// minification compatibility end
}
- $mysql = new Min_MySQLi;
+ $dbh = new Min_MySQLi;
} elseif (extension_loaded("mysql")) {
class Min_MySQL {
}
}
- $mysql = new Min_MySQL;
+ $dbh = new Min_MySQL;
} elseif (extension_loaded("pdo_mysql")) {
class Min_PDO_MySQL extends PDO {
}
}
- $mysql = new Min_PDO_MySQL;
+ $dbh = new Min_PDO_MySQL;
} else {
page_header(lang('No MySQL extension'), lang('None of supported PHP extensions (%s) are available.', 'MySQLi, MySQL, PDO_MySQL'), null);
if (!isset($username)) {
$username = $_GET["username"];
}
-if (!isset($username) || !$mysql->connect($_GET["server"], $username, $_SESSION["passwords"][$_GET["server"]])) {
+if (!isset($username) || !$dbh->connect($_GET["server"], $username, $_SESSION["passwords"][$_GET["server"]])) {
auth_error();
exit;
}
$val = "''";
}
if (isset($out[$key])) {
- $mysql->query("SET @" . idf_escape($field["field"]) . " = " . $val);
+ $dbh->query("SET @" . idf_escape($field["field"]) . " = " . $val);
}
}
$call[] = (isset($out[$key]) ? "@" . idf_escape($field["field"]) : $val);
}
- $result = $mysql->multi_query((isset($_GET["callf"]) ? "SELECT" : "CALL") . " " . idf_escape($_GET["call"]) . "(" . implode(", ", $call) . ")");
+ $result = $dbh->multi_query((isset($_GET["callf"]) ? "SELECT" : "CALL") . " " . idf_escape($_GET["call"]) . "(" . implode(", ", $call) . ")");
if (!$result) {
- echo "<p class='error'>" . htmlspecialchars($mysql->error) . "</p>\n";
+ echo "<p class='error'>" . htmlspecialchars($dbh->error) . "</p>\n";
} else {
do {
- $result = $mysql->store_result();
+ $result = $dbh->store_result();
if (is_object($result)) {
select($result);
} else {
- echo "<p class='message'>" . lang('Routine has been called, %d row(s) affected.', $mysql->affected_rows) . "</p>\n";
+ echo "<p class='message'>" . lang('Routine has been called, %d row(s) affected.', $dbh->affected_rows) . "</p>\n";
}
- } while ($mysql->next_result());
+ } while ($dbh->next_result());
if ($out) {
- select($mysql->query("SELECT " . implode(", ", $out)));
+ select($dbh->query("SELECT " . implode(", ", $out)));
}
}
}
<?php
-$mysql->query("SET SQL_QUOTE_SHOW_CREATE=1");
-if (!(strlen($_GET["db"]) ? $mysql->select_db($_GET["db"]) : isset($_GET["sql"]) || isset($_GET["dump"]) || isset($_GET["database"]) || isset($_GET["processlist"]) || isset($_GET["privileges"]) || isset($_GET["user"]))) {
+$dbh->query("SET SQL_QUOTE_SHOW_CREATE=1");
+if (!(strlen($_GET["db"]) ? $dbh->select_db($_GET["db"]) : isset($_GET["sql"]) || isset($_GET["dump"]) || isset($_GET["database"]) || isset($_GET["processlist"]) || isset($_GET["privileges"]) || isset($_GET["user"]))) {
if (strlen($_GET["db"])) {
unset($_SESSION["databases"][$_GET["server"]]);
}
echo '<p><a href="' . htmlspecialchars($SELF) . 'database=">' . lang('Create new database') . "</a></p>\n";
echo '<p><a href="' . htmlspecialchars($SELF) . 'privileges=">' . lang('Privileges') . "</a></p>\n";
echo '<p><a href="' . htmlspecialchars($SELF) . 'processlist=">' . lang('Process list') . "</a></p>\n";
- echo "<p>" . lang('MySQL version: %s through PHP extension %s', "<b" . ($mysql->server_info < 4.1 ? " class='binary'" : "") . ">$mysql->server_info</b>", "<b>$mysql->extension</b>") . "</p>\n";
- echo "<p>" . lang('Logged as: %s', "<b>" . htmlspecialchars($mysql->result($mysql->query("SELECT USER()"))) . "</b>") . "</p>\n";
+ echo "<p>" . lang('MySQL version: %s through PHP extension %s', "<b" . ($dbh->server_info < 4.1 ? " class='binary'" : "") . ">$dbh->server_info</b>", "<b>$dbh->extension</b>") . "</p>\n";
+ echo "<p>" . lang('Logged as: %s', "<b>" . htmlspecialchars($dbh->result($dbh->query("SELECT USER()"))) . "</b>") . "</p>\n";
}
page_footer("db");
exit;
}
-$mysql->query("SET CHARACTER SET utf8");
+$dbh->query("SET CHARACTER SET utf8");
$fields[] = (!strlen($_GET["create"]) ? "" : (strlen($field["orig"]) ? "CHANGE " . idf_escape($field["orig"]) . " " : "ADD "))
. idf_escape($field["field"]) . process_type($field)
. ($field["null"] ? " NULL" : " NOT NULL") // NULL for timestamp
- . (strlen($_GET["create"]) && strlen($field["orig"]) && isset($orig_fields[$field["orig"]]["default"]) && $field["type"] != "timestamp" ? " DEFAULT '" . $mysql->escape_string($orig_fields[$field["orig"]]["default"]) . "'" : "") //! timestamp
+ . (strlen($_GET["create"]) && strlen($field["orig"]) && isset($orig_fields[$field["orig"]]["default"]) && $field["type"] != "timestamp" ? " DEFAULT '" . $dbh->escape_string($orig_fields[$field["orig"]]["default"]) . "'" : "") //! timestamp
. ($key == $_POST["auto_increment_col"] ? " AUTO_INCREMENT$auto_increment_index" : "")
- . " COMMENT '" . $mysql->escape_string($field["comment"]) . "'"
+ . " COMMENT '" . $dbh->escape_string($field["comment"]) . "'"
. (strlen($_GET["create"]) ? " $after" : "")
;
$after = "AFTER " . idf_escape($field["field"]);
$fields[] = "DROP " . idf_escape($field["orig"]);
}
}
- $status = ($_POST["Engine"] ? " ENGINE='" . $mysql->escape_string($_POST["Engine"]) . "'" : "")
- . ($_POST["Collation"] ? " COLLATE '" . $mysql->escape_string($_POST["Collation"]) . "'" : "")
+ $status = ($_POST["Engine"] ? " ENGINE='" . $dbh->escape_string($_POST["Engine"]) . "'" : "")
+ . ($_POST["Collation"] ? " COLLATE '" . $dbh->escape_string($_POST["Collation"]) . "'" : "")
. (strlen($_POST["Auto_increment"]) ? " AUTO_INCREMENT=" . intval($_POST["Auto_increment"]) : "")
- . " COMMENT='" . $mysql->escape_string($_POST["Comment"]) . "'"
+ . " COMMENT='" . $dbh->escape_string($_POST["Comment"]) . "'"
;
if (in_array($_POST["partition_by"], $partition_by)) {
$partitions = array();
}
}
$status .= " PARTITION BY $_POST[partition_by]($_POST[partition])" . ($partitions ? " (" . implode(", ", $partitions) . ")" : ($_POST["partitions"] ? " PARTITIONS " . intval($_POST["partitions"]) : ""));
- } elseif ($mysql->server_info >= 5.1 && strlen($_GET["create"])) {
+ } elseif ($dbh->server_info >= 5.1 && strlen($_GET["create"])) {
$status .= " REMOVE PARTITIONING";
}
$location = $SELF . "table=" . urlencode($_POST["name"]);
page_header((strlen($_GET["create"]) ? lang('Alter table') : lang('Create table')), $error, array("table" => $_GET["create"]), $_GET["create"]);
$engines = array();
-$result = $mysql->query("SHOW ENGINES");
+$result = $dbh->query("SHOW ENGINES");
while ($row = $result->fetch_assoc()) {
if ($row["Support"] == "YES" || $row["Support"] == "DEFAULT") {
$engines[] = $row["Engine"];
table_comment($row);
$row["name"] = $_GET["create"];
$row["fields"] = array_values($orig_fields);
- if ($mysql->server_info >= 5.1) {
- $from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = '" . $mysql->escape_string($_GET["db"]) . "' AND TABLE_NAME = '" . $mysql->escape_string($_GET["create"]) . "'";
- $result = $mysql->query("SELECT PARTITION_METHOD, PARTITION_ORDINAL_POSITION, PARTITION_EXPRESSION $from ORDER BY PARTITION_ORDINAL_POSITION DESC LIMIT 1");
+ if ($dbh->server_info >= 5.1) {
+ $from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = '" . $dbh->escape_string($_GET["db"]) . "' AND TABLE_NAME = '" . $dbh->escape_string($_GET["create"]) . "'";
+ $result = $dbh->query("SELECT PARTITION_METHOD, PARTITION_ORDINAL_POSITION, PARTITION_EXPRESSION $from ORDER BY PARTITION_ORDINAL_POSITION DESC LIMIT 1");
list($row["partition_by"], $row["partitions"], $row["partition"]) = $result->fetch_row();
$result->free();
$row["partition_names"] = array();
$row["partition_values"] = array();
- $result = $mysql->query("SELECT PARTITION_NAME, PARTITION_DESCRIPTION $from AND PARTITION_NAME != '' ORDER BY PARTITION_ORDINAL_POSITION");
+ $result = $dbh->query("SELECT PARTITION_NAME, PARTITION_DESCRIPTION $from AND PARTITION_NAME != '' ORDER BY PARTITION_ORDINAL_POSITION");
while ($row1 = $result->fetch_assoc()) {
$row["partition_names"][] = $row1["PARTITION_NAME"];
$row["partition_values"][] = $row1["PARTITION_DESCRIPTION"];
<?php if (strlen($_GET["create"])) { ?><input type="submit" name="drop" value="<?php echo lang('Drop'); ?>"<?php echo $confirm; ?> /><?php } ?>
</p>
<?php
-if ($mysql->server_info >= 5.1) {
+if ($dbh->server_info >= 5.1) {
$partition_table = ereg('RANGE|LIST', $row["partition_by"]);
?>
<fieldset><legend><?php echo lang('Partition by'); ?></legend>
query_redirect("DROP DATABASE " . idf_escape($_GET["db"]), substr(preg_replace('~db=[^&]*&~', '', $SELF), 0, -1), lang('Database has been dropped.'));
} elseif ($_GET["db"] !== $_POST["name"]) {
unset($_SESSION["databases"][$_GET["server"]]);
- if (query_redirect("CREATE DATABASE " . idf_escape($_POST["name"]) . ($_POST["collation"] ? " COLLATE '" . $mysql->escape_string($_POST["collation"]) . "'" : ""), $SELF . "db=" . urlencode($_POST["name"]), lang('Database has been created.'), !strlen($_GET["db"]))) {
- $result = $mysql->query("SHOW TABLES");
+ if (query_redirect("CREATE DATABASE " . idf_escape($_POST["name"]) . ($_POST["collation"] ? " COLLATE '" . $dbh->escape_string($_POST["collation"]) . "'" : ""), $SELF . "db=" . urlencode($_POST["name"]), lang('Database has been created.'), !strlen($_GET["db"]))) {
+ $result = $dbh->query("SHOW TABLES");
while ($row = $result->fetch_row()) {
if (!queries("RENAME TABLE " . idf_escape($row[0]) . " TO " . idf_escape($_POST["name"]) . "." . idf_escape($row[0]))) {
break;
}
$result->free();
if (!$row) {
- $mysql->query("DROP DATABASE " . idf_escape($_GET["db"]));
+ $dbh->query("DROP DATABASE " . idf_escape($_GET["db"]));
}
query_redirect(queries(), preg_replace('~db=[^&]*&~', '', $SELF) . "db=" . urlencode($_POST["name"]), lang('Database has been renamed.'), !$row, false, $row);
}
if (!$_POST["collation"]) {
redirect(substr($SELF, 0, -1));
}
- query_redirect("ALTER DATABASE " . idf_escape($_POST["name"]) . " COLLATE '" . $mysql->escape_string($_POST["collation"]) . "'", substr($SELF, 0, -1), lang('Database has been altered.'));
+ query_redirect("ALTER DATABASE " . idf_escape($_POST["name"]) . " COLLATE '" . $dbh->escape_string($_POST["collation"]) . "'", substr($SELF, 0, -1), lang('Database has been altered.'));
}
}
page_header(strlen($_GET["db"]) ? lang('Alter database') : lang('Create database'), $error, array(), $_GET["db"]);
$collate = $_POST["collation"];
} else {
if (!strlen($_GET["db"])) {
- $result = $mysql->query("SHOW GRANTS");
+ $result = $dbh->query("SHOW GRANTS");
while ($row = $result->fetch_row()) {
if (preg_match('~ ON (`(([^\\\\`]+|``|\\\\.)*)%`\\.\\*)?~', $row[0], $match) && $match[1]) {
$name = stripcslashes(idf_unescape($match[2]));
}
}
$result->free();
- } elseif (($result = $mysql->query("SHOW CREATE DATABASE " . idf_escape($_GET["db"])))) {
- $create = $mysql->result($result, 1);
+ } elseif (($result = $dbh->query("SHOW CREATE DATABASE " . idf_escape($_GET["db"])))) {
+ $create = $dbh->result($result, 1);
if (preg_match('~ COLLATE ([^ ]+)~', $create, $match)) {
$collate = $match[1];
} elseif (preg_match('~ CHARACTER SET ([^ ]+)~', $create, $match)) {
}
function page_footer($missing = false) {
- global $SELF, $mysql;
+ global $SELF, $dbh;
?>
</div>
</form>
<?php
if ($missing != "db" && strlen($_GET["db"])) {
- $result = $mysql->query("SHOW TABLE STATUS");
+ $result = $dbh->query("SHOW TABLE STATUS");
if (!$result->num_rows) {
echo "<p class='message'>" . lang('No tables.') . "</p>\n";
} else {
<?php
header("Content-Type: application/octet-stream");
-echo $mysql->result($mysql->query("SELECT " . idf_escape($_GET["field"]) . " FROM " . idf_escape($_GET["download"]) . " WHERE " . implode(" AND ", where($_GET)) . " LIMIT 1"));
+echo $dbh->result($dbh->query("SELECT " . idf_escape($_GET["field"]) . " FROM " . idf_escape($_GET["download"]) . " WHERE " . implode(" AND ", where($_GET)) . " LIMIT 1"));
$max_packet = 1048576; // default, minimum is 1024
echo "SET NAMES utf8;\n";
echo "SET foreign_key_checks = 0;\n";
- echo "SET time_zone = '" . $mysql->escape_string($mysql->result($mysql->query("SELECT @@time_zone"))) . "';\n";
+ echo "SET time_zone = '" . $dbh->escape_string($dbh->result($dbh->query("SELECT @@time_zone"))) . "';\n";
echo "\n";
}
foreach ($_POST["databases"] as $db => $style) {
$db = bracket_escape($db, "back");
- if ($mysql->select_db($db)) {
- if ($_POST["format"] != "csv" && ereg('CREATE', $style) && ($result = $mysql->query("SHOW CREATE DATABASE " . idf_escape($db)))) {
+ if ($dbh->select_db($db)) {
+ if ($_POST["format"] != "csv" && ereg('CREATE', $style) && ($result = $dbh->query("SHOW CREATE DATABASE " . idf_escape($db)))) {
if ($style == "DROP, CREATE") {
echo "DROP DATABASE IF EXISTS " . idf_escape($db) . ";\n";
}
- $create = $mysql->result($result, 1);
+ $create = $dbh->result($result, 1);
echo ($style == "CREATE, ALTER" ? preg_replace('~^CREATE DATABASE ~', '\\0IF NOT EXISTS ', $create) : $create) . ";\n";
$result->free();
}
if ($style && $_POST["format"] != "csv") {
echo "USE " . idf_escape($db) . ";\n\n";
$out = "";
- if ($mysql->server_info >= 5) {
+ if ($dbh->server_info >= 5) {
foreach (array("FUNCTION", "PROCEDURE") as $routine) {
- $result = $mysql->query("SHOW $routine STATUS WHERE Db = '" . $mysql->escape_string($db) . "'");
+ $result = $dbh->query("SHOW $routine STATUS WHERE Db = '" . $dbh->escape_string($db) . "'");
while ($row = $result->fetch_assoc()) {
- $out .= $mysql->result($mysql->query("SHOW CREATE $routine " . idf_escape($row["Name"])), 2) . ";;\n\n";
+ $out .= $dbh->result($dbh->query("SHOW CREATE $routine " . idf_escape($row["Name"])), 2) . ";;\n\n";
}
$result->free();
}
}
- if ($mysql->server_info >= 5.1) {
- $result = $mysql->query("SHOW EVENTS");
+ if ($dbh->server_info >= 5.1) {
+ $result = $dbh->query("SHOW EVENTS");
while ($row = $result->fetch_assoc()) {
- $out .= $mysql->result($mysql->query("SHOW CREATE EVENT " . idf_escape($row["Name"])), 3) . ";;\n\n";
+ $out .= $dbh->result($dbh->query("SHOW CREATE EVENT " . idf_escape($row["Name"])), 3) . ";;\n\n";
}
$result->free();
}
if (($style || strlen($_GET["db"])) && (array_filter((array) $_POST["tables"]) || array_filter((array) $_POST["data"]))) {
$views = array();
- $result = $mysql->query("SHOW TABLE STATUS");
+ $result = $dbh->query("SHOW TABLE STATUS");
while ($row = $result->fetch_assoc()) {
$key = (strlen($_GET["db"]) ? bracket_escape($row["Name"]) : 0);
if ($_POST["tables"][$key] || $_POST["data"][$key]) {
}
}
- if ($mysql->server_info >= 5 && $style == "CREATE, ALTER" && $_POST["format"] != "csv") {
+ if ($dbh->server_info >= 5 && $style == "CREATE, ALTER" && $_POST["format"] != "csv") {
$query = "SELECT TABLE_NAME, ENGINE, TABLE_COLLATION, TABLE_COMMENT FROM information_schema.TABLES WHERE TABLE_SCHEMA = DATABASE()";
?>
DELIMITER ;;
FETCH tables INTO _table_name, _engine, _table_collation, _table_comment;
IF NOT done THEN
CASE _table_name<?php
-$result = $mysql->query($query);
+$result = $dbh->query($query);
while ($row = $result->fetch_assoc()) {
- $comment = $mysql->escape_string($row["ENGINE"] == "InnoDB" ? preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["TABLE_COMMENT"]) : $row["TABLE_COMMENT"]);
+ $comment = $dbh->escape_string($row["ENGINE"] == "InnoDB" ? preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["TABLE_COMMENT"]) : $row["TABLE_COMMENT"]);
echo "
- WHEN '" . $mysql->escape_string($row["TABLE_NAME"]) . "' THEN
+ WHEN '" . $dbh->escape_string($row["TABLE_NAME"]) . "' THEN
" . (isset($row["ENGINE"]) ? "IF _engine != '$row[ENGINE]' OR _table_collation != '$row[TABLE_COLLATION]' OR _table_comment != '$comment' THEN
ALTER TABLE " . idf_escape($row["TABLE_NAME"]) . " ENGINE=$row[ENGINE] COLLATE=$row[TABLE_COLLATION] COMMENT='$comment';
END IF" : "BEGIN END") . ";";
}
echo "</tr></thead>\n";
foreach ((strlen($_GET["db"]) ? array($_GET["db"]) : get_databases()) as $db) {
- if ($db != "information_schema" || $mysql->server_info < 5) {
+ if ($db != "information_schema" || $dbh->server_info < 5) {
echo "<tr" . odd() . "><td>" . htmlspecialchars($db) . "</td>";
foreach (array('', 'USE', 'DROP, CREATE', 'CREATE', 'CREATE, ALTER') as $val) {
echo '<td><input type="radio" name="databases[' . htmlspecialchars(bracket_escape($db)) . ']"' . ($val == (strlen($_GET["db"]) ? '' : 'CREATE') ? " checked='checked'" : "") . " value='$val' /></td>";
}
echo "</tr></thead>\n";
$views = "";
-$result = $mysql->query(strlen($_GET["db"]) ? "SHOW TABLE STATUS" : "SELECT 'Engine'");
+$result = $dbh->query(strlen($_GET["db"]) ? "SHOW TABLE STATUS" : "SELECT 'Engine'");
odd('');
while ($row = $result->fetch_assoc()) {
$print = "<tr" . odd() . "><td>" . htmlspecialchars($row["Name"]) . "</td>";
}
$row = array();
if ($select) {
- $result = $mysql->query("SELECT " . implode(", ", $select) . " FROM " . idf_escape($_GET["edit"]) . " WHERE " . implode(" AND ", $where) . " LIMIT 1");
+ $result = $dbh->query("SELECT " . implode(", ", $select) . " FROM " . idf_escape($_GET["edit"]) . " WHERE " . implode(" AND ", $where) . " LIMIT 1");
$row = $result->fetch_assoc();
$result->free();
}
if (isset($_GET["default"]) && $field["type"] == "timestamp") {
if (!isset($create) && !$_POST) {
//! disable sql_mode NO_FIELD_OPTIONS
- $create = $mysql->result($mysql->query("SHOW CREATE TABLE " . idf_escape($_GET["edit"])), 1);
+ $create = $dbh->result($dbh->query("SHOW CREATE TABLE " . idf_escape($_GET["edit"])), 1);
}
$checked = ($_POST ? $_POST["on_update"][bracket_escape($name)] : preg_match("~\n\\s*" . preg_quote(idf_escape($name), '~') . " timestamp.* on update CURRENT_TIMESTAMP~i", $create));
echo '<label><input type="checkbox" name="on_update[' . htmlspecialchars(bracket_escape($name)) . ']" value="1"' . ($checked ? ' checked="checked"' : '') . ' />' . lang('ON UPDATE CURRENT_TIMESTAMP') . '</label>';
}
function process_input($name, $field) {
- global $mysql;
+ global $dbh;
$idf = bracket_escape($name);
$function = $_POST["function"][$idf];
$value = $_POST["fields"][$idf];
} elseif ($field["type"] == "enum" || $field["auto_increment"] ? !strlen($value) : $function == "NULL") {
return "NULL";
} elseif ($field["type"] == "enum") {
- return (isset($_GET["default"]) ? "'" . $mysql->escape_string($value) . "'" : intval($value));
+ return (isset($_GET["default"]) ? "'" . $dbh->escape_string($value) . "'" : intval($value));
} elseif ($field["type"] == "set") {
- return (isset($_GET["default"]) ? "'" . implode(",", array_map(array($mysql, 'escape_string'), (array) $value)) . "'" : array_sum((array) $value));
+ return (isset($_GET["default"]) ? "'" . implode(",", array_map(array($dbh, 'escape_string'), (array) $value)) . "'" : array_sum((array) $value));
} elseif (preg_match('~binary|blob~', $field["type"])) {
$file = get_file($idf);
if (!is_string($file)) {
return false; //! report errors
}
- return "_binary'" . (is_string($file) ? $mysql->escape_string($file) : "") . "'";
+ return "_binary'" . (is_string($file) ? $dbh->escape_string($file) : "") . "'";
} elseif ($field["type"] == "timestamp" && $value == "CURRENT_TIMESTAMP") {
return $value;
} elseif (preg_match('~^(now|uuid)$~', $function)) {
return "$function()";
} elseif (preg_match('~^(\\+|-)$~', $function)) {
- return idf_escape($name) . " $function '" . $mysql->escape_string($value) . "'";
+ return idf_escape($name) . " $function '" . $dbh->escape_string($value) . "'";
} elseif (preg_match('~^(md5|sha1|password)$~', $function)) {
- return "$function('" . $mysql->escape_string($value) . "')";
+ return "$function('" . $dbh->escape_string($value) . "')";
} else {
- return "'" . $mysql->escape_string($value) . "'";
+ return "'" . $dbh->escape_string($value) . "'";
}
}
}
function process_type($field, $collate = "COLLATE") {
- global $mysql, $enum_length, $unsigned;
+ global $dbh, $enum_length, $unsigned;
return " $field[type]"
. ($field["length"] && !preg_match('~^date|time$~', $field["type"]) ? "(" . process_length($field["length"]) . ")" : "")
. (preg_match('~int|float|double|decimal~', $field["type"]) && in_array($field["unsigned"], $unsigned) ? " $field[unsigned]" : "")
- . (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " $collate '" . $mysql->escape_string($field["collation"]) . "'" : "")
+ . (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " $collate '" . $dbh->escape_string($field["collation"]) . "'" : "")
;
}
}
function routine($name, $type) {
- global $mysql, $enum_length, $inout;
+ global $dbh, $enum_length, $inout;
$aliases = array("bit" => "tinyint", "bool" => "tinyint", "boolean" => "tinyint", "integer" => "int", "double precision" => "float", "real" => "float", "dec" => "decimal", "numeric" => "decimal", "fixed" => "decimal", "national char" => "char", "national varchar" => "varchar");
$type_pattern = "([a-z]+)(?:\\s*\\(((?:[^'\")]*|$enum_length)+)\\))?\\s*(zerofill\\s*)?(unsigned(?:\\s+zerofill)?)?(?:\\s*(?:CHARSET|CHARACTER\\s+SET)\\s*['\"]?([^'\"\\s]+)['\"]?)?";
$pattern = "\\s*(" . ($type == "FUNCTION" ? "" : implode("|", $inout)) . ")?\\s*(?:`((?:[^`]+|``)*)`\\s*|\\b(\\S+)\\s+)$type_pattern";
- $create = $mysql->result($mysql->query("SHOW CREATE $type " . idf_escape($name)), 2);
+ $create = $dbh->result($dbh->query("SHOW CREATE $type " . idf_escape($name)), 2);
preg_match("~\\(((?:$pattern\\s*,?)*)\\)" . ($type == "FUNCTION" ? "\\s*RETURNS\\s+$type_pattern" : "") . "\\s*(.*)~is", $create, $match);
$fields = array();
preg_match_all("~$pattern\\s*,?~is", $match[1], $matches, PREG_SET_ORDER);
query_redirect("DROP EVENT " . idf_escape($_GET["event"]), substr($SELF, 0, -1), lang('Event has been dropped.'));
} elseif (in_array($_POST["INTERVAL_FIELD"], $intervals) && in_array($_POST["STATUS"], $statuses)) {
$schedule = " ON SCHEDULE " . ($_POST["INTERVAL_VALUE"]
- ? "EVERY '" . $mysql->escape_string($_POST["INTERVAL_VALUE"]) . "' $_POST[INTERVAL_FIELD]"
- . ($_POST["STARTS"] ? " STARTS '" . $mysql->escape_string($_POST["STARTS"]) . "'" : "")
- . ($_POST["ENDS"] ? " ENDS '" . $mysql->escape_string($_POST["ENDS"]) . "'" : "") //! ALTER EVENT doesn't drop ENDS - MySQL bug #39173
- : "AT '" . $mysql->escape_string($_POST["STARTS"]) . "'"
+ ? "EVERY '" . $dbh->escape_string($_POST["INTERVAL_VALUE"]) . "' $_POST[INTERVAL_FIELD]"
+ . ($_POST["STARTS"] ? " STARTS '" . $dbh->escape_string($_POST["STARTS"]) . "'" : "")
+ . ($_POST["ENDS"] ? " ENDS '" . $dbh->escape_string($_POST["ENDS"]) . "'" : "") //! ALTER EVENT doesn't drop ENDS - MySQL bug #39173
+ : "AT '" . $dbh->escape_string($_POST["STARTS"]) . "'"
) . " ON COMPLETION" . ($_POST["ON_COMPLETION"] ? "" : " NOT") . " PRESERVE"
;
query_redirect((strlen($_GET["event"])
? "ALTER EVENT " . idf_escape($_GET["event"]) . $schedule
. ($_GET["event"] != $_POST["EVENT_NAME"] ? " RENAME TO " . idf_escape($_POST["EVENT_NAME"]) : "")
: "CREATE EVENT " . idf_escape($_POST["EVENT_NAME"]) . $schedule
- ) . " $_POST[STATUS] COMMENT '" . $mysql->escape_string($_POST["EVENT_COMMENT"])
+ ) . " $_POST[STATUS] COMMENT '" . $dbh->escape_string($_POST["EVENT_COMMENT"])
. "' DO $_POST[EVENT_DEFINITION]"
, substr($SELF, 0, -1), (strlen($_GET["event"]) ? lang('Event has been altered.') : lang('Event has been created.')));
}
if ($_POST) {
$row = $_POST;
} elseif (strlen($_GET["event"])) {
- $result = $mysql->query("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = '" . $mysql->escape_string($_GET["db"]) . "' AND EVENT_NAME = '" . $mysql->escape_string($_GET["event"]) . "'");
+ $result = $dbh->query("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = '" . $dbh->escape_string($_GET["db"]) . "' AND EVENT_NAME = '" . $dbh->escape_string($_GET["event"]) . "'");
$row = $result->fetch_assoc();
$row["STATUS"] = $statuses[$row["STATUS"]];
$result->free();
}
function dump_table($table, $style, $is_view = false) {
- global $mysql;
+ global $dbh;
if ($_POST["format"] == "csv") {
echo "\xef\xbb\xbf";
if ($style) {
dump_csv(array_keys(fields($table)));
}
} elseif ($style) {
- $result = $mysql->query("SHOW CREATE TABLE " . idf_escape($table));
+ $result = $dbh->query("SHOW CREATE TABLE " . idf_escape($table));
if ($result) {
if ($style == "DROP, CREATE") {
echo "DROP " . ($is_view ? "VIEW" : "TABLE") . " IF EXISTS " . idf_escape($table) . ";\n";
}
- $create = $mysql->result($result, 1);
+ $create = $dbh->result($result, 1);
$result->free();
echo ($style != "CREATE, ALTER" ? $create : ($is_view ? substr_replace($create, " OR REPLACE", 6, 0) : substr_replace($create, " IF NOT EXISTS", 12, 0))) . ";\n\n";
}
- if ($mysql->server_info >= 5) {
+ if ($dbh->server_info >= 5) {
if ($style == "CREATE, ALTER" && !$is_view) {
- $query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = '" . $mysql->escape_string($table) . "' ORDER BY ORDINAL_POSITION";
+ $query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = '" . $dbh->escape_string($table) . "' ORDER BY ORDINAL_POSITION";
?>
DELIMITER ;;
CREATE PROCEDURE phpminadmin_alter () BEGIN
DECLARE done, set_after bool DEFAULT 0;
DECLARE add_columns text DEFAULT '<?php
$fields = array();
-$result = $mysql->query($query);
+$result = $dbh->query($query);
$after = "";
while ($row = $result->fetch_assoc()) {
- $row["default"] = (isset($row["COLUMN_DEFAULT"]) ? "'" . $mysql->escape_string($row["COLUMN_DEFAULT"]) . "'" : "NULL");
- $row["after"] = $mysql->escape_string($after); //! rgt AFTER lft, lft AFTER id doesn't work
- $row["alter"] = $mysql->escape_string(idf_escape($row["COLUMN_NAME"])
+ $row["default"] = (isset($row["COLUMN_DEFAULT"]) ? "'" . $dbh->escape_string($row["COLUMN_DEFAULT"]) . "'" : "NULL");
+ $row["after"] = $dbh->escape_string($after); //! rgt AFTER lft, lft AFTER id doesn't work
+ $row["alter"] = $dbh->escape_string(idf_escape($row["COLUMN_NAME"])
. " $row[COLUMN_TYPE]"
. ($row["COLLATION_NAME"] ? " COLLATE $row[COLLATION_NAME]" : "")
. (isset($row["COLUMN_DEFAULT"]) ? " DEFAULT $row[default]" : "")
. ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL")
. ($row["EXTRA"] ? " $row[EXTRA]" : "")
- . ($row["COLUMN_COMMENT"] ? " COMMENT '" . $mysql->escape_string($row["COLUMN_COMMENT"]) . "'" : "")
+ . ($row["COLUMN_COMMENT"] ? " COMMENT '" . $dbh->escape_string($row["COLUMN_COMMENT"]) . "'" : "")
. ($after ? " AFTER " . idf_escape($after) : " FIRST")
);
echo ", ADD $row[alter]";
CASE _column_name<?php
foreach ($fields as $row) {
echo "
- WHEN '" . $mysql->escape_string($row["COLUMN_NAME"]) . "' THEN
+ WHEN '" . $dbh->escape_string($row["COLUMN_NAME"]) . "' THEN
SET add_columns = REPLACE(add_columns, ', ADD $row[alter]', '');
- IF NOT (_column_default <=> $row[default]) OR _is_nullable != '$row[IS_NULLABLE]' OR _collation_name != '$row[COLLATION_NAME]' OR _column_type != '$row[COLUMN_TYPE]' OR _extra != '$row[EXTRA]' OR _column_comment != '" . $mysql->escape_string($row["COLUMN_COMMENT"]) . "' OR after != '$row[after]' THEN
+ IF NOT (_column_default <=> $row[default]) OR _is_nullable != '$row[IS_NULLABLE]' OR _collation_name != '$row[COLLATION_NAME]' OR _column_type != '$row[COLUMN_TYPE]' OR _extra != '$row[EXTRA]' OR _column_comment != '" . $dbh->escape_string($row["COLUMN_COMMENT"]) . "' OR after != '$row[after]' THEN
SET @alter_table = CONCAT(@alter_table, ', MODIFY $row[alter]');
END IF;"; //! don't replace in comment
}
//! indexes
}
- $result = $mysql->query("SHOW TRIGGERS LIKE '" . $mysql->escape_string(addcslashes($table, "%_")) . "'");
+ $result = $dbh->query("SHOW TRIGGERS LIKE '" . $dbh->escape_string(addcslashes($table, "%_")) . "'");
if ($result->num_rows) {
echo "DELIMITER ;;\n\n";
while ($row = $result->fetch_assoc()) {
}
function dump_data($table, $style, $from = "") {
- global $mysql, $max_packet;
+ global $dbh, $max_packet;
if ($style) {
if ($_POST["format"] != "csv" && $style == "TRUNCATE, INSERT") {
echo "TRUNCATE " . idf_escape($table) . ";\n";
}
- $result = $mysql->query("SELECT * " . ($from ? $from : "FROM " . idf_escape($table))); //! enum and set as numbers, binary as _binary, microtime
+ $result = $dbh->query("SELECT * " . ($from ? $from : "FROM " . idf_escape($table))); //! enum and set as numbers, binary as _binary, microtime
if ($result) {
$insert = "INSERT INTO " . idf_escape($table) . " VALUES ";
$length = 0;
} elseif ($style == "UPDATE") {
$set = array();
foreach ($row as $key => $val) {
- $row[$key] = (isset($val) ? "'" . $mysql->escape_string($val) . "'" : "NULL");
- $set[] = idf_escape($key) . " = " . (isset($val) ? "'" . $mysql->escape_string($val) . "'" : "NULL");
+ $row[$key] = (isset($val) ? "'" . $dbh->escape_string($val) . "'" : "NULL");
+ $set[] = idf_escape($key) . " = " . (isset($val) ? "'" . $dbh->escape_string($val) . "'" : "NULL");
}
echo "INSERT INTO " . idf_escape($table) . " (" . implode(", ", array_map('idf_escape', array_keys($row))) . ") VALUES (" . implode(", ", $row) . ") ON DUPLICATE KEY UPDATE " . implode(", ", $set) . ";\n";
} else {
foreach ($row as $key => $val) {
- $row[$key] = (isset($val) ? "'" . $mysql->escape_string($val) . "'" : "NULL");
+ $row[$key] = (isset($val) ? "'" . $dbh->escape_string($val) . "'" : "NULL");
}
$s = "(" . implode(", ", $row) . ")";
if (!$length) {
page_header(lang('Foreign key'), $error, array("table" => $_GET["foreign"]), $_GET["foreign"]);
$tables = array();
-$result = $mysql->query("SHOW TABLE STATUS");
+$result = $dbh->query("SHOW TABLE STATUS");
while ($row = $result->fetch_assoc()) {
if ($row["Engine"] == "InnoDB") {
$tables[] = $row["Name"];
}
function get_vals($query) {
- global $mysql;
+ global $dbh;
$return = array();
- $result = $mysql->query($query);
+ $result = $dbh->query($query);
if ($result) {
while ($row = $result->fetch_row()) {
$return[] = $row[0];
}
function table_status($table) {
- global $mysql;
- $result = $mysql->query("SHOW TABLE STATUS LIKE '" . $mysql->escape_string(addcslashes($table, "%_")) . "'");
+ global $dbh;
+ $result = $dbh->query("SHOW TABLE STATUS LIKE '" . $dbh->escape_string(addcslashes($table, "%_")) . "'");
$return = $result->fetch_assoc();
$result->free();
return $return;
}
function fields($table) {
- global $mysql;
+ global $dbh;
$return = array();
- $result = $mysql->query("SHOW FULL COLUMNS FROM " . idf_escape($table));
+ $result = $dbh->query("SHOW FULL COLUMNS FROM " . idf_escape($table));
if ($result) {
while ($row = $result->fetch_assoc()) {
preg_match('~^([^( ]+)(?:\\((.+)\\))?( unsigned)?( zerofill)?$~', $row["Type"], $match);
}
function indexes($table) {
- global $mysql;
+ global $dbh;
$return = array();
- $result = $mysql->query("SHOW INDEX FROM " . idf_escape($table));
+ $result = $dbh->query("SHOW INDEX FROM " . idf_escape($table));
if ($result) {
while ($row = $result->fetch_assoc()) {
$return[$row["Key_name"]]["type"] = ($row["Key_name"] == "PRIMARY" ? "PRIMARY" : ($row["Index_type"] == "FULLTEXT" ? "FULLTEXT" : ($row["Non_unique"] ? "INDEX" : "UNIQUE")));
}
function foreign_keys($table) {
- global $mysql, $on_actions;
+ global $dbh, $on_actions;
static $pattern = '(?:[^`]+|``)+';
$return = array();
- $result = $mysql->query("SHOW CREATE TABLE " . idf_escape($table));
+ $result = $dbh->query("SHOW CREATE TABLE " . idf_escape($table));
if ($result) {
- $create_table = $mysql->result($result, 1);
+ $create_table = $dbh->result($result, 1);
$result->free();
preg_match_all("~CONSTRAINT `($pattern)` FOREIGN KEY \\(((?:`$pattern`,? ?)+)\\) REFERENCES `($pattern)`(?:\\.`($pattern)`)? \\(((?:`$pattern`,? ?)+)\\)(?: ON DELETE (" . implode("|", $on_actions) . "))?(?: ON UPDATE (" . implode("|", $on_actions) . "))?~", $create_table, $matches, PREG_SET_ORDER);
foreach ($matches as $match) {
}
function view($name) {
- global $mysql;
- return array("select" => preg_replace('~^(?:[^`]+|`[^`]*`)* AS ~U', '', $mysql->result($mysql->query("SHOW CREATE VIEW " . idf_escape($name)), 1)));
+ global $dbh;
+ return array("select" => preg_replace('~^(?:[^`]+|`[^`]*`)* AS ~U', '', $dbh->result($dbh->query("SHOW CREATE VIEW " . idf_escape($name)), 1)));
}
function unique_idf($row, $indexes) {
}
function where($where) {
- global $mysql;
+ global $dbh;
$return = array();
foreach ((array) $where["where"] as $key => $val) {
$key = bracket_escape($key, "back");
- $return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]+|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " = BINARY '" . $mysql->escape_string($val) . "'"; //! enum and set, columns looking like functions
+ $return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]+|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " = BINARY '" . $dbh->escape_string($val) . "'"; //! enum and set, columns looking like functions
}
foreach ((array) $where["null"] as $key) {
$key = bracket_escape($key, "back");
}
function collations() {
- global $mysql;
+ global $dbh;
$return = array();
- $result = $mysql->query("SHOW COLLATION");
+ $result = $dbh->query("SHOW COLLATION");
while ($row = $result->fetch_assoc()) {
if ($row["Default"] && $return[$row["Charset"]]) {
array_unshift($return[$row["Charset"]], $row["Collation"]);
}
function query_redirect($query, $location, $message, $redirect = true, $execute = true, $failed = false) {
- global $mysql, $error, $SELF;
+ global $dbh, $error, $SELF;
$id = "sql-" . count($_SESSION["messages"]);
$sql = ($query ? " <a href='#$id' onclick=\"return !toggle('$id');\">" . lang('SQL command') . "</a><span id='$id' class='hidden'><br /><code class='jush-sql'>" . htmlspecialchars($query) . '</code> <a href="' . htmlspecialchars($SELF) . 'sql=' . urlencode($query) . '">' . lang('Edit') . '</a></span>' : "");
if ($execute) {
- $failed = !$mysql->query($query);
+ $failed = !$dbh->query($query);
}
if ($failed) {
- $error = htmlspecialchars($mysql->error) . $sql;
+ $error = htmlspecialchars($dbh->error) . $sql;
return false;
}
if ($redirect) {
}
function queries($query = null) {
- global $mysql;
+ global $dbh;
static $queries = array();
if (!isset($query)) {
return implode(";\n", $queries);
}
$queries[] = $query;
- return $mysql->query($query);
+ return $dbh->query($query);
}
function remove_from_uri($param = "") {
echo '<p><a href="' . htmlspecialchars($SELF) . 'schema=">' . lang('Database schema') . "</a></p>\n";
echo "<h3>" . lang('Tables and views') . "</h3>\n";
- $result = $mysql->query("SHOW TABLE STATUS");
+ $result = $dbh->query("SHOW TABLE STATUS");
if (!$result->num_rows) {
echo "<p class='message'>" . lang('No tables.') . "</p>\n";
} else {
}
$result->free();
- if ($mysql->server_info >= 5) {
+ if ($dbh->server_info >= 5) {
echo '<p><a href="' . htmlspecialchars($SELF) . 'createv=">' . lang('Create view') . "</a></p>\n";
echo "<h3>" . lang('Routines') . "</h3>\n";
- $result = $mysql->query("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = '" . $mysql->escape_string($_GET["db"]) . "'");
+ $result = $dbh->query("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = '" . $dbh->escape_string($_GET["db"]) . "'");
if ($result->num_rows) {
echo "<table cellspacing='0'>\n";
while ($row = $result->fetch_assoc()) {
echo '<p><a href="' . htmlspecialchars($SELF) . 'procedure=">' . lang('Create procedure') . '</a> <a href="' . htmlspecialchars($SELF) . 'function=">' . lang('Create function') . "</a></p>\n";
}
- if ($mysql->server_info >= 5.1 && ($result = $mysql->query("SHOW EVENTS"))) {
+ if ($dbh->server_info >= 5.1 && ($result = $dbh->query("SHOW EVENTS"))) {
echo "<h3>" . lang('Events') . "</h3>\n";
if ($result->num_rows) {
echo "<table cellspacing='0'>\n";
<?php
page_header(lang('Privileges'));
echo '<p><a href="' . htmlspecialchars($SELF) . 'user=">' . lang('Create user') . "</a></p>";
-$result = $mysql->query("SELECT User, Host FROM mysql.user ORDER BY Host, User");
+$result = $dbh->query("SELECT User, Host FROM mysql.user ORDER BY Host, User");
if (!$result) {
?>
<form action=""><p>
<input type="submit" value="<?php echo lang('Edit'); ?>" />
</p></form>
<?php
- $result = $mysql->query("SELECT SUBSTRING_INDEX(CURRENT_USER, '@', 1) AS User, SUBSTRING_INDEX(CURRENT_USER, '@', -1) AS Host");
+ $result = $dbh->query("SELECT SUBSTRING_INDEX(CURRENT_USER, '@', 1) AS User, SUBSTRING_INDEX(CURRENT_USER, '@', -1) AS Host");
}
echo "<table cellspacing='0'>\n";
echo "<thead><tr><th> </th><th>" . lang('Username') . "</th><th>" . lang('Server') . "</th></tr></thead>\n";
<form action="" method="post">
<table cellspacing="0">
<?php
-$result = $mysql->query("SHOW PROCESSLIST");
+$result = $dbh->query("SHOW PROCESSLIST");
for ($i=0; $row = $result->fetch_assoc(); $i++) {
if (!$i) {
echo "<thead><tr lang='en'><th> </th><th>" . implode("</th><th>", array_keys($row)) . "</th></tr></thead>\n";
$schema = array();
$referenced = array();
$lefts = array();
-$result = $mysql->query("SHOW TABLE STATUS");
+$result = $dbh->query("SHOW TABLE STATUS");
while ($row = $result->fetch_assoc()) {
if (!isset($row["Engine"])) { // view
continue;
$where = array();
foreach ($indexes as $i => $index) {
if ($index["type"] == "FULLTEXT" && strlen($_GET["fulltext"][$i])) {
- $where[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST ('" . $mysql->escape_string($_GET["fulltext"][$i]) . "'" . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
+ $where[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST ('" . $dbh->escape_string($_GET["fulltext"][$i]) . "'" . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
}
}
foreach ((array) $_GET["where"] as $val) {
if (strlen("$val[col]$val[val]") && in_array($val["op"], $operators)) {
if ($val["op"] == "AGAINST") {
- $where[] = "MATCH (" . idf_escape($val["col"]) . ") AGAINST ('" . $mysql->escape_string($val["val"]) . "' IN BOOLEAN MODE)";
+ $where[] = "MATCH (" . idf_escape($val["col"]) . ") AGAINST ('" . $dbh->escape_string($val["val"]) . "' IN BOOLEAN MODE)";
} elseif (ereg('IN$', $val["op"]) && !strlen($in = process_length($val["val"]))) {
$where[] = "0";
} else {
- $cond = " $val[op]" . (ereg('NULL$', $val["op"]) ? "" : (ereg('IN$', $val["op"]) ? " ($in)" : " '" . $mysql->escape_string($val["val"]) . "'")); //! this searches in numeric values too
+ $cond = " $val[op]" . (ereg('NULL$', $val["op"]) ? "" : (ereg('IN$', $val["op"]) ? " ($in)" : " '" . $dbh->escape_string($val["val"]) . "'")); //! this searches in numeric values too
if (strlen($val["col"])) {
$where[] = idf_escape($val["col"]) . $cond;
} else {
// nothing
} elseif ($_POST["all"]) {
$result = queries($command . ($where ? " WHERE " . implode(" AND ", $where) : ""));
- $affected = $mysql->affected_rows;
+ $affected = $dbh->affected_rows;
} else {
foreach ((array) $_POST["check"] as $val) {
parse_str($val, $check);
if (!$result) {
break;
}
- $affected += $mysql->affected_rows;
+ $affected += $dbh->affected_rows;
}
}
query_redirect(queries(), remove_from_uri("page"), lang('%d item(s) have been affected.', $affected), $result, false, !$result);
$cols = " (" . implode(", ", array_map('idf_escape', $matches2[1])) . ")";
} else {
foreach ($matches2[1] as $col) {
- $row[] = (!strlen($col) ? "NULL" : "'" . $mysql->escape_string(str_replace('""', '"', preg_replace('~^".*"$~s', '', $col))) . "'");
+ $row[] = (!strlen($col) ? "NULL" : "'" . $dbh->escape_string(str_replace('""', '"', preg_replace('~^".*"$~s', '', $col))) . "'");
}
$rows[] = "(" . implode(", ", $row) . ")";
}
}
$result = queries("INSERT INTO " . idf_escape($_GET["select"]) . "$cols VALUES " . implode(", ", $rows));
- query_redirect(queries(), remove_from_uri("page"), lang('%d row(s) has been imported.', $mysql->affected_rows), $result, false, !$result);
+ query_redirect(queries(), remove_from_uri("page"), lang('%d row(s) has been imported.', $dbh->affected_rows), $result, false, !$result);
} else {
$error = lang('Unable to upload a file.');
}
echo "</p>\n";
if (!$columns) {
- echo "<p class='error'>" . lang('Unable to select the table') . ($fields ? "" : ": " . htmlspecialchars($mysql->error)) . ".</p>\n";
+ echo "<p class='error'>" . lang('Unable to select the table') . ($fields ? "" : ": " . htmlspecialchars($dbh->error)) . ".</p>\n";
} else {
echo "<form action='' id='form'>\n";
?>
$query = "SELECT " . ($select ? (count($group) < count($select) ? "SQL_CALC_FOUND_ROWS " : "") . implode(", ", $select) : "*") . " $from";
echo "<p><code class='jush-sql'>" . htmlspecialchars($query) . "</code> <a href='" . htmlspecialchars($SELF) . "sql=" . urlencode($query) . "'>" . lang('Edit') . "</a></p>\n";
- $result = $mysql->query($query);
+ $result = $dbh->query($query);
if (!$result) {
- echo "<p class='error'>" . htmlspecialchars($mysql->error) . "</p>\n";
+ echo "<p class='error'>" . htmlspecialchars($dbh->error) . "</p>\n";
} else {
echo "<form action='' method='post' enctype='multipart/form-data'>\n";
if (!$result->num_rows) {
echo "</table>\n";
echo "<p>";
- $found_rows = (intval($limit) ? $mysql->result($mysql->query(count($group) < count($select) ? " SELECT FOUND_ROWS()" : "SELECT COUNT(*) FROM " . idf_escape($_GET["select"]) . ($where ? " WHERE " . implode(" AND ", $where) : ""))) : $result->num_rows);
+ $found_rows = (intval($limit) ? $dbh->result($dbh->query(count($group) < count($select) ? " SELECT FOUND_ROWS()" : "SELECT COUNT(*) FROM " . idf_escape($_GET["select"]) . ($where ? " WHERE " . implode(" AND ", $where) : ""))) : $result->num_rows);
if (intval($limit) && $found_rows > $limit) {
$max_page = floor(($found_rows - 1) / $limit);
echo lang('Page') . ":";
echo "<pre class='jush-sql'>" . htmlspecialchars(substr($query, 0, $match[0][1])) . "</pre>\n";
flush();
//! don't allow changing of character_set_results, convert encoding of displayed query
- if (!$mysql->multi_query(substr($query, 0, $match[0][1]))) {
- echo "<p class='error'>" . lang('Error in query') . ": " . htmlspecialchars($mysql->error) . "</p>\n";
+ if (!$dbh->multi_query(substr($query, 0, $match[0][1]))) {
+ echo "<p class='error'>" . lang('Error in query') . ": " . htmlspecialchars($dbh->error) . "</p>\n";
if ($_POST["error_stops"]) {
break;
}
} else {
do {
- $result = $mysql->store_result();
+ $result = $dbh->store_result();
if (is_object($result)) {
select($result);
} else {
if (preg_match("~^$space*(CREATE|DROP)$space+(DATABASE|SCHEMA)\\b~isU", $query)) {
unset($_SESSION["databases"][$_GET["server"]]);
}
- echo "<p class='message'>" . lang('Query executed OK, %d row(s) affected.', $mysql->affected_rows) . "</p>\n";
+ echo "<p class='message'>" . lang('Query executed OK, %d row(s) affected.', $dbh->affected_rows) . "</p>\n";
}
- } while ($mysql->next_result());
+ } while ($dbh->next_result());
}
$query = substr($query, $match[0][1] + strlen($match[0][0]));
$offset = 0;
<?php
-$result = $mysql->query("SHOW COLUMNS FROM " . idf_escape($_GET["table"]));
+$result = $dbh->query("SHOW COLUMNS FROM " . idf_escape($_GET["table"]));
if (!$result) {
- $error = htmlspecialchars($mysql->error);
+ $error = htmlspecialchars($dbh->error);
}
page_header(lang('Table') . ": " . htmlspecialchars($_GET["table"]), $error);
}
}
-if ($mysql->server_info >= 5) {
+if ($dbh->server_info >= 5) {
echo "<h3>" . lang('Triggers') . "</h3>\n";
- $result = $mysql->query("SHOW TRIGGERS LIKE '" . $mysql->escape_string(addcslashes($_GET["table"], "%_")) . "'");
+ $result = $dbh->query("SHOW TRIGGERS LIKE '" . $dbh->escape_string(addcslashes($_GET["table"], "%_")) . "'");
if ($result->num_rows) {
echo "<table cellspacing='0'>\n";
while ($row = $result->fetch_assoc()) {
if ($_POST) {
$row = $_POST;
} elseif (strlen($_GET["name"])) {
- $result = $mysql->query("SHOW TRIGGERS LIKE '" . $mysql->escape_string(addcslashes($_GET["trigger"], "%_")) . "'");
+ $result = $dbh->query("SHOW TRIGGERS LIKE '" . $dbh->escape_string(addcslashes($_GET["trigger"], "%_")) . "'");
while ($row = $result->fetch_assoc()) {
if ($row["Trigger"] === $_GET["name"]) {
break;
<?php
$privileges = array();
-$result = $mysql->query("SHOW PRIVILEGES");
+$result = $dbh->query("SHOW PRIVILEGES");
while ($row = $result->fetch_assoc()) {
foreach (explode(",", $row["Context"]) as $context) {
$privileges[$context][$row["Privilege"]] = $row["Comment"];
}
$grants = array();
$old_pass = "";
-if (isset($_GET["host"]) && ($result = $mysql->query("SHOW GRANTS FOR '" . $mysql->escape_string($_GET["user"]) . "'@'" . $mysql->escape_string($_GET["host"]) . "'"))) { //! Use information_schema for MySQL 5 - column names in column privileges are not escaped
+if (isset($_GET["host"]) && ($result = $dbh->query("SHOW GRANTS FOR '" . $dbh->escape_string($_GET["user"]) . "'@'" . $dbh->escape_string($_GET["host"]) . "'"))) { //! Use information_schema for MySQL 5 - column names in column privileges are not escaped
while ($row = $result->fetch_row()) {
if (preg_match('~GRANT (.*) ON (.*) TO ~', $row[0], $match)) { //! escape the part between ON and TO
if ($match[1] == "ALL PRIVILEGES") {
}
if ($_POST && !$error) {
- $old_user = (isset($_GET["host"]) ? $mysql->escape_string($_GET["user"]) . "'@'" . $mysql->escape_string($_GET["host"]) : "");
- $new_user = $mysql->escape_string($_POST["user"]) . "'@'" . $mysql->escape_string($_POST["host"]);
- $pass = $mysql->escape_string($_POST["pass"]);
+ $old_user = (isset($_GET["host"]) ? $dbh->escape_string($_GET["user"]) . "'@'" . $dbh->escape_string($_GET["host"]) : "");
+ $new_user = $dbh->escape_string($_POST["user"]) . "'@'" . $dbh->escape_string($_POST["host"]);
+ $pass = $dbh->escape_string($_POST["pass"]);
if ($_POST["drop"]) {
query_redirect("DROP USER '$old_user'", $SELF . "privileges=", lang('User has been dropped.'));
- } elseif ($old_user == $new_user || $mysql->query(($mysql->server_info < 5 ? "GRANT USAGE ON *.* TO" : "CREATE USER") . " '$new_user' IDENTIFIED BY" . ($_POST["hashed"] ? " PASSWORD" : "") . " '$pass'")) {
+ } elseif ($old_user == $new_user || $dbh->query(($dbh->server_info < 5 ? "GRANT USAGE ON *.* TO" : "CREATE USER") . " '$new_user' IDENTIFIED BY" . ($_POST["hashed"] ? " PASSWORD" : "") . " '$pass'")) {
if ($old_user == $new_user) {
- $mysql->query("SET PASSWORD FOR '$new_user' = " . ($_POST["hashed"] ? "'$pass'" : "PASSWORD('$pass')"));
+ $dbh->query("SET PASSWORD FOR '$new_user' = " . ($_POST["hashed"] ? "'$pass'" : "PASSWORD('$pass')"));
}
$revoke = array();
foreach ($new_grants as $object => $grant) {
unset($grants[$object]);
}
if (preg_match('~^(.+)(\\(.*\\))?$~U', $object, $match) && (
- ($grant && !$mysql->query("GRANT " . implode("$match[2], ", $grant) . "$match[2] ON $match[1] TO '$new_user'")) //! SQL injection
- || ($revoke && !$mysql->query("REVOKE " . implode("$match[2], ", $revoke) . "$match[2] ON $match[1] FROM '$new_user'"))
+ ($grant && !$dbh->query("GRANT " . implode("$match[2], ", $grant) . "$match[2] ON $match[1] TO '$new_user'")) //! SQL injection
+ || ($revoke && !$dbh->query("REVOKE " . implode("$match[2], ", $revoke) . "$match[2] ON $match[1] FROM '$new_user'"))
)) {
- $error = htmlspecialchars($mysql->error);
+ $error = htmlspecialchars($dbh->error);
if ($old_user != $new_user) {
- $mysql->query("DROP USER '$new_user'");
+ $dbh->query("DROP USER '$new_user'");
}
break;
}
}
if (!$error) {
if (isset($_GET["host"]) && $old_user != $new_user) {
- $mysql->query("DROP USER '$old_user'");
+ $dbh->query("DROP USER '$old_user'");
} elseif (!isset($_GET["grant"])) {
foreach ($grants as $object => $revoke) {
if (preg_match('~^(.+)(\\(.*\\))?$~U', $object, $match)) {
- $mysql->query("REVOKE " . implode("$match[2], ", array_keys($revoke)) . "$match[2] ON $match[1] FROM '$new_user'");
+ $dbh->query("REVOKE " . implode("$match[2], ", array_keys($revoke)) . "$match[2] ON $match[1] FROM '$new_user'");
}
}
}
}
}
if (!$error) {
- $error = htmlspecialchars($mysql->error);
+ $error = htmlspecialchars($dbh->error);
}
}
page_header((isset($_GET["host"]) ? lang('Username') . ": " . htmlspecialchars("$_GET[user]@$_GET[host]") : lang('Create user')), $error, array("privileges" => lang('Privileges')));
projects / adminer.git / commitdiff