search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
sorry, wrong version checked in
[phpmyadmin/arisferyanto.git] / tbl_replace.php
blob72efc2a8fe4add4822f8c2d22d93fc21ebcb7630
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
4
5 /**
6 * Gets some core libraries
7 */
8 require_once('./libraries/common.lib.php');
9
10 // Check parameters
11 PMA_checkParameters(array('db','table','goto'));
12
13 PMA_DBI_select_db($db);
14
15 /**
16 * Initializes some variables
17 */
18 // Defines the url to return in case of success of the query
19 if (isset($sql_query)) {
20 $sql_query = urldecode($sql_query);
21 }
22 if (!isset($dontlimitchars)) {
23 $dontlimitchars = 0;
24 }
25 $is_gotofile = FALSE;
26 if (isset($after_insert) && $after_insert == 'new_insert') {
27 $goto = 'tbl_change.php?'
28 . PMA_generate_common_url($db, $table, '&')
29 . '&goto=' . urlencode($goto)
30 . '&pos=' . $pos
31 . '&session_max_rows=' . $session_max_rows
32 . '&disp_direction=' . $disp_direction
33 . '&repeat_cells=' . $repeat_cells
34 . '&dontlimitchars=' . $dontlimitchars
35 . (empty($sql_query) ? '' : '&sql_query=' . urlencode($sql_query));
36 } elseif (isset($after_insert) && $after_insert == 'same_insert') {
37 $goto = 'tbl_change.php?'
38 . PMA_generate_common_url($db, $table, '&')
39 . '&goto=' . urlencode($goto)
40 . '&pos=' . $pos
41 . '&session_max_rows=' . $session_max_rows
42 . '&disp_direction=' . $disp_direction
43 . '&repeat_cells=' . $repeat_cells
44 . '&dontlimitchars=' . $dontlimitchars
45 . (empty($sql_query) ? '' : '&sql_query=' . urlencode($sql_query));
46 if (isset($primary_key)) {
47 foreach ($primary_key AS $pk) {
48 $goto .= '&primary_key[]=' . $pk;
49 }
50 }
51 } elseif (isset($after_insert) && $after_insert == 'edit_next') {
52 $goto = 'tbl_change.php?'
53 . PMA_generate_common_url($db, $table, '&')
54 . '&goto=' . urlencode($goto)
55 . '&pos=' . $pos
56 . '&session_max_rows=' . $session_max_rows
57 . '&disp_direction=' . $disp_direction
58 . '&repeat_cells=' . $repeat_cells
59 . '&dontlimitchars=' . $dontlimitchars
60 . (empty($sql_query) ? '' : '&sql_query=' . urlencode($sql_query));
61 if (isset($primary_key)) {
62 foreach ($primary_key AS $pk) {
63 $local_query = 'SELECT * FROM ' . PMA_backquote($table) . ' WHERE ' . str_replace('` =', '` >', urldecode($pk)) . ' LIMIT 1;';
64 $res = PMA_DBI_query($local_query);
65 $row = PMA_DBI_fetch_row($res);
66 $meta = PMA_DBI_get_fields_meta($res);
67 $goto .= '&primary_key[]=' . urlencode(PMA_getUvaCondition($res, count($row), $meta, $row));
68 }
69 }
70 } else if ($goto == 'sql.php') {
71 $goto = 'sql.php?'
72 . PMA_generate_common_url($db, $table, '&')
73 . '&pos=' . $pos
74 . '&session_max_rows=' . $session_max_rows
75 . '&disp_direction=' . $disp_direction
76 . '&repeat_cells=' . $repeat_cells
77 . '&dontlimitchars=' . $dontlimitchars
78 . '&sql_query=' . urlencode($sql_query);
79 } else if (!empty($goto)) {
80 // Security checkings
81 $is_gotofile = preg_replace('@^([^?]+).*$@', '\\1', $goto);
82 if (!@file_exists('./' . $is_gotofile)) {
83 $goto = (empty($table)) ? 'db_details.php' : 'tbl_properties.php';
84 $is_gotofile = TRUE;
85 } else {
86 $is_gotofile = ($is_gotofile == $goto);
87 }
88 }
89
90 // Defines the url to return in case of failure of the query
91 if (isset($err_url)) {
92 $err_url = urldecode($err_url);
93 } else {
94 $err_url = str_replace('&', '&amp;', $goto)
95 . (empty($primary_key) ? '' : '&amp;primary_key=' . (is_array($primary_key) ? $primary_key[0] : $primary_key));
96 }
97
98 // Misc
99 $seen_binary = FALSE;
100
101 /**
102 * Prepares the update/insert of a row
103 */
104 if (isset($primary_key)) {
105 // we were editing something => use primary key
106 $loop_array = (is_array($primary_key) ? $primary_key : array(0 => $primary_key));
107 $using_key = TRUE;
108 $is_insert = ($submit_type == $strInsertAsNewRow);
109 } else {
110 // new row => use indexes
111 $loop_array = array();
112 for ($i = 0; $i < $cfg['InsertRows']; $i++) $loop_array[$i] = $i;
113 $using_key = FALSE;
114 $is_insert = TRUE;
115 }
116
117 $query = array();
118 $message = '';
119
120 foreach ($loop_array AS $primary_key_index => $enc_primary_key) {
121 // skip fields to be ignored
122 if (!$using_key && isset($GLOBALS['insert_ignore_' . $enc_primary_key])) continue;
123
124 // Restore the "primary key" to a convenient format
125 $primary_key = urldecode($enc_primary_key);
126
127 // Defines the SET part of the sql query
128 $valuelist = '';
129 $fieldlist = '';
130
131 // Map multi-edit keys to single-level arrays, dependent on how we got the fields
132 $me_fields = isset($fields['multi_edit']) && isset($fields['multi_edit'][$enc_primary_key]) ? $fields['multi_edit'][$enc_primary_key] : null;
133 $me_fields_prev = isset($fields_prev['multi_edit']) && isset($fields_prev['multi_edit'][$enc_primary_key]) ? $fields_prev['multi_edit'][$enc_primary_key] : null;
134 $me_funcs = isset($funcs['multi_edit']) && isset($funcs['multi_edit'][$enc_primary_key]) ? $funcs['multi_edit'][$enc_primary_key] : null;
135 $me_fields_type = isset($fields_type['multi_edit']) && isset($fields_type['multi_edit'][$enc_primary_key]) ? $fields_type['multi_edit'][$enc_primary_key] : null;
136 $me_fields_null = isset($fields_null['multi_edit']) && isset($fields_null['multi_edit'][$enc_primary_key]) ? $fields_null['multi_edit'][$enc_primary_key] : null;
137 $me_auto_increment = isset($auto_increment['multi_edit']) && isset($auto_increment['multi_edit'][$enc_primary_key]) ? $auto_increment['multi_edit'][$enc_primary_key] : null;
138
139 if ($using_key && isset($me_fields_type) && is_array($me_fields_type) && isset($primary_key)) {
140 $prot_result = PMA_DBI_query('SELECT * FROM ' . PMA_backquote($table) . ' WHERE ' . $primary_key . ';');
141 $prot_row = PMA_DBI_fetch_assoc($prot_result);
142 PMA_DBI_free_result($prot_result);
143 unset($prot_result);
144 }
145
146 foreach ($me_fields AS $encoded_key => $val) {
147 $key = urldecode($encoded_key);
148 $fieldlist .= PMA_backquote($key) . ', ';
149
150 require('./tbl_replace_fields.php');
151
152 if (empty($me_funcs[$encoded_key])) {
153 $cur_value = $val . ', ';
154 } else if (preg_match('@^(UNIX_TIMESTAMP)$@', $me_funcs[$encoded_key]) && $val != '\'\'') {
155 $cur_value = $me_funcs[$encoded_key] . '(' . $val . '), ';
156 } else if (preg_match('@^(NOW|CURDATE|CURTIME|UNIX_TIMESTAMP|RAND|USER|LAST_INSERT_ID)$@', $me_funcs[$encoded_key])) {
157 $cur_value = $me_funcs[$encoded_key] . '(), ';
158 } else {
159 $cur_value = $me_funcs[$encoded_key] . '(' . $val . '), ';
160 }
161
162 if ($is_insert) {
163 // insert, no need to add column
164 $valuelist .= $cur_value;
165 } else if (empty($me_funcs[$encoded_key])
166 && isset($me_fields_prev) && isset($me_fields_prev[$encoded_key])
167 && ("'" . PMA_sqlAddslashes(urldecode($me_fields_prev[$encoded_key])) . "'" == $val)) {
168 // No change for this column and no MySQL function is used -> next column
169 continue;
170 }
171 else if (!empty($val)) {
172 $valuelist .= PMA_backquote($key) . ' = ' . $cur_value;
173 }
174 } // end while
175
176 // get rid of last ,
177 $valuelist = preg_replace('@, $@', '', $valuelist);
178
179 // Builds the sql query
180 if ($is_insert) {
181 if (empty($query)) {
182 // first inserted row -> prepare template
183 $fieldlist = preg_replace('@, $@', '', $fieldlist);
184 $query = array('INSERT INTO ' . PMA_backquote($table) . ' (' . $fieldlist . ') VALUES ');
185 }
186 // append current values
187 $query[0] .= '(' . $valuelist . '), ';
188 $message = $strInsertedRows . '&nbsp;';
189 } elseif (!empty($valuelist)) {
190 // build update query
191 $query[] = 'UPDATE ' . PMA_backquote($table) . ' SET ' . $valuelist . ' WHERE' . $primary_key . ' LIMIT 1';
192
193 $message = $strAffectedRows . '&nbsp;';
194 }
195 } // end for
196
197 // trim last , from insert query
198 if ($is_insert) {
199 $query[0] = preg_replace('@, $@', '', $query[0]);
200 }
201
202 if (empty($valuelist) && empty($query)) {
203 // No change -> move back to the calling script
204 $message = $strNoModification;
205 if ($is_gotofile) {
206 $js_to_run = 'functions.js';
207 require_once('./header.inc.php');
208 require('./' . PMA_securePath($goto));
209 } else {
210 PMA_sendHeaderLocation($cfg['PmaAbsoluteUri'] . $goto . '&disp_message=' . urlencode($message) . '&disp_query=');
211
212 }
213 exit();
214 }
215
216 /**
217 * Executes the sql query and get the result, then move back to the calling
218 * page
219 */
220 $sql_query = implode(';', $query) . ';';
221 $total_affected_rows = 0;
222 $last_message = '';
223
224 foreach ($query AS $query_index => $single_query) {
225 if ($cfg['IgnoreMultiSubmitErrors']) {
226 $result = PMA_DBI_try_query($single_query);
227 } else {
228 $result = PMA_DBI_query($single_query);
229 }
230 if (!$result) {
231 $message .= PMA_DBI_getError();
232 } else {
233 if (@PMA_DBI_affected_rows()) {
234 $total_affected_rows += @PMA_DBI_affected_rows();
235 }
236
237 $insert_id = PMA_DBI_insert_id();
238 if ($insert_id != 0) {
239 $last_message .= '[br]'.$strInsertedRowId . '&nbsp;' . $insert_id;
240 }
241 } // end if
242 PMA_DBI_free_result($result);
243 unset($result);
244 }
245
246 if ($total_affected_rows != 0) {
247 $message .= $total_affected_rows;
248 } else {
249 $message .= $strModifications;
250 }
251
252 $message .= $last_message;
253
254 if ($is_gotofile) {
255 if ($goto == 'db_details.php' && !empty($table)) {
256 unset($table);
257 }
258 $js_to_run = 'functions.js';
259 $active_page = $goto;
260 require_once('./header.inc.php');
261 require('./' . PMA_securePath($goto));
262 } else {
263 // I don't understand this one:
264 //$add_query = (strpos(' ' . $goto, 'tbl_change') ? '&disp_query=' . urlencode($sql_query) : '');
265
266 // if we have seen binary,
267 // we do not append the query to the Location so it won't be displayed
268 // on the resulting page
269 // Nijel: we also need to limit size of url...
270 $add_query = (!$seen_binary && strlen($sql_query) < 1024 ? '&disp_query=' . urlencode($sql_query) : '');
271 PMA_sendHeaderLocation($cfg['PmaAbsoluteUri'] . $goto . '&disp_message=' . urlencode($message) . $add_query);
272 }
273 exit();
274 ?>
Browse-mode Improvements ++