function dumpTable($table, $style, $is_view = false) { if ($_POST["format"] == "sql_alter") { $create = create_sql($table, $_POST["auto_increment"]); if ($is_view) { echo substr_replace($create, " OR REPLACE", 6, 0) . ";\n\n"; } else { echo substr_replace($create, " IF NOT EXISTS", 12, 0) . ";\n\n"; // create procedure which iterates over original columns and adds new and removes old $query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = " . q($table) . " ORDER BY ORDINAL_POSITION"; echo "DELIMITER ;;\nCREATE PROCEDURE adminer_alter (INOUT alter_command text) BEGIN\n\tDECLARE _column_name, _collation_name, after varchar(64) DEFAULT '';\n\tDECLARE _column_type, _column_default text;\n\tDECLARE _is_nullable char(3);\n\tDECLARE _extra varchar(30);\n\tDECLARE _column_comment varchar(255);\n\tDECLARE done, set_after bool DEFAULT 0;\n\tDECLARE add_columns text DEFAULT '"; $fields = array(); $after = ""; foreach (get_rows($query) as $row) { $default = $row["COLUMN_DEFAULT"]; $row["default"] = $default !== null ? q($default) : "NULL"; $row["after"] = q($after); //! rgt AFTER lft, lft AFTER id doesn't work $row["alter"] = escape_string(idf_escape($row["COLUMN_NAME"]) . " {$row['COLUMN_TYPE']}" . ($row["COLLATION_NAME"] ? " COLLATE {$row['COLLATION_NAME']}" : "") . ($default !== null ? " DEFAULT " . ($default == "CURRENT_TIMESTAMP" ? $default : $row["default"]) : "") . ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL") . ($row["EXTRA"] ? " {$row['EXTRA']}" : "") . ($row["COLUMN_COMMENT"] ? " COMMENT " . q($row["COLUMN_COMMENT"]) : "") . ($after ? " AFTER " . idf_escape($after) : " FIRST")); echo ", ADD {$row['alter']}"; $fields[] = $row; $after = $row["COLUMN_NAME"]; } echo "';\n\tDECLARE columns CURSOR FOR {$query};\n\tDECLARE CONTINUE HANDLER FOR NOT FOUND SET done = 1;\n\tSET @alter_table = '';\n\tOPEN columns;\n\tREPEAT\n\t\tFETCH columns INTO _column_name, _column_default, _is_nullable, _collation_name, _column_type, _extra, _column_comment;\n\t\tIF NOT done THEN\n\t\t\tSET set_after = 1;\n\t\t\tCASE _column_name"; foreach ($fields as $row) { echo "\n\t\t\t\tWHEN " . q($row["COLUMN_NAME"]) . " THEN\n\t\t\t\t\tSET add_columns = REPLACE(add_columns, ', ADD {$row['alter']}', IF(\n\t\t\t\t\t\t_column_default <=> {$row['default']} AND _is_nullable = '{$row['IS_NULLABLE']}' AND _collation_name <=> " . (isset($row["COLLATION_NAME"]) ? "'{$row['COLLATION_NAME']}'" : "NULL") . " AND _column_type = " . q($row["COLUMN_TYPE"]) . " AND _extra = '{$row['EXTRA']}' AND _column_comment = " . q($row["COLUMN_COMMENT"]) . " AND after = {$row['after']}\n\t\t\t\t\t, '', ', MODIFY {$row['alter']}'));"; //! don't replace in comment } echo "\n\t\t\t\tELSE\n\t\t\t\t\tSET @alter_table = CONCAT(@alter_table, ', DROP ', '`', REPLACE(_column_name, '`', '``'), '`');\n\t\t\t\t\tSET set_after = 0;\n\t\t\tEND CASE;\n\t\t\tIF set_after THEN\n\t\t\t\tSET after = _column_name;\n\t\t\tEND IF;\n\t\tEND IF;\n\tUNTIL done END REPEAT;\n\tCLOSE columns;\n\tIF @alter_table != '' OR add_columns != '' THEN\n\t\tSET alter_command = CONCAT(alter_command, 'ALTER TABLE " . adminer_table($table) . "', SUBSTR(CONCAT(add_columns, @alter_table), 2), ';\\n');\n\tEND IF;\nEND;;\nDELIMITER ;\nCALL adminer_alter(@adminer_alter);\nDROP PROCEDURE adminer_alter;\n\n"; //! indexes } return true; } }
function editInput($table, $field, $attrs, $value) { static $foreignTables = array(); static $values = array(); $foreignKeys =& $foreignTables[$table]; if ($foreignKeys === null) { $foreignKeys = column_foreign_keys($table); } foreach ((array) $foreignKeys[$field["field"]] as $foreignKey) { if (count($foreignKey["source"]) == 1) { $target = $foreignKey["table"]; $id = $foreignKey["target"][0]; $options =& $values[$target][$id]; if (!$options) { $options = array("" => "") + get_vals("SELECT " . idf_escape($id) . " FROM " . table($target) . " ORDER BY 1"); } return "<select{$attrs}>" . optionlist($options, $value) . "</select>"; } } }
<?php $TYPE = $_GET["type"]; if ($_POST && !$error) { $link = substr(ME, 0, -1); if ($_POST["drop"]) { query_redirect("DROP TYPE " . idf_escape($TYPE), $link, lang('Type has been dropped.')); } else { query_redirect("CREATE TYPE " . idf_escape($_POST["name"]) . " {$_POST['as']}", $link, lang('Type has been created.')); } } page_header($TYPE != "" ? lang('Alter type') . ": " . h($TYPE) : lang('Create type'), $error); $row = $_POST; if (!$row) { $row = array("as" => "AS "); } ?> <form action="" method="post"> <p> <?php if ($TYPE != "") { echo "<input type='submit' name='drop' value='" . lang('Drop') . "'" . confirm() . ">\n"; } else { echo "<input name='name' value='" . h($row['name']) . "'>\n"; textarea("as", $row["as"]); echo "<p><input type='submit' value='" . lang('Save') . "'>\n"; } ?> <input type="hidden" name="token" value="<?php echo $token;
$connection->query("DROP USER {$new_user}"); } } } page_header(isset($_GET["host"]) ? lang('Username') . ": " . h("{$USER}@{$_GET['host']}") : lang('Create user'), $error, array("privileges" => array('', lang('Privileges')))); if ($_POST) { $row = $_POST; $grants = $new_grants; } else { $row = $_GET + array("host" => $connection->result("SELECT SUBSTRING_INDEX(CURRENT_USER, '@', -1)")); // create user on the same domain by default $row["pass"] = $old_pass; if ($old_pass != "") { $row["hashed"] = true; } $grants[DB != "" && !isset($_GET["host"]) ? idf_escape(addcslashes(DB, "%_")) . ".*" : ""] = array(); } ?> <form action="" method="post"> <table cellspacing="0"> <tr><th><?php echo lang('Server'); ?> <td><input name="host" maxlength="60" value="<?php echo h($row["host"]); ?> "> <tr><th><?php echo lang('Username'); ?> <td><input name="user" maxlength="16" value="<?php
if (count($databases) == 1 || $db != "") { // ignore empty lines but always try to create single database if (!create_database($db, $row["collation"])) { $success = false; } $last = $db; } } queries_adminer_redirect(ME . "db=" . urlencode($last), lang('Database has been created.'), $success); } } else { // alter database if (!$row["collation"]) { adminer_redirect(substr(ME, 0, -1)); } query_adminer_redirect("ALTER DATABASE " . idf_escape($name) . (preg_match('~^[a-z0-9_]+$~i', $row["collation"]) ? " COLLATE {$row['collation']}" : ""), substr(ME, 0, -1), lang('Database has been altered.')); } } page_header(DB != "" ? lang('Alter database') : lang('Create database'), $error, array(), h(DB)); $collations = collations(); $name = DB; if ($_POST) { $name = $row["name"]; } elseif (DB != "") { $row["collation"] = db_collation(DB, $collations); } elseif ($jush == "sql") { // propose database name with limited privileges foreach (get_vals("SHOW GRANTS") as $grant) { if (preg_match('~ ON (`(([^\\\\`]|``|\\\\.)*)%`\\.\\*)?~', $grant, $match) && $match[1]) { $name = stripcslashes(idf_unescape("`{$match['2']}`")); break;
$backward_keys = $adminer->backwardKeys($TABLE, $table_name); echo "<table id='table' cellspacing='0' class='nowrap checkable' onclick='tableClick(event);' onkeydown='return editingKeydown(event);'>\n"; echo "<thead><tr>" . (!$group && $select ? "" : "<td><input type='checkbox' id='all-page' onclick='formCheck(this, /check/);'> <a href='" . h($_GET["modify"] ? remove_from_uri("modify") : $_SERVER["REQUEST_URI"] . "&modify=1") . "'>" . lang('edit') . "</a>"); $names = array(); $functions = array(); reset($select); $rank = 1; foreach ($rows[0] as $key => $val) { if ($key != $oid) { $val = $_GET["columns"][key($select)]; $field = $fields[$select ? $val ? $val["col"] : current($select) : $key]; $name = $field ? $adminer->fieldName($field, $rank) : "*"; if ($name != "") { $rank++; $names[$key] = $name; $column = idf_escape($key); $href = remove_from_uri('(order|desc)[^=]*|page') . '&order%5B0%5D=' . urlencode($key); $desc = "&desc%5B0%5D=1"; echo '<th onmouseover="columnMouse(this);" onmouseout="columnMouse(this, \' hidden\');">'; echo '<a href="' . h($href . ($order[0] == $column || $order[0] == $key || !$order && $is_group && $group[0] == $column ? $desc : '')) . '">'; // $order[0] == $key - COUNT(*) echo (!$select || $val ? apply_sql_function($val["fun"], $name) : h(current($select))) . "</a>"; //! columns looking like functions echo "<span class='column hidden'>"; echo "<a href='" . h($href . $desc) . "' title='" . lang('descending') . "' class='text'> ↓</a>"; if (!$val["fun"]) { echo '<a href="#fieldset-search" onclick="selectSearch(\'' . h(js_escape($key)) . '\'); return false;" title="' . lang('Search') . '" class="text jsonly"> =</a>'; } echo "</span>"; } $functions[$key] = $val["fun"];
$row = $_POST; if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"]) { $alter = array(); foreach ($row["indexes"] as $index) { $name = $index["name"]; if (in_array($index["type"], $index_types)) { $columns = array(); $lengths = array(); $descs = array(); $set = array(); ksort($index["columns"]); foreach ($index["columns"] as $key => $column) { if ($column != "") { $length = $index["lengths"][$key]; $desc = $index["descs"][$key]; $set[] = idf_escape($column) . ($length ? "(" . +$length . ")" : "") . ($desc ? " DESC" : ""); $columns[] = $column; $lengths[] = $length ? $length : null; $descs[] = $desc; } } if ($columns) { $existing = $indexes[$name]; if ($existing) { ksort($existing["columns"]); ksort($existing["lengths"]); ksort($existing["descs"]); if ($index["type"] == $existing["type"] && array_values($existing["columns"]) === $columns && (!$existing["lengths"] || array_values($existing["lengths"]) === $lengths) && array_values($existing["descs"]) === $descs) { // skip existing index unset($indexes[$name]); continue;
/** Process edit input field * @param one field from fields() * @return string or false to leave the original value */ function process_input($field) { global $adminer; $idf = bracket_escape($field["field"]); $function = $_POST["function"][$idf]; $value = $_POST["fields"][$idf]; if ($field["type"] == "enum") { if ($value == -1) { return false; } if ($value == "") { return "NULL"; } return +$value; } if ($field["auto_increment"] && $value == "") { return null; } if ($function == "orig") { return $field["on_update"] == "CURRENT_TIMESTAMP" ? idf_escape($field["field"]) : false; } if ($function == "NULL") { return "NULL"; } if ($field["type"] == "set") { return array_sum((array) $value); } if ($function == "json") { $function = ""; $value = json_decode($value, true); if (!is_array($value)) { return false; //! report errors } return $value; } if (preg_match('~blob|bytea|raw|file~', $field["type"]) && ini_bool("file_uploads")) { $file = get_file("fields-{$idf}"); if (!is_string($file)) { return false; //! report errors } return q($file); } return $adminer->processInput($field, $value, $function); }
<?php $TABLE = $_GET["download"]; $fields = fields($TABLE); header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename=" . friendly_url("{$TABLE}-" . implode("_", $_GET["where"])) . "." . friendly_url($_GET["field"])); $select = array(idf_escape($_GET["field"])); $result = $driver->select($TABLE, $select, array(where($_GET, $fields)), $select); $row = $result ? $result->fetch_row() : array(); echo $row[0]; exit; // don't output footer
function login($login, $password) { $connection = connection(); return (bool) $connection->result("SELECT COUNT(*) FROM " . idf_escape($this->database) . ".login WHERE login = "******" AND password_sha1 = " . q(sha1($password))); }
<?php $row = $_POST; if ($_POST && !$error) { $link = preg_replace('~ns=[^&]*&~', '', ME) . "ns="; if ($_POST["drop"]) { query_adminer_redirect("DROP SCHEMA " . idf_escape($_GET["ns"]), $link, lang('Schema has been dropped.')); } else { $name = trim($row["name"]); $link .= urlencode($name); if ($_GET["ns"] == "") { query_adminer_redirect("CREATE SCHEMA " . idf_escape($name), $link, lang('Schema has been created.')); } elseif ($_GET["ns"] != $name) { query_adminer_redirect("ALTER SCHEMA " . idf_escape($_GET["ns"]) . " RENAME TO " . idf_escape($name), $link, lang('Schema has been altered.')); //! sp_rename in MS SQL } else { adminer_redirect($link); } } } page_header($_GET["ns"] != "" ? lang('Alter schema') : lang('Create schema'), $error); if (!$row) { $row["name"] = $_GET["ns"]; } ?> <form action="" method="post"> <p><input name="name" id="name" value="<?php echo h($row["name"]); ?> " autocapitalize="off">
<?php $TABLE = $_GET["trigger"]; $name = $_GET["name"]; $trigger_options = trigger_options(); $row = (array) trigger($name) + array("Trigger" => $TABLE . "_bi"); if ($_POST) { if (!$error && in_array($_POST["Timing"], $trigger_options["Timing"]) && in_array($_POST["Event"], $trigger_options["Event"]) && in_array($_POST["Type"], $trigger_options["Type"])) { // don't use drop_create() because there may not be more triggers for the same action $on = " ON " . table($TABLE); $drop = "DROP TRIGGER " . idf_escape($name) . ($jush == "pgsql" ? $on : ""); $location = ME . "table=" . urlencode($TABLE); if ($_POST["drop"]) { query_adminer_redirect($drop, $location, lang('Trigger has been dropped.')); } else { if ($name != "") { queries($drop); } queries_adminer_redirect($location, $name != "" ? lang('Trigger has been altered.') : lang('Trigger has been created.'), queries(create_trigger($on, $_POST))); if ($name != "") { queries(create_trigger($on, $row + array("Type" => reset($trigger_options["Type"])))); } } } $row = $_POST; } page_header($name != "" ? lang('Alter trigger') . ": " . h($name) : lang('Create trigger'), $error, array("table" => $TABLE)); ?> <form action="" method="post" id="form"> <table cellspacing="0">
} if (!$error && $_POST) { $call = array(); foreach ($routine["fields"] as $key => $field) { if (in_array($key, $in)) { $val = process_input($field); if ($val === false) { $val = "''"; } if (isset($out[$key])) { $connection->query("SET @" . idf_escape($field["field"]) . " = {$val}"); } } $call[] = isset($out[$key]) ? "@" . idf_escape($field["field"]) : $val; } $query = (isset($_GET["callf"]) ? "SELECT" : "CALL") . " " . idf_escape($PROCEDURE) . "(" . implode(", ", $call) . ")"; echo "<p><code class='jush-{$jush}'>" . h($query) . "</code> <a href='" . h(ME) . "sql=" . urlencode($query) . "'>" . lang('Edit') . "</a>\n"; if (!$connection->multi_query($query)) { echo "<p class='error'>" . error() . "\n"; } else { $connection2 = connect(); if (is_object($connection2)) { $connection2->select_db(DB); } do { $result = $connection->store_result(); if (is_object($result)) { select($result, $connection2); } else { echo "<p class='message success'>" . lang('Routine has been called, %d row(s) affected.', $connection->affected_rows) . "\n"; }
if (count($databases) == 1 || $db != "") { // ignore empty lines but always try to create single database if (!create_database($db, $_POST["collation"])) { $success = false; } $last = $db; } } queries_redirect(ME . "db=" . urlencode($last), lang('Database has been created.'), $success); } } else { // alter database if (!$_POST["collation"]) { redirect(substr(ME, 0, -1)); } query_redirect("ALTER DATABASE " . idf_escape($name) . (eregi('^[a-z0-9_]+$', $_POST["collation"]) ? " COLLATE {$_POST['collation']}" : ""), substr(ME, 0, -1), lang('Database has been altered.')); } } page_header(DB != "" ? lang('Alter database') : lang('Create database'), $error, array(), DB); $collations = collations(); $name = DB; $collate = null; if ($_POST) { $name = $_POST["name"]; $collate = $_POST["collation"]; } elseif (DB != "") { $collate = db_collation(DB, $collations); } elseif ($jush == "sql") { // propose database name with limited privileges foreach (get_vals("SHOW GRANTS") as $grant) { if (preg_match('~ ON (`(([^\\\\`]|``|\\\\.)*)%`\\.\\*)?~', $grant, $match) && $match[1]) {
} foreach ($adminer->rowDescriptions($rows, $foreign_keys) as $n => $row) { $unique_array = unique_array($rows[$n], $indexes); if (!$unique_array) { $unique_array = array(); foreach ($rows[$n] as $key => $val) { if (!preg_match('~^(COUNT\\((\\*|(DISTINCT )?`(?:[^`]|``)+`)\\)|(AVG|GROUP_CONCAT|MAX|MIN|SUM)\\(`(?:[^`]|``)+`\\))$~', $key)) { //! columns looking like functions $unique_array[$key] = $val; } } } $unique_idf = ""; foreach ($unique_array as $key => $val) { if (($jush == "sql" || $jush == "pgsql") && strlen($val) > 64) { $key = strpos($key, '(') ? $key : idf_escape($key); //! columns looking like functions $key = "MD5(" . ($jush == 'sql' && preg_match("~^utf8_~", $fields[$key]["collation"]) ? $key : "CONVERT({$key} USING " . charset($connection) . ")") . ")"; $val = md5($val); } $unique_idf .= "&" . ($val !== null ? urlencode("where[" . bracket_escape($key) . "]") . "=" . urlencode($val) : "null%5B%5D=" . urlencode($key)); } echo "<tr" . odd() . ">" . (!$group && $select ? "" : "<td>" . adminer_checkbox("check[]", substr($unique_idf, 1), in_array(substr($unique_idf, 1), (array) $_POST["check"]), "", "this.form['all'].checked = false; formUncheck('all-page');") . ($is_group || information_schema(DB) ? "" : " <a href='" . h(ME . "edit=" . urlencode($TABLE) . $unique_idf) . "'>" . lang('edit') . "</a>")); foreach ($row as $key => $val) { if (isset($names[$key])) { $field = $fields[$key]; if ($val != "" && (!isset($email_fields[$key]) || $email_fields[$key] != "")) { $email_fields[$key] = is_adminer_mail($val) ? $names[$key] : ""; //! filled e-mails can be contained on other pages } $link = "";
<?php $EVENT = $_GET["event"]; $intervals = array("YEAR", "QUARTER", "MONTH", "DAY", "HOUR", "MINUTE", "WEEK", "SECOND", "YEAR_MONTH", "DAY_HOUR", "DAY_MINUTE", "DAY_SECOND", "HOUR_MINUTE", "HOUR_SECOND", "MINUTE_SECOND"); $statuses = array("ENABLED" => "ENABLE", "DISABLED" => "DISABLE", "SLAVESIDE_DISABLED" => "DISABLE ON SLAVE"); $row = $_POST; if ($_POST && !$error) { if ($_POST["drop"]) { query_redirect("DROP EVENT " . idf_escape($EVENT), substr(ME, 0, -1), lang('Event has been dropped.')); } elseif (in_array($row["INTERVAL_FIELD"], $intervals) && isset($statuses[$row["STATUS"]])) { $schedule = "\nON SCHEDULE " . ($row["INTERVAL_VALUE"] ? "EVERY " . q($row["INTERVAL_VALUE"]) . " {$row['INTERVAL_FIELD']}" . ($row["STARTS"] ? " STARTS " . q($row["STARTS"]) : "") . ($row["ENDS"] ? " ENDS " . q($row["ENDS"]) : "") : "AT " . q($row["STARTS"])) . " ON COMPLETION" . ($row["ON_COMPLETION"] ? "" : " NOT") . " PRESERVE"; queries_redirect(substr(ME, 0, -1), $EVENT != "" ? lang('Event has been altered.') : lang('Event has been created.'), queries(($EVENT != "" ? "ALTER EVENT " . idf_escape($EVENT) . $schedule . ($EVENT != $row["EVENT_NAME"] ? "\nRENAME TO " . idf_escape($row["EVENT_NAME"]) : "") : "CREATE EVENT " . idf_escape($row["EVENT_NAME"]) . $schedule) . "\n" . $statuses[$row["STATUS"]] . " COMMENT " . q($row["EVENT_COMMENT"]) . rtrim(" DO\n{$row['EVENT_DEFINITION']}", ";") . ";")); } } page_header($EVENT != "" ? lang('Alter event') . ": " . h($EVENT) : lang('Create event'), $error); if (!$row && $EVENT != "") { $rows = get_rows("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = " . q(DB) . " AND EVENT_NAME = " . q($EVENT)); $row = reset($rows); } ?> <form action="" method="post"> <table cellspacing="0"> <tr><th><?php echo lang('Name'); ?> <td><input name="EVENT_NAME" value="<?php echo h($row["EVENT_NAME"]); ?> " maxlength="64" autocapitalize="off"> <tr><th title="datetime"><?php
$fields[] = array($field["orig"]); } if ($field["orig"] != "") { $orig_field = next($orig_fields); if (!$orig_field) { $after = ""; } } } $partitioning = ""; if ($partition_by[$row["partition_by"]]) { $partitions = array(); if ($row["partition_by"] == 'RANGE' || $row["partition_by"] == 'LIST') { foreach (array_filter($row["partition_names"]) as $key => $val) { $value = $row["partition_values"][$key]; $partitions[] = "\n PARTITION " . idf_escape($val) . " VALUES " . ($row["partition_by"] == 'RANGE' ? "LESS THAN" : "IN") . ($value != "" ? " ({$value})" : " MAXVALUE"); //! SQL injection } } $partitioning .= "\nPARTITION BY {$row['partition_by']}({$row['partition']})" . ($partitions ? " (" . implode(",", $partitions) . "\n)" : ($row["partitions"] ? " PARTITIONS " . +$row["partitions"] : "")); } elseif (support("partitioning") && preg_match("~partitioned~", $table_status["Create_options"])) { $partitioning .= "\nREMOVE PARTITIONING"; } $message = lang('Table has been altered.'); if ($TABLE == "") { cookie("adminer_engine", $row["Engine"]); $message = lang('Table has been created.'); } $name = trim($row["name"]); queries_adminer_redirect(ME . (support("table") ? "table=" : "select=") . urlencode($name), $message, alter_table($TABLE, $name, $jush == "sqlite" && ($use_all_fields || $foreign) ? $all_fields : $fields, $foreign, $row["Comment"] != $table_status["Comment"] ? $row["Comment"] : null, $row["Engine"] && $row["Engine"] != $table_status["Engine"] ? $row["Engine"] : "", $row["Collation"] && $row["Collation"] != $table_status["Collation"] ? $row["Collation"] : "", $row["Auto_increment"] != "" ? number($row["Auto_increment"]) : "", $partitioning)); }
function adminer_table($idf) { return idf_escape($idf); }
/** Generate SQL query for creating routine * @param string "PROCEDURE" or "FUNCTION" * @param array result of routine() * @return string */ function create_routine($routine, $row) { global $inout; $set = array(); $fields = (array) $row["fields"]; ksort($fields); // enforce fields order foreach ($fields as $field) { if ($field["field"] != "") { $set[] = (preg_match("~^({$inout})\$~", $field["inout"]) ? "{$field['inout']} " : "") . idf_escape($field["field"]) . process_type($field, "CHARACTER SET"); } } return "CREATE {$routine} " . idf_escape(trim($row["name"])) . " (" . implode(", ", $set) . ")" . (isset($_GET["function"]) ? " RETURNS" . process_type($row["returns"], "CHARACTER SET") : "") . ($row["language"] ? " LANGUAGE {$row['language']}" : "") . rtrim("\n{$row['definition']}", ";") . ";"; }
/** Export table data * @param string * @param string * @param string * @return null prints data */ function dumpData($table, $style, $query) { global $connection, $jush; $max_packet = $jush == "sqlite" ? 0 : 1048576; // default, minimum is 1024 if ($style) { if ($_POST["format"] == "sql") { if ($style == "TRUNCATE+INSERT") { echo truncate_sql($table) . ";\n"; } $fields = fields($table); } $result = $connection->query($query, 1); // 1 - MYSQLI_USE_RESULT //! enum and set as numbers if ($result) { $insert = ""; $buffer = ""; $keys = array(); $suffix = ""; $fetch_function = $table != '' ? 'fetch_assoc' : 'fetch_row'; while ($row = $result->{$fetch_function}()) { if (!$keys) { $values = array(); foreach ($row as $val) { $field = $result->fetch_field(); $keys[] = $field->name; $key = idf_escape($field->name); $values[] = "{$key} = VALUES({$key})"; } $suffix = ($style == "INSERT+UPDATE" ? "\nON DUPLICATE KEY UPDATE " . implode(", ", $values) : "") . ";\n"; } if ($_POST["format"] != "sql") { if ($style == "table") { dump_csv($keys); $style = "INSERT"; } dump_csv($row); } else { if (!$insert) { $insert = "INSERT INTO " . table($table) . " (" . implode(", ", array_map('idf_escape', $keys)) . ") VALUES"; } foreach ($row as $key => $val) { $field = $fields[$key]; $row[$key] = $val !== null ? unconvert_field($field, preg_match('~(^|[^o])int|float|double|decimal~', $field["type"]) && $val != '' ? $val : q($val)) : "NULL"; } $s = ($max_packet ? "\n" : " ") . "(" . implode(",\t", $row) . ")"; if (!$buffer) { $buffer = $insert . $s; } elseif (strlen($buffer) + 4 + strlen($s) + strlen($suffix) < $max_packet) { // 4 - length specification $buffer .= ",{$s}"; } else { echo $buffer . $suffix; $buffer = $insert . $s; } } } if ($buffer) { echo $buffer . $suffix; } } elseif ($_POST["format"] == "sql") { echo "-- " . str_replace("\n", " ", $connection->error) . "\n"; } } }
function select_db($database) { return $this->query("USE " . idf_escape($database)); }
/** Create SQL string from field * @param array basic field information * @param array information about field type * @return array array("field", "type", "NULL", "DEFAULT", "ON UPDATE", "COMMENT", "AUTO_INCREMENT") */ function process_field($field, $type_field) { return array(idf_escape($field["field"]), process_type($type_field), $field["null"] ? " NULL" : " NOT NULL", isset($field["default"]) ? " DEFAULT " . ($field["type"] == "timestamp" && eregi('^CURRENT_TIMESTAMP$', $field["default"]) || $field["type"] == "bit" && ereg("^([0-9]+|b'[0-1]+')\$", $field["default"]) ? $field["default"] : q($field["default"])) : "", $field["on_update"] ? " ON UPDATE {$field['on_update']}" : "", support("comment") && $field["comment"] != "" ? " COMMENT " . q($field["comment"]) : "", $field["auto_increment"] ? auto_increment() : null); }
<?php $TABLE = $_GET["trigger"]; $trigger_options = trigger_options(); $trigger_event = array("INSERT", "UPDATE", "DELETE"); $dropped = false; if ($_POST && !$error && in_array($_POST["Timing"], $trigger_options["Timing"]) && in_array($_POST["Event"], $trigger_event) && in_array($_POST["Type"], $trigger_options["Type"])) { $timing_event = " {$_POST['Timing']} {$_POST['Event']}"; $on = " ON " . table($TABLE); $dropped = drop_create("DROP TRIGGER " . idf_escape($_GET["name"]) . ($jush == "pgsql" ? $on : ""), "CREATE TRIGGER " . idf_escape($_POST["Trigger"]) . ($jush == "mssql" ? $on . $timing_event : $timing_event . $on) . rtrim(" {$_POST['Type']}\n{$_POST['Statement']}", ";") . ";", ME . "table=" . urlencode($TABLE), array(lang('Trigger has been dropped.'), 'success'), array(lang('Trigger has been altered.'), 'success'), array(lang('Trigger has been created.'), 'success'), $_GET["name"]); } page_header($_GET["name"] != "" ? lang('Alter trigger') . ": " . h($_GET["name"]) : lang('Create trigger'), $error, array("table" => $TABLE)); $row = $_POST; if (!$row) { $row = trigger($_GET["name"]) + array("Trigger" => $TABLE . "_bi"); } ?> <form action="" method="post" id="form"> <table cellspacing="0"> <tr><th><?php echo lang('Time'); ?> <td><?php echo html_select("Timing", $trigger_options["Timing"], $row["Timing"], "if (/^" . preg_quote($TABLE, "/") . "_[ba][iud]\$/.test(this.form['Trigger'].value)) this.form['Trigger'].value = '" . js_escape($TABLE) . "_' + selectValue(this).charAt(0).toLowerCase() + selectValue(this.form['Event']).charAt(0).toLowerCase();"); ?> <tr><th><?php echo lang('Event'); ?> <td><?php echo html_select("Event", $trigger_event, $row["Event"], "this.form['Timing'].onchange();");
$connection->query("DROP USER {$new_user}"); } } } page_header(isset($_GET["host"]) ? lang('Username') . ": " . h("{$USER}@{$_GET['host']}") : lang('Create user'), $error, array("privileges" => array('', lang('Privileges')))); if ($_POST) { $row = $_POST; $grants = $new_grants; } else { $row = $_GET + array("host" => $connection->result("SELECT SUBSTRING_INDEX(CURRENT_USER, '@', -1)")); // create user on the same domain by default $row["pass"] = $old_pass; if ($old_pass != "") { $row["hashed"] = true; } $grants[(DB == "" || $grants ? "" : idf_escape(addcslashes(DB, "%_\\"))) . ".*"] = array(); } ?> <form action="" method="post"> <table cellspacing="0"> <tr><th><?php echo lang('Server'); ?> <td><input name="host" maxlength="60" value="<?php echo h($row["host"]); ?> " autocapitalize="off"> <tr><th><?php echo lang('Username'); ?> <td><input name="user" maxlength="16" value="<?php
<?php $TYPE = $_GET["type"]; $row = $_POST; if ($_POST && !$error) { $link = substr(ME, 0, -1); if ($_POST["drop"]) { query_adminer_redirect("DROP TYPE " . idf_escape($TYPE), $link, lang('Type has been dropped.')); } else { query_adminer_redirect("CREATE TYPE " . idf_escape(trim($row["name"])) . " {$row['as']}", $link, lang('Type has been created.')); } } page_header($TYPE != "" ? lang('Alter type') . ": " . h($TYPE) : lang('Create type'), $error); if (!$row) { $row["as"] = "AS "; } ?> <form action="" method="post"> <p> <?php if ($TYPE != "") { echo "<input type='submit' name='drop' value='" . lang('Drop') . "'" . confirm() . ">\n"; } else { echo "<input name='name' value='" . h($row['name']) . "' autocapitalize='off'>\n"; textarea("as", $row["as"]); echo "<p><input type='submit' value='" . lang('Save') . "'>\n"; } ?> <input type="hidden" name="token" value="<?php echo $token;
function table($idf) { return idf_escape($idf); }
} if ($is_sql) { if ($style) { echo use_sql($db) . ";\n\n"; } $out = ""; if ($_POST["routines"]) { foreach (array("FUNCTION", "PROCEDURE") as $routine) { foreach (get_rows("SHOW {$routine} STATUS WHERE Db = " . q($db), null, "-- ") as $row) { $out .= ($style != 'DROP+CREATE' ? "DROP {$routine} IF EXISTS " . idf_escape($row["Name"]) . ";;\n" : "") . remove_definer($connection->result("SHOW CREATE {$routine} " . idf_escape($row["Name"]), 2)) . ";;\n\n"; } } } if ($_POST["events"]) { foreach (get_rows("SHOW EVENTS", null, "-- ") as $row) { $out .= ($style != 'DROP+CREATE' ? "DROP EVENT IF EXISTS " . idf_escape($row["Name"]) . ";;\n" : "") . remove_definer($connection->result("SHOW CREATE EVENT " . idf_escape($row["Name"]), 3)) . ";;\n\n"; } } if ($out) { echo "DELIMITER ;;\n\n{$out}" . "DELIMITER ;\n\n"; } } if ($_POST["table_style"] || $_POST["data_style"]) { $views = array(); foreach (table_status('', true) as $name => $table_status) { $table = DB == "" || in_array($name, (array) $_POST["tables"]); $data = DB == "" || in_array($name, (array) $_POST["data"]); if ($table || $data) { if ($ext == "tar") { $tmp_file = new TmpFile(); ob_start(array($tmp_file, 'write'), 100000.0);
<?php $SEQUENCE = $_GET["sequence"]; $row = $_POST; if ($_POST && !$error) { $link = substr(ME, 0, -1); $name = trim($row["name"]); if ($_POST["drop"]) { query_redirect("DROP SEQUENCE " . idf_escape($SEQUENCE), $link, lang('Sequence has been dropped.')); } elseif ($SEQUENCE == "") { query_redirect("CREATE SEQUENCE " . idf_escape($name), $link, lang('Sequence has been created.')); } elseif ($SEQUENCE != $name) { query_redirect("ALTER SEQUENCE " . idf_escape($SEQUENCE) . " RENAME TO " . idf_escape($name), $link, lang('Sequence has been altered.')); } else { redirect($link); } } page_header($SEQUENCE != "" ? lang('Alter sequence') . ": " . h($SEQUENCE) : lang('Create sequence'), $error); if (!$row) { $row["name"] = $SEQUENCE; } ?> <form action="" method="post"> <p><input name="name" value="<?php echo h($row["name"]); ?> " autocapitalize="off"> <input type="submit" value="<?php echo lang('Save'); ?>
// @todo are params OK? $row = null; if ($_POST["save"]) { $row = (array) $_POST["fields"]; } elseif ($where) { $select = array(); foreach ($fields as $name => $field) { if (isset($field["privileges"]["select"])) { $as = convert_field($field); if ($_POST["clone"] && $field["auto_increment"]) { $as = "''"; } if ($jush == "sql" && ereg("enum|set", $field["type"])) { $as = "1*" . idf_escape($name); } $select[] = ($as ? "{$as} AS " : "") . idf_escape($name); } } $row = array(); if ($select) { $rows = get_rows("SELECT" . limit(implode(", ", $select) . " FROM " . table($TABLE), " WHERE {$where}", isset($_GET["select"]) ? 2 : 1)); $row = isset($_GET["select"]) && count($rows) != 1 ? null : reset($rows); } } if ($row === false) { echo "<p class='error'>" . lang('No rows.') . "\n"; } ?> <form action="" method="post" enctype="multipart/form-data" id="form"> <?php
<?php $TABLE = $_GET["foreign"]; if ($_POST && !$error && !$_POST["add"] && !$_POST["change"] && !$_POST["change-js"]) { if ($_POST["drop"]) { query_redirect("ALTER TABLE " . table($TABLE) . "\nDROP " . ($jush == "sql" ? "FOREIGN KEY " : "CONSTRAINT ") . idf_escape($_GET["name"]), ME . "table=" . urlencode($TABLE), lang('Foreign key has been dropped.')); } else { $source = array_filter($_POST["source"], 'strlen'); ksort($source); // enforce input order $target = array(); foreach ($source as $key => $val) { $target[$key] = $_POST["target"][$key]; } query_redirect("ALTER TABLE " . table($TABLE) . ($_GET["name"] != "" ? "\nDROP " . ($jush == "sql" ? "FOREIGN KEY " : "CONSTRAINT ") . idf_escape($_GET["name"]) . "," : "") . "\nADD FOREIGN KEY (" . implode(", ", array_map('idf_escape', $source)) . ") REFERENCES " . table($_POST["table"]) . " (" . implode(", ", array_map('idf_escape', $target)) . ")" . (ereg("^({$on_actions})\$", $_POST["on_delete"]) ? " ON DELETE {$_POST['on_delete']}" : "") . (ereg("^({$on_actions})\$", $_POST["on_update"]) ? " ON UPDATE {$_POST['on_update']}" : ""), ME . "table=" . urlencode($TABLE), $_GET["name"] != "" ? lang('Foreign key has been altered.') : lang('Foreign key has been created.')); $error = lang('Source and target columns must have the same data type, there must be an index on the target columns and referenced data must exist.') . "<br>{$error}"; //! no partitioning } } page_header(lang('Foreign key'), $error, array("table" => $TABLE), $TABLE); $row = array("table" => $TABLE, "source" => array("")); if ($_POST) { $row = $_POST; ksort($row["source"]); if ($_POST["add"]) { $row["source"][] = ""; } elseif ($_POST["change"] || $_POST["change-js"]) { $row["target"] = array(); } } elseif ($_GET["name"] != "") { $foreign_keys = foreign_keys($TABLE);