}
echo lang('DB') . ": " . html_select("db", $dbs, $row["db"] != "" ? $row["db"] : $_GET["db"], $onchange);
}
+echo input_hidden("change-js");
?>
-<input type="hidden" name="change-js" value="">
<noscript><p><input type="submit" name="change" value="<?php echo lang('Change'); ?>"></noscript>
<table>
<thead><tr><th id="label-source"><?php echo lang('Source'); ?><th id="label-target"><?php echo lang('Target'); ?></thead>
}
foreach (array("import", "sql", "schema", "dump", "privileges") as $val) {
if (isset($_GET[$val])) {
- echo "<input type='hidden' name='$val' value=''>";
+ echo input_hidden($val);
break;
}
}
echo (support("database")
? "<div class='footer'><div>\n"
. "<fieldset><legend>" . lang('Selected') . " <span id='selected'></span></legend><div>\n"
- . "<input type='hidden' name='all' value=''>" . script("qsl('input').onclick = function () { selectCount('selected', formChecked(this, /^db/)); };") // used by trCheck()
+ . input_hidden("all") . script("qsl('input').onclick = function () { selectCount('selected', formChecked(this, /^db/)); };") // used by trCheck()
. "<input type='submit' name='drop' value='" . lang('Drop') . "'>" . confirm() . "\n"
. "</div></fieldset>\n"
. "</div></div>\n"
if ($display) {
echo "<input name='fields[$i][field]' value='" . h($field["field"]) . "' data-maxlength='64' autocapitalize='off' aria-labelledby='label-name'>\n";
}
- echo "<input type='hidden' name='fields[$i][orig]' value='" . h($orig) . "'>";
+ echo input_hidden("fields[$i][orig]", $orig);
edit_type("fields[$i]", $field, $collations, $foreign_keys);
if ($type == "TABLE") {
echo "<td>" . checkbox("fields[$i][null]", 1, $field["null"], "", "", "block", "label-null");
return ' nonce="' . get_nonce() . '"';
}
+/** Get <input type="hidden">
+* @param string
+* @param string
+* @return string HTML
+*/
+function input_hidden($name, $value = "") {
+ return "<input type='hidden' name='" . h($name) . "' value='" . h($value) . "'>\n";
+}
+
/** Get <input type="hidden" name="token">
* @param string token to use instead of global $token
* @return string HTML
*/
function input_token($special = "") {
global $token;
- return "<input type='hidden' name='token' value='" . ($special ?: $token) . "'>\n";
+ return input_hidden("token", ($special ?: $token));
}
/** Get a target="_blank" attribute
hidden_fields($val, array(), $key);
} else {
$return = true;
- echo '<input type="hidden" name="' . h($prefix ? $prefix . "[$key]" : $key) . '" value="' . h($val) . '">';
+ echo input_hidden(($prefix ? $prefix . "[$key]" : $key), $val);
}
}
}
* @return null
*/
function hidden_fields_get() {
- echo (sid() ? '<input type="hidden" name="' . session_name() . '" value="' . h(session_id()) . '">' : '');
- echo (SERVER !== null ? '<input type="hidden" name="' . DRIVER . '" value="' . h(SERVER) . '">' : "");
- echo '<input type="hidden" name="username" value="' . h($_GET["username"]) . '">';
+ echo (sid() ? input_hidden(session_name(), session_id()) : '');
+ echo (SERVER !== null ? input_hidden(DRIVER, SERVER) : "");
+ echo input_hidden("username", $_GET["username"]);
}
/** Print enum input field
if (isset($_GET["select"])) {
hidden_fields(array("check" => (array) $_POST["check"], "clone" => $_POST["clone"], "all" => $_POST["all"]));
}
- echo "<input type='hidden' name='referer' value='" . h(isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]) . "'>\n";
- echo "<input type='hidden' name='save' value='1'>\n";
+ echo input_hidden("referer", (isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]));
+ echo input_hidden("save", 1);
echo input_token();
echo "</form>\n";
}
echo "<form action=''><p>\n";
hidden_fields_get();
-echo "<input type='hidden' name='db' value='" . h(DB) . "'>\n";
-echo ($grant ? "" : "<input type='hidden' name='grant' value=''>\n");
+echo input_hidden("db", DB);
+echo ($grant ? "" : input_hidden("grant"));
echo "<table class='odds'>\n";
echo "<thead><tr><th>" . lang('Username') . "<th>" . lang('Server') . "<th></thead>\n";
echo "<form action='' id='form'>\n";
echo "<div style='display: none;'>";
hidden_fields_get();
- echo (DB != "" ? '<input type="hidden" name="db" value="' . h(DB) . '">' . (isset($_GET["ns"]) ? '<input type="hidden" name="ns" value="' . h($_GET["ns"]) . '">' : "") : ""); // not used in Editor
- echo '<input type="hidden" name="select" value="' . h($TABLE) . '">';
+ echo (DB != "" ? input_hidden("db", DB) . (isset($_GET["ns"]) ? input_hidden("ns", $_GET["ns"]) : "") : ""); // not used in Editor
+ echo input_hidden("select", $TABLE);
echo "</div>\n";
$adminer->selectColumnsPrint($select, $columns);
$adminer->selectSearchPrint($where, $search_columns, $indexes);
echo ", <a href='#$id'>" . lang('Export') . "</a>" . script("qsl('a').onclick = partial(toggle, '$id');", "") . "<span id='$id' class='hidden'>: "
. html_select("output", $adminer->dumpOutput(), $adminer_export["output"]) . " "
. html_select("format", $dump_format, $adminer_export["format"])
- . "<input type='hidden' name='query' value='" . h($q) . "'>"
- . " <input type='submit' name='export' value='" . lang('Export') . "'>" . input_token() . "</span>\n"
+ . input_hidden("query", $q)
+ . "<input type='submit' name='export' value='" . lang('Export') . "'>" . input_token() . "</span>\n"
. "</form>\n"
;
}
foreach ($grants as $object => $grant) {
echo '<th>' . ($object != "*.*"
? "<input name='objects[$i]' value='" . h($object) . "' size='10' autocapitalize='off'>"
- : "<input type='hidden' name='objects[$i]' value='*.*' size='10'>*.*"
+ : input_hidden("objects[$i]", "*.*") . "*.*"
); //! separate db, table, columns, PROCEDURE|FUNCTION, routine
$i++;
}
}
}
if ($project != "editor" && count($drivers) == 1) {
- $file = str_replace('html_select("auth[driver]", $drivers, DRIVER, "loginDriver(this);")', "\"<input type='hidden' name='auth[driver]' value='" . ($vendor == "mysql" ? "server" : $vendor) . "'>" . reset($drivers) . "\"", $file, $count);
+ $file = str_replace('html_select("auth[driver]", $drivers, DRIVER, "loginDriver(this);")', 'input_hidden("auth[driver]", "' . ($vendor == "mysql" ? "server" : $vendor) . '") . "' . reset($drivers) . '"', $file, $count);
if (!$count) {
echo "auth[driver] form field not found\n";
}
function loginForm() {
echo "<table class='layout'>\n";
- echo $this->loginFormField('username', '<tr><th>' . lang('Username') . '<td>', '<input type="hidden" name="auth[driver]" value="server"><input name="auth[username]" autofocus value="' . h($_GET["username"]) . '" autocomplete="username" autocapitalize="off">');
+ echo $this->loginFormField('username', '<tr><th>' . lang('Username') . '<td>', input_hidden("auth[driver]", "server") . '<input name="auth[username]" autofocus value="' . h($_GET["username"]) . '" autocomplete="username" autocapitalize="off">');
echo $this->loginFormField('password', '<tr><th>' . lang('Password') . '<td>', '<input type="password" name="auth[password]" autocomplete="current-password">');
echo "</table>\n";
echo "<p><input type='submit' value='" . lang('Login') . "'>\n";
if (preg_match("~enum~", $field["type"]) || like_bool($field)) { //! set - uses 1 << $i and FIND_IN_SET()
$key = $keys[$name];
$i--;
- echo "<div>" . h($desc) . "<input type='hidden' name='where[$i][col]' value='" . h($name) . "'>:";
+ echo "<div>" . h($desc) . input_hidden("where[$i][col]", $name) . ":";
echo (like_bool($field)
? " <select name='where[$i][val]'>" . optionlist(array("" => "", lang('no'), lang('yes')), $where[$key]["val"], true) . "</select>"
: enum_input("checkbox", " name='where[$i][val][]'", $field, (array) $where[$key]["val"], ($field["null"] ? 0 : null))
}
$key = $keys[$name];
$i--;
- echo "<div>" . h($desc) . "<input type='hidden' name='where[$i][col]' value='" . h($name) . "'><input type='hidden' name='where[$i][op]' value='='>: <select name='where[$i][val]'>" . optionlist($options, $where[$key]["val"], true) . "</select></div>\n";
+ echo "<div>" . h($desc) . input_hidden("where[$i][col]", $name) . input_hidden("where[$i][op]", "=") . ": <select name='where[$i][val]'>" . optionlist($options, $where[$key]["val"], true) . "</select></div>\n";
unset($columns[$name]);
}
}
echo "<p><textarea name='email_message' rows='15' cols='75'>" . h($_POST["email_message"] . ($_POST["email_append"] ? '{$' . "$_POST[email_addition]}" : "")) . "</textarea>\n";
echo "<p>" . script("qsl('p').onkeydown = partialArg(bodyKeydown, 'email_append');", "") . html_select("email_addition", $columns, $_POST["email_addition"]) . "<input type='submit' name='email_append' value='" . lang('Insert') . "'>\n"; //! JavaScript
echo "<p>" . lang('Attachments') . ": <input type='file' name='email_files[]'>" . script("qsl('input').onchange = emailFileChange;");
- echo "<p>" . (count($emailFields) == 1 ? '<input type="hidden" name="email_field" value="' . h(key($emailFields)) . '">' : html_select("email_field", $emailFields));
+ echo "<p>" . (count($emailFields) == 1 ? input_hidden("email_field", key($emailFields)) : html_select("email_field", $emailFields));
echo "<input type='submit' name='email' value='" . lang('Send') . "'>" . confirm();
echo "</div>\n";
echo "</div></fieldset>\n";
function navigation($missing) {
echo "<form action='' method='post' style='position: fixed; bottom: .5em; right: .5em;'>";
echo Adminer\html_select("design", array("" => "(design)") + $this->designs, $_SESSION["design"], "this.form.submit();");
- echo '<input type="hidden" name="token" value="' . Adminer\get_token() . '">';
+ echo Adminer\input_token();
echo "</form>\n";
}
}
el.value = '';
this.parentNode.appendChild(el);
};");
- echo "<p>" . (count($emailFields) == 1 ? '<input type="hidden" name="email_field" value="' . Adminer\h(key($emailFields)) . '">' : Adminer\html_select("email_field", $emailFields));
+ echo "<p>" . (count($emailFields) == 1 ? Adminer\input_hidden("email_field", key($emailFields)) : Adminer\html_select("email_field", $emailFields));
echo "<input type='submit' name='email' value='" . ('Send') . "'>" . Adminer\confirm();
echo "</div>\n";
echo "</div></fieldset>\n";
projects / adminer.git / commitdiff