/** * Saves user preferences * * @param array $config_array configuration array * * @return true|PMA\libraries\Message */ function PMA_saveUserprefs(array $config_array) { $cfgRelation = PMA_getRelationsParam(); $server = isset($GLOBALS['server']) ? $GLOBALS['server'] : $GLOBALS['cfg']['ServerDefault']; $cache_key = 'server_' . $server; if (!$cfgRelation['userconfigwork']) { // no pmadb table, use session storage $_SESSION['userconfig'] = array('db' => $config_array, 'ts' => time()); if (isset($_SESSION['cache'][$cache_key]['userprefs'])) { unset($_SESSION['cache'][$cache_key]['userprefs']); } return true; } // save configuration to pmadb $query_table = PMA\libraries\Util::backquote($cfgRelation['db']) . '.' . PMA\libraries\Util::backquote($cfgRelation['userconfig']); $query = 'SELECT `username` FROM ' . $query_table . ' WHERE `username` = \'' . $GLOBALS['dbi']->escapeString($cfgRelation['user']) . '\''; $has_config = $GLOBALS['dbi']->fetchValue($query, 0, 0, $GLOBALS['controllink']); $config_data = json_encode($config_array); if ($has_config) { $query = 'UPDATE ' . $query_table . ' SET `timevalue` = NOW(), `config_data` = \'' . $GLOBALS['dbi']->escapeString($config_data) . '\'' . ' WHERE `username` = \'' . $GLOBALS['dbi']->escapeString($cfgRelation['user']) . '\''; } else { $query = 'INSERT INTO ' . $query_table . ' (`username`, `timevalue`,`config_data`) ' . 'VALUES (\'' . $GLOBALS['dbi']->escapeString($cfgRelation['user']) . '\', NOW(), ' . '\'' . $GLOBALS['dbi']->escapeString($config_data) . '\')'; } if (isset($_SESSION['cache'][$cache_key]['userprefs'])) { unset($_SESSION['cache'][$cache_key]['userprefs']); } if (!$GLOBALS['dbi']->tryQuery($query, $GLOBALS['controllink'])) { $message = Message::error(__('Could not save configuration')); $message->addMessage('<br /><br />'); $message->addMessage(Message::rawError($GLOBALS['dbi']->getError($GLOBALS['controllink']))); return $message; } return true; }
/** * Send TRI or EVN editor via ajax or by echoing. * * @param string $type TRI or EVN * @param string $mode Editor mode 'add' or 'edit' * @param array $item Data necessary to create the editor * @param string $title Title of the editor * @param string $db Database * @param string $operation Operation 'change' or '' * * @return void */ function PMA_RTE_sendEditor($type, $mode, $item, $title, $db, $operation = null) { if ($item !== false) { // Show form if ($type == 'TRI') { $editor = PMA_TRI_getEditorForm($mode, $item); } else { // EVN $editor = PMA_EVN_getEditorForm($mode, $operation, $item); } if ($GLOBALS['is_ajax_request']) { $response = PMA\libraries\Response::getInstance(); $response->addJSON('message', $editor); $response->addJSON('title', $title); } else { echo "\n\n<h2>{$title}</h2>\n\n{$editor}"; unset($_POST); } exit; } else { $message = __('Error in processing request:') . ' '; $message .= sprintf(PMA_RTE_getWord('not_found'), htmlspecialchars(PMA\libraries\Util::backquote($_REQUEST['item_name'])), htmlspecialchars(PMA\libraries\Util::backquote($db))); $message = Message::error($message); if ($GLOBALS['is_ajax_request']) { $response = PMA\libraries\Response::getInstance(); $response->setRequestStatus(false); $response->addJSON('message', $message); exit; } else { $message->display(); } } }
/** * This function is called from one of the other functions in this file * and it completes the handling of the export functionality. * * @param string $export_data The SQL query to create the requested item * * @return void */ function PMA_RTE_handleExport($export_data) { global $db; $item_name = htmlspecialchars(PMA\libraries\Util::backquote($_GET['item_name'])); if ($export_data !== false) { $export_data = htmlspecialchars(trim($export_data)); $title = sprintf(PMA_RTE_getWord('export'), $item_name); if ($GLOBALS['is_ajax_request'] == true) { $response = PMA\libraries\Response::getInstance(); $response->addJSON('message', $export_data); $response->addJSON('title', $title); exit; } else { $export_data = '<textarea cols="40" rows="15" style="width: 100%;">' . $export_data . '</textarea>'; echo "<fieldset>\n" . "<legend>{$title}</legend>\n" . $export_data . "</fieldset>\n"; } } else { $_db = htmlspecialchars(PMA\libraries\Util::backquote($db)); $message = __('Error in processing request:') . ' ' . sprintf(PMA_RTE_getWord('not_found'), $item_name, $_db); $response = Message::error($message); if ($GLOBALS['is_ajax_request'] == true) { $response = PMA\libraries\Response::getInstance(); $response->setRequestStatus(false); $response->addJSON('message', $message); exit; } else { $response->display(); } } }
/** * Format a string so it can be a string inside JavaScript code inside an * eventhandler (onclick, onchange, on..., ). * This function is used to displays a javascript confirmation box for * "DROP/DELETE/ALTER" queries. * * @param string $a_string the string to format * @param boolean $add_backquotes whether to add backquotes to the string or not * * @return string the formatted string * * @access public */ function PMA_jsFormat($a_string = '', $add_backquotes = true) { $a_string = htmlspecialchars($a_string); $a_string = PMA_escapeJsString($a_string); // Needed for inline javascript to prevent some browsers // treating it as a anchor $a_string = str_replace('#', '\\#', $a_string); return $add_backquotes ? PMA\libraries\Util::backquote($a_string) : $a_string; }
/** * Function to get the default sql query for browsing page * * @param String $db the current database * @param String $table the current table * * @return String $sql_query the default $sql_query for browse page */ function PMA_getDefaultSqlQueryForBrowse($db, $table) { include_once 'libraries/bookmark.lib.php'; $book_sql_query = PMA_Bookmark_get($db, '\'' . PMA\libraries\Util::sqlAddSlashes($table) . '\'', 'label', false, true); if (!empty($book_sql_query)) { $GLOBALS['using_bookmark_message'] = Message::notice(__('Using bookmark "%s" as default browse query.')); $GLOBALS['using_bookmark_message']->addParam($table); $GLOBALS['using_bookmark_message']->addMessage(PMA\libraries\Util::showDocu('faq', 'faq6-22')); $sql_query = $book_sql_query; } else { $defaultOrderByClause = ''; if (isset($GLOBALS['cfg']['TablePrimaryKeyOrder']) && $GLOBALS['cfg']['TablePrimaryKeyOrder'] !== 'NONE') { $primaryKey = null; $primary = PMA\libraries\Index::getPrimary($table, $db); if ($primary !== false) { $primarycols = $primary->getColumns(); foreach ($primarycols as $col) { $primaryKey = $col->getName(); break; } if ($primaryKey != null) { $defaultOrderByClause = ' ORDER BY ' . PMA\libraries\Util::backquote($table) . '.' . PMA\libraries\Util::backquote($primaryKey) . ' ' . $GLOBALS['cfg']['TablePrimaryKeyOrder']; } } } $sql_query = 'SELECT * FROM ' . PMA\libraries\Util::backquote($table) . $defaultOrderByClause; } unset($book_sql_query); return $sql_query; }
} } else { $sql_query = 'ALTER'; } if (PMA_isValid($_REQUEST['view']['algorithm'], $view_algorithm_options)) { $sql_query .= $sep . ' ALGORITHM = ' . $_REQUEST['view']['algorithm']; } if (!empty($_REQUEST['view']['definer'])) { $sql_query .= $sep . ' DEFINER = ' . $_REQUEST['view']['definer']; } if (isset($_REQUEST['view']['sql_security'])) { if (in_array($_REQUEST['view']['sql_security'], $view_security_options)) { $sql_query .= $sep . ' SQL SECURITY ' . $_REQUEST['view']['sql_security']; } } $sql_query .= $sep . ' VIEW ' . PMA\libraries\Util::backquote($_REQUEST['view']['name']); if (!empty($_REQUEST['view']['column_names'])) { $sql_query .= $sep . ' (' . $_REQUEST['view']['column_names'] . ')'; } $sql_query .= $sep . ' AS ' . $_REQUEST['view']['as']; if (isset($_REQUEST['view']['with'])) { if (in_array($_REQUEST['view']['with'], $view_with_options)) { $sql_query .= $sep . ' WITH ' . $_REQUEST['view']['with'] . ' CHECK OPTION'; } } if (!$GLOBALS['dbi']->tryQuery($sql_query)) { if (!isset($_REQUEST['ajax_dialog'])) { $message = PMA\libraries\Message::rawError($GLOBALS['dbi']->getError()); return; } $response = PMA\libraries\Response::getInstance();
/** * Function to execute the column creation statement * * @param string $db current database * @param string $table current table * @param string $err_url error page url * * @return array */ function PMA_tryColumnCreationQuery($db, $table, $err_url) { // get column addition statements $sql_statement = PMA_getColumnCreationStatements(false); // To allow replication, we first select the db to use and then run queries // on this db. if (!$GLOBALS['dbi']->selectDb($db)) { PMA\libraries\Util::mysqlDie($GLOBALS['dbi']->getError(), 'USE ' . PMA\libraries\Util::backquote($db), false, $err_url); } $sql_query = 'ALTER TABLE ' . PMA\libraries\Util::backquote($table) . ' ' . $sql_statement . ';'; // If there is a request for SQL previewing. if (isset($_REQUEST['preview_sql'])) { PMA_previewSQL($sql_query); } return array($GLOBALS['dbi']->tryQuery($sql_query), $sql_query); }
/** * Composes the query necessary to create an event from an HTTP request. * * @return string The CREATE EVENT query. */ function PMA_EVN_getQueryFromRequest() { global $_REQUEST, $errors, $event_status, $event_type, $event_interval; $query = 'CREATE '; if (!empty($_REQUEST['item_definer'])) { if (mb_strpos($_REQUEST['item_definer'], '@') !== false) { $arr = explode('@', $_REQUEST['item_definer']); $query .= 'DEFINER=' . PMA\libraries\Util::backquote($arr[0]); $query .= '@' . PMA\libraries\Util::backquote($arr[1]) . ' '; } else { $errors[] = __('The definer must be in the "username@hostname" format!'); } } $query .= 'EVENT '; if (!empty($_REQUEST['item_name'])) { $query .= PMA\libraries\Util::backquote($_REQUEST['item_name']) . ' '; } else { $errors[] = __('You must provide an event name!'); } $query .= 'ON SCHEDULE '; if (!empty($_REQUEST['item_type']) && in_array($_REQUEST['item_type'], $event_type)) { if ($_REQUEST['item_type'] == 'RECURRING') { if (!empty($_REQUEST['item_interval_value']) && !empty($_REQUEST['item_interval_field']) && in_array($_REQUEST['item_interval_field'], $event_interval)) { $query .= 'EVERY ' . intval($_REQUEST['item_interval_value']) . ' '; $query .= $_REQUEST['item_interval_field'] . ' '; } else { $errors[] = __('You must provide a valid interval value for the event.'); } if (!empty($_REQUEST['item_starts'])) { $query .= "STARTS '" . PMA\libraries\Util::sqlAddSlashes($_REQUEST['item_starts']) . "' "; } if (!empty($_REQUEST['item_ends'])) { $query .= "ENDS '" . PMA\libraries\Util::sqlAddSlashes($_REQUEST['item_ends']) . "' "; } } else { if (!empty($_REQUEST['item_execute_at'])) { $query .= "AT '" . PMA\libraries\Util::sqlAddSlashes($_REQUEST['item_execute_at']) . "' "; } else { $errors[] = __('You must provide a valid execution time for the event.'); } } } else { $errors[] = __('You must provide a valid type for the event.'); } $query .= 'ON COMPLETION '; if (empty($_REQUEST['item_preserve'])) { $query .= 'NOT '; } $query .= 'PRESERVE '; if (!empty($_REQUEST['item_status'])) { foreach ($event_status['display'] as $key => $value) { if ($value == $_REQUEST['item_status']) { $query .= $event_status['query'][$key] . ' '; break; } } } if (!empty($_REQUEST['item_comment'])) { $query .= "COMMENT '" . PMA\libraries\Util::sqlAddslashes($_REQUEST['item_comment']) . "' "; } $query .= 'DO '; if (!empty($_REQUEST['item_definition'])) { $query .= $_REQUEST['item_definition']; } else { $errors[] = __('You must provide an event definition.'); } return $query; }
/** * Add/update a user group with allowed menu tabs. * * @param string $userGroup user group name * @param boolean $new whether this is a new user group * * @return void */ function PMA_editUserGroup($userGroup, $new = false) { $tabs = PMA\libraries\Util::getMenuTabList(); $cfgRelation = PMA_getRelationsParam(); $groupTable = PMA\libraries\Util::backquote($cfgRelation['db']) . "." . PMA\libraries\Util::backquote($cfgRelation['usergroups']); if (!$new) { $sql_query = "DELETE FROM " . $groupTable . " WHERE `usergroup`='" . PMA\libraries\Util::sqlAddSlashes($userGroup) . "';"; PMA_queryAsControlUser($sql_query, true); } $sql_query = "INSERT INTO " . $groupTable . "(`usergroup`, `tab`, `allowed`)" . " VALUES "; $first = true; foreach ($tabs as $tabGroupName => $tabGroup) { foreach ($tabGroup as $tab => $tabName) { if (!$first) { $sql_query .= ", "; } $tabName = $tabGroupName . '_' . $tab; $allowed = isset($_REQUEST[$tabName]) && $_REQUEST[$tabName] == 'Y'; $sql_query .= "('" . PMA_Util::sqlAddSlashes($userGroup) . "', '" . $tabName . "', '" . ($allowed ? "Y" : "N") . "')"; $first = false; } } $sql_query .= ";"; PMA_queryAsControlUser($sql_query, true); }
if ($response->isAjax()) { $response->setRequestStatus(false); $response->addJSON('message', Message::error(__('No databases selected.'))); } else { PMA_sendHeaderLocation($uri); } exit; } } // end if (ensures db exists) /** * Changes database charset if requested by the user */ if (isset($_REQUEST['submitcollation']) && isset($_REQUEST['db_collation']) && !empty($_REQUEST['db_collation'])) { list($db_charset) = explode('_', $_REQUEST['db_collation']); $sql_query = 'ALTER DATABASE ' . PMA\libraries\Util::backquote($db) . ' DEFAULT' . PMA_generateCharsetQueryPart($_REQUEST['db_collation']); $result = $GLOBALS['dbi']->query($sql_query); $message = Message::success(); unset($db_charset); /** * If we are in an Ajax request, let us stop the execution here. Necessary for * db charset change action on db_operations.php. If this causes a bug on * other pages, we might have to move this to a different location. */ if ($GLOBALS['is_ajax_request'] == true) { $response = PMA\libraries\Response::getInstance(); $response->setRequestStatus($message->isSuccess()); $response->addJSON('message', $message); exit; } }
/** * returns count of tables in given db * * @param string $db database to count tables for * * @return integer count of tables in $db */ function PMA_getTableCount($db) { $tables = $GLOBALS['dbi']->tryQuery('SHOW TABLES FROM ' . PMA\libraries\Util::backquote($db) . ';', null, PMA\libraries\DatabaseInterface::QUERY_STORE); if ($tables) { $num_tables = $GLOBALS['dbi']->numRows($tables); $GLOBALS['dbi']->freeResult($tables); } else { $num_tables = 0; } return $num_tables; }
/** * Deletes a bookmark * * @param integer $id the id of the bookmark to delete * * @return bool true if successful * * @access public * * @global resource $controllink the controluser db connection handle */ function PMA_Bookmark_delete($id) { global $controllink; $cfgBookmark = PMA_Bookmark_getParams(); if (empty($cfgBookmark)) { return false; } $query = 'DELETE FROM ' . PMA\libraries\Util::backquote($cfgBookmark['db']) . '.' . PMA\libraries\Util::backquote($cfgBookmark['table']) . ' WHERE (user = \'' . $GLOBALS['dbi']->escapeString($cfgBookmark['user']) . '\'' . ' OR user = \'\')' . ' AND id = ' . $id; return $GLOBALS['dbi']->tryQuery($query, $controllink); }
/** * Handles export template actions * * @param array $cfgRelation Relation configuration * * @return void */ function PMA_handleExportTemplateActions($cfgRelation) { if (isset($_REQUEST['templateId'])) { $id = $GLOBALS['dbi']->escapeString($_REQUEST['templateId']); } else { $id = ''; } $templateTable = PMA\libraries\Util::backquote($cfgRelation['db']) . '.' . PMA\libraries\Util::backquote($cfgRelation['export_templates']); $user = $GLOBALS['dbi']->escapeString($GLOBALS['cfg']['Server']['user']); switch ($_REQUEST['templateAction']) { case 'create': $query = "INSERT INTO " . $templateTable . "(" . " `username`, `export_type`," . " `template_name`, `template_data`" . ") VALUES (" . "'" . $user . "', " . "'" . $GLOBALS['dbi']->escapeString($_REQUEST['exportType']) . "', '" . $GLOBALS['dbi']->escapeString($_REQUEST['templateName']) . "', '" . $GLOBALS['dbi']->escapeString($_REQUEST['templateData']) . "');"; break; case 'load': $query = "SELECT `template_data` FROM " . $templateTable . " WHERE `id` = " . $id . " AND `username` = '" . $user . "'"; break; case 'update': $query = "UPDATE " . $templateTable . " SET `template_data` = " . "'" . $GLOBALS['dbi']->escapeString($_REQUEST['templateData']) . "'" . " WHERE `id` = " . $id . " AND `username` = '" . $user . "'"; break; case 'delete': $query = "DELETE FROM " . $templateTable . " WHERE `id` = " . $id . " AND `username` = '" . $user . "'"; break; default: $query = ''; break; } $result = PMA_queryAsControlUser($query, false); $response = Response::getInstance(); if (!$result) { $error = $GLOBALS['dbi']->getError($GLOBALS['controllink']); $response->setRequestStatus(false); $response->addJSON('message', $error); exit; } $response->setRequestStatus(true); if ('create' == $_REQUEST['templateAction']) { $response->addJSON('data', PMA_getOptionsForExportTemplates($_REQUEST['exportType'])); } elseif ('load' == $_REQUEST['templateAction']) { $data = null; while ($row = $GLOBALS['dbi']->fetchAssoc($result, $GLOBALS['controllink'])) { $data = $row['template_data']; } $response->addJSON('data', $data); } $GLOBALS['dbi']->freeResult($result); }
/** * backquoteCompat test with forbidden words * * @return void */ public function testBackquoteForbidenWords() { foreach (SqlParser\Context::$KEYWORDS as $keyword => $type) { if ($type & SqlParser\Token::FLAG_KEYWORD_RESERVED) { $this->assertEquals("`" . $keyword . "`", PMA\libraries\Util::backquote($keyword, false)); } else { $this->assertEquals($keyword, PMA\libraries\Util::backquote($keyword, false)); } } }
?> </td> <td><input type="text" size="20" name="new_name" onfocus="this.select()" value="<?php echo htmlspecialchars($GLOBALS['table']); ?> " required /> </td> </tr> </table> </fieldset> <fieldset class="tblFooters"> <input type="hidden" name="submitoptions" value="1" /> <input type="submit" value="<?php echo __('Go'); ?> " /> </fieldset> </form> </div> <?php $drop_view_url_params = array_merge($url_params, array('sql_query' => 'DROP VIEW ' . PMA\libraries\Util::backquote($GLOBALS['table']), 'goto' => 'tbl_structure.php', 'reload' => '1', 'purge' => '1', 'message_to_show' => sprintf(__('View %s has been dropped.'), htmlspecialchars($GLOBALS['table'])), 'table' => $GLOBALS['table'])); echo '<div class="operations_half_width">'; echo '<fieldset class="caution">'; echo '<legend>', __('Delete data or table'), '</legend>'; echo '<ul>'; echo PMA_getDeleteDataOrTableLink($drop_view_url_params, 'DROP VIEW', __('Delete the view (DROP)'), 'drop_view_anchor'); echo '</ul>'; echo '</fieldset>'; echo '</div>';
/** * Composes the query necessary to create a trigger from an HTTP request. * * @return string The CREATE TRIGGER query. */ function PMA_TRI_getQueryFromRequest() { global $_REQUEST, $db, $errors, $action_timings, $event_manipulations; $query = 'CREATE '; if (!empty($_REQUEST['item_definer'])) { if (mb_strpos($_REQUEST['item_definer'], '@') !== false) { $arr = explode('@', $_REQUEST['item_definer']); $query .= 'DEFINER=' . PMA\libraries\Util::backquote($arr[0]); $query .= '@' . PMA\libraries\Util::backquote($arr[1]) . ' '; } else { $errors[] = __('The definer must be in the "username@hostname" format!'); } } $query .= 'TRIGGER '; if (!empty($_REQUEST['item_name'])) { $query .= PMA\libraries\Util::backquote($_REQUEST['item_name']) . ' '; } else { $errors[] = __('You must provide a trigger name!'); } if (!empty($_REQUEST['item_timing']) && in_array($_REQUEST['item_timing'], $action_timings)) { $query .= $_REQUEST['item_timing'] . ' '; } else { $errors[] = __('You must provide a valid timing for the trigger!'); } if (!empty($_REQUEST['item_event']) && in_array($_REQUEST['item_event'], $event_manipulations)) { $query .= $_REQUEST['item_event'] . ' '; } else { $errors[] = __('You must provide a valid event for the trigger!'); } $query .= 'ON '; if (!empty($_REQUEST['item_table']) && in_array($_REQUEST['item_table'], $GLOBALS['dbi']->getTables($db))) { $query .= PMA\libraries\Util::backquote($_REQUEST['item_table']); } else { $errors[] = __('You must provide a valid table name!'); } $query .= ' FOR EACH ROW '; if (!empty($_REQUEST['item_definition'])) { $query .= $_REQUEST['item_definition']; } else { $errors[] = __('You must provide a trigger definition.'); } return $query; }
/** * Display tracked tables * * @param string $db current database * @param object $all_tables_result result set of tracked tables * @param string $url_query url query string * @param string $pmaThemeImage path to theme's image folder * @param string $text_dir text direction * @param array $cfgRelation configuration storage info * * @return void */ function PMA_displayTrackedTables($db, $all_tables_result, $url_query, $pmaThemeImage, $text_dir, $cfgRelation) { ?> <div id="tracked_tables"> <h3><?php echo __('Tracked tables'); ?> </h3> <form method="post" action="db_tracking.php" name="trackedForm" id="trackedForm" class="ajax"> <?php echo URL::getHiddenInputs($db); ?> <table id="versions" class="data"> <thead> <tr> <th></th> <th><?php echo __('Table'); ?> </th> <th><?php echo __('Last version'); ?> </th> <th><?php echo __('Created'); ?> </th> <th><?php echo __('Updated'); ?> </th> <th><?php echo __('Status'); ?> </th> <th><?php echo __('Action'); ?> </th> <th><?php echo __('Show'); ?> </th> </tr> </thead> <tbody> <?php // Print out information about versions $delete = PMA\libraries\Util::getIcon('b_drop.png', __('Delete tracking')); $versions = PMA\libraries\Util::getIcon('b_versions.png', __('Versions')); $report = PMA\libraries\Util::getIcon('b_report.png', __('Tracking report')); $structure = PMA\libraries\Util::getIcon('b_props.png', __('Structure snapshot')); $style = 'odd'; while ($one_result = $GLOBALS['dbi']->fetchArray($all_tables_result)) { list($table_name, $version_number) = $one_result; $table_query = ' SELECT * FROM ' . PMA\libraries\Util::backquote($cfgRelation['db']) . '.' . PMA\libraries\Util::backquote($cfgRelation['tracking']) . ' WHERE `db_name` = \'' . PMA\libraries\Util::sqlAddSlashes($_REQUEST['db']) . '\' AND `table_name` = \'' . PMA\libraries\Util::sqlAddSlashes($table_name) . '\' AND `version` = \'' . $version_number . '\''; $table_result = PMA_queryAsControlUser($table_query); $version_data = $GLOBALS['dbi']->fetchArray($table_result); $tbl_link = 'tbl_tracking.php' . $url_query . '&table=' . htmlspecialchars($version_data['table_name']); $delete_link = 'db_tracking.php' . $url_query . '&table=' . htmlspecialchars($version_data['table_name']) . '&delete_tracking=true&'; $checkbox_id = "selected_tbl_" . htmlspecialchars($version_data['table_name']); ?> <tr class="<?php echo $style; ?> "> <td class="center"> <input type="checkbox" name="selected_tbl[]" class="checkall" id="<?php echo $checkbox_id; ?> " value="<?php echo htmlspecialchars($version_data['table_name']); ?> "/> </td> <th> <label for="<?php echo $checkbox_id; ?> "> <?php echo htmlspecialchars($version_data['table_name']); ?> </label> </th> <td class="right"><?php echo $version_data['version']; ?> </td> <td><?php echo $version_data['date_created']; ?> </td> <td><?php echo $version_data['date_updated']; ?> </td> <td> <?php PMA_displayStatusButton($version_data, $tbl_link); ?> </td> <td> <a class="delete_tracking_anchor ajax" href="<?php echo $delete_link; ?> " > <?php echo $delete; ?> </a> <?php echo '</td>', '<td>', '<a href="', $tbl_link, '">', $versions, '</a>', ' ', '<a href="', $tbl_link, '&report=true&version=', $version_data['version'], '">', $report, '</a>', ' ', '<a href="' . $tbl_link, '&snapshot=true&version=', $version_data['version'], '">', $structure, '</a>', '</td>', '</tr>'; if ($style == 'even') { $style = 'odd'; } else { $style = 'even'; } } ?> </tbody> </table> <?php echo PMA\libraries\Template::get('select_all')->render(array('pmaThemeImage' => $pmaThemeImage, 'text_dir' => $text_dir, 'formName' => 'trackedForm')); echo PMA\libraries\Util::getButtonOrImage('submit_mult', 'mult_submit', __('Delete tracking'), 'b_drop.png', 'delete_tracking'); ?> </form> </div> <?php }
/** * Delete related transformation details * after deleting database. table or column * * @param string $db Database name * @param string $table Table name * @param string $column Column name * * @return boolean State of the query execution */ function PMA_clearTransformations($db, $table = '', $column = '') { $cfgRelation = PMA_getRelationsParam(); if (!isset($cfgRelation['column_info'])) { return false; } $delete_sql = 'DELETE FROM ' . PMA\libraries\Util::backquote($cfgRelation['db']) . '.' . PMA\libraries\Util::backquote($cfgRelation['column_info']) . ' WHERE '; if ($column != '' && $table != '') { $delete_sql .= '`db_name` = \'' . $db . '\' AND ' . '`table_name` = \'' . $table . '\' AND ' . '`column_name` = \'' . $column . '\' '; } else { if ($table != '') { $delete_sql .= '`db_name` = \'' . $db . '\' AND ' . '`table_name` = \'' . $table . '\' '; } else { $delete_sql .= '`db_name` = \'' . $db . '\' '; } } return $GLOBALS['dbi']->tryQuery($delete_sql); }
/** * Check whether inline edited value can be truncated or not, * and add additional parameters for extra_data array if needed * * @param string $db Database name * @param string $table Table name * @param string $column_name Column name * @param array &$extra_data Extra data for ajax response * * @return void */ function PMA_verifyWhetherValueCanBeTruncatedAndAppendExtraData($db, $table, $column_name, &$extra_data) { $extra_data['isNeedToRecheck'] = false; $sql_for_real_value = 'SELECT ' . PMA\libraries\Util::backquote($table) . '.' . PMA\libraries\Util::backquote($column_name) . ' FROM ' . PMA\libraries\Util::backquote($db) . '.' . PMA\libraries\Util::backquote($table) . ' WHERE ' . $_REQUEST['where_clause'][0]; $result = $GLOBALS['dbi']->tryQuery($sql_for_real_value); $fields_meta = $GLOBALS['dbi']->getFieldsMeta($result); $meta = $fields_meta[0]; if ($row = $GLOBALS['dbi']->fetchRow($result)) { $new_value = $row[0]; if (substr($meta->type, 0, 9) == 'timestamp' || $meta->type == 'datetime' || $meta->type == 'time') { $new_value = PMA\libraries\Util::addMicroseconds($new_value); } $extra_data['isNeedToRecheck'] = true; $extra_data['truncatableFieldValue'] = $new_value; } $GLOBALS['dbi']->freeResult($result); }
/** * Cleanup user related relation stuff * * @param string $username username * * @return void */ function PMA_relationsCleanupUser($username) { $cfgRelation = PMA_getRelationsParam(); if ($cfgRelation['bookmarkwork']) { $remove_query = "DELETE FROM " . PMA\libraries\Util::backquote($cfgRelation['db']) . "." . PMA\libraries\Util::backquote($cfgRelation['bookmark']) . " WHERE `user` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'"; PMA_queryAsControlUser($remove_query); } if ($cfgRelation['historywork']) { $remove_query = "DELETE FROM " . PMA\libraries\Util::backquote($cfgRelation['db']) . "." . PMA\libraries\Util::backquote($cfgRelation['history']) . " WHERE `username` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'"; PMA_queryAsControlUser($remove_query); } if ($cfgRelation['recentwork']) { $remove_query = "DELETE FROM " . PMA\libraries\Util::backquote($cfgRelation['db']) . "." . PMA\libraries\Util::backquote($cfgRelation['recent']) . " WHERE `username` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'"; PMA_queryAsControlUser($remove_query); } if ($cfgRelation['favoritework']) { $remove_query = "DELETE FROM " . PMA\libraries\Util::backquote($cfgRelation['db']) . "." . PMA\libraries\Util::backquote($cfgRelation['favorite']) . " WHERE `username` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'"; PMA_queryAsControlUser($remove_query); } if ($cfgRelation['uiprefswork']) { $remove_query = "DELETE FROM " . PMA\libraries\Util::backquote($cfgRelation['db']) . "." . PMA\libraries\Util::backquote($cfgRelation['table_uiprefs']) . " WHERE `username` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'"; PMA_queryAsControlUser($remove_query); } if ($cfgRelation['userconfigwork']) { $remove_query = "DELETE FROM " . PMA\libraries\Util::backquote($cfgRelation['db']) . "." . PMA\libraries\Util::backquote($cfgRelation['userconfig']) . " WHERE `username` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'"; PMA_queryAsControlUser($remove_query); } if ($cfgRelation['menuswork']) { $remove_query = "DELETE FROM " . PMA\libraries\Util::backquote($cfgRelation['db']) . "." . PMA\libraries\Util::backquote($cfgRelation['users']) . " WHERE `username` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'"; PMA_queryAsControlUser($remove_query); } if ($cfgRelation['navwork']) { $remove_query = "DELETE FROM " . PMA\libraries\Util::backquote($cfgRelation['db']) . "." . PMA\libraries\Util::backquote($cfgRelation['navigationhiding']) . " WHERE `username` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'"; PMA_queryAsControlUser($remove_query); } if ($cfgRelation['savedsearcheswork']) { $remove_query = "DELETE FROM " . PMA\libraries\Util::backquote($cfgRelation['db']) . "." . PMA\libraries\Util::backquote($cfgRelation['savedsearches']) . " WHERE `username` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'"; PMA_queryAsControlUser($remove_query); } if ($cfgRelation['designersettingswork']) { $remove_query = "DELETE FROM " . PMA\libraries\Util::backquote($cfgRelation['db']) . "." . PMA\libraries\Util::backquote($cfgRelation['designer_settings']) . " WHERE `username` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'"; PMA_queryAsControlUser($remove_query); } }
} } // Get tracked data about the database $data = Tracker::getTrackedData($_REQUEST['db'], '', '1'); // No tables present and no log exist if ($num_tables == 0 && count($data['ddlog']) == 0) { echo '<p>', __('No tables found in database.'), '</p>', "\n"; if (empty($db_is_system_schema)) { echo PMA_getHtmlForCreateTable($db); } exit; } // --------------------------------------------------------------------------- $cfgRelation = PMA_getRelationsParam(); // Prepare statement to get HEAD version $all_tables_query = ' SELECT table_name, MAX(version) as version FROM ' . PMA\libraries\Util::backquote($cfgRelation['db']) . '.' . PMA\libraries\Util::backquote($cfgRelation['tracking']) . ' WHERE db_name = \'' . PMA\libraries\Util::sqlAddSlashes($_REQUEST['db']) . '\' ' . ' GROUP BY table_name' . ' ORDER BY table_name ASC'; $all_tables_result = PMA_queryAsControlUser($all_tables_query); // If a HEAD version exists if (is_object($all_tables_result) && $GLOBALS['dbi']->numRows($all_tables_result) > 0) { PMA_displayTrackedTables($GLOBALS['db'], $all_tables_result, $url_query, $pmaThemeImage, $text_dir, $cfgRelation); } $untracked_tables = PMA_getUntrackedTables($GLOBALS['db']); // If untracked tables exist if (count($untracked_tables) > 0) { PMA_displayUntrackedTables($GLOBALS['db'], $untracked_tables, $url_query, $pmaThemeImage, $text_dir); } // If available print out database log if (count($data['ddlog']) > 0) { $log = ''; foreach ($data['ddlog'] as $entry) { $log .= '# ' . $entry['date'] . ' ' . $entry['username'] . "\n" . $entry['statement'] . "\n";
*/ /** * Gets some core libraries */ require_once 'libraries/common.inc.php'; require_once 'libraries/mysql_charsets.inc.php'; require_once 'libraries/replication.inc.php'; require 'libraries/build_html_for_db.lib.php'; /** * Defines the url to return to in case of error in a sql statement */ $err_url = 'index.php' . PMA_URL_getCommon(); /** * Builds and executes the db creation sql query */ $sql_query = 'CREATE DATABASE ' . PMA\libraries\Util::backquote($_POST['new_db']); if (!empty($_POST['db_collation'])) { list($db_charset) = explode('_', $_POST['db_collation']); if (in_array($db_charset, $mysql_charsets) && in_array($_POST['db_collation'], $mysql_collations[$db_charset])) { $sql_query .= ' DEFAULT' . PMA_generateCharsetQueryPart($_POST['db_collation']); } $db_collation_for_ajax = $_POST['db_collation']; unset($db_charset); } $sql_query .= ';'; $result = $GLOBALS['dbi']->tryQuery($sql_query); if (!$result) { $message = PMA\libraries\Message::rawError($GLOBALS['dbi']->getError()); // avoid displaying the not-created db name in header or navi panel $GLOBALS['db'] = ''; $GLOBALS['table'] = '';
/** * Check child table references and foreign key for a table column. * * @param string $db name of master table db. * @param string $table name of master table. * @param string $column name of master table column. * @param array $foreigners_full foreiners array for the whole table. * @param array $child_references_full child references for the whole table. * * @return array $column_status telling about references if foreign key. */ function PMA_checkChildForeignReferences($db, $table, $column, $foreigners_full = null, $child_references_full = null) { $column_status = array(); $column_status['isEditable'] = false; $column_status['isReferenced'] = false; $column_status['isForeignKey'] = false; $column_status['references'] = array(); $foreigners = array(); if ($foreigners_full !== null) { if (isset($foreigners_full[$column])) { $foreigners[$column] = $foreigners_full[$column]; } if (isset($foreigners_full['foreign_keys_data'])) { $foreigners['foreign_keys_data'] = $foreigners_full['foreign_keys_data']; } } else { $foreigners = PMA_getForeigners($db, $table, $column, 'foreign'); } $foreigner = PMA_searchColumnInForeigners($foreigners, $column); $child_references = array(); if ($child_references_full !== null) { if (isset($child_references_full[$column])) { $child_references = $child_references_full[$column]; } } else { $child_references = PMA_getChildReferences($db, $table, $column); } if (sizeof($child_references, 0) > 0 || $foreigner) { if (sizeof($child_references, 0) > 0) { $column_status['isReferenced'] = true; foreach ($child_references as $columns) { array_push($column_status['references'], PMA\libraries\Util::backquote($columns['table_schema']) . '.' . PMA\libraries\Util::backquote($columns['table_name'])); } } if ($foreigner) { $column_status['isForeignKey'] = true; } } else { $column_status['isEditable'] = true; } return $column_status; }
/** * return HTML for Sql Query Form Insert * * @param string $query query to display in the textarea * @param string $delimiter default delimiter to use * * @return string * * @usedby PMA_getHtmlForSqlQueryForm() */ function PMA_getHtmlForSqlQueryFormInsert($query = '', $delimiter = ';') { // enable auto select text in textarea if ($GLOBALS['cfg']['TextareaAutoSelect']) { $auto_sel = ' onclick="selectContent(this, sql_box_locked, true);"'; } else { $auto_sel = ''; } $locking = ''; $height = $GLOBALS['cfg']['TextareaRows'] * 2; list($legend, $query, $columns_list) = PMA_initQueryForm($query); if (!empty($columns_list)) { $sqlquerycontainer_id = 'sqlquerycontainer'; } else { $sqlquerycontainer_id = 'sqlquerycontainerfull'; } $html = '<a id="querybox"></a>' . '<div id="queryboxcontainer">' . '<fieldset id="queryboxf">'; $html .= '<legend>' . $legend . '</legend>'; $html .= '<div id="queryfieldscontainer">'; $html .= '<div id="' . $sqlquerycontainer_id . '">' . '<textarea tabindex="100" name="sql_query" id="sqlquery"' . ' cols="' . $GLOBALS['cfg']['TextareaCols'] . '"' . ' rows="' . $height . '"' . $auto_sel . $locking . '>' . htmlspecialchars($query) . '</textarea>'; $html .= '<div id="querymessage"></div>'; // Add buttons to generate query easily for // select all, single select, insert, update and delete if (!empty($columns_list)) { $html .= '<input type="button" value="SELECT *" id="selectall"' . ' class="button sqlbutton" />'; $html .= '<input type="button" value="SELECT" id="select"' . ' class="button sqlbutton" />'; $html .= '<input type="button" value="INSERT" id="insert"' . ' class="button sqlbutton" />'; $html .= '<input type="button" value="UPDATE" id="update"' . ' class="button sqlbutton" />'; $html .= '<input type="button" value="DELETE" id="delete"' . ' class="button sqlbutton" />'; } $html .= '<input type="button" value="' . __('Clear') . '" id="clear"' . ' class="button sqlbutton" />'; if ($GLOBALS['cfg']['CodemirrorEnable']) { $html .= '<input type="button" value="' . __('Format') . '" id="format"' . ' class="button sqlbutton" />'; } $html .= '<input type="button" value="' . __('Get auto-saved query') . '" id="saved" class="button sqlbutton" />'; // parameter binding $html .= '<div>'; $html .= '<input type="checkbox" name="parameterized" id="parameterized" />'; $html .= '<label for="parameterized">' . __('Bind parameters') . '</label>'; $html .= PMA\libraries\Util::showDocu('faq', 'faq6-40'); $html .= '<div id="parametersDiv"></div>'; $html .= '</div>'; $html .= '</div>' . "\n"; if (!empty($columns_list)) { $html .= '<div id="tablefieldscontainer">' . '<label>' . __('Columns') . '</label>' . '<select id="tablefields" name="dummy" ' . 'size="' . ($GLOBALS['cfg']['TextareaRows'] - 2) . '" ' . 'multiple="multiple" ondblclick="insertValueQuery()">'; foreach ($columns_list as $field) { $html .= '<option value="' . PMA\libraries\Util::backquote(htmlspecialchars($field['Field'])) . '"'; if (isset($field['Field']) && mb_strlen($field['Field']) && isset($field['Comment'])) { $html .= ' title="' . htmlspecialchars($field['Comment']) . '"'; } $html .= '>' . htmlspecialchars($field['Field']) . '</option>' . "\n"; } $html .= '</select>' . '<div id="tablefieldinsertbuttoncontainer">'; if (PMA\libraries\Util::showIcons('ActionLinksMode')) { $html .= '<input type="button" class="button" name="insert"' . ' value="<<" onclick="insertValueQuery()"' . ' title="' . __('Insert') . '" />'; } else { $html .= '<input type="button" class="button" name="insert"' . ' value="' . __('Insert') . '"' . ' onclick="insertValueQuery()" />'; } $html .= '</div>' . "\n" . '</div>' . "\n"; } $html .= '<div class="clearfloat"></div>' . "\n"; $html .= '</div>' . "\n"; $cfgBookmark = PMA_Bookmark_getParams(); if ($cfgBookmark) { $html .= '<div id="bookmarkoptions">'; $html .= '<div class="formelement">'; $html .= '<label for="bkm_label">' . __('Bookmark this SQL query:') . '</label>'; $html .= '<input type="text" name="bkm_label" id="bkm_label"' . ' tabindex="110" value="" />'; $html .= '</div>'; $html .= '<div class="formelement">'; $html .= '<input type="checkbox" name="bkm_all_users" tabindex="111"' . ' id="id_bkm_all_users" value="true" />'; $html .= '<label for="id_bkm_all_users">' . __('Let every user access this bookmark') . '</label>'; $html .= '</div>'; $html .= '<div class="formelement">'; $html .= '<input type="checkbox" name="bkm_replace" tabindex="112"' . ' id="id_bkm_replace" value="true" />'; $html .= '<label for="id_bkm_replace">' . __('Replace existing bookmark of same name') . '</label>'; $html .= '</div>'; $html .= '</div>'; } $html .= '<div class="clearfloat"></div>' . "\n"; $html .= '</fieldset>' . "\n" . '</div>' . "\n"; $html .= '<fieldset id="queryboxfooter" class="tblFooters">' . "\n"; $html .= '<div class="formelement">' . "\n"; $html .= '</div>' . "\n"; $html .= '<div class="formelement">'; $html .= '<label for="id_sql_delimiter">[ ' . __('Delimiter') . '</label>' . "\n"; $html .= '<input type="text" name="sql_delimiter" tabindex="131" size="3" ' . 'value="' . $delimiter . '" ' . 'id="id_sql_delimiter" /> ]'; $html .= '</div>'; $html .= '<div class="formelement">'; $html .= '<input type="checkbox" name="show_query" value="1" ' . 'id="checkbox_show_query" tabindex="132" checked="checked" />' . '<label for="checkbox_show_query">' . __('Show this query here again') . '</label>'; $html .= '</div>'; $html .= '<div class="formelement">'; $html .= '<input type="checkbox" name="retain_query_box" value="1" ' . 'id="retain_query_box" tabindex="133" ' . ($GLOBALS['cfg']['RetainQueryBox'] === false ? '' : ' checked="checked"') . ' />' . '<label for="retain_query_box">' . __('Retain query box') . '</label>'; $html .= '</div>'; $html .= '<div class="formelement">'; $html .= '<input type="checkbox" name="rollback_query" value="1" ' . 'id="rollback_query" tabindex="134" />' . '<label for="rollback_query">' . __('Rollback when finished') . '</label>'; $html .= '</div>'; // Disable/Enable foreign key checks $html .= '<div class="formelement">'; $html .= PMA\libraries\Util::getFKCheckbox(); $html .= '</div>'; $html .= '<input type="submit" id="button_submit_query" name="SQL"'; $html .= ' tabindex="200" value="' . __('Go') . '" />' . "\n"; $html .= '<div class="clearfloat"></div>' . "\n"; $html .= '</fieldset>' . "\n"; return $html; }
* Copy table */ $response->addHTML(PMA_getHtmlForCopytable()); /** * Table maintenance */ $response->addHTML(PMA_getHtmlForTableMaintenance($is_myisam_or_aria, $is_innodb, $is_berkeleydb, $url_params)); if (!(isset($db_is_system_schema) && $db_is_system_schema)) { $truncate_table_url_params = array(); $drop_table_url_params = array(); if (!$tbl_is_view && !(isset($db_is_system_schema) && $db_is_system_schema)) { $this_sql_query = 'TRUNCATE TABLE ' . PMA\libraries\Util::backquote($GLOBALS['table']); $truncate_table_url_params = array_merge($url_params, array('sql_query' => $this_sql_query, 'goto' => 'tbl_structure.php', 'reload' => '1', 'message_to_show' => sprintf(__('Table %s has been emptied.'), htmlspecialchars($table)))); } if (!(isset($db_is_system_schema) && $db_is_system_schema)) { $this_sql_query = 'DROP TABLE ' . PMA\libraries\Util::backquote($GLOBALS['table']); $drop_table_url_params = array_merge($url_params, array('sql_query' => $this_sql_query, 'goto' => 'db_operations.php', 'reload' => '1', 'purge' => '1', 'message_to_show' => sprintf($tbl_is_view ? __('View %s has been dropped.') : __('Table %s has been dropped.'), htmlspecialchars($table)), 'table' => $GLOBALS['table'])); } $response->addHTML(PMA_getHtmlForDeleteDataOrTable($truncate_table_url_params, $drop_table_url_params)); } if (Partition::havePartitioning()) { $partition_names = Partition::getPartitionNames($db, $table); // show the Partition maintenance section only if we detect a partition if (!is_null($partition_names[0])) { $response->addHTML(PMA_getHtmlForPartitionMaintenance($partition_names, $url_params)); } // end if } // end if unset($partition_names); // Referential integrity check
$GLOBALS[$one_request_param] = 2000; } } else { $GLOBALS[$one_request_param] = $_REQUEST[$one_request_param]; } } } /** * Get the list of the fields of the current table */ $GLOBALS['dbi']->selectDb($db); if (isset($where_clause)) { $result = $GLOBALS['dbi']->query('SELECT * FROM ' . PMA\libraries\Util::backquote($table) . ' WHERE ' . $where_clause . ';', null, PMA\libraries\DatabaseInterface::QUERY_STORE); $row = $GLOBALS['dbi']->fetchAssoc($result); } else { $result = $GLOBALS['dbi']->query('SELECT * FROM ' . PMA\libraries\Util::backquote($table) . ' LIMIT 1;', null, PMA\libraries\DatabaseInterface::QUERY_STORE); $row = $GLOBALS['dbi']->fetchAssoc($result); } // No row returned if (!$row) { exit; } // end if (no record returned) $default_ct = 'application/octet-stream'; if ($cfgRelation['commwork'] && $cfgRelation['mimework']) { $mime_map = PMA_getMime($db, $table); $mime_options = PMA_Transformation_getOptions(isset($mime_map[$transform_key]['transformation_options']) ? $mime_map[$transform_key]['transformation_options'] : ''); foreach ($mime_options as $key => $option) { if (substr($option, 0, 10) == '; charset=') { $mime_options['charset'] = $option; }
$response->addHTML(PMA_getHtmlForAddPrefixTable($action, $_url_params)); } else { $response->addHTML(PMA_getHtmlForOtherActions($what, $action, $_url_params, $full_query)); } exit; } elseif (!empty($mult_btn) && $mult_btn == __('Yes')) { /** * Executes the query - dropping rows, columns/fields, tables or dbs */ if ($query_type == 'drop_db' || $query_type == 'drop_tbl' || $query_type == 'drop_fld') { include_once './libraries/relation_cleanup.lib.php'; } if ($query_type == 'primary_fld') { // Gets table primary key $GLOBALS['dbi']->selectDb($db); $result = $GLOBALS['dbi']->query('SHOW KEYS FROM ' . PMA\libraries\Util::backquote($table) . ';'); $primary = ''; while ($row = $GLOBALS['dbi']->fetchAssoc($result)) { // Backups the list of primary keys if ($row['Key_name'] == 'PRIMARY') { $primary .= $row['Column_name'] . ', '; } } // end while $GLOBALS['dbi']->freeResult($result); } if ($query_type == 'drop_tbl' || $query_type == 'empty_tbl' || $query_type == 'row_delete') { $default_fk_check_value = PMA\libraries\Util::handleDisableFKCheckInit(); } list($result, $rebuild_database_list, $reload_ret, $run_parts, $execute_query_later, $sql_query, $sql_query_views) = PMA_buildOrExecuteQueryForMulti($query_type, $selected, $db, $table, $views, isset($primary) ? $primary : null, isset($from_prefix) ? $from_prefix : null, isset($to_prefix) ? $to_prefix : null); //update the existed variable
/** * Copy database */ $response->addHTML(PMA_getHtmlForCopyDatabase($GLOBALS['db'])); /** * Change database charset */ $response->addHTML(PMA_getHtmlForChangeDatabaseCharset($GLOBALS['db'], $table)); if (!$cfgRelation['allworks'] && $cfg['PmaNoRelation_DisableWarning'] == false) { $message = PMA\libraries\Message::notice(__('The phpMyAdmin configuration storage has been deactivated. ' . '%sFind out why%s.')); $message->addParam('<a href="' . './chk_rel.php' . $url_query . '">', false); $message->addParam('</a>', false); /* Show error if user has configured something, notice elsewhere */ if (!empty($cfg['Servers'][$server]['pmadb'])) { $message->isError(true); } } // end if } // end if (!$is_information_schema) $response->addHTML('</div>'); // not sure about displaying the PDF dialog in case db is information_schema if ($cfgRelation['pdfwork'] && $num_tables > 0) { // We only show this if we find something in the new pdf_pages table $test_query = ' SELECT * FROM ' . PMA\libraries\Util::backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA\libraries\Util::backquote($cfgRelation['pdf_pages']) . ' WHERE db_name = \'' . PMA\libraries\Util::sqlAddSlashes($GLOBALS['db']) . '\''; $test_rs = PMA_queryAsControlUser($test_query, false, PMA\libraries\DatabaseInterface::QUERY_STORE); } // end if
* @package PhpMyAdmin */ /** * Common functions. */ // we don't want the usual PMA\libraries\Response-generated HTML above the column's // data define('PMA_BYPASS_GET_INSTANCE', 1); require_once 'libraries/common.inc.php'; require_once 'libraries/mime.lib.php'; /* Check parameters */ PMA\libraries\Util::checkParameters(array('db', 'table')); /* Select database */ if (!$GLOBALS['dbi']->selectDb($db)) { PMA\libraries\Util::mysqlDie(sprintf(__('\'%s\' database does not exist.'), htmlspecialchars($db)), '', false); } /* Check if table exists */ if (!$GLOBALS['dbi']->getColumns($db, $table)) { PMA\libraries\Util::mysqlDie(__('Invalid table name')); } /* Grab data */ $sql = 'SELECT ' . PMA\libraries\Util::backquote($_GET['transform_key']) . ' FROM ' . PMA\libraries\Util::backquote($table) . ' WHERE ' . $_GET['where_clause'] . ';'; $result = $GLOBALS['dbi']->fetchValue($sql); /* Check return code */ if ($result === false) { PMA\libraries\Util::mysqlDie(__('MySQL returned an empty result set (i.e. zero rows).'), $sql); } /* Avoid corrupting data */ @ini_set('url_rewriter.tags', ''); PMA_downloadHeader($table . '-' . $_GET['transform_key'] . '.bin', PMA_detectMIME($result), mb_strlen($result, '8bit')); echo $result;
/** * sets privilege information extracted from SHOW GRANTS result * * Detection for some CREATE privilege. * * Since MySQL 4.1.2, we can easily detect current user's grants using $userlink * (no control user needed) and we don't have to try any other method for * detection * * @todo fix to get really all privileges, not only explicitly defined for this user * from MySQL manual: (http://dev.mysql.com/doc/refman/5.0/en/show-grants.html) * SHOW GRANTS displays only the privileges granted explicitly to the named * account. Other privileges might be available to the account, but they are not * displayed. For example, if an anonymous account exists, the named account * might be able to use its privileges, but SHOW GRANTS will not display them. * * @return void */ function PMA_analyseShowGrant() { if (PMA\libraries\Util::cacheExists('is_create_db_priv')) { $GLOBALS['is_create_db_priv'] = PMA\libraries\Util::cacheGet('is_create_db_priv'); $GLOBALS['is_reload_priv'] = PMA\libraries\Util::cacheGet('is_reload_priv'); $GLOBALS['db_to_create'] = PMA\libraries\Util::cacheGet('db_to_create'); $GLOBALS['dbs_where_create_table_allowed'] = PMA\libraries\Util::cacheGet('dbs_where_create_table_allowed'); $GLOBALS['dbs_to_test'] = PMA\libraries\Util::cacheGet('dbs_to_test'); return; } // defaults $GLOBALS['is_create_db_priv'] = false; $GLOBALS['is_reload_priv'] = false; $GLOBALS['db_to_create'] = ''; $GLOBALS['dbs_where_create_table_allowed'] = array(); $GLOBALS['dbs_to_test'] = $GLOBALS['dbi']->getSystemSchemas(); $rs_usr = $GLOBALS['dbi']->tryQuery('SHOW GRANTS'); if (!$rs_usr) { return; } $re0 = '(^|(\\\\\\\\)+|[^\\\\])'; // non-escaped wildcards $re1 = '(^|[^\\\\])(\\\\)+'; // escaped wildcards while ($row = $GLOBALS['dbi']->fetchRow($rs_usr)) { // extract db from GRANT ... ON *.* or GRANT ... ON db.* $db_name_offset = mb_strpos($row[0], ' ON ') + 4; $show_grants_dbname = mb_substr($row[0], $db_name_offset, mb_strpos($row[0], '.', $db_name_offset) - $db_name_offset); $show_grants_dbname = PMA\libraries\Util::unQuote($show_grants_dbname, '`'); $show_grants_str = mb_substr($row[0], 6, mb_strpos($row[0], ' ON ') - 6); if ($show_grants_dbname == '*') { if ($show_grants_str != 'USAGE') { $GLOBALS['dbs_to_test'] = false; } } elseif ($GLOBALS['dbs_to_test'] !== false) { $GLOBALS['dbs_to_test'][] = $show_grants_dbname; } if ($show_grants_str == 'RELOAD') { $GLOBALS['is_reload_priv'] = true; } /** * @todo if we find CREATE VIEW but not CREATE, do not offer * the create database dialog box */ if ($show_grants_str == 'ALL' || $show_grants_str == 'ALL PRIVILEGES' || $show_grants_str == 'CREATE' || strpos($show_grants_str, 'CREATE,') !== false) { if ($show_grants_dbname == '*') { // a global CREATE privilege $GLOBALS['is_create_db_priv'] = true; $GLOBALS['is_reload_priv'] = true; $GLOBALS['db_to_create'] = ''; $GLOBALS['dbs_where_create_table_allowed'][] = '*'; // @todo we should not break here, cause GRANT ALL *.* // could be revoked by a later rule like GRANT SELECT ON db.* break; } else { // this array may contain wildcards $GLOBALS['dbs_where_create_table_allowed'][] = $show_grants_dbname; $dbname_to_test = PMA\libraries\Util::backquote($show_grants_dbname); if ($GLOBALS['is_create_db_priv']) { // no need for any more tests if we already know this continue; } // does this db exist? if (preg_match('/' . $re0 . '%|_/', $show_grants_dbname) && !preg_match('/\\\\%|\\\\_/', $show_grants_dbname) || !$GLOBALS['dbi']->tryQuery('USE ' . preg_replace('/' . $re1 . '(%|_)/', '\\1\\3', $dbname_to_test)) && mb_substr($GLOBALS['dbi']->getError(), 1, 4) != 1044) { /** * Do not handle the underscore wildcard * (this case must be rare anyway) */ $GLOBALS['db_to_create'] = preg_replace('/' . $re0 . '%/', '\\1', $show_grants_dbname); $GLOBALS['db_to_create'] = preg_replace('/' . $re1 . '(%|_)/', '\\1\\3', $GLOBALS['db_to_create']); $GLOBALS['is_create_db_priv'] = true; /** * @todo collect $GLOBALS['db_to_create'] into an array, * to display a drop-down in the "Create database" dialog */ // we don't break, we want all possible databases //break; } // end if } // end elseif } // end if } // end while $GLOBALS['dbi']->freeResult($rs_usr); // must also cacheUnset() them in // libraries/plugins/auth/AuthenticationCookie.php PMA\libraries\Util::cacheSet('is_create_db_priv', $GLOBALS['is_create_db_priv']); PMA\libraries\Util::cacheSet('is_reload_priv', $GLOBALS['is_reload_priv']); PMA\libraries\Util::cacheSet('db_to_create', $GLOBALS['db_to_create']); PMA\libraries\Util::cacheSet('dbs_where_create_table_allowed', $GLOBALS['dbs_where_create_table_allowed']); PMA\libraries\Util::cacheSet('dbs_to_test', $GLOBALS['dbs_to_test']); }