* @package PhpMyAdmin
*/
/**
* Common functions.
*/
// we don't want the usual PMA\libraries\Response-generated HTML above the column's
// data
define('PMA_BYPASS_GET_INSTANCE', 1);
require_once 'libraries/common.inc.php';
require_once 'libraries/mime.lib.php';
/* Check parameters */
PMA\libraries\Util::checkParameters(array('db', 'table'));
/* Select database */
if (!$GLOBALS['dbi']->selectDb($db)) {
PMA\libraries\Util::mysqlDie(sprintf(__('\'%s\' database does not exist.'), htmlspecialchars($db)), '', false);
}
/* Check if table exists */
if (!$GLOBALS['dbi']->getColumns($db, $table)) {
PMA\libraries\Util::mysqlDie(__('Invalid table name'));
}
/* Grab data */
$sql = 'SELECT ' . PMA\libraries\Util::backquote($_GET['transform_key']) . ' FROM ' . PMA\libraries\Util::backquote($table) . ' WHERE ' . $_GET['where_clause'] . ';';
$result = $GLOBALS['dbi']->fetchValue($sql);
/* Check return code */
if ($result === false) {
PMA\libraries\Util::mysqlDie(__('MySQL returned an empty result set (i.e. zero rows).'), $sql);
}
/* Avoid corrupting data */
@ini_set('url_rewriter.tags', '');
PMA_downloadHeader($table . '-' . $_GET['transform_key'] . '.bin', PMA_detectMIME($result), mb_strlen($result, '8bit'));
echo $result;
PMA\libraries\Util::checkParameters(array('db'));
/** @var String $pmaString */
$pmaString = $GLOBALS['PMA_String'];
/* Check if database name is empty */
if (mb_strlen($db) == 0) {
PMA\libraries\Util::mysqlDie(__('The database name is empty!'), '', false, 'index.php');
}
/**
* Selects the database to work with
*/
if (!$GLOBALS['dbi']->selectDb($db)) {
PMA\libraries\Util::mysqlDie(sprintf(__('\'%s\' database does not exist.'), htmlspecialchars($db)), '', false, 'index.php');
}
if ($GLOBALS['dbi']->getColumns($db, $table)) {
// table exists already
PMA\libraries\Util::mysqlDie(sprintf(__('Table %s already exists!'), htmlspecialchars($table)), '', false, 'db_structure.php' . PMA_URL_getCommon(array('db' => $db)));
}
// for libraries/tbl_columns_definition_form.inc.php
// check number of fields to be created
$num_fields = PMA_getNumberOfFieldsFromRequest();
$action = 'tbl_create.php';
/**
* The form used to define the structure of the table has been submitted
*/
if (isset($_REQUEST['do_save_data'])) {
$sql_query = PMA_getTableCreationQuery($db, $table);
// If there is a request for SQL previewing.
if (isset($_REQUEST['preview_sql'])) {
PMA_previewSQL($sql_query);
}
// Executes the query
include_once 'libraries/transformations.lib.php';
// Update comment table for mime types [MIME]
if (isset($_REQUEST['field_mimetype']) && is_array($_REQUEST['field_mimetype']) && $cfg['BrowseMIME']) {
foreach ($_REQUEST['field_mimetype'] as $fieldindex => $mimetype) {
if (isset($_REQUEST['field_name'][$fieldindex]) && mb_strlen($_REQUEST['field_name'][$fieldindex])) {
PMA_setMIME($db, $table, $_REQUEST['field_name'][$fieldindex], $mimetype, $_REQUEST['field_transformation'][$fieldindex], $_REQUEST['field_transformation_options'][$fieldindex], $_REQUEST['field_input_transformation'][$fieldindex], $_REQUEST['field_input_transformation_options'][$fieldindex]);
}
}
}
// Go back to the structure sub-page
$message = PMA\libraries\Message::success(__('Table %1$s has been altered successfully.'));
$message->addParam($table);
$response->addJSON('message', PMA\libraries\Util::getMessage($message, $sql_query, 'success'));
exit;
} else {
$error_message_html = PMA\libraries\Util::mysqlDie('', '', false, $err_url, false);
$response->addHTML($error_message_html);
$response->setRequestStatus(false);
exit;
}
}
// end do alter table
/**
* Displays the form used to define the new field
*/
if ($abort == false) {
/**
* Gets tables information
*/
include_once 'libraries/tbl_common.inc.php';
include_once 'libraries/tbl_info.inc.php';
/**
* Function to execute the column creation statement
*
* @param string $db current database
* @param string $table current table
* @param string $err_url error page url
*
* @return array
*/
function PMA_tryColumnCreationQuery($db, $table, $err_url)
{
// get column addition statements
$sql_statement = PMA_getColumnCreationStatements(false);
// To allow replication, we first select the db to use and then run queries
// on this db.
if (!$GLOBALS['dbi']->selectDb($db)) {
PMA\libraries\Util::mysqlDie($GLOBALS['dbi']->getError(), 'USE ' . PMA\libraries\Util::backquote($db), false, $err_url);
}
$sql_query = 'ALTER TABLE ' . PMA\libraries\Util::backquote($table) . ' ' . $sql_statement . ';';
// If there is a request for SQL previewing.
if (isset($_REQUEST['preview_sql'])) {
PMA_previewSQL($sql_query);
}
return array($GLOBALS['dbi']->tryQuery($sql_query), $sql_query);
}
/**
* Responds an error when an error happens when executing the query
*
* @param boolean $is_gotofile whether goto file or not
* @param String $error error after executing the query
* @param String $full_sql_query full sql query
*
* @return void
*/
function PMA_handleQueryExecuteError($is_gotofile, $error, $full_sql_query)
{
if ($is_gotofile) {
$message = PMA\libraries\Message::rawError($error);
$response = PMA\libraries\Response::getInstance();
$response->setRequestStatus(false);
$response->addJSON('message', $message);
} else {
PMA\libraries\Util::mysqlDie($error, $full_sql_query, '', '');
}
exit;
}
/**
* Changes password for a user
*
* @param string $username Username
* @param string $hostname Hostname
* @param string $password Password
* @param string $sql_query SQL query
* @param string $hashing_function Hashing function
* @param string $orig_auth_plugin Original Authentication Plugin
*
* @return void
*/
function PMA_changePassUrlParamsAndSubmitQuery($username, $hostname, $password, $sql_query, $hashing_function, $orig_auth_plugin)
{
$err_url = 'user_password.php' . PMA_URL_getCommon();
$serverType = PMA\libraries\Util::getServerType();
if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706) {
$local_query = 'ALTER USER \'' . $username . '\'@\'' . $hostname . '\'' . ' IDENTIFIED with ' . $orig_auth_plugin . ' BY ' . ($password == '' ? '\'\'' : '\'' . PMA\libraries\Util::sqlAddSlashes($password) . '\'');
} else {
if ($serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200 && PMA_MYSQL_INT_VERSION < 100100 && $orig_auth_plugin !== '') {
if ($orig_auth_plugin == 'mysql_native_password') {
// Set the hashing method used by PASSWORD()
// to be 'mysql_native_password' type
$GLOBALS['dbi']->tryQuery('SET old_passwords = 0;');
} else {
if ($orig_auth_plugin == 'sha256_password') {
// Set the hashing method used by PASSWORD()
// to be 'sha256_password' type
$GLOBALS['dbi']->tryQuery('SET `old_passwords` = 2;');
}
}
$hashedPassword = PMA_getHashedPassword($_POST['pma_pw']);
$local_query = "UPDATE `mysql`.`user` SET" . " `authentication_string` = '" . $hashedPassword . "', `Password` = '', " . " `plugin` = '" . $orig_auth_plugin . "'" . " WHERE `User` = '" . $username . "' AND Host = '" . $hostname . "';";
} else {
$local_query = 'SET password = '******'' ? '\'\'' : $hashing_function . '(\'' . PMA\libraries\Util::sqlAddSlashes($password) . '\')');
}
}
if (!@$GLOBALS['dbi']->tryQuery($local_query)) {
PMA\libraries\Util::mysqlDie($GLOBALS['dbi']->getError(), $sql_query, false, $err_url);
}
// Flush privileges after successful password change
$GLOBALS['dbi']->tryQuery("FLUSH PRIVILEGES;");
}
}
// Parse and analyze the query, for correct db and table name
// in case of a query typed in the query window
// (but if the query is too large, in case of an imported file, the parser
// can choke on it so avoid parsing)
$sqlLength = mb_strlen($sql_query);
if ($sqlLength <= $GLOBALS['cfg']['MaxCharactersInDisplayedSQL']) {
include_once 'libraries/parse_analyze.lib.php';
list($analyzed_sql_results, $db, $table) = PMA_parseAnalyze($sql_query, $db);
// @todo: possibly refactor
extract($analyzed_sql_results);
}
// There was an error?
if (isset($my_die)) {
foreach ($my_die as $key => $die) {
PMA\libraries\Util::mysqlDie($die['error'], $die['sql'], false, $err_url, $error);
}
}
if ($go_sql) {
if (!empty($sql_data) && $sql_data['valid_queries'] > 1) {
$_SESSION['is_multi_query'] = true;
$sql_queries = $sql_data['valid_sql'];
} else {
$sql_queries = array($sql_query);
}
$html_output = '';
foreach ($sql_queries as $sql_query) {
// parse sql query
include_once 'libraries/parse_analyze.lib.php';
list($analyzed_sql_results, $db, $table) = PMA_parseAnalyze($sql_query, $db);
// @todo: possibly refactor
* Gets some core libraries
*/
require_once 'libraries/common.inc.php';
use PMA\libraries\Response;
use PMA\libraries\DbSearch;
$response = Response::getInstance();
$header = $response->getHeader();
$scripts = $header->getScripts();
$scripts->addFile('db_search.js');
$scripts->addFile('sql.js');
$scripts->addFile('makegrid.js');
$scripts->addFile('jquery/jquery-ui-timepicker-addon.js');
require 'libraries/db_common.inc.php';
// If config variable $GLOBALS['cfg']['UseDbSearch'] is on false : exit.
if (!$GLOBALS['cfg']['UseDbSearch']) {
PMA\libraries\Util::mysqlDie(__('Access denied!'), '', false, $err_url);
}
// end if
$url_query .= '&goto=db_search.php';
$url_params['goto'] = 'db_search.php';
// Create a database search instance
$db_search = new DbSearch($GLOBALS['db']);
// Display top links if we are not in an Ajax request
if (!$response->isAjax()) {
list($tables, $num_tables, $total_num_tables, $sub_part, $is_show_stats, $db_is_system_schema, $tooltip_truename, $tooltip_aliasname, $pos) = PMA\libraries\Util::getDbInfo($db, isset($sub_part) ? $sub_part : '');
}
// Main search form has been submitted, get results
if (isset($_REQUEST['submit_search'])) {
$response->addHTML($db_search->getSearchResults());
}
// If we are in an Ajax request, we need to exit after displaying all the HTML
/**
* Generate the error url and submit the query
*
* @param string $username Username
* @param string $hostname Hostname
* @param string $password Password
* @param string $sql_query SQL query
* @param string $hashing_function Hashing function
* @param string $auth_plugin Authentication Plugin
*
* @return void
*/
function PMA_changePassUrlParamsAndSubmitQuery($username, $hostname, $password, $sql_query, $hashing_function, $auth_plugin)
{
$err_url = 'user_password.php' . PMA_URL_getCommon();
if (PMA\libraries\Util::getServerType() === 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706) {
$local_query = 'ALTER USER \'' . $username . '\'@\'' . $hostname . '\'' . ' IDENTIFIED with ' . $auth_plugin . ' BY ' . ($password == '' ? '\'\'' : '\'' . PMA\libraries\Util::sqlAddSlashes($password) . '\'');
} else {
$local_query = 'SET password = '******'' ? '\'\'' : $hashing_function . '(\'' . PMA\libraries\Util::sqlAddSlashes($password) . '\')');
}
if (!@$GLOBALS['dbi']->tryQuery($local_query)) {
PMA\libraries\Util::mysqlDie($GLOBALS['dbi']->getError(), $sql_query, false, $err_url);
}
}
if (!empty($sql_data) && $sql_data['valid_queries'] > 1) {
$_SESSION['is_multi_query'] = true;
$sql_queries = $sql_data['valid_sql'];
} else {
$sql_queries = array($sql_query);
}
$html_output = '';
foreach ($sql_queries as $sql_query) {
// parse sql query
include_once 'libraries/parse_analyze.lib.php';
list($analyzed_sql_results, $db, $table_from_sql) = PMA_parseAnalyze($sql_query, $db);
// @todo: possibly refactor
extract($analyzed_sql_results);
// Check if User is allowed to issue a 'DROP DATABASE' Statement
if (PMA_hasNoRightsToDropDatabase($analyzed_sql_results, $cfg['AllowUserDropDatabase'], $GLOBALS['is_superuser'])) {
PMA\libraries\Util::mysqlDie(__('"DROP DATABASE" statements are disabled.'), '', false, $_SESSION['Import_message']['go_back_url']);
return;
}
// end if
if ($table != $table_from_sql && !empty($table_from_sql)) {
$table = $table_from_sql;
}
$html_output .= PMA_executeQueryAndGetQueryResponse($analyzed_sql_results, false, $db, $table, null, null, null, null, null, null, $goto, $pmaThemeImage, null, null, null, $sql_query, null, null);
}
// sql_query_for_bookmark is not included in PMA_executeQueryAndGetQueryResponse
// since only one bookmark has to be added for all the queries submitted through
// the SQL tab
if (!empty($_POST['bkm_label']) && !empty($import_text)) {
$cfgBookmark = Bookmark::getParams();
PMA_storeTheQueryAsBookmark($db, $cfgBookmark['user'], $_REQUEST['sql_query'], $_POST['bkm_label'], isset($_POST['bkm_replace']) ? $_POST['bkm_replace'] : null);
}
