PageRenderTime 54ms CodeModel.GetById 16ms RepoModel.GetById 1ms app.codeStats 0ms

/phpMyAdmin/libraries/tbl_select.lib.php

https://bitbucket.org/izubizarreta/https-bitbucket.org-bityvip
PHP | 385 lines | 255 code | 37 blank | 93 comment | 84 complexity | 1f5ed8ac81e1337090f019805a8417ef MD5 | raw file
Possible License(s): LGPL-3.0, LGPL-2.0, JSON, GPL-2.0, BSD-3-Clause, LGPL-2.1, MIT 
    

  1. <?php
    2. 

  2. /* vim: set expandtab sw=4 ts=4 sts=4: */
    3. 

  3. /**
    4. 

  4.  * Functions for the table-search page and zoom-search page
    5. 

  5.  *
    6. 

  6.  * @package PhpMyAdmin
    7. 

  7.  */
    8. 

  8. 

  9. require_once 'url_generating.lib.php';
    10. 

  10. 

  11. /**
    12. 

  12.  * Gets all the fields of a table along with their types, collations
    13. 

  13.  * and whether null or not.
    14. 

  14.  *
    15. 

  15.  * @param string $db    Selected database
    16. 

  16.  * @param string $table Selected table
    17. 

  17.  *
    18. 

  18.  * @return array Array containing the field list, field types, collations
    19. 

  19.  * and null constraint
    20. 

  20.  */
    21. 

  21. function PMA_tbl_getFields($db, $table)
    22. 

  22. {
    23. 

  23.     // Gets the list and number of fields
    24. 

  24.     $fields = PMA_DBI_get_columns($db, $table, null, true);
    25. 

  25.     $fields_list = $fields_null = $fields_type = $fields_collation = array();
    26. 

  26.     $geom_column_present = false;
    27. 

  27.     $geom_types = PMA_getGISDatatypes();
    28. 

  28. 

  29.     foreach ($fields as $key => $row) {
    30. 

  30.         $fields_list[] = $row['Field'];
    31. 

  31.         $type          = $row['Type'];
    32. 

  32. 

  33.         // check whether table contains geometric columns
    34. 

  34.         if (in_array($type, $geom_types)) {
    35. 

  35.             $geom_column_present = true;
    36. 

  36.         }
    37. 

  37. 

  38.         // reformat mysql query output
    39. 

  39.         if (strncasecmp($type, 'set', 3) == 0
    40. 

  40.             || strncasecmp($type, 'enum', 4) == 0
    41. 

  41.         ) {
    42. 

  42.             $type = str_replace(',', ', ', $type);
    43. 

  43.         } else {
    44. 

  44.             // strip the "BINARY" attribute, except if we find "BINARY(" because
    45. 

  45.             // this would be a BINARY or VARBINARY field type
    46. 

  46.             if (!preg_match('@BINARY[\(]@i', $type)) {
    47. 

  47.                 $type = preg_replace('@BINARY@i', '', $type);
    48. 

  48.             }
    49. 

  49.             $type = preg_replace('@ZEROFILL@i', '', $type);
    50. 

  50.             $type = preg_replace('@UNSIGNED@i', '', $type);
    51. 

  51. 

  52.             $type = strtolower($type);
    53. 

  53.         }
    54. 

  54.         if (empty($type)) {
    55. 

  55.             $type = '&nbsp;';
    56. 

  56.         }
    57. 

  57.         $fields_null[] = $row['Null'];
    58. 

  58.         $fields_type[] = $type;
    59. 

  59.         $fields_collation[] = ! empty($row['Collation']) && $row['Collation'] != 'NULL'
    60. 

  60.             ? $row['Collation']
    61. 

  61.             : '';
    62. 

  62.     } // end while
    63. 

  63. 

  64.     return array($fields_list, $fields_type, $fields_collation, $fields_null, $geom_column_present);
    65. 

  65. }
    66. 

  66. 

  67. /**
    68. 

  68.  * Sets the table header for displaying a table in query-by-example format.
    69. 

  69.  *
    70. 

  70.  * @param bool $geom_column_present whether a geometry column is present
    71. 

  71.  *
    72. 

  72.  * @return HTML content, the tags and content for table header
    73. 

  73.  */
    74. 

  74. function PMA_tbl_setTableHeader($geom_column_present = false)
    75. 

  75. {
    76. 

  76.     // Display the Function column only if there is alteast one geomety colum
    77. 

  77.     $func = '';
    78. 

  78.     if ($geom_column_present) {
    79. 

  79.         $func = '<th>' . __('Function') . '</th>';
    80. 

  80.     }
    81. 

  81. 

  82.     return '<thead>
    83. 

  83.         <tr>' . $func . '<th>' .  __('Column') . '</th>
    84. 

  84.         <th>' .  __('Type') . '</th>
    85. 

  85.         <th>' .  __('Collation') . '</th>
    86. 

  86.         <th>' .  __('Operator') . '</th>
    87. 

  87.         <th>' .  __('Value') . '</th>
    88. 

  88.         </tr>
    89. 

  89.         </thead>';
    90. 

  90. }
    91. 

  91. 

  92. /**
    93. 

  93.  * Returns an array with necessary configrations to create
    94. 

  94.  * sub-tabs(Table Search and Zoom Search) in the table_select page.
    95. 

  95.  *
    96. 

  96.  * @return array Array containing configuration (icon, text, link, id, args)
    97. 

  97.  * of sub-tabs for Table Search and Zoom search
    98. 

  98.  */
    99. 

  99. function PMA_tbl_getSubTabs()
    100. 

  100. {
    101. 

  101.     $subtabs = array();
    102. 

  102.     $subtabs['search']['icon'] = 'b_search.png';
    103. 

  103.     $subtabs['search']['text'] = __('Table Search');
    104. 

  104.     $subtabs['search']['link'] = 'tbl_select.php';
    105. 

  105.     $subtabs['search']['id'] = 'tbl_search_id';
    106. 

  106.     $subtabs['search']['args']['pos'] = 0;
    107. 

  107. 

  108.     $subtabs['zoom']['icon'] = 'b_props.png';
    109. 

  109.     $subtabs['zoom']['link'] = 'tbl_zoom_select.php';
    110. 

  110.     $subtabs['zoom']['text'] = __('Zoom Search');
    111. 

  111.     $subtabs['zoom']['id'] = 'zoom_search_id';
    112. 

  112. 

  113.     return $subtabs;
    114. 

  114. }
    115. 

  115. 

  116. /**
    117. 

  117.  * Creates the HTML content for:
    118. 

  118.  * 1) Browsing foreign data for a field.
    119. 

  119.  * 2) Creating elements for search criteria input on fields.
    120. 

  120.  *
    121. 

  121.  * @param array  $foreigners      Array of foreign keys
    122. 

  122.  * @param array  $foreignData     Foreign keys data
    123. 

  123.  * @param string $field           Column name
    124. 

  124.  * @param string $tbl_fields_type Column type
    125. 

  125.  * @param int    $i               Column index
    126. 

  126.  * @param string $db              Selected database
    127. 

  127.  * @param string $table           Selected table
    128. 

  128.  * @param array  $titles          Selected title
    129. 

  129.  * @param int    $foreignMaxLimit Max limit of displaying foreign elements
    130. 

  130.  * @param array  $fields          Array of search criteria inputs
    131. 

  131.  * @param bool   $in_fbs          Whether we are in 'function based search'
    132. 

  132.  * @param bool   $in_zoom_search_edit  Whether we are in zoom search edit
    133. 

  133.  *
    134. 

  134.  * @return string HTML content for viewing foreing data and elements
    135. 

  135.  * for search criteria input.
    136. 

  136.  */
    137. 

  137. function PMA_getForeignFields_Values($foreigners, $foreignData, $field, $tbl_fields_type, $i, $db, $table, $titles, $foreignMaxLimit, $fields, $in_fbs = false, $in_zoom_search_edit = false)
    138. 

  138. {
    139. 

  139.     $str = '';
    140. 

  140.     if ($foreigners && isset($foreigners[$field]) && is_array($foreignData['disp_row'])) {
    141. 

  141.         // f o r e i g n    k e y s
    142. 

  142.         $str .=  '<select name="fields[' . $i . ']" id="fieldID_' . $i .'">' . "\n";
    143. 

  143.         // go back to first row
    144. 

  144.         // here, the 4th parameter is empty because there is no current
    145. 

  145.         // value of data for the dropdown (the search page initial values
    146. 

  146.         // are displayed empty)
    147. 

  147.         $str .= PMA_foreignDropdown(
    148. 

  148.             $foreignData['disp_row'], $foreignData['foreign_field'],
    149. 

  149.             $foreignData['foreign_display'], '', $foreignMaxLimit
    150. 

  150.         );
    151. 

  151.         $str .= '</select>' . "\n";
    152. 

  152. 

  153.     } elseif ($foreignData['foreign_link'] == true) {
    154. 

  154.         if (isset($fields[$i]) && is_string($fields[$i])) {
    155. 

  155.             $str .= '<input type="text" id="fieldID_' . $i . '" name="fields[' . $i . ']" value="' . $fields[$i] . '" id="field_' . md5($field) . '[' . $i .']" class="textfield" />' ;
    156. 

  156.         } else {
    157. 

  157.             $str .= '<input type="text" id="fieldID_' . $i . '" name="fields[' . $i . ']" id="field_' . md5($field) . '[' . $i .']" class="textfield" />' ;
    158. 

  158.         }
    159. 

  159.         $str .=  <<<EOT
    160. 

  160. <a target="_blank" onclick="window.open(this.href, 'foreigners', 'width=640,height=240,scrollbars=yes'); return false" href="browse_foreigners.php?
    161. 

  161. EOT;
    162. 

  162.         $str .= '' . PMA_generate_common_url($db, $table) .  '&amp;field=' . urlencode($field) . '&amp;fieldkey=' . $i . '"';
    163. 

  163.         if ($in_zoom_search_edit) {
    164. 

  164.             $str .= ' class="browse_foreign"';
    165. 

  165.         }
    166. 

  166.         $str .= '>' . str_replace("'", "\'", $titles['Browse']) . '</a>';
    167. 

  167. 

  168.     } elseif (in_array($tbl_fields_type[$i], PMA_getGISDatatypes())) {
    169. 

  169.         // g e o m e t r y
    170. 

  170.         $str .= '<input type="text" name="fields[' . $i . ']"'
    171. 

  171.         .' size="40" class="textfield" id="field_' . $i . '" />' .  "\n";
    172. 

  172. 

  173.         if ($in_fbs) {
    174. 

  174.             $edit_url = 'gis_data_editor.php?' . PMA_generate_common_url();
    175. 

  175.             $edit_str = PMA_getIcon('b_edit.png', __('Edit/Insert'));
    176. 

  176.             $str .= '<span class="open_search_gis_editor">';
    177. 

  177.             $str .= PMA_linkOrButton($edit_url, $edit_str, array(), false, false, '_blank');
    178. 

  178.             $str .= '</span>';
    179. 

  179.         }
    180. 

  180. 

  181.     } elseif (strncasecmp($tbl_fields_type[$i], 'enum', 4) == 0
    182. 

  182.         || (strncasecmp($tbl_fields_type[$i], 'set', 3) == 0 && $in_zoom_search_edit)
    183. 

  183.     ) {
    184. 

  184.         // e n u m s   a n d   s e t s
    185. 

  185. 

  186.         // Enum in edit mode   --> dropdown
    187. 

  187.         // Enum in search mode --> multiselect
    188. 

  188.         // Set in edit mode    --> multiselect
    189. 

  189.         // Set in search mode  --> input (skipped here, so the 'else'
    190. 

  190.         //                                 section would handle it)
    191. 

  191. 

  192.         $value = explode(', ', str_replace("'", '', substr($tbl_fields_type[$i], 5, -1)));
    193. 

  193.         $cnt_value = count($value);
    194. 

  194. 

  195.         if ((strncasecmp($tbl_fields_type[$i], 'enum', 4) && ! $in_zoom_search_edit)
    196. 

  196.             || (strncasecmp($tbl_fields_type[$i], 'set', 3) && $in_zoom_search_edit)
    197. 

  197.         ) {
    198. 

  198.             $str .= '<select name="fields[' . ($i) . '][]" id="fieldID_' . $i .'">' . "\n";
    199. 

  199.         } else {
    200. 

  200.             $str .= '<select name="fields[' . ($i) . '][]" id="fieldID_' . $i .'"'
    201. 

  201.                 . ' multiple="multiple" size="' . min(3, $cnt_value) . '">' . "\n";
    202. 

  202.         }
    203. 

  203. 

  204.         for ($j = 0; $j < $cnt_value; $j++) {
    205. 

  205.             if (isset($fields[$i])
    206. 

  206.                 && is_array($fields[$i])
    207. 

  207.                 && in_array($value[$j], $fields[$i])
    208. 

  208.             ) {
    209. 

  209.                 $str .= '<option value="' . $value[$j] . '" Selected>'
    210. 

  210.                     . $value[$j] . '</option>';
    211. 

  211.             } else {
    212. 

  212.                 $str .= '<option value="' . $value[$j] . '">'
    213. 

  213.                     . $value[$j] . '</option>';
    214. 

  214.             }
    215. 

  215.         } // end for
    216. 

  216.         $str .= '</select>' . "\n";
    217. 

  217. 

  218.     } else {
    219. 

  219.         // o t h e r   c a s e s
    220. 

  220.         $the_class = 'textfield';
    221. 

  221.         $type = $tbl_fields_type[$i];
    222. 

  222. 

  223.         if ($type == 'date') {
    224. 

  224.             $the_class .= ' datefield';
    225. 

  225.         } elseif ($type == 'datetime' || substr($type, 0, 9) == 'timestamp') {
    226. 

  226.             $the_class .= ' datetimefield';
    227. 

  227.         } elseif (substr($type, 0, 3) == 'bit') {
    228. 

  228.             $the_class .= ' bit';
    229. 

  229.         }
    230. 

  230. 

  231.         if (isset($fields[$i]) && is_string($fields[$i])) {
    232. 

  232.             $str .= '<input type="text" name="fields[' . $i . ']"'
    233. 

  233.                 .' size="40" class="' . $the_class . '" id="fieldID_'
    234. 

  234.                 . $i .'" value = "' . $fields[$i] . '"/>' .  "\n";
    235. 

  235.         } else {
    236. 

  236.             $str .= '<input type="text" name="fields[' . $i . ']"'
    237. 

  237.                 .' size="40" class="' . $the_class . '" id="fieldID_'
    238. 

  238.                 . $i .'" />' .  "\n";
    239. 

  239.         }
    240. 

  240.     }
    241. 

  241.     return $str;
    242. 

  242. }
    243. 

  243. 

  244. /**
    245. 

  245.  * Return the where clause for query generation based on the inputs provided.
    246. 

  246.  *
    247. 

  247.  * @param mixed  $fields     Search criteria input
    248. 

  248.  * @param string $names      Name of the column on which search is submitted
    249. 

  249.  * @param string $types      Type of the field
    250. 

  250.  * @param string $collations Field collation
    251. 

  251.  * @param string $func_type  Search fucntion/operator
    252. 

  252.  * @param bool   $unaryFlag  Whether operator unary or not
    253. 

  253.  * @param bool   $geom_func  Whether geometry functions should be applied
    254. 

  254.  *
    255. 

  255.  * @return string HTML content for viewing foreing data and elements
    256. 

  256.  * for search criteria input.
    257. 

  257.  */
    258. 

  258. function PMA_tbl_search_getWhereClause($fields, $names, $types, $collations, $func_type, $unaryFlag, $geom_func = null)
    259. 

  259. {
    260. 

  260.     /**
    261. 

  261.      * @todo move this to a more apropriate place
    262. 

  262.      */
    263. 

  263.     $geom_unary_functions = array(
    264. 

  264.         'IsEmpty' => 1,
    265. 

  265.         'IsSimple' => 1,
    266. 

  266.         'IsRing' => 1,
    267. 

  267.         'IsClosed' => 1,
    268. 

  268.     );
    269. 

  269. 

  270.     $w = '';
    271. 

  271.     // If geometry function is set apply it to the field name
    272. 

  272.     if ($geom_func != null && trim($geom_func) != '') {
    273. 

  273.         // Get details about the geometry fucntions
    274. 

  274.         $geom_funcs = PMA_getGISFunctions($types, true, false);
    275. 

  275. 

  276.         // If the function takes a single parameter
    277. 

  277.         if ($geom_funcs[$geom_func]['params'] == 1) {
    278. 

  278.             $backquoted_name = $geom_func . '(' . PMA_backquote($names) . ')';
    279. 

  279.         } else {
    280. 

  280.             // If the function takes two parameters
    281. 

  281.             // create gis data from the string
    282. 

  282.             $gis_data = PMA_createGISData($fields);
    283. 

  283. 

  284.             $w = $geom_func . '(' . PMA_backquote($names) . ',' . $gis_data . ')';
    285. 

  285.             return $w;
    286. 

  286.         }
    287. 

  287. 

  288.         // New output type is the output type of the function being applied
    289. 

  289.         $types = $geom_funcs[$geom_func]['type'];
    290. 

  290. 

  291.         // If the where clause is something like 'IsEmpty(`spatial_col_name`)'
    292. 

  292.         if (isset($geom_unary_functions[$geom_func]) && trim($fields) == '') {
    293. 

  293.             $w = $backquoted_name;
    294. 

  294.             return $w;
    295. 

  295.         }
    296. 

  296.     } else {
    297. 

  297.         $backquoted_name = PMA_backquote($names);
    298. 

  298.     }
    299. 

  299. 

  300.     if ($unaryFlag) {
    301. 

  301.         $fields = '';
    302. 

  302.         $w = $backquoted_name . ' ' . $func_type;
    303. 

  303. 

  304.     } elseif (in_array($types, PMA_getGISDatatypes()) && ! empty($fields)) {
    305. 

  305.         // create gis data from the string
    306. 

  306.         $gis_data = PMA_createGISData($fields);
    307. 

  307.         $w = $backquoted_name . ' ' . $func_type . ' ' . $gis_data;
    308. 

  308. 

  309.     } elseif (strncasecmp($types, 'enum', 4) == 0) {
    310. 

  310.         if (!empty($fields)) {
    311. 

  311.             if (! is_array($fields)) {
    312. 

  312.                 $fields = explode(',', $fields);
    313. 

  313.             }
    314. 

  314.             $enum_selected_count = count($fields);
    315. 

  315.             if ($func_type == '=' && $enum_selected_count > 1) {
    316. 

  316.                 $func_type    = 'IN';
    317. 

  317.                 $parens_open  = '(';
    318. 

  318.                 $parens_close = ')';
    319. 

  319. 

  320.             } elseif ($func_type == '!=' && $enum_selected_count > 1) {
    321. 

  321.                 $func_type    = 'NOT IN';
    322. 

  322.                 $parens_open  = '(';
    323. 

  323.                 $parens_close = ')';
    324. 

  324. 

  325.             } else {
    326. 

  326.                 $parens_open  = '';
    327. 

  327.                 $parens_close = '';
    328. 

  328.             }
    329. 

  329.             $enum_where = '\'' . PMA_sqlAddslashes($fields[0]) . '\'';
    330. 

  330.             for ($e = 1; $e < $enum_selected_count; $e++) {
    331. 

  331.                 $enum_where .= ', \'' . PMA_sqlAddslashes($fields[$e]) . '\'';
    332. 

  332.             }
    333. 

  333. 

  334.             $w = $backquoted_name . ' ' . $func_type . ' ' . $parens_open . $enum_where . $parens_close;
    335. 

  335.         }
    336. 

  336. 

  337.     } elseif ($fields != '') {
    338. 

  338.         // For these types we quote the value. Even if it's another type (like INT),
    339. 

  339.         // for a LIKE we always quote the value. MySQL converts strings to numbers
    340. 

  340.         // and numbers to strings as necessary during the comparison
    341. 

  341.         if (preg_match('@char|binary|blob|text|set|date|time|year@i', $types)
    342. 

  342.             || strpos(' ' . $func_type, 'LIKE')
    343. 

  343.         ) {
    344. 

  344.             $quot = '\'';
    345. 

  345.         } else {
    346. 

  346.             $quot = '';
    347. 

  347.         }
    348. 

  348. 

  349.         // LIKE %...%
    350. 

  350.         if ($func_type == 'LIKE %...%') {
    351. 

  351.             $func_type = 'LIKE';
    352. 

  352.             $fields = '%' . $fields . '%';
    353. 

  353.         }
    354. 

  354.         if ($func_type == 'REGEXP ^...$') {
    355. 

  355.             $func_type = 'REGEXP';
    356. 

  356.             $fields = '^' . $fields . '$';
    357. 

  357.         }
    358. 

  358. 

  359.         if ($func_type == 'IN (...)'
    360. 

  360.             || $func_type == 'NOT IN (...)'
    361. 

  361.             || $func_type == 'BETWEEN'
    362. 

  362.             || $func_type == 'NOT BETWEEN'
    363. 

  363.         ) {
    364. 

  364.             $func_type = str_replace(' (...)', '', $func_type);
    365. 

  365. 

  366.             // quote values one by one
    367. 

  367.             $values = explode(',', $fields);
    368. 

  368.             foreach ($values as &$value) {
    369. 

  369.                 $value = $quot . PMA_sqlAddslashes(trim($value)) . $quot;
    370. 

  370.             }
    371. 

  371. 

  372.             if ($func_type == 'BETWEEN' || $func_type == 'NOT BETWEEN') {
    373. 

  373.                 $w = $backquoted_name . ' ' . $func_type . ' ' . (isset($values[0]) ? $values[0] : '')
    374. 

  374.                     . ' AND ' . (isset($values[1]) ? $values[1] : '');
    375. 

  375.             } else {
    376. 

  376.                 $w = $backquoted_name . ' ' . $func_type . ' (' . implode(',', $values) . ')';
    377. 

  377.             }
    378. 

  378.         } else {
    379. 

  379.             $w = $backquoted_name . ' ' . $func_type . ' ' . $quot . PMA_sqlAddslashes($fields) . $quot;;
    380. 

  380.         }
    381. 

  381.     } // end if
    382. 

  382. 

  383.     return $w;
    384. 

  384. }
    385. 

  385. ?>
    386. 

  386.