/libraries/classes/Import.php
PHP | 1794 lines | 1196 code | 195 blank | 403 comment | 214 complexity | 6825622287c8fb418f9cb9c7b76ea654 MD5 | raw file
Possible License(s): GPL-2.0, MIT, LGPL-3.0
Large files files are truncated, but you can click here to view the full file
- <?php
- declare(strict_types=1);
- namespace PhpMyAdmin;
- use PhpMyAdmin\SqlParser\Parser;
- use PhpMyAdmin\SqlParser\Statements\DeleteStatement;
- use PhpMyAdmin\SqlParser\Statements\InsertStatement;
- use PhpMyAdmin\SqlParser\Statements\ReplaceStatement;
- use PhpMyAdmin\SqlParser\Statements\UpdateStatement;
- use PhpMyAdmin\SqlParser\Utils\Query;
- use function __;
- use function abs;
- use function count;
- use function explode;
- use function function_exists;
- use function htmlspecialchars;
- use function implode;
- use function is_array;
- use function is_numeric;
- use function max;
- use function mb_chr;
- use function mb_ord;
- use function mb_stripos;
- use function mb_strlen;
- use function mb_strpos;
- use function mb_strtoupper;
- use function mb_substr;
- use function mb_substr_count;
- use function preg_match;
- use function preg_replace;
- use function sprintf;
- use function str_contains;
- use function str_starts_with;
- use function strcmp;
- use function strlen;
- use function strpos;
- use function strtoupper;
- use function substr;
- use function time;
- use function trim;
- /**
- * Library that provides common import functions that are used by import plugins
- */
- class Import
- {
- /* MySQL type defs */
- public const NONE = 0;
- public const VARCHAR = 1;
- public const INT = 2;
- public const DECIMAL = 3;
- public const BIGINT = 4;
- public const GEOMETRY = 5;
- /* Decimal size defs */
- public const M = 0;
- public const D = 1;
- public const FULL = 2;
- /* Table array defs */
- public const TBL_NAME = 0;
- public const COL_NAMES = 1;
- public const ROWS = 2;
- /* Analysis array defs */
- public const TYPES = 0;
- public const SIZES = 1;
- public const FORMATTEDSQL = 2;
- public function __construct()
- {
- global $dbi;
- $GLOBALS['cfg']['Server']['DisableIS'] = false;
- $checkUserPrivileges = new CheckUserPrivileges($dbi);
- $checkUserPrivileges->getPrivileges();
- }
- /**
- * Checks whether timeout is getting close
- *
- * @access public
- */
- public function checkTimeout(): bool
- {
- global $timestamp, $maximum_time, $timeout_passed;
- if ($maximum_time == 0) {
- return false;
- }
- if ($timeout_passed) {
- return true;
- /* 5 in next row might be too much */
- }
- if (time() - $timestamp > $maximum_time - 5) {
- $timeout_passed = true;
- return true;
- }
- return false;
- }
- /**
- * Runs query inside import buffer. This is needed to allow displaying
- * of last SELECT, SHOW or HANDLER results and similar nice stuff.
- *
- * @param string $sql query to run
- * @param string $full query to display, this might be commented
- * @param array $sqlData SQL parse data storage
- *
- * @access public
- */
- public function executeQuery(string $sql, string $full, array &$sqlData): void
- {
- global $sql_query, $my_die, $error, $reload, $result, $msg, $cfg, $sql_query_disabled, $db, $dbi;
- $result = $dbi->tryQuery($sql);
- // USE query changes the database, son need to track
- // while running multiple queries
- $isUseQuery = mb_stripos($sql, 'use ') !== false;
- $msg = '# ';
- if ($result === false) { // execution failed
- if (! isset($my_die)) {
- $my_die = [];
- }
- $my_die[] = [
- 'sql' => $full,
- 'error' => $dbi->getError(),
- ];
- $msg .= __('Error');
- if (! $cfg['IgnoreMultiSubmitErrors']) {
- $error = true;
- return;
- }
- } else {
- $aNumRows = (int) @$dbi->numRows($result);
- $aAffectedRows = (int) @$dbi->affectedRows();
- if ($aNumRows > 0) {
- $msg .= __('Rows') . ': ' . $aNumRows;
- } elseif ($aAffectedRows > 0) {
- $message = Message::getMessageForAffectedRows($aAffectedRows);
- $msg .= $message->getMessage();
- } else {
- $msg .= __('MySQL returned an empty result set (i.e. zero rows).');
- }
- if (($aNumRows > 0) || $isUseQuery) {
- $sqlData['valid_sql'][] = $sql;
- if (! isset($sqlData['valid_queries'])) {
- $sqlData['valid_queries'] = 0;
- }
- $sqlData['valid_queries']++;
- }
- }
- if (! $sql_query_disabled) {
- $sql_query .= $msg . "\n";
- }
- // If a 'USE <db>' SQL-clause was found and the query
- // succeeded, set our current $db to the new one
- if ($result != false) {
- [$db, $reload] = $this->lookForUse($sql, $db, $reload);
- }
- $pattern = '@^[\s]*(DROP|CREATE)[\s]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@im';
- if ($result == false || ! preg_match($pattern, $sql)) {
- return;
- }
- $reload = true;
- }
- /**
- * Runs query inside import buffer. This is needed to allow displaying
- * of last SELECT, SHOW or HANDLER results and similar nice stuff.
- *
- * @param string $sql query to run
- * @param string $full query to display, this might be commented
- * @param array $sqlData SQL parse data storage
- *
- * @access public
- */
- public function runQuery(
- string $sql = '',
- string $full = '',
- array &$sqlData = []
- ): void {
- global $import_run_buffer, $go_sql, $complete_query, $display_query, $sql_query, $msg,
- $skip_queries, $executed_queries, $max_sql_len, $read_multiply, $sql_query_disabled, $run_query;
- $read_multiply = 1;
- if (! isset($import_run_buffer)) {
- // Do we have something to push into buffer?
- $import_run_buffer = $this->runQueryPost($import_run_buffer, $sql, $full);
- return;
- }
- // Should we skip something?
- if ($skip_queries > 0) {
- $skip_queries--;
- // Do we have something to push into buffer?
- $import_run_buffer = $this->runQueryPost($import_run_buffer, $sql, $full);
- return;
- }
- if (! empty($import_run_buffer['sql']) && trim($import_run_buffer['sql']) != '') {
- $max_sql_len = max(
- $max_sql_len,
- mb_strlen($import_run_buffer['sql'])
- );
- if (! $sql_query_disabled) {
- $sql_query .= $import_run_buffer['full'];
- }
- $executed_queries++;
- if ($run_query && $executed_queries < 50) {
- $go_sql = true;
- if (! $sql_query_disabled) {
- $complete_query = $sql_query;
- $display_query = $sql_query;
- } else {
- $complete_query = '';
- $display_query = '';
- }
- $sql_query = $import_run_buffer['sql'];
- $sqlData['valid_sql'][] = $import_run_buffer['sql'];
- $sqlData['valid_full'][] = $import_run_buffer['full'];
- if (! isset($sqlData['valid_queries'])) {
- $sqlData['valid_queries'] = 0;
- }
- $sqlData['valid_queries']++;
- } elseif ($run_query) {
- /* Handle rollback from go_sql */
- if ($go_sql && isset($sqlData['valid_full'])) {
- $queries = $sqlData['valid_sql'];
- $fulls = $sqlData['valid_full'];
- $count = $sqlData['valid_queries'];
- $go_sql = false;
- $sqlData['valid_sql'] = [];
- $sqlData['valid_queries'] = 0;
- unset($sqlData['valid_full']);
- for ($i = 0; $i < $count; $i++) {
- $this->executeQuery($queries[$i], $fulls[$i], $sqlData);
- }
- }
- $this->executeQuery($import_run_buffer['sql'], $import_run_buffer['full'], $sqlData);
- }
- } elseif (! empty($import_run_buffer['full'])) {
- if ($go_sql) {
- $complete_query .= $import_run_buffer['full'];
- $display_query .= $import_run_buffer['full'];
- } elseif (! $sql_query_disabled) {
- $sql_query .= $import_run_buffer['full'];
- }
- }
- // check length of query unless we decided to pass it to /sql
- // (if $run_query is false, we are just displaying so show
- // the complete query in the textarea)
- if (! $go_sql && $run_query && ! empty($sql_query)) {
- if (mb_strlen($sql_query) > 50000 || $executed_queries > 50 || $max_sql_len > 1000) {
- $sql_query = '';
- $sql_query_disabled = true;
- }
- }
- // Do we have something to push into buffer?
- $import_run_buffer = $this->runQueryPost($import_run_buffer, $sql, $full);
- // In case of ROLLBACK, notify the user.
- if (! isset($_POST['rollback_query'])) {
- return;
- }
- $msg .= __('[ROLLBACK occurred.]');
- }
- /**
- * Return import run buffer
- *
- * @param array $importRunBuffer Buffer of queries for import
- * @param string $sql SQL query
- * @param string $full Query to display
- *
- * @return array Buffer of queries for import
- */
- public function runQueryPost(
- ?array $importRunBuffer,
- string $sql,
- string $full
- ): ?array {
- if (! empty($sql) || ! empty($full)) {
- return [
- 'sql' => $sql . ';',
- 'full' => $full . ';',
- ];
- }
- unset($GLOBALS['import_run_buffer']);
- return $importRunBuffer;
- }
- /**
- * Looks for the presence of USE to possibly change current db
- *
- * @param string $buffer buffer to examine
- * @param string $db current db
- * @param bool $reload reload
- *
- * @return array (current or new db, whether to reload)
- *
- * @access public
- */
- public function lookForUse(?string $buffer, ?string $db, ?bool $reload): array
- {
- if (preg_match('@^[\s]*USE[[:space:]]+([\S]+)@i', (string) $buffer, $match)) {
- $db = trim($match[1]);
- $db = trim($db, ';'); // for example, USE abc;
- // $db must not contain the escape characters generated by backquote()
- // ( used in buildSql() as: backquote($db_name), and then called
- // in runQuery() which in turn calls lookForUse() )
- $db = Util::unQuote($db);
- $reload = true;
- }
- return [
- $db,
- $reload,
- ];
- }
- /**
- * Returns next part of imported file/buffer
- *
- * @param int $size size of buffer to read (this is maximal size function will return)
- *
- * @return string|bool part of file/buffer
- */
- public function getNextChunk(?File $importHandle = null, int $size = 32768)
- {
- global $charset_conversion, $charset_of_file, $read_multiply;
- // Add some progression while reading large amount of data
- if ($read_multiply <= 8) {
- $size *= $read_multiply;
- } else {
- $size *= 8;
- }
- $read_multiply++;
- // We can not read too much
- if ($size > $GLOBALS['read_limit']) {
- $size = $GLOBALS['read_limit'];
- }
- if ($this->checkTimeout()) {
- return false;
- }
- if ($GLOBALS['finished']) {
- return true;
- }
- if ($GLOBALS['import_file'] === 'none') {
- // Well this is not yet supported and tested,
- // but should return content of textarea
- if (mb_strlen($GLOBALS['import_text']) < $size) {
- $GLOBALS['finished'] = true;
- return $GLOBALS['import_text'];
- }
- $r = mb_substr($GLOBALS['import_text'], 0, $size);
- $GLOBALS['offset'] += $size;
- $GLOBALS['import_text'] = mb_substr($GLOBALS['import_text'], $size);
- return $r;
- }
- if ($importHandle === null) {
- return false;
- }
- $result = $importHandle->read($size);
- $GLOBALS['finished'] = $importHandle->eof();
- $GLOBALS['offset'] += $size;
- if ($charset_conversion) {
- return Encoding::convertString($charset_of_file, 'utf-8', $result);
- }
- /**
- * Skip possible byte order marks (I do not think we need more
- * charsets, but feel free to add more, you can use wikipedia for
- * reference: <https://en.wikipedia.org/wiki/Byte_Order_Mark>)
- *
- * @todo BOM could be used for charset autodetection
- */
- if ($GLOBALS['offset'] == $size) {
- $result = $this->skipByteOrderMarksFromContents($result);
- }
- return $result;
- }
- /**
- * Skip possible byte order marks (I do not think we need more
- * charsets, but feel free to add more, you can use wikipedia for
- * reference: <https://en.wikipedia.org/wiki/Byte_Order_Mark>)
- *
- * @param string $contents The contents to strip BOM
- *
- * @todo BOM could be used for charset autodetection
- */
- public function skipByteOrderMarksFromContents(string $contents): string
- {
- // Do not use mb_ functions they are sensible to mb_internal_encoding()
- // UTF-8
- if (str_starts_with($contents, "\xEF\xBB\xBF")) {
- return substr($contents, 3);
- // UTF-16 BE, LE
- }
- if (str_starts_with($contents, "\xFE\xFF") || str_starts_with($contents, "\xFF\xFE")) {
- return substr($contents, 2);
- }
- return $contents;
- }
- /**
- * Returns the "Excel" column name (i.e. 1 = "A", 26 = "Z", 27 = "AA", etc.)
- *
- * This functions uses recursion to build the Excel column name.
- *
- * The column number (1-26) is converted to the responding
- * ASCII character (A-Z) and returned.
- *
- * If the column number is bigger than 26 (= num of letters in alphabet),
- * an extra character needs to be added. To find this extra character,
- * the number is divided by 26 and this value is passed to another instance
- * of the same function (hence recursion). In that new instance the number is
- * evaluated again, and if it is still bigger than 26, it is divided again
- * and passed to another instance of the same function. This continues until
- * the number is smaller than 26. Then the last called function returns
- * the corresponding ASCII character to the function that called it.
- * Each time a called function ends an extra character is added to the column name.
- * When the first function is reached, the last character is added and the complete
- * column name is returned.
- *
- * @param int $num the column number
- *
- * @return string The column's "Excel" name
- *
- * @access public
- */
- public function getColumnAlphaName(int $num): string
- {
- $capitalA = 65; // ASCII value for capital "A"
- $colName = '';
- if ($num > 26) {
- $div = (int) ($num / 26);
- $remain = $num % 26;
- // subtract 1 of divided value in case the modulus is 0,
- // this is necessary because A-Z has no 'zero'
- if ($remain == 0) {
- $div--;
- }
- // recursive function call
- $colName = $this->getColumnAlphaName($div);
- // use modulus as new column number
- $num = $remain;
- }
- if ($num == 0) {
- // use 'Z' if column number is 0,
- // this is necessary because A-Z has no 'zero'
- $colName .= mb_chr($capitalA + 26 - 1);
- } else {
- // convert column number to ASCII character
- $colName .= mb_chr($capitalA + $num - 1);
- }
- return $colName;
- }
- /**
- * Returns the column number based on the Excel name.
- * So "A" = 1, "Z" = 26, "AA" = 27, etc.
- *
- * Basically this is a base26 (A-Z) to base10 (0-9) conversion.
- * It iterates through all characters in the column name and
- * calculates the corresponding value, based on character value
- * (A = 1, ..., Z = 26) and position in the string.
- *
- * @param string $name column name(i.e. "A", or "BC", etc.)
- *
- * @return int The column number
- *
- * @access public
- */
- public function getColumnNumberFromName(string $name): int
- {
- if (empty($name)) {
- return 0;
- }
- $name = mb_strtoupper($name);
- $numChars = mb_strlen($name);
- $columnNumber = 0;
- for ($i = 0; $i < $numChars; ++$i) {
- // read string from back to front
- $charPos = $numChars - 1 - $i;
- // convert capital character to ASCII value
- // and subtract 64 to get corresponding decimal value
- // ASCII value of "A" is 65, "B" is 66, etc.
- // Decimal equivalent of "A" is 1, "B" is 2, etc.
- $number = (int) (mb_ord($name[$charPos]) - 64);
- // base26 to base10 conversion : multiply each number
- // with corresponding value of the position, in this case
- // $i=0 : 1; $i=1 : 26; $i=2 : 676; ...
- $columnNumber += $number * 26 ** $i;
- }
- return (int) $columnNumber;
- }
- /**
- * Obtains the precision (total # of digits) from a size of type decimal
- *
- * @param string $lastCumulativeSize Size of type decimal
- *
- * @return int Precision of the given decimal size notation
- *
- * @access public
- */
- public function getDecimalPrecision(string $lastCumulativeSize): int
- {
- return (int) substr(
- $lastCumulativeSize,
- 0,
- (int) strpos($lastCumulativeSize, ',')
- );
- }
- /**
- * Obtains the scale (# of digits to the right of the decimal point)
- * from a size of type decimal
- *
- * @param string $lastCumulativeSize Size of type decimal
- *
- * @return int Scale of the given decimal size notation
- *
- * @access public
- */
- public function getDecimalScale(string $lastCumulativeSize): int
- {
- return (int) substr(
- $lastCumulativeSize,
- strpos($lastCumulativeSize, ',') + 1,
- strlen($lastCumulativeSize) - strpos($lastCumulativeSize, ',')
- );
- }
- /**
- * Obtains the decimal size of a given cell
- *
- * @param string $cell cell content
- *
- * @return array Contains the precision, scale, and full size
- * representation of the given decimal cell
- *
- * @access public
- */
- public function getDecimalSize(string $cell): array
- {
- $currSize = mb_strlen($cell);
- $decPos = mb_strpos($cell, '.');
- $decPrecision = $currSize - 1 - $decPos;
- $m = $currSize - 1;
- $d = $decPrecision;
- return [
- $m,
- $d,
- $m . ',' . $d,
- ];
- }
- /**
- * Obtains the size of the given cell
- *
- * @param string|int $lastCumulativeSize Last cumulative column size
- * @param int|null $lastCumulativeType Last cumulative column type (NONE or VARCHAR or DECIMAL or INT or BIGINT)
- * @param int $currentCellType Type of the current cell (NONE or VARCHAR or DECIMAL or INT or BIGINT)
- * @param string $cell The current cell
- *
- * @return string|int Size of the given cell in the type-appropriate format
- *
- * @access public
- * @todo Handle the error cases more elegantly
- */
- public function detectSize(
- $lastCumulativeSize,
- ?int $lastCumulativeType,
- int $currentCellType,
- string $cell
- ) {
- $currSize = mb_strlen($cell);
- /**
- * If the cell is NULL, don't treat it as a varchar
- */
- if (! strcmp('NULL', $cell)) {
- return $lastCumulativeSize;
- }
- if ($currentCellType == self::VARCHAR) {
- /**
- * What to do if the current cell is of type VARCHAR
- */
- /**
- * The last cumulative type was VARCHAR
- */
- if ($lastCumulativeType == self::VARCHAR) {
- if ($currSize >= $lastCumulativeSize) {
- return $currSize;
- }
- return $lastCumulativeSize;
- }
- if ($lastCumulativeType == self::DECIMAL) {
- /**
- * The last cumulative type was DECIMAL
- */
- $oldM = $this->getDecimalPrecision($lastCumulativeSize);
- if ($currSize >= $oldM) {
- return $currSize;
- }
- return $oldM;
- }
- if ($lastCumulativeType == self::BIGINT || $lastCumulativeType == self::INT) {
- /**
- * The last cumulative type was BIGINT or INT
- */
- if ($currSize >= $lastCumulativeSize) {
- return $currSize;
- }
- return $lastCumulativeSize;
- }
- if (! isset($lastCumulativeType) || $lastCumulativeType == self::NONE) {
- /**
- * This is the first row to be analyzed
- */
- return $currSize;
- }
- /**
- * An error has DEFINITELY occurred
- */
- /**
- * TODO: Handle this MUCH more elegantly
- */
- return -1;
- }
- if ($currentCellType == self::DECIMAL) {
- /**
- * What to do if the current cell is of type DECIMAL
- */
- /**
- * The last cumulative type was VARCHAR
- */
- if ($lastCumulativeType == self::VARCHAR) {
- /* Convert $last_cumulative_size from varchar to decimal format */
- $size = $this->getDecimalSize($cell);
- if ($size[self::M] >= $lastCumulativeSize) {
- return $size[self::M];
- }
- return $lastCumulativeSize;
- }
- if ($lastCumulativeType == self::DECIMAL) {
- /**
- * The last cumulative type was DECIMAL
- */
- $size = $this->getDecimalSize($cell);
- $oldM = $this->getDecimalPrecision($lastCumulativeSize);
- $oldD = $this->getDecimalScale($lastCumulativeSize);
- /* New val if M or D is greater than current largest */
- if ($size[self::M] > $oldM || $size[self::D] > $oldD) {
- /* Take the largest of both types */
- return (string) (($size[self::M] > $oldM ? $size[self::M] : $oldM)
- . ',' . ($size[self::D] > $oldD ? $size[self::D] : $oldD));
- }
- return $lastCumulativeSize;
- }
- if ($lastCumulativeType == self::BIGINT || $lastCumulativeType == self::INT) {
- /**
- * The last cumulative type was BIGINT or INT
- */
- /* Convert $last_cumulative_size from int to decimal format */
- $size = $this->getDecimalSize($cell);
- if ($size[self::M] >= $lastCumulativeSize) {
- return $size[self::FULL];
- }
- return $lastCumulativeSize . ',' . $size[self::D];
- }
- if (! isset($lastCumulativeType) || $lastCumulativeType == self::NONE) {
- /**
- * This is the first row to be analyzed
- */
- /* First row of the column */
- $size = $this->getDecimalSize($cell);
- return $size[self::FULL];
- }
- /**
- * An error has DEFINITELY occurred
- */
- /**
- * TODO: Handle this MUCH more elegantly
- */
- return -1;
- }
- if ($currentCellType == self::BIGINT || $currentCellType == self::INT) {
- /**
- * What to do if the current cell is of type BIGINT or INT
- */
- /**
- * The last cumulative type was VARCHAR
- */
- if ($lastCumulativeType == self::VARCHAR) {
- if ($currSize >= $lastCumulativeSize) {
- return $currSize;
- }
- return $lastCumulativeSize;
- }
- if ($lastCumulativeType == self::DECIMAL) {
- /**
- * The last cumulative type was DECIMAL
- */
- $oldM = $this->getDecimalPrecision($lastCumulativeSize);
- $oldD = $this->getDecimalScale($lastCumulativeSize);
- $oldInt = $oldM - $oldD;
- $newInt = mb_strlen((string) $cell);
- /* See which has the larger integer length */
- if ($oldInt >= $newInt) {
- /* Use old decimal size */
- return $lastCumulativeSize;
- }
- /* Use $newInt + $oldD as new M */
- return ($newInt + $oldD) . ',' . $oldD;
- }
- if ($lastCumulativeType == self::BIGINT || $lastCumulativeType == self::INT) {
- /**
- * The last cumulative type was BIGINT or INT
- */
- if ($currSize >= $lastCumulativeSize) {
- return $currSize;
- }
- return $lastCumulativeSize;
- }
- if (! isset($lastCumulativeType) || $lastCumulativeType == self::NONE) {
- /**
- * This is the first row to be analyzed
- */
- return $currSize;
- }
- /**
- * An error has DEFINITELY occurred
- */
- /**
- * TODO: Handle this MUCH more elegantly
- */
- return -1;
- }
- /**
- * An error has DEFINITELY occurred
- */
- /**
- * TODO: Handle this MUCH more elegantly
- */
- return -1;
- }
- /**
- * Determines what MySQL type a cell is
- *
- * @param int $lastCumulativeType Last cumulative column type
- * (VARCHAR or INT or BIGINT or DECIMAL or NONE)
- * @param string|null $cell String representation of the cell for which
- * a best-fit type is to be determined
- *
- * @return int The MySQL type representation
- * (VARCHAR or INT or BIGINT or DECIMAL or NONE)
- *
- * @access public
- */
- public function detectType(?int $lastCumulativeType, ?string $cell): int
- {
- /**
- * If numeric, determine if decimal, int or bigint
- * Else, we call it varchar for simplicity
- */
- if (! strcmp('NULL', (string) $cell)) {
- if ($lastCumulativeType === null || $lastCumulativeType == self::NONE) {
- return self::NONE;
- }
- return $lastCumulativeType;
- }
- if (! is_numeric($cell)) {
- return self::VARCHAR;
- }
- if (
- $cell == (string) (float) $cell
- && str_contains((string) $cell, '.')
- && mb_substr_count((string) $cell, '.') === 1
- ) {
- return self::DECIMAL;
- }
- if (abs((int) $cell) > 2147483647) {
- return self::BIGINT;
- }
- if ($cell !== (string) (int) $cell) {
- return self::VARCHAR;
- }
- return self::INT;
- }
- /**
- * Determines if the column types are int, decimal, or string
- *
- * @link https://wiki.phpmyadmin.net/pma/Import
- *
- * @param array $table array(string $table_name, array $col_names, array $rows)
- *
- * @return array|bool array(array $types, array $sizes)
- *
- * @access public
- * @todo Handle the error case more elegantly
- */
- public function analyzeTable(array &$table)
- {
- /* Get number of rows in table */
- $numRows = count($table[self::ROWS]);
- /* Get number of columns */
- $numCols = count($table[self::COL_NAMES]);
- /* Current type for each column */
- $types = [];
- $sizes = [];
- /* Initialize $sizes to all 0's */
- for ($i = 0; $i < $numCols; ++$i) {
- $sizes[$i] = 0;
- }
- /* Initialize $types to NONE */
- for ($i = 0; $i < $numCols; ++$i) {
- $types[$i] = self::NONE;
- }
- /* If the passed array is not of the correct form, do not process it */
- if (
- ! is_array($table)
- || is_array($table[self::TBL_NAME])
- || ! is_array($table[self::COL_NAMES])
- || ! is_array($table[self::ROWS])
- ) {
- /**
- * TODO: Handle this better
- */
- return false;
- }
- /* Analyze each column */
- for ($i = 0; $i < $numCols; ++$i) {
- /* Analyze the column in each row */
- for ($j = 0; $j < $numRows; ++$j) {
- $cellValue = $table[self::ROWS][$j][$i];
- /* Determine type of the current cell */
- $currType = $this->detectType($types[$i], $cellValue === null ? null : (string) $cellValue);
- /* Determine size of the current cell */
- $sizes[$i] = $this->detectSize($sizes[$i], $types[$i], $currType, (string) $cellValue);
- /**
- * If a type for this column has already been declared,
- * only alter it if it was a number and a varchar was found
- */
- if ($currType == self::NONE) {
- continue;
- }
- if ($currType == self::VARCHAR) {
- $types[$i] = self::VARCHAR;
- } elseif ($currType == self::DECIMAL) {
- if ($types[$i] != self::VARCHAR) {
- $types[$i] = self::DECIMAL;
- }
- } elseif ($currType == self::BIGINT) {
- if ($types[$i] != self::VARCHAR && $types[$i] != self::DECIMAL) {
- $types[$i] = self::BIGINT;
- }
- } elseif ($currType == self::INT) {
- if ($types[$i] != self::VARCHAR && $types[$i] != self::DECIMAL && $types[$i] != self::BIGINT) {
- $types[$i] = self::INT;
- }
- }
- }
- }
- /* Check to ensure that all types are valid */
- $len = count($types);
- for ($n = 0; $n < $len; ++$n) {
- if (strcmp((string) self::NONE, (string) $types[$n])) {
- continue;
- }
- $types[$n] = self::VARCHAR;
- $sizes[$n] = '10';
- }
- return [
- $types,
- $sizes,
- ];
- }
- /**
- * Builds and executes SQL statements to create the database and tables
- * as necessary, as well as insert all the data.
- *
- * @link https://wiki.phpmyadmin.net/pma/Import
- *
- * @param string $dbName Name of the database
- * @param array $tables Array of tables for the specified database
- * @param array|null $analyses Analyses of the tables
- * @param array|null $additionalSql Additional SQL statements to be executed
- * @param array|null $options Associative array of options
- * @param array $sqlData 2-element array with sql data
- *
- * @access public
- */
- public function buildSql(
- string $dbName,
- array &$tables,
- ?array &$analyses = null,
- ?array &$additionalSql = null,
- ?array $options = null,
- array &$sqlData = []
- ): void {
- global $import_notice, $dbi;
- /* Needed to quell the beast that is Message */
- $import_notice = null;
- /* Take care of the options */
- if (isset($options['db_collation']) && $options['db_collation'] !== null) {
- $collation = $options['db_collation'];
- } else {
- $collation = 'utf8_general_ci';
- }
- if (isset($options['db_charset']) && $options['db_charset'] !== null) {
- $charset = $options['db_charset'];
- } else {
- $charset = 'utf8';
- }
- if (isset($options['create_db'])) {
- $createDb = $options['create_db'];
- } else {
- $createDb = true;
- }
- /**
- * Create SQL code to handle the database
- *
- * @var array<int,string> $sql
- */
- $sql = [];
- if ($createDb) {
- $sql[] = 'CREATE DATABASE IF NOT EXISTS ' . Util::backquote($dbName)
- . ' DEFAULT CHARACTER SET ' . $charset . ' COLLATE ' . $collation
- . ';';
- }
- /**
- * The calling plug-in should include this statement,
- * if necessary, in the $additional_sql parameter
- *
- * $sql[] = "USE " . backquote($db_name);
- */
- /* Execute the SQL statements create above */
- $sqlLength = count($sql);
- for ($i = 0; $i < $sqlLength; ++$i) {
- $this->runQuery($sql[$i], $sql[$i], $sqlData);
- }
- /* No longer needed */
- unset($sql);
- /* Run the $additional_sql statements supplied by the caller plug-in */
- if ($additionalSql != null) {
- /* Clean the SQL first */
- $additionalSqlLength = count($additionalSql);
- /**
- * Only match tables for now, because CREATE IF NOT EXISTS
- * syntax is lacking or nonexisting for views, triggers,
- * functions, and procedures.
- *
- * See: https://bugs.mysql.com/bug.php?id=15287
- *
- * To the best of my knowledge this is still an issue.
- *
- * $pattern = 'CREATE (TABLE|VIEW|TRIGGER|FUNCTION|PROCEDURE)';
- */
- $pattern = '/CREATE [^`]*(TABLE)/';
- $replacement = 'CREATE \\1 IF NOT EXISTS';
- /* Change CREATE statements to CREATE IF NOT EXISTS to support
- * inserting into existing structures
- */
- for ($i = 0; $i < $additionalSqlLength; ++$i) {
- $additionalSql[$i] = preg_replace($pattern, $replacement, $additionalSql[$i]);
- /* Execute the resulting statements */
- $this->runQuery($additionalSql[$i], $additionalSql[$i], $sqlData);
- }
- }
- if ($analyses != null) {
- $typeArray = [
- self::NONE => 'NULL',
- self::VARCHAR => 'varchar',
- self::INT => 'int',
- self::DECIMAL => 'decimal',
- self::BIGINT => 'bigint',
- self::GEOMETRY => 'geometry',
- ];
- /* TODO: Do more checking here to make sure they really are matched */
- if (count($tables) != count($analyses)) {
- exit;
- }
- /* Create SQL code to create the tables */
- $numTables = count($tables);
- for ($i = 0; $i < $numTables; ++$i) {
- $numCols = count($tables[$i][self::COL_NAMES]);
- $tempSQLStr = 'CREATE TABLE IF NOT EXISTS '
- . Util::backquote($dbName)
- . '.' . Util::backquote($tables[$i][self::TBL_NAME]) . ' (';
- for ($j = 0; $j < $numCols; ++$j) {
- $size = $analyses[$i][self::SIZES][$j];
- if ((int) $size == 0) {
- $size = 10;
- }
- $tempSQLStr .= Util::backquote($tables[$i][self::COL_NAMES][$j]) . ' '
- . $typeArray[$analyses[$i][self::TYPES][$j]];
- if ($analyses[$i][self::TYPES][$j] != self::GEOMETRY) {
- $tempSQLStr .= '(' . $size . ')';
- }
- if ($j == count($tables[$i][self::COL_NAMES]) - 1) {
- continue;
- }
- $tempSQLStr .= ', ';
- }
- $tempSQLStr .= ') DEFAULT CHARACTER SET ' . $charset
- . ' COLLATE ' . $collation . ';';
- /**
- * Each SQL statement is executed immediately
- * after it is formed so that we don't have
- * to store them in a (possibly large) buffer
- */
- $this->runQuery($tempSQLStr, $tempSQLStr, $sqlData);
- }
- }
- /**
- * Create the SQL statements to insert all the data
- *
- * Only one insert query is formed for each table
- */
- $tempSQLStr = '';
- $colCount = 0;
- $numTables = count($tables);
- for ($i = 0; $i < $numTables; ++$i) {
- $numCols = count($tables[$i][self::COL_NAMES]);
- $numRows = count($tables[$i][self::ROWS]);
- $tempSQLStr = 'INSERT INTO ' . Util::backquote($dbName) . '.'
- . Util::backquote($tables[$i][self::TBL_NAME]) . ' (';
- for ($m = 0; $m < $numCols; ++$m) {
- $tempSQLStr .= Util::backquote($tables[$i][self::COL_NAMES][$m]);
- if ($m == $numCols - 1) {
- continue;
- }
- $tempSQLStr .= ', ';
- }
- $tempSQLStr .= ') VALUES ';
- for ($j = 0; $j < $numRows; ++$j) {
- $tempSQLStr .= '(';
- for ($k = 0; $k < $numCols; ++$k) {
- // If fully formatted SQL, no need to enclose
- // with apostrophes, add slashes etc.
- if (
- $analyses != null
- && isset($analyses[$i][self::FORMATTEDSQL][$colCount])
- && $analyses[$i][self::FORMATTEDSQL][$colCount] == true
- ) {
- $tempSQLStr .= (string) $tables[$i][self::ROWS][$j][$k];
- } else {
- if ($analyses != null) {
- $isVarchar = ($analyses[$i][self::TYPES][$colCount] === self::VARCHAR);
- } else {
- $isVarchar = ! is_numeric($tables[$i][self::ROWS][$j][$k]);
- }
- /* Don't put quotes around NULL fields */
- if (! strcmp((string) $tables[$i][self::ROWS][$j][$k], 'NULL')) {
- $isVarchar = false;
- }
- $tempSQLStr .= $isVarchar ? "'" : '';
- $tempSQLStr .= $dbi->escapeString((string) $tables[$i][self::ROWS][$j][$k]);
- $tempSQLStr .= $isVarchar ? "'" : '';
- }
- if ($k != $numCols - 1) {
- $tempSQLStr .= ', ';
- }
- if ($colCount == $numCols - 1) {
- $colCount = 0;
- } else {
- $colCount++;
- }
- /* Delete the cell after we are done with it */
- unset($tables[$i][self::ROWS][$j][$k]);
- }
- $tempSQLStr .= ')';
- if ($j != $numRows - 1) {
- $tempSQLStr .= ",\n ";
- }
- $colCount = 0;
- /* Delete the row after we are done with it */
- unset($tables[$i][self::ROWS][$j]);
- }
- $tempSQLStr .= ';';
- /**
- * Each SQL statement is executed immediately
- * after it is formed so that we don't have
- * to store them in a (possibly large) buffer
- */
- $this->runQuery($tempSQLStr, $tempSQLStr, $sqlData);
- }
- /* No longer needed */
- unset($tempSQLStr);
- /**
- * A work in progress
- */
- /**
- * Add the viewable structures from $additional_sql
- * to $tables so they are also displayed
- */
- $viewPattern = '@VIEW `[^`]+`\.`([^`]+)@';
- $tablePattern = '@CREATE TABLE IF NOT EXISTS `([^`]+)`@';
- /* Check a third pattern to make sure its not a "USE `db_name`;" statement */
- $regs = [];
- $inTables = false;
- $additionalSqlLength = $additionalSql === null ? 0 : count($additionalSql);
- for ($i = 0; $i < $additionalSqlLength; ++$i) {
- preg_match($viewPattern, $additionalSql[$i], $regs);
- if (count($regs) === 0) {
- preg_match($tablePattern, $additionalSql[$i], $regs);
- }
- if (count($regs)) {
- for ($n = 0; $n < $numTables; ++$n) {
- if (! strcmp($regs[1], $tables[$n][self::TBL_NAME])) {
- $inTables = true;
- break;
- }
- }
- if (! $inTables) {
- $tables[] = [self::TBL_NAME => $regs[1]];
- }
- }
- /* Reset the array */
- $regs = [];
- $inTables = false;
- }
- $params = ['db' => $dbName];
- $dbUrl = Url::getFromRoute('/database/structure', $params);
- $dbOperationsUrl = Url::getFromRoute('/database/operations', $params);
- $message = '<br><br>';
- $message .= '<strong>' . __(
- 'The following structures have either been created or altered. Here you can:'
- ) . '</strong><br>';
- $message .= '<ul><li>' . __("View a structure's contents by clicking on its name.") . '</li>';
- $message .= '<li>' . __('Change any of its settings by clicking the corresponding "Options" link.') . '</li>';
- $message .= '<li>' . __('Edit structure by following the "Structure" link.')
- . '</li>';
- $message .= sprintf(
- '<br><li><a href="%s" title="%s">%s</a> (<a href="%s" title="%s">'
- . __('Options') . '</a>)</li>',
- $dbUrl,
- sprintf(
- __('Go to database: %s'),
- htmlspecialchars(Util::backquote($dbName))
- ),
- htmlspecialchars($dbName),
- $dbOperationsUrl,
- sprintf(
- __('Edit settings for %s'),
- htmlspecialchars(Util::backquote($dbName))
- )
- );
- $message .= '<ul>';
- unset($params);
- foreach ($tables as $table) {
- $params = [
- 'db' => $dbName,
- 'table' => (string) $table[self::TBL_NAME],
- ];
- $tblUrl = Url::getFromRoute('/sql', $params);
- $tblStructUrl = Url::getFromRoute('/table/structure', $params);
- $tblOpsUrl = Url::getFromRoute('/table/operations', $params);
- unset($params);
- $tableObj = new Table($table[self::TBL_NAME], $dbName);
- if (! $tableObj->isView()) {
- $message .= sprintf(
- '<li><a href="%s" title="%s">%s</a> (<a href="%s" title="%s">' . __(
- 'Structure'
- ) . '</a>) (<a href="%s" title="%s">' . __('Options') . '</a>)</li>',
- $tblUrl,
- sprintf(
- __('Go to table: %s'),
- htmlspecialchars(
- Util::backquote($table[self::TBL_NAME])
- )
- ),
- htmlspecialchars($table[self::TBL_NAME]),
- $tblStructUrl,
- sprintf(
- __('Structure of %s'),
- htmlspecialchars(
- Util::backquote($table[self::TBL_NAME])
- )
- ),
- $tblOpsUrl,
- sprintf(
- __('Edit settings for %s'),
- htmlspecialchars(
- Util::backquote($table[self::TBL_NAME])
- )
- )
- );
- } else {
- $message .= sprintf(
- '<li><a href="%s" title="%s">%s</a></li>',
- $tblUrl,
- sprintf(
- __('Go to view: %s'),
- htmlspecialchars(
- Util::backquote($table[self::TBL_NAME])
- )
- ),
- htmlspecialchars($table[self::TBL_NAME])
- );
- }
- }
- $message .= '</ul></ul>';
- $import_notice = $message;
- }
- /**
- * Handles request for Simulation of UPDATE/DELETE queries.
- */
- public function handleSimulateDmlRequest(): void
- {
- global $dbi;
- $response = ResponseRenderer::getInstance();
- $error = false;
- $errorMsg = __('Only single-table UPDATE and DELETE queries can be simulated.');
- $sqlDelimiter = $_POST['sql_delimiter'];
- $sqlData = [];
- $queries = explode($sqlDelimiter, $GLOBALS['sql_query']);
- foreach ($queries as $sqlQuery) {
- if (empty($sqlQuery)) {
- continue;
- }
- // Parsing the query.
- $parser = new Parser($sqlQuery);
- if (empty($parser->statements[0])) {
- continue;
- }
- $statement = $parser->statements[0];
- $analyzedSqlResults = [
- 'query' => $sqlQuery,
- 'parser' => $parser,
- 'statement' => $statement,
- ];
- if (
- ! ($statement instanceof UpdateStatement
- || $statement instanceof DeleteStatement)
- || ! empty($statement->join)
- ) {
- $error = $errorMsg;
- break;
- }
- $tables = Query::getTables($statement);
- if (count($tables) > 1) {
- $error = $errorMsg;
- break;
- }
- // Get the matched rows for the query.
- $result = $this->getMatchedRows($analyzedSqlResults);
- $error = $dbi->getError();
- if ($error !== false) {
- break;
- }
- $sqlData[] = $result;
- }
- if ($error) {
- $message = Message::rawError($error);
- $response->addJSON('message', $message);
- $response->addJSON('sql_data', false);
- } else {
- $response->addJSON('sql_data', $sqlData);
- }
- }
- /**
- * Find the matching rows for UPDATE/DELETE query.
- *
- * @param array $analyzedSqlResults Analyzed SQL results from parser.
- *
- * @return array
- */
- public function getMatchedRows(array $analyzedSqlResults = []): array
- {
- $statement = $analyzedSqlResults['statement'];
- $matchedRowQuery = '';
- if ($statement instanceof DeleteStatement) {
- $matchedRowQuery = $this->getSimulatedDeleteQuery($analyzedSqlResults);
- } elseif ($statement instanceof UpdateStatement) {
- $matchedRowQuery = $this->getSimulatedUpdateQuery($analyzedSqlResults);
- }
- // Execute the query and get the number of matched rows.
- $matchedRows = $this->executeMatchedRowQuery($matchedRowQuery);
- // URL to matched rows.
- $urlParams = [
- 'db' => $GLOBALS['db'],
- 'sql_query' => $matchedRowQuery,
- ];
- $matchedRowsUrl = Url::getFromRoute('/sql', $urlParams);
- return [
- 'sql_query' => Html\Generator::formatSql($analyzedSqlResults['query']),
- 'matched_rows' => $matchedRows,
- 'matched_rows_url' => $matchedRowsUrl,
- ];
- }
- /**
- * Transforms a UPDATE query into SELECT statement.
- *
- * @param array $analyzedSqlResults Analyzed SQL results from parser.
- *
- * @return string SQL query
- */
- public function getSimulatedUpdateQuery(array $analyzedSqlResults): string
- {
- $tableReferences = Query::getTables($analyzedSqlResults['statement']);
- $where = Query::getClause($analyzedSqlResults['statement'], $analyzedSqlResults['parser']->list, 'WHERE');
- if (empty($where)) {
- $where = '1';
- }
- $columns = [];
- $diff = [];
- foreach ($analyzedSqlResults['statement']->set as $set) {
- $columns[] = $set->column;
- $notEqualOperator = ' <> ';
- if (strtoupper($set->value) === 'NULL') {
- $notEqualOperator = ' IS NOT ';
- }
- $diff[] = $set->column . $notEqualOperator . $set->value;
- }
- if (! empty($diff)) {
- $where .= ' AND (' . implode(' OR ', $diff) . ')';
- }
- $orderAndLimit = '';
- if (! empty($analyzedSqlResults['statement']->order)) {
- $orderAndLimit .= ' ORDER BY ' . Query::getClause(
- $analyzedSqlResults['statement'],
- $analyzedSqlResults['parser']->list,
- 'ORDER BY'
- );
- }
- if (! empty($analyzedSqlResults['statement']->limit)) {
- $orderAndLimit .= ' LIMIT ' . Query::getClause(
- $analyzedSqlResults['sta…
Large files files are truncated, but you can click here to view the full file