if ($_SESSION["lang"]) {
$file = preg_replace_callback("~(<\\?php\\s*echo )?lang\\('((?:[^\\\\']*|\\\\.)+)'\\)(;\\s*\\?>)?~s", 'remove_lang', $file);
$file = str_replace("<?php switch_lang(); ?>\n", "", $file);
+ $file = str_replace("<?php echo get_lang(); ?>", $_SESSION["lang"], $file);
}
//! remove spaces and comments
file_put_contents($filename, $file);
exit(1);
}
-$messages = array();
+$messages_all = array();
foreach (glob("*.php") as $filename) {
$file = file_get_contents($filename);
- preg_match_all("~lang\\(('(?:[^\\\\']*|\\\\.)+')\\)~s", $file, $matches);
- $messages += array_flip($matches[1]);
+ preg_match_all("~lang\\(('(?:[^\\\\']*|\\\\.)+')[),]~s", $file, $matches);
+ $messages_all += array_flip($matches[1]);
}
$file = file_get_contents("lang.inc.php");
-preg_match_all("~\n\t\t'.*' => array\\(\n(.*\n)\t\t\\)~sU", $file, $translations, PREG_OFFSET_CAPTURE);
-foreach ($translations[1] as $translation) {
- preg_match_all("~^(\\s*(?:// )?)(('(?:[^\\\\']*|\\\\.)+') => .*[^,\n]),?~m", $translation[0], $matches, PREG_SET_ORDER);
+preg_match_all("~\n\t\t'(.*)' => array\\(\n(.*\n)\t\t\\)~sU", $file, $translations, PREG_OFFSET_CAPTURE);
+foreach (array_reverse($translations[2], true) as $key => $translation) {
+ $messages = $messages_all;
+ preg_match_all("~^(\\s*)(?:// )?(('(?:[^\\\\']*|\\\\.)+') => .*[^,\n]),?~m", $translation[0], $matches, PREG_SET_ORDER);
$s = "";
foreach ($matches as $match) {
if (isset($messages[$match[3]])) {
$s .= "$match[1]// $match[2],\n";
}
}
- foreach($messages as $key => $val) {
- $s .= "\t\t\t$key => '',\n";
+ if ($translations[1][$key][0] != 'en') {
+ foreach($messages as $key => $val) {
+ $s .= "\t\t\t$key => '',\n";
+ }
}
$file = substr_replace($file, $s, $translation[1], strlen($translation[0]));
}
} elseif (isset($_GET["logout"])) {
unset($_SESSION["usernames"][$_GET["server"]]);
unset($_SESSION["passwords"][$_GET["server"]]);
+ $_SESSION["tokens"][$_GET["server"]] = array();
}
$username = $_SESSION["usernames"][$_GET["server"]];
if (isset($_GET["logout"]) || !@mysql_connect(
(strlen($_GET["server"]) ? $_GET["server"] : ini_get("mysql.default_host")),
(strlen("$_GET[server]$username") ? $username : ini_get("mysql.default_user")),
- (strlen("$_GET[server]$username$password") ? $password : ini_get("mysql.default_password")))
-) {
+ (strlen("$_GET[server]$username$password") ? $password : ini_get("mysql.default_password")),
+ false, 131072 // CLIENT_MULTI_RESULTS for CALL
+)) {
page_header(lang('Login'));
if (isset($_GET["logout"])) {
echo "<p class='message'>" . lang('Logout successful.') . "</p>\n";
<form action="" method="post">
<table border="0" cellspacing="0" cellpadding="2">
<tr><th><?php echo lang('Server'); ?>:</th><td><input name="server" value="<?php echo htmlspecialchars($_GET["server"]); ?>" maxlength="60" /></td></tr>
- <tr><th><?php echo lang('Username'); ?>:</th><td><input name="username" value="<?php echo htmlspecialchars($_SESSION["usernames"][$_GET["server"]]); ?>" maxlength="16" /></td></tr>
+ <tr><th><?php echo lang('Username'); ?>:</th><td><input name="username" value="<?php echo htmlspecialchars($username); ?>" maxlength="16" /></td></tr>
<tr><th><?php echo lang('Password'); ?>:</th><td><input type="password" name="password" /></td></tr>
<tr><th><?php
foreach ($_POST as $key => $val) { // expired session
if (is_array($val)) {
foreach ($val as $key2 => $val2) {
if (!is_array($val2)) {
- echo '<input type="hidden" name="' . htmlspecialchars($key . "[$key2]") . ' value="' . htmlspecialchars($val2) . '" />';
+ echo '<input type="hidden" name="' . htmlspecialchars($key . "[$key2]") . '" value="' . htmlspecialchars($val2) . '" />';
} else {
foreach ($val2 as $key3 => $val3) {
- echo '<input type="hidden" name="' . htmlspecialchars($key . "[$key2][$key3]") . ' value="' . htmlspecialchars($val3) . '" />';
+ echo '<input type="hidden" name="' . htmlspecialchars($key . "[$key2][$key3]") . '" value="' . htmlspecialchars($val3) . '" />';
}
}
}
echo '<input type="hidden" name="' . htmlspecialchars($key) . '" value="' . htmlspecialchars($val) . '" />';
}
}
+ foreach ($_FILES as $key => $val) {
+ echo '<input type="hidden" name="files[' . htmlspecialchars($key) . ']" value="' . ($val["error"] ? $val["error"] : base64_encode(file_get_contents($val["tmp_name"]))) . '" />';
+ }
?></th><td><input type="submit" value="<?php echo lang('Login'); ?>" /></td></tr>
</table>
</form>
exit;
}
mysql_query("SET CHARACTER SET utf8");
-mysql_query("SET SQL_QUOTE_SHOW_CREATE=1");
<?php
$types = types();
$unsigned = array("", "unsigned", "zerofill", "unsigned zerofill");
-if ($_POST && !$_POST["add"]) {
+if ($_POST && !$error && !$_POST["add"]) {
if ($_POST["drop"]) {
$query = "DROP TABLE " . idf_escape($_GET["create"]);
$message = lang('Table has been dropped.');
. idf_escape($field["field"]) . " $field[type]"
. ($field["length"] ? "($field[length])" : "")
. (preg_match('~int|float|double|decimal~', $field["type"]) && in_array($field["unsigned"], $unsigned) ? " $field[unsigned]" : "")
- . (preg_match('~char|text~', $field["type"]) && $field["collation"] ? " COLLATE '" . mysql_real_escape_string($field["collation"]) . "'" : "")
+ . (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " COLLATE '" . mysql_real_escape_string($field["collation"]) . "'" : "")
. ($field["null"] ? "" : " NOT NULL")
. ($key == $_POST["auto_increment"] ? " AUTO_INCREMENT$auto_increment_index" : "")
+ . " COMMENT '" . mysql_real_escape_string($field["comment"]) . "'"
;
} elseif (strlen($field["orig"])) {
$fields[] = "DROP " . idf_escape($field["orig"]);
}
}
- $status = ($_POST["Engine"] ? " ENGINE='" . mysql_real_escape_string($_POST["Engine"]) . "'" : "") . ($_POST["Collation"] ? " COLLATE '" . mysql_real_escape_string($_POST["Collation"]) . "'" : "");
+ $status = ($_POST["Engine"] ? " ENGINE='" . mysql_real_escape_string($_POST["Engine"]) . "'" : "")
+ . ($_POST["Collation"] ? " COLLATE '" . mysql_real_escape_string($_POST["Collation"]) . "'" : "")
+ . " COMMENT='" . mysql_real_escape_string($_POST["Comment"]) . "'"
+ ;
if (strlen($_GET["create"])) {
$query = "ALTER TABLE " . idf_escape($_GET["create"]) . " " . implode(", ", $fields) . ", RENAME TO " . idf_escape($_POST["name"]) . ", $status";
$message = lang('Table has been altered.');
echo "<p class='error'>" . lang('Unable to operate table') . ": " . htmlspecialchars($error) . "</p>\n";
}
$row = $_POST;
+ if ($row["auto_increment"]) {
+ $row["fields"][$row["auto_increment"]]["auto_increment"] = true;
+ }
} elseif (strlen($_GET["create"])) {
$row = mysql_fetch_assoc(mysql_query("SHOW TABLE STATUS LIKE '" . mysql_real_escape_string($_GET["create"]) . "'"));
$row["name"] = $_GET["create"];
} else {
$row = array("fields" => array());
}
-//! default, comments
+if (!$_POST || $_POST["add"]) {
+ $row["fields"][] = array();
+}
$collations = collations();
?>
<form action="" method="post" id="form">
<select name="Collation"><option value="">(<?php echo lang('collation'); ?>)</option><?php echo optionlist($collations, $row["Collation"], "not_vals"); ?></select>
</p>
<table border="0" cellspacing="0" cellpadding="2">
-<thead><tr><th><?php echo lang('Name'); ?></th><td><?php echo lang('Type'); ?></td><td><?php echo lang('Length'); ?></td><td><?php echo lang('Options'); ?></td><td><?php echo lang('NULL'); ?></td><td><input type="radio" name="auto_increment" value="" /><?php echo lang('Auto-increment'); ?></td></tr></thead>
+<thead><tr><th><?php echo lang('Name'); ?></th><td><?php echo lang('Type'); ?></td><td><?php echo lang('Length'); ?></td><td><?php echo lang('Options'); ?></td><td><?php echo lang('NULL'); ?></td><td><input type="radio" name="auto_increment" value="" /><?php echo lang('Auto Increment'); ?></td><td id="comment-0"><?php echo lang('Comment'); ?></td></tr></thead>
<?php
$i=1;
+$column_comments = false;
foreach ($row["fields"] as $field) {
- if (strlen($field["field"]) || strlen($field["orig"])) {
- ?>
+ ?>
<tr>
<th><input type="hidden" name="fields[<?php echo $i; ?>][orig]" value="<?php echo htmlspecialchars($field[($_POST ? "orig" : "field")]); ?>" /><input name="fields[<?php echo $i; ?>][field]" value="<?php echo htmlspecialchars($field["field"]); ?>" maxlength="64" /></th>
<td><select name="fields[<?php echo $i; ?>][type]" onchange="type_change(this);"><?php echo optionlist(array_keys($types), $field["type"], "not_vals"); ?></select></td>
<td><input name="fields[<?php echo $i; ?>][length]" value="<?php echo htmlspecialchars($field["length"]); ?>" size="3" /></td>
<td><select name="fields[<?php echo $i; ?>][collation]"><option value="">(<?php echo lang('collation'); ?>)</option><?php echo optionlist($collations, $field["collation"], "not_vals"); ?></select> <select name="fields[<?php echo $i; ?>][unsigned]"><?php echo optionlist($unsigned, $field["unsigned"], "not_vals"); ?></select></td>
<td><input type="checkbox" name="fields[<?php echo $i; ?>][null]" value="1"<?php if ($field["null"]) { ?> checked="checked"<?php } ?> /></td>
-<td><input type="radio" name="auto_increment" value="<?php echo $i; ?>"<?php if ($row["auto_increment"] == $i || $field["extra"] == "auto_increment") { ?> checked="checked"<?php } ?> /></td>
+<td><input type="radio" name="auto_increment" value="<?php echo $i; ?>"<?php if ($field["auto_increment"]) { ?> checked="checked"<?php } ?> /></td>
+<td id="comment-<?php echo $i; ?>"><input name="fields[<?php echo $i; ?>][comment]" value="<?php echo htmlspecialchars($field["comment"]); ?>" maxlength="255" /></td>
</tr>
<?php
- $i++;
+ if (strlen($field["comment"])) {
+ $column_comments = true;
}
+ $i++;
}
//! JavaScript for next rows
?>
-<tr>
-<th><input name="fields[<?php echo $i; ?>][field]" maxlength="64" /></th>
-<td><select name="fields[<?php echo $i; ?>][type]" onchange="type_change(this);"><?php echo optionlist(array_keys($types), array(), "not_vals"); ?></select></td>
-<td><input name="fields[<?php echo $i; ?>][length]" size="3" /></td>
-<td><select name="fields[<?php echo $i; ?>][collation]"><option value="">(<?php echo lang('collation'); ?>)</option><?php echo optionlist($collations, array(), "not_vals"); ?></select> <select name="fields[<?php echo $i; ?>][unsigned]"><?php echo optionlist($unsigned, array(), "not_vals"); ?></select></td>
-<td><input type="checkbox" name="fields[<?php echo $i; ?>][null]" value="1" /></td>
-<td><input type="radio" name="auto_increment" value="<?php echo $i; ?>" /></td>
-</tr>
</table>
+<p><?php echo lang('Comment'); ?>: <input name="Comment" value="<?php echo htmlspecialchars($row["Comment"]); ?>" maxlength="60" />
<script type="text/javascript">
function type_change(type) {
var name = type.name.substr(0, type.name.length - 6);
- type.form[name + '[collation]'].style.display = (/char|text/.test(type.form[name + '[type]'].value) ? '' : 'none');
+ type.form[name + '[collation]'].style.display = (/char|text|enum|set/.test(type.form[name + '[type]'].value) ? '' : 'none');
type.form[name + '[unsigned]'].style.display = (/int|float|double|decimal/.test(type.form[name + '[type]'].value) ? '' : 'none');
}
-for (var i=1; <?php echo $i; ?> >= i; i++) {
+for (var i=1; <?php echo $i; ?> > i; i++) {
document.getElementById('form')['fields[' + i + '][type]'].onchange();
}
+
+document.write('<input type="checkbox" id="column_comments"<?php if ($column_comments) { ?> checked="checked"<?php } ?> onclick="column_comments_click(this.checked);" /><label for="column_comments"><?php echo lang('Show column comments'); ?></label>');
+function column_comments_click(checked) {
+ for (var i=0; <?php echo $i; ?> > i; i++) {
+ document.getElementById('comment-' + i).style.display = (checked ? '' : 'none');
+ }
+}
+<?php if (!$column_comments) { ?>column_comments_click(false);<?php } ?>
+
</script>
+</p>
<p>
+<input type="hidden" name="token" value="<?php echo $token; ?>" />
<input type="submit" value="<?php echo lang('Save'); ?>" />
<?php if (strlen($_GET["create"])) { ?><input type="submit" name="drop" value="<?php echo lang('Drop'); ?>" /><?php } ?>
</p>
<?php
-if ($_POST) {
+if ($_POST && !$error) {
if ($_POST["drop"]) {
if (mysql_query("DROP DATABASE " . idf_escape($_GET["db"]))) {
redirect(substr(preg_replace('~(\\?)db=[^&]*&|&db=[^&]*~', '\\1', $SELF), 0, -1), lang('Database has been dropped.'));
<form action="" method="post"><div>
<input name="name" value="<?php echo htmlspecialchars($name); ?>" maxlength="64" />
<select name="collation"><option value="">(<?php echo lang('collation'); ?>)</option><?php echo optionlist(collations(), $collate, "not_vals"); ?></select>
+<input type="hidden" name="token" value="<?php echo $token; ?>" />
<input type="submit" value="<?php echo lang('Save'); ?>" />
<?php if (strlen($_GET["db"])) { ?><input type="submit" name="drop" value="<?php echo lang('Drop'); ?>" /><?php } ?>
</div></form>
header("Content-Type: text/html; charset=utf-8");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" lang="cs">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="<?php echo get_lang(); ?>">
<head>
<title><?php echo lang('phpMinAdmin') . " - $title"; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
H1 { font-size: 150%; margin: 0; }
H2 { font-size: 150%; margin-top: 0; }
FIELDSET { float: left; padding: .5em; margin: 0; }
-PRE { margin: 0; font-family: serif; }
+PRE { margin: 0; margin: .12em 0; }
.error { color: Red; }
.message { color: Green; }
#menu { position: absolute; top: 8px; left: 8px; width: 15em; overflow: auto; white-space: nowrap; }
</form>
<?php
if ($missing != "db" && strlen($_GET["db"])) {
- $result = mysql_query("SHOW TABLES");
+ $result = mysql_query("SHOW TABLE STATUS");
if (!mysql_num_rows($result)) {
echo "<p class='message'>" . lang('No tables.') . "</p>\n";
} else {
echo "<p>\n";
- while ($row = mysql_fetch_row($result)) {
- echo '<a href="' . htmlspecialchars($SELF) . 'select=' . urlencode($row[0]) . '">' . lang('select') . '</a> ';
- echo '<a href="' . htmlspecialchars($SELF) . 'table=' . urlencode($row[0]) . '">' . htmlspecialchars($row[0]) . "</a><br />\n"; //! views
+ while ($row = mysql_fetch_assoc($result)) {
+ echo '<a href="' . htmlspecialchars($SELF) . 'select=' . urlencode($row["Name"]) . '">' . lang('select') . '</a> ';
+ echo '<a href="' . htmlspecialchars($SELF) . (isset($row["Engine"]) ? 'table' : 'view') . '=' . urlencode($row["Name"]) . '">' . htmlspecialchars($row["Name"]) . "</a><br />\n";
}
echo "</p>\n";
}
- echo '<p><a href="' . htmlspecialchars($SELF) . 'create=">' . lang('Create new table') . "</a></p>\n"; //! rights
+ echo '<p><a href="' . htmlspecialchars($SELF) . 'create=">' . lang('Create new table') . "</a></p>\n";
mysql_free_result($result);
}
}
--- /dev/null
+<?php
+header("Content-Type: application/octet-stream");
+echo mysql_result(mysql_query("SELECT " . idf_escape($_GET["field"]) . " FROM " . idf_escape($_GET["download"]) . " WHERE " . implode(" AND ", where()) . " LIMIT 1"), 0);
}
echo "USE " . idf_escape($db) . ";\n";
echo "SET CHARACTER SET utf8;\n\n";
- $result = mysql_query("SHOW TABLES");
- while ($row = mysql_fetch_row($result)) {
- $result1 = mysql_query("SHOW CREATE TABLE " . idf_escape($row[0]));
+ $result = mysql_query("SHOW TABLE STATUS");
+ while ($row = mysql_fetch_assoc($result)) {
+ $result1 = mysql_query("SHOW CREATE TABLE " . idf_escape($row["Name"]));
if ($result1) {
echo mysql_result($result1, 0, 1) . ";\n";
mysql_free_result($result1);
- $result1 = mysql_query("SELECT * FROM " . idf_escape($row[0])); //! except views //! enum and set as numbers
- if ($result1) {
- while ($row1 = mysql_fetch_row($result1)) {
- echo "INSERT INTO " . idf_escape($row[0]) . " VALUES ('" . implode("', '", array_map('mysql_real_escape_string', $row1)) . "');\n";
+ if (isset($row["Engine"])) {
+ $result1 = mysql_query("SELECT * FROM " . idf_escape($row["Name"])); //! enum and set as numbers
+ if ($result1) {
+ while ($row1 = mysql_fetch_row($result1)) {
+ echo "INSERT INTO " . idf_escape($row["Name"]) . " VALUES ('" . implode("', '", array_map('mysql_real_escape_string', $row1)) . "');\n";
+ }
+ mysql_free_result($result1);
}
- mysql_free_result($result1);
}
echo "\n";
}
<?php
-$fields = fields($_GET["edit"]);
-$where = array();
-foreach ((array) $_GET["where"] as $key => $val) {
- $where[] = idf_escape($key) . " = BINARY '" . mysql_real_escape_string($val) . "'"; //! enum and set
-}
-foreach ((array) $_GET["null"] as $key) {
- $where[] = idf_escape($key) . " IS NULL";
+$where = where();
+$fields = array();
+foreach (fields($_GET["edit"]) as $name => $field) {
+ if (isset($_GET["default"]) ? !$field["auto_increment"] : isset($field["privileges"][$where ? "update" : "insert"])) {
+ $fields[$name] = $field;
+ }
}
-if ($_POST) {
+if ($_POST && !$error) {
if (isset($_POST["delete"])) {
+ $set = true;
$query = "DELETE FROM " . idf_escape($_GET["edit"]) . " WHERE " . implode(" AND ", $where) . " LIMIT 1";
$message = lang('Item has been deleted.');
} else {
$set = array();
- foreach ($_POST["fields"] as $key => $val) {
- $name = bracket_escape($key, "back");
- $field = $fields[$name];
- if (preg_match('~char|text|set~', $field["type"]) ? $_POST["null"][$key] : !strlen($val)) {
+ foreach ($fields as $name => $field) {
+ $key = bracket_escape($name);
+ $val = $_POST["fields"][$key];
+ if (preg_match('~char|text|set|binary|blob~', $field["type"]) ? $_POST["null"][$key] : !strlen($val)) {
$val = "NULL";
} elseif ($field["type"] == "enum") {
- $val = intval($val);
+ $val = (isset($_GET["default"]) && preg_match_all("~'((?:[^']*|'')+)'~", $field["length"], $matches) ? "'" . $matches[1][$val-1] . "'" : intval($val));
} elseif ($field["type"] == "set") {
- $val = array_sum((array) $val);
+ if (!isset($_GET["default"])) {
+ $val = array_sum((array) $val);
+ } else {
+ preg_match_all("~'((?:[^']*|'')+)'~", $field["length"], $matches);
+ $value = array();
+ foreach ((array) $val as $key => $v) {
+ $value[] = $matches[1][$key];
+ }
+ $val = "'" . implode(",", $value) . "'";
+ }
+ } elseif (preg_match('~binary|blob~', $field["type"])) {
+ $file = get_file($key);
+ if (!is_string($file) && !$field["null"]) {
+ continue; //! report errors, also empty $_POST - not only because of file upload
+ }
+ $val = "_binary'" . (is_string($file) ? mysql_real_escape_string($file) : "") . "'";
} else {
$val = "'" . mysql_real_escape_string($val) . "'";
}
- $set[] = idf_escape($name) . " = $val";
+ $set[] = idf_escape($name) . (isset($_GET["default"]) ? ($val == "NULL" ? " DROP DEFAULT" : " SET DEFAULT $val") : " = $val");
}
- if ($where) {
+ if (isset($_GET["default"])) {
+ $query = "ALTER TABLE " . idf_escape($_GET["edit"]) . " ALTER " . implode(", ALTER ", $set);
+ $message = lang('Default values has been set.');
+ } elseif ($where) {
$query = "UPDATE " . idf_escape($_GET["edit"]) . " SET " . implode(", ", $set) . " WHERE " . implode(" AND ", $where) . " LIMIT 1";
$message = lang('Item has been updated.');
} else {
$message = lang('Item has been inserted.');
}
}
- if (mysql_query($query)) {
- redirect($SELF . ($_POST["insert"] ? "edit=" : "select=") . urlencode($_GET["edit"]), $message);
+ if (!$set || mysql_query($query)) {
+ redirect($SELF . (isset($_GET["default"]) ? "table=" : ($_POST["insert"] ? "edit=" : "select=")) . urlencode($_GET["edit"]), ($set ? $message : null));
}
$error = mysql_error();
}
-page_header(($_GET["where"] ? lang('Edit') : lang('Insert')) . ": " . htmlspecialchars($_GET["edit"]));
+page_header((isset($_GET["default"]) ? lang('Default values') : ($_GET["where"] ? lang('Edit') : lang('Insert'))) . ": " . htmlspecialchars($_GET["edit"]));
if ($_POST) {
echo "<p class='error'>" . lang('Error during saving') . ": " . htmlspecialchars($error) . "</p>\n";
- $data = $_POST["fields"];
- foreach ($_POST["null"] as $key => $val) {
+ $data = (array) $_POST["fields"];
+ foreach ((array) $_POST["null"] as $key => $val) {
$data[$key] = null;
}
} elseif ($where) {
$select = array();
foreach ($fields as $name => $field) {
- if (in_array("select", $field["privileges"]) && in_array(($where ? "update" : "insert"), $field["privileges"])) {
+ if (isset($field["privileges"]["select"]) && !preg_match('~binary|blob~', $field["type"])) {
$select[] = ($field["type"] == "enum" || $field["type"] == "set" ? "1*" . idf_escape($name) . " AS " : "") . idf_escape($name);
}
}
$data = ($select ? mysql_fetch_assoc(mysql_query("SELECT " . implode(", ", $select) . " FROM " . idf_escape($_GET["edit"]) . " WHERE " . implode(" AND ", $where) . " LIMIT 1")) : array());
} else {
- $data = array();
+ unset($data);
}
?>
-<form action="" method="post">
+<form action="" method="post" enctype="multipart/form-data">
<table border="0" cellspacing="0" cellpadding="2">
<?php
$types = types();
+$save_possible = false;
foreach ($fields as $name => $field) {
- if (in_array(($where ? "update" : "insert"), $field["privileges"])) {
- echo "<tr><th>" . htmlspecialchars($name) . "</th><td>";
- $value = ($data ? $data[$name] : $field["default"]);
- $name = htmlspecialchars(bracket_escape($name));
- if ($field["type"] == "enum") {
+ $save_possible = true;
+ echo "<tr><th>" . htmlspecialchars($name) . "</th><td>";
+ $value = (isset($data) ? $data[$name] : $field["default"]);
+ $name = htmlspecialchars($_POST ? $name : bracket_escape($name));
+ if ($field["type"] == "enum") {
+ if (!isset($_GET["default"])) {
echo '<input type="radio" name="fields[' . $name . ']" value="0"' . ($value == "0" ? ' checked="checked"' : '') . ' />';
- preg_match_all("~'((?:[^']*|'')+)'~", $field["length"], $matches);
- foreach ($matches[1] as $i => $val) {
- $id = "field-$name-" . ($i+1);
- echo ' <input type="radio" name="fields[' . $name . ']" id="' . $id . '" value="' . ($i+1) . '"' . ($value == $i+1 ? ' checked="checked"' : '') . ' /><label for="' . $id . '">' . htmlspecialchars(str_replace("''", "'", $val)) . '</label>';
- }
- if ($field["null"]) {
- $id = "field-$name-";
- echo '<input type="radio" name="fields[' . $name . ']" id="' . $id . '" value=""' . (strlen($value) ? '' : ' checked="checked"') . ' /><label for="' . $id . '">' . lang('NULL') . '</label> ';
- }
- } elseif ($field["type"] == "set") { //! 64 bits
- preg_match_all("~'((?:[^']*|'')+)'~", $field["length"], $matches);
- foreach ($matches[1] as $i => $val) {
- $id = "$name-" . ($i+1);
- echo ' <input type="checkbox" name="fields[' . $name . '][]" id="' . $id . '" value="' . (1 << $i) . '"' . (($value >> $i) & 1 ? ' checked="checked"' : '') . ' /><label for="' . $id . '">' . htmlspecialchars(str_replace("''", "'", $val)) . '</label>';
- }
- } elseif (strpos($field["type"], "text") !== false) {
- echo '<textarea name="fields[' . $name . ']" cols="50" rows="12">' . htmlspecialchars($value) . '</textarea>';
- } else { //! binary
- echo '<input name="fields[' . $name . ']" value="' . htmlspecialchars($value) . '"' . (strlen($field["length"]) ? " maxlength='$field[length]'" : ($types[$field["type"]] ? " maxlength='" . $types[$field["type"]] . "'" : '')) . ' />';
}
- if ($field["null"] && preg_match('~char|text|set~', $field["type"])) {
- echo '<input type="checkbox" name="null[' . $name . ']" value="1" id="null-' . $name . '"' . (isset($value) ? '' : ' checked="checked"') . ' /><label for="null-' . $name . '">' . lang('NULL') . '</label>';
+ preg_match_all("~'((?:[^']*|'')+)'~", $field["length"], $matches);
+ foreach ($matches[1] as $i => $val) {
+ $id = "field-$name-" . ($i+1);
+ $checked = (isset($data) ? $value == $i+1 : $val === $field["default"]);
+ echo ' <input type="radio" name="fields[' . $name . ']" id="' . $id . '" value="' . ($i+1) . '"' . ($checked ? ' checked="checked"' : '') . ' /><label for="' . $id . '">' . htmlspecialchars(str_replace("''", "'", $val)) . '</label>';
+ }
+ if ($field["null"]) {
+ $id = "field-$name-";
+ echo '<input type="radio" name="fields[' . $name . ']" id="' . $id . '" value=""' . (strlen($value) ? '' : ' checked="checked"') . ' /><label for="' . $id . '">' . lang('NULL') . '</label> ';
}
- echo "</td></tr>\n";
+ } elseif ($field["type"] == "set") { //! 64 bits
+ preg_match_all("~'((?:[^']*|'')+)'~", $field["length"], $matches);
+ foreach ($matches[1] as $i => $val) {
+ $id = "$name-" . ($i+1);
+ $checked = (isset($data) ? ($value >> $i) & 1 : in_array(str_replace("''", "'", $val), explode(",", $field["default"]), true));
+ echo ' <input type="checkbox" name="fields[' . $name . '][' . $i . ']" id="' . $id . '" value="' . (1 << $i) . '"' . ($checked ? ' checked="checked"' : '') . ' /><label for="' . $id . '">' . htmlspecialchars(str_replace("''", "'", $val)) . '</label>';
+ }
+ } elseif (strpos($field["type"], "text") !== false) {
+ echo '<textarea name="fields[' . $name . ']" cols="50" rows="12">' . htmlspecialchars($value) . '</textarea>';
+ } elseif (preg_match('~binary|blob~', $field["type"])) {
+ echo (ini_get("file_uploads") ? '<input type="file" name="' . $name . '" />' : lang('File uploads are disabled.') . ' ');
+ } else { //! binary
+ echo '<input name="fields[' . $name . ']" value="' . htmlspecialchars($value) . '"' . (strlen($field["length"]) ? " maxlength='$field[length]'" : ($types[$field["type"]] ? " maxlength='" . $types[$field["type"]] . "'" : '')) . ' />';
+ }
+ if ($field["null"] && preg_match('~char|text|set|binary|blob~', $field["type"])) {
+ echo '<input type="checkbox" name="null[' . $name . ']" value="1" id="null-' . $name . '"' . (isset($value) ? '' : ' checked="checked"') . ' /><label for="null-' . $name . '">' . lang('NULL') . '</label>';
}
+ echo "</td></tr>\n";
}
?>
</table>
-<p><input type="hidden" name="sent" value="1" /></th><td><input type="submit" value="<?php echo lang('Save'); ?>" /> <input type="submit" name="insert" value="<?php echo lang('Save and insert'); ?>" /><?php if ($where) { ?> <input type="submit" name="delete" value="<?php echo lang('Delete'); ?>" /><?php } ?></p>
+<p>
+<input type="hidden" name="token" value="<?php echo $token; ?>" />
+<?php if ($save_possible) { ?>
+<input type="submit" value="<?php echo lang('Save'); ?>" />
+<?php if (!isset($_GET["default"])) { ?><input type="submit" name="insert" value="<?php echo lang('Save and insert'); ?>" /><?php } ?>
+<?php } ?>
+<?php if ($where) { ?> <input type="submit" name="delete" value="<?php echo lang('Delete'); ?>" /><?php } ?>
+</p>
</form>
"unsigned" => ltrim($match[3] . $match[4]),
"default" => $row["Default"],
"null" => ($row["Null"] == "YES"),
- "extra" => $row["Extra"],
+ "auto_increment" => ($row["Extra"] == "auto_increment"),
"collation" => $row["Collation"],
- "privileges" => explode(",", $row["Privileges"]),
+ "privileges" => array_flip(explode(",", $row["Privileges"])),
+ "comment" => $row["Comment"],
);
}
mysql_free_result($result);
if (!isset($row[$key])) {
continue 2;
}
- $return[] = urlencode("where[$key]") . "=" . urlencode($row[$key]);
+ $return[] = urlencode("where[" . bracket_escape($key) . "]") . "=" . urlencode($row[$key]);
}
return $return;
}
}
$return = array();
foreach ($row as $key => $val) {
- $return[] = (isset($val) ? urlencode("where[$key]") . "=" . urlencode($val) : "null%5B%5D=" . urlencode($key));
+ $return[] = (isset($val) ? urlencode("where[" . bracket_escape($key) . "]") . "=" . urlencode($val) : "null%5B%5D=" . urlencode($key));
+ }
+ return $return;
+}
+
+function where() {
+ $return = array();
+ foreach ((array) $_GET["where"] as $key => $val) {
+ $return[] = idf_escape(bracket_escape($key, "back")) . " = BINARY '" . mysql_real_escape_string($val) . "'"; //! enum and set
+ }
+ foreach ((array) $_GET["null"] as $key) {
+ $return[] = idf_escape(bracket_escape($key, "back")) . " IS NULL";
}
return $return;
}
return $return;
}
-function redirect($location, $message = null) {
- if (isset($message)) {
- $_SESSION["message"] = $message;
- }
- if (strlen(SID)) {
- $location .= (strpos($location, "?") === false ? "?" : "&") . SID;
- }
- header("Location: " . (strlen($location) ? $location : "."));
- exit;
-}
-
function types() {
return array(
"tinyint" => 3, "smallint" => 5, "mediumint" => 8, "int" => 10, "bigint" => 20,
);
}
+function token() {
+ return ($GLOBALS["TOKENS"][] = rand(1, 1e6));
+}
+
+function token_delete() {
+ if ($_POST["token"] && ($pos = array_search($_POST["token"], (array) $GLOBALS["TOKENS"])) !== false) {
+ unset($GLOBALS["TOKENS"][$pos]);
+ return true;
+ }
+ return false;
+}
+
+function redirect($location, $message = null) {
+ if (isset($message)) {
+ $_SESSION["message"] = $message;
+ }
+ token_delete();
+ if (strlen(SID)) {
+ $location .= (strpos($location, "?") === false ? "?" : "&") . SID;
+ }
+ header("Location: " . (strlen($location) ? $location : "."));
+ exit;
+}
+
+function get_file($key) {
+ if (isset($_POST["files"][$key])) {
+ $length = strlen($_POST["files"][$key]);
+ return ($length & $length < 4 ? intval($_POST["files"][$key]) : base64_decode($_POST["files"][$key]));
+ }
+ return (!$_FILES[$key] || $_FILES[$key]["error"] ? $_FILES[$key]["error"] : file_get_contents($_FILES[$key]["tmp_name"]));
+}
+
+function select($result) {
+ if (!mysql_num_rows($result)) {
+ echo "<p class='message'>" . lang('No rows.') . "</p>\n";
+ } else {
+ echo "<table border='1' cellspacing='0' cellpadding='2'>\n";
+ for ($i=0; $row = mysql_fetch_row($result); $i++) {
+ if (!$i) {
+ echo "<thead><tr>";
+ $links = array();
+ $indexes = array();
+ $columns = array();
+ $blobs = array();
+ for ($j=0; $j < count($row); $j++) {
+ $field = mysql_fetch_field($result, $j);
+ if (strlen($field->table) && $field->primary_key) {
+ $links[$j] = $field->table;
+ if (!isset($indexes[$field->table])) {
+ $indexes[$field->table] = array();
+ foreach (indexes($field->table) as $index) {
+ if ($index["type"] == "PRIMARY") {
+ $indexes[$field->table] = array_flip($index["columns"]);
+ break;
+ }
+ }
+ $columns[$field->table] = $indexes[$field->table];
+ }
+ unset($columns[$field->table][$field->name]);
+ $indexes[$field->table][$field->name] = $j;
+ $links[$j] = $field->table;
+ }
+ if ($field->blob) {
+ $blobs[$j] = true;
+ }
+ echo "<th>" . htmlspecialchars($field->name) . "</th>";
+ }
+ echo "</tr></thead>\n";
+ }
+ echo "<tr>";
+ foreach ($row as $key => $val) {
+ if (!isset($val)) {
+ $val = "<i>NULL</i>";
+ } else {
+ $val = ($blobs[$key] && preg_match('~[\\x80-\\xFF]~', $val) ? "<i>" . lang('%d byte(s)', strlen($val)) . "</i>" : (trim($val) ? nl2br(htmlspecialchars($val)) : " "));
+ if (isset($links[$key]) && !$columns[$links[$key]]) {
+ $link = "edit=" . urlencode($links[$key]);
+ foreach ($indexes[$links[$key]] as $col => $j) {
+ $link .= "&where" . urlencode("[" . bracket_escape($col) . "]") . "=" . urlencode($row[$j]);
+ }
+ $val = '<a href="' . htmlspecialchars($SELF) . $link . '">' . $val . '</a>';
+ }
+ }
+ echo "<td>$val</td>";
+ }
+ echo "</tr>\n";
+ }
+ echo "</table>\n";
+ }
+}
+
if (get_magic_quotes_gpc()) {
$process = array(&$_GET, &$_POST);
while (list($key, $val) = each($process)) {
session_start();
error_reporting(E_ALL & ~E_NOTICE);
$SELF = preg_replace('~^[^?]*/([^?]*).*~', '\\1?', $_SERVER["REQUEST_URI"]) . (strlen($_GET["server"]) ? 'server=' . urlencode($_GET["server"]) . '&' : '') . (strlen($_GET["db"]) ? 'db=' . urlencode($_GET["db"]) . '&' : '');
+$TOKENS = &$_SESSION["tokens"][$_GET["server"]][preg_replace('~([?&]sql=)upload~', '\\1', $_SERVER["REQUEST_URI"])];
include "./lang.inc.php";
include "./functions.inc.php";
include "./design.inc.php";
if (isset($_GET["dump"])) {
include "./dump.inc.php";
+} elseif (isset($_GET["download"])) {
+ include "./download.inc.php";
} else {
if (isset($_GET["table"])) {
include "./table.inc.php";
} elseif (isset($_GET["view"])) {
include "./view.inc.php";
} else {
- $params = preg_replace('~.*\\?~', '', $_SERVER["REQUEST_URI"]);
if ($_POST) {
- $error = (in_array($_POST["token"], (array) $_SESSION["tokens"][$params]) ? "" : lang('Invalid CSRF token.'));
- }
- if ($_POST && !$error) {
- $token = $_POST["token"];
- } else {
- $token = rand(1, 1e6);
- $_SESSION["tokens"][$params][] = $token;
+ $error = (in_array($_POST["token"], (array) $TOKENS) ? "" : lang('Invalid CSRF token. Send the form again.'));
}
+ $token = ($_POST && !$error ? $_POST["token"] : token());
if (isset($_GET["sql"])) {
include "./sql.inc.php";
} elseif (isset($_GET["edit"])) {
} elseif (isset($_GET["database"])) {
include "./database.inc.php";
} else {
- unset($_SESSION["tokens"][$params]);
+ $TOKENS = array();
page_header(htmlspecialchars(lang('Database') . ": " . $_GET["db"]));
echo '<p><a href="' . htmlspecialchars($SELF) . 'database=">' . lang('Alter database') . "</a></p>\n";
if (mysql_get_server_info() >= 5) {
while ($row = mysql_fetch_assoc($result)) {
echo "<tr valign='top'>";
echo "<th>" . htmlspecialchars($row["ROUTINE_TYPE"]) . "</th>";
- echo "<th>" . htmlspecialchars($row["ROUTINE_NAME"]) . "</th>"; //! parameters from SHOW CREATE {PROCEDURE|FUNCTION}
+ echo "<td>" . htmlspecialchars($row["ROUTINE_NAME"]) . "</td>"; //! parameters from SHOW CREATE {PROCEDURE|FUNCTION}
echo "<td><pre>" . htmlspecialchars($row["ROUTINE_DEFINITION"]) . "</pre></td>";
echo "</tr>\n";
}
$index_types = array("PRIMARY", "UNIQUE", "INDEX", "FULLTEXT");
$indexes = indexes($_GET["indexes"]);
$fields = array_keys(fields($_GET["indexes"]));
-if ($_POST && !$_POST["add"]) {
+if ($_POST && !$error && !$_POST["add"]) {
$alter = array();
foreach ($_POST["indexes"] as $index) {
if (in_array($index["type"], $index_types)) {
?>
<tr><td><select name="indexes[<?php echo $j; ?>][type]"><option></option><?php echo optionlist($index_types, array(), "not_vals"); ?></select></td><td><select name="indexes[<?php echo $j; ?>][columns][1]"><option></option><?php echo optionlist($fields, array(), "not_vals"); ?></select></td></tr>
</table>
-<p><input type="submit" value="<?php echo lang('Alter indexes'); ?>" /></p>
+<p><input type="hidden" name="token" value="<?php echo $token; ?>" /><input type="submit" value="<?php echo lang('Alter indexes'); ?>" /></p>
<p><input type="submit" name="add" value="<?php echo lang('Add next'); ?>" /></p>
</form>
<?php
+function get_lang() {
+ if (strlen($_SESSION["lang"])) {
+ return $_SESSION["lang"];
+ }
+ $langs = lang();
+ $return = preg_replace('~[,;].*~', '', $_SERVER["HTTP_ACCEPT_LANGUAGE"]);
+ if (!in_array($return, $langs)) { //! try next languages
+ $return = preg_replace('~-.*~', '', $return);
+ if (!in_array($return, $langs)) {
+ $return = "en";
+ }
+ }
+ return $return;
+}
+
function lang($idf = null) {
static $translations = array(
- 'en' => array(),
+ 'en' => array(
+ 'Query executed OK, %d row(s) affected.' => array('Query executed OK, %d row affected.', 'Query executed OK, %d rows affected.'),
+ '%d byte(s)' => array('%d byte', '%d bytes'),
+ ),
'cs' => array(
'Login' => 'Přihlásit se',
'phpMinAdmin' => 'phpMinAdmin',
'Type' => 'Typ',
'Length' => 'Délka',
'NULL' => 'NULL',
- 'Auto-increment' => 'Auto-increment',
+ 'Auto Increment' => 'Auto Increment',
'Options' => 'Volby',
'Add row' => 'Přidat řádek',
'Save' => 'Uložit',
'Action' => 'Akce',
'edit' => 'upravit',
'Page' => 'Stránka',
- 'Query executed OK, %d row(s) affected.' => 'PÅ™Ãkaz probÄ›hl v pořádku, bylo zmÄ›nÄ›no %d záznam(ů).',
+ 'Query executed OK, %d row(s) affected.' => array('PÅ™Ãkaz probÄ›hl v pořádku, byl zmÄ›nÄ›n %d záznam.', 'PÅ™Ãkaz probÄ›hl v pořádku, byly zmÄ›nÄ›ny %d záznamy.', 'PÅ™Ãkaz probÄ›hl v pořádku, bylo zmÄ›nÄ›no %d záznamů.'),
'Error in query' => 'Chyba v dotazu',
'Execute' => 'Provést',
'Table' => 'Tabulka',
'View' => 'Pohled',
'Unable to select the table' => 'Nepodařilo se vypsat tabulku',
'Unable to show the table definition' => 'NepodaÅ™ilo se zÃskat strukturu tabulky',
+ 'Invalid CSRF token. Send the form again.' => 'Neplatný token CSRF. Odešlete formulář znovu.',
+ 'Comment' => 'Komentář',
+ 'Default values has been set.' => 'Výchozà hodnoty byly nastaveny.',
+ 'Default values' => 'Výchozà hodnoty',
+ 'BOOL' => 'BOOL',
+ 'Show column comments' => 'Zobrazit komentáře sloupců',
+ '%d byte(s)' => array('%d bajt', '%d bajty', '%d bajtů'),
+ 'No commands to execute.' => 'Žádné pÅ™Ãkazy k vykonánÃ.',
+ 'Unable to upload a file.' => 'Nepodařilo se nahrát soubor.',
+ 'File upload' => 'Nahránà souboru',
+ 'File uploads are disabled.' => 'Nahrávánà souborů nenà povoleno.',
),
);
if (!isset($idf)) {
return array_keys($translations);
}
- if (strlen($_SESSION["lang"])) {
- $lang = $_SESSION["lang"];
- } else {
- $lang = preg_replace('~[,;].*~', '', $_SERVER["HTTP_ACCEPT_LANGUAGE"]);
- if (!isset($translations[$lang])) { //! try next languages
- $lang = preg_replace('~-.*~', '', $lang);
- if (!isset($translations[$lang])) {
- $lang = "en";
- }
+ $lang = get_lang();
+ $translation = $translations[$lang][$idf];
+ $args = func_get_args();
+ if (is_array($translation)) {
+ switch ($lang) {
+ case 'cs': $pos = ($args[1] == 1 ? 0 : (!$args[1] || $args[1] >= 5 ? 2 : 1)); break;
+ default: $pos = ($args[1] == 1 ? 0 : 1);
}
+ $translation = $translation[$pos];
}
- return (strlen($translations[$lang][$idf]) ? $translations[$lang][$idf] : $idf);
+ $args[0] = (strlen($translation) ? $translation : $idf);
+ return call_user_func_array('sprintf', $args);
}
function switch_lang() {
<?php
page_header(lang('Select') . ": " . htmlspecialchars($_GET["select"]));
-
-echo '<p><a href="' . htmlspecialchars($SELF) . 'edit=' . urlencode($_GET['select']) . '">' . lang('New item') . "</a></p>\n";
$fields = fields($_GET["select"]);
+$rights = array();
$columns = array();
foreach ($fields as $key => $field) {
- if (in_array("select", $field["privileges"])) {
+ if (isset($field["privileges"]["select"])) {
$columns[] = $key;
}
+ $rights += $field["privileges"];
+}
+
+if (isset($rights["insert"])) {
+ echo '<p><a href="' . htmlspecialchars($SELF) . 'edit=' . urlencode($_GET['select']) . '">' . lang('New item') . "</a></p>\n";
}
if (!$columns) {
echo "<p class='error'>" . lang('Unable to select the table') . ($fields ? "" : ": " . mysql_error()) . ".</p>\n";
} else {
+ $indexes = indexes($_GET["select"]);
echo "<form action='' id='form'>\n<fieldset><legend>" . lang('Search') . "</legend>\n";
if (strlen($_GET["server"])) {
echo '<input type="hidden" name="server" value="' . htmlspecialchars($_GET["server"]) . '" />';
echo "\n";
$where = array();
+ foreach ($indexes as $i => $index) {
+ if ($index["type"] == "FULLTEXT") {
+ if (strlen($_GET["fulltext"][$i])) {
+ $where[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST ('" . mysql_real_escape_string($_GET["fulltext"][$i]) . "'" . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
+ }
+ echo "(<i>" . implode("</i>, <i>", $index["columns"]) . "</i>) AGAINST";
+ echo ' <input name="fulltext[' . $i . ']" value="' . htmlspecialchars($_GET["fulltext"][$i]) . '" />';
+ echo "<input type='checkbox' name='boolean[$i]' value='1' id='boolean-$i'" . (isset($_GET["boolean"][$i]) ? " checked='checked'" : "") . " /><label for='boolean-$i'>" . lang('BOOL') . "</label>";
+ echo "<br />\n";
+ }
+ }
$operators = array("=", "<", ">", "<=", ">=", "!=", "LIKE", "REGEXP", "IS NULL");
$i = 0;
foreach ((array) $_GET["where"] as $val) {
echo "<div><select name='where[$i][col]'><option></option>" . optionlist($columns, array(), "not_vals") . "</select>";
echo "<select name='where[$i][op]' onchange=\"where_change(this);\">" . optionlist($operators, array(), "not_vals") . "</select>";
echo "<input name='where[$i][val]' /></div>\n"; //! JavaScript for adding next
- //! fulltext search
echo "</fieldset>\n";
echo "<fieldset><legend>" . lang('Sort') . "</legend>\n";
$i = 0;
foreach ((array) $_GET["order"] as $key => $val) {
if (in_array($val, $columns, true)) {
- $desc = in_array($key, (array) $_GET["desc"]);
- $order[] = idf_escape($val) . ($desc ? " DESC" : "");
+ $order[] = idf_escape($val) . (isset($_GET["desc"][$key]) ? " DESC" : "");
echo "<div><select name='order[$i]'><option></option>" . optionlist($columns, $val, "not_vals") . "</select>";
- echo "<input type='checkbox' name='desc[]' value='$i' id='desc-$i'" . ($desc ? " checked='checked'" : "") . " /><label for='desc-$i'>" . lang('DESC') . "</label></div>\n";
+ echo "<input type='checkbox' name='desc[$i]' value='1' id='desc-$i'" . (isset($_GET["desc"][$key]) ? " checked='checked'" : "") . " /><label for='desc-$i'>" . lang('DESC') . "</label></div>\n";
$i++;
}
}
echo "<div><select name='order[$i]'><option></option>" . optionlist($columns, array(), "not_vals") . "</select>";
- echo "<input type='checkbox' name='desc[]' value='$i' id='desc-$i' /><label for='desc-$i'>" . lang('DESC') . "</label></div>\n";
+ echo "<input type='checkbox' name='desc[$i]' value='1' id='desc-$i' /><label for='desc-$i'>" . lang('DESC') . "</label></div>\n";
echo "</fieldset>\n";
echo "<fieldset><legend>" . lang('Limit') . "</legend>\n";
echo "<p class='message'>" . lang('No rows.') . "</p>\n";
} else {
$found_rows = mysql_result(mysql_query(" SELECT FOUND_ROWS()"), 0); // space for mysql.trace_mode
- $indexes = indexes($_GET["select"]);
$foreign_keys = array();
foreach (foreign_keys($_GET["select"]) as $foreign_key) {
foreach ($foreign_key[2] as $val) {
$foreign_keys[$val][] = $foreign_key;
}
}
- $childs = array(); //! use foreign_keys() in MySQL < 5
- $result1 = mysql_query("SELECT * FROM information_schema.KEY_COLUMN_USAGE WHERE REFERENCED_TABLE_SCHEMA = '" . mysql_real_escape_string($_GET["db"]) . "' AND REFERENCED_TABLE_NAME = '" . mysql_real_escape_string($_GET["select"]) . "' ORDER BY ORDINAL_POSITION");
- while ($row1 = mysql_fetch_assoc($result1)) {
- $childs[$row1["CONSTRAINT_NAME"]][0] = $row1["TABLE_SCHEMA"];
- $childs[$row1["CONSTRAINT_NAME"]][1] = $row1["TABLE_NAME"];
- $childs[$row1["CONSTRAINT_NAME"]][2][] = $row1["REFERENCED_COLUMN_NAME"];
- $childs[$row1["CONSTRAINT_NAME"]][3][] = $row1["COLUMN_NAME"];
+ $childs = array();
+ if (mysql_get_server_info() >= 5) {
+ // would be possible in earlier versions too, but only by examining all tables (in all databases)
+ $result1 = mysql_query("SELECT * FROM information_schema.KEY_COLUMN_USAGE WHERE REFERENCED_TABLE_SCHEMA = '" . mysql_real_escape_string($_GET["db"]) . "' AND REFERENCED_TABLE_NAME = '" . mysql_real_escape_string($_GET["select"]) . "' ORDER BY ORDINAL_POSITION");
+ while ($row1 = mysql_fetch_assoc($result1)) {
+ $childs[$row1["CONSTRAINT_NAME"]][0] = $row1["TABLE_SCHEMA"];
+ $childs[$row1["CONSTRAINT_NAME"]][1] = $row1["TABLE_NAME"];
+ $childs[$row1["CONSTRAINT_NAME"]][2][] = $row1["REFERENCED_COLUMN_NAME"];
+ $childs[$row1["CONSTRAINT_NAME"]][3][] = $row1["COLUMN_NAME"];
+ }
+ mysql_free_result($result1);
}
- mysql_free_result($result1);
echo "<table border='1' cellspacing='0' cellpadding='2'>\n";
for ($j=0; $row = mysql_fetch_assoc($result); $j++) {
echo "<thead><tr><th>" . implode("</th><th>", array_map('htmlspecialchars', array_keys($row))) . "</th><th>" . lang('Action') . "</th></tr></thead>\n";
}
echo "<tr>";
+ $unique_idf = '&' . implode('&', unique_idf($row, $indexes));
foreach ($row as $key => $val) {
if (!isset($val)) {
$val = "<i>NULL</i>";
+ } elseif (preg_match('~blob|binary~', $fields[$key]["type"]) && preg_match('~[\\x80-\\xFF]~', $val)) {
+ $val = '<a href="' . htmlspecialchars($SELF) . 'download=' . urlencode($_GET["select"]) . '&field=' . urlencode($key) . $unique_idf . '">' . lang('%d byte(s)', strlen($val)) . '</a>';
} else {
$val = (strlen(trim($val)) ? nl2br(htmlspecialchars($val)) : " ");
foreach ((array) $foreign_keys[$key] as $foreign_key) {
if (count($foreign_keys[$key]) == 1 || count($foreign_key[2]) == 1) {
$val = '">' . "$val</a>";
foreach ($foreign_key[2] as $i => $source) {
- $val = "&where[$i][col]=" . urlencode($foreign_key[3][$i]) . "&where[$i][op]=%3D&where[$i][val]=" . urlencode($row[$source]) . $val;
+ $val = "&where%5B$i%5D%5Bcol%5D=" . urlencode($foreign_key[3][$i]) . "&where%5B$i%5D%5Bop%5D=%3D&where%5B$i%5D%5Bval%5D=" . urlencode($row[$source]) . $val;
}
$val = '<a href="' . htmlspecialchars(strlen($foreign_key[0]) ? preg_replace('~([?&]db=)[^&]+~', '\\1' . urlencode($foreign_key[0]), $SELF) : $SELF) . 'select=' . htmlspecialchars($foreign_key[1]) . $val; // InnoDB support non-UNIQUE keys
break;
}
echo "<td>$val</td>";
}
- echo '<td><a href="' . htmlspecialchars($SELF) . 'edit=' . urlencode($_GET['select']) . '&' . implode('&', unique_idf($row, $indexes)) . '">' . lang('edit') . '</a>'; //! views can be unupdatable
+ echo '<td><a href="' . htmlspecialchars($SELF) . 'edit=' . urlencode($_GET['select']) . $unique_idf . '">' . lang('edit') . '</a>';
foreach ($childs as $child) {
echo ' <a href="' . htmlspecialchars(strlen($child[0]) ? preg_replace('~([?&]db=)[^&]+~', '\\1' . urlencode($child[0]), $SELF) : $SELF) . 'select=' . urlencode($child[1]);
foreach ($child[2] as $i => $source) {
}
echo '">' . htmlspecialchars($child[1]) . '</a>';
}
- echo "</td>";
+ echo '</td>';
echo "</tr>\n";
}
echo "</table>\n";
<?php
-if ($_POST) {
- $result = mysql_query($_POST["query"]); //! multiple commands
- if ($result === true) {
- redirect($SELF . "sql=", sprintf(lang('Query executed OK, %d row(s) affected.'), mysql_affected_rows()));
- }
- $error = mysql_error();
-}
page_header(lang('SQL command'));
-if ($_POST) {
- if (!$result) {
- echo "<p class='error'>" . lang('Error in query') . ": " . htmlspecialchars($error) . "</p>\n";
- } else {
- if (!mysql_num_rows($result)) {
- echo "<p class='message'>" . lang('No rows.') . "</p>\n";
- } else {
- echo "<table border='1' cellspacing='0' cellpadding='2'>\n";
- for ($i=0; $row = mysql_fetch_assoc($result); $i++) {
- if (!$i) {
- echo "<thead><tr><th>" . implode("</th><th>", array_map('htmlspecialchars', array_keys($row))) . "</th></tr></thead>\n";
+if ($_POST && $error) {
+ echo "<p class='error'>$error</p>\n";
+} elseif ($_POST && is_string($query = (isset($_POST["query"]) ? $_POST["query"] : get_file("sql_file")))) {
+ $delimiter = ";";
+ $offset = 0;
+ $empty = true;
+ while (rtrim($query)) {
+ if (!$offset && preg_match('~^\\s*DELIMITER\\s+(.+)~i', $query, $match)) {
+ $delimiter = preg_quote($match[1], '~');
+ $query = substr($query, strlen($match[0]));
+ } elseif (preg_match("~$delimiter|['`\"]|\$~", $query, $match, PREG_OFFSET_CAPTURE, $offset)) {
+ if ($match[0][0] && $match[0][0] != $delimiter) {
+ preg_match('~\\G([^\\\\' . $match[0][0] . ']*|\\\\.)+(' . $match[0][0] . '|$)~s', $query, $match, PREG_OFFSET_CAPTURE, $match[0][1] + 1);
+ $offset = $match[0][1] + strlen($match[0][0]);
+ } else {
+ $empty = false;
+ echo "<pre>" . htmlspecialchars(substr($query, 0, $match[0][1])) . "</pre>\n";
+ $result = mysql_query(substr($query, 0, $match[0][1]));
+ $query = substr($query, $match[0][1] + strlen($match[0][0]));
+ $offset = 0;
+ if (!$result) {
+ echo "<p class='error'>" . lang('Error in query') . ": " . htmlspecialchars(mysql_error()) . "</p>\n";
+ } elseif ($result === true) {
+ //~ if (token_delete()) {
+ //~ $token = token();
+ //~ }
+ echo "<p class='message'>" . lang('Query executed OK, %d row(s) affected.', mysql_affected_rows()) . "</p>\n";
+ } else {
+ select($result);
+ mysql_free_result($result);
}
- echo "<tr>";
- foreach ($row as $val) {
- echo "<td>" . (isset($val) ? nl2br(htmlspecialchars($val)) : "<i>NULL</i>") . "</td>";
- }
- echo "</tr>\n";
}
- echo "</table>\n";
}
- mysql_free_result($result);
}
+ if ($empty) {
+ echo "<p class='message'>" . lang('No commands to execute.') . "</p>\n";
+ }
+} elseif ($_GET["sql"] == "upload") {
+ echo "<p class='error'>" . lang('Unable to upload a file.') . "</p>\n";
}
?>
-<form action="" method="post">
+<form action="<?php echo htmlspecialchars($SELF); ?>sql=" method="post">
<p><textarea name="query" rows="20" cols="80"><?php echo htmlspecialchars($_POST["query"]); ?></textarea></p>
-<p><input type="submit" value="<?php echo lang('Execute'); ?>" /></p>
+<p><input type="hidden" name="token" value="<?php echo $token; ?>" /><input type="submit" value="<?php echo lang('Execute'); ?>" /></p>
+</form>
+
+<?php
+if (!ini_get("file_uploads")) {
+ echo "<p>" . lang('File uploads are disabled.') . "</p>\n";
+} else { ?>
+<form action="<?php echo htmlspecialchars($SELF); ?>sql=upload" method="post" enctype="multipart/form-data">
+<p>
+<?php echo lang('File upload'); ?>: <input type="file" name="sql_file" />
+<input type="hidden" name="token" value="<?php echo $token; ?>" />
+<input type="submit" value="<?php echo lang('Execute'); ?>" />
+</p>
</form>
+<?php } ?>
if (!$result) {
echo "<p class='error'>" . lang('Unable to show the table definition') . ": " . mysql_error() . ".</p>\n";
} else {
+ $auto_increment_only = true;
echo "<table border='1' cellspacing='0' cellpadding='2'>\n";
while ($row = mysql_fetch_assoc($result)) {
+ if (!$row["auto_increment"]) {
+ $auto_increment_only = false;
+ }
echo "<tr><th>" . htmlspecialchars($row["Field"]) . "</th><td>$row[Type]" . ($row["Null"] == "YES" ? " <i>NULL</i>" : "") . "</td></tr>\n";
}
echo "</table>\n";
mysql_free_result($result);
- echo '<p><a href="' . htmlspecialchars($SELF) . 'create=' . urlencode($_GET["table"]) . '">' . lang('Alter table') . "</a></p>\n";
+
+ echo "<p>";
+ echo '<a href="' . htmlspecialchars($SELF) . 'create=' . urlencode($_GET["table"]) . '">' . lang('Alter table') . '</a>';
+ echo ($auto_increment_only ? '' : ' <a href="' . htmlspecialchars($SELF) . 'edit=' . urlencode($_GET["table"]) . '&default=">' . lang('Default values') . '</a>');
+ echo "</p>\n";
echo "<h3>" . lang('Indexes') . "</h3>\n";
$indexes = indexes($_GET["table"]);
echo "<h3>" . lang('Foreign keys') . "</h3>\n";
echo "<table border='1' cellspacing='0' cellpadding='2'>\n";
foreach ($foreign_keys as $foreign_key) {
- echo "<tr><td><em>" . implode("</em>, <em>", $foreign_key[2]) . "</em></td><td>" . (strlen($foreign_key[0]) && $foreign_key[0] !== $_GET["db"] ? "<strong>" . htmlspecialchars($foreign_key[0]) . "</strong>." : "") . htmlspecialchars($foreign_key[1]) . "(<em>" . implode("</em>, <em>", $foreign_key[3]) . "</em>)</td></tr>\n";
+ echo "<tr><td><i>" . implode("</i>, <i>", $foreign_key[2]) . "</i></td><td>" . (strlen($foreign_key[0]) && $foreign_key[0] !== $_GET["db"] ? "<strong>" . htmlspecialchars($foreign_key[0]) . "</strong>." : "") . htmlspecialchars($foreign_key[1]) . "(<em>" . implode("</em>, <em>", $foreign_key[3]) . "</em>)</td></tr>\n";
}
echo "</table>\n";
}
<?php
page_header(lang('View') . ": " . htmlspecialchars($_GET["view"]));
-echo htmlspecialchars(mysql_result(mysql_query("SHOW CREATE VIEW " . idf_escape($_GET["view"])), 0, 1));
+echo "<pre>" . htmlspecialchars(mysql_result(mysql_query("SHOW CREATE VIEW " . idf_escape($_GET["view"])), 0, 1)) . "</pre>\n";
projects / adminer.git / commitdiff