예제 #1
0
function app_display_record($tp_table, $cond)
{
    global $TEMPLATE;
    _db_temporal($tp_table, $table);
    $data = _app_getdata($table, $cond);
    $call = "display_record_{$table}";
    if (@$TEMPLATE[$call]) {
        $call = "tpl_{$call}";
        $call($data);
    } else {
        // fallback
        tpl_display_record($data);
        if (db_access_table($table, "W")) {
            tpl_vspace(null);
            tpl_input_record($data);
        }
    }
}
function _db_create_tables($OLD, $NEW, $database, &$count)
{
    $count = 0;
    $query = "";
    foreach ($NEW as $newtable => $newdef) {
        if (@$newdef["VIEW"]) {
            $query .= _db_create_view($NEW, $newtable, $newdef["VIEW"]);
            continue;
        }
        if ($newdef["DB"] != $database) {
            $query .= "/* skipping table '{$newtable}', not in database '{$database}' */\n\n";
            continue;
        }
        if (!db_access_table($newtable, "w")) {
            $query .= "/* skipping table '{$newtable}', no write access */\n";
            continue;
        }
        if (!@$newdef["SCHEMA_CONTROL"]) {
            $query .= "/* skipping table '{$newtable}', no schema control over it */\n";
            continue;
        }
        $singular = _db_singular($newtable, $NEW);
        $primary = _db_primary($newtable, $NEW);
        $secondary = $singular . "_name";
        // !!! not generic!
        $restrict = @$newdef["USER_RESTRICT"];
        $tablename = $newtable;
        if ($restrict) {
            $tablename .= "_unrestr";
        }
        $tablename .= "_tp";
        // completely new table or delta?
        if (!isset($OLD[$newtable])) {
            $count++;
            $index = "";
            $query .= "create table if not exists {$tablename} (\n";
            foreach ($newdef["FIELDS"] as $field => $value) {
                if (@$value["VIRTUAL"]) {
                    $query .= "/* omitting VIRTUAL {$field} */\n";
                    continue;
                }
                $query .= __db_create_field($field, $value);
                $query .= ",\n";
            }
            $query .= "  primary key({$primary}";
            if ($newdef["TEMPORAL"]) {
                $query .= ", " . $NEW[$newtable]["FIELDNAME_VERSION"];
            }
            $query .= "),\n";
            $indices = _db_gen_indices($NEW, $newdef, $newtable, $secondary);
            foreach ($indices as $dummy => $index) {
                $query .= __db_create_index($index, false) . ",\n";
            }
            $engine = isset($DEF[$newtable]["ENGINE"]) ? $DEF[$newtable]["ENGINE"] : "";
            if (!$engine) {
                $engine = "myisam";
            }
            $query = preg_replace("/,\\s*\\Z/m", "\n", $query);
            $query .= ") engine={$engine};\n";
            $query .= __db_create_tpview($NEW, $newtable, $restrict);
        } else {
            // isset($OLD[$newtable]) => use "alter table"
            $olddef = $OLD[$newtable];
            $flag = 0;
            $flag_col = 0;
            $after = "";
            foreach ($newdef["FIELDS"] as $field => $value) {
                if (@$value["VIRTUAL"]) {
                    //$query .= "/* omitting VIRTUAL $field */\n";
                    continue;
                }
                if (isset($value["CHANGE_FROM"])) {
                    $count++;
                    $oldfield = $value["CHANGE_FROM"];
                    $query .= "alter table {$tablename}\n";
                    $query .= "  change column " . $oldfield . " " . __db_create_field($field, $value) . " {$after};\n";
                    unset($olddef["FIELDS"][$oldfield]);
                    $flag++;
                    $flag_col++;
                } elseif (isset($olddef["FIELDS"][$field])) {
                    $oldvalue = $olddef["FIELDS"][$field];
                    $diff = false;
                    foreach (array("SQL_TYPE", "DEFAULT", "BETWEEN", "LENGTH", "REGEX") as $test) {
                        if (isset($value[$test]) && (!isset($oldvalue[$test]) || $value[$test] != $oldvalue[$test])) {
                            $diff = true;
                        }
                    }
                    if ($diff) {
                        $count++;
                        $query .= "alter table {$tablename}\n";
                        $query .= "  modify column " . __db_create_field($field, $value) . " {$after};\n";
                        $flag++;
                        $flag_col++;
                    }
                    if (!isset($value["DEFAULT"]) && isset($oldvalue["DEFAULT"])) {
                        $query .= "alter table {$tablename}\n";
                        $query .= "  alter column " . $field . " drop default;\n";
                        $flag++;
                        $flag_col++;
                    }
                } else {
                    // create new column
                    $count++;
                    $query .= "alter table {$tablename}\n";
                    $query .= "  add column" . __db_create_field($field, $value) . " {$after};\n";
                    $flag++;
                    $flag_col++;
                }
                $after = "after {$field}";
            }
            $oldindices = _db_gen_indices($OLD, $olddef, $newtable, $secondary);
            $newindices = _db_gen_indices($NEW, $newdef, $newtable, $secondary);
            foreach ($newindices as $index) {
                if (!in_array($index, $oldindices)) {
                    $count++;
                    $query .= "alter table {$tablename}\n";
                    $query .= "  add" . __db_create_index($index, false) . ";\n";
                    $flag++;
                }
            }
            foreach ($oldindices as $index) {
                if (!in_array($index, $newindices)) {
                    $count++;
                    $query .= "alter table {$tablename}\n";
                    $query .= "  drop" . __db_create_index($index, true) . ";\n";
                    $flag++;
                }
            }
            foreach ($olddef["FIELDS"] as $field => $value) {
                if (@$value["VIRTUAL"]) {
                    //$query .= "/* omitting OLD VIRTUAL $field */\n";
                    continue;
                }
                if (!isset($newdef["FIELDS"][$field])) {
                    $count++;
                    $query .= "alter table {$tablename}\n";
                    $query .= "  drop column {$field};\n";
                    $flag++;
                    $flag_col++;
                }
            }
            if ($flag_col) {
                // whenever the *_tp table changes, mysql seems to require
                // recreation of the view (otherwise the old definition would remain)
                $count++;
                $query .= __db_create_tpview($NEW, $newtable, $restrict);
            } elseif ($flag) {
                $query .= "\n";
            }
        }
    }
    foreach ($OLD as $oldtable => $olddef) {
        if (!isset($NEW[$newtable])) {
            $count++;
            $query .= "drop table " . $oldtable . "_tp\n";
            $count++;
            $query .= "drop view " . $oldtable . "\n\n";
        }
    }
    return $query;
}
예제 #3
0
function db_access_field($table, $field, $mode)
{
    global $SCHEMA;
    global $PERM;
    global $USER;
    global $SCORE;
    $score_mode = $SCORE[$mode];
    // schema restrictions take precedence
    //echo "db_access_field mode='$mode' table='$table' field='$field'<br>\n";
    if ($code = @$SCHEMA[$table]["FIELDS"][$field]["ACCESS"]) {
        //echo "code='$code' table='$table' field='$field'<br>\n";
        $score_code = $SCORE[$code];
        if ($score_mode > $score_code) {
            return false;
        }
    }
    if ($USER == "root") {
        // superuser can do almost anything
        return true;
    }
    // never exceed table permissions
    if (!db_access_table($table, $mode)) {
        return false;
    }
    $name = "f_{$table}_{$field}";
    if (!($code = @$PERM[$name])) {
        // the field does not exist => fallback to table permissions
        return true;
    }
    $score_code = $SCORE[$code];
    return $score_mode <= $score_code;
}