/** * Prepares queries for adding users and * also create database and return query and message * * @param boolean $_error whether user create or not * @param string $real_sql_query SQL query for add a user * @param string $sql_query SQL query to be displayed * @param string $username username * @param string $hostname host name * @param string $dbname database name * * @return array $sql_query, $message */ function PMA_addUserAndCreateDatabase($_error, $real_sql_query, $sql_query, $username, $hostname, $dbname) { if ($_error || !empty($real_sql_query) && !$GLOBALS['dbi']->tryQuery($real_sql_query)) { $_REQUEST['createdb-1'] = $_REQUEST['createdb-2'] = $_REQUEST['createdb-3'] = null; $message = Message::rawError($GLOBALS['dbi']->getError()); } else { $message = Message::success(__('You have added a new user.')); } if (isset($_REQUEST['createdb-1'])) { // Create database with same name and grant all privileges $q = 'CREATE DATABASE IF NOT EXISTS ' . Util::backquote(Util::sqlAddSlashes($username)) . ';'; $sql_query .= $q; if (!$GLOBALS['dbi']->tryQuery($q)) { $message = Message::rawError($GLOBALS['dbi']->getError()); } /** * Reload the navigation */ $GLOBALS['reload'] = true; $GLOBALS['db'] = $username; $q = 'GRANT ALL PRIVILEGES ON ' . Util::backquote(Util::escapeMysqlWildcards(Util::sqlAddSlashes($username))) . '.* TO \'' . Util::sqlAddSlashes($username) . '\'@\'' . Util::sqlAddSlashes($hostname) . '\';'; $sql_query .= $q; if (!$GLOBALS['dbi']->tryQuery($q)) { $message = Message::rawError($GLOBALS['dbi']->getError()); } } if (isset($_REQUEST['createdb-2'])) { // Grant all privileges on wildcard name (username\_%) $q = 'GRANT ALL PRIVILEGES ON ' . Util::backquote(Util::sqlAddSlashes($username) . '\\_%') . '.* TO \'' . Util::sqlAddSlashes($username) . '\'@\'' . Util::sqlAddSlashes($hostname) . '\';'; $sql_query .= $q; if (!$GLOBALS['dbi']->tryQuery($q)) { $message = Message::rawError($GLOBALS['dbi']->getError()); } } if (isset($_REQUEST['createdb-3'])) { // Grant all privileges on the specified database to the new user $q = 'GRANT ALL PRIVILEGES ON ' . Util::backquote(Util::sqlAddSlashes($dbname)) . '.* TO \'' . Util::sqlAddSlashes($username) . '\'@\'' . Util::sqlAddSlashes($hostname) . '\';'; $sql_query .= $q; if (!$GLOBALS['dbi']->tryQuery($q)) { $message = Message::rawError($GLOBALS['dbi']->getError()); } } return array($sql_query, $message); }
/** * Function to respond back when the query returns zero rows * This method is called * 1-> When browsing an empty table * 2-> When executing a query on a non empty table which returns zero results * 3-> When executing a query on an empty table * 4-> When executing an INSERT, UPDATE, DELETE query from the SQL tab * 5-> When deleting a row from BROWSE tab * 6-> When searching using the SEARCH tab which returns zero results * 7-> When changing the structure of the table except change operation * * @param array $analyzed_sql_results analyzed sql results * @param string $db current database * @param string $table current table * @param string $message_to_show message to show * @param int $num_rows number of rows * @param DisplayResults $displayResultsObject DisplayResult instance * @param array $extra_data extra data * @param string $pmaThemeImage uri of the theme image * @param object $result executed query results * @param string $sql_query sql query * @param string $complete_query complete sql query * * @return string html */ function PMA_getQueryResponseForNoResultsReturned($analyzed_sql_results, $db, $table, $message_to_show, $num_rows, $displayResultsObject, $extra_data, $pmaThemeImage, $result, $sql_query, $complete_query) { if (PMA_isDeleteTransformationInfo($analyzed_sql_results)) { PMA_deleteTransformationInfo($db, $table, $analyzed_sql_results); } if (isset($extra_data['error'])) { $message = PMA\libraries\Message::rawError($extra_data['error']); } else { $message = PMA_getMessageForNoRowsReturned(isset($message_to_show) ? $message_to_show : null, $analyzed_sql_results, $num_rows); } $html_output = ''; if (!isset($GLOBALS['show_as_php'])) { if (!empty($GLOBALS['reload'])) { $extra_data['reload'] = 1; $extra_data['db'] = $GLOBALS['db']; } $html_message = PMA\libraries\Util::getMessage($message, $GLOBALS['sql_query'], 'success'); $html_output .= $html_message; // For ajax requests add message and sql_query as JSON if (empty($_REQUEST['ajax_page_request'])) { $extra_data['message'] = $message; if ($GLOBALS['cfg']['ShowSQL']) { $extra_data['sql_query'] = $html_message; } } $response = PMA\libraries\Response::getInstance(); $response->addJSON(isset($extra_data) ? $extra_data : array()); if (!empty($analyzed_sql_results['is_select']) && !isset($extra_data['error'])) { $url_query = isset($url_query) ? $url_query : null; $displayParts = array('edit_lnk' => null, 'del_lnk' => null, 'sort_lnk' => '1', 'nav_bar' => '0', 'bkm_form' => '1', 'text_btn' => '1', 'pview_lnk' => '1'); $html_output .= PMA_getHtmlForSqlQueryResultsTable($displayResultsObject, $pmaThemeImage, $url_query, $displayParts, false, 0, $num_rows, true, $result, $analyzed_sql_results, true); $html_output .= $displayResultsObject->getCreateViewQueryResultOp($analyzed_sql_results); $cfgBookmark = PMA_Bookmark_getParams(); if ($cfgBookmark) { $html_output .= PMA_getHtmlForBookmark($displayParts, $cfgBookmark, $sql_query, $db, $table, isset($complete_query) ? $complete_query : $sql_query, $cfgBookmark['user']); } } } return $html_output; }
/** * if $isTable is true it removes all columns of given tables as $field_select from * central columns list otherwise $field_select is columns list and it removes * given columns if present in central list * * @param array $field_select if $isTable selected list of tables otherwise * selected list of columns to remove from central list * @param bool $isTable if passed array is of tables or columns * * @return true|PMA\libraries\Message */ function PMA_deleteColumnsFromList($field_select, $isTable = true) { $cfgCentralColumns = PMA_centralColumnsGetParams(); if (empty($cfgCentralColumns)) { return PMA_configErrorMessage(); } $db = $_REQUEST['db']; $pmadb = $cfgCentralColumns['db']; $central_list_table = $cfgCentralColumns['table']; $GLOBALS['dbi']->selectDb($db, $GLOBALS['userlink']); $message = true; $colNotExist = array(); $fields = array(); if ($isTable) { $cols = ''; foreach ($field_select as $table) { $fields[$table] = (array) $GLOBALS['dbi']->getColumnNames($db, $table, $GLOBALS['userlink']); foreach ($fields[$table] as $col_select) { $cols .= '\'' . Util::sqlAddSlashes($col_select) . '\','; } } $cols = trim($cols, ','); $has_list = PMA_findExistingColNames($db, $cols); foreach ($field_select as $table) { foreach ($fields[$table] as $column) { if (!in_array($column, $has_list)) { $colNotExist[] = "'" . $column . "'"; } } } } else { $cols = ''; foreach ($field_select as $col_select) { $cols .= '\'' . Util::sqlAddSlashes($col_select) . '\','; } $cols = trim($cols, ','); $has_list = PMA_findExistingColNames($db, $cols); foreach ($field_select as $column) { if (!in_array($column, $has_list)) { $colNotExist[] = "'" . $column . "'"; } } } if (!empty($colNotExist)) { $colNotExist = implode(",", array_unique($colNotExist)); $message = Message::notice(sprintf(__('Couldn\'t remove Column(s) %1$s ' . 'as they don\'t exist in central columns list!'), htmlspecialchars($colNotExist))); } $GLOBALS['dbi']->selectDb($pmadb, $GLOBALS['controllink']); $query = 'DELETE FROM ' . Util::backquote($central_list_table) . ' ' . 'WHERE db_name = \'' . $db . '\' AND col_name IN (' . $cols . ');'; if (!$GLOBALS['dbi']->tryQuery($query, $GLOBALS['controllink'])) { $message = Message::error(__('Could not remove columns!')); $message->addMessage('<br />' . htmlspecialchars($cols) . '<br />'); $message->addMessage(Message::rawError($GLOBALS['dbi']->getError($GLOBALS['controllink']))); } return $message; }
/** * Update the table's structure based on $_REQUEST * * @return boolean $regenerate true if error occurred * */ protected function updateColumns() { $err_url = 'tbl_structure.php' . PMA_URL_getCommon(array('db' => $this->db, 'table' => $this->table)); $regenerate = false; $field_cnt = count($_REQUEST['field_name']); $changes = array(); $adjust_privileges = array(); for ($i = 0; $i < $field_cnt; $i++) { if (!$this->columnNeedsAlterTable($i)) { continue; } $changes[] = 'CHANGE ' . Table::generateAlter(Util_lib\get($_REQUEST, "field_orig.{$i}", ''), $_REQUEST['field_name'][$i], $_REQUEST['field_type'][$i], $_REQUEST['field_length'][$i], $_REQUEST['field_attribute'][$i], Util_lib\get($_REQUEST, "field_collation.{$i}", ''), Util_lib\get($_REQUEST, "field_null.{$i}", 'NOT NULL'), $_REQUEST['field_default_type'][$i], $_REQUEST['field_default_value'][$i], Util_lib\get($_REQUEST, "field_extra.{$i}", false), Util_lib\get($_REQUEST, "field_comments.{$i}", ''), Util_lib\get($_REQUEST, "field_virtuality.{$i}", ''), Util_lib\get($_REQUEST, "field_expression.{$i}", ''), Util_lib\get($_REQUEST, "field_move_to.{$i}", '')); // find the remembered sort expression $sorted_col = $this->table_obj->getUiProp(Table::PROP_SORTED_COLUMN); // if the old column name is part of the remembered sort expression if (mb_strpos($sorted_col, Util::backquote($_REQUEST['field_orig'][$i])) !== false) { // delete the whole remembered sort expression $this->table_obj->removeUiProp(Table::PROP_SORTED_COLUMN); } if (isset($_REQUEST['field_adjust_privileges'][$i]) && !empty($_REQUEST['field_adjust_privileges'][$i]) && $_REQUEST['field_orig'][$i] != $_REQUEST['field_name'][$i]) { $adjust_privileges[$_REQUEST['field_orig'][$i]] = $_REQUEST['field_name'][$i]; } } // end for if (count($changes) > 0 || isset($_REQUEST['preview_sql'])) { // Builds the primary keys statements and updates the table $key_query = ''; /** * this is a little bit more complex * * @todo if someone selects A_I when altering a column we need to check: * - no other column with A_I * - the column has an index, if not create one * */ // To allow replication, we first select the db to use // and then run queries on this db. if (!$this->dbi->selectDb($this->db)) { Util::mysqlDie($this->dbi->getError(), 'USE ' . Util::backquote($this->db) . ';', false, $err_url); } $sql_query = 'ALTER TABLE ' . Util::backquote($this->table) . ' '; $sql_query .= implode(', ', $changes) . $key_query; $sql_query .= ';'; // If there is a request for SQL previewing. if (isset($_REQUEST['preview_sql'])) { PMA_previewSQL(count($changes) > 0 ? $sql_query : ''); } $columns_with_index = $this->dbi->getTable($this->db, $this->table)->getColumnsWithIndex(PMA_Index::PRIMARY | PMA_Index::UNIQUE | PMA_Index::INDEX | PMA_Index::SPATIAL | PMA_Index::FULLTEXT); $changedToBlob = array(); // While changing the Column Collation // First change to BLOB for ($i = 0; $i < $field_cnt; $i++) { if (isset($_REQUEST['field_collation'][$i]) && isset($_REQUEST['field_collation_orig'][$i]) && $_REQUEST['field_collation'][$i] !== $_REQUEST['field_collation_orig'][$i] && !in_array($_REQUEST['field_orig'][$i], $columns_with_index)) { $secondary_query = 'ALTER TABLE ' . Util::backquote($this->table) . ' CHANGE ' . Util::backquote($_REQUEST['field_orig'][$i]) . ' ' . Util::backquote($_REQUEST['field_orig'][$i]) . ' BLOB;'; $this->dbi->query($secondary_query); $changedToBlob[$i] = true; } else { $changedToBlob[$i] = false; } } // Then make the requested changes $result = $this->dbi->tryQuery($sql_query); if ($result !== false) { $changed_privileges = $this->adjustColumnPrivileges($adjust_privileges); if ($changed_privileges) { $message = Message::success(__('Table %1$s has been altered successfully. Privileges ' . 'have been adjusted.')); } else { $message = Message::success(__('Table %1$s has been altered successfully.')); } $message->addParam($this->table); $this->response->addHTML(Util::getMessage($message, $sql_query, 'success')); } else { // An error happened while inserting/updating a table definition // Save the Original Error $orig_error = $this->dbi->getError(); $changes_revert = array(); // Change back to Original Collation and data type for ($i = 0; $i < $field_cnt; $i++) { if ($changedToBlob[$i]) { $changes_revert[] = 'CHANGE ' . Table::generateAlter(Util_lib\get($_REQUEST, "field_orig.{$i}", ''), $_REQUEST['field_name'][$i], $_REQUEST['field_type_orig'][$i], $_REQUEST['field_length_orig'][$i], $_REQUEST['field_attribute_orig'][$i], Util_lib\get($_REQUEST, "field_collation_orig.{$i}", ''), Util_lib\get($_REQUEST, "field_null_orig.{$i}", 'NOT NULL'), $_REQUEST['field_default_type_orig'][$i], $_REQUEST['field_default_value_orig'][$i], Util_lib\get($_REQUEST, "field_extra_orig.{$i}", false), Util_lib\get($_REQUEST, "field_comments_orig.{$i}", ''), Util_lib\get($_REQUEST, "field_virtuality_orig.{$i}", ''), Util_lib\get($_REQUEST, "field_expression_orig.{$i}", ''), Util_lib\get($_REQUEST, "field_move_to_orig.{$i}", '')); } } $revert_query = 'ALTER TABLE ' . Util::backquote($this->table) . ' '; $revert_query .= implode(', ', $changes_revert) . ''; $revert_query .= ';'; // Column reverted back to original $this->dbi->query($revert_query); $this->response->setRequestStatus(false); $this->response->addJSON('message', Message::rawError(__('Query error') . ':<br />' . $orig_error)); $regenerate = true; } } // update field names in relation if (isset($_REQUEST['field_orig']) && is_array($_REQUEST['field_orig'])) { foreach ($_REQUEST['field_orig'] as $fieldindex => $fieldcontent) { if ($_REQUEST['field_name'][$fieldindex] != $fieldcontent) { PMA_REL_renameField($this->db, $this->table, $fieldcontent, $_REQUEST['field_name'][$fieldindex]); } } } // update mime types if (isset($_REQUEST['field_mimetype']) && is_array($_REQUEST['field_mimetype']) && $GLOBALS['cfg']['BrowseMIME']) { foreach ($_REQUEST['field_mimetype'] as $fieldindex => $mimetype) { if (isset($_REQUEST['field_name'][$fieldindex]) && mb_strlen($_REQUEST['field_name'][$fieldindex])) { PMA_setMIME($this->db, $this->table, $_REQUEST['field_name'][$fieldindex], $mimetype, $_REQUEST['field_transformation'][$fieldindex], $_REQUEST['field_transformation_options'][$fieldindex], $_REQUEST['field_input_transformation'][$fieldindex], $_REQUEST['field_input_transformation_options'][$fieldindex]); } } } return $regenerate; }
/** * Save this table's UI preferences into phpMyAdmin database. * * @return true|Message */ protected function saveUiPrefsToDb() { $cfgRelation = PMA_getRelationsParam(); $pma_table = Util::backquote($cfgRelation['db']) . "." . Util::backquote($cfgRelation['table_uiprefs']); $secureDbName = Util::sqlAddSlashes($this->_db_name); $username = $GLOBALS['cfg']['Server']['user']; $sql_query = " REPLACE INTO " . $pma_table . " (username, db_name, table_name, prefs) VALUES ('" . $username . "', '" . $secureDbName . "', '" . Util::sqlAddSlashes($this->_name) . "', '" . Util::sqlAddSlashes(json_encode($this->uiprefs)) . "')"; $success = $this->_dbi->tryQuery($sql_query, $GLOBALS['controllink']); if (!$success) { $message = Message::error(__('Could not save table UI preferences!')); $message->addMessage('<br /><br />'); $message->addMessage(Message::rawError($this->_dbi->getError($GLOBALS['controllink']))); return $message; } // Remove some old rows in table_uiprefs if it exceeds the configured // maximum rows $sql_query = 'SELECT COUNT(*) FROM ' . $pma_table; $rows_count = $this->_dbi->fetchValue($sql_query); $max_rows = $GLOBALS['cfg']['Server']['MaxTableUiprefs']; if ($rows_count > $max_rows) { $num_rows_to_delete = $rows_count - $max_rows; $sql_query = ' DELETE FROM ' . $pma_table . ' ORDER BY last_update ASC' . ' LIMIT ' . $num_rows_to_delete; $success = $this->_dbi->tryQuery($sql_query, $GLOBALS['controllink']); if (!$success) { $message = Message::error(sprintf(__('Failed to cleanup table UI preferences (see ' . '$cfg[\'Servers\'][$i][\'MaxTableUiprefs\'] %s)'), Util::showDocu('config', 'cfg_Servers_MaxTableUiprefs'))); $message->addMessage('<br /><br />'); $message->addMessage(Message::rawError($this->_dbi->getError($GLOBALS['controllink']))); return $message; } } return true; }
/** * Function to delete from a tracking report log * * @param array &$data tracked data * @param string $which_log ddlog|dmlog * @param string $type DDL|DML * @param string $message success message * * @return string HTML for the message */ function PMA_deleteFromTrackingReportLog(&$data, $which_log, $type, $message) { $html = ''; $delete_id = $_REQUEST['delete_' . $which_log]; // Only in case of valid id if ($delete_id == (int) $delete_id) { unset($data[$which_log][$delete_id]); $successfullyDeleted = Tracker::changeTrackingData($_REQUEST['db'], $_REQUEST['table'], $_REQUEST['version'], $type, $data[$which_log]); if ($successfullyDeleted) { $msg = Message::success($message); } else { $msg = Message::rawError(__('Query error')); } $html .= $msg->getDisplay(); } return $html; }
/** * Saves user preferences * * @param array $config_array configuration array * * @return true|PMA\libraries\Message */ function PMA_saveUserprefs(array $config_array) { $cfgRelation = PMA_getRelationsParam(); $server = isset($GLOBALS['server']) ? $GLOBALS['server'] : $GLOBALS['cfg']['ServerDefault']; $cache_key = 'server_' . $server; if (!$cfgRelation['userconfigwork']) { // no pmadb table, use session storage $_SESSION['userconfig'] = array('db' => $config_array, 'ts' => time()); if (isset($_SESSION['cache'][$cache_key]['userprefs'])) { unset($_SESSION['cache'][$cache_key]['userprefs']); } return true; } // save configuration to pmadb $query_table = PMA\libraries\Util::backquote($cfgRelation['db']) . '.' . PMA\libraries\Util::backquote($cfgRelation['userconfig']); $query = 'SELECT `username` FROM ' . $query_table . ' WHERE `username` = \'' . $GLOBALS['dbi']->escapeString($cfgRelation['user']) . '\''; $has_config = $GLOBALS['dbi']->fetchValue($query, 0, 0, $GLOBALS['controllink']); $config_data = json_encode($config_array); if ($has_config) { $query = 'UPDATE ' . $query_table . ' SET `timevalue` = NOW(), `config_data` = \'' . $GLOBALS['dbi']->escapeString($config_data) . '\'' . ' WHERE `username` = \'' . $GLOBALS['dbi']->escapeString($cfgRelation['user']) . '\''; } else { $query = 'INSERT INTO ' . $query_table . ' (`username`, `timevalue`,`config_data`) ' . 'VALUES (\'' . $GLOBALS['dbi']->escapeString($cfgRelation['user']) . '\', NOW(), ' . '\'' . $GLOBALS['dbi']->escapeString($config_data) . '\')'; } if (isset($_SESSION['cache'][$cache_key]['userprefs'])) { unset($_SESSION['cache'][$cache_key]['userprefs']); } if (!$GLOBALS['dbi']->tryQuery($query, $GLOBALS['controllink'])) { $message = Message::error(__('Could not save configuration')); $message->addMessage('<br /><br />'); $message->addMessage(Message::rawError($GLOBALS['dbi']->getError($GLOBALS['controllink']))); return $message; } return true; }
/** * Displays authentication form * * this function MUST exit/quit the application * * @global string $conn_error the last connection error * * @return boolean|void */ public function auth() { global $conn_error; $response = Response::getInstance(); if ($response->isAjax()) { $response->setRequestStatus(false); // redirect_flag redirects to the login page $response->addJSON('redirect_flag', '1'); if (defined('TESTSUITE')) { return true; } else { exit; } } // No recall if blowfish secret is not configured as it would produce // garbage if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) { $default_user = $GLOBALS['PHP_AUTH_USER']; $default_server = $GLOBALS['pma_auth_server']; $autocomplete = ''; } else { $default_user = ''; $default_server = ''; // skip the IE autocomplete feature. $autocomplete = ' autocomplete="off"'; } $response->getFooter()->setMinimal(); $header = $response->getHeader(); $header->setBodyId('loginform'); $header->setTitle('phpMyAdmin'); $header->disableMenuAndConsole(); $header->disableWarnings(); if (@file_exists(CUSTOM_HEADER_FILE)) { include CUSTOM_HEADER_FILE; } echo ' <div class="container"> <a href="'; echo PMA_linkURL('https://www.phpmyadmin.net/'); echo '" target="_blank" rel="noopener noreferrer" class="logo">'; $logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png'; if (@file_exists($logo_image)) { echo '<img src="', $logo_image, '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />'; } else { echo '<img name="imLogo" id="imLogo" src="', $GLOBALS['pmaThemeImage'], 'pma_logo.png', '" ', 'border="0" width="88" height="31" alt="phpMyAdmin" />'; } echo '</a> <h1>'; echo sprintf(__('Welcome to %s'), '<bdo dir="ltr" lang="en">phpMyAdmin</bdo>'); echo "</h1>"; // Show error message if (!empty($conn_error)) { Message::rawError($conn_error)->display(); } elseif (isset($_GET['session_expired']) && intval($_GET['session_expired']) == 1) { Message::rawError(__('Your session has expired. Please log in again.'))->display(); } echo "<noscript>\n"; Message::error(__("Javascript must be enabled past this point!"))->display(); echo "</noscript>\n"; echo "<div class='hide js-show'>"; // Displays the languages form if (empty($GLOBALS['cfg']['Lang'])) { include_once './libraries/display_select_lang.lib.php'; // use fieldset, don't show doc link echo PMA_getLanguageSelectorHtml(true, false); } echo '</div> <br /> <!-- Login form --> <form method="post" action="index.php" name="login_form"', $autocomplete, ' class="disableAjax login hide js-show"> <fieldset> <legend>'; echo __('Log in'); echo Util::showDocu('index'); echo '</legend>'; if ($GLOBALS['cfg']['AllowArbitraryServer']) { echo ' <div class="item"> <label for="input_servername" title="'; echo __('You can enter hostname/IP address and port separated by space.'); echo '">'; echo __('Server:'); echo '</label> <input type="text" name="pma_servername" id="input_servername"'; echo ' value="'; echo htmlspecialchars($default_server); echo '" size="24" class="textfield" title="'; echo __('You can enter hostname/IP address and port separated by space.'); echo '" /> </div>'; } echo '<div class="item"> <label for="input_username">', __('Username:'******'</label> <input type="text" name="pma_username" id="input_username" ', 'value="', htmlspecialchars($default_user), '" size="24"', ' class="textfield"/> </div> <div class="item"> <label for="input_password">', __('Password:'******'</label> <input type="password" name="pma_password" id="input_password"', ' value="" size="24" class="textfield" /> </div>'; if (count($GLOBALS['cfg']['Servers']) > 1) { echo '<div class="item"> <label for="select_server">' . __('Server Choice:') . '</label> <select name="server" id="select_server"'; if ($GLOBALS['cfg']['AllowArbitraryServer']) { echo ' onchange="document.forms[\'login_form\'].', 'elements[\'pma_servername\'].value = \'\'" '; } echo '>'; include_once './libraries/select_server.lib.php'; echo PMA_selectServer(false, false); echo '</select></div>'; } else { echo ' <input type="hidden" name="server" value="', $GLOBALS['server'], '" />'; } // end if (server choice) // Add captcha input field if reCaptcha is enabled if (!empty($GLOBALS['cfg']['CaptchaLoginPrivateKey']) && !empty($GLOBALS['cfg']['CaptchaLoginPublicKey'])) { // If enabled show captcha to the user on the login screen. echo '<script src="https://www.google.com/recaptcha/api.js?hl=', $GLOBALS['lang'], '" async defer></script>'; echo '<div class="g-recaptcha" data-sitekey="', htmlspecialchars($GLOBALS['cfg']['CaptchaLoginPublicKey']), '"></div>'; } echo '</fieldset> <fieldset class="tblFooters"> <input value="', __('Go'), '" type="submit" id="input_go" />'; $_form_params = array(); if (!empty($GLOBALS['target'])) { $_form_params['target'] = $GLOBALS['target']; } if (!empty($GLOBALS['db'])) { $_form_params['db'] = $GLOBALS['db']; } if (!empty($GLOBALS['table'])) { $_form_params['table'] = $GLOBALS['table']; } // do not generate a "server" hidden field as we want the "server" // drop-down to have priority echo PMA_URL_getHiddenInputs($_form_params, '', 0, 'server'); echo '</fieldset> </form>'; if ($GLOBALS['error_handler']->hasDisplayErrors()) { echo '<div id="pma_errors">'; $GLOBALS['error_handler']->dispErrors(); echo '</div>'; } echo '</div>'; if (@file_exists(CUSTOM_FOOTER_FILE)) { include CUSTOM_FOOTER_FILE; } if (!defined('TESTSUITE')) { exit; } else { return true; } }
/** * Responds an error when an error happens when executing the query * * @param boolean $is_gotofile whether goto file or not * @param String $error error after executing the query * @param String $full_sql_query full sql query * * @return void */ function PMA_handleQueryExecuteError($is_gotofile, $error, $full_sql_query) { if ($is_gotofile) { $message = PMA\libraries\Message::rawError($error); $response = PMA\libraries\Response::getInstance(); $response->setRequestStatus(false); $response->addJSON('message', $message); } else { PMA\libraries\Util::mysqlDie($error, $full_sql_query, '', ''); } exit; }
/** * move the repeating group of columns to a new table * * @param string $repeatingColumns comma separated list of repeating group columns * @param string $primary_columns comma separated list of column in primary key * of $table * @param string $newTable name of the new table to be created * @param string $newColumn name of the new column in the new table * @param string $table current table * @param string $db current database * * @return array */ function PMA_moveRepeatingGroup($repeatingColumns, $primary_columns, $newTable, $newColumn, $table, $db) { $repeatingColumnsArr = (array) Util::backquote(explode(', ', $repeatingColumns)); $primary_columns = implode(',', Util::backquote(explode(',', $primary_columns))); $query1 = 'CREATE TABLE ' . Util::backquote($newTable); $query2 = 'ALTER TABLE ' . Util::backquote($table); $message = Message::success(sprintf(__('Selected repeating group has been moved to the table \'%s\''), htmlspecialchars($table))); $first = true; $error = false; foreach ($repeatingColumnsArr as $repeatingColumn) { if (!$first) { $query1 .= ' UNION '; } $first = false; $query1 .= ' SELECT ' . $primary_columns . ',' . $repeatingColumn . ' as ' . Util::backquote($newColumn) . ' FROM ' . Util::backquote($table); $query2 .= ' DROP ' . $repeatingColumn . ','; } $query2 = trim($query2, ','); $queries = array($query1, $query2); $GLOBALS['dbi']->selectDb($db, $GLOBALS['userlink']); foreach ($queries as $query) { if (!$GLOBALS['dbi']->tryQuery($query, $GLOBALS['userlink'])) { $message = Message::error(__('Error in processing!')); $message->addMessage('<br /><br />'); $message->addMessage(Message::rawError($GLOBALS['dbi']->getError($GLOBALS['userlink']))); $error = true; break; } } return array('queryError' => $error, 'message' => $message); }
/** * Handles creating a new database * * @return void */ public function createDatabaseAction() { /** * Builds and executes the db creation sql query */ $sql_query = 'CREATE DATABASE ' . Util::backquote($_POST['new_db']); if (!empty($_POST['db_collation'])) { list($db_charset) = explode('_', $_POST['db_collation']); if (in_array($db_charset, $GLOBALS['mysql_charsets']) && in_array($_POST['db_collation'], $GLOBALS['mysql_collations'][$db_charset])) { $sql_query .= ' DEFAULT' . PMA_generateCharsetQueryPart($_POST['db_collation']); } } $sql_query .= ';'; $result = $GLOBALS['dbi']->tryQuery($sql_query); if (!$result) { // avoid displaying the not-created db name in header or navi panel $GLOBALS['db'] = ''; $message = Message::rawError($GLOBALS['dbi']->getError()); $this->response->setRequestStatus(false); $this->response->addJSON('message', $message); } else { $GLOBALS['db'] = $_POST['new_db']; $message = Message::success(__('Database %1$s has been created.')); $message->addParam($_POST['new_db']); $this->response->addJSON('message', $message); $this->response->addJSON('sql_query', Util::getMessage(null, $sql_query, 'success')); $url_query = PMA_URL_getCommon(array('db' => $_POST['new_db'])); $this->response->addJSON('url_query', Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabDatabase'], 'database') . $url_query . '&db=' . urlencode($_POST['new_db'])); } }
/** * Opens file from zip * * @param string|null $specific_entry Entry to open * * @return bool */ public function openZip($specific_entry = null) { include_once './libraries/zip_extension.lib.php'; $result = PMA_getZipContents($this->getName(), $specific_entry); if (!empty($result['error'])) { $this->_error_message = Message::rawError($result['error']); return false; } $this->_content = $result['data']; $this->_offset = 0; return true; }
/** * Handles request for ROLLBACK. * * @param string $sql_query SQL query(s) * * @return void */ function PMA_handleRollbackRequest($sql_query) { $sql_delimiter = $_REQUEST['sql_delimiter']; $queries = explode($sql_delimiter, $sql_query); $error = false; $error_msg = __('Only INSERT, UPDATE, DELETE and REPLACE ' . 'SQL queries containing transactional engine tables can be rolled back.'); foreach ($queries as $sql_query) { if (empty($sql_query)) { continue; } // Check each query for ROLLBACK support. if (!PMA_checkIfRollbackPossible($sql_query)) { $global_error = $GLOBALS['dbi']->getError(); if ($global_error) { $error = $global_error; } else { $error = $error_msg; } break; } } if ($error) { unset($_REQUEST['rollback_query']); $response = PMA\libraries\Response::getInstance(); $message = Message::rawError($error); $response->addJSON('message', $message); exit; } else { // If everything fine, START a transaction. $GLOBALS['dbi']->query('START TRANSACTION'); } }
/** * Save recent/favorite tables into phpMyAdmin database. * * @return true|Message */ public function saveToDb() { $username = $GLOBALS['cfg']['Server']['user']; $sql_query = " REPLACE INTO " . $this->_getPmaTable() . " (`username`, `tables`)" . " VALUES ('" . $username . "', '" . Util::sqlAddSlashes(json_encode($this->_tables)) . "')"; $success = $GLOBALS['dbi']->tryQuery($sql_query, $GLOBALS['controllink']); if (!$success) { $error_msg = ''; switch ($this->_tableType) { case 'recent': $error_msg = __('Could not save recent table!'); break; case 'favorite': $error_msg = __('Could not save favorite table!'); break; } $message = Message::error($error_msg); $message->addMessage('<br /><br />'); $message->addMessage(Message::rawError($GLOBALS['dbi']->getError($GLOBALS['controllink']))); return $message; } return true; }