sanitize $after_field
[phpmyadmin/dkf.git] / db_qbe.php
blobff8c7cd860f74f86a7d7221ecdc739f9b6528478
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * query by example the whole database
6 * @version $Id$
7 */
9 /**
10 * requirements
12 require_once './libraries/common.inc.php';
13 require_once './libraries/Table.class.php';
14 require_once './libraries/relation.lib.php';
17 /**
18 * Gets the relation settings
20 $cfgRelation = PMA_getRelationsParam();
23 /**
24 * A query has been submitted -> execute it, else display the headers
26 if (isset($_REQUEST['submit_sql'])
27 && preg_match('@^SELECT@i', $_REQUEST['encoded_sql_query'])) {
28 $goto = 'db_sql.php';
29 $zero_rows = htmlspecialchars($GLOBALS['strSuccess']);
30 $sql_query = urldecode($_REQUEST['encoded_sql_query']);
31 require './sql.php';
32 exit;
33 } else {
34 $sub_part = '_qbe';
35 require './libraries/db_common.inc.php';
36 $url_query .= '&amp;goto=db_qbe.php';
37 $url_params['goto'] = 'db_qbe.php';
38 require './libraries/db_info.inc.php';
41 if (isset($_REQUEST['submit_sql'])
42 && ! preg_match('@^SELECT@i', $_REQUEST['encoded_sql_query'])) {
43 echo '<div class="warning">' . $GLOBALS['strHaveToShow'] . '</div>';
47 /**
48 * Initialize some variables
50 $col_cnt = isset($_REQUEST['col_cnt']) ? (int) $_REQUEST['col_cnt'] : 3;
51 $add_col = isset($_REQUEST['add_col']) ? (int) $_REQUEST['add_col'] : 0;
52 $add_row = isset($_REQUEST['add_row']) ? (int) $_REQUEST['add_row'] : 0;
54 $rows = isset($_REQUEST['rows']) ? (int) $_REQUEST['rows'] : 0;
55 $ins_col = isset($_REQUEST['ins_col']) ? $_REQUEST['ins_col'] : array();
56 $del_col = isset($_REQUEST['del_col']) ? $_REQUEST['del_col'] : array();
58 $prev_criteria = isset($_REQUEST['prev_criteria'])
59 ? $_REQUEST['prev_criteria']
60 : array();
61 $criteria = isset($_REQUEST['criteria'])
62 ? $_REQUEST['criteria']
63 : array_fill(0, $col_cnt, '');
65 $ins_row = isset($_REQUEST['ins_row'])
66 ? $_REQUEST['ins_row']
67 : array_fill(0, $col_cnt, '');
68 $del_row = isset($_REQUEST['del_row'])
69 ? $_REQUEST['del_row']
70 : array_fill(0, $col_cnt, '');
71 $and_or_row = isset($_REQUEST['and_or_row'])
72 ? $_REQUEST['and_or_row']
73 : array_fill(0, $col_cnt, '');
74 $and_or_col = isset($_REQUEST['and_or_col'])
75 ? $_REQUEST['and_or_col']
76 : array_fill(0, $col_cnt, '');
78 // minimum width
79 $form_column_width = 12;
80 $col = max($col_cnt + $add_col, 0);
81 $row = max($rows + $add_row, 0);
84 // The tables list sent by a previously submitted form
85 if (!empty($TableList)) {
86 $cnt_table_list = count($TableList);
87 for ($x = 0; $x < $cnt_table_list; $x++) {
88 $tbl_names[urldecode($TableList[$x])] = ' selected="selected"';
90 } // end if
93 // this was a work in progress, deactivated for now
94 //$columns = PMA_DBI_get_columns_full($GLOBALS['db']);
95 //$tables = PMA_DBI_get_columns_full($GLOBALS['db']);
98 /**
99 * Prepares the form
101 $tbl_result = PMA_DBI_query('SHOW TABLES FROM ' . PMA_backquote($db) . ';', null, PMA_DBI_QUERY_STORE);
102 $tbl_result_cnt = PMA_DBI_num_rows($tbl_result);
103 if (0 == $tbl_result_cnt) {
104 echo '<div class="warning">' . $strNoTablesFound . '</div>';
105 require_once './libraries/footer.inc.php';
106 exit;
109 $i = 0;
110 $k = 0;
112 // The tables list gets from MySQL
113 while ($i < $tbl_result_cnt) {
114 list($tbl) = PMA_DBI_fetch_row($tbl_result);
115 $fld_results = PMA_DBI_get_fields($db, $tbl);
116 $fld_results_cnt = ($fld_results) ? count($fld_results) : 0;
117 $j = 0;
119 if (empty($tbl_names[$tbl]) && !empty($TableList)) {
120 $tbl_names[$tbl] = '';
121 } else {
122 $tbl_names[$tbl] = ' selected="selected"';
123 } // end if
125 // The fields list per selected tables
126 if ($tbl_names[$tbl] == ' selected="selected"') {
127 $fld[$k++] = PMA_backquote($tbl) . '.*';
128 while ($j < $fld_results_cnt) {
129 $fld[$k] = PMA_convert_display_charset($fld_results[$j]['Field']);
130 $fld[$k] = PMA_backquote($tbl) . '.' . PMA_backquote($fld[$k]);
132 // increase the width if necessary
133 if (strlen($fld[$k]) > $form_column_width) {
134 $form_column_width = strlen($fld[$k]);
135 } //end if
137 $k++;
138 $j++;
139 } // end while
140 } // end if
142 $i++;
143 } // end if
144 PMA_DBI_free_result($tbl_result);
146 // largest width found
147 $realwidth = $form_column_width . 'ex';
151 * Displays the Query by example form
154 function showColumnSelectCell($columns, $column_number, $selected = '')
157 <td align="center">
158 <select name="Field[<?php echo $column_number; ?>]" size="1">
159 <option value="">&nbsp;</option>
160 <?php
161 foreach ($columns as $column) {
162 if ($column === $selected) {
163 $sel = ' selected="selected"';
164 } else {
165 $sel = '';
167 echo ' ';
168 echo '<option value="' . htmlspecialchars($column) . '"' . $sel . '>'
169 . str_replace(' ', '&nbsp;', htmlspecialchars($column)) . '</option>' . "\n";
172 </select>
173 </td>
174 <?php
178 <fieldset>
179 <form action="db_qbe.php" method="post">
180 <table class="data" style="width: 100%;">
181 <tr class="odd noclick">
182 <th><?php echo $strField; ?>:</th>
183 <?php
184 $z = 0;
185 for ($x = 0; $x < $col; $x++) {
186 if (isset($ins_col[$x]) && $ins_col[$x] == 'on') {
187 showColumnSelectCell($fld, $z);
188 $z++;
191 if (! empty($del_col) && isset($del_col[$x]) && $del_col[$x] == 'on') {
192 continue;
195 $selected = '';
196 if (isset($Field[$x])) {
197 $selected = urldecode($Field[$x]);
198 $curField[$z] = urldecode($Field[$x]);
200 showColumnSelectCell($fld, $z, $selected);
201 $z++;
202 } // end for
204 </tr>
206 <!-- Sort row -->
207 <tr class="even noclick">
208 <th><?php echo $strSort; ?>:</th>
209 <?php
210 $z = 0;
211 for ($x = 0; $x < $col; $x++) {
212 if (!empty($ins_col) && isset($ins_col[$x]) && $ins_col[$x] == 'on') {
214 <td align="center">
215 <select style="width: <?php echo $realwidth; ?>" name="Sort[<?php echo $z; ?>]" size="1">
216 <option value="">&nbsp;</option>
217 <option value="ASC"><?php echo $strAscending; ?></option>
218 <option value="DESC"><?php echo $strDescending; ?></option>
219 </select>
220 </td>
221 <?php
222 $z++;
223 } // end if
224 echo "\n";
226 if (!empty($del_col) && isset($del_col[$x]) && $del_col[$x] == 'on') {
227 continue;
230 <td align="center">
231 <select style="width: <?php echo $realwidth; ?>" name="Sort[<?php echo $z; ?>]" size="1">
232 <option value="">&nbsp;</option>
233 <?php
234 echo "\n";
236 // If they have chosen all fields using the * selector,
237 // then sorting is not available
238 // Robbat2 - Fix for Bug #570698
239 if (isset($Sort[$x]) && isset($Field[$x])
240 && substr(urldecode($Field[$x]), -2) == '.*') {
241 $Sort[$x] = '';
242 } //end if
244 if (isset($Sort[$x]) && $Sort[$x] == 'ASC') {
245 $curSort[$z] = $Sort[$x];
246 $sel = ' selected="selected"';
247 } else {
248 $sel = '';
249 } // end if
250 echo ' ';
251 echo '<option value="ASC"' . $sel . '>' . $strAscending . '</option>' . "\n";
252 if (isset($Sort[$x]) && $Sort[$x] == 'DESC') {
253 $curSort[$z] = $Sort[$x];
254 $sel = ' selected="selected"';
255 } else {
256 $sel = '';
257 } // end if
258 echo ' ';
259 echo '<option value="DESC"' . $sel . '>' . $strDescending . '</option>' . "\n";
261 </select>
262 </td>
263 <?php
264 $z++;
265 echo "\n";
266 } // end for
268 </tr>
270 <!-- Show row -->
271 <tr class="odd noclick">
272 <th><?php echo $strShow; ?>:</th>
273 <?php
274 $z = 0;
275 for ($x = 0; $x < $col; $x++) {
276 if (!empty($ins_col) && isset($ins_col[$x]) && $ins_col[$x] == 'on') {
278 <td align="center">
279 <input type="checkbox" name="Show[<?php echo $z; ?>]" />
280 </td>
281 <?php
282 $z++;
283 } // end if
284 echo "\n";
286 if (!empty($del_col) && isset($del_col[$x]) && $del_col[$x] == 'on') {
287 continue;
289 if (isset($Show[$x])) {
290 $checked = ' checked="checked"';
291 $curShow[$z] = $Show[$x];
292 } else {
293 $checked = '';
296 <td align="center">
297 <input type="checkbox" name="Show[<?php echo $z; ?>]"<?php echo $checked; ?> />
298 </td>
299 <?php
300 $z++;
301 echo "\n";
302 } // end for
304 </tr>
306 <!-- Criteria row -->
307 <tr class="even noclick">
308 <th><?php echo $strCriteria; ?>:</th>
309 <?php
310 $z = 0;
311 for ($x = 0; $x < $col; $x++) {
312 if (!empty($ins_col) && isset($ins_col[$x]) && $ins_col[$x] == 'on') {
314 <td align="center">
315 <input type="text" name="criteria[<?php echo $z; ?>]" value="" class="textfield" style="width: <?php echo $realwidth; ?>" size="20" />
316 </td>
317 <?php
318 $z++;
319 } // end if
320 echo "\n";
322 if (!empty($del_col) && isset($del_col[$x]) && $del_col[$x] == 'on') {
323 continue;
325 if (isset($criteria[$x])) {
326 $stripped_Criteria = $criteria[$x];
328 if ((empty($prev_criteria) || !isset($prev_criteria[$x]))
329 || urldecode($prev_criteria[$x]) != htmlspecialchars($stripped_Criteria)) {
330 $curCriteria[$z] = $stripped_Criteria;
331 $encoded_Criteria = urlencode($stripped_Criteria);
332 } else {
333 $curCriteria[$z] = urldecode($prev_criteria[$x]);
334 $encoded_Criteria = $prev_criteria[$x];
337 <td align="center">
338 <input type="hidden" name="prev_criteria[<?php echo $z; ?>]" value="<?php echo $encoded_Criteria; ?>" />
339 <input type="text" name="criteria[<?php echo $z; ?>]" value="<?php echo htmlspecialchars($stripped_Criteria); ?>" class="textfield" style="width: <?php echo $realwidth; ?>" size="20" />
340 </td>
341 <?php
342 $z++;
343 echo "\n";
344 } // end for
346 </tr>
348 <!-- And/Or columns and rows -->
349 <?php
350 $w = 0;
351 $odd_row = true;
352 for ($y = 0; $y <= $row; $y++) {
353 if (isset($ins_row[$y]) && $ins_row[$y] == 'on') {
354 $chk['or'] = ' checked="checked"';
355 $chk['and'] = '';
357 <tr class="<?php echo $odd_row ? 'odd' : 'even'; ?> noclick">
358 <td align="<?php echo $cell_align_right; ?>" nowrap="nowrap">
359 <!-- Row controls -->
360 <table cellpadding="0" cellspacing="0" border="0">
361 <tr>
362 <td align="<?php echo $cell_align_right; ?>" nowrap="nowrap">
363 <small><?php echo $strQBEIns; ?>:</small>
364 <input type="checkbox" name="ins_row[<?php echo $w; ?>]" />
365 </td>
366 <td align="<?php echo $cell_align_right; ?>">
367 <b><?php echo $strAnd; ?>:</b>
368 </td>
369 <td>
370 <input type="radio" name="and_or_row[<?php echo $w; ?>]" value="and"<?php echo $chk['and']; ?> />
371 &nbsp;
372 </td>
373 </tr>
374 <tr>
375 <td align="<?php echo $cell_align_right; ?>" nowrap="nowrap">
376 <small><?php echo $strQBEDel; ?>:</small>
377 <input type="checkbox" name="del_row[<?php echo $w; ?>]" />
378 </td>
379 <td align="<?php echo $cell_align_right; ?>">
380 <b><?php echo $strOr; ?>:</b>
381 </td>
382 <td>
383 <input type="radio" name="and_or_row[<?php echo $w; ?>]" value="or"<?php echo $chk['or']; ?> />
384 &nbsp;
385 </td>
386 </tr>
387 </table>
388 </td>
389 <?php
390 $z = 0;
391 for ($x = 0; $x < $col; $x++) {
392 if (isset($ins_col[$x]) && $ins_col[$x] == 'on') {
393 echo "\n";
394 $or = 'Or' . $w . '[' . $z . ']';
396 <td align="center">
397 <textarea cols="20" rows="2" style="width: <?php echo $realwidth; ?>" name="<?php echo $or; ?>" dir="<?php echo $text_dir; ?>"></textarea>
398 </td>
399 <?php
400 $z++;
401 } // end if
402 if (isset($del_col[$x]) && $del_col[$x] == 'on') {
403 continue;
406 echo "\n";
407 $or = 'Or' . $w . '[' . $z . ']';
409 <td align="center">
410 <textarea cols="20" rows="2" style="width: <?php echo $realwidth; ?>" name="<?php echo $or; ?>" dir="<?php echo $text_dir; ?>"></textarea>
411 </td>
412 <?php
413 $z++;
414 } // end for
415 $w++;
416 echo "\n";
418 </tr>
419 <?php
420 $odd_row =! $odd_row;
421 } // end if
423 if (isset($del_row[$y]) && $del_row[$y] == 'on') {
424 continue;
427 if (isset($and_or_row[$y])) {
428 $curAndOrRow[$w] = $and_or_row[$y];
430 if (isset($and_or_row[$y]) && $and_or_row[$y] == 'and') {
431 $chk['and'] = ' checked="checked"';
432 $chk['or'] = '';
433 } else {
434 $chk['or'] = ' checked="checked"';
435 $chk['and'] = '';
437 echo "\n";
439 <tr class="<?php echo $odd_row ? 'odd' : 'even'; ?> noclick">
440 <td align="<?php echo $cell_align_right; ?>" nowrap="nowrap">
441 <!-- Row controls -->
442 <table border="0" cellpadding="0" cellspacing="0">
443 <tr>
444 <td align="<?php echo $cell_align_right; ?>" nowrap="nowrap">
445 <small><?php echo $strQBEIns; ?>:</small>
446 <input type="checkbox" name="ins_row[<?php echo $w; ?>]" />
447 </td>
448 <td align="<?php echo $cell_align_right; ?>">
449 <b><?php echo $strAnd; ?>:</b>
450 </td>
451 <td>
452 <input type="radio" name="and_or_row[<?php echo $w; ?>]" value="and"<?php echo $chk['and']; ?> />
453 </td>
454 </tr>
455 <tr>
456 <td align="<?php echo $cell_align_right; ?>" nowrap="nowrap">
457 <small><?php echo $strQBEDel; ?>:</small>
458 <input type="checkbox" name="del_row[<?php echo $w; ?>]" />
459 </td>
460 <td align="<?php echo $cell_align_right; ?>">
461 <b><?php echo $strOr; ?>:</b>
462 </td>
463 <td>
464 <input type="radio" name="and_or_row[<?php echo $w; ?>]" value="or"<?php echo $chk['or']; ?> />
465 </td>
466 </tr>
467 </table>
468 </td>
469 <?php
470 $z = 0;
471 for ($x = 0; $x < $col; $x++) {
472 if (!empty($ins_col) && isset($ins_col[$x]) && $ins_col[$x] == 'on') {
473 echo "\n";
474 $or = 'Or' . $w . '[' . $z . ']';
476 <td align="center">
477 <textarea cols="20" rows="2" style="width: <?php echo $realwidth; ?>" name="<?php echo $or; ?>" dir="<?php echo $text_dir; ?>"></textarea>
478 </td>
479 <?php
480 $z++;
481 } // end if
482 if (!empty($del_col) && isset($del_col[$x]) && $del_col[$x] == 'on') {
483 continue;
486 echo "\n";
487 $or = 'Or' . $y;
488 if (!isset(${$or})) {
489 ${$or} = '';
491 if (!empty(${$or}) && isset(${$or}[$x])) {
492 $stripped_or = ${$or}[$x];
493 } else {
494 $stripped_or = '';
497 <td align="center">
498 <textarea cols="20" rows="2" style="width: <?php echo $realwidth; ?>" name="Or<?php echo $w . '[' . $z . ']'; ?>" dir="<?php echo $text_dir; ?>"><?php echo htmlspecialchars($stripped_or); ?></textarea>
499 </td>
500 <?php
501 if (!empty(${$or}) && isset(${$or}[$x])) {
502 ${'cur' . $or}[$z] = ${$or}[$x];
504 $z++;
505 } // end for
506 $w++;
507 echo "\n";
509 </tr>
510 <?php
511 echo "\n";
512 $odd_row =! $odd_row;
513 } // end for
515 <!-- Modify columns -->
516 <tr class="even noclick">
517 <th><?php echo $strModify; ?>:</th>
518 <?php
519 $z = 0;
520 for ($x = 0; $x < $col; $x++) {
521 if (!empty($ins_col) && isset($ins_col[$x]) && $ins_col[$x] == 'on') {
522 $curAndOrCol[$z] = $and_or_col[$y];
523 if ($and_or_col[$z] == 'or') {
524 $chk['or'] = ' checked="checked"';
525 $chk['and'] = '';
526 } else {
527 $chk['and'] = ' checked="checked"';
528 $chk['or'] = '';
531 <td align="center">
532 <b><?php echo $strOr; ?>:</b>
533 <input type="radio" name="and_or_col[<?php echo $z; ?>]" value="or"<?php echo $chk['or']; ?> />
534 &nbsp;&nbsp;<b><?php echo $strAnd; ?>:</b>
535 <input type="radio" name="and_or_col[<?php echo $z; ?>]" value="and"<?php echo $chk['and']; ?> />
536 <br />
537 <?php echo $strQBEIns . "\n"; ?>
538 <input type="checkbox" name="ins_col[<?php echo $z; ?>]" />
539 &nbsp;&nbsp;<?php echo $strQBEDel . "\n"; ?>
540 <input type="checkbox" name="del_col[<?php echo $z; ?>]" />
541 </td>
542 <?php
543 $z++;
544 } // end if
545 echo "\n";
547 if (!empty($del_col) && isset($del_col[$x]) && $del_col[$x] == 'on') {
548 continue;
551 if (isset($and_or_col[$y])) {
552 $curAndOrCol[$z] = $and_or_col[$y];
554 if (isset($and_or_col[$z]) && $and_or_col[$z] == 'or') {
555 $chk['or'] = ' checked="checked"';
556 $chk['and'] = '';
557 } else {
558 $chk['and'] = ' checked="checked"';
559 $chk['or'] = '';
562 <td align="center">
563 <b><?php echo $strOr; ?>:</b>
564 <input type="radio" name="and_or_col[<?php echo $z; ?>]" value="or"<?php echo $chk['or']; ?> />
565 &nbsp;&nbsp;<b><?php echo $strAnd; ?>:</b>
566 <input type="radio" name="and_or_col[<?php echo $z; ?>]" value="and"<?php echo $chk['and']; ?> />
567 <br />
568 <?php echo $strQBEIns . "\n"; ?>
569 <input type="checkbox" name="ins_col[<?php echo $z; ?>]" />
570 &nbsp;&nbsp;<?php echo $strQBEDel . "\n"; ?>
571 <input type="checkbox" name="del_col[<?php echo $z; ?>]" />
572 </td>
573 <?php
574 $z++;
575 echo "\n";
576 } // end for
578 </tr>
579 </table>
581 <!-- Other controls -->
582 <?php
583 $w--;
584 $url_params['db'] = $db;
585 $url_params['col_cnt'] = $z;
586 $url_params['rows'] = $w;
587 echo PMA_generate_common_hidden_inputs($url_params);
589 </fieldset>
590 <fieldset class="tblFooters">
591 <table border="0" cellpadding="2" cellspacing="1">
592 <tr>
593 <td nowrap="nowrap">
594 <?php echo $strAddDeleteRow; ?>:
595 <select size="1" name="add_row" style="vertical-align: middle">
596 <option value="-3">-3</option>
597 <option value="-2">-2</option>
598 <option value="-1">-1</option>
599 <option value="0" selected="selected">0</option>
600 <option value="1">1</option>
601 <option value="2">2</option>
602 <option value="3">3</option>
603 </select>
604 </td>
605 <td width="10">&nbsp;</td>
606 <td nowrap="nowrap"><?php echo $strAddDeleteColumn; ?>:
607 <select size="1" name="add_col" style="vertical-align: middle">
608 <option value="-3">-3</option>
609 <option value="-2">-2</option>
610 <option value="-1">-1</option>
611 <option value="0" selected="selected">0</option>
612 <option value="1">1</option>
613 <option value="2">2</option>
614 <option value="3">3</option>
615 </select>
616 </td>
617 <td width="10">&nbsp;</td>
618 <!-- Generates a query -->
619 <td><input type="submit" name="modify" value="<?php echo $strUpdateQuery; ?>" /></td>
620 </tr>
621 </table>
622 </fieldset>
624 <table>
625 <tr><td>
626 <fieldset>
627 <legend><?php echo $strUseTables; ?></legend>
628 <?php
629 $strTableListOptions = '';
630 $numTableListOptions = 0;
631 foreach ($tbl_names AS $key => $val) {
632 $strTableListOptions .= ' ';
633 $strTableListOptions .= '<option value="' . htmlspecialchars($key) . '"' . $val . '>'
634 . str_replace(' ', '&nbsp;', htmlspecialchars($key)) . '</option>' . "\n";
635 $numTableListOptions++;
638 <select name="TableList[]" multiple="multiple" id="listTable"
639 size="<?php echo ($numTableListOptions > 30) ? '15' : '7'; ?>">
640 <?php echo $strTableListOptions; ?>
641 </select>
642 </fieldset>
643 <fieldset class="tblFooters">
644 <input type="submit" name="modify" value="<?php echo $strUpdateQuery; ?>" />
645 </fieldset>
646 </td>
647 <td width="20">&nbsp;</td>
648 <td>
649 <fieldset>
650 <legend><?php echo sprintf($strQueryOnDb, PMA_getDbLink($db)); ?>
651 </legend>
652 <textarea cols="30" name="sql_query" id="textSqlquery"
653 rows="<?php echo ($numTableListOptions > 30) ? '15' : '7'; ?>"
654 dir="<?php echo $text_dir; ?>">
655 <?php
656 // 1. SELECT
657 $last_select = 0;
658 $encoded_qry = '';
659 if (!isset($qry_select)) {
660 $qry_select = '';
662 for ($x = 0; $x < $col; $x++) {
663 if (!empty($curField[$x]) && isset($curShow[$x]) && $curShow[$x] == 'on') {
664 if ($last_select) {
665 $qry_select .= ', ';
667 $qry_select .= $curField[$x];
668 $last_select = 1;
670 } // end for
671 if (!empty($qry_select)) {
672 $encoded_qry .= urlencode('SELECT ' . $qry_select . "\n");
673 echo 'SELECT ' . htmlspecialchars($qry_select) . "\n";
676 // 2. FROM
678 // Create LEFT JOINS out of Relations
679 // Code originally by Mike Beck <mike.beck@ibmiller.de>
680 // If we can use Relations we could make some left joins.
681 // First find out if relations are available in this database.
683 // First we need the really needed Tables - those in TableList might still be
684 // all Tables.
685 if (isset($Field) && count($Field) > 0) {
687 // Initialize some variables
688 $tab_all = array();
689 $col_all = array();
690 $tab_wher = array();
691 $tab_know = array();
692 $tab_left = array();
693 $col_where = array();
694 $fromclause = '';
696 // We only start this if we have fields, otherwise it would be dumb
697 foreach ($Field AS $value) {
698 $parts = explode('.', $value);
699 if (!empty($parts[0]) && !empty($parts[1])) {
700 $tab_raw = urldecode($parts[0]);
701 $tab = str_replace('`', '', $tab_raw);
702 $tab_all[$tab] = $tab;
704 $col_raw = urldecode($parts[1]);
705 $col_all[] = $tab . '.' . str_replace('`', '', $col_raw);
707 } // end while
709 // Check 'where' clauses
710 if ($cfgRelation['relwork'] && count($tab_all) > 0) {
711 // Now we need all tables that we have in the where clause
712 $crit_cnt = count($criteria);
713 for ($x = 0; $x < $crit_cnt; $x++) {
714 $curr_tab = explode('.', urldecode($Field[$x]));
715 if (!empty($curr_tab[0]) && !empty($curr_tab[1])) {
716 $tab_raw = urldecode($curr_tab[0]);
717 $tab = str_replace('`', '', $tab_raw);
719 $col_raw = urldecode($curr_tab[1]);
720 $col1 = str_replace('`', '', $col_raw);
721 $col1 = $tab . '.' . $col1;
722 // Now we know that our array has the same numbers as $criteria
723 // we can check which of our columns has a where clause
724 if (!empty($criteria[$x])) {
725 if (substr($criteria[$x], 0, 1) == '=' || stristr($criteria[$x], 'is')) {
726 $col_where[$col] = $col1;
727 $tab_wher[$tab] = $tab;
729 } // end if
730 } // end if
731 } // end for
733 // Cleans temp vars w/o further use
734 unset($tab_raw);
735 unset($col_raw);
736 unset($col1);
738 if (count($tab_wher) == 1) {
739 // If there is exactly one column that has a decent where-clause
740 // we will just use this
741 $master = key($tab_wher);
742 } else {
743 // Now let's find out which of the tables has an index
744 // (When the control user is the same as the normal user
745 // because he is using one of his databases as pmadb,
746 // the last db selected is not always the one where we need to work)
747 PMA_DBI_select_db($db);
749 foreach ($tab_all AS $tab) {
750 $ind_rs = PMA_DBI_query('SHOW INDEX FROM ' . PMA_backquote($tab) . ';');
751 while ($ind = PMA_DBI_fetch_assoc($ind_rs)) {
752 $col1 = $tab . '.' . $ind['Column_name'];
753 if (isset($col_all[$col1])) {
754 if ($ind['non_unique'] == 0) {
755 if (isset($col_where[$col1])) {
756 $col_unique[$col1] = 'Y';
757 } else {
758 $col_unique[$col1] = 'N';
760 } else {
761 if (isset($col_where[$col1])) {
762 $col_index[$col1] = 'Y';
763 } else {
764 $col_index[$col1] = 'N';
768 } // end while (each col of tab)
769 } // end while (each tab)
770 // now we want to find the best.
771 if (isset($col_unique) && count($col_unique) > 0) {
772 $col_cand = $col_unique;
773 $needsort = 1;
774 } elseif (isset($col_index) && count($col_index) > 0) {
775 $col_cand = $col_index;
776 $needsort = 1;
777 } elseif (isset($col_where) && count($col_where) > 0) {
778 $col_cand = $tab_wher;
779 $needsort = 0;
780 } else {
781 $col_cand = $tab_all;
782 $needsort = 0;
785 // If we came up with $col_unique (very good) or $col_index (still
786 // good) as $col_cand we want to check if we have any 'Y' there
787 // (that would mean that they were also found in the whereclauses
788 // which would be great). if yes, we take only those
789 if ($needsort == 1) {
790 foreach ($col_cand AS $col => $is_where) {
791 $tab = explode('.', $col);
792 $tab = $tab[0];
793 if ($is_where == 'Y') {
794 $vg[$col] = $tab;
795 } else {
796 $sg[$col] = $tab;
799 if (isset($vg)) {
800 $col_cand = $vg;
801 // Candidates restricted in index+where
802 } else {
803 $col_cand = $sg;
804 // None of the candidates where in a where-clause
808 // If our array of candidates has more than one member we'll just
809 // find the smallest table.
810 // Of course the actual query would be faster if we check for
811 // the Criteria which gives the smallest result set in its table,
812 // but it would take too much time to check this
813 if (count($col_cand) > 1) {
814 // Of course we only want to check each table once
815 $checked_tables = $col_cand;
816 foreach ($col_cand AS $tab) {
817 if ($checked_tables[$tab] != 1) {
818 $tsize[$tab] = PMA_Table::countRecords($db, $tab, true, false);
819 $checked_tables[$tab] = 1;
821 $csize[$tab] = $tsize[$tab];
823 asort($csize);
824 reset($csize);
825 $master = key($csize); // Smallest
826 } else {
827 reset($col_cand);
828 $master = current($col_cand); // Only one single candidate
830 } // end if (exactly one where clause)
833 * Removes unwanted entries from an array (PHP3 compliant)
835 * @param array the array to work with
836 * @param array the list of keys to remove
838 * @return array the cleaned up array
840 * @access private
842 function PMA_arrayShort($array, $key)
844 foreach ($array AS $k => $v) {
845 if ($k != $key) {
846 $reta[$k] = $v;
849 if (!isset($reta)) {
850 $reta = array();
853 return $reta;
854 } // end of the "PMA_arrayShort()" function
858 * Finds all related tables
860 * @param string wether to go from master to foreign or vice versa
862 * @return boolean always TRUE
864 * @global array the list of tables that we still couldn't connect
865 * @global array the list of allready connected tables
866 * @global string the current databse name
867 * @global string the super user connection id
868 * @global array the list of relation settings
870 * @access private
872 function PMA_getRelatives($from) {
873 global $tab_left, $tab_know, $fromclause;
874 global $controllink, $db, $cfgRelation;
876 if ($from == 'master') {
877 $to = 'foreign';
878 } else {
879 $to = 'master';
881 $in_know = '(\'' . implode('\', \'', $tab_know) . '\')';
882 $in_left = '(\'' . implode('\', \'', $tab_left) . '\')';
884 $rel_query = 'SELECT *'
885 . ' FROM ' . PMA_backquote($cfgRelation['relation'])
886 . ' WHERE ' . $from . '_db = \'' . PMA_sqlAddslashes($db) . '\''
887 . ' AND ' . $to . '_db = \'' . PMA_sqlAddslashes($db) . '\''
888 . ' AND ' . $from . '_table IN ' . $in_know
889 . ' AND ' . $to . '_table IN ' . $in_left;
890 PMA_DBI_select_db($cfgRelation['db'], $controllink);
891 $relations = @PMA_DBI_query($rel_query, $controllink);
892 PMA_DBI_select_db($db, $controllink);
893 while ($row = PMA_DBI_fetch_assoc($relations)) {
894 $found_table = $row[$to . '_table'];
895 if (isset($tab_left[$found_table])) {
896 $fromclause .= "\n" . ' LEFT JOIN '
897 . PMA_backquote($row[$to . '_table']) . ' ON '
898 . PMA_backquote($row[$from . '_table']) . '.'
899 . PMA_backquote($row[$from . '_field']) . ' = '
900 . PMA_backquote($row[$to . '_table']) . '.'
901 . PMA_backquote($row[$to . '_field']) . ' ';
902 $tab_know[$found_table] = $found_table;
903 $tab_left = PMA_arrayShort($tab_left, $found_table);
905 } // end while
907 return TRUE;
908 } // end of the "PMA_getRelatives()" function
911 $tab_left = PMA_arrayShort($tab_all, $master);
912 $tab_know[$master] = $master;
914 $run = 0;
915 $emerg = '';
916 while (count($tab_left) > 0) {
917 if ($run % 2 == 0) {
918 PMA_getRelatives('master');
919 } else {
920 PMA_getRelatives('foreign');
922 $run++;
923 if ($run > 5) {
925 foreach ($tab_left AS $tab) {
926 $emerg .= ', ' . PMA_backquote($tab);
927 $tab_left = PMA_arrayShort($tab_left, $tab);
930 } // end while
931 $qry_from = PMA_backquote($master) . $emerg . $fromclause;
932 } // end if ($cfgRelation['relwork'] && count($tab_all) > 0)
934 } // end count($Field) > 0
936 // In case relations are not defined, just generate the FROM clause
937 // from the list of tables, however we don't generate any JOIN
939 if (empty($qry_from) && isset($tab_all)) {
940 $qry_from = implode(', ', $tab_all);
942 // Now let's see what we got
943 if (!empty($qry_from)) {
944 $encoded_qry .= urlencode('FROM ' . $qry_from . "\n");
945 echo 'FROM ' . htmlspecialchars($qry_from) . "\n";
948 // 3. WHERE
949 $qry_where = '';
950 $criteria_cnt = 0;
951 for ($x = 0; $x < $col; $x++) {
952 if (!empty($curField[$x]) && !empty($curCriteria[$x]) && $x && isset($last_where) && isset($curAndOrCol)) {
953 $qry_where .= ' ' . strtoupper($curAndOrCol[$last_where]) . ' ';
955 if (!empty($curField[$x]) && !empty($curCriteria[$x])) {
956 $qry_where .= '(' . $curField[$x] . ' ' . $curCriteria[$x] . ')';
957 $last_where = $x;
958 $criteria_cnt++;
960 } // end for
961 if ($criteria_cnt > 1) {
962 $qry_where = '(' . $qry_where . ')';
964 // OR rows ${'cur' . $or}[$x]
965 if (!isset($curAndOrRow)) {
966 $curAndOrRow = array();
968 for ($y = 0; $y <= $row; $y++) {
969 $criteria_cnt = 0;
970 $qry_orwhere = '';
971 $last_orwhere = '';
972 for ($x = 0; $x < $col; $x++) {
973 if (!empty($curField[$x]) && !empty(${'curOr' . $y}[$x]) && $x) {
974 $qry_orwhere .= ' ' . strtoupper($curAndOrCol[$last_orwhere]) . ' ';
976 if (!empty($curField[$x]) && !empty(${'curOr' . $y}[$x])) {
977 $qry_orwhere .= '(' . $curField[$x]
978 . ' '
979 . ${'curOr' . $y}[$x]
980 . ')';
981 $last_orwhere = $x;
982 $criteria_cnt++;
984 } // end for
985 if ($criteria_cnt > 1) {
986 $qry_orwhere = '(' . $qry_orwhere . ')';
988 if (!empty($qry_orwhere)) {
989 $qry_where .= "\n"
990 . strtoupper(isset($curAndOrRow[$y]) ? $curAndOrRow[$y] . ' ' : '')
991 . $qry_orwhere;
992 } // end if
993 } // end for
995 if (!empty($qry_where) && $qry_where != '()') {
996 $encoded_qry .= urlencode('WHERE ' . $qry_where . "\n");
997 echo 'WHERE ' . htmlspecialchars($qry_where) . "\n";
998 } // end if
1000 // 4. ORDER BY
1001 $last_orderby = 0;
1002 if (!isset($qry_orderby)) {
1003 $qry_orderby = '';
1005 for ($x = 0; $x < $col; $x++) {
1006 if ($last_orderby && $x && !empty($curField[$x]) && !empty($curSort[$x])) {
1007 $qry_orderby .= ', ';
1009 if (!empty($curField[$x]) && !empty($curSort[$x])) {
1010 // if they have chosen all fields using the * selector,
1011 // then sorting is not available
1012 // Robbat2 - Fix for Bug #570698
1013 if (substr($curField[$x], -2) != '.*') {
1014 $qry_orderby .= $curField[$x] . ' ' . $curSort[$x];
1015 $last_orderby = 1;
1018 } // end for
1019 if (!empty($qry_orderby)) {
1020 $encoded_qry .= urlencode('ORDER BY ' . $qry_orderby);
1021 echo 'ORDER BY ' . htmlspecialchars($qry_orderby) . "\n";
1024 </textarea>
1025 <input type="hidden" name="encoded_sql_query" value="<?php echo $encoded_qry; ?>" />
1026 </fieldset>
1027 <fieldset class="tblFooters">
1028 <input type="submit" name="submit_sql" value="<?php echo $strRunQuery; ?>" />
1029 </fieldset>
1030 </td>
1031 </tr>
1032 </table>
1033 </form>
1034 <?php
1036 * Displays the footer
1038 require_once './libraries/footer.inc.php';