/** * Return the where clause for query generation based on the inputs provided. * * @param mixed $fields Search criteria input * @param string $names Name of the column on which search is submitted * @param string $types Type of the field * @param string $collations Field collation * @param string $func_type Search fucntion/operator * @param bool $unaryFlag Whether operator unary or not * @param bool $geom_func Whether geometry functions should be applied * * @return string HTML content for viewing foreing data and elements * for search criteria input. */ function PMA_tbl_search_getWhereClause($fields, $names, $types, $collations, $func_type, $unaryFlag, $geom_func = null) { /** * @todo move this to a more apropriate place */ $geom_unary_functions = array('IsEmpty' => 1, 'IsSimple' => 1, 'IsRing' => 1, 'IsClosed' => 1); $w = ''; // If geometry function is set apply it to the field name if ($geom_func != null && trim($geom_func) != '') { // Get details about the geometry fucntions $geom_funcs = PMA_getGISFunctions($types, true, false); // If the function takes a single parameter if ($geom_funcs[$geom_func]['params'] == 1) { $backquoted_name = $geom_func . '(' . PMA_backquote($names) . ')'; } else { // If the function takes two parameters // create gis data from the string $gis_data = PMA_createGISData($fields); $w = $geom_func . '(' . PMA_backquote($names) . ',' . $gis_data . ')'; return $w; } // New output type is the output type of the function being applied $types = $geom_funcs[$geom_func]['type']; // If the where clause is something like 'IsEmpty(`spatial_col_name`)' if (isset($geom_unary_functions[$geom_func]) && trim($fields) == '') { $w = $backquoted_name; return $w; } } else { $backquoted_name = PMA_backquote($names); } if ($unaryFlag) { $fields = ''; $w = $backquoted_name . ' ' . $func_type; } elseif (in_array($types, PMA_getGISDatatypes()) && !empty($fields)) { // create gis data from the string $gis_data = PMA_createGISData($fields); $w = $backquoted_name . ' ' . $func_type . ' ' . $gis_data; } elseif (strncasecmp($types, 'enum', 4) == 0) { if (!empty($fields)) { if (!is_array($fields)) { $fields = explode(',', $fields); } $enum_selected_count = count($fields); if ($func_type == '=' && $enum_selected_count > 1) { $func_type = 'IN'; $parens_open = '('; $parens_close = ')'; } elseif ($func_type == '!=' && $enum_selected_count > 1) { $func_type = 'NOT IN'; $parens_open = '('; $parens_close = ')'; } else { $parens_open = ''; $parens_close = ''; } $enum_where = '\'' . PMA_sqlAddslashes($fields[0]) . '\''; for ($e = 1; $e < $enum_selected_count; $e++) { $enum_where .= ', \'' . PMA_sqlAddslashes($fields[$e]) . '\''; } $w = $backquoted_name . ' ' . $func_type . ' ' . $parens_open . $enum_where . $parens_close; } } elseif ($fields != '') { // For these types we quote the value. Even if it's another type (like INT), // for a LIKE we always quote the value. MySQL converts strings to numbers // and numbers to strings as necessary during the comparison if (preg_match('@char|binary|blob|text|set|date|time|year@i', $types) || strpos(' ' . $func_type, 'LIKE')) { $quot = '\''; } else { $quot = ''; } // LIKE %...% if ($func_type == 'LIKE %...%') { $func_type = 'LIKE'; $fields = '%' . $fields . '%'; } if ($func_type == 'REGEXP ^...$') { $func_type = 'REGEXP'; $fields = '^' . $fields . '$'; } if ($func_type == 'IN (...)' || $func_type == 'NOT IN (...)' || $func_type == 'BETWEEN' || $func_type == 'NOT BETWEEN') { $func_type = str_replace(' (...)', '', $func_type); // quote values one by one $values = explode(',', $fields); foreach ($values as &$value) { $value = $quot . PMA_sqlAddslashes(trim($value)) . $quot; } if ($func_type == 'BETWEEN' || $func_type == 'NOT BETWEEN') { $w = $backquoted_name . ' ' . $func_type . ' ' . (isset($values[0]) ? $values[0] : '') . ' AND ' . (isset($values[1]) ? $values[1] : ''); } else { $w = $backquoted_name . ' ' . $func_type . ' (' . implode(',', $values) . ')'; } } else { $w = $backquoted_name . ' ' . $func_type . ' ' . $quot . PMA_sqlAddslashes($fields) . $quot; } } // end if return $w; }
<tbody> <?php $odd_row = true; for ($i = 0; $i < $fields_cnt; $i++) { ?> <tr class="noclick <?php echo $odd_row ? 'odd' : 'even'; $odd_row = ! $odd_row; ?>"> <?php // if 'Function' column is present if ($geom_column_present) { echo('<td>'); // if a geometry column if (in_array($fields_type[$i], $geom_types)) { echo('<select class="geom_func" name="geom_func['. $i .']">'); // get the relevant list of functions $funcs = PMA_getGISFunctions($fields_type[$i], true, true); foreach ($funcs as $func_name => $func) { $name = isset($func['display']) ? $func['display'] : $func_name; echo('<option value="' . htmlspecialchars($name) . '">' . htmlspecialchars($name) . '</option>'); } echo('</select>'); } else { echo(' '); } echo('</td>'); } ?> <th><?php echo htmlspecialchars($fields_list[$i]); ?></th> <td><?php echo htmlspecialchars($fields_type[$i]); ?></td> <td><?php echo $fields_collation[$i]; ?></td>