ChangeLog for XSS search
[phpmyadmin/sankalp_k.git] / view_create.php
blobce3f8ff72197e5608434360793c12b58b61226c8
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
5 * @version $Id$
6 */
8 /**
11 require_once './libraries/common.inc.php';
13 /**
14 * Runs common work
16 require './libraries/db_common.inc.php';
17 $url_params['goto'] = $url_params['back'] = 'view_create.php';
19 if (isset($_POST['submitoptions'])) {
20 /**
21 * Creates the view
23 $message = '';
24 $sep = "\r\n";
25 $create_query = 'CREATE' . $sep;
26 if (isset($_POST['or_replace'])) {
27 $create_query .= ' OR REPLACE' . $sep;
29 if (isset($_POST['algorithm'])) {
30 $create_query .= ' ALGORITHM = ' . $_POST['algorithm'] . $sep;
32 $create_query .= ' VIEW ' . PMA_backquote($_POST['view_name']) . $sep;
34 if (!empty($_POST['column_names'])) {
35 $create_query .= ' (' . $_POST['column_names'] . ')' . $sep;
38 $create_query .= ' AS ' . $_POST['sql_statement'] . $sep;
40 if (isset($_POST['cascaded']) || isset($_POST['local']) || isset($_POST['check_option'])) {
41 $create_query .= ' WITH ';
44 if (isset($_POST['cascaded'])) {
45 $create_query .= ' CASCADED ';
48 if (isset($_POST['local'])) {
49 $create_query .= ' LOCAL ';
52 if (isset($_POST['check_option'])) {
53 $create_query .= ' CHECK OPTION ';
56 $message .= PMA_DBI_query($create_query) ? $strSuccess : $strError;
58 // to display the CREATE VIEW query
59 $sql_query = $create_query;
61 require './' . $cfg['DefaultTabDatabase'];
62 exit();
64 } else {
65 /**
66 * Displays top menu links
67 * We use db links because a VIEW is not necessarily on a single table
69 $num_tables = 0;
70 require_once './libraries/db_links.inc.php';
72 $url_params['goto'] = 'view_create.php';
73 $url_params['back'] = 'view_create.php';
75 /**
76 * Displays the page
78 * @todo js error when view name is empty (strFormEmpty)
79 * @todo (also validate if js is disabled, after form submission?)
83 <!-- CREATE VIEW options -->
84 <div id="div_view_options">
85 <form method="post" action="view_create.php">
86 <?php echo PMA_generate_common_hidden_inputs($GLOBALS['db']); ?>
87 <input type="hidden" name="reload" value="1" />
88 <fieldset>
89 <legend>CREATE VIEW</legend>
91 <table>
92 <tr><td><label for="or_replace">OR REPLACE</label></td>
93 <td><input type="checkbox" name="or_replace" id="or_replace"
94 value="1" />
95 </td>
96 </tr>
97 <tr>
98 <td><label for="algorithm">ALGORITHM</label></td>
99 <td><select name="algorithm" id="algorithm">
100 <option value="UNDEFINED">UNDEFINED</option>
101 <option value="MERGE">MERGE</option>
102 <option value="TEMPTABLE">TEMPTABLE</option>
103 </select>
104 </td>
105 </tr>
106 <tr><td><?php echo $strViewName; ?></td>
107 <td><input type="text" size="20" name="view_name" onfocus="this.select()"
108 value="" />
109 </td>
110 </tr>
112 <tr><td><?php echo $strColumnNames; ?></td>
113 <td><input type="text" maxlength="100" size="50" name="column_names" onfocus="this.select()"
114 value="" />
115 </td>
116 </tr>
118 <tr><td><?php echo 'AS' ?></td>
119 <td>
120 <textarea name="sql_statement" rows="<?php echo $cfg['TextareaRows']; ?>" cols="<?php echo $cfg['TextareaCols']; ?>" dir="<?php echo $text_dir; ?>" onfocus="this.select();"><?php echo htmlspecialchars($sql_query); ?></textarea>
121 </td>
122 </tr>
123 <tr><td>WITH</td>
124 <td>
125 <input type="checkbox" name="cascaded" id="cascaded" value="1" />
126 <label for="cascaded">CASCADED</label>
127 <input type="checkbox" name="local" id="local" value="1" />
128 <label for="local">LOCAL</label>
129 <input type="checkbox" name="check_option" id="check_option" value="1" />
130 <label for="check_option">CHECK OPTION</label>
131 </td>
132 </tr>
133 </table>
134 </fieldset>
135 <fieldset class="tblFooters">
136 <input type="submit" name="submitoptions" value="<?php echo $strGo; ?>" />
137 </fieldset>
138 </form>
139 </div>
140 <?php
142 * Displays the footer
144 require_once './libraries/footer.inc.php';
146 } // end if