From 79d1902812172914e98083e144d7bbe5d3038029 Mon Sep 17 00:00:00 2001 From: jakubvrana Date: Sat, 29 Aug 2009 13:57:50 +0000 Subject: [PATCH] Substitute table name to $TABLE git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@1047 7c3ca157-0c34-0410-bff1-cbf682f78f5c --- adminer/call.inc.php | 7 ++++--- adminer/create.inc.php | 33 +++++++++++++++++---------------- adminer/download.inc.php | 5 +++-- adminer/dump.inc.php | 7 ++++--- adminer/edit.inc.php | 15 ++++++++------- adminer/event.inc.php | 19 ++++++++++--------- adminer/foreign.inc.php | 17 +++++++++-------- adminer/indexes.inc.php | 11 ++++++----- adminer/procedure.inc.php | 17 +++++++++-------- adminer/select.inc.php | 37 +++++++++++++++++++------------------ adminer/table.inc.php | 31 ++++++++++++++++--------------- adminer/trigger.inc.php | 11 ++++++----- adminer/user.inc.php | 7 ++++--- adminer/view.inc.php | 15 ++++++++------- todo.txt | 2 +- 15 files changed, 124 insertions(+), 110 deletions(-) diff --git a/adminer/call.inc.php b/adminer/call.inc.php index b3f6e179..967af20f 100644 --- a/adminer/call.inc.php +++ b/adminer/call.inc.php @@ -1,7 +1,8 @@ $field) { @@ -27,7 +28,7 @@ if (!$error && $_POST) { } $call[] = (isset($out[$key]) ? "@" . idf_escape($field["field"]) : $val); } - $result = $dbh->multi_query((isset($_GET["callf"]) ? "SELECT" : "CALL") . " " . idf_escape($_GET["call"]) . "(" . implode(", ", $call) . ")"); + $result = $dbh->multi_query((isset($_GET["callf"]) ? "SELECT" : "CALL") . " " . idf_escape($PROCEDURE) . "(" . implode(", ", $call) . ")"); if (!$result) { echo "

" . h($dbh->error) . "\n"; } else { diff --git a/adminer/create.inc.php b/adminer/create.inc.php index ed9c74d7..f643fee8 100644 --- a/adminer/create.inc.php +++ b/adminer/create.inc.php @@ -1,21 +1,22 @@ $field) { $foreign_keys[idf_escape($table_name) . "." . idf_escape($field["field"])] = $table_name; } -if (strlen($_GET["create"])) { - $orig_fields = fields($_GET["create"]); +if (strlen($TABLE)) { + $orig_fields = fields($TABLE); } if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"] && !$_POST["down"]) { $auto_increment_index = " PRIMARY KEY"; // don't overwrite primary key by auto_increment - if (strlen($_GET["create"]) && strlen($_POST["fields"][$_POST["auto_increment_col"]]["orig"])) { - foreach (indexes($_GET["create"]) as $index) { + if (strlen($TABLE) && strlen($_POST["fields"][$_POST["auto_increment_col"]]["orig"])) { + foreach (indexes($TABLE) as $index) { foreach ($index["columns"] as $column) { if ($column === $_POST["fields"][$_POST["auto_increment_col"]]["orig"]) { $auto_increment_index = ""; @@ -33,17 +34,17 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"] foreach ($_POST["fields"] as $key => $field) { $type_field = (isset($types[$field["type"]]) ? $field : $referencable_primary[$foreign_keys[$field["type"]]]); if (strlen($field["field"]) && $type_field) { - $fields[] = "\n" . (strlen($_GET["create"]) ? (strlen($field["orig"]) ? "CHANGE " . idf_escape($field["orig"]) . " " : "ADD ") : " ") + $fields[] = "\n" . (strlen($TABLE) ? (strlen($field["orig"]) ? "CHANGE " . idf_escape($field["orig"]) . " " : "ADD ") : " ") . idf_escape($field["field"]) . process_type($type_field) . ($field["null"] ? " NULL" : " NOT NULL") // NULL for timestamp . (!$field["has_default"] || $field["auto_increment"] || ereg('text|blob', $field["type"]) ? "" : " DEFAULT " . ($field["type"] == "timestamp" && eregi("^CURRENT_TIMESTAMP( on update CURRENT_TIMESTAMP)?$", $field["default"]) ? $field["default"] : $dbh->quote($field["default"]))) . ($key == $_POST["auto_increment_col"] ? " AUTO_INCREMENT$auto_increment_index" : "") . " COMMENT " . $dbh->quote($field["comment"]) - . (strlen($_GET["create"]) ? " $after" : "") + . (strlen($TABLE) ? " $after" : "") ; $after = "AFTER " . idf_escape($field["field"]); if (!isset($types[$field["type"]])) { - $fields[] = (strlen($_GET["create"]) ? " ADD" : "") . " FOREIGN KEY (" . idf_escape($field["field"]) . ") REFERENCES " . idf_escape($foreign_keys[$field["type"]]) . " (" . idf_escape($type_field["field"]) . ")"; + $fields[] = (strlen($TABLE) ? " ADD" : "") . " FOREIGN KEY (" . idf_escape($field["field"]) . ") REFERENCES " . idf_escape($foreign_keys[$field["type"]]) . " (" . idf_escape($type_field["field"]) . ")"; } } elseif (strlen($field["orig"])) { $fields[] = "\nDROP " . idf_escape($field["orig"]); @@ -66,12 +67,12 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"] ? " (" . implode(",", $partitions) . "\n)" : ($_POST["partitions"] ? " PARTITIONS " . intval($_POST["partitions"]) : "") ); - } elseif ($dbh->server_info >= 5.1 && strlen($_GET["create"])) { + } elseif ($dbh->server_info >= 5.1 && strlen($TABLE)) { $status .= "\nREMOVE PARTITIONING"; } $location = ME . "table=" . urlencode($_POST["name"]); - if (strlen($_GET["create"])) { - query_redirect("ALTER TABLE " . idf_escape($_GET["create"]) . implode(",", $fields) . ",\nRENAME TO " . idf_escape($_POST["name"]) . ",\n$status", $location, lang('Table has been altered.')); + if (strlen($TABLE)) { + query_redirect("ALTER TABLE " . idf_escape($TABLE) . implode(",", $fields) . ",\nRENAME TO " . idf_escape($_POST["name"]) . ",\n$status", $location, lang('Table has been altered.')); } else { $path = preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"]); setcookie("adminer_engine", $_POST["Engine"], gmmktime(0, 0, 0, gmdate("n") + 1), $path); @@ -79,7 +80,7 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"] } } -page_header((strlen($_GET["create"]) ? lang('Alter table') : lang('Create table')), $error, array("table" => $_GET["create"]), $_GET["create"]); +page_header((strlen($TABLE) ? lang('Alter table') : lang('Create table')), $error, array("table" => $TABLE), $TABLE); $engines = array(); $result = $dbh->query("SHOW ENGINES"); @@ -100,9 +101,9 @@ if ($_POST) { $row["fields"][$row["auto_increment_col"]]["auto_increment"] = true; } process_fields($row["fields"]); -} elseif (strlen($_GET["create"])) { - $row = table_status($_GET["create"]); - $row["name"] = $_GET["create"]; +} elseif (strlen($TABLE)) { + $row = table_status($TABLE); + $row["name"] = $TABLE; $row["fields"] = array(); foreach ($orig_fields as $field) { $field["has_default"] = isset($field["default"]); @@ -112,7 +113,7 @@ if ($_POST) { $row["fields"][] = $field; } if ($dbh->server_info >= 5.1) { - $from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = " . $dbh->quote(DB) . " AND TABLE_NAME = " . $dbh->quote($_GET["create"]); + $from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = " . $dbh->quote(DB) . " AND TABLE_NAME = " . $dbh->quote($TABLE); $result = $dbh->query("SELECT PARTITION_METHOD, PARTITION_ORDINAL_POSITION, PARTITION_EXPRESSION $from ORDER BY PARTITION_ORDINAL_POSITION DESC LIMIT 1"); list($row["partition_by"], $row["partitions"], $row["partition"]) = $result->fetch_row(); $row["partition_names"] = array(); diff --git a/adminer/download.inc.php b/adminer/download.inc.php index 355c74cd..15b1987e 100644 --- a/adminer/download.inc.php +++ b/adminer/download.inc.php @@ -1,5 +1,6 @@ result($dbh->query("SELECT " . idf_escape($_GET["field"]) . " FROM " . idf_escape($_GET["download"]) . " WHERE " . where($_GET) . " LIMIT 1")); +header("Content-Disposition: attachment; filename=" . friendly_url("$TABLE-" . implode("_", $_GET["where"])) . "." . friendly_url($_GET["field"])); +echo $dbh->result($dbh->query("SELECT " . idf_escape($_GET["field"]) . " FROM " . idf_escape($TABLE) . " WHERE " . where($_GET) . " LIMIT 1")); exit; // don't output footer diff --git a/adminer/dump.inc.php b/adminer/dump.inc.php index e295dc31..fa6a2a2f 100644 --- a/adminer/dump.inc.php +++ b/adminer/dump.inc.php @@ -1,4 +1,5 @@ 1)); + $ext = dump_headers((strlen($TABLE) ? $TABLE : DB), (!strlen(DB) || count((array) $_POST["tables"] + (array) $_POST["data"]) > 1)); if ($_POST["format"] == "sql") { dump("SET NAMES utf8; SET foreign_key_checks = 0; @@ -176,14 +177,14 @@ echo "" . lang('Data') . "" . lang('Tables') . ""; echo ""; echo "\n"; $views = ""; foreach (table_status() as $row) { - $checked = (strlen($_GET["dump"]) && $row["Name"] != $_GET["dump"] ? '' : " checked"); + $checked = (strlen($TABLE) && $row["Name"] != $TABLE ? '' : " checked"); $print = ""; if (!$row["Engine"]) { $views .= "$print\n"; diff --git a/adminer/edit.inc.php b/adminer/edit.inc.php index 336e34a7..6c790828 100644 --- a/adminer/edit.inc.php +++ b/adminer/edit.inc.php @@ -1,7 +1,8 @@ $field) { if (!isset($field["privileges"][$update ? "update" : "insert"]) || !strlen($adminer->fieldName($field))) { unset($fields[$name]); @@ -10,7 +11,7 @@ foreach ($fields as $name => $field) { if ($_POST && !$error && !isset($_GET["select"])) { $location = $_SERVER["REQUEST_URI"]; // continue edit or insert if (!$_POST["insert"]) { - $location = ME . "select=" . urlencode($_GET["edit"]); + $location = ME . "select=" . urlencode($TABLE); $i = 0; // append &set converted to &where foreach ((array) $_GET["set"] as $key => $val) { if ($val == $_POST["fields"][$key]) { @@ -29,17 +30,17 @@ if ($_POST && !$error && !isset($_GET["select"])) { redirect($location); } if ($update) { - query_redirect("UPDATE " . idf_escape($_GET["edit"]) . " SET" . implode(",", $set) . "\nWHERE $where\nLIMIT 1", $location, lang('Item has been updated.')); + query_redirect("UPDATE " . idf_escape($TABLE) . " SET" . implode(",", $set) . "\nWHERE $where\nLIMIT 1", $location, lang('Item has been updated.')); } else { - query_redirect("INSERT INTO " . idf_escape($_GET["edit"]) . " SET" . implode(",", $set), $location, lang('Item has been inserted.')); + query_redirect("INSERT INTO " . idf_escape($TABLE) . " SET" . implode(",", $set), $location, lang('Item has been inserted.')); } } -$table_name = $adminer->tableName(table_status($_GET["edit"])); +$table_name = $adminer->tableName(table_status($TABLE)); page_header( ($update ? lang('Edit') : lang('Insert')), $error, - array("select" => array($_GET["edit"], $table_name)), + array("select" => array($TABLE, $table_name)), $table_name ); @@ -55,7 +56,7 @@ if ($_POST["save"]) { } $row = array(); if ($select) { - $result = $dbh->query("SELECT " . implode(", ", $select) . " FROM " . idf_escape($_GET["edit"]) . " WHERE $where " . (isset($_GET["select"]) ? "HAVING COUNT(*) = 1" : "LIMIT 1")); + $result = $dbh->query("SELECT " . implode(", ", $select) . " FROM " . idf_escape($TABLE) . " WHERE $where " . (isset($_GET["select"]) ? "HAVING COUNT(*) = 1" : "LIMIT 1")); $row = $result->fetch_assoc(); } } diff --git a/adminer/event.inc.php b/adminer/event.inc.php index 858c421d..a9c37563 100644 --- a/adminer/event.inc.php +++ b/adminer/event.inc.php @@ -1,10 +1,11 @@ "ENABLE", "DISABLED" => "DISABLE", "SLAVESIDE_DISABLED" => "DISABLE ON SLAVE"); if ($_POST && !$error) { if ($_POST["drop"]) { - query_redirect("DROP EVENT " . idf_escape($_GET["event"]), substr(ME, 0, -1), lang('Event has been dropped.')); + query_redirect("DROP EVENT " . idf_escape($EVENT), substr(ME, 0, -1), lang('Event has been dropped.')); } elseif (in_array($_POST["INTERVAL_FIELD"], $intervals) && isset($statuses[$_POST["STATUS"]])) { $schedule = "\nON SCHEDULE " . ($_POST["INTERVAL_VALUE"] ? "EVERY " . $dbh->quote($_POST["INTERVAL_VALUE"]) . " $_POST[INTERVAL_FIELD]" @@ -13,23 +14,23 @@ if ($_POST && !$error) { : "AT " . $dbh->quote($_POST["STARTS"]) ) . " ON COMPLETION" . ($_POST["ON_COMPLETION"] ? "" : " NOT") . " PRESERVE" ; - query_redirect((strlen($_GET["event"]) - ? "ALTER EVENT " . idf_escape($_GET["event"]) . $schedule - . ($_GET["event"] != $_POST["EVENT_NAME"] ? "\nRENAME TO " . idf_escape($_POST["EVENT_NAME"]) : "") + query_redirect((strlen($EVENT) + ? "ALTER EVENT " . idf_escape($EVENT) . $schedule + . ($EVENT != $_POST["EVENT_NAME"] ? "\nRENAME TO " . idf_escape($_POST["EVENT_NAME"]) : "") : "CREATE EVENT " . idf_escape($_POST["EVENT_NAME"]) . $schedule ) . "\n" . $statuses[$_POST["STATUS"]] . " COMMENT " . $dbh->quote($_POST["EVENT_COMMENT"]) . " DO\n$_POST[EVENT_DEFINITION]" - , substr(ME, 0, -1), (strlen($_GET["event"]) ? lang('Event has been altered.') : lang('Event has been created.'))); + , substr(ME, 0, -1), (strlen($EVENT) ? lang('Event has been altered.') : lang('Event has been created.'))); } } -page_header((strlen($_GET["event"]) ? lang('Alter event') . ": " . h($_GET["event"]) : lang('Create event')), $error); +page_header((strlen($EVENT) ? lang('Alter event') . ": " . h($EVENT) : lang('Create event')), $error); $row = array(); if ($_POST) { $row = $_POST; -} elseif (strlen($_GET["event"])) { - $result = $dbh->query("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = " . $dbh->quote(DB) . " AND EVENT_NAME = " . $dbh->quote($_GET["event"])); +} elseif (strlen($EVENT)) { + $result = $dbh->query("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = " . $dbh->quote(DB) . " AND EVENT_NAME = " . $dbh->quote($EVENT)); $row = $result->fetch_assoc(); } ?> @@ -48,5 +49,5 @@ if ($_POST) {

-> +> diff --git a/adminer/foreign.inc.php b/adminer/foreign.inc.php index cca67892..2c4009c7 100644 --- a/adminer/foreign.inc.php +++ b/adminer/foreign.inc.php @@ -1,7 +1,8 @@ $val) { $target[$key] = $_POST["target"][$key]; } - query_redirect("ALTER TABLE " . idf_escape($_GET["foreign"]) + query_redirect("ALTER TABLE " . idf_escape($TABLE) . (strlen($_GET["name"]) ? "\nDROP FOREIGN KEY " . idf_escape($_GET["name"]) . "," : "") . "\nADD FOREIGN KEY (" . implode(", ", array_map('idf_escape', $source)) . ") REFERENCES " . idf_escape($_POST["table"]) . " (" . implode(", ", array_map('idf_escape', $target)) . ")" . (in_array($_POST["on_delete"], $on_actions) ? " ON DELETE $_POST[on_delete]" : "") . (in_array($_POST["on_update"], $on_actions) ? " ON UPDATE $_POST[on_update]" : "") - , ME . "table=" . urlencode($_GET["foreign"]), (strlen($_GET["name"]) ? lang('Foreign key has been altered.') : lang('Foreign key has been created.'))); + , ME . "table=" . urlencode($TABLE), (strlen($_GET["name"]) ? lang('Foreign key has been altered.') : lang('Foreign key has been created.'))); $error = lang('Source and target columns must have the same data type, there must be an index on the target columns and referenced data must exist.') . "
$error"; //! no partitioning } } -page_header(lang('Foreign key'), $error, array("table" => $_GET["foreign"]), $_GET["foreign"]); +page_header(lang('Foreign key'), $error, array("table" => $TABLE), $TABLE); -$row = array("table" => $_GET["foreign"], "source" => array("")); +$row = array("table" => $TABLE, "source" => array("")); if ($_POST) { $row = $_POST; ksort($row["source"]); @@ -31,13 +32,13 @@ if ($_POST) { $row["target"] = array(); } } elseif (strlen($_GET["name"])) { - $foreign_keys = foreign_keys($_GET["foreign"]); + $foreign_keys = foreign_keys($TABLE); $row = $foreign_keys[$_GET["name"]]; $row["source"][] = ""; } -$source = get_vals("SHOW COLUMNS FROM " . idf_escape($_GET["foreign"])); //! no text and blob -$target = ($_GET["foreign"] === $row["table"] ? $source : get_vals("SHOW COLUMNS FROM " . idf_escape($row["table"]))); +$source = get_vals("SHOW COLUMNS FROM " . idf_escape($TABLE)); //! no text and blob +$target = ($TABLE === $row["table"] ? $source : get_vals("SHOW COLUMNS FROM " . idf_escape($row["table"]))); ?>

diff --git a/adminer/indexes.inc.php b/adminer/indexes.inc.php index 67032c14..7f04b36d 100644 --- a/adminer/indexes.inc.php +++ b/adminer/indexes.inc.php @@ -1,6 +1,7 @@ $_GET["indexes"]), $_GET["indexes"]); +page_header(lang('Indexes'), $error, array("table" => $TABLE), $TABLE); -$fields = array_keys(fields($_GET["indexes"])); +$fields = array_keys(fields($TABLE)); $row = array("indexes" => $indexes); if ($_POST) { $row = $_POST; diff --git a/adminer/procedure.inc.php b/adminer/procedure.inc.php index 275e9abd..a9e68652 100644 --- a/adminer/procedure.inc.php +++ b/adminer/procedure.inc.php @@ -1,10 +1,11 @@ @@ -49,5 +50,5 @@ if ($_POST) { : " maxlength="64"> -> +>
diff --git a/adminer/select.inc.php b/adminer/select.inc.php index 1e076be5..02b5c3c7 100644 --- a/adminer/select.inc.php +++ b/adminer/select.inc.php @@ -1,7 +1,8 @@ 0 $columns = array(); // selectable columns unset($text_length); @@ -20,7 +21,7 @@ list($select, $group) = $adminer->selectColumnsProcess($columns, $indexes); $where = $adminer->selectSearchProcess($fields, $indexes); $order = $adminer->selectOrderProcess($fields, $indexes); $limit = $adminer->selectLimitProcess(); -$from = ($select ? implode(", ", $select) : "*") . " FROM " . idf_escape($_GET["select"]) . ($where ? " WHERE " . implode(" AND ", $where) : ""); +$from = ($select ? implode(", ", $select) : "*") . " FROM " . idf_escape($TABLE) . ($where ? " WHERE " . implode(" AND ", $where) : ""); $group_by = ($group && count($group) < count($select) ? " GROUP BY " . implode(", ", $group) : "") . ($order ? " ORDER BY " . implode(", ", $order) : ""); if ($_POST && !$error) { @@ -33,20 +34,20 @@ if ($_POST && !$error) { } } if ($_POST["export"]) { - dump_headers($_GET["select"]); - dump_table($_GET["select"], ""); + dump_headers($TABLE); + dump_table($TABLE, ""); if ($_POST["format"] != "sql") { // Editor doesn't send format dump_csv($select ? $select : array_keys($fields)); } if (!is_array($_POST["check"]) || $primary === array()) { - dump_data($_GET["select"], "INSERT", "SELECT $from" . (is_array($_POST["check"]) ? ($where ? " AND " : " WHERE ") . "($where_check)" : "") . $group_by); + dump_data($TABLE, "INSERT", "SELECT $from" . (is_array($_POST["check"]) ? ($where ? " AND " : " WHERE ") . "($where_check)" : "") . $group_by); } else { $union = array(); foreach ($_POST["check"] as $val) { // where is not unique so OR can't be used $union[] = "(SELECT $from " . ($where ? "AND " : "WHERE ") . where_check($val) . $group_by . " LIMIT 1)"; } - dump_data($_GET["select"], "INSERT", implode(" UNION ALL ", $union)); + dump_data($TABLE, "INSERT", implode(" UNION ALL ", $union)); } dump(); exit; @@ -55,7 +56,7 @@ if ($_POST && !$error) { if (!$_POST["import"]) { // edit $result = true; $affected = 0; - $command = ($_POST["delete"] ? ($_POST["all"] && !$where ? "TRUNCATE " : "DELETE FROM ") : ($_POST["clone"] ? "INSERT INTO " : "UPDATE ")) . idf_escape($_GET["select"]); + $command = ($_POST["delete"] ? ($_POST["all"] && !$where ? "TRUNCATE " : "DELETE FROM ") : ($_POST["clone"] ? "INSERT INTO " : "UPDATE ")) . idf_escape($TABLE); $set = array(); if (!$_POST["delete"]) { foreach ($columns as $name => $val) { //! should check also for edit or insert privileges @@ -66,7 +67,7 @@ if ($_POST && !$error) { $set[] = idf_escape($name) . " = $val"; } } - $command .= ($_POST["clone"] ? "\nSELECT " . implode(", ", $set) . "\nFROM " . idf_escape($_GET["select"]) : " SET\n" . implode(",\n", $set)); + $command .= ($_POST["clone"] ? "\nSELECT " . implode(", ", $set) . "\nFROM " . idf_escape($TABLE) : " SET\n" . implode(",\n", $set)); } if ($_POST["delete"] || $set) { if ($_POST["all"] || ($primary === array() && $_POST["check"])) { @@ -91,7 +92,7 @@ if ($_POST && !$error) { $length = 0; $result = true; $dbh->query("SET foreign_key_checks = 0"); - $query = "REPLACE " . idf_escape($_GET["select"]); // ON DUPLICATE KEY UPDATE would require one query per record + $query = "REPLACE " . idf_escape($TABLE); // ON DUPLICATE KEY UPDATE would require one query per record $packet_size = $dbh->result($dbh->query("SELECT @@max_allowed_packet")); $rows = array(); preg_match_all('~("[^"]*"|[^"\\n])+~', $file, $matches); @@ -136,7 +137,7 @@ if ($_POST && !$error) { page_header(lang('Select') . ": " . $adminer->tableName($table_status), $error); -$foreign_keys = column_foreign_keys($_GET["select"]); +$foreign_keys = column_foreign_keys($TABLE); echo "

"; if (isset($rights["insert"])) { $set = ""; @@ -147,7 +148,7 @@ if (isset($rights["insert"])) { $set .= "&set" . urlencode("[" . bracket_escape($val["col"]) . "]") . "=" . urlencode($val["val"]); } } - echo '' . lang('New item') . ' '; + echo '' . lang('New item') . ' '; } echo $adminer->selectLinks($table_status); @@ -158,7 +159,7 @@ if (!$columns) { echo "

"; echo (strlen($_GET["server"]) ? '' : ""); echo (strlen(DB) ? '' : ""); // not used in Editor - echo ''; + echo ''; echo "
\n"; $adminer->selectColumnsPrint($select, $columns); $adminer->selectSearchPrint($where, $columns, $indexes); @@ -192,7 +193,7 @@ if (!$columns) { $descriptions = $adminer->rowDescriptions($rows, $foreign_keys); - $backward_keys = $adminer->backwardKeys($_GET["select"]); + $backward_keys = $adminer->backwardKeys($TABLE); $table_names = array(); if ($backward_keys) { foreach ($backward_keys as $key => $val) { @@ -222,7 +223,7 @@ if (!$columns) { echo ($table_names ? "" . lang('Relations') : "") . "\n"; foreach ($descriptions as $n => $row) { $unique_idf = implode('&', unique_idf($rows[$n], $indexes)); - echo "" . (count($select) != count($group) || information_schema(DB) ? '' : " " . lang('edit') . ""); + echo "" . (count($select) != count($group) || information_schema(DB) ? '' : " " . lang('edit') . ""); foreach ($row as $key => $val) { if (isset($names[$key])) { if (strlen($val) && (!isset($email_fields[$key]) || strlen($email_fields[$key]))) { @@ -234,7 +235,7 @@ if (!$columns) { $val = "NULL"; } else { if (ereg('blob|binary', $fields[$key]["type"]) && strlen($val)) { - $link = h(ME . 'download=' . urlencode($_GET["select"]) . '&field=' . urlencode($key) . '&') . $unique_idf; + $link = h(ME . 'download=' . urlencode($TABLE) . '&field=' . urlencode($key) . '&') . $unique_idf; } if (!strlen(trim($val, " \t"))) { $val = " "; @@ -284,7 +285,7 @@ if (!$columns) { // slow with big tables ob_flush(); flush(); - $found_rows = $dbh->result($dbh->query("SELECT COUNT(*) FROM " . idf_escape($_GET["select"]) . ($where ? " WHERE " . implode(" AND ", $where) : ""))); + $found_rows = $dbh->result($dbh->query("SELECT COUNT(*) FROM " . idf_escape($TABLE) . ($where ? " WHERE " . implode(" AND ", $where) : ""))); } echo "

"; if (intval($limit) && $found_rows > $limit) { diff --git a/adminer/table.inc.php b/adminer/table.inc.php index e84b980e..eff3967e 100644 --- a/adminer/table.inc.php +++ b/adminer/table.inc.php @@ -1,12 +1,13 @@ query("SHOW FULL COLUMNS FROM " . idf_escape($_GET["table"])); +$TABLE = $_GET["table"]; +$result = $dbh->query("SHOW FULL COLUMNS FROM " . idf_escape($TABLE)); if (!$result) { $error = h($dbh->error); } -$table_status = ($result ? table_status($_GET["table"]) : array()); +$table_status = ($result ? table_status($TABLE) : array()); $is_view = !isset($table_status["Rows"]); -page_header(($result && $is_view ? lang('View') : lang('Table')) . ": " . h($_GET["table"]), $error); +page_header(($result && $is_view ? lang('View') : lang('Table')) . ": " . h($TABLE), $error); if ($result) { echo "\n"; @@ -21,16 +22,16 @@ if ($result) { echo "

"; if ($is_view) { - echo '' . lang('Alter view') . ''; + echo '' . lang('Alter view') . ''; } else { - echo '' . lang('Alter table') . ''; + echo '' . lang('Alter table') . ''; } - echo ' ' . lang('Select table') . ''; - echo ' ' . lang('New item') . ''; + echo ' ' . lang('Select table') . ''; + echo ' ' . lang('New item') . ''; if (!$is_view) { echo "

" . lang('Indexes') . "

\n"; - $indexes = indexes($_GET["table"]); + $indexes = indexes($TABLE); if ($indexes) { echo "
\n"; foreach ($indexes as $index) { @@ -43,11 +44,11 @@ if ($result) { } echo "
\n"; } - echo '

' . lang('Alter indexes') . "\n"; + echo '

' . lang('Alter indexes') . "\n"; if ($table_status["Engine"] == "InnoDB") { echo "

" . lang('Foreign keys') . "

\n"; - $foreign_keys = foreign_keys($_GET["table"]); + $foreign_keys = foreign_keys($TABLE); if ($foreign_keys) { echo "\n"; foreach ($foreign_keys as $name => $foreign_key) { @@ -56,24 +57,24 @@ if ($result) { echo "
" . implode(", ", array_map('h', $foreign_key["source"])) . ""; echo "$link"; echo "(" . implode(", ", array_map('h', $foreign_key["target"])) . ")"; - echo "" . (!strlen($foreign_key["db"]) ? '' . lang('Alter') . '' : ' '); + echo "" . (!strlen($foreign_key["db"]) ? '' . lang('Alter') . '' : ' '); } echo "
\n"; } - echo '

' . lang('Add foreign key') . "\n"; + echo '

' . lang('Add foreign key') . "\n"; } if ($dbh->server_info >= 5) { echo "

" . lang('Triggers') . "

\n"; - $result = $dbh->query("SHOW TRIGGERS LIKE " . $dbh->quote(addcslashes($_GET["table"], "%_"))); + $result = $dbh->query("SHOW TRIGGERS LIKE " . $dbh->quote(addcslashes($TABLE, "%_"))); if ($result->num_rows) { echo "\n"; while ($row = $result->fetch_assoc()) { - echo "
$row[Timing]$row[Event]" . h($row["Trigger"]) . "" . lang('Alter') . "\n"; + echo "
$row[Timing]$row[Event]" . h($row["Trigger"]) . "" . lang('Alter') . "\n"; } echo "
\n"; } - echo '

' . lang('Add trigger') . "\n"; + echo '

' . lang('Add trigger') . "\n"; } } } diff --git a/adminer/trigger.inc.php b/adminer/trigger.inc.php index b01b66fd..9f7def0c 100644 --- a/adminer/trigger.inc.php +++ b/adminer/trigger.inc.php @@ -1,22 +1,23 @@ $_GET["trigger"])); +page_header((strlen($_GET["name"]) ? lang('Alter trigger') . ": " . h($_GET["name"]) : lang('Create trigger')), $error, array("table" => $TABLE)); -$row = array("Trigger" => "$_GET[trigger]_bi"); +$row = array("Trigger" => $TABLE . "_bi"); if ($_POST) { $row = $_POST; } elseif (strlen($_GET["name"])) { @@ -27,7 +28,7 @@ if ($_POST) {

-
+
" maxlength="64">
diff --git a/adminer/user.inc.php b/adminer/user.inc.php index 6e25ee5b..e6630307 100644 --- a/adminer/user.inc.php +++ b/adminer/user.inc.php @@ -1,4 +1,5 @@ array("All privileges" => "")); $result = $dbh->query("SHOW PRIVILEGES"); while ($row = $result->fetch_assoc()) { @@ -40,7 +41,7 @@ if ($_POST) { } $grants = array(); $old_pass = ""; -if (isset($_GET["host"]) && ($result = $dbh->query("SHOW GRANTS FOR " . $dbh->quote($_GET["user"]) . "@" . $dbh->quote($_GET["host"])))) { //! use information_schema for MySQL 5 - column names in column privileges are not escaped +if (isset($_GET["host"]) && ($result = $dbh->query("SHOW GRANTS FOR " . $dbh->quote($USER) . "@" . $dbh->quote($_GET["host"])))) { //! use information_schema for MySQL 5 - column names in column privileges are not escaped while ($row = $result->fetch_row()) { if (preg_match('~GRANT (.*) ON (.*) TO ~', $row[0], $match) && preg_match_all('~ *([^(,]*[^ ,(])( *\\([^)]+\\))?~', $match[1], $matches, PREG_SET_ORDER)) { //! escape the part between ON and TO foreach ($matches as $val) { @@ -57,7 +58,7 @@ if (isset($_GET["host"]) && ($result = $dbh->query("SHOW GRANTS FOR " . $dbh->qu } if ($_POST && !$error) { - $old_user = (isset($_GET["host"]) ? $dbh->quote($_GET["user"]) . "@" . $dbh->quote($_GET["host"]) : "''"); + $old_user = (isset($_GET["host"]) ? $dbh->quote($USER) . "@" . $dbh->quote($_GET["host"]) : "''"); $new_user = $dbh->quote($_POST["user"]) . "@" . $dbh->quote($_POST["host"]); // if $_GET["host"] is not set then $new_user is always different $pass = $dbh->quote($_POST["pass"]); if ($_POST["drop"]) { @@ -112,7 +113,7 @@ if ($_POST && !$error) { } } -page_header((isset($_GET["host"]) ? lang('Username') . ": " . h("$_GET[user]@$_GET[host]") : lang('Create user')), $error, array("privileges" => array('', lang('Privileges')))); +page_header((isset($_GET["host"]) ? lang('Username') . ": " . h("$USER@$_GET[host]") : lang('Create user')), $error, array("privileges" => array('', lang('Privileges')))); if ($_POST) { $row = $_POST; diff --git a/adminer/view.inc.php b/adminer/view.inc.php index 42161020..64e672c4 100644 --- a/adminer/view.inc.php +++ b/adminer/view.inc.php @@ -1,20 +1,21 @@ $_GET["view"]), $_GET["view"]); +page_header((strlen($TABLE) ? lang('Alter view') : lang('Create view')), $error, array("table" => $TABLE), $TABLE); $row = array(); if ($_POST) { $row = $_POST; -} elseif (strlen($_GET["view"])) { - $row = view($_GET["view"]); - $row["name"] = $_GET["view"]; +} elseif (strlen($TABLE)) { + $row = view($TABLE); + $row["name"] = $TABLE; } ?> diff --git a/todo.txt b/todo.txt index bb34fea7..d793c723 100644 --- a/todo.txt +++ b/todo.txt @@ -12,7 +12,7 @@ IE6 -