diff --git a/create.inc.php b/create.inc.php
index 82f933d4..cd638f65 100644
--- a/create.inc.php
+++ b/create.inc.php
@@ -28,7 +28,7 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"]
$after = "FIRST";
foreach ($_POST["fields"] as $key => $field) {
if (strlen($field["field"]) && isset($types[$field["type"]])) {
- $fields[] = (!strlen($_GET["create"]) ? "" : (strlen($field["orig"]) ? "CHANGE " . idf_escape($field["orig"]) . " " : "ADD "))
+ $fields[] = (!strlen($_GET["create"]) ? "\n" : (strlen($field["orig"]) ? "\nCHANGE " . idf_escape($field["orig"]) . " " : "\nADD "))
. idf_escape($field["field"]) . process_type($field)
. ($field["null"] ? " NULL" : " NOT NULL") // NULL for timestamp
. (strlen($_GET["create"]) && strlen($field["orig"]) && isset($orig_fields[$field["orig"]]["default"]) && $field["type"] != "timestamp" ? " DEFAULT '" . $dbh->escape_string($orig_fields[$field["orig"]]["default"]) . "'" : "") //! timestamp
@@ -38,10 +38,10 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"]
;
$after = "AFTER " . idf_escape($field["field"]);
} elseif (strlen($field["orig"])) {
- $fields[] = "DROP " . idf_escape($field["orig"]);
+ $fields[] = "\nDROP " . idf_escape($field["orig"]);
}
}
- $status = ($_POST["Engine"] ? " ENGINE='" . $dbh->escape_string($_POST["Engine"]) . "'" : "")
+ $status = ($_POST["Engine"] ? "ENGINE='" . $dbh->escape_string($_POST["Engine"]) . "'" : "")
. ($_POST["Collation"] ? " COLLATE '" . $dbh->escape_string($_POST["Collation"]) . "'" : "")
. (strlen($_POST["Auto_increment"]) ? " AUTO_INCREMENT=" . intval($_POST["Auto_increment"]) : "")
. " COMMENT='" . $dbh->escape_string($_POST["Comment"]) . "'"
@@ -51,18 +51,18 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"]
if ($_POST["partition_by"] == 'RANGE' || $_POST["partition_by"] == 'LIST') {
foreach (array_filter($_POST["partition_names"]) as $key => $val) {
$value = $_POST["partition_values"][$key];
- $partitions[] = "PARTITION $val VALUES " . ($_POST["partition_by"] == 'RANGE' ? "LESS THAN" : "IN") . (strlen($value) ? " ($value)" : " MAXVALUE"); //! SQL injection
+ $partitions[] = "\nPARTITION $val VALUES " . ($_POST["partition_by"] == 'RANGE' ? "LESS THAN" : "IN") . (strlen($value) ? " ($value)" : " MAXVALUE"); //! SQL injection
}
}
- $status .= " PARTITION BY $_POST[partition_by]($_POST[partition])" . ($partitions ? " (" . implode(", ", $partitions) . ")" : ($_POST["partitions"] ? " PARTITIONS " . intval($_POST["partitions"]) : ""));
+ $status .= "\nPARTITION BY $_POST[partition_by]($_POST[partition])" . ($partitions ? " (" . implode(",", $partitions) . "\n)" : ($_POST["partitions"] ? " PARTITIONS " . intval($_POST["partitions"]) : ""));
} elseif ($dbh->server_info >= 5.1 && strlen($_GET["create"])) {
- $status .= " REMOVE PARTITIONING";
+ $status .= "\nREMOVE PARTITIONING";
}
$location = $SELF . "table=" . urlencode($_POST["name"]);
if (strlen($_GET["create"])) {
- query_redirect("ALTER TABLE " . idf_escape($_GET["create"]) . " " . implode(", ", $fields) . ", RENAME TO " . idf_escape($_POST["name"]) . ", $status", $location, lang('Table has been altered.'));
+ query_redirect("ALTER TABLE " . idf_escape($_GET["create"]) . implode(",", $fields) . ",\nRENAME TO " . idf_escape($_POST["name"]) . ",\n$status", $location, lang('Table has been altered.'));
} else {
- query_redirect("CREATE TABLE " . idf_escape($_POST["name"]) . " (" . implode(", ", $fields) . ")$status", $location, lang('Table has been created.'));
+ query_redirect("CREATE TABLE " . idf_escape($_POST["name"]) . " (" . implode(",", $fields) . "\n) $status", $location, lang('Table has been created.'));
}
}
}
diff --git a/createv.inc.php b/createv.inc.php
index c6a4e65c..4113df84 100644
--- a/createv.inc.php
+++ b/createv.inc.php
@@ -5,7 +5,7 @@ if ($_POST && !$error) {
$dropped = query_redirect("DROP VIEW " . idf_escape($_GET["createv"]), substr($SELF, 0, -1), lang('View has been dropped.'), $_POST["drop"], !$_POST["dropped"]);
}
if (!$_POST["drop"]) {
- query_redirect("CREATE VIEW " . idf_escape($_POST["name"]) . " AS " . $_POST["select"], $SELF . "view=" . urlencode($_POST["name"]), (strlen($_GET["createv"]) ? lang('View has been altered.') : lang('View has been created.')));
+ query_redirect("CREATE VIEW " . idf_escape($_POST["name"]) . " AS\n$_POST[select]", $SELF . "view=" . urlencode($_POST["name"]), (strlen($_GET["createv"]) ? lang('View has been altered.') : lang('View has been created.')));
}
}
diff --git a/edit.inc.php b/edit.inc.php
index c1963a52..01775090 100644
--- a/edit.inc.php
+++ b/edit.inc.php
@@ -17,13 +17,13 @@ if ($_POST && !$error && !isset($_GET["select"])) {
$val = process_input($name, $field);
if (!isset($_GET["default"])) {
if ($val !== false || !$update) {
- $set[] = idf_escape($name) . " = " . ($val !== false ? $val : "''");
+ $set[] = "\n" . idf_escape($name) . " = " . ($val !== false ? $val : "''");
}
} elseif ($val !== false) {
if ($field["type"] == "timestamp" && $val != "NULL") { //! doesn't allow DEFAULT NULL and no ON UPDATE
- $set[] = " MODIFY " . idf_escape($name) . " timestamp" . ($field["null"] ? " NULL" : "") . " DEFAULT $val" . ($_POST["on_update"][bracket_escape($name)] ? " ON UPDATE CURRENT_TIMESTAMP" : "");
+ $set[] = "\nMODIFY " . idf_escape($name) . " timestamp" . ($field["null"] ? " NULL" : "") . " DEFAULT $val" . ($_POST["on_update"][bracket_escape($name)] ? " ON UPDATE CURRENT_TIMESTAMP" : "");
} else {
- $set[] = " ALTER " . idf_escape($name) . ($val == "NULL" ? " DROP DEFAULT" : " SET DEFAULT $val");
+ $set[] = "\nALTER " . idf_escape($name) . ($val == "NULL" ? " DROP DEFAULT" : " SET DEFAULT $val");
}
}
}
@@ -33,9 +33,9 @@ if ($_POST && !$error && !isset($_GET["select"])) {
if (isset($_GET["default"])) {
query_redirect("ALTER TABLE " . idf_escape($_GET["edit"]) . implode(",", $set), $location, lang('Default values has been set.'));
} elseif ($update) {
- query_redirect("UPDATE " . idf_escape($_GET["edit"]) . " SET " . implode(", ", $set) . " WHERE " . implode(" AND ", $where) . " LIMIT 1", $location, lang('Item has been updated.'));
+ query_redirect("UPDATE " . idf_escape($_GET["edit"]) . " SET" . implode(",", $set) . "\nWHERE " . implode(" AND ", $where) . " LIMIT 1", $location, lang('Item has been updated.'));
} else {
- query_redirect("INSERT INTO " . idf_escape($_GET["edit"]) . " SET " . implode(", ", $set), $location, lang('Item has been inserted.'));
+ query_redirect("INSERT INTO " . idf_escape($_GET["edit"]) . " SET" . implode(",", $set), $location, lang('Item has been inserted.'));
}
}
}
diff --git a/event.inc.php b/event.inc.php
index 20beaf42..94fdd51d 100644
--- a/event.inc.php
+++ b/event.inc.php
@@ -6,7 +6,7 @@ if ($_POST && !$error) {
if ($_POST["drop"]) {
query_redirect("DROP EVENT " . idf_escape($_GET["event"]), substr($SELF, 0, -1), lang('Event has been dropped.'));
} elseif (in_array($_POST["INTERVAL_FIELD"], $intervals) && in_array($_POST["STATUS"], $statuses)) {
- $schedule = " ON SCHEDULE " . ($_POST["INTERVAL_VALUE"]
+ $schedule = "\nON SCHEDULE " . ($_POST["INTERVAL_VALUE"]
? "EVERY '" . $dbh->escape_string($_POST["INTERVAL_VALUE"]) . "' $_POST[INTERVAL_FIELD]"
. ($_POST["STARTS"] ? " STARTS '" . $dbh->escape_string($_POST["STARTS"]) . "'" : "")
. ($_POST["ENDS"] ? " ENDS '" . $dbh->escape_string($_POST["ENDS"]) . "'" : "") //! ALTER EVENT doesn't drop ENDS - MySQL bug #39173
@@ -15,10 +15,10 @@ if ($_POST && !$error) {
;
query_redirect((strlen($_GET["event"])
? "ALTER EVENT " . idf_escape($_GET["event"]) . $schedule
- . ($_GET["event"] != $_POST["EVENT_NAME"] ? " RENAME TO " . idf_escape($_POST["EVENT_NAME"]) : "")
+ . ($_GET["event"] != $_POST["EVENT_NAME"] ? "\nRENAME TO " . idf_escape($_POST["EVENT_NAME"]) : "")
: "CREATE EVENT " . idf_escape($_POST["EVENT_NAME"]) . $schedule
- ) . " $_POST[STATUS] COMMENT '" . $dbh->escape_string($_POST["EVENT_COMMENT"])
- . "' DO $_POST[EVENT_DEFINITION]"
+ ) . "\n$_POST[STATUS] COMMENT '" . $dbh->escape_string($_POST["EVENT_COMMENT"])
+ . "' DO\n$_POST[EVENT_DEFINITION]"
, substr($SELF, 0, -1), (strlen($_GET["event"]) ? lang('Event has been altered.') : lang('Event has been created.')));
}
}
diff --git a/foreign.inc.php b/foreign.inc.php
index 8132cd6e..7d15c64e 100644
--- a/foreign.inc.php
+++ b/foreign.inc.php
@@ -1,7 +1,7 @@
" . lang('SQL command') . "
" . htmlspecialchars($query) . '
' . lang('Edit') . '';
+ $sql = " " . lang('SQL command') . "
" . htmlspecialchars($query) . '
' . lang('Edit') . '';
$_SESSION["history"][$_GET["server"]][$_GET["db"]][] = $query;
}
if ($execute) {
diff --git a/indexes.inc.php b/indexes.inc.php
index 7ede702b..6cad95a4 100644
--- a/indexes.inc.php
+++ b/indexes.inc.php
@@ -26,17 +26,17 @@ if ($_POST && !$error && !$_POST["add"]) {
continue 2;
}
}
- $alter[] = "ADD $index[type]" . ($index["type"] == "PRIMARY" ? " KEY" : "") . " (" . implode(", ", $set) . ")";
+ $alter[] = "\nADD $index[type]" . ($index["type"] == "PRIMARY" ? " KEY" : "") . " (" . implode(", ", $set) . ")";
}
}
}
foreach ($indexes as $name => $existing) {
- $alter[] = "DROP INDEX " . idf_escape($name);
+ $alter[] = "\nDROP INDEX " . idf_escape($name);
}
if (!$alter) {
redirect($SELF . "table=" . urlencode($_GET["indexes"]));
}
- query_redirect("ALTER TABLE " . idf_escape($_GET["indexes"]) . " " . implode(", ", $alter), $SELF . "table=" . urlencode($_GET["indexes"]), lang('Indexes has been altered.'));
+ query_redirect("ALTER TABLE " . idf_escape($_GET["indexes"]) . implode(",", $alter), $SELF . "table=" . urlencode($_GET["indexes"]), lang('Indexes has been altered.'));
}
page_header(lang('Indexes'), $error, array("table" => $_GET["indexes"]), $_GET["indexes"]);
diff --git a/procedure.inc.php b/procedure.inc.php
index 15306eeb..2b9d198b 100644
--- a/procedure.inc.php
+++ b/procedure.inc.php
@@ -18,7 +18,7 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"]
query_redirect("CREATE $routine " . idf_escape($_POST["name"])
. " (" . implode(", ", $set) . ")"
. (isset($_GET["function"]) ? " RETURNS" . process_type($_POST["returns"], "CHARACTER SET") : "")
- . " $_POST[definition]"
+ . "\n$_POST[definition]"
, substr($SELF, 0, -1), (strlen($_GET["procedure"]) ? lang('Routine has been altered.') : lang('Routine has been created.')));
}
}
diff --git a/todo.txt b/todo.txt
index 45126970..feb3eac1 100644
--- a/todo.txt
+++ b/todo.txt
@@ -7,6 +7,7 @@ Compress export and import
Create view and routine options
Visualize SQL queries history
Function to fix database encoding - http://php.vrana.cz/prevod-kodovani-mysql.php
+Utilize information_schema.USER_PRIVILEGES in Privileges
? Save token also to cookie - for session expiration and login in other window
? Save uploaded files after error to session variable instead of hidden field
? Aliasing of built-in functions can save 7 KB, substitution of $_GET and friends can save 2 KB, remove of base64_decode() + using chars 127-255 in minification can save 1 KB, JS packer can save 1 KB
diff --git a/trigger.inc.php b/trigger.inc.php
index eed14f7e..9a86fdf9 100644
--- a/trigger.inc.php
+++ b/trigger.inc.php
@@ -9,7 +9,7 @@ if ($_POST && !$error) {
}
if (!$_POST["drop"]) {
if (in_array($_POST["Timing"], $trigger_time) && in_array($_POST["Event"], $trigger_event)) {
- query_redirect("CREATE TRIGGER " . idf_escape($_POST["Trigger"]) . " $_POST[Timing] $_POST[Event] ON " . idf_escape($_GET["trigger"]) . " FOR EACH ROW $_POST[Statement]", $SELF . "table=" . urlencode($_GET["trigger"]), (strlen($_GET["name"]) ? lang('Trigger has been altered.') : lang('Trigger has been created.')));
+ query_redirect("CREATE TRIGGER " . idf_escape($_POST["Trigger"]) . " $_POST[Timing] $_POST[Event] ON " . idf_escape($_GET["trigger"]) . " FOR EACH ROW\n$_POST[Statement]", $SELF . "table=" . urlencode($_GET["trigger"]), (strlen($_GET["name"]) ? lang('Trigger has been altered.') : lang('Trigger has been created.')));
}
}
}