return str_replace($last . $last, $last, substr($idf, 1, -1));
}
+/** Shortcut for $connection->quote($string)
+* @param string
+* @return string
+*/
+function q($string) {
+ global $connection;
+ return $connection->quote($string);
+}
+
/** Escape string to use inside ''
* @param string
* @return string
return (min_version("5.5.3", 0, $connection) ? "utf8mb4" : "utf8"); // SHOW CHARSET would require an extra query
}
-/** Return <script> element
-* @param string
-* @param string
-* @return string
-*/
-function script($source, $trailing = "\n") {
- return "<script" . nonce() . ">$source</script>$trailing";
-}
-
-/** Return <script src> element
-* @param string
-* @return string
-*/
-function script_src($url) {
- return "<script src='" . h($url) . "'" . nonce() . "></script>\n";
-}
-
-/** Get a nonce="" attribute with CSP nonce
-* @return string
-*/
-function nonce() {
- return ' nonce="' . get_nonce() . '"';
-}
-
-/** Get a target="_blank" attribute
-* @return string
-*/
-function target_blank() {
- return ' target="_blank" rel="noreferrer noopener"';
-}
-
-/** Escape for HTML
-* @param string
-* @return string
-*/
-function h($string) {
- return str_replace("\0", "�", htmlspecialchars($string, ENT_QUOTES, 'utf-8'));
-}
-
-/** Convert \n to <br>
-* @param string
-* @return string
-*/
-function nl_br($string) {
- return str_replace("\n", "<br>", $string); // nl2br() uses XHTML before PHP 5.3
-}
-
-/** Generate HTML checkbox
-* @param string
-* @param string
-* @param bool
-* @param string
-* @param string
-* @param string
-* @param string
-* @return string
-*/
-function checkbox($name, $value, $checked, $label = "", $onclick = "", $class = "", $labelled_by = "") {
- $return = "<input type='checkbox' name='$name' value='" . h($value) . "'"
- . ($checked ? " checked" : "")
- . ($labelled_by ? " aria-labelledby='$labelled_by'" : "")
- . ">"
- . ($onclick ? script("qsl('input').onclick = function () { $onclick };", "") : "")
- ;
- return ($label != "" || $class ? "<label" . ($class ? " class='$class'" : "") . ">$return" . h($label) . "</label>" : $return);
-}
-
-/** Generate list of HTML options
-* @param array array of strings or arrays (creates optgroup)
-* @param mixed
-* @param bool always use array keys for value="", otherwise only string keys are used
-* @return string
-*/
-function optionlist($options, $selected = null, $use_keys = false) {
- $return = "";
- foreach ($options as $k => $v) {
- $opts = array($k => $v);
- if (is_array($v)) {
- $return .= '<optgroup label="' . h($k) . '">';
- $opts = $v;
- }
- foreach ($opts as $key => $val) {
- $return .= '<option'
- . ($use_keys || is_string($key) ? ' value="' . h($key) . '"' : '')
- . ($selected !== null && ($use_keys || is_string($key) ? (string) $key : $val) === $selected ? ' selected' : '')
- . '>' . h($val)
- ;
- }
- if (is_array($v)) {
- $return .= '</optgroup>';
- }
- }
- return $return;
-}
-
-/** Generate HTML <select>
-* @param string
-* @param array
-* @param string
-* @param string
-* @param string
-* @return string
-*/
-function html_select($name, $options, $value = "", $onchange = "", $labelled_by = "") {
- return "<select name='" . h($name) . "'"
- . ($labelled_by ? " aria-labelledby='$labelled_by'" : "")
- . ">" . optionlist($options, $value) . "</select>"
- . ($onchange ? script("qsl('select').onchange = function () { $onchange };", "") : "")
- ;
-}
-
-/** Generate HTML radio list
-* @param string
-* @param array
-* @param string
-* @return string
-*/
-function html_radios($name, $options, $value = "") {
- $return = "";
- foreach ($options as $key => $val) {
- $return .= "<label><input type='radio' name='" . h($name) . "' value='" . h($key) . "'" . ($key == $value ? " checked" : "") . ">" . h($val) . "</label>";
- }
- return $return;
-}
-
-/** Get onclick confirmation
-* @param string
-* @param string
-* @return string
-*/
-function confirm($message = "", $selector = "qsl('input')") {
- return script("$selector.onclick = function () { return confirm('" . ($message ? js_escape($message) : lang('Are you sure?')) . "'); };", "");
-}
-
-/** Print header for hidden fieldset (close by </div></fieldset>)
-* @param string
-* @param string
-* @param bool
-* @return null
-*/
-function print_fieldset($id, $legend, $visible = false) {
- echo "<fieldset><legend>";
- echo "<a href='#fieldset-$id'>$legend</a>";
- echo script("qsl('a').onclick = partial(toggle, 'fieldset-$id');", "");
- echo "</legend>";
- echo "<div id='fieldset-$id'" . ($visible ? "" : " class='hidden'") . ">\n";
-}
-
-/** Return class='active' if $bold is true
-* @param bool
-* @param string
-* @return string
-*/
-function bold($bold, $class = "") {
- return ($bold ? " class='active $class'" : ($class ? " class='$class'" : ""));
-}
-
-/** Escape string for JavaScript apostrophes
-* @param string
-* @return string
-*/
-function js_escape($string) {
- return addcslashes($string, "\r\n'\\/"); // slash for <script>
-}
-
/** Get INI boolean value
* @param string
* @return bool
return $return;
}
-/** Shortcut for $connection->quote($string)
-* @param string
-* @return string
-*/
-function q($string) {
- global $connection;
- return $connection->quote($string);
-}
-
/** Get single value from database
* @param string
* @param int
return substr(preg_replace("~(?<=[?&])($param" . (SID ? "" : "|" . session_name()) . ")=[^&]*&~", '', relative_uri() . "&"), 0, -1);
}
-/** Generate page number for pagination
-* @param int
-* @param int
-* @return string
-*/
-function pagination($page, $current) {
- return " " . ($page == $current
- ? $page + 1
- : '<a href="' . h(remove_from_uri("page") . ($page ? "&page=$page" . ($_GET["next"] ? "&next=" . urlencode($_GET["next"]) : "") : "")) . '">' . ($page + 1) . "</a>"
- );
-}
-
/** Get file contents from $_FILES
* @param string
* @param bool
return preg_replace('~\W~i', '-', $val);
}
-/** Print hidden fields
-* @param array
-* @param array
-* @param string
-* @return bool
-*/
-function hidden_fields($process, $ignore = array(), $prefix = '') {
- $return = false;
- foreach ($process as $key => $val) {
- if (!in_array($key, $ignore)) {
- if (is_array($val)) {
- hidden_fields($val, array(), $key);
- } else {
- $return = true;
- echo '<input type="hidden" name="' . h($prefix ? $prefix . "[$key]" : $key) . '" value="' . h($val) . '">';
- }
- }
- }
- return $return;
-}
-
-/** Print hidden fields for GET forms
-* @return null
-*/
-function hidden_fields_get() {
- echo (sid() ? '<input type="hidden" name="' . session_name() . '" value="' . h(session_id()) . '">' : '');
- echo (SERVER !== null ? '<input type="hidden" name="' . DRIVER . '" value="' . h(SERVER) . '">' : "");
- echo '<input type="hidden" name="username" value="' . h($_GET["username"]) . '">';
-}
-
/** Get status of a single table and fall back to name on error
* @param string
* @param bool
return $return;
}
-/** Print enum input field
-* @param string "radio"|"checkbox"
-* @param string
-* @param array
-* @param mixed string|array
-* @param string
-* @return null
-*/
-function enum_input($type, $attrs, $field, $value, $empty = null) {
- global $adminer;
- preg_match_all("~'((?:[^']|'')*)'~", $field["length"], $matches);
- $return = ($empty !== null ? "<label><input type='$type'$attrs value='$empty'" . ((is_array($value) ? in_array($empty, $value) : $value === $empty) ? " checked" : "") . "><i>" . lang('empty') . "</i></label>" : "");
- foreach ($matches[1] as $i => $val) {
- $val = stripcslashes(str_replace("''", "'", $val));
- $checked = (is_array($value) ? in_array($val, $value) : $value === $val);
- $return .= " <label><input type='$type'$attrs value='" . h($val) . "'" . ($checked ? ' checked' : '') . '>' . h($adminer->editVal($val, $field)) . '</label>';
- }
- return $return;
-}
-
-/** Print edit input field
-* @param array one field from fields()
-* @param mixed
-* @param string
-* @param bool
-* @return null
-*/
-function input($field, $value, $function, $autofocus = false) {
- global $driver, $adminer;
- $name = h(bracket_escape($field["field"]));
- echo "<td class='function'>";
- if (is_array($value) && !$function) {
- $value = json_encode($value, 128); // 128 - JSON_PRETTY_PRINT available since PHP 5.4
- $function = "json";
- }
- $reset = (JUSH == "mssql" && $field["auto_increment"]);
- if ($reset && !$_POST["save"]) {
- $function = null;
- }
- $functions = (isset($_GET["select"]) || $reset ? array("orig" => lang('original')) : array()) + $adminer->editFunctions($field);
- $disabled = stripos($field["default"], "GENERATED ALWAYS AS ") === 0 ? " disabled=''" : "";
- $attrs = " name='fields[$name]'$disabled" . ($autofocus ? " autofocus" : "");
- $enums = $driver->enumLength($field);
- if ($enums) {
- $field["type"] = "enum";
- $field["length"] = $enums;
- }
- echo $driver->unconvertFunction($field) . " ";
- if ($field["type"] == "enum") {
- echo h($functions[""]) . "<td>" . $adminer->editInput($_GET["edit"], $field, $attrs, $value);
- } else {
- $has_function = (in_array($function, $functions) || isset($functions[$function]));
- echo (count($functions) > 1
- ? "<select name='function[$name]'$disabled>" . optionlist($functions, $function === null || $has_function ? $function : "") . "</select>"
- . on_help("getTarget(event).value.replace(/^SQL\$/, '')", 1)
- . script("qsl('select').onchange = functionChange;", "")
- : h(reset($functions))
- ) . '<td>';
- $input = $adminer->editInput($_GET["edit"], $field, $attrs, $value); // usage in call is without a table
- if ($input != "") {
- echo $input;
- } elseif (preg_match('~bool~', $field["type"])) {
- echo "<input type='hidden'$attrs value='0'>"
- . "<input type='checkbox'" . (preg_match('~^(1|t|true|y|yes|on)$~i', $value) ? " checked='checked'" : "") . "$attrs value='1'>";
- } elseif ($field["type"] == "set") {
- preg_match_all("~'((?:[^']|'')*)'~", $field["length"], $matches);
- foreach ($matches[1] as $i => $val) {
- $val = stripcslashes(str_replace("''", "'", $val));
- $checked = in_array($val, explode(",", $value), true);
- echo " <label><input type='checkbox' name='fields[$name][$i]' value='" . h($val) . "'" . ($checked ? ' checked' : '') . ">" . h($adminer->editVal($val, $field)) . '</label>';
- }
- } elseif (preg_match('~blob|bytea|raw|file~', $field["type"]) && ini_bool("file_uploads")) {
- echo "<input type='file' name='fields-$name'>";
- } elseif (($text = preg_match('~text|lob|memo~i', $field["type"])) || preg_match("~\n~", $value)) {
- if ($text && JUSH != "sqlite") {
- $attrs .= " cols='50' rows='12'";
- } else {
- $rows = min(12, substr_count($value, "\n") + 1);
- $attrs .= " cols='30' rows='$rows'" . ($rows == 1 ? " style='height: 1.2em;'" : ""); // 1.2em - line-height
- }
- echo "<textarea$attrs>" . h($value) . '</textarea>';
- } elseif ($function == "json" || preg_match('~^jsonb?$~', $field["type"])) {
- echo "<textarea$attrs cols='50' rows='12' class='jush-js'>" . h($value) . '</textarea>';
- } else {
- // int(3) is only a display hint
- $types = $driver->types();
- $maxlength = (!preg_match('~int~', $field["type"]) && preg_match('~^(\d+)(,(\d+))?$~', $field["length"], $match)
- ? ((preg_match("~binary~", $field["type"]) ? 2 : 1) * $match[1] + ($match[3] ? 1 : 0) + ($match[2] && !$field["unsigned"] ? 1 : 0))
- : ($types[$field["type"]] ? $types[$field["type"]] + ($field["unsigned"] ? 0 : 1) : 0)
- );
- if (JUSH == 'sql' && min_version(5.6) && preg_match('~time~', $field["type"])) {
- $maxlength += 7; // microtime
- }
- // type='date' and type='time' display localized value which may be confusing, type='datetime' uses 'T' as date and time separator
- echo "<input"
- . ((!$has_function || $function === "") && preg_match('~(?<!o)int(?!er)~', $field["type"]) && !preg_match('~\[\]~', $field["full_type"]) ? " type='number'" : "")
- . " value='" . h($value) . "'" . ($maxlength ? " data-maxlength='$maxlength'" : "")
- . (preg_match('~char|binary~', $field["type"]) && $maxlength > 20 ? " size='40'" : "")
- . "$attrs>"
- ;
- }
- echo $adminer->editHint($_GET["edit"], $field, $value);
- // skip 'original'
- $first = 0;
- foreach ($functions as $key => $val) {
- if ($key === "" || !$val) {
- break;
- }
- $first++;
- }
- if ($first) {
- echo script("mixin(qsl('td'), {onchange: partial(skipOriginal, $first), oninput: function () { this.onchange(); }});");
- }
- }
-}
-
-/** Process edit input field
-* @param one field from fields()
-* @return string or false to leave the original value
-*/
-function process_input($field) {
- global $adminer, $driver;
-
- if (stripos($field["default"], "GENERATED ALWAYS AS ") === 0) {
- return null;
- }
-
- $idf = bracket_escape($field["field"]);
- $function = $_POST["function"][$idf];
- $value = $_POST["fields"][$idf];
- if ($field["type"] == "enum" || $driver->enumLength($field)) {
- if ($value == -1) {
- return false;
- }
- if ($value == "") {
- return "NULL";
- }
- }
- if ($field["auto_increment"] && $value == "") {
- return null;
- }
- if ($function == "orig") {
- return (preg_match('~^CURRENT_TIMESTAMP~i', $field["on_update"]) ? idf_escape($field["field"]) : false);
- }
- if ($function == "NULL") {
- return "NULL";
- }
- if ($field["type"] == "set") {
- $value = implode(",", (array) $value);
- }
- if ($function == "json") {
- $function = "";
- $value = json_decode($value, true);
- if (!is_array($value)) {
- return false; //! report errors
- }
- return $value;
- }
- if (preg_match('~blob|bytea|raw|file~', $field["type"]) && ini_bool("file_uploads")) {
- $file = get_file("fields-$idf");
- if (!is_string($file)) {
- return false; //! report errors
- }
- return $driver->quoteBinary($file);
- }
- return $adminer->processInput($field, $value, $function);
-}
-
/** Compute fields() from $_POST edit data
* @return array
*/
return $return;
}
-/** Print results of search in all tables
-* @uses $_GET["where"][0]
-* @uses $_POST["tables"]
-* @return null
-*/
-function search_tables() {
- global $adminer, $connection;
- $_GET["where"][0]["val"] = $_POST["query"];
- $sep = "<ul>\n";
- foreach (table_status('', true) as $table => $table_status) {
- $name = $adminer->tableName($table_status);
- if (isset($table_status["Engine"]) && $name != "" && (!$_POST["tables"] || in_array($table, $_POST["tables"]))) {
- $result = $connection->query("SELECT" . limit("1 FROM " . table($table), " WHERE " . implode(" AND ", $adminer->selectSearchProcess(fields($table), array())), 1));
- if (!$result || $result->fetch_row()) {
- $print = "<a href='" . h(ME . "select=" . urlencode($table) . "&where[0][op]=" . urlencode($_GET["where"][0]["op"]) . "&where[0][val]=" . urlencode($_GET["where"][0]["val"])) . "'>$name</a>";
- echo "$sep<li>" . ($result ? $print : "<p class='error'>$print: " . error()) . "\n";
- $sep = "";
- }
- }
- }
- echo ($sep ? "<p class='message'>" . lang('No tables.') : "</ul>") . "\n";
-}
-
/** Send headers for export
* @param string
* @param bool
}
return $return;
}
-
-/** Return events to display help on mouse over
-* @param string JS expression
-* @param bool JS expression
-* @return string
-*/
-function on_help($command, $side = 0) {
- return script("mixin(qsl('select, input'), {onmouseover: function (event) { helpMouseover.call(this, event, $command, $side) }, onmouseout: helpMouseout});", "");
-}
-
-/** Print edit data form
-* @param string
-* @param array
-* @param mixed
-* @param bool
-* @return null
-*/
-function edit_form($table, $fields, $row, $update) {
- global $adminer, $token, $error;
- $table_name = $adminer->tableName(table_status1($table, true));
- page_header(
- ($update ? lang('Edit') : lang('Insert')),
- $error,
- array("select" => array($table, $table_name)),
- $table_name
- );
- $adminer->editRowPrint($table, $fields, $row, $update);
- if ($row === false) {
- echo "<p class='error'>" . lang('No rows.') . "\n";
- return;
- }
- ?>
-<form action="" method="post" enctype="multipart/form-data" id="form">
-<?php
- if (!$fields) {
- echo "<p class='error'>" . lang('You have no privileges to update this table.') . "\n";
- } else {
- echo "<table class='layout'>" . script("qsl('table').onkeydown = editingKeydown;");
- $autofocus = !$_POST;
- foreach ($fields as $name => $field) {
- echo "<tr><th>" . $adminer->fieldName($field);
- $default = $_GET["set"][bracket_escape($name)];
- if ($default === null) {
- $default = $field["default"];
- if ($field["type"] == "bit" && preg_match("~^b'([01]*)'\$~", $default, $regs)) {
- $default = $regs[1];
- }
- if (JUSH == "sql" && preg_match('~binary~', $field["type"])) {
- $default = bin2hex($default); // same as UNHEX
- }
- }
- $value = ($row !== null
- ? ($row[$name] != "" && JUSH == "sql" && preg_match("~enum|set~", $field["type"]) && is_array($row[$name])
- ? implode(",", $row[$name])
- : (is_bool($row[$name]) ? +$row[$name] : $row[$name])
- )
- : (!$update && $field["auto_increment"]
- ? ""
- : (isset($_GET["select"]) ? false : $default)
- )
- );
- if (!$_POST["save"] && is_string($value)) {
- $value = $adminer->editVal($value, $field);
- }
- $function = ($_POST["save"]
- ? (string) $_POST["function"][$name]
- : ($update && preg_match('~^CURRENT_TIMESTAMP~i', $field["on_update"])
- ? "now"
- : ($value === false ? null : ($value !== null ? '' : 'NULL'))
- )
- );
- if (!$_POST && !$update && $value == $field["default"] && preg_match('~^[\w.]+\(~', $value)) {
- $function = "SQL";
- }
- if (preg_match("~time~", $field["type"]) && preg_match('~^CURRENT_TIMESTAMP~i', $value)) {
- $value = "";
- $function = "now";
- }
- if ($field["type"] == "uuid" && $value == "uuid()") {
- $value = "";
- $function = "uuid";
- }
- if ($autofocus !== false) {
- $autofocus = ($field["auto_increment"] || $function == "now" || $function == "uuid" ? null : true); // null - don't autofocus this input but check the next one
- }
- input($field, $value, $function, $autofocus);
- if ($autofocus) {
- $autofocus = false;
- }
- echo "\n";
- }
- if (!support("table")) {
- echo "<tr>"
- . "<th><input name='field_keys[]'>"
- . script("qsl('input').oninput = fieldChange;")
- . "<td class='function'>" . html_select("field_funs[]", $adminer->editFunctions(array("null" => isset($_GET["select"]))))
- . "<td><input name='field_vals[]'>"
- . "\n"
- ;
- }
- echo "</table>\n";
- }
- echo "<p>\n";
- if ($fields) {
- echo "<input type='submit' value='" . lang('Save') . "'>\n";
- if (!isset($_GET["select"])) {
- echo "<input type='submit' name='insert' value='" . ($update
- ? lang('Save and continue edit')
- : lang('Save and insert next')
- ) . "' title='Ctrl+Shift+Enter'>\n";
- echo ($update ? script("qsl('input').onclick = function () { return !ajaxForm(this.form, '" . lang('Saving') . "…', this); };") : "");
- }
- }
- echo ($update ? "<input type='submit' name='delete' value='" . lang('Delete') . "'>" . confirm() . "\n" : "");
- if (isset($_GET["select"])) {
- hidden_fields(array("check" => (array) $_POST["check"], "clone" => $_POST["clone"], "all" => $_POST["all"]));
- }
- ?>
-<input type="hidden" name="referer" value="<?php echo h(isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]); ?>">
-<input type="hidden" name="save" value="1">
-<input type="hidden" name="token" value="<?php echo $token; ?>">
-</form>
-<?php
-}
--- /dev/null
+<?php
+namespace Adminer;
+
+/** Return <script> element
+* @param string
+* @param string
+* @return string
+*/
+function script($source, $trailing = "\n") {
+ return "<script" . nonce() . ">$source</script>$trailing";
+}
+
+/** Return <script src> element
+* @param string
+* @return string
+*/
+function script_src($url) {
+ return "<script src='" . h($url) . "'" . nonce() . "></script>\n";
+}
+
+/** Get a nonce="" attribute with CSP nonce
+* @return string
+*/
+function nonce() {
+ return ' nonce="' . get_nonce() . '"';
+}
+
+/** Get a target="_blank" attribute
+* @return string
+*/
+function target_blank() {
+ return ' target="_blank" rel="noreferrer noopener"';
+}
+
+/** Escape for HTML
+* @param string
+* @return string
+*/
+function h($string) {
+ return str_replace("\0", "�", htmlspecialchars($string, ENT_QUOTES, 'utf-8'));
+}
+
+/** Convert \n to <br>
+* @param string
+* @return string
+*/
+function nl_br($string) {
+ return str_replace("\n", "<br>", $string); // nl2br() uses XHTML before PHP 5.3
+}
+
+/** Generate HTML checkbox
+* @param string
+* @param string
+* @param bool
+* @param string
+* @param string
+* @param string
+* @param string
+* @return string
+*/
+function checkbox($name, $value, $checked, $label = "", $onclick = "", $class = "", $labelled_by = "") {
+ $return = "<input type='checkbox' name='$name' value='" . h($value) . "'"
+ . ($checked ? " checked" : "")
+ . ($labelled_by ? " aria-labelledby='$labelled_by'" : "")
+ . ">"
+ . ($onclick ? script("qsl('input').onclick = function () { $onclick };", "") : "")
+ ;
+ return ($label != "" || $class ? "<label" . ($class ? " class='$class'" : "") . ">$return" . h($label) . "</label>" : $return);
+}
+
+/** Generate list of HTML options
+* @param array array of strings or arrays (creates optgroup)
+* @param mixed
+* @param bool always use array keys for value="", otherwise only string keys are used
+* @return string
+*/
+function optionlist($options, $selected = null, $use_keys = false) {
+ $return = "";
+ foreach ($options as $k => $v) {
+ $opts = array($k => $v);
+ if (is_array($v)) {
+ $return .= '<optgroup label="' . h($k) . '">';
+ $opts = $v;
+ }
+ foreach ($opts as $key => $val) {
+ $return .= '<option'
+ . ($use_keys || is_string($key) ? ' value="' . h($key) . '"' : '')
+ . ($selected !== null && ($use_keys || is_string($key) ? (string) $key : $val) === $selected ? ' selected' : '')
+ . '>' . h($val)
+ ;
+ }
+ if (is_array($v)) {
+ $return .= '</optgroup>';
+ }
+ }
+ return $return;
+}
+
+/** Generate HTML <select>
+* @param string
+* @param array
+* @param string
+* @param string
+* @param string
+* @return string
+*/
+function html_select($name, $options, $value = "", $onchange = "", $labelled_by = "") {
+ return "<select name='" . h($name) . "'"
+ . ($labelled_by ? " aria-labelledby='$labelled_by'" : "")
+ . ">" . optionlist($options, $value) . "</select>"
+ . ($onchange ? script("qsl('select').onchange = function () { $onchange };", "") : "")
+ ;
+}
+
+/** Generate HTML radio list
+* @param string
+* @param array
+* @param string
+* @return string
+*/
+function html_radios($name, $options, $value = "") {
+ $return = "";
+ foreach ($options as $key => $val) {
+ $return .= "<label><input type='radio' name='" . h($name) . "' value='" . h($key) . "'" . ($key == $value ? " checked" : "") . ">" . h($val) . "</label>";
+ }
+ return $return;
+}
+
+/** Get onclick confirmation
+* @param string
+* @param string
+* @return string
+*/
+function confirm($message = "", $selector = "qsl('input')") {
+ return script("$selector.onclick = function () { return confirm('" . ($message ? js_escape($message) : lang('Are you sure?')) . "'); };", "");
+}
+
+/** Print header for hidden fieldset (close by </div></fieldset>)
+* @param string
+* @param string
+* @param bool
+* @return null
+*/
+function print_fieldset($id, $legend, $visible = false) {
+ echo "<fieldset><legend>";
+ echo "<a href='#fieldset-$id'>$legend</a>";
+ echo script("qsl('a').onclick = partial(toggle, 'fieldset-$id');", "");
+ echo "</legend>";
+ echo "<div id='fieldset-$id'" . ($visible ? "" : " class='hidden'") . ">\n";
+}
+
+/** Return class='active' if $bold is true
+* @param bool
+* @param string
+* @return string
+*/
+function bold($bold, $class = "") {
+ return ($bold ? " class='active $class'" : ($class ? " class='$class'" : ""));
+}
+
+/** Escape string for JavaScript apostrophes
+* @param string
+* @return string
+*/
+function js_escape($string) {
+ return addcslashes($string, "\r\n'\\/"); // slash for <script>
+}
+
+/** Generate page number for pagination
+* @param int
+* @param int
+* @return string
+*/
+function pagination($page, $current) {
+ return " " . ($page == $current
+ ? $page + 1
+ : '<a href="' . h(remove_from_uri("page") . ($page ? "&page=$page" . ($_GET["next"] ? "&next=" . urlencode($_GET["next"]) : "") : "")) . '">' . ($page + 1) . "</a>"
+ );
+}
+
+/** Print hidden fields
+* @param array
+* @param array
+* @param string
+* @return bool
+*/
+function hidden_fields($process, $ignore = array(), $prefix = '') {
+ $return = false;
+ foreach ($process as $key => $val) {
+ if (!in_array($key, $ignore)) {
+ if (is_array($val)) {
+ hidden_fields($val, array(), $key);
+ } else {
+ $return = true;
+ echo '<input type="hidden" name="' . h($prefix ? $prefix . "[$key]" : $key) . '" value="' . h($val) . '">';
+ }
+ }
+ }
+ return $return;
+}
+
+/** Print hidden fields for GET forms
+* @return null
+*/
+function hidden_fields_get() {
+ echo (sid() ? '<input type="hidden" name="' . session_name() . '" value="' . h(session_id()) . '">' : '');
+ echo (SERVER !== null ? '<input type="hidden" name="' . DRIVER . '" value="' . h(SERVER) . '">' : "");
+ echo '<input type="hidden" name="username" value="' . h($_GET["username"]) . '">';
+}
+
+/** Print enum input field
+* @param string "radio"|"checkbox"
+* @param string
+* @param array
+* @param mixed string|array
+* @param string
+* @return null
+*/
+function enum_input($type, $attrs, $field, $value, $empty = null) {
+ global $adminer;
+ preg_match_all("~'((?:[^']|'')*)'~", $field["length"], $matches);
+ $return = ($empty !== null ? "<label><input type='$type'$attrs value='$empty'" . ((is_array($value) ? in_array($empty, $value) : $value === $empty) ? " checked" : "") . "><i>" . lang('empty') . "</i></label>" : "");
+ foreach ($matches[1] as $i => $val) {
+ $val = stripcslashes(str_replace("''", "'", $val));
+ $checked = (is_array($value) ? in_array($val, $value) : $value === $val);
+ $return .= " <label><input type='$type'$attrs value='" . h($val) . "'" . ($checked ? ' checked' : '') . '>' . h($adminer->editVal($val, $field)) . '</label>';
+ }
+ return $return;
+}
+
+/** Print edit input field
+* @param array one field from fields()
+* @param mixed
+* @param string
+* @param bool
+* @return null
+*/
+function input($field, $value, $function, $autofocus = false) {
+ global $driver, $adminer;
+ $name = h(bracket_escape($field["field"]));
+ echo "<td class='function'>";
+ if (is_array($value) && !$function) {
+ $value = json_encode($value, 128); // 128 - JSON_PRETTY_PRINT available since PHP 5.4
+ $function = "json";
+ }
+ $reset = (JUSH == "mssql" && $field["auto_increment"]);
+ if ($reset && !$_POST["save"]) {
+ $function = null;
+ }
+ $functions = (isset($_GET["select"]) || $reset ? array("orig" => lang('original')) : array()) + $adminer->editFunctions($field);
+ $disabled = stripos($field["default"], "GENERATED ALWAYS AS ") === 0 ? " disabled=''" : "";
+ $attrs = " name='fields[$name]'$disabled" . ($autofocus ? " autofocus" : "");
+ $enums = $driver->enumLength($field);
+ if ($enums) {
+ $field["type"] = "enum";
+ $field["length"] = $enums;
+ }
+ echo $driver->unconvertFunction($field) . " ";
+ if ($field["type"] == "enum") {
+ echo h($functions[""]) . "<td>" . $adminer->editInput($_GET["edit"], $field, $attrs, $value);
+ } else {
+ $has_function = (in_array($function, $functions) || isset($functions[$function]));
+ echo (count($functions) > 1
+ ? "<select name='function[$name]'$disabled>" . optionlist($functions, $function === null || $has_function ? $function : "") . "</select>"
+ . on_help("getTarget(event).value.replace(/^SQL\$/, '')", 1)
+ . script("qsl('select').onchange = functionChange;", "")
+ : h(reset($functions))
+ ) . '<td>';
+ $input = $adminer->editInput($_GET["edit"], $field, $attrs, $value); // usage in call is without a table
+ if ($input != "") {
+ echo $input;
+ } elseif (preg_match('~bool~', $field["type"])) {
+ echo "<input type='hidden'$attrs value='0'>"
+ . "<input type='checkbox'" . (preg_match('~^(1|t|true|y|yes|on)$~i', $value) ? " checked='checked'" : "") . "$attrs value='1'>";
+ } elseif ($field["type"] == "set") {
+ preg_match_all("~'((?:[^']|'')*)'~", $field["length"], $matches);
+ foreach ($matches[1] as $i => $val) {
+ $val = stripcslashes(str_replace("''", "'", $val));
+ $checked = in_array($val, explode(",", $value), true);
+ echo " <label><input type='checkbox' name='fields[$name][$i]' value='" . h($val) . "'" . ($checked ? ' checked' : '') . ">" . h($adminer->editVal($val, $field)) . '</label>';
+ }
+ } elseif (preg_match('~blob|bytea|raw|file~', $field["type"]) && ini_bool("file_uploads")) {
+ echo "<input type='file' name='fields-$name'>";
+ } elseif (($text = preg_match('~text|lob|memo~i', $field["type"])) || preg_match("~\n~", $value)) {
+ if ($text && JUSH != "sqlite") {
+ $attrs .= " cols='50' rows='12'";
+ } else {
+ $rows = min(12, substr_count($value, "\n") + 1);
+ $attrs .= " cols='30' rows='$rows'" . ($rows == 1 ? " style='height: 1.2em;'" : ""); // 1.2em - line-height
+ }
+ echo "<textarea$attrs>" . h($value) . '</textarea>';
+ } elseif ($function == "json" || preg_match('~^jsonb?$~', $field["type"])) {
+ echo "<textarea$attrs cols='50' rows='12' class='jush-js'>" . h($value) . '</textarea>';
+ } else {
+ // int(3) is only a display hint
+ $types = $driver->types();
+ $maxlength = (!preg_match('~int~', $field["type"]) && preg_match('~^(\d+)(,(\d+))?$~', $field["length"], $match)
+ ? ((preg_match("~binary~", $field["type"]) ? 2 : 1) * $match[1] + ($match[3] ? 1 : 0) + ($match[2] && !$field["unsigned"] ? 1 : 0))
+ : ($types[$field["type"]] ? $types[$field["type"]] + ($field["unsigned"] ? 0 : 1) : 0)
+ );
+ if (JUSH == 'sql' && min_version(5.6) && preg_match('~time~', $field["type"])) {
+ $maxlength += 7; // microtime
+ }
+ // type='date' and type='time' display localized value which may be confusing, type='datetime' uses 'T' as date and time separator
+ echo "<input"
+ . ((!$has_function || $function === "") && preg_match('~(?<!o)int(?!er)~', $field["type"]) && !preg_match('~\[\]~', $field["full_type"]) ? " type='number'" : "")
+ . " value='" . h($value) . "'" . ($maxlength ? " data-maxlength='$maxlength'" : "")
+ . (preg_match('~char|binary~', $field["type"]) && $maxlength > 20 ? " size='40'" : "")
+ . "$attrs>"
+ ;
+ }
+ echo $adminer->editHint($_GET["edit"], $field, $value);
+ // skip 'original'
+ $first = 0;
+ foreach ($functions as $key => $val) {
+ if ($key === "" || !$val) {
+ break;
+ }
+ $first++;
+ }
+ if ($first) {
+ echo script("mixin(qsl('td'), {onchange: partial(skipOriginal, $first), oninput: function () { this.onchange(); }});");
+ }
+ }
+}
+
+/** Process edit input field
+* @param one field from fields()
+* @return string or false to leave the original value
+*/
+function process_input($field) {
+ global $adminer, $driver;
+ if (stripos($field["default"], "GENERATED ALWAYS AS ") === 0) {
+ return null;
+ }
+ $idf = bracket_escape($field["field"]);
+ $function = $_POST["function"][$idf];
+ $value = $_POST["fields"][$idf];
+ if ($field["type"] == "enum" || $driver->enumLength($field)) {
+ if ($value == -1) {
+ return false;
+ }
+ if ($value == "") {
+ return "NULL";
+ }
+ }
+ if ($field["auto_increment"] && $value == "") {
+ return null;
+ }
+ if ($function == "orig") {
+ return (preg_match('~^CURRENT_TIMESTAMP~i', $field["on_update"]) ? idf_escape($field["field"]) : false);
+ }
+ if ($function == "NULL") {
+ return "NULL";
+ }
+ if ($field["type"] == "set") {
+ $value = implode(",", (array) $value);
+ }
+ if ($function == "json") {
+ $function = "";
+ $value = json_decode($value, true);
+ if (!is_array($value)) {
+ return false; //! report errors
+ }
+ return $value;
+ }
+ if (preg_match('~blob|bytea|raw|file~', $field["type"]) && ini_bool("file_uploads")) {
+ $file = get_file("fields-$idf");
+ if (!is_string($file)) {
+ return false; //! report errors
+ }
+ return $driver->quoteBinary($file);
+ }
+ return $adminer->processInput($field, $value, $function);
+}
+
+/** Print results of search in all tables
+* @uses $_GET["where"][0]
+* @uses $_POST["tables"]
+* @return null
+*/
+function search_tables() {
+ global $adminer, $connection;
+ $_GET["where"][0]["val"] = $_POST["query"];
+ $sep = "<ul>\n";
+ foreach (table_status('', true) as $table => $table_status) {
+ $name = $adminer->tableName($table_status);
+ if (isset($table_status["Engine"]) && $name != "" && (!$_POST["tables"] || in_array($table, $_POST["tables"]))) {
+ $result = $connection->query("SELECT" . limit("1 FROM " . table($table), " WHERE " . implode(" AND ", $adminer->selectSearchProcess(fields($table), array())), 1));
+ if (!$result || $result->fetch_row()) {
+ $print = "<a href='" . h(ME . "select=" . urlencode($table) . "&where[0][op]=" . urlencode($_GET["where"][0]["op"]) . "&where[0][val]=" . urlencode($_GET["where"][0]["val"])) . "'>$name</a>";
+ echo "$sep<li>" . ($result ? $print : "<p class='error'>$print: " . error()) . "\n";
+ $sep = "";
+ }
+ }
+ }
+ echo ($sep ? "<p class='message'>" . lang('No tables.') : "</ul>") . "\n";
+}
+
+/** Return events to display help on mouse over
+* @param string JS expression
+* @param bool JS expression
+* @return string
+*/
+function on_help($command, $side = 0) {
+ return script("mixin(qsl('select, input'), {onmouseover: function (event) { helpMouseover.call(this, event, $command, $side) }, onmouseout: helpMouseout});", "");
+}
+
+/** Print edit data form
+* @param string
+* @param array
+* @param mixed
+* @param bool
+* @return null
+*/
+function edit_form($table, $fields, $row, $update) {
+ global $adminer, $token, $error;
+ $table_name = $adminer->tableName(table_status1($table, true));
+ page_header(
+ ($update ? lang('Edit') : lang('Insert')),
+ $error,
+ array("select" => array($table, $table_name)),
+ $table_name
+ );
+ $adminer->editRowPrint($table, $fields, $row, $update);
+ if ($row === false) {
+ echo "<p class='error'>" . lang('No rows.') . "\n";
+ return;
+ }
+ ?>
+<form action="" method="post" enctype="multipart/form-data" id="form">
+<?php
+ if (!$fields) {
+ echo "<p class='error'>" . lang('You have no privileges to update this table.') . "\n";
+ } else {
+ echo "<table class='layout'>" . script("qsl('table').onkeydown = editingKeydown;");
+ $autofocus = !$_POST;
+ foreach ($fields as $name => $field) {
+ echo "<tr><th>" . $adminer->fieldName($field);
+ $default = $_GET["set"][bracket_escape($name)];
+ if ($default === null) {
+ $default = $field["default"];
+ if ($field["type"] == "bit" && preg_match("~^b'([01]*)'\$~", $default, $regs)) {
+ $default = $regs[1];
+ }
+ if (JUSH == "sql" && preg_match('~binary~', $field["type"])) {
+ $default = bin2hex($default); // same as UNHEX
+ }
+ }
+ $value = ($row !== null
+ ? ($row[$name] != "" && JUSH == "sql" && preg_match("~enum|set~", $field["type"]) && is_array($row[$name])
+ ? implode(",", $row[$name])
+ : (is_bool($row[$name]) ? +$row[$name] : $row[$name])
+ )
+ : (!$update && $field["auto_increment"]
+ ? ""
+ : (isset($_GET["select"]) ? false : $default)
+ )
+ );
+ if (!$_POST["save"] && is_string($value)) {
+ $value = $adminer->editVal($value, $field);
+ }
+ $function = ($_POST["save"]
+ ? (string) $_POST["function"][$name]
+ : ($update && preg_match('~^CURRENT_TIMESTAMP~i', $field["on_update"])
+ ? "now"
+ : ($value === false ? null : ($value !== null ? '' : 'NULL'))
+ )
+ );
+ if (!$_POST && !$update && $value == $field["default"] && preg_match('~^[\w.]+\(~', $value)) {
+ $function = "SQL";
+ }
+ if (preg_match("~time~", $field["type"]) && preg_match('~^CURRENT_TIMESTAMP~i', $value)) {
+ $value = "";
+ $function = "now";
+ }
+ if ($field["type"] == "uuid" && $value == "uuid()") {
+ $value = "";
+ $function = "uuid";
+ }
+ if ($autofocus !== false) {
+ $autofocus = ($field["auto_increment"] || $function == "now" || $function == "uuid" ? null : true); // null - don't autofocus this input but check the next one
+ }
+ input($field, $value, $function, $autofocus);
+ if ($autofocus) {
+ $autofocus = false;
+ }
+ echo "\n";
+ }
+ if (!support("table")) {
+ echo "<tr>"
+ . "<th><input name='field_keys[]'>"
+ . script("qsl('input').oninput = fieldChange;")
+ . "<td class='function'>" . html_select("field_funs[]", $adminer->editFunctions(array("null" => isset($_GET["select"]))))
+ . "<td><input name='field_vals[]'>"
+ . "\n"
+ ;
+ }
+ echo "</table>\n";
+ }
+ echo "<p>\n";
+ if ($fields) {
+ echo "<input type='submit' value='" . lang('Save') . "'>\n";
+ if (!isset($_GET["select"])) {
+ echo "<input type='submit' name='insert' value='" . ($update
+ ? lang('Save and continue edit')
+ : lang('Save and insert next')
+ ) . "' title='Ctrl+Shift+Enter'>\n";
+ echo ($update ? script("qsl('input').onclick = function () { return !ajaxForm(this.form, '" . lang('Saving') . "…', this); };") : "");
+ }
+ }
+ echo ($update ? "<input type='submit' name='delete' value='" . lang('Delete') . "'>" . confirm() . "\n" : "");
+ if (isset($_GET["select"])) {
+ hidden_fields(array("check" => (array) $_POST["check"], "clone" => $_POST["clone"], "all" => $_POST["all"]));
+ }
+ ?>
+<input type="hidden" name="referer" value="<?php echo h(isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]); ?>">
+<input type="hidden" name="save" value="1">
+<input type="hidden" name="token" value="<?php echo $token; ?>">
+</form>
+<?php
+}
projects / adminer.git / commitdiff