diff --git a/functions.inc.php b/functions.inc.php index 885921eb..6a5291a9 100644 --- a/functions.inc.php +++ b/functions.inc.php @@ -137,13 +137,16 @@ function unique_idf($row, $indexes) { return $return; } -function where() { +function where($where = null) { global $mysql; + if (!isset($where)) { + $where = $_GET; + } $return = array(); - foreach ((array) $_GET["where"] as $key => $val) { + foreach ((array) $where["where"] as $key => $val) { $return[] = idf_escape(bracket_escape($key, "back")) . " = BINARY '" . $mysql->escape_string($val) . "'"; //! enum and set } - foreach ((array) $_GET["null"] as $key) { + foreach ((array) $where["null"] as $key) { $return[] = idf_escape(bracket_escape($key, "back")) . " IS NULL"; } return $return; diff --git a/index.php b/index.php index 0b4b3a19..27859d9b 100644 --- a/index.php +++ b/index.php @@ -42,8 +42,6 @@ if (isset($_GET["dump"])) { if (isset($_GET["table"])) { include "./table.inc.php"; - } elseif (isset($_GET["select"])) { - include "./select.inc.php"; } elseif (isset($_GET["view"])) { include "./view.inc.php"; } elseif (isset($_GET["schema"])) { @@ -89,6 +87,8 @@ if (isset($_GET["dump"])) { include "./user.inc.php"; } elseif (isset($_GET["processlist"])) { include "./processlist.inc.php"; + } elseif (isset($_GET["select"])) { + include "./select.inc.php"; } else { $TOKENS = array(); page_header(lang('Database') . ": " . htmlspecialchars($_GET["db"]), false); diff --git a/lang/cs.inc.php b/lang/cs.inc.php index b7e87a66..ad82bae8 100644 --- a/lang/cs.inc.php +++ b/lang/cs.inc.php @@ -162,4 +162,9 @@ $translations = array( 'Routine' => 'Procedura', 'Grant' => 'Povolit', 'Revoke' => 'Zakázat', + 'Error during deleting' => 'Chyba při mazání', + '%d item(s) have been deleted.' => array('Byl smazán %d záznam.', 'Byly smazány %d záznamy.', 'Bylo smazáno %d záznamů.'), + 'all' => 'vše', + 'Delete selected' => 'Smazat označené', + 'Truncate table' => 'Promazat tabulku', ); diff --git a/lang/en.inc.php b/lang/en.inc.php index da447669..4de590ae 100644 --- a/lang/en.inc.php +++ b/lang/en.inc.php @@ -5,4 +5,5 @@ $translations = array( 'Routine has been called, %d row(s) affected.' => array('Routine has been called, %d row affected.', 'Routine has been called, %d rows affected.'), '%d process(es) has been killed.' => array('%d process has been killed.', '%d processes have been killed.'), '%d row(s)' => array('%d row', '%d rows'), + '%d item(s) have been deleted.' => array('%d item has been deleted.', '%d items have been deleted.'), ); diff --git a/select.inc.php b/select.inc.php index 93de1d8e..27671835 100644 --- a/select.inc.php +++ b/select.inc.php @@ -1,5 +1,10 @@ ", "<=", ">=", "!=", "LIKE", "REGEXP", "IN", "IS NULL"); +if ($table_status["Engine"] == "MyISAM") { + $operators[] = "AGAINST"; +} $fields = fields($_GET["select"]); $rights = array(); $columns = array(); @@ -14,6 +19,76 @@ foreach ($fields as $key => $field) { $rights += $field["privileges"]; } +$where = array(); +foreach ($indexes as $i => $index) { + if ($index["type"] == "FULLTEXT" && strlen($_GET["fulltext"][$i])) { + $where[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST ('" . $mysql->escape_string($_GET["fulltext"][$i]) . "'" . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")"; + } +} +foreach ((array) $_GET["where"] as $val) { + if (strlen($val["col"]) && in_array($val["op"], $operators)) { + if ($val["op"] == "IN") { + $in = process_length($val["val"]); + $where[] = (strlen($in) ? idf_escape($val["col"]) . " IN ($in)" : "0"); + } elseif ($val["op"] == "AGAINST") { + $where[] = "MATCH (" . idf_escape($val["col"]) . ") AGAINST ('" . $mysql->escape_string($val["val"]) . "' IN BOOLEAN MODE)"; + } else { + $where[] = idf_escape($val["col"]) . " $val[op]" . ($val["op"] == "IS NULL" ? "" : " '" . $mysql->escape_string($val["val"]) . "'"); + } + } +} +$order = array(); +foreach ((array) $_GET["order"] as $key => $val) { + if (in_array($val, $columns, true)) { + $order[] = idf_escape($val) . (isset($_GET["desc"][$key]) ? " DESC" : ""); + } +} +$limit = (isset($_GET["limit"]) ? $_GET["limit"] : "30"); +$from = "FROM " . idf_escape($_GET["select"]) . ($where ? " WHERE " . implode(" AND ", $where) : "") . ($order ? " ORDER BY " . implode(", ", $order) : "") . (strlen($limit) ? " LIMIT " . intval($limit) . (intval($_GET["page"]) ? " OFFSET " . ($limit * $_GET["page"]) : "") : ""); + +if ($_POST && !$error) { + $result = true; + $deleted = 0; + if (isset($_POST["truncate"])) { + $result = $mysql->query("TRUNCATE " . idf_escape($_GET["select"])); + $deleted = $mysql->affected_rows; + } elseif (is_array($_POST["delete"])) { + foreach ($_POST["delete"] as $val) { + parse_str($val, $delete); + $result = $mysql->query("DELETE FROM " . idf_escape($_GET["select"]) . " WHERE " . implode(" AND ", where($delete)) . " LIMIT 1"); + if (!$result) { + break; + } + $deleted += $mysql->affected_rows; + } + } elseif ($_POST["delete_selected"]) { + if (!$_GET["page"]) { + $result = $mysql->query("DELETE $from"); + $deleted = $mysql->affected_rows; + } else { + $result1 = $mysql->query("SELECT * $from"); + while ($row1 = $result1->fetch_assoc()) { + parse_str(implode("&", unique_idf($row1, $indexes)), $delete); + $result = $mysql->query("DELETE FROM " . idf_escape($_GET["select"]) . " WHERE " . implode(" AND ", where($delete)) . " LIMIT 1"); + if (!$result) { + break; + } + $deleted += $mysql->affected_rows; + } + $result1->free(); + } + } + if ($result) { + redirect(remove_from_uri("page"), lang('%d item(s) have been deleted.', $deleted)); + } + $error = $mysql->error; +} + +page_header(lang('Select') . ": " . htmlspecialchars($_GET["select"])); +if ($_POST) { + echo "
" . lang('Error during deleting') . ": " . htmlspecialchars($error) . "
\n"; +} + if (isset($rights["insert"])) { //! pass search values forth and back echo '\n"; @@ -22,8 +97,6 @@ if (isset($rights["insert"])) { if (!$columns) { echo "" . lang('Unable to select the table') . ($fields ? "" : ": " . $mysql->error) . ".
\n"; } else { - $table_status = table_status($_GET["select"]); - $indexes = indexes($_GET["select"]); echo "\n"; echo "" . lang('Error in query') . ": " . htmlspecialchars($mysql->error) . "
\n"; } else { @@ -144,19 +195,19 @@ function add_row(field) { } } + echo "\n"; if (intval($limit) && $found_rows > $limit) { $max_page = floor(($found_rows - 1) / $limit); function print_page($page) {