/** * returns collation of given db * * @param string $db name of db * * @return string collation of $db */ function PMA_getDbCollation($db) { if ($GLOBALS['dbi']->isSystemSchema($db)) { // We don't have to check the collation of the virtual // information_schema database: We know it! return 'utf8_general_ci'; } if (!$GLOBALS['cfg']['Server']['DisableIS']) { // this is slow with thousands of databases $sql = 'SELECT DEFAULT_COLLATION_NAME FROM information_schema.SCHEMATA' . ' WHERE SCHEMA_NAME = \'' . Util::sqlAddSlashes($db) . '\' LIMIT 1'; return $GLOBALS['dbi']->fetchValue($sql); } else { $GLOBALS['dbi']->selectDb($db); $return = $GLOBALS['dbi']->fetchValue('SELECT @@collation_database'); if ($db !== $GLOBALS['db']) { $GLOBALS['dbi']->selectDb($GLOBALS['db']); } return $return; } }
/** * Save recent/favorite tables into phpMyAdmin database. * * @return true|Message */ public function saveToDb() { $username = $GLOBALS['cfg']['Server']['user']; $sql_query = " REPLACE INTO " . $this->_getPmaTable() . " (`username`, `tables`)" . " VALUES ('" . $username . "', '" . Util::sqlAddSlashes(json_encode($this->_tables)) . "')"; $success = $GLOBALS['dbi']->tryQuery($sql_query, $GLOBALS['controllink']); if (!$success) { $error_msg = ''; switch ($this->_tableType) { case 'recent': $error_msg = __('Could not save recent table!'); break; case 'favorite': $error_msg = __('Could not save favorite table!'); break; } $message = Message::error($error_msg); $message->addMessage('<br /><br />'); $message->addMessage(Message::rawError($GLOBALS['dbi']->getError($GLOBALS['controllink']))); return $message; } return true; }
/** * Get data cell for non numeric type fields * * @param string $column the relevant column in data row * @param string $class the html class for column * @param object $meta the meta-information about * the field * @param array $map the list of relations * @param array $_url_params the parameters for generate * url * @param boolean $condition_field the column should highlighted * or not * @param object|string $transformation_plugin the name of transformation * function * @param string $default_function the default transformation * function * @param string $transform_options the transformation parameters * @param boolean $is_field_truncated is data truncated due to * LimitChars * @param array $analyzed_sql_results the analyzed query * @param integer &$dt_result the link id associated to * the query which results * have to be displayed * @param integer $col_index the column index * * @return string $cell the prepared data cell, html content * * @access private * * @see _getTableBody() */ private function _getDataCellForNonNumericColumns($column, $class, $meta, $map, $_url_params, $condition_field, $transformation_plugin, $default_function, $transform_options, $is_field_truncated, $analyzed_sql_results, &$dt_result, $col_index) { $original_length = 0; $is_analyse = $this->__get('is_analyse'); $field_flags = $GLOBALS['dbi']->fieldFlags($dt_result, $col_index); $bIsText = gettype($transformation_plugin) === 'object' && strpos($transformation_plugin->getMIMEtype(), 'Text') === false; // disable inline grid editing // if binary fields are protected // or transformation plugin is of non text type // such as image if (stristr($field_flags, self::BINARY_FIELD) && ($GLOBALS['cfg']['ProtectBinary'] === 'all' || $GLOBALS['cfg']['ProtectBinary'] === 'noblob' && !stristr($meta->type, self::BLOB_FIELD) || $GLOBALS['cfg']['ProtectBinary'] === 'blob' && stristr($meta->type, self::BLOB_FIELD)) || $bIsText) { $class = str_replace('grid_edit', '', $class); } if (!isset($column) || is_null($column)) { $cell = $this->_buildNullDisplay($class, $condition_field, $meta); return $cell; } if ($column == '') { $cell = $this->_buildEmptyDisplay($class, $condition_field, $meta); return $cell; } // Cut all fields to $GLOBALS['cfg']['LimitChars'] // (unless it's a link-type transformation or binary) if (!(gettype($transformation_plugin) === "object" && strpos($transformation_plugin->getName(), 'Link') !== false) && !stristr($field_flags, self::BINARY_FIELD)) { list($is_field_truncated, $column, $original_length) = $this->_getPartialText($column); } $formatted = false; if (isset($meta->_type) && $meta->_type === MYSQLI_TYPE_BIT) { $column = Util::printableBitValue($column, $meta->length); // some results of PROCEDURE ANALYSE() are reported as // being BINARY but they are quite readable, // so don't treat them as BINARY } elseif (stristr($field_flags, self::BINARY_FIELD) && !(isset($is_analyse) && $is_analyse)) { // we show the BINARY or BLOB message and field's size // (or maybe use a transformation) $binary_or_blob = self::BLOB_FIELD; if ($meta->type === self::STRING_FIELD) { $binary_or_blob = self::BINARY_FIELD; } $column = $this->_handleNonPrintableContents($binary_or_blob, $column, $transformation_plugin, $transform_options, $default_function, $meta, $_url_params, $is_field_truncated); $class = $this->_addClass($class, $condition_field, $meta, '', $is_field_truncated, $transformation_plugin, $default_function); $result = strip_tags($column); // disable inline grid editing // if binary or blob data is not shown if (stristr($result, $binary_or_blob)) { $class = str_replace('grid_edit', '', $class); } $formatted = true; } if ($formatted) { $cell = $this->_buildValueDisplay($class, $condition_field, $column); return $cell; } // transform functions may enable no-wrapping: $function_nowrap = 'applyTransformationNoWrap'; $bool_nowrap = $default_function != $transformation_plugin && function_exists($transformation_plugin->{$function_nowrap}()) ? $transformation_plugin->{$function_nowrap}($transform_options) : false; // do not wrap if date field type $nowrap = preg_match('@DATE|TIME@i', $meta->type) || $bool_nowrap ? ' nowrap' : ''; $where_comparison = ' = \'' . Util::sqlAddSlashes($column) . '\''; $cell = $this->_getRowData($class, $condition_field, $analyzed_sql_results, $meta, $map, $column, $transformation_plugin, $default_function, $nowrap, $where_comparison, $transform_options, $is_field_truncated, $original_length); return $cell; }
/** * Return the where clause for query generation based on the inputs provided. * * @param mixed $criteriaValues Search criteria input * @param string $names Name of the column on which search is submitted * @param string $types Type of the field * @param string $func_type Search function/operator * @param bool $unaryFlag Whether operator unary or not * @param bool $geom_func Whether geometry functions should be applied * * @return string generated where clause. */ private function _getWhereClause($criteriaValues, $names, $types, $func_type, $unaryFlag, $geom_func = null) { // If geometry function is set if (!empty($geom_func)) { return $this->_getGeomWhereClause($criteriaValues, $names, $func_type, $types, $geom_func); } $backquoted_name = Util::backquote($names); $where = ''; if ($unaryFlag) { $where = $backquoted_name . ' ' . $func_type; } elseif (strncasecmp($types, 'enum', 4) == 0 && !empty($criteriaValues)) { $where = $backquoted_name; $where .= $this->_getEnumWhereClause($criteriaValues, $func_type); } elseif ($criteriaValues != '') { // For these types we quote the value. Even if it's another type // (like INT), for a LIKE we always quote the value. MySQL converts // strings to numbers and numbers to strings as necessary // during the comparison if (preg_match('@char|binary|blob|text|set|date|time|year@i', $types) || mb_strpos(' ' . $func_type, 'LIKE')) { $quot = '\''; } else { $quot = ''; } // LIKE %...% if ($func_type == 'LIKE %...%') { $func_type = 'LIKE'; $criteriaValues = '%' . $criteriaValues . '%'; } if ($func_type == 'REGEXP ^...$') { $func_type = 'REGEXP'; $criteriaValues = '^' . $criteriaValues . '$'; } if ('IN (...)' != $func_type && 'NOT IN (...)' != $func_type && 'BETWEEN' != $func_type && 'NOT BETWEEN' != $func_type) { if ($func_type == 'LIKE %...%' || $func_type == 'LIKE') { $where = $backquoted_name . ' ' . $func_type . ' ' . $quot . Util::sqlAddSlashes($criteriaValues, true) . $quot; } else { $where = $backquoted_name . ' ' . $func_type . ' ' . $quot . Util::sqlAddSlashes($criteriaValues) . $quot; } return $where; } $func_type = str_replace(' (...)', '', $func_type); //Don't explode if this is already an array //(Case for (NOT) IN/BETWEEN.) if (is_array($criteriaValues)) { $values = $criteriaValues; } else { $values = explode(',', $criteriaValues); } // quote values one by one $emptyKey = false; foreach ($values as $key => &$value) { if ('' === $value) { $emptyKey = $key; $value = 'NULL'; continue; } $value = $quot . Util::sqlAddSlashes(trim($value)) . $quot; } if ('BETWEEN' == $func_type || 'NOT BETWEEN' == $func_type) { $where = $backquoted_name . ' ' . $func_type . ' ' . (isset($values[0]) ? $values[0] : '') . ' AND ' . (isset($values[1]) ? $values[1] : ''); } else { //[NOT] IN if (false !== $emptyKey) { unset($values[$emptyKey]); } $wheres = array(); if (!empty($values)) { $wheres[] = $backquoted_name . ' ' . $func_type . ' (' . implode(',', $values) . ')'; } if (false !== $emptyKey) { $wheres[] = $backquoted_name . ' IS NULL'; } $where = implode(' OR ', $wheres); if (1 < count($wheres)) { $where = '(' . $where . ')'; } } } // end if return $where; }
/** * Handle the AJAX request for setting value for a single variable * * @return void */ public function setValueAction() { $value = $_REQUEST['varValue']; $matches = array(); if (isset($this->variable_doc_links[$_REQUEST['varName']][3]) && $this->variable_doc_links[$_REQUEST['varName']][3] == 'byte' && preg_match('/^\\s*(\\d+(\\.\\d+)?)\\s*(mb|kb|mib|kib|gb|gib)\\s*$/i', $value, $matches)) { $exp = array('kb' => 1, 'kib' => 1, 'mb' => 2, 'mib' => 2, 'gb' => 3, 'gib' => 3); $value = floatval($matches[1]) * Util::pow(1024, $exp[mb_strtolower($matches[3])]); } else { $value = Util::sqlAddSlashes($value); } if (!is_numeric($value)) { $value = "'" . $value . "'"; } if (!preg_match("/[^a-zA-Z0-9_]+/", $_REQUEST['varName']) && $this->dbi->query('SET GLOBAL ' . $_REQUEST['varName'] . ' = ' . $value)) { // Some values are rounded down etc. $varValue = $this->dbi->fetchSingleRow('SHOW GLOBAL VARIABLES WHERE Variable_name="' . Util::sqlAddSlashes($_REQUEST['varName']) . '";', 'NUM'); $this->response->addJSON('variable', htmlspecialchars($this->_formatVariable($_REQUEST['varName'], $varValue[1]))); } else { $this->response->setRequestStatus(false); $this->response->addJSON('error', __('Setting variable failed')); } }
/** * Get HTML for editing page central columns * * @param array $selected_fld Array containing the selected fields * @param string $selected_db String containing the name of database * * @return string HTML for complete editing page for central columns */ function PMA_getHTMLforEditingPage($selected_fld, $selected_db) { $html = '<form id="multi_edit_central_columns">'; $header_cells = array(__('Name'), __('Type'), __('Length/Values'), __('Default'), __('Collation'), __('Attributes'), __('Null'), __('A_I')); $html .= PMA_getCentralColumnsEditTableHeader($header_cells); $selected_fld_safe = array(); foreach ($selected_fld as $key) { $selected_fld_safe[] = Util::sqlAddSlashes($key); } $columns_list = implode("','", $selected_fld_safe); $columns_list = "'" . $columns_list . "'"; $list_detail_cols = PMA_findExistingColNames($selected_db, $columns_list, true); $odd_row = false; $row_num = 0; foreach ($list_detail_cols as $row) { $tableHtmlRow = PMA_getHTMLforCentralColumnsEditTableRow($row, $odd_row, $row_num); $html .= $tableHtmlRow; $odd_row = !$odd_row; $row_num++; } $html .= '</table>'; $html .= PMA_getCentralColumnsEditTableFooter(); $html .= '</form>'; return $html; }
/** * Gets the count of hidden elements for each database * * @return array array containing the count of hidden elements for each database */ public function getNavigationHidingData() { $cfgRelation = PMA_getRelationsParam(); if ($cfgRelation['navwork']) { $navTable = Util::backquote($cfgRelation['db']) . "." . Util::backquote($cfgRelation['navigationhiding']); $sqlQuery = "SELECT `db_name`, COUNT(*) AS `count` FROM " . $navTable . " WHERE `username`='" . Util::sqlAddSlashes($GLOBALS['cfg']['Server']['user']) . "'" . " GROUP BY `db_name`"; $counts = $GLOBALS['dbi']->fetchResult($sqlQuery, 'db_name', 'count', $GLOBALS['controllink']); return $counts; } return null; }
/** * Gets the list of tables in the current db, taking into account * that they might be "in use" * * @param string $db database name * @param object $db_info_result result set * * @return array $tables list of tables * */ public static function getTablesWhenOpen($db, $db_info_result) { $sot_cache = $tables = array(); while ($tmp = $GLOBALS['dbi']->fetchAssoc($db_info_result)) { // if in use, memorize table name if ($tmp['In_use'] > 0) { $sot_cache[$tmp['Table']] = true; } } $GLOBALS['dbi']->freeResult($db_info_result); // is there at least one "in use" table? if (isset($sot_cache)) { $tblGroupSql = ""; $whereAdded = false; if (PMA_isValid($_REQUEST['tbl_group'])) { $group = Util::escapeMysqlWildcards($_REQUEST['tbl_group']); $groupWithSeparator = Util::escapeMysqlWildcards($_REQUEST['tbl_group'] . $GLOBALS['cfg']['NavigationTreeTableSeparator']); $tblGroupSql .= " WHERE (" . Util::backquote('Tables_in_' . $db) . " LIKE '" . $groupWithSeparator . "%'" . " OR " . Util::backquote('Tables_in_' . $db) . " LIKE '" . $group . "')"; $whereAdded = true; } if (PMA_isValid($_REQUEST['tbl_type'], array('table', 'view'))) { $tblGroupSql .= $whereAdded ? " AND" : " WHERE"; if ($_REQUEST['tbl_type'] == 'view') { $tblGroupSql .= " `Table_type` != 'BASE TABLE'"; } else { $tblGroupSql .= " `Table_type` = 'BASE TABLE'"; } } $db_info_result = $GLOBALS['dbi']->query('SHOW FULL TABLES FROM ' . Util::backquote($db) . $tblGroupSql, null, DatabaseInterface::QUERY_STORE); unset($tblGroupSql, $whereAdded); if ($db_info_result && $GLOBALS['dbi']->numRows($db_info_result) > 0) { while ($tmp = $GLOBALS['dbi']->fetchRow($db_info_result)) { if (!isset($sot_cache[$tmp[0]])) { $sts_result = $GLOBALS['dbi']->query("SHOW TABLE STATUS FROM " . Util::backquote($db) . " LIKE '" . Util::sqlAddSlashes($tmp[0], true) . "';"); $sts_tmp = $GLOBALS['dbi']->fetchAssoc($sts_result); $GLOBALS['dbi']->freeResult($sts_result); unset($sts_result); $tableArray = $GLOBALS['dbi']->copyTableProperties(array($sts_tmp), $db); $tables[$sts_tmp['Name']] = $tableArray[0]; } else { // table in use $tables[$tmp[0]] = array('TABLE_NAME' => $tmp[0], 'ENGINE' => '', 'TABLE_TYPE' => '', 'TABLE_ROWS' => 0); } } // end while if ($GLOBALS['cfg']['NaturalOrder']) { uksort($tables, 'strnatcasecmp'); } } elseif ($db_info_result) { $GLOBALS['dbi']->freeResult($db_info_result); } unset($sot_cache); } return $tables; }
/** * Returns the database position for the page selector * * @return int */ private function _getNavigationDbPos() { $retval = 0; if (empty($GLOBALS['db'])) { return $retval; } /* * @todo describe a scenario where this code is executed */ if (!$GLOBALS['cfg']['Server']['DisableIS']) { $query = "SELECT (COUNT(DB_first_level) DIV %d) * %d "; $query .= "from ( "; $query .= " SELECT distinct SUBSTRING_INDEX(SCHEMA_NAME, "; $query .= " '{$GLOBALS['cfg']['NavigationTreeDbSeparator']}', 1) "; $query .= " DB_first_level "; $query .= " FROM INFORMATION_SCHEMA.SCHEMATA "; $query .= " WHERE `SCHEMA_NAME` < '%s' "; $query .= ") t "; $retval = $GLOBALS['dbi']->fetchValue(sprintf($query, (int) $GLOBALS['cfg']['FirstLevelNavigationItems'], (int) $GLOBALS['cfg']['FirstLevelNavigationItems'], Util::sqlAddSlashes($GLOBALS['db']))); return $retval; } $prefixMap = array(); if ($GLOBALS['dbs_to_test'] === false) { $handle = $GLOBALS['dbi']->tryQuery("SHOW DATABASES"); if ($handle !== false) { while ($arr = $GLOBALS['dbi']->fetchArray($handle)) { if (strcasecmp($arr[0], $GLOBALS['db']) >= 0) { break; } $prefix = strstr($arr[0], $GLOBALS['cfg']['NavigationTreeDbSeparator'], true); if ($prefix === false) { $prefix = $arr[0]; } $prefixMap[$prefix] = 1; } } } else { $databases = array(); foreach ($GLOBALS['dbs_to_test'] as $db) { $query = "SHOW DATABASES LIKE '" . $db . "'"; $handle = $GLOBALS['dbi']->tryQuery($query); if ($handle === false) { continue; } while ($arr = $GLOBALS['dbi']->fetchArray($handle)) { $databases[] = $arr[0]; } } sort($databases); foreach ($databases as $database) { if (strcasecmp($database, $GLOBALS['db']) >= 0) { break; } $prefix = strstr($database, $GLOBALS['cfg']['NavigationTreeDbSeparator'], true); if ($prefix === false) { $prefix = $database; } $prefixMap[$prefix] = 1; } } $navItems = (int) $GLOBALS['cfg']['FirstLevelNavigationItems']; $retval = floor(count($prefixMap) / $navItems) * $navItems; return $retval; }
/** * Returns HTML for the dialog to show hidden navigation items. * * @param string $dbName database name * @param string $itemType type of the items to include * @param string $tableName table name * * @return string HTML for the dialog to show hidden navigation items */ public function getItemUnhideDialog($dbName, $itemType = null, $tableName = null) { $html = '<form method="post" action="navigation.php" class="ajax">'; $html .= '<fieldset>'; $html .= URL::getHiddenInputs($dbName, $tableName); $navTable = Util::backquote($GLOBALS['cfgRelation']['db']) . "." . Util::backquote($GLOBALS['cfgRelation']['navigationhiding']); $sqlQuery = "SELECT `item_name`, `item_type` FROM " . $navTable . " WHERE `username`='" . Util::sqlAddSlashes($GLOBALS['cfg']['Server']['user']) . "'" . " AND `db_name`='" . Util::sqlAddSlashes($dbName) . "'" . " AND `table_name`='" . (!empty($tableName) ? Util::sqlAddSlashes($tableName) : '') . "'"; $result = PMA_queryAsControlUser($sqlQuery, false); $hidden = array(); if ($result) { while ($row = $GLOBALS['dbi']->fetchArray($result)) { $type = $row['item_type']; if (!isset($hidden[$type])) { $hidden[$type] = array(); } $hidden[$type][] = $row['item_name']; } } $GLOBALS['dbi']->freeResult($result); $typeMap = array('group' => __('Groups:'), 'event' => __('Events:'), 'function' => __('Functions:'), 'procedure' => __('Procedures:'), 'table' => __('Tables:'), 'view' => __('Views:')); if (empty($tableName)) { $first = true; foreach ($typeMap as $t => $lable) { if ((empty($itemType) || $itemType == $t) && isset($hidden[$t])) { $html .= (!$first ? '<br/>' : '') . '<strong>' . $lable . '</strong>'; $html .= '<table width="100%"><tbody>'; $odd = true; foreach ($hidden[$t] as $hiddenItem) { $html .= '<tr class="' . ($odd ? 'odd' : 'even') . '">'; $html .= '<td>' . htmlspecialchars($hiddenItem) . '</td>'; $html .= '<td style="width:80px"><a href="navigation.php' . URL::getCommon() . '&unhideNavItem=true' . '&itemType=' . urlencode($t) . '&itemName=' . urlencode($hiddenItem) . '&dbName=' . urlencode($dbName) . '"' . ' class="unhideNavItem ajax">' . Util::getIcon('show.png', __('Show')) . '</a></td>'; $odd = !$odd; } $html .= '</tbody></table>'; $first = false; } } } $html .= '</fieldset>'; $html .= '</form>'; return $html; }
/** * Builds and executes SQL statements to create the database and tables * as necessary, as well as insert all the data. * * @param string $db_name Name of the database * @param array &$tables Array of tables for the specified database * @param array &$analyses Analyses of the tables * @param array &$additional_sql Additional SQL statements to be executed * @param array $options Associative array of options * * @return void * @access public * * @link http://wiki.phpmyadmin.net/pma/Import */ function PMA_buildSQL($db_name, &$tables, &$analyses = null, &$additional_sql = null, $options = null) { /* Take care of the options */ if (isset($options['db_collation']) && !is_null($options['db_collation'])) { $collation = $options['db_collation']; } else { $collation = "utf8_general_ci"; } if (isset($options['db_charset']) && !is_null($options['db_charset'])) { $charset = $options['db_charset']; } else { $charset = "utf8"; } if (isset($options['create_db'])) { $create_db = $options['create_db']; } else { $create_db = true; } /* Create SQL code to handle the database */ $sql = array(); if ($create_db) { $sql[] = "CREATE DATABASE IF NOT EXISTS " . Util::backquote($db_name) . " DEFAULT CHARACTER SET " . $charset . " COLLATE " . $collation . ";"; } /** * The calling plug-in should include this statement, * if necessary, in the $additional_sql parameter * * $sql[] = "USE " . backquote($db_name); */ /* Execute the SQL statements create above */ $sql_len = count($sql); for ($i = 0; $i < $sql_len; ++$i) { PMA_importRunQuery($sql[$i], $sql[$i]); } /* No longer needed */ unset($sql); /* Run the $additional_sql statements supplied by the caller plug-in */ if ($additional_sql != null) { /* Clean the SQL first */ $additional_sql_len = count($additional_sql); /** * Only match tables for now, because CREATE IF NOT EXISTS * syntax is lacking or nonexisting for views, triggers, * functions, and procedures. * * See: http://bugs.mysql.com/bug.php?id=15287 * * To the best of my knowledge this is still an issue. * * $pattern = 'CREATE (TABLE|VIEW|TRIGGER|FUNCTION|PROCEDURE)'; */ $pattern = '/CREATE [^`]*(TABLE)/'; $replacement = 'CREATE \\1 IF NOT EXISTS'; /* Change CREATE statements to CREATE IF NOT EXISTS to support * inserting into existing structures */ for ($i = 0; $i < $additional_sql_len; ++$i) { $additional_sql[$i] = preg_replace($pattern, $replacement, $additional_sql[$i]); /* Execute the resulting statements */ PMA_importRunQuery($additional_sql[$i], $additional_sql[$i]); } } if ($analyses != null) { $type_array = array(NONE => "NULL", VARCHAR => "varchar", INT => "int", DECIMAL => "decimal", BIGINT => "bigint", GEOMETRY => 'geometry'); /* TODO: Do more checking here to make sure they really are matched */ if (count($tables) != count($analyses)) { exit; } /* Create SQL code to create the tables */ $num_tables = count($tables); for ($i = 0; $i < $num_tables; ++$i) { $num_cols = count($tables[$i][COL_NAMES]); $tempSQLStr = "CREATE TABLE IF NOT EXISTS " . PMA\libraries\Util::backquote($db_name) . '.' . PMA\libraries\Util::backquote($tables[$i][TBL_NAME]) . " ("; for ($j = 0; $j < $num_cols; ++$j) { $size = $analyses[$i][SIZES][$j]; if ((int) $size == 0) { $size = 10; } $tempSQLStr .= PMA\libraries\Util::backquote($tables[$i][COL_NAMES][$j]) . " " . $type_array[$analyses[$i][TYPES][$j]]; if ($analyses[$i][TYPES][$j] != GEOMETRY) { $tempSQLStr .= "(" . $size . ")"; } if ($j != count($tables[$i][COL_NAMES]) - 1) { $tempSQLStr .= ", "; } } $tempSQLStr .= ") DEFAULT CHARACTER SET " . $charset . " COLLATE " . $collation . ";"; /** * Each SQL statement is executed immediately * after it is formed so that we don't have * to store them in a (possibly large) buffer */ PMA_importRunQuery($tempSQLStr, $tempSQLStr); } } /** * Create the SQL statements to insert all the data * * Only one insert query is formed for each table */ $tempSQLStr = ""; $col_count = 0; $num_tables = count($tables); for ($i = 0; $i < $num_tables; ++$i) { $num_cols = count($tables[$i][COL_NAMES]); $num_rows = count($tables[$i][ROWS]); $tempSQLStr = "INSERT INTO " . PMA\libraries\Util::backquote($db_name) . '.' . PMA\libraries\Util::backquote($tables[$i][TBL_NAME]) . " ("; for ($m = 0; $m < $num_cols; ++$m) { $tempSQLStr .= PMA\libraries\Util::backquote($tables[$i][COL_NAMES][$m]); if ($m != $num_cols - 1) { $tempSQLStr .= ", "; } } $tempSQLStr .= ") VALUES "; for ($j = 0; $j < $num_rows; ++$j) { $tempSQLStr .= "("; for ($k = 0; $k < $num_cols; ++$k) { // If fully formatted SQL, no need to enclose // with apostrophes, add slashes etc. if ($analyses != null && isset($analyses[$i][FORMATTEDSQL][$col_count]) && $analyses[$i][FORMATTEDSQL][$col_count] == true) { $tempSQLStr .= (string) $tables[$i][ROWS][$j][$k]; } else { if ($analyses != null) { $is_varchar = $analyses[$i][TYPES][$col_count] === VARCHAR; } else { $is_varchar = !is_numeric($tables[$i][ROWS][$j][$k]); } /* Don't put quotes around NULL fields */ if (!strcmp($tables[$i][ROWS][$j][$k], 'NULL')) { $is_varchar = false; } $tempSQLStr .= $is_varchar ? "'" : ""; $tempSQLStr .= PMA\libraries\Util::sqlAddSlashes((string) $tables[$i][ROWS][$j][$k]); $tempSQLStr .= $is_varchar ? "'" : ""; } if ($k != $num_cols - 1) { $tempSQLStr .= ", "; } if ($col_count == $num_cols - 1) { $col_count = 0; } else { $col_count++; } /* Delete the cell after we are done with it */ unset($tables[$i][ROWS][$j][$k]); } $tempSQLStr .= ")"; if ($j != $num_rows - 1) { $tempSQLStr .= ",\n "; } $col_count = 0; /* Delete the row after we are done with it */ unset($tables[$i][ROWS][$j]); } $tempSQLStr .= ";"; /** * Each SQL statement is executed immediately * after it is formed so that we don't have * to store them in a (possibly large) buffer */ PMA_importRunQuery($tempSQLStr, $tempSQLStr); } /* No longer needed */ unset($tempSQLStr); /** * A work in progress */ /* Add the viewable structures from $additional_sql * to $tables so they are also displayed */ $view_pattern = '@VIEW `[^`]+`\\.`([^`]+)@'; $table_pattern = '@CREATE TABLE IF NOT EXISTS `([^`]+)`@'; /* Check a third pattern to make sure its not a "USE `db_name`;" statement */ $regs = array(); $inTables = false; $additional_sql_len = count($additional_sql); for ($i = 0; $i < $additional_sql_len; ++$i) { preg_match($view_pattern, $additional_sql[$i], $regs); if (count($regs) == 0) { preg_match($table_pattern, $additional_sql[$i], $regs); } if (count($regs)) { for ($n = 0; $n < $num_tables; ++$n) { if (!strcmp($regs[1], $tables[$n][TBL_NAME])) { $inTables = true; break; } } if (!$inTables) { $tables[] = array(TBL_NAME => $regs[1]); } } /* Reset the array */ $regs = array(); $inTables = false; } $params = array('db' => (string) $db_name); $db_url = 'db_structure.php' . PMA_URL_getCommon($params); $db_ops_url = 'db_operations.php' . PMA_URL_getCommon($params); $message = '<br /><br />'; $message .= '<strong>' . __('The following structures have either been created or altered. Here you can:') . '</strong><br />'; $message .= '<ul><li>' . __("View a structure's contents by clicking on its name.") . '</li>'; $message .= '<li>' . __('Change any of its settings by clicking the corresponding "Options" link.') . '</li>'; $message .= '<li>' . __('Edit structure by following the "Structure" link.') . '</li>'; $message .= sprintf('<br /><li><a href="%s" title="%s">%s</a> (<a href="%s" title="%s">' . __('Options') . '</a>)</li>', $db_url, sprintf(__('Go to database: %s'), htmlspecialchars(PMA\libraries\Util::backquote($db_name))), htmlspecialchars($db_name), $db_ops_url, sprintf(__('Edit settings for %s'), htmlspecialchars(PMA\libraries\Util::backquote($db_name)))); $message .= '<ul>'; unset($params); $num_tables = count($tables); for ($i = 0; $i < $num_tables; ++$i) { $params = array('db' => (string) $db_name, 'table' => (string) $tables[$i][TBL_NAME]); $tbl_url = 'sql.php' . PMA_URL_getCommon($params); $tbl_struct_url = 'tbl_structure.php' . PMA_URL_getCommon($params); $tbl_ops_url = 'tbl_operations.php' . PMA_URL_getCommon($params); unset($params); $_table = new Table($tables[$i][TBL_NAME], $db_name); if (!$_table->isView()) { $message .= sprintf('<li><a href="%s" title="%s">%s</a> (<a href="%s" title="%s">' . __('Structure') . '</a>) (<a href="%s" title="%s">' . __('Options') . '</a>)</li>', $tbl_url, sprintf(__('Go to table: %s'), htmlspecialchars(PMA\libraries\Util::backquote($tables[$i][TBL_NAME]))), htmlspecialchars($tables[$i][TBL_NAME]), $tbl_struct_url, sprintf(__('Structure of %s'), htmlspecialchars(PMA\libraries\Util::backquote($tables[$i][TBL_NAME]))), $tbl_ops_url, sprintf(__('Edit settings for %s'), htmlspecialchars(PMA\libraries\Util::backquote($tables[$i][TBL_NAME])))); } else { $message .= sprintf('<li><a href="%s" title="%s">%s</a></li>', $tbl_url, sprintf(__('Go to view: %s'), htmlspecialchars(PMA\libraries\Util::backquote($tables[$i][TBL_NAME]))), htmlspecialchars($tables[$i][TBL_NAME])); } } $message .= '</ul></ul>'; global $import_notice; $import_notice = $message; unset($tables); }
/** * Returns the names of children of type $type present inside this container * This method is overridden by the PMA\libraries\navigation\nodes\NodeDatabase * and PMA\libraries\navigation\nodes\NodeTable classes * * @param string $type The type of item we are looking for * ('tables', 'views', etc) * @param int $pos The offset of the list within the results * @param string $searchClause A string used to filter the results of the query * * @return array */ public function getData($type, $pos, $searchClause = '') { $maxItems = $GLOBALS['cfg']['MaxNavigationItems']; $retval = array(); $db = $this->realParent()->real_name; $table = $this->real_name; switch ($type) { case 'columns': if (!$GLOBALS['cfg']['Server']['DisableIS']) { $db = Util::sqlAddSlashes($db); $table = Util::sqlAddSlashes($table); $query = "SELECT `COLUMN_NAME` AS `name` "; $query .= "FROM `INFORMATION_SCHEMA`.`COLUMNS` "; $query .= "WHERE `TABLE_NAME`='{$table}' "; $query .= "AND `TABLE_SCHEMA`='{$db}' "; $query .= "ORDER BY `COLUMN_NAME` ASC "; $query .= "LIMIT " . intval($pos) . ", {$maxItems}"; $retval = $GLOBALS['dbi']->fetchResult($query); break; } $db = Util::backquote($db); $table = Util::backquote($table); $query = "SHOW COLUMNS FROM {$table} FROM {$db}"; $handle = $GLOBALS['dbi']->tryQuery($query); if ($handle === false) { break; } $count = 0; if ($GLOBALS['dbi']->dataSeek($handle, $pos)) { while ($arr = $GLOBALS['dbi']->fetchArray($handle)) { if ($count < $maxItems) { $retval[] = $arr['Field']; $count++; } else { break; } } } break; case 'indexes': $db = Util::backquote($db); $table = Util::backquote($table); $query = "SHOW INDEXES FROM {$table} FROM {$db}"; $handle = $GLOBALS['dbi']->tryQuery($query); if ($handle === false) { break; } $count = 0; while ($arr = $GLOBALS['dbi']->fetchArray($handle)) { if (in_array($arr['Key_name'], $retval)) { continue; } if ($pos <= 0 && $count < $maxItems) { $retval[] = $arr['Key_name']; $count++; } $pos--; } break; case 'triggers': if (!$GLOBALS['cfg']['Server']['DisableIS']) { $db = Util::sqlAddSlashes($db); $table = Util::sqlAddSlashes($table); $query = "SELECT `TRIGGER_NAME` AS `name` "; $query .= "FROM `INFORMATION_SCHEMA`.`TRIGGERS` "; $query .= "WHERE `EVENT_OBJECT_SCHEMA` " . Util::getCollateForIS() . "='{$db}' "; $query .= "AND `EVENT_OBJECT_TABLE` " . Util::getCollateForIS() . "='{$table}' "; $query .= "ORDER BY `TRIGGER_NAME` ASC "; $query .= "LIMIT " . intval($pos) . ", {$maxItems}"; $retval = $GLOBALS['dbi']->fetchResult($query); break; } $db = Util::backquote($db); $table = Util::sqlAddSlashes($table); $query = "SHOW TRIGGERS FROM {$db} WHERE `Table` = '{$table}'"; $handle = $GLOBALS['dbi']->tryQuery($query); if ($handle === false) { break; } $count = 0; if ($GLOBALS['dbi']->dataSeek($handle, $pos)) { while ($arr = $GLOBALS['dbi']->fetchArray($handle)) { if ($count < $maxItems) { $retval[] = $arr['Trigger']; $count++; } else { break; } } } break; default: break; } return $retval; }
/** * Handles the whole import logic * * @return void */ public function doImport() { global $finished, $import_file, $compression, $charset_conversion, $table; global $ldi_local_option, $ldi_replace, $ldi_ignore, $ldi_terminated, $ldi_enclosed, $ldi_escaped, $ldi_new_line, $skip_queries, $ldi_columns; if ($import_file == 'none' || $compression != 'none' || $charset_conversion) { // We handle only some kind of data! $GLOBALS['message'] = PMA\libraries\Message::error(__('This plugin does not support compressed imports!')); $GLOBALS['error'] = true; return; } $sql = 'LOAD DATA'; if (isset($ldi_local_option)) { $sql .= ' LOCAL'; } $sql .= ' INFILE \'' . PMA\libraries\Util::sqlAddSlashes($import_file) . '\''; if (isset($ldi_replace)) { $sql .= ' REPLACE'; } elseif (isset($ldi_ignore)) { $sql .= ' IGNORE'; } $sql .= ' INTO TABLE ' . PMA\libraries\Util::backquote($table); if (strlen($ldi_terminated) > 0) { $sql .= ' FIELDS TERMINATED BY \'' . $ldi_terminated . '\''; } if (strlen($ldi_enclosed) > 0) { $sql .= ' ENCLOSED BY \'' . PMA\libraries\Util::sqlAddSlashes($ldi_enclosed) . '\''; } if (strlen($ldi_escaped) > 0) { $sql .= ' ESCAPED BY \'' . PMA\libraries\Util::sqlAddSlashes($ldi_escaped) . '\''; } if (strlen($ldi_new_line) > 0) { if ($ldi_new_line == 'auto') { $ldi_new_line = PMA\libraries\Util::whichCrlf() == "\n" ? '\\n' : '\\r\\n'; } $sql .= ' LINES TERMINATED BY \'' . $ldi_new_line . '\''; } if ($skip_queries > 0) { $sql .= ' IGNORE ' . $skip_queries . ' LINES'; $skip_queries = 0; } if (strlen($ldi_columns) > 0) { $sql .= ' ('; $tmp = preg_split('/,( ?)/', $ldi_columns); $cnt_tmp = count($tmp); for ($i = 0; $i < $cnt_tmp; $i++) { if ($i > 0) { $sql .= ', '; } /* Trim also `, if user already included backquoted fields */ $sql .= PMA\libraries\Util::backquote(trim($tmp[$i], " \t\r\n\v`")); } // end for $sql .= ')'; } PMA_importRunQuery($sql, $sql); PMA_importRunQuery(); $finished = true; }
/** * Retrieve a specific bookmark * * @param string $db the current database name * @param mixed $id an identifier of the bookmark to get * @param string $id_field which field to look up the identifier * @param boolean $action_bookmark_all true: get all bookmarks regardless * of the owning user * @param boolean $exact_user_match whether to ignore bookmarks with no user * * @return Bookmark the bookmark * * @access public * * @global resource $controllink the controluser db connection handle * */ public static function get($db, $id, $id_field = 'id', $action_bookmark_all = false, $exact_user_match = false) { global $controllink; $cfgBookmark = self::getParams(); if (empty($cfgBookmark)) { return null; } $query = "SELECT * FROM " . Util::backquote($cfgBookmark['db']) . "." . Util::backquote($cfgBookmark['table']) . " WHERE dbase = '" . Util::sqlAddSlashes($db) . "'"; if (!$action_bookmark_all) { $query .= " AND (user = '******'user']) . "'"; if (!$exact_user_match) { $query .= " OR user = ''"; } $query .= ")"; } $query .= " AND " . Util::backquote($id_field) . " = " . Util::sqlAddSlashes($id) . " LIMIT 1"; $result = $GLOBALS['dbi']->fetchSingleRow($query, 'ASSOC', $controllink); if (!empty($result)) { $bookmark = new Bookmark(); $bookmark->_id = $result['id']; $bookmark->_database = $result['dbase']; $bookmark->_user = $result['user']; $bookmark->_label = $result['label']; $bookmark->_query = $result['query']; return $bookmark; } return null; }
/** * Returns the generation expression for virtual columns * * @param string $column name of the column * * @return array|boolean associative array of column name and their expressions * or false on failure */ public function getColumnGenerationExpression($column = null) { $serverType = Util::getServerType(); if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION > 50705 && !$GLOBALS['cfg']['Server']['DisableIS']) { $sql = "SELECT\n `COLUMN_NAME` AS `Field`,\n `GENERATION_EXPRESSION` AS `Expression`\n FROM\n `information_schema`.`COLUMNS`\n WHERE\n `TABLE_SCHEMA` = '" . Util::sqlAddSlashes($this->_db_name) . "'\n AND `TABLE_NAME` = '" . Util::sqlAddSlashes($this->_name) . "'"; if ($column != null) { $sql .= " AND `COLUMN_NAME` = '" . Util::sqlAddSlashes($column) . "'"; } $columns = $this->_dbi->fetchResult($sql, 'Field', 'Expression'); return $columns; } $createTable = $this->showCreate(); if (!$createTable) { return false; } $parser = new Parser($createTable); /** * @var \SqlParser\Statements\CreateStatement $stmt */ $stmt = $parser->statements[0]; $fields = Table::getFields($stmt); if ($column != null) { $expression = isset($fields[$column]['expr']) ? substr($fields[$column]['expr'], 1, -1) : ''; return array($column => $expression); } $ret = array(); foreach ($fields as $field => $options) { if (isset($options['expr'])) { $ret[$field] = substr($options['expr'], 1, -1); } } return $ret; }
/** * This method is used to render the page header. * * @return void * * @see TCPDF::Header() */ public function Header() { // We only show this if we find something in the new pdf_pages table // This function must be named "Header" to work with the TCPDF library if ($this->_withDoc) { if ($this->_offline || $this->_pageNumber == -1) { $pg_name = __("PDF export page"); } else { $test_query = 'SELECT * FROM ' . Util::backquote($GLOBALS['cfgRelation']['db']) . '.' . Util::backquote($GLOBALS['cfgRelation']['pdf_pages']) . ' WHERE db_name = \'' . Util::sqlAddSlashes($this->_db) . '\' AND page_nr = \'' . $this->_pageNumber . '\''; $test_rs = PMA_queryAsControlUser($test_query); $pages = @$GLOBALS['dbi']->fetchAssoc($test_rs); $pg_name = ucfirst($pages['page_descr']); } $this->SetFont($this->_ff, 'B', 14); $this->Cell(0, 6, $pg_name, 'B', 1, 'C'); $this->SetFont($this->_ff, ''); $this->Ln(); } }
/** * Returns JSon for logging vars * * @return array */ function PMA_getJsonForLoggingVars() { if (isset($_REQUEST['varName']) && isset($_REQUEST['varValue'])) { $value = PMA\libraries\Util::sqlAddSlashes($_REQUEST['varValue']); if (!is_numeric($value)) { $value = "'" . $value . "'"; } if (!preg_match("/[^a-zA-Z0-9_]+/", $_REQUEST['varName'])) { $GLOBALS['dbi']->query('SET GLOBAL ' . $_REQUEST['varName'] . ' = ' . $value); } } $loggingVars = $GLOBALS['dbi']->fetchResult('SHOW GLOBAL VARIABLES WHERE Variable_name IN' . ' ("general_log","slow_query_log","long_query_time","log_output")', 0, 1); return $loggingVars; }
/** * Provides where clause for building SQL query * * @param string $table The table name * * @return string The generated where clause */ private function _getWhereClause($table) { // Columns to select $allColumns = $GLOBALS['dbi']->getColumns($GLOBALS['db'], $table); $likeClauses = array(); // Based on search type, decide like/regex & '%'/'' $like_or_regex = $this->_criteriaSearchType == 4 ? 'REGEXP' : 'LIKE'; $automatic_wildcard = $this->_criteriaSearchType < 3 ? '%' : ''; // For "as regular expression" (search option 4), LIKE won't be used // Usage example: If user is searching for a literal $ in a regexp search, // he should enter \$ as the value. $criteriaSearchStringEscaped = Util::sqlAddSlashes($this->_criteriaSearchString, $this->_criteriaSearchType == 4 ? false : true); // Extract search words or pattern $search_words = $this->_criteriaSearchType > 2 ? array($criteriaSearchStringEscaped) : explode(' ', $criteriaSearchStringEscaped); foreach ($search_words as $search_word) { // Eliminates empty values if (mb_strlen($search_word) === 0) { continue; } $likeClausesPerColumn = array(); // for each column in the table foreach ($allColumns as $column) { if (!isset($this->_criteriaColumnName) || mb_strlen($this->_criteriaColumnName) == 0 || $column['Field'] == $this->_criteriaColumnName) { $column = 'CONVERT(' . Util::backquote($column['Field']) . ' USING utf8)'; $likeClausesPerColumn[] = $column . ' ' . $like_or_regex . ' ' . "'" . $automatic_wildcard . $search_word . $automatic_wildcard . "'"; } } // end for if (count($likeClausesPerColumn) > 0) { $likeClauses[] = implode(' OR ', $likeClausesPerColumn); } } // end for // Use 'OR' if 'at least one word' is to be searched, else use 'AND' $implode_str = $this->_criteriaSearchType == 1 ? ' OR ' : ' AND '; if (empty($likeClauses)) { // this could happen when the "inside column" does not exist // in any selected tables $where_clause = ' WHERE FALSE'; } else { $where_clause = ' WHERE (' . implode(') ' . $implode_str . ' (', $likeClauses) . ')'; } return $where_clause; }
/** * Returns the list of events inside this database * * @param int $pos The offset of the list within the results * @param string $searchClause A string used to filter the results of the query * * @return array */ private function _getEvents($pos, $searchClause) { $maxItems = $GLOBALS['cfg']['MaxNavigationItems']; $retval = array(); $db = $this->real_name; if (!$GLOBALS['cfg']['Server']['DisableIS']) { $escdDb = Util::sqlAddSlashes($db); $query = "SELECT `EVENT_NAME` AS `name` "; $query .= "FROM `INFORMATION_SCHEMA`.`EVENTS` "; $query .= "WHERE `EVENT_SCHEMA` " . Util::getCollateForIS() . "='{$escdDb}' "; if (!empty($searchClause)) { $query .= "AND `EVENT_NAME` LIKE '%"; $query .= Util::sqlAddSlashes($searchClause, true); $query .= "%'"; } $query .= "ORDER BY `EVENT_NAME` ASC "; $query .= "LIMIT " . intval($pos) . ", {$maxItems}"; $retval = $GLOBALS['dbi']->fetchResult($query); } else { $escdDb = Util::backquote($db); $query = "SHOW EVENTS FROM {$escdDb} "; if (!empty($searchClause)) { $query .= "WHERE `Name` LIKE '%"; $query .= Util::sqlAddSlashes($searchClause, true); $query .= "%'"; } $handle = $GLOBALS['dbi']->tryQuery($query); if ($handle !== false) { $count = 0; if ($GLOBALS['dbi']->dataSeek($handle, $pos)) { while ($arr = $GLOBALS['dbi']->fetchArray($handle)) { if ($count < $maxItems) { $retval[] = $arr['Name']; $count++; } else { break; } } } } } return $retval; }
/** * Outputs export header. It is the first method to be called, so all * the required variables are initialized here. * * @return bool Whether it succeeded */ public function exportHeader() { $this->initSpecificVariables(); global $crlf, $cfg, $db; $table = $this->_getTable(); $tables = $this->_getTables(); $export_struct = isset($GLOBALS['xml_export_functions']) || isset($GLOBALS['xml_export_procedures']) || isset($GLOBALS['xml_export_tables']) || isset($GLOBALS['xml_export_triggers']) || isset($GLOBALS['xml_export_views']); $export_data = isset($GLOBALS['xml_export_contents']) ? true : false; if ($GLOBALS['output_charset_conversion']) { $charset = $GLOBALS['charset']; } else { $charset = 'utf-8'; } $head = '<?xml version="1.0" encoding="' . $charset . '"?>' . $crlf . '<!--' . $crlf . '- phpMyAdmin XML Dump' . $crlf . '- version ' . PMA_VERSION . $crlf . '- https://www.phpmyadmin.net' . $crlf . '-' . $crlf . '- ' . __('Host:') . ' ' . $cfg['Server']['host']; if (!empty($cfg['Server']['port'])) { $head .= ':' . $cfg['Server']['port']; } $head .= $crlf . '- ' . __('Generation Time:') . ' ' . Util::localisedDate() . $crlf . '- ' . __('Server version:') . ' ' . PMA_MYSQL_STR_VERSION . $crlf . '- ' . __('PHP Version:') . ' ' . phpversion() . $crlf . '-->' . $crlf . $crlf; $head .= '<pma_xml_export version="1.0"' . ($export_struct ? ' xmlns:pma="http://www.phpmyadmin.net/some_doc_url/"' : '') . '>' . $crlf; if ($export_struct) { $result = $GLOBALS['dbi']->fetchResult('SELECT `DEFAULT_CHARACTER_SET_NAME`, `DEFAULT_COLLATION_NAME`' . ' FROM `information_schema`.`SCHEMATA` WHERE `SCHEMA_NAME`' . ' = \'' . Util::sqlAddSlashes($db) . '\' LIMIT 1'); $db_collation = $result[0]['DEFAULT_COLLATION_NAME']; $db_charset = $result[0]['DEFAULT_CHARACTER_SET_NAME']; $head .= ' <!--' . $crlf; $head .= ' - Structure schemas' . $crlf; $head .= ' -->' . $crlf; $head .= ' <pma:structure_schemas>' . $crlf; $head .= ' <pma:database name="' . htmlspecialchars($db) . '" collation="' . $db_collation . '" charset="' . $db_charset . '">' . $crlf; if (count($tables) == 0) { $tables[] = $table; } foreach ($tables as $table) { // Export tables and views $result = $GLOBALS['dbi']->fetchResult('SHOW CREATE TABLE ' . Util::backquote($db) . '.' . Util::backquote($table), 0); $tbl = $result[$table][1]; $is_view = $GLOBALS['dbi']->getTable($db, $table)->isView(); if ($is_view) { $type = 'view'; } else { $type = 'table'; } if ($is_view && !isset($GLOBALS['xml_export_views'])) { continue; } if (!$is_view && !isset($GLOBALS['xml_export_tables'])) { continue; } $head .= ' <pma:' . $type . ' name="' . $table . '">' . $crlf; $tbl = " " . htmlspecialchars($tbl); $tbl = str_replace("\n", "\n ", $tbl); $head .= $tbl . ';' . $crlf; $head .= ' </pma:' . $type . '>' . $crlf; if (isset($GLOBALS['xml_export_triggers']) && $GLOBALS['xml_export_triggers']) { // Export triggers $triggers = $GLOBALS['dbi']->getTriggers($db, $table); if ($triggers) { foreach ($triggers as $trigger) { $code = $trigger['create']; $head .= ' <pma:trigger name="' . $trigger['name'] . '">' . $crlf; // Do some formatting $code = mb_substr(rtrim($code), 0, -3); $code = " " . htmlspecialchars($code); $code = str_replace("\n", "\n ", $code); $head .= $code . $crlf; $head .= ' </pma:trigger>' . $crlf; } unset($trigger); unset($triggers); } } } if (isset($GLOBALS['xml_export_functions']) && $GLOBALS['xml_export_functions']) { // Export functions $functions = $GLOBALS['dbi']->getProceduresOrFunctions($db, 'FUNCTION'); if ($functions) { foreach ($functions as $function) { $head .= ' <pma:function name="' . $function . '">' . $crlf; // Do some formatting $sql = $GLOBALS['dbi']->getDefinition($db, 'FUNCTION', $function); $sql = rtrim($sql); $sql = " " . htmlspecialchars($sql); $sql = str_replace("\n", "\n ", $sql); $head .= $sql . $crlf; $head .= ' </pma:function>' . $crlf; } unset($function); unset($functions); } } if (isset($GLOBALS['xml_export_procedures']) && $GLOBALS['xml_export_procedures']) { // Export procedures $procedures = $GLOBALS['dbi']->getProceduresOrFunctions($db, 'PROCEDURE'); if ($procedures) { foreach ($procedures as $procedure) { $head .= ' <pma:procedure name="' . $procedure . '">' . $crlf; // Do some formatting $sql = $GLOBALS['dbi']->getDefinition($db, 'PROCEDURE', $procedure); $sql = rtrim($sql); $sql = " " . htmlspecialchars($sql); $sql = str_replace("\n", "\n ", $sql); $head .= $sql . $crlf; $head .= ' </pma:procedure>' . $crlf; } unset($procedure); unset($procedures); } } if (isset($GLOBALS['xml_export_events']) && $GLOBALS['xml_export_events']) { // Export events $events = $GLOBALS['dbi']->fetchResult("SELECT EVENT_NAME FROM information_schema.EVENTS " . "WHERE EVENT_SCHEMA='" . Util::sqlAddslashes($db) . "'"); if ($events) { foreach ($events as $event) { $head .= ' <pma:event name="' . $event . '">' . $crlf; $sql = $GLOBALS['dbi']->getDefinition($db, 'EVENT', $event); $sql = rtrim($sql); $sql = " " . htmlspecialchars($sql); $sql = str_replace("\n", "\n ", $sql); $head .= $sql . $crlf; $head .= ' </pma:event>' . $crlf; } unset($event); unset($events); } } unset($result); $head .= ' </pma:database>' . $crlf; $head .= ' </pma:structure_schemas>' . $crlf; if ($export_data) { $head .= $crlf; } } return PMA_exportOutputHandler($head); }
/** * Analyzes a given SQL statement and saves tracking data. * * @param string $query a SQL query * * @static * * @return void */ public static function handleQuery($query) { // If query is marked as untouchable, leave if (mb_strstr($query, "/*NOTRACK*/")) { return; } if (!(substr($query, -1) == ';')) { $query = $query . ";\n"; } // Get some information about query $result = self::parseQuery($query); // Get database name $dbname = trim(isset($GLOBALS['db']) ? $GLOBALS['db'] : '', '`'); // $dbname can be empty, for example when coming from Synchronize // and this is a query for the remote server if (empty($dbname)) { return; } // If we found a valid statement if (isset($result['identifier'])) { $version = self::getVersion($dbname, $result['tablename'], $result['identifier']); // If version not exists and auto-creation is enabled if ($GLOBALS['cfg']['Server']['tracking_version_auto_create'] == true && self::isTracked($dbname, $result['tablename']) == false && $version == -1) { // Create the version switch ($result['identifier']) { case 'CREATE TABLE': self::createVersion($dbname, $result['tablename'], '1'); break; case 'CREATE VIEW': self::createVersion($dbname, $result['tablename'], '1', '', true); break; case 'CREATE DATABASE': self::createDatabaseVersion($dbname, '1', $query); break; } // end switch } // If version exists if (self::isTracked($dbname, $result['tablename']) && $version != -1) { if ($result['type'] == 'DDL') { $save_to = 'schema_sql'; } elseif ($result['type'] == 'DML') { $save_to = 'data_sql'; } else { $save_to = ''; } $date = date('Y-m-d H:i:s'); // Cut off `dbname`. from query $query = preg_replace('/`' . preg_quote($dbname) . '`\\s?\\./', '', $query); // Add log information $query = self::getLogComment() . $query; // Mark it as untouchable $sql_query = " /*NOTRACK*/\n" . " UPDATE " . self::_getTrackingTable() . " SET " . Util::backquote($save_to) . " = CONCAT( " . Util::backquote($save_to) . ",'\n" . Util::sqlAddSlashes($query) . "') ," . " `date_updated` = '" . $date . "' "; // If table was renamed we have to change // the tablename attribute in pma_tracking too if ($result['identifier'] == 'RENAME TABLE') { $sql_query .= ', `table_name` = \'' . Util::sqlAddSlashes($result['tablename_after_rename']) . '\' '; } // Save the tracking information only for // 1. the database // 2. the table / view // 3. the statements // we want to track $sql_query .= " WHERE FIND_IN_SET('" . $result['identifier'] . "',tracking) > 0" . " AND `db_name` = '" . Util::sqlAddSlashes($dbname) . "' " . " AND `table_name` = '" . Util::sqlAddSlashes($result['tablename']) . "' " . " AND `version` = '" . Util::sqlAddSlashes($version) . "' "; PMA_queryAsControlUser($sql_query); } } }
/** * Outputs the content of a table in SQL format * * @param string $db database name * @param string $table table name * @param string $crlf the end of line sequence * @param string $error_url the url to go back in case of error * @param string $sql_query SQL query for obtaining data * @param array $aliases Aliases of db/table/columns * * @return bool Whether it succeeded */ public function exportData($db, $table, $crlf, $error_url, $sql_query, $aliases = array()) { global $current_row, $sql_backquotes; $db_alias = $db; $table_alias = $table; $this->initAlias($aliases, $db_alias, $table_alias); if (isset($GLOBALS['sql_compatibility'])) { $compat = $GLOBALS['sql_compatibility']; } else { $compat = 'NONE'; } $formatted_table_name = Util::backquoteCompat($table_alias, $compat, $sql_backquotes); // Do not export data for a VIEW, unless asked to export the view as a table // (For a VIEW, this is called only when exporting a single VIEW) if ($GLOBALS['dbi']->getTable($db, $table)->isView() && empty($GLOBALS['sql_views_as_tables'])) { $head = $this->_possibleCRLF() . $this->_exportComment() . $this->_exportComment('VIEW ' . ' ' . $formatted_table_name) . $this->_exportComment(__('Data:') . ' ' . __('None')) . $this->_exportComment() . $this->_possibleCRLF(); if (!PMA_exportOutputHandler($head)) { return false; } return true; } $result = $GLOBALS['dbi']->tryQuery($sql_query, null, DatabaseInterface::QUERY_UNBUFFERED); // a possible error: the table has crashed $tmp_error = $GLOBALS['dbi']->getError(); if ($tmp_error) { return PMA_exportOutputHandler($this->_exportComment(__('Error reading data:') . ' (' . $tmp_error . ')')); } if ($result == false) { $GLOBALS['dbi']->freeResult($result); return true; } $fields_cnt = $GLOBALS['dbi']->numFields($result); // Get field information $fields_meta = $GLOBALS['dbi']->getFieldsMeta($result); $field_flags = array(); for ($j = 0; $j < $fields_cnt; $j++) { $field_flags[$j] = $GLOBALS['dbi']->fieldFlags($result, $j); } $field_set = array(); for ($j = 0; $j < $fields_cnt; $j++) { $col_as = $fields_meta[$j]->name; if (!empty($aliases[$db]['tables'][$table]['columns'][$col_as])) { $col_as = $aliases[$db]['tables'][$table]['columns'][$col_as]; } $field_set[$j] = Util::backquoteCompat($col_as, $compat, $sql_backquotes); } if (isset($GLOBALS['sql_type']) && $GLOBALS['sql_type'] == 'UPDATE') { // update $schema_insert = 'UPDATE '; if (isset($GLOBALS['sql_ignore'])) { $schema_insert .= 'IGNORE '; } // avoid EOL blank $schema_insert .= Util::backquoteCompat($table_alias, $compat, $sql_backquotes) . ' SET'; } else { // insert or replace if (isset($GLOBALS['sql_type']) && $GLOBALS['sql_type'] == 'REPLACE') { $sql_command = 'REPLACE'; } else { $sql_command = 'INSERT'; } // delayed inserts? if (isset($GLOBALS['sql_delayed'])) { $insert_delayed = ' DELAYED'; } else { $insert_delayed = ''; } // insert ignore? if (isset($GLOBALS['sql_type']) && $GLOBALS['sql_type'] == 'INSERT' && isset($GLOBALS['sql_ignore'])) { $insert_delayed .= ' IGNORE'; } //truncate table before insert if (isset($GLOBALS['sql_truncate']) && $GLOBALS['sql_truncate'] && $sql_command == 'INSERT') { $truncate = 'TRUNCATE TABLE ' . Util::backquoteCompat($table_alias, $compat, $sql_backquotes) . ";"; $truncatehead = $this->_possibleCRLF() . $this->_exportComment() . $this->_exportComment(__('Truncate table before insert') . ' ' . $formatted_table_name) . $this->_exportComment() . $crlf; PMA_exportOutputHandler($truncatehead); PMA_exportOutputHandler($truncate); } // scheme for inserting fields if ($GLOBALS['sql_insert_syntax'] == 'complete' || $GLOBALS['sql_insert_syntax'] == 'both') { $fields = implode(', ', $field_set); $schema_insert = $sql_command . $insert_delayed . ' INTO ' . Util::backquoteCompat($table_alias, $compat, $sql_backquotes) . ' (' . $fields . ') VALUES'; } else { $schema_insert = $sql_command . $insert_delayed . ' INTO ' . Util::backquoteCompat($table_alias, $compat, $sql_backquotes) . ' VALUES'; } } //\x08\\x09, not required $search = array("", "\n", "\r", ""); $replace = array('\\0', '\\n', '\\r', '\\Z'); $current_row = 0; $query_size = 0; if (($GLOBALS['sql_insert_syntax'] == 'extended' || $GLOBALS['sql_insert_syntax'] == 'both') && (!isset($GLOBALS['sql_type']) || $GLOBALS['sql_type'] != 'UPDATE')) { $separator = ','; $schema_insert .= $crlf; } else { $separator = ';'; } while ($row = $GLOBALS['dbi']->fetchRow($result)) { if ($current_row == 0) { $head = $this->_possibleCRLF() . $this->_exportComment() . $this->_exportComment(__('Dumping data for table') . ' ' . $formatted_table_name) . $this->_exportComment() . $crlf; if (!PMA_exportOutputHandler($head)) { return false; } } // We need to SET IDENTITY_INSERT ON for MSSQL if (isset($GLOBALS['sql_compatibility']) && $GLOBALS['sql_compatibility'] == 'MSSQL' && $current_row == 0) { if (!PMA_exportOutputHandler('SET IDENTITY_INSERT ' . Util::backquoteCompat($table_alias, $compat, $sql_backquotes) . ' ON ;' . $crlf)) { return false; } } $current_row++; $values = array(); for ($j = 0; $j < $fields_cnt; $j++) { // NULL if (!isset($row[$j]) || is_null($row[$j])) { $values[] = 'NULL'; } elseif ($fields_meta[$j]->numeric && $fields_meta[$j]->type != 'timestamp' && !$fields_meta[$j]->blob) { // a number // timestamp is numeric on some MySQL 4.1, BLOBs are // sometimes numeric $values[] = $row[$j]; } elseif (stristr($field_flags[$j], 'BINARY') !== false && isset($GLOBALS['sql_hex_for_binary'])) { // a true BLOB // - mysqldump only generates hex data when the --hex-blob // option is used, for fields having the binary attribute // no hex is generated // - a TEXT field returns type blob but a real blob // returns also the 'binary' flag // empty blobs need to be different, but '0' is also empty // :-( if (empty($row[$j]) && $row[$j] != '0') { $values[] = '\'\''; } else { $values[] = '0x' . bin2hex($row[$j]); } } elseif ($fields_meta[$j]->type == 'bit') { // detection of 'bit' works only on mysqli extension $values[] = "b'" . Util::sqlAddSlashes(Util::printableBitValue($row[$j], $fields_meta[$j]->length)) . "'"; } elseif (!empty($GLOBALS['exporting_metadata']) && $row[$j] == '@LAST_PAGE') { $values[] = '@LAST_PAGE'; } else { // something else -> treat as a string $values[] = '\'' . str_replace($search, $replace, Util::sqlAddSlashes($row[$j])) . '\''; } // end if } // end for // should we make update? if (isset($GLOBALS['sql_type']) && $GLOBALS['sql_type'] == 'UPDATE') { $insert_line = $schema_insert; for ($i = 0; $i < $fields_cnt; $i++) { if (0 == $i) { $insert_line .= ' '; } if ($i > 0) { // avoid EOL blank $insert_line .= ','; } $insert_line .= $field_set[$i] . ' = ' . $values[$i]; } list($tmp_unique_condition, $tmp_clause_is_unique) = Util::getUniqueCondition($result, $fields_cnt, $fields_meta, $row, false, false, null); $insert_line .= ' WHERE ' . $tmp_unique_condition; unset($tmp_unique_condition, $tmp_clause_is_unique); } else { // Extended inserts case if ($GLOBALS['sql_insert_syntax'] == 'extended' || $GLOBALS['sql_insert_syntax'] == 'both') { if ($current_row == 1) { $insert_line = $schema_insert . '(' . implode(', ', $values) . ')'; } else { $insert_line = '(' . implode(', ', $values) . ')'; $insertLineSize = mb_strlen($insert_line); $sql_max_size = $GLOBALS['sql_max_query_size']; if (isset($sql_max_size) && $sql_max_size > 0 && $query_size + $insertLineSize > $sql_max_size) { if (!PMA_exportOutputHandler(';' . $crlf)) { return false; } $query_size = 0; $current_row = 1; $insert_line = $schema_insert . $insert_line; } } $query_size += mb_strlen($insert_line); // Other inserts case } else { $insert_line = $schema_insert . '(' . implode(', ', $values) . ')'; } } unset($values); if (!PMA_exportOutputHandler(($current_row == 1 ? '' : $separator . $crlf) . $insert_line)) { return false; } } // end while if ($current_row > 0) { if (!PMA_exportOutputHandler(';' . $crlf)) { return false; } } // We need to SET IDENTITY_INSERT OFF for MSSQL if (isset($GLOBALS['sql_compatibility']) && $GLOBALS['sql_compatibility'] == 'MSSQL' && $current_row > 0) { $outputSucceeded = PMA_exportOutputHandler($crlf . 'SET IDENTITY_INSERT ' . Util::backquoteCompat($table_alias, $compat, $sql_backquotes) . ' OFF;' . $crlf); if (!$outputSucceeded) { return false; } } $GLOBALS['dbi']->freeResult($result); return true; }
/** * Get SQL queries for Display and Add user * * @param string $username username * @param string $hostname host name * @param string $password password * * @return array ($create_user_real, $create_user_show,$real_sql_query, $sql_query * $password_set_real, $password_set_show) */ function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password) { $slashedUsername = Util::sqlAddSlashes($username); $slashedHostname = Util::sqlAddSlashes($hostname); $slashedPassword = Util::sqlAddSlashes($password); $serverType = Util::getServerType(); $create_user_stmt = sprintf('CREATE USER \'%s\'@\'%s\'', $slashedUsername, $slashedHostname); // See https://github.com/phpmyadmin/phpmyadmin/pull/11560#issuecomment-147158219 // for details regarding details of syntax usage for various versions // 'IDENTIFIED WITH auth_plugin' // is supported by MySQL 5.5.7+ if (($serverType == 'MySQL' || $serverType == 'Percona Server') && PMA_MYSQL_INT_VERSION >= 50507 && isset($_REQUEST['authentication_plugin'])) { $create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin']; } // 'IDENTIFIED VIA auth_plugin' // is supported by MariaDB 5.2+ if ($serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200 && isset($_REQUEST['authentication_plugin'])) { $create_user_stmt .= ' IDENTIFIED VIA ' . $_REQUEST['authentication_plugin']; } $create_user_real = $create_user_show = $create_user_stmt; $password_set_stmt = 'SET PASSWORD FOR \'%s\'@\'%s\' = \'%s\''; $password_set_show = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, '***'); $sql_query_stmt = sprintf('GRANT %s ON *.* TO \'%s\'@\'%s\'', join(', ', PMA_extractPrivInfo()), $slashedUsername, $slashedHostname); $real_sql_query = $sql_query = $sql_query_stmt; // Set the proper hashing method if (isset($_REQUEST['authentication_plugin'])) { PMA_setProperPasswordHashing($_REQUEST['authentication_plugin']); } // Use 'CREATE USER ... WITH ... AS ..' syntax for // newer MySQL versions // and 'CREATE USER ... USING .. VIA ..' syntax for // newer MariaDB versions if (($serverType == 'MySQL' || $serverType == 'Percona Server') && PMA_MYSQL_INT_VERSION >= 50706 || $serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200) { $password_set_real = null; // Required for binding '%' with '%s' $create_user_stmt = str_replace('%', '%%', $create_user_stmt); // MariaDB uses 'USING' whereas MySQL uses 'AS' if ($serverType == 'MariaDB') { $create_user_stmt .= ' USING \'%s\''; } else { $create_user_stmt .= ' AS \'%s\''; } if ($_POST['pred_password'] == 'keep') { $create_user_real = sprintf($create_user_stmt, $slashedPassword); $create_user_show = sprintf($create_user_stmt, '***'); } else { if ($_POST['pred_password'] == 'none') { $create_user_real = sprintf($create_user_stmt, null); $create_user_show = sprintf($create_user_stmt, '***'); } else { $hashedPassword = PMA_getHashedPassword($_POST['pma_pw']); $create_user_real = sprintf($create_user_stmt, $hashedPassword); $create_user_show = sprintf($create_user_stmt, '***'); } } } else { // Use 'SET PASSWORD' syntax for pre-5.7.6 MySQL versions // and pre-5.2.0 MariaDB versions if ($_POST['pred_password'] == 'keep') { $password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $slashedPassword); } else { if ($_POST['pred_password'] == 'none') { $password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, null); } else { $hashedPassword = PMA_getHashedPassword($_POST['pma_pw']); $password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $hashedPassword); } } } // add REQUIRE clause $require_clause = PMA_getRequireClause(); $real_sql_query .= $require_clause; $sql_query .= $require_clause; if (isset($_POST['Grant_priv']) && $_POST['Grant_priv'] == 'Y' || (isset($_POST['max_questions']) || isset($_POST['max_connections']) || isset($_POST['max_updates']) || isset($_POST['max_user_connections']))) { $with_clause = PMA_getWithClauseForAddUserAndUpdatePrivs(); $real_sql_query .= $with_clause; $sql_query .= $with_clause; } if (isset($create_user_real)) { $create_user_real .= ';'; $create_user_show .= ';'; } $real_sql_query .= ';'; $sql_query .= ';'; // No Global GRANT_OPTION privilege if (!$GLOBALS['is_grantuser']) { $real_sql_query = ''; $sql_query = ''; } // Use 'SET PASSWORD' for pre-5.7.6 MySQL versions // and pre-5.2.0 MariaDB if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706 || $serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200) { $password_set_real = null; $password_set_show = null; } else { $password_set_real .= ";"; $password_set_show .= ";"; } return array($create_user_real, $create_user_show, $real_sql_query, $sql_query, $password_set_real, $password_set_show); }
/** * Handles requests for executing a routine * * @return void */ function PMA_RTN_handleExecute() { global $_GET, $_POST, $_REQUEST, $GLOBALS, $db; /** * Handle all user requests other than the default of listing routines */ if (!empty($_REQUEST['execute_routine']) && !empty($_REQUEST['item_name'])) { // Build the queries $routine = PMA_RTN_getDataFromName($_REQUEST['item_name'], $_REQUEST['item_type'], false); if ($routine === false) { $message = __('Error in processing request:') . ' '; $message .= sprintf(PMA_RTE_getWord('not_found'), htmlspecialchars(PMA\libraries\Util::backquote($_REQUEST['item_name'])), htmlspecialchars(PMA\libraries\Util::backquote($db))); $message = Message::error($message); if ($GLOBALS['is_ajax_request']) { $response = PMA\libraries\Response::getInstance(); $response->setRequestStatus(false); $response->addJSON('message', $message); exit; } else { echo $message->getDisplay(); unset($_POST); } } $queries = array(); $end_query = array(); $args = array(); $all_functions = $GLOBALS['PMA_Types']->getAllFunctions(); for ($i = 0; $i < $routine['item_num_params']; $i++) { if (isset($_REQUEST['params'][$routine['item_param_name'][$i]])) { $value = $_REQUEST['params'][$routine['item_param_name'][$i]]; if (is_array($value)) { // is SET type $value = implode(',', $value); } $value = PMA\libraries\Util::sqlAddSlashes($value); if (!empty($_REQUEST['funcs'][$routine['item_param_name'][$i]]) && in_array($_REQUEST['funcs'][$routine['item_param_name'][$i]], $all_functions)) { $queries[] = "SET @p{$i}=" . $_REQUEST['funcs'][$routine['item_param_name'][$i]] . "('{$value}');\n"; } else { $queries[] = "SET @p{$i}='{$value}';\n"; } $args[] = "@p{$i}"; } else { $args[] = "@p{$i}"; } if ($routine['item_type'] == 'PROCEDURE') { if ($routine['item_param_dir'][$i] == 'OUT' || $routine['item_param_dir'][$i] == 'INOUT') { $end_query[] = "@p{$i} AS " . PMA\libraries\Util::backquote($routine['item_param_name'][$i]); } } } if ($routine['item_type'] == 'PROCEDURE') { $queries[] = "CALL " . PMA\libraries\Util::backquote($routine['item_name']) . "(" . implode(', ', $args) . ");\n"; if (count($end_query)) { $queries[] = "SELECT " . implode(', ', $end_query) . ";\n"; } } else { $queries[] = "SELECT " . PMA\libraries\Util::backquote($routine['item_name']) . "(" . implode(', ', $args) . ") " . "AS " . PMA\libraries\Util::backquote($routine['item_name']) . ";\n"; } // Get all the queries as one SQL statement $multiple_query = implode("", $queries); $outcome = true; $affected = 0; // Execute query if (!$GLOBALS['dbi']->tryMultiQuery($multiple_query)) { $outcome = false; } // Generate output if ($outcome) { // Pass the SQL queries through the "pretty printer" $output = PMA\libraries\Util::formatSql(implode($queries, "\n")); // Display results $output .= "<fieldset><legend>"; $output .= sprintf(__('Execution results of routine %s'), PMA\libraries\Util::backquote(htmlspecialchars($routine['item_name']))); $output .= "</legend>"; $nbResultsetToDisplay = 0; do { $result = $GLOBALS['dbi']->storeResult(); $num_rows = $GLOBALS['dbi']->numRows($result); if ($result !== false && $num_rows > 0) { $output .= "<table><tr>"; foreach ($GLOBALS['dbi']->getFieldsMeta($result) as $field) { $output .= "<th>"; $output .= htmlspecialchars($field->name); $output .= "</th>"; } $output .= "</tr>"; $color_class = 'odd'; while ($row = $GLOBALS['dbi']->fetchAssoc($result)) { $output .= "<tr>" . browseRow($row, $color_class) . "</tr>"; $color_class = $color_class == 'odd' ? 'even' : 'odd'; } $output .= "</table>"; $nbResultsetToDisplay++; $affected = $num_rows; } if (!$GLOBALS['dbi']->moreResults()) { break; } $output .= "<br/>"; $GLOBALS['dbi']->freeResult($result); } while ($GLOBALS['dbi']->nextResult()); $output .= "</fieldset>"; $message = __('Your SQL query has been executed successfully.'); if ($routine['item_type'] == 'PROCEDURE') { $message .= '<br />'; // TODO : message need to be modified according to the // output from the routine $message .= sprintf(_ngettext('%d row affected by the last statement inside the ' . 'procedure.', '%d rows affected by the last statement inside the ' . 'procedure.', $affected), $affected); } $message = Message::success($message); if ($nbResultsetToDisplay == 0) { $notice = __('MySQL returned an empty result set (i.e. zero rows).'); $output .= Message::notice($notice)->getDisplay(); } } else { $output = ''; $message = Message::error(sprintf(__('The following query has failed: "%s"'), htmlspecialchars($multiple_query)) . '<br /><br />' . __('MySQL said: ') . $GLOBALS['dbi']->getError(null)); } // Print/send output if ($GLOBALS['is_ajax_request']) { $response = PMA\libraries\Response::getInstance(); $response->setRequestStatus($message->isSuccess()); $response->addJSON('message', $message->getDisplay() . $output); $response->addJSON('dialog', false); exit; } else { echo $message->getDisplay() . $output; if ($message->isError()) { // At least one query has failed, so shouldn't // execute any more queries, so we quit. exit; } unset($_POST); // Now deliberately fall through to displaying the routines list } return; } else { if (!empty($_GET['execute_dialog']) && !empty($_GET['item_name'])) { /** * Display the execute form for a routine. */ $routine = PMA_RTN_getDataFromName($_GET['item_name'], $_GET['item_type'], true); if ($routine !== false) { $form = PMA_RTN_getExecuteForm($routine); if ($GLOBALS['is_ajax_request'] == true) { $title = __("Execute routine") . " " . PMA\libraries\Util::backquote(htmlentities($_GET['item_name'], ENT_QUOTES)); $response = PMA\libraries\Response::getInstance(); $response->addJSON('message', $form); $response->addJSON('title', $title); $response->addJSON('dialog', true); } else { echo "\n\n<h2>" . __("Execute routine") . "</h2>\n\n"; echo $form; } exit; } else { if ($GLOBALS['is_ajax_request'] == true) { $message = __('Error in processing request:') . ' '; $message .= sprintf(PMA_RTE_getWord('not_found'), htmlspecialchars(PMA\libraries\Util::backquote($_REQUEST['item_name'])), htmlspecialchars(PMA\libraries\Util::backquote($db))); $message = Message::error($message); $response = PMA\libraries\Response::getInstance(); $response->setRequestStatus(false); $response->addJSON('message', $message); exit; } } } } }
/** * Handles the whole import logic * * @param array &$sql_data 2-element array with sql data * * @return void */ public function doImport(&$sql_data = array()) { global $db, $table, $csv_terminated, $csv_enclosed, $csv_escaped, $csv_new_line, $csv_columns, $err_url; // $csv_replace and $csv_ignore should have been here, // but we use directly from $_POST global $error, $timeout_passed, $finished, $message; $replacements = array('\\n' => "\n", '\\t' => "\t", '\\r' => "\r"); $csv_terminated = strtr($csv_terminated, $replacements); $csv_enclosed = strtr($csv_enclosed, $replacements); $csv_escaped = strtr($csv_escaped, $replacements); $csv_new_line = strtr($csv_new_line, $replacements); $param_error = false; if (mb_strlen($csv_terminated) < 1) { $message = PMA\libraries\Message::error(__('Invalid parameter for CSV import: %s')); $message->addParam(__('Columns terminated with'), false); $error = true; $param_error = true; // The default dialog of MS Excel when generating a CSV produces a // semi-colon-separated file with no chance of specifying the // enclosing character. Thus, users who want to import this file // tend to remove the enclosing character on the Import dialog. // I could not find a test case where having no enclosing characters // confuses this script. // But the parser won't work correctly with strings so we allow just // one character. } elseif (mb_strlen($csv_enclosed) > 1) { $message = PMA\libraries\Message::error(__('Invalid parameter for CSV import: %s')); $message->addParam(__('Columns enclosed with'), false); $error = true; $param_error = true; // I could not find a test case where having no escaping characters // confuses this script. // But the parser won't work correctly with strings so we allow just // one character. } elseif (mb_strlen($csv_escaped) > 1) { $message = PMA\libraries\Message::error(__('Invalid parameter for CSV import: %s')); $message->addParam(__('Columns escaped with'), false); $error = true; $param_error = true; } elseif (mb_strlen($csv_new_line) != 1 && $csv_new_line != 'auto') { $message = PMA\libraries\Message::error(__('Invalid parameter for CSV import: %s')); $message->addParam(__('Lines terminated with'), false); $error = true; $param_error = true; } // If there is an error in the parameters entered, // indicate that immediately. if ($param_error) { PMA\libraries\Util::mysqlDie($message->getMessage(), '', false, $err_url); } $buffer = ''; $required_fields = 0; if (!$this->_getAnalyze()) { $sql_template = 'INSERT'; if (isset($_POST['csv_ignore'])) { $sql_template .= ' IGNORE'; } $sql_template .= ' INTO ' . PMA\libraries\Util::backquote($table); $tmp_fields = $GLOBALS['dbi']->getColumns($db, $table); if (empty($csv_columns)) { $fields = $tmp_fields; } else { $sql_template .= ' ('; $fields = array(); $tmp = preg_split('/,( ?)/', $csv_columns); foreach ($tmp as $key => $val) { if (count($fields) > 0) { $sql_template .= ', '; } /* Trim also `, if user already included backquoted fields */ $val = trim($val, " \t\r\n\v`"); $found = false; foreach ($tmp_fields as $field) { if ($field['Field'] == $val) { $found = true; break; } } if (!$found) { $message = PMA\libraries\Message::error(__('Invalid column (%s) specified! Ensure that columns' . ' names are spelled correctly, separated by commas' . ', and not enclosed in quotes.')); $message->addParam($val); $error = true; break; } $fields[] = $field; $sql_template .= PMA\libraries\Util::backquote($val); } $sql_template .= ') '; } $required_fields = count($fields); $sql_template .= ' VALUES ('; } // Defaults for parser $i = 0; $len = 0; $lastlen = null; $line = 1; $lasti = -1; $values = array(); $csv_finish = false; $tempRow = array(); $rows = array(); $col_names = array(); $tables = array(); $col_count = 0; $max_cols = 0; $csv_terminated_len = mb_strlen($csv_terminated); while (!($finished && $i >= $len) && !$error && !$timeout_passed) { $data = PMA_importGetNextChunk(); if ($data === false) { // subtract data we didn't handle yet and stop processing $GLOBALS['offset'] -= strlen($buffer); break; } elseif ($data === true) { // Handle rest of buffer } else { // Append new data to buffer $buffer .= $data; unset($data); // Force a trailing new line at EOF to prevent parsing problems if ($finished && $buffer) { $finalch = mb_substr($buffer, -1); if ($csv_new_line == 'auto' && $finalch != "\r" && $finalch != "\n") { $buffer .= "\n"; } elseif ($csv_new_line != 'auto' && $finalch != $csv_new_line) { $buffer .= $csv_new_line; } } // Do not parse string when we're not at the end // and don't have new line inside if ($csv_new_line == 'auto' && mb_strpos($buffer, "\r") === false && mb_strpos($buffer, "\n") === false || $csv_new_line != 'auto' && mb_strpos($buffer, $csv_new_line) === false) { continue; } } // Current length of our buffer $len = mb_strlen($buffer); // Currently parsed char $ch = mb_substr($buffer, $i, 1); if ($csv_terminated_len > 1 && $ch == $csv_terminated[0]) { $ch = $this->readCsvTerminatedString($buffer, $ch, $i, $csv_terminated_len); $i += $csv_terminated_len - 1; } while ($i < $len) { // Deadlock protection if ($lasti == $i && $lastlen == $len) { $message = PMA\libraries\Message::error(__('Invalid format of CSV input on line %d.')); $message->addParam($line); $error = true; break; } $lasti = $i; $lastlen = $len; // This can happen with auto EOL and \r at the end of buffer if (!$csv_finish) { // Grab empty field if ($ch == $csv_terminated) { if ($i == $len - 1) { break; } $values[] = ''; $i++; $ch = mb_substr($buffer, $i, 1); if ($csv_terminated_len > 1 && $ch == $csv_terminated[0]) { $ch = $this->readCsvTerminatedString($buffer, $ch, $i, $csv_terminated_len); $i += $csv_terminated_len - 1; } continue; } // Grab one field $fallbacki = $i; if ($ch == $csv_enclosed) { if ($i == $len - 1) { break; } $need_end = true; $i++; $ch = mb_substr($buffer, $i, 1); if ($csv_terminated_len > 1 && $ch == $csv_terminated[0]) { $ch = $this->readCsvTerminatedString($buffer, $ch, $i, $csv_terminated_len); $i += $csv_terminated_len - 1; } } else { $need_end = false; } $fail = false; $value = ''; while ($need_end && ($ch != $csv_enclosed || $csv_enclosed == $csv_escaped) || !$need_end && !($ch == $csv_terminated || $ch == $csv_new_line || $csv_new_line == 'auto' && ($ch == "\r" || $ch == "\n"))) { if ($ch == $csv_escaped) { if ($i == $len - 1) { $fail = true; break; } $i++; $ch = mb_substr($buffer, $i, 1); if ($csv_terminated_len > 1 && $ch == $csv_terminated[0]) { $ch = $this->readCsvTerminatedString($buffer, $ch, $i, $csv_terminated_len); $i += $csv_terminated_len - 1; } if ($csv_enclosed == $csv_escaped && ($ch == $csv_terminated || $ch == $csv_new_line || $csv_new_line == 'auto' && ($ch == "\r" || $ch == "\n"))) { break; } } $value .= $ch; if ($i == $len - 1) { if (!$finished) { $fail = true; } break; } $i++; $ch = mb_substr($buffer, $i, 1); if ($csv_terminated_len > 1 && $ch == $csv_terminated[0]) { $ch = $this->readCsvTerminatedString($buffer, $ch, $i, $csv_terminated_len); $i += $csv_terminated_len - 1; } } // unquoted NULL string if (false === $need_end && $value === 'NULL') { $value = null; } if ($fail) { $i = $fallbacki; $ch = mb_substr($buffer, $i, 1); if ($csv_terminated_len > 1 && $ch == $csv_terminated[0]) { $i += $csv_terminated_len - 1; } break; } // Need to strip trailing enclosing char? if ($need_end && $ch == $csv_enclosed) { if ($finished && $i == $len - 1) { $ch = null; } elseif ($i == $len - 1) { $i = $fallbacki; $ch = mb_substr($buffer, $i, 1); if ($csv_terminated_len > 1 && $ch == $csv_terminated[0]) { $i += $csv_terminated_len - 1; } break; } else { $i++; $ch = mb_substr($buffer, $i, 1); if ($csv_terminated_len > 1 && $ch == $csv_terminated[0]) { $ch = $this->readCsvTerminatedString($buffer, $ch, $i, $csv_terminated_len); $i += $csv_terminated_len - 1; } } } // Are we at the end? if ($ch == $csv_new_line || $csv_new_line == 'auto' && ($ch == "\r" || $ch == "\n") || $finished && $i == $len - 1) { $csv_finish = true; } // Go to next char if ($ch == $csv_terminated) { if ($i == $len - 1) { $i = $fallbacki; $ch = mb_substr($buffer, $i, 1); if ($csv_terminated_len > 1 && $ch == $csv_terminated[0]) { $i += $csv_terminated_len - 1; } break; } $i++; $ch = mb_substr($buffer, $i, 1); if ($csv_terminated_len > 1 && $ch == $csv_terminated[0]) { $ch = $this->readCsvTerminatedString($buffer, $ch, $i, $csv_terminated_len); $i += $csv_terminated_len - 1; } } // If everything went okay, store value $values[] = $value; } // End of line if ($csv_finish || $ch == $csv_new_line || $csv_new_line == 'auto' && ($ch == "\r" || $ch == "\n")) { if ($csv_new_line == 'auto' && $ch == "\r") { // Handle "\r\n" if ($i >= $len - 2 && !$finished) { break; // We need more data to decide new line } if (mb_substr($buffer, $i + 1, 1) == "\n") { $i++; } } // We didn't parse value till the end of line, so there was // empty one if (!$csv_finish) { $values[] = ''; } if ($this->_getAnalyze()) { foreach ($values as $val) { $tempRow[] = $val; ++$col_count; } if ($col_count > $max_cols) { $max_cols = $col_count; } $col_count = 0; $rows[] = $tempRow; $tempRow = array(); } else { // Do we have correct count of values? if (count($values) != $required_fields) { // Hack for excel if ($values[count($values) - 1] == ';') { unset($values[count($values) - 1]); } else { $message = PMA\libraries\Message::error(__('Invalid column count in CSV input' . ' on line %d.')); $message->addParam($line); $error = true; break; } } $first = true; $sql = $sql_template; foreach ($values as $key => $val) { if (!$first) { $sql .= ', '; } if ($val === null) { $sql .= 'NULL'; } else { $sql .= '\'' . PMA\libraries\Util::sqlAddSlashes($val) . '\''; } $first = false; } $sql .= ')'; if (isset($_POST['csv_replace'])) { $sql .= " ON DUPLICATE KEY UPDATE "; foreach ($fields as $field) { $fieldName = PMA\libraries\Util::backquote($field['Field']); $sql .= $fieldName . " = VALUES(" . $fieldName . "), "; } $sql = rtrim($sql, ', '); } /** * @todo maybe we could add original line to verbose * SQL in comment */ PMA_importRunQuery($sql, $sql, $sql_data); } $line++; $csv_finish = false; $values = array(); $buffer = mb_substr($buffer, $i + 1); $len = mb_strlen($buffer); $i = 0; $lasti = -1; $ch = mb_substr($buffer, 0, 1); } } // End of parser loop } // End of import loop if ($this->_getAnalyze()) { /* Fill out all rows */ $num_rows = count($rows); for ($i = 0; $i < $num_rows; ++$i) { for ($j = count($rows[$i]); $j < $max_cols; ++$j) { $rows[$i][] = 'NULL'; } } if (isset($_REQUEST['csv_col_names'])) { $col_names = array_splice($rows, 0, 1); $col_names = $col_names[0]; // MySQL column names can't end with a space character. foreach ($col_names as $key => $col_name) { $col_names[$key] = rtrim($col_name); } } if (isset($col_names) && count($col_names) != $max_cols || !isset($col_names)) { // Fill out column names for ($i = 0; $i < $max_cols; ++$i) { $col_names[] = 'COL ' . ($i + 1); } } if (mb_strlen($db)) { $result = $GLOBALS['dbi']->fetchResult('SHOW TABLES'); $tbl_name = 'TABLE ' . (count($result) + 1); } else { $tbl_name = 'TBL_NAME'; } $tables[] = array($tbl_name, $col_names, $rows); /* Obtain the best-fit MySQL types for each column */ $analyses = array(); $analyses[] = PMA_analyzeTable($tables[0]); /** * string $db_name (no backquotes) * * array $table = array(table_name, array() column_names, array()() rows) * array $tables = array of "$table"s * * array $analysis = array(array() column_types, array() column_sizes) * array $analyses = array of "$analysis"s * * array $create = array of SQL strings * * array $options = an associative array of options */ /* Set database name to the currently selected one, if applicable */ list($db_name, $options) = $this->getDbnameAndOptions($db, 'CSV_DB'); /* Non-applicable parameters */ $create = null; /* Created and execute necessary SQL statements from data */ PMA_buildSQL($db_name, $tables, $analyses, $create, $options, $sql_data); unset($tables); unset($analyses); } // Commit any possible data in buffers PMA_importRunQuery('', '', $sql_data); if (count($values) != 0 && !$error) { $message = PMA\libraries\Message::error(__('Invalid format of CSV input on line %d.')); $message->addParam($line); $error = true; } }
// In such case we can use the value of port. $server_details['port'] = $cfg['Server']['port']; } // otherwise we leave the $server_details['port'] unset, // allowing it to take default mysql port $controllink = $GLOBALS['dbi']->connect($cfg['Server']['controluser'], $cfg['Server']['controlpass'], true, $server_details); } else { $controllink = $GLOBALS['dbi']->connect($cfg['Server']['controluser'], $cfg['Server']['controlpass'], true); } } // Connects to the server (validates user's login) /** @var DatabaseInterface $userlink */ $userlink = $GLOBALS['dbi']->connect($cfg['Server']['user'], $cfg['Server']['password'], false); // Set timestamp for the session, if required. if ($cfg['Server']['SessionTimeZone'] != '') { $sql_query_tz = 'SET ' . Util::backquote('time_zone') . ' = ' . '\'' . Util::sqlAddSlashes($cfg['Server']['SessionTimeZone']) . '\''; if (!$userlink->query($sql_query_tz)) { $error_message_tz = sprintf(__('Unable to use timezone %1$s for server %2$d. ' . 'Please check your configuration setting for ' . '[em]$cfg[\'Servers\'][%3$d][\'SessionTimeZone\'][/em]. ' . 'phpMyAdmin is currently using the default time zone ' . 'of the database server.'), $cfg['Servers'][$GLOBALS['server']]['SessionTimeZone'], $GLOBALS['server'], $GLOBALS['server']); $GLOBALS['error_handler']->addError($error_message_tz, E_USER_WARNING, '', '', false); } } if (!$controllink) { $controllink = $userlink; } $auth_plugin->storeUserCredentials(); /* Log success */ PMA_logUser($cfg['Server']['user']); if (PMA_MYSQL_INT_VERSION < $cfg['MysqlMinVersion']['internal']) { PMA_fatalError(__('You should upgrade to %s %s or later.'), array('MySQL', $cfg['MysqlMinVersion']['human'])); } /**
/** * returns details about the TRIGGERs for a specific table or database * * @param string $db db name * @param string $table table name * @param string $delimiter the delimiter to use (may be empty) * * @return array information about triggers (may be empty) */ public function getTriggers($db, $table = '', $delimiter = '//') { $result = array(); if (!$GLOBALS['cfg']['Server']['DisableIS']) { $query = 'SELECT TRIGGER_SCHEMA, TRIGGER_NAME, EVENT_MANIPULATION' . ', EVENT_OBJECT_TABLE, ACTION_TIMING, ACTION_STATEMENT' . ', EVENT_OBJECT_SCHEMA, EVENT_OBJECT_TABLE, DEFINER' . ' FROM information_schema.TRIGGERS' . ' WHERE EVENT_OBJECT_SCHEMA ' . Util::getCollateForIS() . '=' . ' \'' . Util::sqlAddSlashes($db) . '\''; if (!empty($table)) { $query .= " AND EVENT_OBJECT_TABLE " . Util::getCollateForIS() . " = '" . Util::sqlAddSlashes($table) . "';"; } } else { $query = "SHOW TRIGGERS FROM " . Util::backquote($db); if (!empty($table)) { $query .= " LIKE '" . Util::sqlAddSlashes($table, true) . "';"; } } if ($triggers = $this->fetchResult($query)) { foreach ($triggers as $trigger) { if ($GLOBALS['cfg']['Server']['DisableIS']) { $trigger['TRIGGER_NAME'] = $trigger['Trigger']; $trigger['ACTION_TIMING'] = $trigger['Timing']; $trigger['EVENT_MANIPULATION'] = $trigger['Event']; $trigger['EVENT_OBJECT_TABLE'] = $trigger['Table']; $trigger['ACTION_STATEMENT'] = $trigger['Statement']; $trigger['DEFINER'] = $trigger['Definer']; } $one_result = array(); $one_result['name'] = $trigger['TRIGGER_NAME']; $one_result['table'] = $trigger['EVENT_OBJECT_TABLE']; $one_result['action_timing'] = $trigger['ACTION_TIMING']; $one_result['event_manipulation'] = $trigger['EVENT_MANIPULATION']; $one_result['definition'] = $trigger['ACTION_STATEMENT']; $one_result['definer'] = $trigger['DEFINER']; // do not prepend the schema name; this way, importing the // definition into another schema will work $one_result['full_trigger_name'] = Util::backquote($trigger['TRIGGER_NAME']); $one_result['drop'] = 'DROP TRIGGER IF EXISTS ' . $one_result['full_trigger_name']; $one_result['create'] = 'CREATE TRIGGER ' . $one_result['full_trigger_name'] . ' ' . $trigger['ACTION_TIMING'] . ' ' . $trigger['EVENT_MANIPULATION'] . ' ON ' . Util::backquote($trigger['EVENT_OBJECT_TABLE']) . "\n" . ' FOR EACH ROW ' . $trigger['ACTION_STATEMENT'] . "\n" . $delimiter . "\n"; $result[] = $one_result; } } // Sort results by name $name = array(); foreach ($result as $value) { $name[] = $value['name']; } array_multisort($name, SORT_ASC, $result); return $result; }
/** * Displays the table structure ('show table' works correct since 3.23.03) * * @param array $cfgRelation current relation parameters * @param array $columns_with_unique_index Columns with unique index * @param mixed $url_params Contains an associative * array with url params * @param Index|false $primary_index primary index or false if * no one exists * @param array $fields Fields * @param array $columns_with_index Columns with index * @param array $create_table_fields Fields of the table. * * @return string */ protected function displayStructure($cfgRelation, $columns_with_unique_index, $url_params, $primary_index, $fields, $columns_with_index, $create_table_fields) { /* TABLE INFORMATION */ $HideStructureActions = ''; if ($GLOBALS['cfg']['HideStructureActions'] === true) { $HideStructureActions .= ' HideStructureActions'; } // prepare comments $comments_map = array(); $mime_map = array(); if ($GLOBALS['cfg']['ShowPropertyComments']) { include_once 'libraries/transformations.lib.php'; $comments_map = PMA_getComments($this->db, $this->table); if ($cfgRelation['mimework'] && $GLOBALS['cfg']['BrowseMIME']) { $mime_map = PMA_getMIME($this->db, $this->table, true); } } include_once 'libraries/central_columns.lib.php'; $central_list = PMA_getCentralColumnsFromTable($this->db, $this->table); $columns_list = array(); $titles = array('Change' => Util::getIcon('b_edit.png', __('Change')), 'Drop' => Util::getIcon('b_drop.png', __('Drop')), 'NoDrop' => Util::getIcon('b_drop.png', __('Drop')), 'Primary' => Util::getIcon('b_primary.png', __('Primary')), 'Index' => Util::getIcon('b_index.png', __('Index')), 'Unique' => Util::getIcon('b_unique.png', __('Unique')), 'Spatial' => Util::getIcon('b_spatial.png', __('Spatial')), 'IdxFulltext' => Util::getIcon('b_ftext.png', __('Fulltext')), 'NoPrimary' => Util::getIcon('bd_primary.png', __('Primary')), 'NoIndex' => Util::getIcon('bd_index.png', __('Index')), 'NoUnique' => Util::getIcon('bd_unique.png', __('Unique')), 'NoSpatial' => Util::getIcon('bd_spatial.png', __('Spatial')), 'NoIdxFulltext' => Util::getIcon('bd_ftext.png', __('Fulltext')), 'DistinctValues' => Util::getIcon('b_browse.png', __('Distinct values'))); /** * Work on the table */ if ($this->_tbl_is_view && !$this->_db_is_system_schema) { $item = $this->dbi->fetchSingleRow(sprintf("SELECT `VIEW_DEFINITION`, `CHECK_OPTION`, `DEFINER`,\n `SECURITY_TYPE`\n FROM `INFORMATION_SCHEMA`.`VIEWS`\n WHERE TABLE_SCHEMA='%s'\n AND TABLE_NAME='%s';", Util::sqlAddSlashes($this->db), Util::sqlAddSlashes($this->table))); $createView = $this->dbi->getTable($this->db, $this->table)->showCreate(); // get algorithm from $createView of the form // CREATE ALGORITHM=<ALGORITHM> DE... $parts = explode(" ", substr($createView, 17)); $item['ALGORITHM'] = $parts[0]; $view = array('operation' => 'alter', 'definer' => $item['DEFINER'], 'sql_security' => $item['SECURITY_TYPE'], 'name' => $this->table, 'as' => $item['VIEW_DEFINITION'], 'with' => $item['CHECK_OPTION'], 'algorithm' => $item['ALGORITHM']); $edit_view_url = 'view_create.php' . PMA_URL_getCommon($url_params) . '&' . implode('&', array_map(function ($key, $val) { return 'view[' . urlencode($key) . ']=' . urlencode($val); }, array_keys($view), $view)); } /** * Displays Space usage and row statistics */ // BEGIN - Calc Table Space // Get valid statistics whatever is the table type if ($GLOBALS['cfg']['ShowStats']) { //get table stats in HTML format $tablestats = $this->getTableStats(); //returning the response in JSON format to be used by Ajax $this->response->addJSON('tableStat', $tablestats); } // END - Calc Table Space return Template::get('table/structure/display_structure')->render(array('HideStructureActions' => $HideStructureActions, 'db' => $this->db, 'table' => $this->table, 'db_is_system_schema' => $this->_db_is_system_schema, 'tbl_is_view' => $this->_tbl_is_view, 'mime_map' => $mime_map, 'url_query' => $this->_url_query, 'titles' => $titles, 'tbl_storage_engine' => $this->_tbl_storage_engine, 'primary' => $primary_index, 'columns_with_unique_index' => $columns_with_unique_index, 'edit_view_url' => isset($edit_view_url) ? $edit_view_url : null, 'columns_list' => $columns_list, 'tablestats' => isset($tablestats) ? $tablestats : null, 'fields' => $fields, 'columns_with_index' => $columns_with_index, 'central_list' => $central_list, 'create_table_fields' => $create_table_fields, 'comments_map' => $comments_map)); }
/** * Get table alters array * * @param boolean $is_myisam_or_aria whether MYISAM | ARIA or not * @param boolean $is_isam whether ISAM or not * @param string $pack_keys pack keys * @param string $checksum value of checksum * @param boolean $is_aria whether ARIA or not * @param string $page_checksum value of page checksum * @param string $delay_key_write delay key write * @param boolean $is_innodb whether INNODB or not * @param boolean $is_pbxt whether PBXT or not * @param string $row_format row format * @param string $newTblStorageEngine table storage engine * @param string $transactional value of transactional * @param string $tbl_collation collation of the table * * @return array $table_alters */ function PMA_getTableAltersArray($is_myisam_or_aria, $is_isam, $pack_keys, $checksum, $is_aria, $page_checksum, $delay_key_write, $is_innodb, $is_pbxt, $row_format, $newTblStorageEngine, $transactional, $tbl_collation) { global $auto_increment; $table_alters = array(); if (isset($_REQUEST['comment']) && urldecode($_REQUEST['prev_comment']) !== $_REQUEST['comment']) { $table_alters[] = 'COMMENT = \'' . PMA\libraries\Util::sqlAddSlashes($_REQUEST['comment']) . '\''; } if (!empty($newTblStorageEngine) && mb_strtolower($newTblStorageEngine) !== mb_strtolower($GLOBALS['tbl_storage_engine'])) { $table_alters[] = 'ENGINE = ' . $newTblStorageEngine; } if (!empty($_REQUEST['tbl_collation']) && $_REQUEST['tbl_collation'] !== $tbl_collation) { $table_alters[] = 'DEFAULT ' . PMA_generateCharsetQueryPart($_REQUEST['tbl_collation']); } if (($is_myisam_or_aria || $is_isam) && isset($_REQUEST['new_pack_keys']) && $_REQUEST['new_pack_keys'] != (string) $pack_keys) { $table_alters[] = 'pack_keys = ' . $_REQUEST['new_pack_keys']; } $_REQUEST['new_checksum'] = empty($_REQUEST['new_checksum']) ? '0' : '1'; if ($is_myisam_or_aria && $_REQUEST['new_checksum'] !== $checksum) { $table_alters[] = 'checksum = ' . $_REQUEST['new_checksum']; } $_REQUEST['new_transactional'] = empty($_REQUEST['new_transactional']) ? '0' : '1'; if ($is_aria && $_REQUEST['new_transactional'] !== $transactional) { $table_alters[] = 'TRANSACTIONAL = ' . $_REQUEST['new_transactional']; } $_REQUEST['new_page_checksum'] = empty($_REQUEST['new_page_checksum']) ? '0' : '1'; if ($is_aria && $_REQUEST['new_page_checksum'] !== $page_checksum) { $table_alters[] = 'PAGE_CHECKSUM = ' . $_REQUEST['new_page_checksum']; } $_REQUEST['new_delay_key_write'] = empty($_REQUEST['new_delay_key_write']) ? '0' : '1'; if ($is_myisam_or_aria && $_REQUEST['new_delay_key_write'] !== $delay_key_write) { $table_alters[] = 'delay_key_write = ' . $_REQUEST['new_delay_key_write']; } if (($is_myisam_or_aria || $is_innodb || $is_pbxt) && !empty($_REQUEST['new_auto_increment']) && (!isset($auto_increment) || $_REQUEST['new_auto_increment'] !== $auto_increment)) { $table_alters[] = 'auto_increment = ' . PMA\libraries\Util::sqlAddSlashes($_REQUEST['new_auto_increment']); } if (!empty($_REQUEST['new_row_format'])) { $newRowFormat = $_REQUEST['new_row_format']; $newRowFormatLower = mb_strtolower($newRowFormat); if (($is_myisam_or_aria || $is_innodb || $is_pbxt) && (!mb_strlen($row_format) || $newRowFormatLower !== mb_strtolower($row_format))) { $table_alters[] = 'ROW_FORMAT = ' . PMA\libraries\Util::sqlAddSlashes($newRowFormat); } } return $table_alters; }
/** * Adjust the privileges after renaming/moving a table * * @param string $oldDb Database name before table renaming/moving table * @param string $oldTable Table name before table renaming/moving table * @param string $newDb Database name after table renaming/ moving table * @param string $newTable Table name after table renaming/moving table * * @return void */ function PMA_AdjustPrivileges_renameOrMoveTable($oldDb, $oldTable, $newDb, $newTable) { if ($GLOBALS['table_priv'] && $GLOBALS['col_priv'] && $GLOBALS['is_reload_priv']) { $GLOBALS['dbi']->selectDb('mysql'); // For table specific privileges $query_table_specific = 'UPDATE ' . Util::backquote('tables_priv') . 'SET Db = \'' . Util::sqlAddSlashes($newDb) . '\', Table_name = \'' . Util::sqlAddSlashes($newTable) . '\' where Db = \'' . Util::sqlAddSlashes($oldDb) . '\' AND Table_name = \'' . Util::sqlAddSlashes($oldTable) . '\';'; $GLOBALS['dbi']->query($query_table_specific); // For column specific privileges $query_col_specific = 'UPDATE ' . Util::backquote('columns_priv') . 'SET Db = \'' . Util::sqlAddSlashes($newDb) . '\', Table_name = \'' . Util::sqlAddSlashes($newTable) . '\' where Db = \'' . Util::sqlAddSlashes($oldDb) . '\' AND Table_name = \'' . Util::sqlAddSlashes($oldTable) . '\';'; $GLOBALS['dbi']->query($query_col_specific); // Finally FLUSH the new privileges $flush_query = "FLUSH PRIVILEGES;"; $GLOBALS['dbi']->query($flush_query); } }