* @package PhpMyAdmin */ /** * Common functions. */ // we don't want the usual PMA\libraries\Response-generated HTML above the column's // data define('PMA_BYPASS_GET_INSTANCE', 1); require_once 'libraries/common.inc.php'; require_once 'libraries/mime.lib.php'; /* Check parameters */ PMA\libraries\Util::checkParameters(array('db', 'table')); /* Select database */ if (!$GLOBALS['dbi']->selectDb($db)) { PMA\libraries\Util::mysqlDie(sprintf(__('\'%s\' database does not exist.'), htmlspecialchars($db)), '', false); } /* Check if table exists */ if (!$GLOBALS['dbi']->getColumns($db, $table)) { PMA\libraries\Util::mysqlDie(__('Invalid table name')); } /* Grab data */ $sql = 'SELECT ' . PMA\libraries\Util::backquote($_GET['transform_key']) . ' FROM ' . PMA\libraries\Util::backquote($table) . ' WHERE ' . $_GET['where_clause'] . ';'; $result = $GLOBALS['dbi']->fetchValue($sql); /* Check return code */ if ($result === false) { PMA\libraries\Util::mysqlDie(__('MySQL returned an empty result set (i.e. zero rows).'), $sql); } /* Avoid corrupting data */ @ini_set('url_rewriter.tags', ''); PMA_downloadHeader($table . '-' . $_GET['transform_key'] . '.bin', PMA_detectMIME($result), mb_strlen($result, '8bit')); echo $result;
PMA\libraries\Util::checkParameters(array('db')); /** @var String $pmaString */ $pmaString = $GLOBALS['PMA_String']; /* Check if database name is empty */ if (mb_strlen($db) == 0) { PMA\libraries\Util::mysqlDie(__('The database name is empty!'), '', false, 'index.php'); } /** * Selects the database to work with */ if (!$GLOBALS['dbi']->selectDb($db)) { PMA\libraries\Util::mysqlDie(sprintf(__('\'%s\' database does not exist.'), htmlspecialchars($db)), '', false, 'index.php'); } if ($GLOBALS['dbi']->getColumns($db, $table)) { // table exists already PMA\libraries\Util::mysqlDie(sprintf(__('Table %s already exists!'), htmlspecialchars($table)), '', false, 'db_structure.php' . PMA_URL_getCommon(array('db' => $db))); } // for libraries/tbl_columns_definition_form.inc.php // check number of fields to be created $num_fields = PMA_getNumberOfFieldsFromRequest(); $action = 'tbl_create.php'; /** * The form used to define the structure of the table has been submitted */ if (isset($_REQUEST['do_save_data'])) { $sql_query = PMA_getTableCreationQuery($db, $table); // If there is a request for SQL previewing. if (isset($_REQUEST['preview_sql'])) { PMA_previewSQL($sql_query); } // Executes the query
include_once 'libraries/transformations.lib.php'; // Update comment table for mime types [MIME] if (isset($_REQUEST['field_mimetype']) && is_array($_REQUEST['field_mimetype']) && $cfg['BrowseMIME']) { foreach ($_REQUEST['field_mimetype'] as $fieldindex => $mimetype) { if (isset($_REQUEST['field_name'][$fieldindex]) && mb_strlen($_REQUEST['field_name'][$fieldindex])) { PMA_setMIME($db, $table, $_REQUEST['field_name'][$fieldindex], $mimetype, $_REQUEST['field_transformation'][$fieldindex], $_REQUEST['field_transformation_options'][$fieldindex], $_REQUEST['field_input_transformation'][$fieldindex], $_REQUEST['field_input_transformation_options'][$fieldindex]); } } } // Go back to the structure sub-page $message = PMA\libraries\Message::success(__('Table %1$s has been altered successfully.')); $message->addParam($table); $response->addJSON('message', PMA\libraries\Util::getMessage($message, $sql_query, 'success')); exit; } else { $error_message_html = PMA\libraries\Util::mysqlDie('', '', false, $err_url, false); $response->addHTML($error_message_html); $response->setRequestStatus(false); exit; } } // end do alter table /** * Displays the form used to define the new field */ if ($abort == false) { /** * Gets tables information */ include_once 'libraries/tbl_common.inc.php'; include_once 'libraries/tbl_info.inc.php';
/** * Function to execute the column creation statement * * @param string $db current database * @param string $table current table * @param string $err_url error page url * * @return array */ function PMA_tryColumnCreationQuery($db, $table, $err_url) { // get column addition statements $sql_statement = PMA_getColumnCreationStatements(false); // To allow replication, we first select the db to use and then run queries // on this db. if (!$GLOBALS['dbi']->selectDb($db)) { PMA\libraries\Util::mysqlDie($GLOBALS['dbi']->getError(), 'USE ' . PMA\libraries\Util::backquote($db), false, $err_url); } $sql_query = 'ALTER TABLE ' . PMA\libraries\Util::backquote($table) . ' ' . $sql_statement . ';'; // If there is a request for SQL previewing. if (isset($_REQUEST['preview_sql'])) { PMA_previewSQL($sql_query); } return array($GLOBALS['dbi']->tryQuery($sql_query), $sql_query); }
/** * Responds an error when an error happens when executing the query * * @param boolean $is_gotofile whether goto file or not * @param String $error error after executing the query * @param String $full_sql_query full sql query * * @return void */ function PMA_handleQueryExecuteError($is_gotofile, $error, $full_sql_query) { if ($is_gotofile) { $message = PMA\libraries\Message::rawError($error); $response = PMA\libraries\Response::getInstance(); $response->setRequestStatus(false); $response->addJSON('message', $message); } else { PMA\libraries\Util::mysqlDie($error, $full_sql_query, '', ''); } exit; }
/** * Changes password for a user * * @param string $username Username * @param string $hostname Hostname * @param string $password Password * @param string $sql_query SQL query * @param string $hashing_function Hashing function * @param string $orig_auth_plugin Original Authentication Plugin * * @return void */ function PMA_changePassUrlParamsAndSubmitQuery($username, $hostname, $password, $sql_query, $hashing_function, $orig_auth_plugin) { $err_url = 'user_password.php' . PMA_URL_getCommon(); $serverType = PMA\libraries\Util::getServerType(); if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706) { $local_query = 'ALTER USER \'' . $username . '\'@\'' . $hostname . '\'' . ' IDENTIFIED with ' . $orig_auth_plugin . ' BY ' . ($password == '' ? '\'\'' : '\'' . PMA\libraries\Util::sqlAddSlashes($password) . '\''); } else { if ($serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200 && PMA_MYSQL_INT_VERSION < 100100 && $orig_auth_plugin !== '') { if ($orig_auth_plugin == 'mysql_native_password') { // Set the hashing method used by PASSWORD() // to be 'mysql_native_password' type $GLOBALS['dbi']->tryQuery('SET old_passwords = 0;'); } else { if ($orig_auth_plugin == 'sha256_password') { // Set the hashing method used by PASSWORD() // to be 'sha256_password' type $GLOBALS['dbi']->tryQuery('SET `old_passwords` = 2;'); } } $hashedPassword = PMA_getHashedPassword($_POST['pma_pw']); $local_query = "UPDATE `mysql`.`user` SET" . " `authentication_string` = '" . $hashedPassword . "', `Password` = '', " . " `plugin` = '" . $orig_auth_plugin . "'" . " WHERE `User` = '" . $username . "' AND Host = '" . $hostname . "';"; } else { $local_query = 'SET password = '******'' ? '\'\'' : $hashing_function . '(\'' . PMA\libraries\Util::sqlAddSlashes($password) . '\')'); } } if (!@$GLOBALS['dbi']->tryQuery($local_query)) { PMA\libraries\Util::mysqlDie($GLOBALS['dbi']->getError(), $sql_query, false, $err_url); } // Flush privileges after successful password change $GLOBALS['dbi']->tryQuery("FLUSH PRIVILEGES;"); }
} // Parse and analyze the query, for correct db and table name // in case of a query typed in the query window // (but if the query is too large, in case of an imported file, the parser // can choke on it so avoid parsing) $sqlLength = mb_strlen($sql_query); if ($sqlLength <= $GLOBALS['cfg']['MaxCharactersInDisplayedSQL']) { include_once 'libraries/parse_analyze.lib.php'; list($analyzed_sql_results, $db, $table) = PMA_parseAnalyze($sql_query, $db); // @todo: possibly refactor extract($analyzed_sql_results); } // There was an error? if (isset($my_die)) { foreach ($my_die as $key => $die) { PMA\libraries\Util::mysqlDie($die['error'], $die['sql'], false, $err_url, $error); } } if ($go_sql) { if (!empty($sql_data) && $sql_data['valid_queries'] > 1) { $_SESSION['is_multi_query'] = true; $sql_queries = $sql_data['valid_sql']; } else { $sql_queries = array($sql_query); } $html_output = ''; foreach ($sql_queries as $sql_query) { // parse sql query include_once 'libraries/parse_analyze.lib.php'; list($analyzed_sql_results, $db, $table) = PMA_parseAnalyze($sql_query, $db); // @todo: possibly refactor
* Gets some core libraries */ require_once 'libraries/common.inc.php'; use PMA\libraries\Response; use PMA\libraries\DbSearch; $response = Response::getInstance(); $header = $response->getHeader(); $scripts = $header->getScripts(); $scripts->addFile('db_search.js'); $scripts->addFile('sql.js'); $scripts->addFile('makegrid.js'); $scripts->addFile('jquery/jquery-ui-timepicker-addon.js'); require 'libraries/db_common.inc.php'; // If config variable $GLOBALS['cfg']['UseDbSearch'] is on false : exit. if (!$GLOBALS['cfg']['UseDbSearch']) { PMA\libraries\Util::mysqlDie(__('Access denied!'), '', false, $err_url); } // end if $url_query .= '&goto=db_search.php'; $url_params['goto'] = 'db_search.php'; // Create a database search instance $db_search = new DbSearch($GLOBALS['db']); // Display top links if we are not in an Ajax request if (!$response->isAjax()) { list($tables, $num_tables, $total_num_tables, $sub_part, $is_show_stats, $db_is_system_schema, $tooltip_truename, $tooltip_aliasname, $pos) = PMA\libraries\Util::getDbInfo($db, isset($sub_part) ? $sub_part : ''); } // Main search form has been submitted, get results if (isset($_REQUEST['submit_search'])) { $response->addHTML($db_search->getSearchResults()); } // If we are in an Ajax request, we need to exit after displaying all the HTML
/** * Generate the error url and submit the query * * @param string $username Username * @param string $hostname Hostname * @param string $password Password * @param string $sql_query SQL query * @param string $hashing_function Hashing function * @param string $auth_plugin Authentication Plugin * * @return void */ function PMA_changePassUrlParamsAndSubmitQuery($username, $hostname, $password, $sql_query, $hashing_function, $auth_plugin) { $err_url = 'user_password.php' . PMA_URL_getCommon(); if (PMA\libraries\Util::getServerType() === 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706) { $local_query = 'ALTER USER \'' . $username . '\'@\'' . $hostname . '\'' . ' IDENTIFIED with ' . $auth_plugin . ' BY ' . ($password == '' ? '\'\'' : '\'' . PMA\libraries\Util::sqlAddSlashes($password) . '\''); } else { $local_query = 'SET password = '******'' ? '\'\'' : $hashing_function . '(\'' . PMA\libraries\Util::sqlAddSlashes($password) . '\')'); } if (!@$GLOBALS['dbi']->tryQuery($local_query)) { PMA\libraries\Util::mysqlDie($GLOBALS['dbi']->getError(), $sql_query, false, $err_url); } }
if (!empty($sql_data) && $sql_data['valid_queries'] > 1) { $_SESSION['is_multi_query'] = true; $sql_queries = $sql_data['valid_sql']; } else { $sql_queries = array($sql_query); } $html_output = ''; foreach ($sql_queries as $sql_query) { // parse sql query include_once 'libraries/parse_analyze.lib.php'; list($analyzed_sql_results, $db, $table_from_sql) = PMA_parseAnalyze($sql_query, $db); // @todo: possibly refactor extract($analyzed_sql_results); // Check if User is allowed to issue a 'DROP DATABASE' Statement if (PMA_hasNoRightsToDropDatabase($analyzed_sql_results, $cfg['AllowUserDropDatabase'], $GLOBALS['is_superuser'])) { PMA\libraries\Util::mysqlDie(__('"DROP DATABASE" statements are disabled.'), '', false, $_SESSION['Import_message']['go_back_url']); return; } // end if if ($table != $table_from_sql && !empty($table_from_sql)) { $table = $table_from_sql; } $html_output .= PMA_executeQueryAndGetQueryResponse($analyzed_sql_results, false, $db, $table, null, null, null, null, null, null, $goto, $pmaThemeImage, null, null, null, $sql_query, null, null); } // sql_query_for_bookmark is not included in PMA_executeQueryAndGetQueryResponse // since only one bookmark has to be added for all the queries submitted through // the SQL tab if (!empty($_POST['bkm_label']) && !empty($import_text)) { $cfgBookmark = Bookmark::getParams(); PMA_storeTheQueryAsBookmark($db, $cfgBookmark['user'], $_REQUEST['sql_query'], $_POST['bkm_label'], isset($_POST['bkm_replace']) ? $_POST['bkm_replace'] : null); }