$reload = $reload_ret; } if ($query_type == 'drop_tbl') { if (!empty($sql_query)) { $sql_query .= ';'; } elseif (!empty($sql_query_views)) { $sql_query = $sql_query_views . ';'; unset($sql_query_views); } } if ($use_sql) { /** * Parse and analyze the query */ include_once 'libraries/parse_analyze.inc.php'; PMA_executeQueryAndSendQueryResponse($analyzed_sql_results, false, $db, $table, null, null, null, null, null, null, $goto, $pmaThemeImage, null, null, $query_type, $sql_query, $selected, null); } elseif (!$run_parts) { $GLOBALS['dbi']->selectDb($db); $result = $GLOBALS['dbi']->tryQuery($sql_query); if ($result && !empty($sql_query_views)) { $sql_query .= ' ' . $sql_query_views . ';'; $result = $GLOBALS['dbi']->tryQuery($sql_query_views); unset($sql_query_views); } if (!$result) { $message = PMA_Message::error($GLOBALS['dbi']->getError()); } } if ($query_type == 'drop_tbl' || $query_type == 'empty_tbl' || $query_type == 'row_delete') { PMA_Util::handleDisableFKCheckCleanup($default_fk_check_value); }
/** * Do selection action * * @return void */ public function doSelectionAction() { /** * Selection criteria have been submitted -> do the work */ $sql_query = $this->_buildSqlQuery(); /** * Add this to ensure following procedures included running correctly. */ $db = $this->db; PMA_executeQueryAndSendQueryResponse(null, false, $this->db, $this->table, null, null, null, null, null, null, $GLOBALS['goto'], $GLOBALS['pmaThemeImage'], null, null, null, $sql_query, null, null); }
* but since a malicious user may pass this variable by url/form, we don't take * into account this case. */ if (PMA_hasNoRightsToDropDatabase($analyzed_sql_results, $cfg['AllowUserDropDatabase'], $is_superuser)) { PMA_Util::mysqlDie(__('"DROP DATABASE" statements are disabled.'), '', '', $err_url); } // end if /** * Need to find the real end of rows? */ if (isset($find_real_end) && $find_real_end) { $unlim_num_rows = PMA_findRealEndOfRows($db, $table); } /** * Bookmark add */ if (isset($_POST['store_bkm'])) { PMA_addBookmark($cfg['PmaAbsoluteUri'], $goto); // script has exited at this point } // end if /** * Sets or modifies the $goto variable if required */ if ($goto == 'sql.php') { $is_gotofile = false; $goto = 'sql.php' . PMA_URL_getCommon(array('db' => $db, 'table' => $table, 'sql_query' => $sql_query)); } // end if PMA_executeQueryAndSendQueryResponse($analyzed_sql_results, $is_gotofile, $db, $table, isset($find_real_end) ? $find_real_end : null, isset($import_text) ? $import_text : null, isset($extra_data) ? $extra_data : null, $is_affected, isset($message_to_show) ? $message_to_show : null, isset($disp_mode) ? $disp_mode : null, isset($message) ? $message : null, isset($sql_data) ? $sql_data : null, $goto, $pmaThemeImage, isset($disp_query) ? $display_query : null, isset($disp_message) ? $disp_message : null, isset($query_type) ? $query_type : null, $sql_query, isset($selected) ? $selected : null, isset($complete_query) ? $complete_query : null);
} //Else, it's an "update query" } $savedSearchList = $savedSearch->getList(); $currentSearchId = $savedSearch->getId(); } /** * A query has been submitted -> (maybe) execute it */ $message_to_display = false; if (isset($_REQUEST['submit_sql']) && !empty($sql_query)) { if (!preg_match('@^SELECT@i', $sql_query)) { $message_to_display = true; } else { $goto = 'db_sql.php'; PMA_executeQueryAndSendQueryResponse(null, false, $_REQUEST['db'], null, false, null, null, null, null, null, $goto, $pmaThemeImage, null, null, null, $sql_query, null, null); } } $sub_part = '_qbe'; require 'libraries/db_common.inc.php'; $url_query .= '&goto=db_qbe.php'; $url_params['goto'] = 'db_qbe.php'; list($tables, $num_tables, $total_num_tables, $sub_part, $is_show_stats, $db_is_system_schema, $tooltip_truename, $tooltip_aliasname, $pos) = PMA\libraries\Util::getDbInfo($db, isset($sub_part) ? $sub_part : ''); if ($message_to_display) { PMA\libraries\Message::error(__('You have to choose at least one column to display!'))->display(); } unset($message_to_display); // create new qbe search instance $db_qbe = new PMA\libraries\DbQbe($GLOBALS['db'], $savedSearchList, $savedSearch); $url = 'db_designer.php' . URL::getCommon(array_merge($url_params, array('query' => 1))); $response->addHTML(PMA\libraries\Message::notice(sprintf(__('Switch to %svisual builder%s'), '<a href="' . $url . '">', '</a>')));
include_once 'libraries/parse_analyze.inc.php'; } // There was an error? if (isset($my_die)) { foreach ($my_die as $key => $die) { PMA_Util::mysqlDie($die['error'], $die['sql'], false, $err_url, $error); } } if ($go_sql) { // parse sql query include_once 'libraries/parse_analyze.inc.php'; if (isset($ajax_reload) && $ajax_reload['reload'] === true) { $response = PMA_Response::getInstance(); $response->addJSON('ajax_reload', $ajax_reload); } PMA_executeQueryAndSendQueryResponse($analyzed_sql_results, false, $db, $table, null, $import_text, null, $analyzed_sql_results['is_affected'], null, null, null, null, $goto, $pmaThemeImage, null, null, null, $sql_query, null, null); } else { if ($result) { // Save a Bookmark with more than one queries (if Bookmark label given). if (!empty($_POST['bkm_label']) && !empty($import_text)) { PMA_storeTheQueryAsBookmark($db, $GLOBALS['cfg']['Bookmark']['user'], $import_text, $_POST['bkm_label'], isset($_POST['bkm_replace']) ? $_POST['bkm_replace'] : null); } $response = PMA_Response::getInstance(); $response->isSuccess(true); $response->addJSON('message', PMA_Message::success($msg)); $response->addJSON('sql_query', PMA_Util::getMessage($msg, $sql_query, 'success')); } else { if ($result == false) { $response = PMA_Response::getInstance(); $response->isSuccess(false); $response->addJSON('message', PMA_Message::error($msg));
/** * Function to display table browse for selected columns * * @param string $db current database * @param string $table current table * @param string $goto goto page url * @param string $pmaThemeImage URI of the pma theme image * * @return void */ function PMA_displayTableBrowseForSelectedColumns($db, $table, $goto, $pmaThemeImage) { $GLOBALS['active_page'] = 'sql.php'; $sql_query = ''; foreach ($_REQUEST['selected_fld'] as $sval) { if ($sql_query == '') { $sql_query .= 'SELECT ' . PMA_Util::backquote($sval); } else { $sql_query .= ', ' . PMA_Util::backquote($sval); } } $sql_query .= ' FROM ' . PMA_Util::backquote($db) . '.' . PMA_Util::backquote($table); // Parse and analyze the query include_once 'libraries/parse_analyze.inc.php'; include_once 'libraries/sql.lib.php'; PMA_executeQueryAndSendQueryResponse($analyzed_sql_results, false, $db, $table, null, null, null, false, null, null, null, null, $goto, $pmaThemeImage, null, null, null, $sql_query, null, null); }
/** * Do selection action * * @return void */ public function doSelectionAction() { /** * Selection criteria have been submitted -> do the work */ $sql_query = $this->_buildSqlQuery(); /** * Add this to ensure following procedures included running correctly. */ $db = $this->db; $table = $this->table; /** * Parse and analyze the query */ include_once 'libraries/parse_analyze.lib.php'; list($analyzed_sql_results, , ) = PMA_parseAnalyze($sql_query, $db); // @todo: possibly refactor extract($analyzed_sql_results); PMA_executeQueryAndSendQueryResponse($analyzed_sql_results, false, $this->db, $this->table, null, null, null, null, null, null, $GLOBALS['goto'], $GLOBALS['pmaThemeImage'], null, null, null, $sql_query, null, null); }
/** * No selection criteria received -> display the selection form */ if (!isset($_POST['columnsToDisplay']) && !isset($_POST['displayAllColumns'])) { // Gets some core libraries include_once 'libraries/tbl_common.inc.php'; //$err_url = 'tbl_select.php' . $err_url; $url_query .= '&goto=tbl_select.php&back=tbl_select.php'; /** * Gets table's information */ include_once 'libraries/tbl_info.inc.php'; if (!isset($goto)) { $goto = $GLOBALS['cfg']['DefaultTabTable']; } // Defines the url to return to in case of error in the next sql statement $err_url = $goto . PMA_URL_getCommon(array('db' => $db, 'table' => $table)); // Displays the table search form $response->addHTML($table_search->getSecondaryTabs()); $response->addHTML($table_search->getSelectionForm($goto)); } else { /** * Selection criteria have been submitted -> do the work */ $sql_query = $table_search->buildSqlQuery(); /** * Parse and analyze the query */ include_once 'libraries/parse_analyze.inc.php'; PMA_executeQueryAndSendQueryResponse($analyzed_sql_results, false, $db, $table, null, null, null, false, null, null, null, $GLOBALS['goto'], $pmaThemeImage, null, null, null, $sql_query, null, null); }
default: $action = 'tbl_row_action.php'; $err_url = 'tbl_row_action.php' . PMA_URL_getCommon($GLOBALS['url_params']); if (!isset($_REQUEST['mult_btn'])) { $original_sql_query = $sql_query; if (!empty($url_query)) { $original_url_query = $url_query; } } include 'libraries/mult_submits.inc.php'; $_url_params = $GLOBALS['url_params']; $_url_params['goto'] = 'tbl_sql.php'; $url_query = PMA_URL_getCommon($_url_params); /** * Show result of multi submit operation */ // sql_query is not set when user does not confirm multi-delete if ((!empty($submit_mult) || isset($_REQUEST['mult_btn'])) && !empty($sql_query)) { $disp_message = __('Your SQL query has been executed successfully.'); $disp_query = $sql_query; } if (isset($original_sql_query)) { $sql_query = $original_sql_query; } if (isset($original_url_query)) { $url_query = $original_url_query; } $active_page = 'sql.php'; PMA_executeQueryAndSendQueryResponse(null, false, $db, $table, null, null, null, null, null, null, $goto, $pmaThemeImage, null, null, null, $sql_query, null, null); } }
$sql_query = $original_sql_query; } if (isset($original_url_query)) { $url_query = $original_url_query; } $active_page = 'sql.php'; PMA_executeQueryAndSendQueryResponse( null, // analyzed_sql_results false, // is_gotofile $db, // db $table, // table null, // find_real_end null, // sql_query_for_bookmark null, // extra_data null, // message_to_show null, // message null, // sql_data $goto, // goto $pmaThemeImage, // pmaThemeImage null, // disp_query null, // disp_message null, // query_type $sql_query, // sql_query null, // selectedTables null // complete_query ); } }