libraries/display_create_table.lib.php

   1 <?php
   2 /* $Id$ */
   3 // vim: expandtab sw=4 ts=4 sts=4:
   4
   5 // Displays form for creating a table (if user has privileges for that)
   6
   7 require_once('./libraries/check_user_privileges.lib.php');
   8
   9 $is_create_table_priv = FALSE;
  10
  11 foreach( $dbs_where_create_table_allowed as $allowed_db ) {
  12
  13     // if we find the exact db name, we stop here
  14     if ($allowed_db == $db) {
  15         $is_create_table_priv = TRUE;
  16         break;
  17     }
  18
  19     // '*' indicates a global CREATE priv
  20     if ($allowed_db == '*') {
  21         $is_create_table_priv = TRUE;
  22         break;
  23     }
  24
  25     if (ereg('%|_', $allowed_db)) {
  26         // take care of wildcards and escaped wildcards,
  27         // transforming them into regexp patterns
  28         $max_position = strlen($allowed_db) - 1;
  29         $i = 0;
  30         $pattern = '';
  31         while ($i <= $max_position) {
  32             if ($allowed_db[$i] == '\\'){
  33                 if ($i < $max_position - 1 && $allowed_db[$i+1] == '_'){
  34                     $chunk = '_';
  35                     $i++;
  36                 } elseif ($i < $max_position - 1 && $allowed_db[$i+1] == '%'){
  37                     $chunk = '%';
  38                     $i++;
  39                 } else {
  40                     $chunk = $allowed_db[$i];
  41                 }
  42             } elseif ($allowed_db[$i] == '_'){
  43                 $chunk = '.';
  44             } elseif ($allowed_db[$i] == '%'){
  45                 $chunk = '(.)*';
  46             } else {
  47                 $chunk = $allowed_db[$i];
  48             }
  49             $pattern .= $chunk;
  50             $i++;
  51         } // end while
  52         unset($i, $max_position, $chunk);
  53
  54         $matches = '';
  55         if (preg_match('@' .$pattern . '@i', $db, $matches)) {
  56             if ($matches[0] == $db) {
  57                 $is_create_table_priv = TRUE;
  58                 break;
  59                 //TODO: maybe receive in $allowed_db also the db names
  60                 // on which we cannot CREATE, and check them
  61                 // in this foreach, because if a user is allowed to CREATE
  62                 // on db foo% but forbidden on db foobar, he should not
  63                 // see the Create table dialog
  64             }
  65         }
  66     }
  67 } // end foreach
  68 unset($i, $max_position, $chunk, $pattern);
  69
  70 ?>
  71 <form method="post" action="tbl_create.php"
  72     onsubmit="return (emptyFormElements(this, 'table') &amp;&amp; checkFormElementInRange(this, 'num_fields', '<?php echo str_replace('\'', '\\\'', $GLOBALS['strInvalidFieldCount']); ?>', 1))">
  73 <fieldset>
  74     <legend>
  75 <?php
  76 if ( $GLOBALS['cfg']['PropertiesIconic'] ) {
  77     echo '<img class="icon" src="' . $pmaThemeImage . 'b_newtbl.png" width="16" height="16" alt="" />';
  78 }
  79 echo sprintf( $strCreateNewTable, PMA_getDbLink() );
  80 ?>
  81     </legend>
  82 <?php if ( $is_create_table_priv ) { ?>
  83     <?php echo PMA_generate_common_hidden_inputs( $db ); ?>
  84     <div class="formelement">
  85         <?php echo $strName; ?>:
  86         <input type="text" name="table" maxlength="64" size="30" />
  87     </div>
  88     <div class="formelement">
  89         <?php echo $strNumberOfFields; ?>:
  90         <input type="text" name="num_fields" size="2" />
  91     </div>
  92 </fieldset>
  93 <fieldset class="tblFooters">
  94     <input type="submit" value="<?php echo $strGo; ?>" />
  95 <?php } else { ?>
  96     <div class="error"><?php echo $strNoPrivileges; ?></div>
  97 <?php } // end if else ?>
  98 </fieldset>
  99 </form>