$name] : $row[$name] : (!$update && $field["auto_increment"] ? "" : (isset($_GET["select"]) ? false : $default));
if (!$_POST["save"] && is_string($value)) {
$value = $adminer->editVal($value, $field);
}
$function = $_POST["save"] ? (string) $_POST["function"][$name] : ($update && $field["on_update"] == "CURRENT_TIMESTAMP" ? "now" : ($value === false ? null : ($value !== null ? '' : 'NULL')));
if (preg_match("~time~", $field["type"]) && $value == "CURRENT_TIMESTAMP") {
$value = "";
$function = "now";
}
input($field, $value, $function);
echo "\n";
}
if (!support("table")) {
echo "<tr>" . "<th><input name='field_keys[]' onkeyup='keyupChange.call(this);' onchange='fieldChange(this);' value=''>" . "<td class='function'>" . html_select("field_funs[]", $adminer->editFunctions(array("null" => isset($_GET["select"])))) . "<td><input name='field_vals[]'>" . "\n";
}
echo "</table>\n";
}
echo "<p>\n";
if ($fields) {
echo "<input type='submit' value='" . lang('Save') . "'>\n";
if (!isset($_GET["select"])) {
echo "<input type='submit' name='insert' value='" . ($update ? lang('Save and continue edit') . "' onclick='return !ajaxForm(this.form, \"" . lang('Saving') . '...", this)' : lang('Save and insert next')) . "' title='Ctrl+Shift+Enter'>\n";
}
}
echo $update ? "<input type='submit' name='delete' value='" . lang('Delete') . "'" . confirm() . ">\n" : ($_POST || !$fields ? "" : "<script type='text/javascript'>focus(document.getElementById('form').getElementsByTagName('td')[1].firstChild);</script>\n");
if (isset($_GET["select"])) {
hidden_fields(array("check" => (array) $_POST["check"], "clone" => $_POST["clone"], "all" => $_POST["all"]));
}
?>
<input type="hidden" name="referer" value="<?php
echo h(isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]);
?>
">
<input type="hidden" name="save" value="1">
<input type="hidden" name="token" value="<?php
echo $token;
?>
">
</form>
<?php
}
}
foreach ($unique_array as $k => $v) {
$link .= h(where_link($i++, $k, $v));
}
}
}
if (!$link) {
if (is_mail($val)) {
$link = "mailto:{$val}";
}
if ($protocol = is_url($row[$key])) {
$link = $protocol == "http" && $HTTPS ? $row[$key] : "{$protocol}://www.adminer.org/redirect/?url=" . urlencode($row[$key]);
}
}
$id = h("val[{$unique_idf}][" . bracket_escape($key) . "]");
$value = $_POST["val"][$unique_idf][bracket_escape($key)];
$h_value = h($value !== null ? $value : $row[$key]);
$long = strpos($val, "<i>...</i>");
$editable = is_utf8($val) && $rows[$n][$key] == $row[$key] && !$functions[$key];
$text = ereg('text|lob', $field["type"]);
echo $_GET["modify"] && $editable || $value !== null ? "<td>" . ($text ? "<textarea name='{$id}' cols='30' rows='" . (substr_count($row[$key], "\n") + 1) . "'>{$h_value}</textarea>" : "<input name='{$id}' value='{$h_value}' size='{$lengths[$key]}'>") : "<td id='{$id}' ondblclick=\"" . ($editable ? "selectDblClick(this, event" . ($long ? ", 2" : ($text ? ", 1" : "")) . ")" : "alert('" . h(lang('Use edit link to modify this value.')) . "')") . ";\">" . $adminer->selectVal($val, $link, $field);
}
}
if ($backward_keys) {
echo "<td>";
}
$adminer->backwardKeysPrint($backward_keys, $rows[$n]);
echo "</tr>\n";
// close to allow white-space: pre
}
if (is_ajax()) {
/** Print select result
* @param Min_Result
* @param Min_DB connection to examine indexes
* @param array
* @param int
* @return array $orgtables
*/
function select($result, $connection2 = null, $orgtables = array(), $limit = 0)
{
global $jush;
$links = array();
// colno => orgtable - create links from these columns
$indexes = array();
// orgtable => array(column => colno) - primary keys
$columns = array();
// orgtable => array(column => ) - not selected columns in primary key
$blobs = array();
// colno => bool - display bytes for blobs
$types = array();
// colno => type - display char in <code>
$return = array();
// table => orgtable - mapping to use in EXPLAIN
odd('');
// reset odd for each result
for ($i = 0; (!$limit || $i < $limit) && ($row = $result->fetch_row()); $i++) {
if (!$i) {
echo "<table cellspacing='0' class='nowrap'>\n";
echo "<thead><tr>";
for ($j = 0; $j < count($row); $j++) {
$field = $result->fetch_field();
$name = $field->name;
$orgtable = $field->orgtable;
$orgname = $field->orgname;
$return[$field->table] = $orgtable;
if ($orgtables && $jush == "sql") {
// MySQL EXPLAIN
$links[$j] = $name == "table" ? "table=" : ($name == "possible_keys" ? "indexes=" : null);
} elseif ($orgtable != "") {
if (!isset($indexes[$orgtable])) {
// find primary key in each table
$indexes[$orgtable] = array();
foreach (indexes($orgtable, $connection2) as $index) {
if ($index["type"] == "PRIMARY") {
$indexes[$orgtable] = array_flip($index["columns"]);
break;
}
}
$columns[$orgtable] = $indexes[$orgtable];
}
if (isset($columns[$orgtable][$orgname])) {
unset($columns[$orgtable][$orgname]);
$indexes[$orgtable][$orgname] = $j;
$links[$j] = $orgtable;
}
}
if ($field->charsetnr == 63) {
// 63 - binary
$blobs[$j] = true;
}
$types[$j] = $field->type;
echo "<th" . ($orgtable != "" || $field->name != $orgname ? " title='" . h(($orgtable != "" ? "{$orgtable}." : "") . $orgname) . "'" : "") . ">" . h($name) . ($orgtables ? doc_link(array('sql' => "explain-output.html#explain_" . strtolower($name))) : "");
}
echo "</thead>\n";
}
echo "<tr" . odd() . ">";
foreach ($row as $key => $val) {
if ($val === null) {
$val = "<i>NULL</i>";
} elseif ($blobs[$key] && !is_utf8($val)) {
$val = "<i>" . lang('%d byte(s)', strlen($val)) . "</i>";
//! link to download
} elseif (!strlen($val)) {
// strlen - SQLite can return int
$val = " ";
// some content to print a border
} else {
$val = h($val);
if ($types[$key] == 254) {
// 254 - char
$val = "<code>{$val}</code>";
}
}
if (isset($links[$key]) && !$columns[$links[$key]]) {
if ($orgtables && $jush == "sql") {
// MySQL EXPLAIN
$table = $row[array_search("table=", $links)];
$link = $links[$key] . urlencode($orgtables[$table] != "" ? $orgtables[$table] : $table);
} else {
$link = "edit=" . urlencode($links[$key]);
foreach ($indexes[$links[$key]] as $col => $j) {
$link .= "&where" . urlencode("[" . bracket_escape($col) . "]") . "=" . urlencode($row[$j]);
}
}
$val = "<a href='" . h(ME . $link) . "'>{$val}</a>";
}
echo "<td>{$val}";
}
}
echo ($i ? "</table>" : "<p class='message'>" . lang('No rows.')) . "\n";
return $return;
}
function process_input($name, $field)
{
global $mysql;
$name = bracket_escape($name);
$value = $_POST["fields"][$name];
if ($field["type"] != "enum" && !$field["auto_increment"] ? $_POST["null"][$name] : !strlen($value)) {
return "NULL";
} elseif ($field["type"] == "enum") {
return isset($_GET["default"]) ? "'" . $mysql->escape_string($value) . "'" : intval($value);
} elseif ($field["type"] == "set") {
return isset($_GET["default"]) ? "'" . implode(",", array_map(array($mysql, 'escape_string'), (array) $value)) . "'" : array_sum((array) $value);
} elseif (preg_match('~binary|blob~', $field["type"])) {
$file = get_file($name);
if (!is_string($file) && ($file != UPLOAD_ERR_NO_FILE || !$field["null"])) {
return false;
}
return "_binary'" . (is_string($file) ? $mysql->escape_string($file) : "") . "'";
} elseif ($field["type"] == "timestamp" && $value == "CURRENT_TIMESTAMP") {
return $value;
} else {
return "'" . $mysql->escape_string($value) . "'";
}
}
<?php
if ($_GET["script"] == "kill") {
$connection->query("KILL " . +$_POST["kill"]);
} elseif (list($table, $id, $name) = $adminer->_foreignColumn(column_foreign_keys($_GET["source"]), $_GET["field"])) {
$limit = 11;
$result = $connection->query("SELECT {$id}, {$name} FROM " . table($table) . " WHERE " . (preg_match('~^[0-9]+$~', $_GET["value"]) ? "{$id} = {$_GET['value']} OR " : "") . "{$name} LIKE " . q("{$_GET['value']}%") . " ORDER BY 2 LIMIT {$limit}");
for ($i = 1; ($row = $result->fetch_row()) && $i < $limit; $i++) {
echo "<a href='" . h(ME . "edit=" . urlencode($table) . "&where" . urlencode("[" . bracket_escape(idf_unescape($id)) . "]") . "=" . urlencode($row[0])) . "'>" . h($row[1]) . "</a><br>\n";
}
if ($row) {
echo "...\n";
}
}
exit;
// don't print footer
function fields($table)
{
$return = array();
foreach ((array) $_POST["field_keys"] as $key => $val) {
if ($val != "") {
$val = bracket_escape($val);
$_POST["function"][$val] = $_POST["field_funs"][$key];
$_POST["fields"][$val] = $_POST["field_vals"][$key];
}
}
foreach ((array) $_POST["fields"] as $key => $val) {
$name = bracket_escape($key, 1);
// 1 - back
$return[$name] = array("field" => $name, "privileges" => array("insert" => 1, "update" => 1), "null" => 1);
}
return $return;
}
/** Process edit input field
* @param one field from fields()
* @return string
*/
function process_input($field)
{
global $adminer;
$idf = bracket_escape($field["field"]);
$function = $_POST["function"][$idf];
$value = $_POST["fields"][$idf];
if ($field["type"] == "enum") {
if ($value == -1) {
return false;
}
if ($value == "") {
return "NULL";
}
return +$value;
}
if ($field["auto_increment"] && $value == "") {
return null;
}
if ($function == "orig") {
return $field["on_update"] == "CURRENT_TIMESTAMP" ? idf_escape($field["field"]) : false;
}
if ($function == "NULL") {
return "NULL";
}
if ($field["type"] == "set") {
return array_sum((array) $value);
}
if (ereg('blob|bytea|raw|file', $field["type"]) && ini_bool("file_uploads")) {
$file = get_file("fields-{$idf}");
if (!is_string($file)) {
return false;
//! report errors
}
return q($file);
}
return $adminer->processInput($field, $value, $function);
}