PageRenderTime 3ms CodeModel.GetById 4ms app.highlight 14ms RepoModel.GetById 1ms app.codeStats 0ms

/var/www/vhcs2/tools/pma/tbl_replace.php

https://bitbucket.org/wmark/gentoo_vhcs_mods
PHP | 275 lines | 203 code | 31 blank | 41 comment | 76 complexity | f0f87b284b637479713fcc485f80507e MD5 | raw file
  1<?php
  2/* $Id: tbl_replace.php,v 2.27 2004/12/28 16:34:44 nijel Exp $ */
  3// vim: expandtab sw=4 ts=4 sts=4:
  4
  5
  6/**
  7 * Gets some core libraries
  8 */
  9require_once('./libraries/grab_globals.lib.php');
 10require_once('./libraries/common.lib.php');
 11
 12// Check parameters
 13PMA_checkParameters(array('db','table','goto'));
 14
 15PMA_DBI_select_db($db);
 16
 17/**
 18 * Initializes some variables
 19 */
 20// Defines the url to return in case of success of the query
 21if (isset($sql_query)) {
 22    $sql_query = urldecode($sql_query);
 23}
 24if (!isset($dontlimitchars)) {
 25    $dontlimitchars = 0;
 26}
 27$is_gotofile = FALSE;
 28if (isset($after_insert) && $after_insert == 'new_insert') {
 29    $goto = 'tbl_change.php?'
 30          . PMA_generate_common_url($db, $table, '&')
 31          . '&goto=' . urlencode($goto)
 32          . '&pos=' . $pos
 33          . '&session_max_rows=' . $session_max_rows
 34          . '&disp_direction=' . $disp_direction
 35          . '&repeat_cells=' . $repeat_cells
 36          . '&dontlimitchars=' . $dontlimitchars
 37          . (empty($sql_query) ? '' : '&sql_query=' . urlencode($sql_query));
 38} elseif (isset($after_insert) && $after_insert == 'same_insert') {
 39    $goto = 'tbl_change.php?'
 40          . PMA_generate_common_url($db, $table, '&')
 41          . '&goto=' . urlencode($goto)
 42          . '&pos=' . $pos
 43          . '&session_max_rows=' . $session_max_rows
 44          . '&disp_direction=' . $disp_direction
 45          . '&repeat_cells=' . $repeat_cells
 46          . '&dontlimitchars=' . $dontlimitchars
 47          . (empty($sql_query) ? '' : '&sql_query=' . urlencode($sql_query));
 48    if (isset($primary_key)) {
 49        foreach ($primary_key AS $pk) {
 50            $goto .= '&primary_key[]=' . $pk;
 51        }
 52    }
 53} elseif (isset($after_insert) && $after_insert == 'edit_next') {
 54    $goto = 'tbl_change.php?'
 55          . PMA_generate_common_url($db, $table, '&')
 56          . '&goto=' . urlencode($goto)
 57          . '&pos=' . $pos
 58          . '&session_max_rows=' . $session_max_rows
 59          . '&disp_direction=' . $disp_direction
 60          . '&repeat_cells=' . $repeat_cells
 61          . '&dontlimitchars=' . $dontlimitchars
 62          . (empty($sql_query) ? '' : '&sql_query=' . urlencode($sql_query));
 63    if (isset($primary_key)) {
 64        foreach ($primary_key AS $pk) {
 65            $local_query    = 'SELECT * FROM ' . PMA_backquote($table) . ' WHERE ' . str_replace('` =', '` >', urldecode($pk)) . ' LIMIT 1;';
 66            $res            = PMA_DBI_query($local_query);
 67            $row            = PMA_DBI_fetch_row($res);
 68            $meta           = PMA_DBI_get_fields_meta($res);
 69            $goto .= '&primary_key[]=' . urlencode(PMA_getUvaCondition($res, count($row), $meta, $row));
 70        }
 71    }
 72} else if ($goto == 'sql.php') {
 73    $goto = 'sql.php?'
 74          . PMA_generate_common_url($db, $table, '&')
 75          . '&pos=' . $pos
 76          . '&session_max_rows=' . $session_max_rows
 77          . '&disp_direction=' . $disp_direction
 78          . '&repeat_cells=' . $repeat_cells
 79          . '&dontlimitchars=' . $dontlimitchars
 80          . '&sql_query=' . urlencode($sql_query);
 81} else if (!empty($goto)) {
 82    // Security checkings
 83    $is_gotofile     = preg_replace('@^([^?]+).*$@', '\\1', $goto);
 84    if (!@file_exists('./' . $is_gotofile)) {
 85        $goto        = (empty($table)) ? 'db_details.php' : 'tbl_properties.php';
 86        $is_gotofile = TRUE;
 87    } else {
 88        $is_gotofile = ($is_gotofile == $goto);
 89    }
 90}
 91
 92// Defines the url to return in case of failure of the query
 93if (isset($err_url)) {
 94    $err_url = urldecode($err_url);
 95} else {
 96    $err_url = str_replace('&', '&amp;', $goto)
 97             . (empty($primary_key) ? '' : '&amp;primary_key=' . (is_array($primary_key) ? $primary_key[0] : $primary_key));
 98}
 99
100// Misc
101$seen_binary = FALSE;
102
103/**
104 * Prepares the update/insert of a row
105 */
106if (isset($primary_key)) {
107    // we were editing something => use primary key
108    $loop_array = (is_array($primary_key) ? $primary_key : array(0 => $primary_key));
109    $using_key  = TRUE;
110    $is_insert  = ($submit_type == $strInsertAsNewRow);
111} else {
112    // new row => use indexes
113    $loop_array = array();
114    for ($i = 0; $i < $cfg['InsertRows']; $i++) $loop_array[$i] = $i;
115    $using_key  = FALSE;
116    $is_insert  = TRUE;
117}
118
119$query = array();
120$message = '';
121
122foreach ($loop_array AS $primary_key_index => $enc_primary_key) {
123    // skip fields to be ignored
124    if (!$using_key && isset($GLOBALS['insert_ignore_' . $enc_primary_key])) continue;
125
126    // Restore the "primary key" to a convenient format
127    $primary_key = urldecode($enc_primary_key);
128
129    // Defines the SET part of the sql query
130    $valuelist = '';
131    $fieldlist = '';
132
133    // Map multi-edit keys to single-level arrays, dependent on how we got the fields
134    $me_fields      = isset($fields['multi_edit'])      && isset($fields['multi_edit'][$enc_primary_key])      ? $fields['multi_edit'][$enc_primary_key]      : null;
135    $me_fields_prev = isset($fields_prev['multi_edit']) && isset($fields_prev['multi_edit'][$enc_primary_key]) ? $fields_prev['multi_edit'][$enc_primary_key] : null;
136    $me_funcs       = isset($funcs['multi_edit'])       && isset($funcs['multi_edit'][$enc_primary_key])       ? $funcs['multi_edit'][$enc_primary_key]       : null;
137    $me_fields_type = isset($fields_type['multi_edit']) && isset($fields_type['multi_edit'][$enc_primary_key]) ? $fields_type['multi_edit'][$enc_primary_key] : null;
138    $me_fields_null = isset($fields_null['multi_edit']) && isset($fields_null['multi_edit'][$enc_primary_key]) ? $fields_null['multi_edit'][$enc_primary_key] : null;
139
140    if ($using_key && isset($me_fields_type) && is_array($me_fields_type) && isset($primary_key)) {
141        $prot_result      = PMA_DBI_query('SELECT * FROM ' . PMA_backquote($table) . ' WHERE ' . $primary_key . ';');
142        $prot_row         = PMA_DBI_fetch_assoc($prot_result);
143        PMA_DBI_free_result($prot_result);
144        unset($prot_result);
145    }
146
147    foreach ($me_fields AS $encoded_key => $val) {
148        $key         = urldecode($encoded_key);
149        $fieldlist   .= PMA_backquote($key) . ', ';
150
151        require('./tbl_replace_fields.php');
152
153        if (empty($me_funcs[$encoded_key])) {
154            $cur_value = $val . ', ';
155        } else if (preg_match('@^(UNIX_TIMESTAMP)$@', $me_funcs[$encoded_key]) && $val != '\'\'') {
156            $cur_value = $me_funcs[$encoded_key] . '(' . $val . '), ';
157        } else if (preg_match('@^(NOW|CURDATE|CURTIME|UNIX_TIMESTAMP|RAND|USER|LAST_INSERT_ID)$@', $me_funcs[$encoded_key])) {
158            $cur_value = $me_funcs[$encoded_key] . '(), ';
159        } else {
160            $cur_value = $me_funcs[$encoded_key] . '(' . $val . '), ';
161        }
162
163        if ($is_insert) {
164            // insert, no need to add column
165            $valuelist .= $cur_value;
166        } else if (empty($me_funcs[$encoded_key])
167            && isset($me_fields_prev) && isset($me_fields_prev[$encoded_key])
168            && ("'" . PMA_sqlAddslashes(urldecode($me_fields_prev[$encoded_key])) . "'" == $val)) {
169            // No change for this column and no MySQL function is used -> next column
170            continue;
171        }
172        else if (!empty($val)) {
173            $valuelist .= PMA_backquote($key) . ' = ' . $cur_value;
174        }
175    } // end while
176
177    // get rid of last ,
178    $valuelist    = preg_replace('@, $@', '', $valuelist);
179
180    // Builds the sql query
181    if ($is_insert) {
182        if (empty($query)) {
183            // first inserted row -> prepare template
184            $fieldlist = preg_replace('@, $@', '', $fieldlist);
185            $query = array('INSERT INTO ' . PMA_backquote($table) . ' (' . $fieldlist . ') VALUES ');
186        }
187        // append current values
188        $query[0]  .= '(' . $valuelist . '), ';
189        $message   = $strInsertedRows . '&nbsp;';
190    } elseif (!empty($valuelist)) {
191        // build update query
192        $query[]   = 'UPDATE ' . PMA_backquote($table) . ' SET ' . $valuelist . ' WHERE' . $primary_key . ' LIMIT 1';
193
194        $message  = $strAffectedRows . '&nbsp;';
195    }
196} // end for
197
198// trim last , from insert query
199if ($is_insert) {
200    $query[0] = preg_replace('@, $@', '', $query[0]);
201}
202
203if (empty($valuelist) && empty($query)) {
204    // No change -> move back to the calling script
205    $message = $strNoModification;
206    if ($is_gotofile) {
207        $js_to_run = 'functions.js';
208        require_once('./header.inc.php');
209        require('./' . PMA_securePath($goto));
210    } else {
211        PMA_sendHeaderLocation($cfg['PmaAbsoluteUri'] . $goto . '&disp_message=' . urlencode($message) . '&disp_query=');
212
213    }
214    exit();
215}
216
217/**
218 * Executes the sql query and get the result, then move back to the calling
219 * page
220 */
221$sql_query = implode(';', $query) . ';';
222$total_affected_rows = 0;
223$last_message = '';
224
225foreach ($query AS $query_index => $single_query) {
226    if ($cfg['IgnoreMultiSubmitErrors']) {
227        $result = PMA_DBI_try_query($single_query);
228    } else {
229        $result = PMA_DBI_query($single_query);
230    }
231    if (!$result) {
232        $message .= PMA_DBI_getError();
233    } else {
234        if (@PMA_DBI_affected_rows()) {
235            $total_affected_rows += @PMA_DBI_affected_rows();
236        }
237
238        $insert_id = PMA_DBI_insert_id();
239        if ($insert_id != 0) {
240            $last_message .= '[br]'.$strInsertedRowId . '&nbsp;' . $insert_id;
241        }
242    } // end if
243    PMA_DBI_free_result($result);
244    unset($result);
245}
246
247if ($total_affected_rows != 0) {
248    $message .= $total_affected_rows;
249} else {
250    $message .= $strModifications;
251}
252
253$message .= $last_message;
254
255if ($is_gotofile) {
256    if ($goto == 'db_details.php' && !empty($table)) {
257        unset($table);
258    }
259    $js_to_run = 'functions.js';
260    $active_page = $goto;
261    require_once('./header.inc.php');
262    require('./' . PMA_securePath($goto));
263} else {
264    // I don't understand this one:
265    //$add_query = (strpos(' ' . $goto, 'tbl_change') ? '&disp_query=' . urlencode($sql_query) : '');
266
267    // if we have seen binary,
268    // we do not append the query to the Location so it won't be displayed
269    // on the resulting page
270    // Nijel: we also need to limit size of url...
271    $add_query = (!$seen_binary && strlen($sql_query) < 1024 ? '&disp_query=' . urlencode($sql_query) : '');
272    PMA_sendHeaderLocation($cfg['PmaAbsoluteUri'] . $goto . '&disp_message=' . urlencode($message) . $add_query);
273}
274exit();
275?>