bug #2961609 Potential information disclosure at login page
[phpmyadmin/dkf.git] / db_search.php
blob751675db5a7c6a91ce972785d4812f2425aff6b4
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * searchs the entire database
6 * @todo make use of UNION when searching multiple tables
7 * @todo display executed query, optional?
8 * @uses $cfg['UseDbSearch']
9 * @uses $GLOBALS['db']
10 * @uses $GLOBALS['strAccessDenied']
11 * @uses $GLOBALS['strSearchOption1']
12 * @uses $GLOBALS['strSearchOption2']
13 * @uses $GLOBALS['strSearchOption3']
14 * @uses $GLOBALS['strSearchOption4']
15 * @uses $GLOBALS['strSearchResultsFor']
16 * @uses $GLOBALS['strNumSearchResultsInTable']
17 * @uses $GLOBALS['strBrowse']
18 * @uses $GLOBALS['strDelete']
19 * @uses $GLOBALS['strNumSearchResultsTotal']
20 * @uses $GLOBALS['strSearchFormTitle']
21 * @uses $GLOBALS['strSearchNeedle']
22 * @uses $GLOBALS['strSearchType']
23 * @uses $GLOBALS['strSplitWordsWithSpace']
24 * @uses $GLOBALS['strSearchInTables']
25 * @uses $GLOBALS['strUnselectAll']
26 * @uses $GLOBALS['strSelectAll']
27 * @uses PMA_DBI_get_tables()
28 * @uses PMA_sqlAddslashes()
29 * @uses PMA_getSearchSqls()
30 * @uses PMA_DBI_fetch_value()
31 * @uses PMA_linkOrButton()
32 * @uses PMA_generate_common_url()
33 * @uses PMA_generate_common_hidden_inputs()
34 * @uses PMA_showMySQLDocu()
35 * @uses $_REQUEST['search_str']
36 * @uses $_REQUEST['submit_search']
37 * @uses $_REQUEST['search_option']
38 * @uses $_REQUEST['table_select']
39 * @uses $_REQUEST['unselectall']
40 * @uses $_REQUEST['selectall']
41 * @uses $_REQUEST['field_str']
42 * @uses is_string()
43 * @uses htmlspecialchars()
44 * @uses array_key_exists()
45 * @uses is_array()
46 * @uses array_intersect()
47 * @uses sprintf()
48 * @uses in_array()
49 * @version $Id$
50 * @author Thomas Chaumeny <chaume92 at aol.com>
51 * @package phpMyAdmin
54 /**
57 require_once './libraries/common.inc.php';
59 /**
60 * Gets some core libraries and send headers
62 require './libraries/db_common.inc.php';
64 /**
65 * init
67 // If config variable $GLOBALS['cfg']['Usedbsearch'] is on false : exit.
68 if (! $GLOBALS['cfg']['UseDbSearch']) {
69 PMA_mysqlDie($GLOBALS['strAccessDenied'], '', false, $err_url);
70 } // end if
71 $url_query .= '&amp;goto=db_search.php';
72 $url_params['goto'] = 'db_search.php';
74 /**
75 * @global array list of tables from the current database
76 * but do not clash with $tables coming from db_info.inc.php
78 $tables_names_only = PMA_DBI_get_tables($GLOBALS['db']);
80 $search_options = array(
81 '1' => $GLOBALS['strSearchOption1'],
82 '2' => $GLOBALS['strSearchOption2'],
83 '3' => $GLOBALS['strSearchOption3'],
84 '4' => $GLOBALS['strSearchOption4'],
87 if (empty($_REQUEST['search_option']) || ! is_string($_REQUEST['search_option'])
88 || ! array_key_exists($_REQUEST['search_option'], $search_options)) {
89 $search_option = 1;
90 unset($_REQUEST['submit_search']);
91 } else {
92 $search_option = (int) $_REQUEST['search_option'];
93 $option_str = $search_options[$_REQUEST['search_option']];
96 if (empty($_REQUEST['search_str']) || ! is_string($_REQUEST['search_str'])) {
97 unset($_REQUEST['submit_search']);
98 $searched = '';
99 } else {
100 $searched = htmlspecialchars($_REQUEST['search_str']);
101 // For "as regular expression" (search option 4), we should not treat
102 // this as an expression that contains a LIKE (second parameter of
103 // PMA_sqlAddslashes()).
105 // Usage example: If user is seaching for a literal $ in a regexp search,
106 // he should enter \$ as the value.
107 $search_str = PMA_sqlAddslashes($_REQUEST['search_str'], ($search_option == 4 ? false : true));
110 $tables_selected = array();
111 if (empty($_REQUEST['table_select']) || ! is_array($_REQUEST['table_select'])) {
112 unset($_REQUEST['submit_search']);
113 } elseif (! isset($_REQUEST['selectall']) && ! isset($_REQUEST['unselectall'])) {
114 $tables_selected = array_intersect($_REQUEST['table_select'], $tables_names_only);
117 if (isset($_REQUEST['selectall'])) {
118 $tables_selected = $tables_names_only;
119 } elseif (isset($_REQUEST['unselectall'])) {
120 $tables_selected = array();
123 if (empty($_REQUEST['field_str']) || ! is_string($_REQUEST['field_str'])) {
124 unset($field_str);
125 } else {
126 $field_str = PMA_sqlAddslashes($_REQUEST['field_str'], true);
130 * Displays top links
132 $sub_part = '';
133 require './libraries/db_info.inc.php';
137 * 1. Main search form has been submitted
139 if (isset($_REQUEST['submit_search'])) {
142 * Builds the SQL search query
144 * @todo can we make use of fulltextsearch IN BOOLEAN MODE for this?
145 * @uses PMA_DBI_query
146 * PMA_backquote
147 * PMA_DBI_free_result
148 * PMA_DBI_fetch_assoc
149 * $GLOBALS['db']
150 * explode
151 * count
152 * strlen
153 * @param string the table name
154 * @param string restrict the search to this field
155 * @param string the string to search
156 * @param integer type of search (1 -> 1 word at least, 2 -> all words,
157 * 3 -> exact string, 4 -> regexp)
159 * @return array 3 SQL querys (for count, display and delete results)
161 * @global string the url to return to in case of errors
162 * @global string charset connection
164 function PMA_getSearchSqls($table, $field, $search_str, $search_option)
166 global $err_url;
168 // Statement types
169 $sqlstr_select = 'SELECT';
170 $sqlstr_delete = 'DELETE';
172 // Fields to select
173 $tblfields = PMA_DBI_fetch_result('SHOW FIELDS FROM ' . PMA_backquote($table) . ' FROM ' . PMA_backquote($GLOBALS['db']),
174 null, 'Field');
176 // Table to use
177 $sqlstr_from = ' FROM ' . PMA_backquote($GLOBALS['db']) . '.' . PMA_backquote($table);
179 $search_words = (($search_option > 2) ? array($search_str) : explode(' ', $search_str));
180 $search_wds_cnt = count($search_words);
182 $like_or_regex = (($search_option == 4) ? 'REGEXP' : 'LIKE');
183 $automatic_wildcard = (($search_option < 3) ? '%' : '');
185 $fieldslikevalues = array();
186 foreach ($search_words as $search_word) {
187 // Eliminates empty values
188 if (strlen($search_word) === 0) {
189 continue;
192 $thefieldlikevalue = array();
193 foreach ($tblfields as $tblfield) {
194 if (! isset($field) || strlen($field) == 0 || $tblfield == $field) {
195 $thefieldlikevalue[] = PMA_backquote($tblfield)
196 . ' ' . $like_or_regex . ' '
197 . "'" . $automatic_wildcard
198 . $search_word
199 . $automatic_wildcard . "'";
201 } // end for
203 if (count($thefieldlikevalue) > 0) {
204 $fieldslikevalues[] = implode(' OR ', $thefieldlikevalue);
206 } // end for
208 $implode_str = ($search_option == 1 ? ' OR ' : ' AND ');
209 if ( empty($fieldslikevalues)) {
210 // this could happen when the "inside field" does not exist
211 // in any selected tables
212 $sqlstr_where = ' WHERE FALSE';
213 } else {
214 $sqlstr_where = ' WHERE (' . implode(') ' . $implode_str . ' (', $fieldslikevalues) . ')';
216 unset($fieldslikevalues);
218 // Builds complete queries
219 $sql['select_fields'] = $sqlstr_select . ' * ' . $sqlstr_from . $sqlstr_where;
220 // here, I think we need to still use the COUNT clause, even for
221 // VIEWs, anyway we have a WHERE clause that should limit results
222 $sql['select_count'] = $sqlstr_select . ' COUNT(*) AS `count`' . $sqlstr_from . $sqlstr_where;
223 $sql['delete'] = $sqlstr_delete . $sqlstr_from . $sqlstr_where;
225 return $sql;
226 } // end of the "PMA_getSearchSqls()" function
230 * Displays the results
232 $this_url_params = array(
233 'db' => $GLOBALS['db'],
234 'goto' => 'db_sql.php',
235 'pos' => 0,
236 'is_js_confirmed' => 0,
239 // Displays search string
240 echo '<br />' . "\n"
241 .'<table class="data">' . "\n"
242 .'<caption class="tblHeaders">' . "\n"
243 .sprintf($GLOBALS['strSearchResultsFor'],
244 $searched, $option_str) . "\n"
245 .'</caption>' . "\n";
247 $num_search_result_total = 0;
248 $odd_row = true;
250 foreach ($tables_selected as $each_table) {
251 // Gets the SQL statements
252 $newsearchsqls = PMA_getSearchSqls($each_table, (! empty($field_str) ? $field_str : ''), $search_str, $search_option);
254 // Executes the "COUNT" statement
255 $res_cnt = PMA_DBI_fetch_value($newsearchsqls['select_count']);
256 $num_search_result_total += $res_cnt;
258 $sql_query .= $newsearchsqls['select_count'];
260 echo '<tr class="' . ($odd_row ? 'odd' : 'even') . '">'
261 .'<td>' . sprintf($GLOBALS['strNumSearchResultsInTable'], $res_cnt,
262 htmlspecialchars($each_table)) . "</td>\n";
264 if ($res_cnt > 0) {
265 $this_url_params['sql_query'] = $newsearchsqls['select_fields'];
266 echo '<td>' . PMA_linkOrButton(
267 'sql.php' . PMA_generate_common_url($this_url_params),
268 $GLOBALS['strBrowse'], '') . "</td>\n";
270 $this_url_params['sql_query'] = $newsearchsqls['delete'];
271 echo '<td>' . PMA_linkOrButton(
272 'sql.php' . PMA_generate_common_url($this_url_params),
273 $GLOBALS['strDelete'], $newsearchsqls['delete']) . "</td>\n";
275 } else {
276 echo '<td>&nbsp;</td>' . "\n"
277 .'<td>&nbsp;</td>' . "\n";
278 }// end if else
279 $odd_row = ! $odd_row;
280 echo '</tr>' . "\n";
281 } // end for
283 echo '</table>' . "\n";
285 if (count($tables_selected) > 1) {
286 echo '<p>' . sprintf($GLOBALS['strNumSearchResultsTotal'],
287 $num_search_result_total) . '</p>' . "\n";
289 } // end 1.
293 * 2. Displays the main search form
296 <a name="db_search"></a>
297 <form method="post" action="db_search.php" name="db_search">
298 <?php echo PMA_generate_common_hidden_inputs($GLOBALS['db']); ?>
299 <fieldset>
300 <legend><?php echo $GLOBALS['strSearchFormTitle']; ?></legend>
302 <table class="formlayout">
303 <tr><td><?php echo $GLOBALS['strSearchNeedle']; ?></td>
304 <td><input type="text" name="search_str" size="60"
305 value="<?php echo $searched; ?>" /></td>
306 </tr>
307 <tr><td align="right" valign="top">
308 <?php echo $GLOBALS['strSearchType']; ?></td>
309 <td><?php
311 $choices = array(
312 '1' => $GLOBALS['strSearchOption1'] . PMA_showHint($GLOBALS['strSplitWordsWithSpace']),
313 '2' => $GLOBALS['strSearchOption2'] . PMA_showHint($GLOBALS['strSplitWordsWithSpace']),
314 '3' => $GLOBALS['strSearchOption3'],
315 '4' => $GLOBALS['strSearchOption4'] . ' ' . PMA_showMySQLDocu('Regexp', 'Regexp')
317 // 4th parameter set to true to add line breaks
318 // 5th parameter set to false to avoid htmlspecialchars() escaping in the label
319 // since we have some HTML in some labels
320 PMA_display_html_radio('search_option', $choices, $search_option, true, false);
321 unset($choices);
323 </td>
324 </tr>
325 <tr><td align="right" valign="top">
326 <?php echo $GLOBALS['strSearchInTables']; ?></td>
327 <td rowspan="2">
328 <?php
329 echo ' <select name="table_select[]" size="6" multiple="multiple">' . "\n";
330 foreach ($tables_names_only as $each_table) {
331 if (in_array($each_table, $tables_selected)) {
332 $is_selected = ' selected="selected"';
333 } else {
334 $is_selected = '';
337 echo ' <option value="' . htmlspecialchars($each_table) . '"'
338 . $is_selected . '>'
339 . str_replace(' ', '&nbsp;', htmlspecialchars($each_table)) . '</option>' . "\n";
340 } // end while
342 echo ' </select>' . "\n";
343 $alter_select =
344 '<a href="db_search.php' . PMA_generate_common_url(array_merge($url_params, array('selectall' => 1))) . '#db_search"'
345 . ' onclick="setSelectOptions(\'db_search\', \'table_select[]\', true); return false;">' . $GLOBALS['strSelectAll'] . '</a>'
346 . '&nbsp;/&nbsp;'
347 . '<a href="db_search.php' . PMA_generate_common_url(array_merge($url_params, array('unselectall' => 1))) . '#db_search"'
348 . ' onclick="setSelectOptions(\'db_search\', \'table_select[]\', false); return false;">' . $GLOBALS['strUnselectAll'] . '</a>';
350 </td>
351 </tr>
352 <tr><td align="right" valign="bottom">
353 <?php echo $alter_select; ?></td>
354 </tr>
355 <tr><td align="right">
356 <?php echo $GLOBALS['strSearchInField']; ?></td>
357 <td><input type="text" name="field_str" size="60"
358 value="<?php echo ! empty($field_str) ? $field_str : ''; ?>" /></td>
359 </tr>
360 </table>
361 </fieldset>
362 <fieldset class="tblFooters">
363 <input type="submit" name="submit_search" value="<?php echo $GLOBALS['strGo']; ?>"
364 id="buttonGo" />
365 </fieldset>
366 </form>
368 <?php
370 * Displays the footer
372 require_once './libraries/footer.inc.php';