/** Update data in table
* @param string
* @param array escaped columns in keys, quoted data in values
* @param string " WHERE ..."
* @param int 0 or 1
* @param string
* @return bool
*/
function update($table, $set, $queryWhere, $limit = 0, $separator = "\n")
{
$values = array();
foreach ($set as $key => $val) {
$values[] = "{$key} = {$val}";
}
$query = adminer_table($table) . " SET{$separator}" . implode(",{$separator}", $values);
return queries("UPDATE" . ($limit ? limit1($query, $queryWhere) : " {$query}{$queryWhere}"));
}
}
if (isset($_POST["delete"])) {
query_redirect("DELETE" . limit1("FROM " . table($TABLE), " WHERE {$where}"), $location, array(lang('Item has been deleted.'), 'success'));
} else {
$set = array();
foreach ($fields as $name => $field) {
$val = process_input($field);
if ($val !== false && $val !== null) {
$set[idf_escape($name)] = $update ? "\n" . idf_escape($name) . " = {$val}" : $val;
}
}
if ($update) {
if (!$set) {
redirect($location);
}
query_redirect("UPDATE" . limit1(table($TABLE) . " SET" . implode(",", $set), "\nWHERE {$where}"), $location, array(lang('Item has been updated.'), 'success'));
} else {
$result = insert_into($TABLE, $set);
$last_id = $result ? last_id() : 0;
queries_redirect($location, array(lang('Item%s has been inserted.', $last_id ? " {$last_id}" : ""), 'success'), $result);
//! link
}
}
}
$table_name = $adminer->tableName(table_status($TABLE));
page_header($update ? lang('Edit') : lang('Insert'), $error, array("select" => array($TABLE, $table_name)), $table_name);
$adminer->selectLinks($table_status, '');
// @todo are params OK?
$row = null;
if ($_POST["save"]) {
$row = (array) $_POST["fields"];
$set[idf_escape($name)] = $val !== false ? $val : idf_escape($name);
}
}
}
if ($_POST["delete"] || $set) {
if ($_POST["clone"]) {
$query = "INTO " . adminer_table($TABLE) . " (" . implode(", ", array_keys($set)) . ")\nSELECT " . implode(", ", $set) . "\nFROM " . adminer_table($TABLE);
}
if ($_POST["all"] || $unselected === array() && is_array($_POST["check"]) || $is_group) {
$result = $_POST["delete"] ? $driver->delete($TABLE, $where_check) : ($_POST["clone"] ? queries("INSERT {$query}{$where_check}") : $driver->update($TABLE, $set, $where_check));
$affected = $connection->affected_rows;
} else {
foreach ((array) $_POST["check"] as $val) {
// where is not unique so OR can't be used
$where2 = "\nWHERE " . ($where ? implode(" AND ", $where) . " AND " : "") . where_check($val, $fields);
$result = $_POST["delete"] ? $driver->delete($TABLE, $where2, 1) : ($_POST["clone"] ? queries("INSERT" . limit1($query, $where2)) : $driver->update($TABLE, $set, $where2));
if (!$result) {
break;
}
$affected += $connection->affected_rows;
}
}
}
$message = lang('%d item(s) have been affected.', $affected);
if ($_POST["clone"] && $result && $affected == 1) {
$last_id = last_id();
if ($last_id) {
$message = lang('Item%s has been inserted.', " {$last_id}");
}
}
queries_adminer_redirect(remove_from_uri($_POST["all"] && $_POST["delete"] ? "page" : ""), $message, $result);
// modify
if (!$_POST["val"]) {
$error = lang('Double click on a value to modify it.');
} else {
$result = true;
$affected = 0;
foreach ($_POST["val"] as $unique_idf => $row) {
$set = array();
foreach ($row as $key => $val) {
$key = bracket_escape($key, 1);
// 1 - back
$set[] = idf_escape($key) . " = " . (ereg('char|text', $fields[$key]["type"]) || $val != "" ? $adminer->processInput($fields[$key], $val) : "NULL");
}
$query = table($TABLE) . " SET " . implode(", ", $set);
$where2 = " WHERE " . where_check($unique_idf) . ($where ? " AND " . implode(" AND ", $where) : "");
$result = queries("UPDATE" . ($is_group ? " {$query}{$where2}" : limit1($query, $where2)));
// can change row on a different page without unique key
if (!$result) {
break;
}
$affected += $connection->affected_rows;
}
queries_redirect(remove_from_uri(), lang('%d item(s) have been affected.', $affected), $result);
}
} elseif (is_string($file = get_file("csv_file", true))) {
//! character set
cookie("adminer_import", "output=" . urlencode($adminer_import["output"]) . "&format=" . urlencode($_POST["separator"]));
$result = true;
$cols = array_keys($fields);
preg_match_all('~(?>"[^"]*"|[^"\\r\\n]+)+~', $file, $matches);
$affected = count($matches[0]);
// modify
if (!$_POST["val"]) {
$error = lang('Double click on a value to modify it.');
} else {
$result = true;
$affected = 0;
foreach ($_POST["val"] as $unique_idf => $row) {
$set = array();
foreach ($row as $key => $val) {
$key = bracket_escape($key, 1);
// 1 - back
$set[] = idf_escape($key) . " = " . (ereg('char|text', $fields[$key]["type"]) || $val != "" ? $adminer->processInput($fields[$key], $val) : "NULL");
}
$query = table($TABLE) . " SET " . implode(", ", $set);
$where2 = " WHERE " . where_check($unique_idf) . ($where ? " AND " . implode(" AND ", $where) : "");
$result = queries("UPDATE" . (count($group) < count($select) ? " {$query}{$where2}" : limit1($query, $where2)));
// can change row on a different page without unique key
if (!$result) {
break;
}
$affected += $connection->affected_rows;
}
queries_redirect(remove_from_uri(), lang('%d item(s) have been affected.', $affected), $result);
}
} elseif (is_string($file = get_file("csv_file", true))) {
//! character set
cookie("adminer_import", "output=" . urlencode($adminer_import["output"]) . "&format=" . urlencode($_POST["separator"]));
$result = true;
$cols = array_keys($fields);
preg_match_all('~(?>"[^"]*"|[^"\\r\\n]+)+~', $file, $matches);
$affected = count($matches[0]);
