Save bytes ($connection->quote shortcut)
This commit is contained in:
Jakub Vrana
parent
b0d637b638
commit
7e644b4346
|
|
@ -117,7 +117,7 @@ if ($_POST) {
|
|||
$row["fields"][] = $field;
|
||||
}
|
||||
if (support("partitioning")) {
|
||||
$from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = " . $connection->quote(DB) . " AND TABLE_NAME = " . $connection->quote($TABLE);
|
||||
$from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = " . q(DB) . " AND TABLE_NAME = " . q($TABLE);
|
||||
$result = $connection->query("SELECT PARTITION_METHOD, PARTITION_ORDINAL_POSITION, PARTITION_EXPRESSION $from ORDER BY PARTITION_ORDINAL_POSITION LIMIT 1");
|
||||
list($row["partition_by"], $row["partitions"], $row["partition"]) = $result->fetch_row();
|
||||
$row["partition_names"] = array();
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ if ($_POST && !$error && !isset($_POST["add_x"])) { // add is an image and PHP c
|
|||
if (!$_POST["collation"]) {
|
||||
redirect(substr(ME, 0, -1));
|
||||
}
|
||||
query_redirect("ALTER DATABASE " . idf_escape($_POST["name"]) . " COLLATE " . $connection->quote($_POST["collation"]), substr(ME, 0, -1), lang('Database has been altered.'));
|
||||
query_redirect("ALTER DATABASE " . idf_escape($_POST["name"]) . " COLLATE " . q($_POST["collation"]), substr(ME, 0, -1), lang('Database has been altered.'));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -264,7 +264,7 @@ if (isset($_GET["mssql"])) {
|
|||
|
||||
function db_collation($db, $collations) {
|
||||
global $connection;
|
||||
return $connection->result("SELECT collation_name FROM sys.databases WHERE name = " . $connection->quote($db));
|
||||
return $connection->result("SELECT collation_name FROM sys.databases WHERE name = " . q($db));
|
||||
}
|
||||
|
||||
function engines() {
|
||||
|
|
@ -277,8 +277,7 @@ if (isset($_GET["mssql"])) {
|
|||
}
|
||||
|
||||
function tables_list() {
|
||||
global $connection;
|
||||
return get_key_vals("SELECT name, type_desc FROM sys.all_objects WHERE schema_id = SCHEMA_ID(" . $connection->quote(get_schema()) . ") AND type IN ('S', 'U', 'V') ORDER BY name");
|
||||
return get_key_vals("SELECT name, type_desc FROM sys.all_objects WHERE schema_id = SCHEMA_ID(" . q(get_schema()) . ") AND type IN ('S', 'U', 'V') ORDER BY name");
|
||||
}
|
||||
|
||||
function count_tables($databases) {
|
||||
|
|
@ -292,9 +291,8 @@ if (isset($_GET["mssql"])) {
|
|||
}
|
||||
|
||||
function table_status($name = "") {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SELECT name AS Name, type_desc AS Engine FROM sys.all_objects WHERE schema_id = SCHEMA_ID(" . $connection->quote(get_schema()) . ") AND type IN ('S', 'U', 'V')" . ($name != "" ? " AND name = " . $connection->quote($name) : "")) as $row) {
|
||||
foreach (get_rows("SELECT name AS Name, type_desc AS Engine FROM sys.all_objects WHERE schema_id = SCHEMA_ID(" . q(get_schema()) . ") AND type IN ('S', 'U', 'V')" . ($name != "" ? " AND name = " . q($name) : "")) as $row) {
|
||||
if ($name != "") {
|
||||
return $row;
|
||||
}
|
||||
|
|
@ -312,14 +310,13 @@ if (isset($_GET["mssql"])) {
|
|||
}
|
||||
|
||||
function fields($table, $hidden = false) {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SELECT c.*, t.name type, d.definition [default]
|
||||
FROM sys.all_columns c
|
||||
JOIN sys.all_objects o ON c.object_id = o.object_id
|
||||
JOIN sys.types t ON c.user_type_id = t.user_type_id
|
||||
LEFT JOIN sys.default_constraints d ON c.default_object_id = d.parent_column_id
|
||||
WHERE o.schema_id = SCHEMA_ID(" . $connection->quote(get_schema()) . ") AND o.type IN ('S', 'U', 'V') AND o.name = " . $connection->quote($table)
|
||||
WHERE o.schema_id = SCHEMA_ID(" . q(get_schema()) . ") AND o.type IN ('S', 'U', 'V') AND o.name = " . q($table)
|
||||
) as $row) {
|
||||
$type = $row["type"];
|
||||
$length = (ereg("char|binary", $type) ? $row["max_length"] : ($type == "decimal" ? "$row[precision],$row[scale]" : ""));
|
||||
|
|
@ -350,7 +347,7 @@ WHERE o.schema_id = SCHEMA_ID(" . $connection->quote(get_schema()) . ") AND o.ty
|
|||
FROM sys.indexes
|
||||
INNER JOIN sys.index_columns ON indexes.object_id = index_columns.object_id AND indexes.index_id = index_columns.index_id
|
||||
INNER JOIN sys.columns ON index_columns.object_id = columns.object_id AND index_columns.column_id = columns.column_id
|
||||
WHERE OBJECT_NAME(indexes.object_id) = " . $connection2->quote($table)
|
||||
WHERE OBJECT_NAME(indexes.object_id) = " . q($table)
|
||||
);
|
||||
if ($result) {
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
|
|
@ -364,7 +361,7 @@ WHERE OBJECT_NAME(indexes.object_id) = " . $connection2->quote($table)
|
|||
|
||||
function view($name) {
|
||||
global $connection;
|
||||
return array("select" => preg_replace('~^(?:[^`]|`[^`]*`)*\\s+AS\\s+~isU', '', $connection->result("SELECT view_definition FROM information_schema.views WHERE table_schema = SCHEMA_NAME() AND table_name = " . $connection->quote($name))));
|
||||
return array("select" => preg_replace('~^(?:[^`]|`[^`]*`)*\\s+AS\\s+~isU', '', $connection->result("SELECT view_definition FROM information_schema.views WHERE table_schema = SCHEMA_NAME() AND table_name = " . q($name))));
|
||||
}
|
||||
|
||||
function collations() {
|
||||
|
|
@ -385,8 +382,7 @@ WHERE OBJECT_NAME(indexes.object_id) = " . $connection2->quote($table)
|
|||
}
|
||||
|
||||
function exact_value($val) {
|
||||
global $connection;
|
||||
return $connection->quote($val);
|
||||
return q($val);
|
||||
}
|
||||
|
||||
function create_database($db, $collation) {
|
||||
|
|
@ -410,7 +406,6 @@ WHERE OBJECT_NAME(indexes.object_id) = " . $connection2->quote($table)
|
|||
}
|
||||
|
||||
function alter_table($table, $name, $fields, $foreign, $comment, $engine, $collation, $auto_increment, $partitioning) {
|
||||
global $connection;
|
||||
$alter = array();
|
||||
foreach ($fields as $field) {
|
||||
$column = idf_escape($field[0]);
|
||||
|
|
@ -424,7 +419,7 @@ WHERE OBJECT_NAME(indexes.object_id) = " . $connection2->quote($table)
|
|||
} else {
|
||||
unset($val[6]); //! identity can't be removed
|
||||
if ($column != $val[0]) {
|
||||
queries("EXEC sp_rename " . $connection->quote(table($table) . ".$column") . ", " . $connection->quote(idf_unescape($val[0])) . ", 'COLUMN'");
|
||||
queries("EXEC sp_rename " . q(table($table) . ".$column") . ", " . q(idf_unescape($val[0])) . ", 'COLUMN'");
|
||||
}
|
||||
$alter["ALTER COLUMN " . implode("", $val)][] = "";
|
||||
}
|
||||
|
|
@ -434,7 +429,7 @@ WHERE OBJECT_NAME(indexes.object_id) = " . $connection2->quote($table)
|
|||
return queries("CREATE TABLE " . table($name) . " (" . implode(",", (array) $alter["ADD"]) . "\n)");
|
||||
}
|
||||
if ($table != $name) {
|
||||
queries("EXEC sp_rename " . $connection->quote(table($table)) . ", " . $connection->quote($name));
|
||||
queries("EXEC sp_rename " . q(table($table)) . ", " . q($name));
|
||||
}
|
||||
foreach ($alter as $key => $val) {
|
||||
if (!queries("ALTER TABLE " . idf_escape($name) . " $key" . implode(",", $val))) {
|
||||
|
|
@ -503,9 +498,8 @@ WHERE OBJECT_NAME(indexes.object_id) = " . $connection2->quote($table)
|
|||
}
|
||||
|
||||
function foreign_keys($table) {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("EXEC sp_fkeys @fktable_name = " . $connection->quote($table)) as $row) {
|
||||
foreach (get_rows("EXEC sp_fkeys @fktable_name = " . q($table)) as $row) {
|
||||
$foreign_key = &$return[$row["FK_NAME"]];
|
||||
$foreign_key["table"] = $row["PKTABLE_NAME"];
|
||||
$foreign_key["source"][] = $row["FKCOLUMN_NAME"];
|
||||
|
|
@ -531,14 +525,13 @@ WHERE OBJECT_NAME(indexes.object_id) = " . $connection2->quote($table)
|
|||
}
|
||||
|
||||
function trigger($name) {
|
||||
global $connection;
|
||||
$rows = get_rows("SELECT s.name [Trigger],
|
||||
CASE WHEN OBJECTPROPERTY(s.id, 'ExecIsInsertTrigger') = 1 THEN 'INSERT' WHEN OBJECTPROPERTY(s.id, 'ExecIsUpdateTrigger') = 1 THEN 'UPDATE' WHEN OBJECTPROPERTY(s.id, 'ExecIsDeleteTrigger') = 1 THEN 'DELETE' END [Event],
|
||||
CASE WHEN OBJECTPROPERTY(s.id, 'ExecIsInsteadOfTrigger') = 1 THEN 'INSTEAD OF' ELSE 'AFTER' END [Timing],
|
||||
c.text
|
||||
FROM sysobjects s
|
||||
JOIN syscomments c ON s.id = c.id
|
||||
WHERE s.xtype = 'TR' AND s.name = " . $connection->quote($name)
|
||||
WHERE s.xtype = 'TR' AND s.name = " . q($name)
|
||||
); // triggers are not schema-scoped
|
||||
$return = reset($rows);
|
||||
if ($return) {
|
||||
|
|
@ -548,14 +541,13 @@ WHERE s.xtype = 'TR' AND s.name = " . $connection->quote($name)
|
|||
}
|
||||
|
||||
function triggers($table) {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SELECT sys1.name,
|
||||
CASE WHEN OBJECTPROPERTY(sys1.id, 'ExecIsInsertTrigger') = 1 THEN 'INSERT' WHEN OBJECTPROPERTY(sys1.id, 'ExecIsUpdateTrigger') = 1 THEN 'UPDATE' WHEN OBJECTPROPERTY(sys1.id, 'ExecIsDeleteTrigger') = 1 THEN 'DELETE' END [Event],
|
||||
CASE WHEN OBJECTPROPERTY(sys1.id, 'ExecIsInsteadOfTrigger') = 1 THEN 'INSTEAD OF' ELSE 'AFTER' END [Timing]
|
||||
FROM sysobjects sys1
|
||||
JOIN sysobjects sys2 ON sys1.parent_obj = sys2.id
|
||||
WHERE sys1.xtype = 'TR' AND sys2.name = " . $connection->quote($table)
|
||||
WHERE sys1.xtype = 'TR' AND sys2.name = " . q($table)
|
||||
) as $row) { // triggers are not schema-scoped
|
||||
$return[$row["name"]] = array($row["Timing"], $row["Event"]);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -349,9 +349,8 @@ if (!defined("DRIVER")) {
|
|||
* @return array
|
||||
*/
|
||||
function table_status($name = "") {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SHOW TABLE STATUS" . ($name != "" ? " LIKE " . $connection->quote(addcslashes($name, "%_")) : "")) as $row) {
|
||||
foreach (get_rows("SHOW TABLE STATUS" . ($name != "" ? " LIKE " . q(addcslashes($name, "%_")) : "")) as $row) {
|
||||
if ($row["Engine"] == "InnoDB") {
|
||||
// ignore internal comment, unnecessary since MySQL 5.1.21
|
||||
$row["Comment"] = preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["Comment"]);
|
||||
|
|
@ -503,8 +502,7 @@ if (!defined("DRIVER")) {
|
|||
* @return string
|
||||
*/
|
||||
function exact_value($val) {
|
||||
global $connection;
|
||||
return $connection->quote($val) . " COLLATE utf8_bin";
|
||||
return q($val) . " COLLATE utf8_bin";
|
||||
}
|
||||
|
||||
/** Create database
|
||||
|
|
@ -512,9 +510,8 @@ if (!defined("DRIVER")) {
|
|||
* @return string
|
||||
*/
|
||||
function create_database($db, $collation) {
|
||||
global $connection;
|
||||
set_session("databases", null);
|
||||
return queries("CREATE DATABASE " . idf_escape($db) . ($collation ? " COLLATE " . $connection->quote($collation) : ""));
|
||||
return queries("CREATE DATABASE " . idf_escape($db) . ($collation ? " COLLATE " . q($collation) : ""));
|
||||
}
|
||||
|
||||
/** Drop databases
|
||||
|
|
@ -579,7 +576,6 @@ if (!defined("DRIVER")) {
|
|||
* @return bool
|
||||
*/
|
||||
function alter_table($table, $name, $fields, $foreign, $comment, $engine, $collation, $auto_increment, $partitioning) {
|
||||
global $connection;
|
||||
$alter = array();
|
||||
foreach ($fields as $field) {
|
||||
$alter[] = ($field[1]
|
||||
|
|
@ -588,9 +584,9 @@ if (!defined("DRIVER")) {
|
|||
);
|
||||
}
|
||||
$alter = array_merge($alter, $foreign);
|
||||
$status = "COMMENT=" . $connection->quote($comment)
|
||||
. ($engine ? " ENGINE=" . $connection->quote($engine) : "")
|
||||
. ($collation ? " COLLATE " . $connection->quote($collation) : "")
|
||||
$status = "COMMENT=" . q($comment)
|
||||
. ($engine ? " ENGINE=" . q($engine) : "")
|
||||
. ($collation ? " COLLATE " . q($collation) : "")
|
||||
. ($auto_increment != "" ? " AUTO_INCREMENT=$auto_increment" : "")
|
||||
. $partitioning
|
||||
;
|
||||
|
|
@ -659,8 +655,7 @@ if (!defined("DRIVER")) {
|
|||
* @return array array("Trigger" => , "Timing" => , "Event" => , "Statement" => )
|
||||
*/
|
||||
function trigger($name) {
|
||||
global $connection;
|
||||
$rows = get_rows("SHOW TRIGGERS WHERE `Trigger` = " . $connection->quote($name));
|
||||
$rows = get_rows("SHOW TRIGGERS WHERE `Trigger` = " . q($name));
|
||||
return reset($rows);
|
||||
}
|
||||
|
||||
|
|
@ -669,9 +664,8 @@ if (!defined("DRIVER")) {
|
|||
* @return array array($name => array($timing, $event))
|
||||
*/
|
||||
function triggers($table) {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SHOW TRIGGERS LIKE " . $connection->quote(addcslashes($table, "%_"))) as $row) {
|
||||
foreach (get_rows("SHOW TRIGGERS LIKE " . q(addcslashes($table, "%_"))) as $row) {
|
||||
$return[$row["Trigger"]] = array($row["Timing"], $row["Event"]);
|
||||
}
|
||||
return $return;
|
||||
|
|
@ -725,8 +719,7 @@ if (!defined("DRIVER")) {
|
|||
}
|
||||
|
||||
function routines() {
|
||||
global $connection;
|
||||
return get_rows("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = " . $connection->quote(DB));
|
||||
return get_rows("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = " . q(DB));
|
||||
}
|
||||
|
||||
/** Begin transaction
|
||||
|
|
@ -841,9 +834,8 @@ if (!defined("DRIVER")) {
|
|||
* @return string
|
||||
*/
|
||||
function trigger_sql($table, $style) {
|
||||
global $connection;
|
||||
$return = "";
|
||||
foreach (get_rows("SHOW TRIGGERS LIKE " . $connection->quote(addcslashes($table, "%_"))) as $row) {
|
||||
foreach (get_rows("SHOW TRIGGERS LIKE " . q(addcslashes($table, "%_"))) as $row) {
|
||||
$return .= "\n" . ($style == 'CREATE+ALTER' ? "DROP TRIGGER IF EXISTS " . idf_escape($row["Trigger"]) . ";;\n" : "")
|
||||
. "CREATE TRIGGER " . idf_escape($row["Trigger"]) . " $row[Timing] $row[Event] ON " . table($row["Table"]) . " FOR EACH ROW\n$row[Statement];;\n";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -175,8 +175,7 @@ if (isset($_GET["oracle"])) {
|
|||
}
|
||||
|
||||
function tables_list() {
|
||||
global $connection;
|
||||
return get_key_vals("SELECT table_name, 'table' FROM all_tables WHERE tablespace_name = " . $connection->quote(DB) . "
|
||||
return get_key_vals("SELECT table_name, 'table' FROM all_tables WHERE tablespace_name = " . q(DB) . "
|
||||
UNION SELECT view_name, 'view' FROM user_views"
|
||||
); //! views don't have schema
|
||||
}
|
||||
|
|
@ -186,10 +185,9 @@ UNION SELECT view_name, 'view' FROM user_views"
|
|||
}
|
||||
|
||||
function table_status($name = "") {
|
||||
global $connection;
|
||||
$return = array();
|
||||
$search = $connection->quote($name);
|
||||
foreach (get_rows('SELECT table_name "Name", \'table\' "Engine" FROM all_tables WHERE tablespace_name = ' . $connection->quote(DB) . ($name != "" ? " AND table_name = $search" : "") . "
|
||||
$search = q($name);
|
||||
foreach (get_rows('SELECT table_name "Name", \'table\' "Engine" FROM all_tables WHERE tablespace_name = ' . q(DB) . ($name != "" ? " AND table_name = $search" : "") . "
|
||||
UNION SELECT view_name, 'view' FROM user_views" . ($name != "" ? " WHERE view_name = $search" : "")
|
||||
) as $row) {
|
||||
if ($name != "") {
|
||||
|
|
@ -209,9 +207,8 @@ UNION SELECT view_name, 'view' FROM user_views" . ($name != "" ? " WHERE view_na
|
|||
}
|
||||
|
||||
function fields($table, $hidden = false) {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SELECT * FROM all_tab_columns WHERE table_name = " . $connection->quote($table) . " ORDER BY column_id") as $row) {
|
||||
foreach (get_rows("SELECT * FROM all_tab_columns WHERE table_name = " . q($table) . " ORDER BY column_id") as $row) {
|
||||
$type = $row["DATA_TYPE"];
|
||||
$length = "$row[DATA_PRECISION],$row[DATA_SCALE]";
|
||||
if ($length == ",") {
|
||||
|
|
@ -239,8 +236,7 @@ UNION SELECT view_name, 'view' FROM user_views" . ($name != "" ? " WHERE view_na
|
|||
}
|
||||
|
||||
function view($name) {
|
||||
global $connection;
|
||||
$rows = get_rows('SELECT text "select" FROM user_views WHERE view_name = ' . $connection->quote($name));
|
||||
$rows = get_rows('SELECT text "select" FROM user_views WHERE view_name = ' . q($name));
|
||||
return reset($rows);
|
||||
}
|
||||
|
||||
|
|
@ -258,8 +254,7 @@ UNION SELECT view_name, 'view' FROM user_views" . ($name != "" ? " WHERE view_na
|
|||
}
|
||||
|
||||
function exact_value($val) {
|
||||
global $connection;
|
||||
return $connection->quote($val);
|
||||
return q($val);
|
||||
}
|
||||
|
||||
function explain($connection, $query) {
|
||||
|
|
|
|||
|
|
@ -198,13 +198,12 @@ if (isset($_GET["pgsql"])) {
|
|||
}
|
||||
|
||||
function table_status($name = "") {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SELECT relname AS \"Name\", CASE relkind WHEN 'r' THEN '' ELSE 'view' END AS \"Engine\", pg_relation_size(oid) AS \"Data_length\", pg_total_relation_size(oid) - pg_relation_size(oid) AS \"Index_length\", obj_description(oid, 'pg_class') AS \"Comment\"
|
||||
FROM pg_class
|
||||
WHERE relkind IN ('r','v')
|
||||
AND relnamespace = (SELECT oid FROM pg_namespace WHERE nspname = current_schema())"
|
||||
. ($name != "" ? " AND relname = " . $connection->quote($name) : "")
|
||||
. ($name != "" ? " AND relname = " . q($name) : "")
|
||||
) as $row) { //! Index_length, Auto_increment
|
||||
$return[$row["Name"]] = $row;
|
||||
}
|
||||
|
|
@ -220,14 +219,13 @@ AND relnamespace = (SELECT oid FROM pg_namespace WHERE nspname = current_schema(
|
|||
}
|
||||
|
||||
function fields($table, $hidden = false) {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SELECT a.attname AS field, format_type(a.atttypid, a.atttypmod) AS full_type, d.adsrc AS default, a.attnotnull, col_description(c.oid, a.attnum) AS comment
|
||||
FROM pg_class c
|
||||
JOIN pg_namespace n ON c.relnamespace = n.oid
|
||||
JOIN pg_attribute a ON c.oid = a.attrelid
|
||||
LEFT JOIN pg_attrdef d ON c.oid = d.adrelid AND a.attnum = d.adnum
|
||||
WHERE c.relname = " . $connection->quote($table) . "
|
||||
WHERE c.relname = " . q($table) . "
|
||||
AND n.nspname = current_schema()
|
||||
AND NOT a.attisdropped
|
||||
" . ($hidden ? "" : "AND a.attnum > 0") . "
|
||||
|
|
@ -251,7 +249,7 @@ ORDER BY a.attnum < 0, a.attnum"
|
|||
$connection2 = $connection;
|
||||
}
|
||||
$return = array();
|
||||
$table_oid = $connection2->result("SELECT oid FROM pg_class WHERE relname = " . $connection2->quote($table));
|
||||
$table_oid = $connection2->result("SELECT oid FROM pg_class WHERE relname = " . q($table));
|
||||
$columns = get_key_vals("SELECT attnum, attname FROM pg_attribute WHERE attrelid = $table_oid AND attnum > 0", $connection2);
|
||||
foreach (get_rows("SELECT relname, indisunique, indisprimary, indkey FROM pg_index i, pg_class ci WHERE i.indrelid = $table_oid AND ci.oid = i.indexrelid") as $row) {
|
||||
$return[$row["relname"]]["type"] = ($row["indisprimary"] == "t" ? "PRIMARY" : ($row["indisunique"] == "t" ? "UNIQUE" : "INDEX"));
|
||||
|
|
@ -265,14 +263,13 @@ ORDER BY a.attnum < 0, a.attnum"
|
|||
}
|
||||
|
||||
function foreign_keys($table) {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SELECT tc.constraint_name, kcu.column_name, rc.update_rule AS on_update, rc.delete_rule AS on_delete, ccu.table_name AS table, ccu.column_name AS ref
|
||||
FROM information_schema.table_constraints tc
|
||||
LEFT JOIN information_schema.key_column_usage kcu USING (constraint_catalog, constraint_schema, constraint_name)
|
||||
LEFT JOIN information_schema.referential_constraints rc USING (constraint_catalog, constraint_schema, constraint_name)
|
||||
LEFT JOIN information_schema.constraint_column_usage ccu ON rc.unique_constraint_catalog = ccu.constraint_catalog AND rc.unique_constraint_schema = ccu.constraint_schema AND rc.unique_constraint_name = ccu.constraint_name
|
||||
WHERE tc.constraint_type = 'FOREIGN KEY' AND tc.table_name = " . $connection->quote($table)) as $row) { //! there can be more unique_constraint_name
|
||||
WHERE tc.constraint_type = 'FOREIGN KEY' AND tc.table_name = " . q($table)) as $row) { //! there can be more unique_constraint_name
|
||||
$foreign_key = &$return[$row["constraint_name"]];
|
||||
if (!$foreign_key) {
|
||||
$foreign_key = $row;
|
||||
|
|
@ -285,7 +282,7 @@ WHERE tc.constraint_type = 'FOREIGN KEY' AND tc.table_name = " . $connection->qu
|
|||
|
||||
function view($name) {
|
||||
global $connection;
|
||||
return array("select" => $connection->result("SELECT pg_get_viewdef(" . $connection->quote($name) . ")"));
|
||||
return array("select" => $connection->result("SELECT pg_get_viewdef(" . q($name) . ")"));
|
||||
}
|
||||
|
||||
function collations() {
|
||||
|
|
@ -307,8 +304,7 @@ WHERE tc.constraint_type = 'FOREIGN KEY' AND tc.table_name = " . $connection->qu
|
|||
}
|
||||
|
||||
function exact_value($val) {
|
||||
global $connection;
|
||||
return $connection->quote($val);
|
||||
return q($val);
|
||||
}
|
||||
|
||||
function create_database($db, $collation) {
|
||||
|
|
@ -331,7 +327,6 @@ WHERE tc.constraint_type = 'FOREIGN KEY' AND tc.table_name = " . $connection->qu
|
|||
}
|
||||
|
||||
function alter_table($table, $name, $fields, $foreign, $comment, $engine, $collation, $auto_increment, $partitioning) {
|
||||
global $connection;
|
||||
$alter = array();
|
||||
$queries = array();
|
||||
foreach ($fields as $field) {
|
||||
|
|
@ -372,10 +367,10 @@ WHERE tc.constraint_type = 'FOREIGN KEY' AND tc.table_name = " . $connection->qu
|
|||
$queries[] = "ALTER TABLE " . table($table) . " RENAME TO " . table($name);
|
||||
}
|
||||
if ($table != "" || $comment != "") {
|
||||
$queries[] = "COMMENT ON TABLE " . table($name) . " IS " . $connection->quote($comment);
|
||||
$queries[] = "COMMENT ON TABLE " . table($name) . " IS " . q($comment);
|
||||
}
|
||||
if ($auto_increment != "") {
|
||||
//! $queries[] = "SELECT setval(pg_get_serial_sequence(" . $connection->quote($name) . ", ), $auto_increment)";
|
||||
//! $queries[] = "SELECT setval(pg_get_serial_sequence(" . q($name) . ", ), $auto_increment)";
|
||||
}
|
||||
foreach ($queries as $query) {
|
||||
if (!queries($query)) {
|
||||
|
|
@ -430,15 +425,13 @@ WHERE tc.constraint_type = 'FOREIGN KEY' AND tc.table_name = " . $connection->qu
|
|||
}
|
||||
|
||||
function trigger($name) {
|
||||
global $connection;
|
||||
$rows = get_rows('SELECT trigger_name AS "Trigger", condition_timing AS "Timing", event_manipulation AS "Event", \'FOR EACH \' || action_orientation AS "Type", action_statement AS "Statement" FROM information_schema.triggers WHERE event_object_table = ' . $connection->quote($_GET["trigger"]) . ' AND trigger_name = ' . $connection->quote($name));
|
||||
$rows = get_rows('SELECT trigger_name AS "Trigger", condition_timing AS "Timing", event_manipulation AS "Event", \'FOR EACH \' || action_orientation AS "Type", action_statement AS "Statement" FROM information_schema.triggers WHERE event_object_table = ' . q($_GET["trigger"]) . ' AND trigger_name = ' . q($name));
|
||||
return reset($rows);
|
||||
}
|
||||
|
||||
function triggers($table) {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SELECT * FROM information_schema.triggers WHERE event_object_table = " . $connection->quote($table)) as $row) {
|
||||
foreach (get_rows("SELECT * FROM information_schema.triggers WHERE event_object_table = " . q($table)) as $row) {
|
||||
$return[$row["trigger_name"]] = array($row["condition_timing"], $row["event_manipulation"]);
|
||||
}
|
||||
return $return;
|
||||
|
|
|
|||
|
|
@ -249,9 +249,8 @@ if (isset($_GET["sqlite"]) || isset($_GET["sqlite2"])) {
|
|||
}
|
||||
|
||||
function table_status($name = "") {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SELECT name AS Name, type AS Engine FROM sqlite_master WHERE type IN ('table', 'view')" . ($name != "" ? " AND name = " . $connection->quote($name) : "")) as $row) {
|
||||
foreach (get_rows("SELECT name AS Name, type AS Engine FROM sqlite_master WHERE type IN ('table', 'view')" . ($name != "" ? " AND name = " . q($name) : "")) as $row) {
|
||||
$row["Auto_increment"] = "";
|
||||
$return[$row["Name"]] = $row;
|
||||
}
|
||||
|
|
@ -326,7 +325,7 @@ if (isset($_GET["sqlite"]) || isset($_GET["sqlite2"])) {
|
|||
|
||||
function view($name) {
|
||||
global $connection;
|
||||
return array("select" => preg_replace('~^(?:[^`"[]+|`[^`]*`|"[^"]*")* AS\\s+~iU', '', $connection->result("SELECT sql FROM sqlite_master WHERE name = " . $connection->quote($name)))); //! identifiers may be inside []
|
||||
return array("select" => preg_replace('~^(?:[^`"[]+|`[^`]*`|"[^"]*")* AS\\s+~iU', '', $connection->result("SELECT sql FROM sqlite_master WHERE name = " . q($name)))); //! identifiers may be inside []
|
||||
}
|
||||
|
||||
function collations() {
|
||||
|
|
@ -343,8 +342,7 @@ if (isset($_GET["sqlite"]) || isset($_GET["sqlite2"])) {
|
|||
}
|
||||
|
||||
function exact_value($val) {
|
||||
global $connection;
|
||||
return $connection->quote($val);
|
||||
return q($val);
|
||||
}
|
||||
|
||||
function create_database($db, $collation) {
|
||||
|
|
@ -384,7 +382,6 @@ if (isset($_GET["sqlite"]) || isset($_GET["sqlite2"])) {
|
|||
}
|
||||
|
||||
function alter_table($table, $name, $fields, $foreign, $comment, $engine, $collation, $auto_increment, $partitioning) {
|
||||
global $connection;
|
||||
$alter = array();
|
||||
foreach ($fields as $field) {
|
||||
if ($field[1]) {
|
||||
|
|
@ -405,7 +402,7 @@ if (isset($_GET["sqlite"]) || isset($_GET["sqlite2"])) {
|
|||
return false;
|
||||
}
|
||||
if ($auto_increment) {
|
||||
queries("UPDATE sqlite_sequence SET seq = $auto_increment WHERE name = " . $connection->quote($name)); // ignores error
|
||||
queries("UPDATE sqlite_sequence SET seq = $auto_increment WHERE name = " . q($name)); // ignores error
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
|
@ -437,14 +434,13 @@ if (isset($_GET["sqlite"]) || isset($_GET["sqlite2"])) {
|
|||
|
||||
function trigger($name) {
|
||||
global $connection;
|
||||
preg_match('~^CREATE\\s+TRIGGER\\s*(?:[^`"\\s]+|`[^`]*`|"[^"]*")+\\s*([a-z]+)\\s+([a-z]+)\\s+ON\\s*(?:[^`"\\s]+|`[^`]*`|"[^"]*")+\\s*(?:FOR\\s*EACH\\s*ROW\\s)?(.*)~is', $connection->result("SELECT sql FROM sqlite_master WHERE name = " . $connection->quote($name)), $match);
|
||||
preg_match('~^CREATE\\s+TRIGGER\\s*(?:[^`"\\s]+|`[^`]*`|"[^"]*")+\\s*([a-z]+)\\s+([a-z]+)\\s+ON\\s*(?:[^`"\\s]+|`[^`]*`|"[^"]*")+\\s*(?:FOR\\s*EACH\\s*ROW\\s)?(.*)~is', $connection->result("SELECT sql FROM sqlite_master WHERE name = " . q($name)), $match);
|
||||
return array("Timing" => strtoupper($match[1]), "Event" => strtoupper($match[2]), "Trigger" => $name, "Statement" => $match[3]);
|
||||
}
|
||||
|
||||
function triggers($table) {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SELECT * FROM sqlite_master WHERE type = 'trigger' AND tbl_name = " . $connection->quote($table)) as $row) {
|
||||
foreach (get_rows("SELECT * FROM sqlite_master WHERE type = 'trigger' AND tbl_name = " . q($table)) as $row) {
|
||||
preg_match('~^CREATE\\s+TRIGGER\\s*(?:[^`"\\s]+|`[^`]*`|"[^"]*")+\\s*([a-z]+)\\s*([a-z]+)~i', $row["sql"], $match);
|
||||
$return[$row["name"]] = array($match[1], $match[2]);
|
||||
}
|
||||
|
|
@ -505,7 +501,7 @@ if (isset($_GET["sqlite"]) || isset($_GET["sqlite2"])) {
|
|||
|
||||
function create_sql($table, $auto_increment) {
|
||||
global $connection;
|
||||
return $connection->result("SELECT sql FROM sqlite_master WHERE type = 'table' AND name = " . $connection->quote($table));
|
||||
return $connection->result("SELECT sql FROM sqlite_master WHERE type = 'table' AND name = " . q($table));
|
||||
}
|
||||
|
||||
function truncate_sql($table) {
|
||||
|
|
@ -516,8 +512,7 @@ if (isset($_GET["sqlite"]) || isset($_GET["sqlite2"])) {
|
|||
}
|
||||
|
||||
function trigger_sql($table, $style) {
|
||||
global $connection;
|
||||
return implode(get_vals("SELECT sql || ';;\n' FROM sqlite_master WHERE type = 'trigger' AND name = " . $connection->quote($table)));
|
||||
return implode(get_vals("SELECT sql || ';;\n' FROM sqlite_master WHERE type = 'trigger' AND name = " . q($table)));
|
||||
}
|
||||
|
||||
function show_variables() {
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ if ($_POST) {
|
|||
|
||||
" . ($jush != "sql" ? "" : "SET NAMES utf8;
|
||||
SET foreign_key_checks = 0;
|
||||
SET time_zone = " . $connection->quote($connection->result("SELECT @@time_zone")) . ";
|
||||
SET time_zone = " . q($connection->result("SELECT @@time_zone")) . ";
|
||||
SET sql_mode = 'NO_AUTO_VALUE_ON_ZERO';
|
||||
|
||||
");
|
||||
|
|
@ -45,7 +45,7 @@ SET sql_mode = 'NO_AUTO_VALUE_ON_ZERO';
|
|||
$out = "";
|
||||
if ($_POST["routines"]) {
|
||||
foreach (array("FUNCTION", "PROCEDURE") as $routine) {
|
||||
$result = $connection->query("SHOW $routine STATUS WHERE Db = " . $connection->quote($db));
|
||||
$result = $connection->query("SHOW $routine STATUS WHERE Db = " . q($db));
|
||||
if ($result) {
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$out .= ($style != 'DROP+CREATE' ? "DROP $routine IF EXISTS " . idf_escape($row["Name"]) . ";;\n" : "")
|
||||
|
|
@ -126,9 +126,9 @@ CREATE PROCEDURE adminer_alter (INOUT alter_command text) BEGIN
|
|||
IF NOT done THEN
|
||||
CASE _table_name";
|
||||
foreach (get_rows($query) as $row) {
|
||||
$comment = $connection->quote($row["ENGINE"] == "InnoDB" ? preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["TABLE_COMMENT"]) : $row["TABLE_COMMENT"]);
|
||||
$comment = q($row["ENGINE"] == "InnoDB" ? preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["TABLE_COMMENT"]) : $row["TABLE_COMMENT"]);
|
||||
echo "
|
||||
WHEN " . $connection->quote($row["TABLE_NAME"]) . " THEN
|
||||
WHEN " . q($row["TABLE_NAME"]) . " THEN
|
||||
" . (isset($row["ENGINE"]) ? "IF _engine != '$row[ENGINE]' OR _table_collation != '$row[TABLE_COLLATION]' OR _table_comment != $comment THEN
|
||||
ALTER TABLE " . idf_escape($row["TABLE_NAME"]) . " ENGINE=$row[ENGINE] COLLATE=$row[TABLE_COLLATION] COMMENT=$comment;
|
||||
END IF" : "BEGIN END") . ";";
|
||||
|
|
|
|||
|
|
@ -8,17 +8,17 @@ if ($_POST && !$error) {
|
|||
query_redirect("DROP EVENT " . idf_escape($EVENT), substr(ME, 0, -1), lang('Event has been dropped.'));
|
||||
} elseif (in_array($_POST["INTERVAL_FIELD"], $intervals) && isset($statuses[$_POST["STATUS"]])) {
|
||||
$schedule = "\nON SCHEDULE " . ($_POST["INTERVAL_VALUE"]
|
||||
? "EVERY " . $connection->quote($_POST["INTERVAL_VALUE"]) . " $_POST[INTERVAL_FIELD]"
|
||||
. ($_POST["STARTS"] ? " STARTS " . $connection->quote($_POST["STARTS"]) : "")
|
||||
. ($_POST["ENDS"] ? " ENDS " . $connection->quote($_POST["ENDS"]) : "") //! ALTER EVENT doesn't drop ENDS - MySQL bug #39173
|
||||
: "AT " . $connection->quote($_POST["STARTS"])
|
||||
? "EVERY " . q($_POST["INTERVAL_VALUE"]) . " $_POST[INTERVAL_FIELD]"
|
||||
. ($_POST["STARTS"] ? " STARTS " . q($_POST["STARTS"]) : "")
|
||||
. ($_POST["ENDS"] ? " ENDS " . q($_POST["ENDS"]) : "") //! ALTER EVENT doesn't drop ENDS - MySQL bug #39173
|
||||
: "AT " . q($_POST["STARTS"])
|
||||
) . " ON COMPLETION" . ($_POST["ON_COMPLETION"] ? "" : " NOT") . " PRESERVE"
|
||||
;
|
||||
query_redirect(($EVENT != ""
|
||||
? "ALTER EVENT " . idf_escape($EVENT) . $schedule
|
||||
. ($EVENT != $_POST["EVENT_NAME"] ? "\nRENAME TO " . idf_escape($_POST["EVENT_NAME"]) : "")
|
||||
: "CREATE EVENT " . idf_escape($_POST["EVENT_NAME"]) . $schedule
|
||||
) . "\n" . $statuses[$_POST["STATUS"]] . " COMMENT " . $connection->quote($_POST["EVENT_COMMENT"])
|
||||
) . "\n" . $statuses[$_POST["STATUS"]] . " COMMENT " . q($_POST["EVENT_COMMENT"])
|
||||
. " DO\n$_POST[EVENT_DEFINITION]"
|
||||
, substr(ME, 0, -1), ($EVENT != "" ? lang('Event has been altered.') : lang('Event has been created.')));
|
||||
}
|
||||
|
|
@ -30,7 +30,7 @@ $row = array();
|
|||
if ($_POST) {
|
||||
$row = $_POST;
|
||||
} elseif ($EVENT != "") {
|
||||
$rows = get_rows("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = " . $connection->quote(DB) . " AND EVENT_NAME = " . $connection->quote($EVENT));
|
||||
$rows = get_rows("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = " . q(DB) . " AND EVENT_NAME = " . q($EVENT));
|
||||
$row = reset($rows);
|
||||
}
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -304,11 +304,11 @@ document.getElementById('username').focus();
|
|||
* @return array expressions to join by AND
|
||||
*/
|
||||
function selectSearchProcess($fields, $indexes) {
|
||||
global $connection, $jush;
|
||||
global $jush;
|
||||
$return = array();
|
||||
foreach ($indexes as $i => $index) {
|
||||
if ($index["type"] == "FULLTEXT" && $_GET["fulltext"][$i] != "") {
|
||||
$return[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST (" . $connection->quote($_GET["fulltext"][$i]) . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
|
||||
$return[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST (" . q($_GET["fulltext"][$i]) . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
|
||||
}
|
||||
}
|
||||
foreach ((array) $_GET["where"] as $val) {
|
||||
|
|
@ -436,9 +436,8 @@ document.getElementById('username').focus();
|
|||
* @return string expression to use in a query
|
||||
*/
|
||||
function processInput($field, $value, $function = "") {
|
||||
global $connection;
|
||||
$name = $field["field"];
|
||||
$return = $connection->quote($value);
|
||||
$return = q($value);
|
||||
if (ereg('^(now|getdate|uuid)$', $function)) {
|
||||
$return = "$function()";
|
||||
} elseif (ereg('^current_(date|timestamp)$', $function)) {
|
||||
|
|
|
|||
|
|
@ -139,11 +139,11 @@ function process_length($length) {
|
|||
* @return string
|
||||
*/
|
||||
function process_type($field, $collate = "COLLATE") {
|
||||
global $connection, $unsigned;
|
||||
global $unsigned;
|
||||
return " $field[type]"
|
||||
. ($field["length"] != "" ? "(" . process_length($field["length"]) . ")" : "")
|
||||
. (ereg('int|float|double|decimal', $field["type"]) && in_array($field["unsigned"], $unsigned) ? " $field[unsigned]" : "")
|
||||
. (ereg('char|text|enum|set', $field["type"]) && $field["collation"] ? " $collate " . $connection->quote($field["collation"]) : "")
|
||||
. (ereg('char|text|enum|set', $field["type"]) && $field["collation"] ? " $collate " . q($field["collation"]) : "")
|
||||
;
|
||||
}
|
||||
|
||||
|
|
@ -153,14 +153,13 @@ function process_type($field, $collate = "COLLATE") {
|
|||
* @return array array("field", "type", "NULL", "DEFAULT", "ON UPDATE", "COMMENT", "AUTO_INCREMENT")
|
||||
*/
|
||||
function process_field($field, $type_field) {
|
||||
global $connection;
|
||||
return array(
|
||||
idf_escape($field["field"]),
|
||||
process_type($type_field),
|
||||
($field["null"] ? " NULL" : " NOT NULL"), // NULL for timestamp
|
||||
(isset($field["default"]) ? " DEFAULT " . ($field["type"] == "timestamp" && eregi("^CURRENT_TIMESTAMP$", $field["default"]) ? $field["default"] : $connection->quote($field["default"])) : ""),
|
||||
(isset($field["default"]) ? " DEFAULT " . ($field["type"] == "timestamp" && eregi("^CURRENT_TIMESTAMP$", $field["default"]) ? $field["default"] : q($field["default"])) : ""),
|
||||
($field["on_update"] ? " ON UPDATE $field[on_update]" : ""),
|
||||
(support("comment") && $field["comment"] != "" ? " COMMENT " . $connection->quote($field["comment"]) : ""),
|
||||
(support("comment") && $field["comment"] != "" ? " COMMENT " . q($field["comment"]) : ""),
|
||||
($field["auto_increment"] ? auto_increment() : null),
|
||||
);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@ function tar_file($filename, $contents) {
|
|||
}
|
||||
|
||||
function dump_table($table, $style, $is_view = false) {
|
||||
global $connection;
|
||||
if ($_POST["format"] != "sql") {
|
||||
echo "\xef\xbb\xbf"; // UTF-8 byte order mark
|
||||
if ($style) {
|
||||
|
|
@ -30,7 +29,7 @@ function dump_table($table, $style, $is_view = false) {
|
|||
}
|
||||
if ($style == "CREATE+ALTER" && !$is_view) {
|
||||
// create procedure which iterates over original columns and adds new and removes old
|
||||
$query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = " . $connection->quote($table) . " ORDER BY ORDINAL_POSITION";
|
||||
$query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = " . q($table) . " ORDER BY ORDINAL_POSITION";
|
||||
echo "DELIMITER ;;
|
||||
CREATE PROCEDURE adminer_alter (INOUT alter_command text) BEGIN
|
||||
DECLARE _column_name, _collation_name, after varchar(64) DEFAULT '';
|
||||
|
|
@ -44,15 +43,15 @@ CREATE PROCEDURE adminer_alter (INOUT alter_command text) BEGIN
|
|||
$after = "";
|
||||
foreach (get_rows($query) as $row) {
|
||||
$default = $row["COLUMN_DEFAULT"];
|
||||
$row["default"] = (isset($default) ? $connection->quote($default) : "NULL");
|
||||
$row["after"] = $connection->quote($after); //! rgt AFTER lft, lft AFTER id doesn't work
|
||||
$row["default"] = (isset($default) ? q($default) : "NULL");
|
||||
$row["after"] = q($after); //! rgt AFTER lft, lft AFTER id doesn't work
|
||||
$row["alter"] = escape_string(idf_escape($row["COLUMN_NAME"])
|
||||
. " $row[COLUMN_TYPE]"
|
||||
. ($row["COLLATION_NAME"] ? " COLLATE $row[COLLATION_NAME]" : "")
|
||||
. (isset($default) ? " DEFAULT " . ($default == "CURRENT_TIMESTAMP" ? $default : $row["default"]) : "")
|
||||
. ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL")
|
||||
. ($row["EXTRA"] ? " $row[EXTRA]" : "")
|
||||
. ($row["COLUMN_COMMENT"] ? " COMMENT " . $connection->quote($row["COLUMN_COMMENT"]) : "")
|
||||
. ($row["COLUMN_COMMENT"] ? " COMMENT " . q($row["COLUMN_COMMENT"]) : "")
|
||||
. ($after ? " AFTER " . idf_escape($after) : " FIRST")
|
||||
);
|
||||
echo ", ADD $row[alter]";
|
||||
|
|
@ -71,9 +70,9 @@ CREATE PROCEDURE adminer_alter (INOUT alter_command text) BEGIN
|
|||
CASE _column_name";
|
||||
foreach ($fields as $row) {
|
||||
echo "
|
||||
WHEN " . $connection->quote($row["COLUMN_NAME"]) . " THEN
|
||||
WHEN " . q($row["COLUMN_NAME"]) . " THEN
|
||||
SET add_columns = REPLACE(add_columns, ', ADD $row[alter]', '');
|
||||
IF NOT (_column_default <=> $row[default]) OR _is_nullable != '$row[IS_NULLABLE]' OR _collation_name != '$row[COLLATION_NAME]' OR _column_type != " . $connection->quote($row["COLUMN_TYPE"]) . " OR _extra != '$row[EXTRA]' OR _column_comment != " . $connection->quote($row["COLUMN_COMMENT"]) . " OR after != $row[after] THEN
|
||||
IF NOT (_column_default <=> $row[default]) OR _is_nullable != '$row[IS_NULLABLE]' OR _collation_name != '$row[COLLATION_NAME]' OR _column_type != " . q($row["COLUMN_TYPE"]) . " OR _extra != '$row[EXTRA]' OR _column_comment != " . q($row["COLUMN_COMMENT"]) . " OR after != $row[after] THEN
|
||||
SET @alter_table = CONCAT(@alter_table, ', MODIFY $row[alter]');
|
||||
END IF;"; //! don't replace in comment
|
||||
}
|
||||
|
|
@ -122,7 +121,7 @@ function dump_data($table, $style, $select = "") {
|
|||
$insert = "INSERT INTO " . table($table) . " (" . implode(", ", array_map('idf_escape', array_keys($row))) . ") VALUES";
|
||||
}
|
||||
foreach ($row as $key => $val) {
|
||||
$row[$key] = (isset($val) ? (ereg('int|float|double|decimal', $fields[$key]["type"]) ? $val : $connection->quote($val)) : "NULL"); //! columns looking like functions
|
||||
$row[$key] = (isset($val) ? (ereg('int|float|double|decimal', $fields[$key]["type"]) ? $val : q($val)) : "NULL"); //! columns looking like functions
|
||||
}
|
||||
$s = implode(",\t", $row);
|
||||
if ($style == "INSERT+UPDATE") {
|
||||
|
|
|
|||
|
|
@ -22,8 +22,7 @@ function idf_unescape($idf) {
|
|||
* @return string
|
||||
*/
|
||||
function escape_string($val) {
|
||||
global $connection;
|
||||
return substr($connection->quote($val), 1, -1);
|
||||
return substr(q($val), 1, -1);
|
||||
}
|
||||
|
||||
/** Disable magic_quotes_gpc
|
||||
|
|
@ -149,6 +148,11 @@ function ini_bool($ini) {
|
|||
return (eregi('^(on|true|yes)$', $val) || (int) $val); // boolean values set by php_value are strings
|
||||
}
|
||||
|
||||
function q($string) {
|
||||
global $connection;
|
||||
return $connection->quote($string);
|
||||
}
|
||||
|
||||
/** Get list of values from database
|
||||
* @param string
|
||||
* @param mixed
|
||||
|
|
@ -609,7 +613,7 @@ function input($field, $value, $function) {
|
|||
* @return string
|
||||
*/
|
||||
function process_input($field) {
|
||||
global $connection, $adminer;
|
||||
global $adminer;
|
||||
$idf = bracket_escape($field["field"]);
|
||||
$function = $_POST["function"][$idf];
|
||||
$value = $_POST["fields"][$idf];
|
||||
|
|
@ -639,7 +643,7 @@ function process_input($field) {
|
|||
if (!is_string($file)) {
|
||||
return false; //! report errors
|
||||
}
|
||||
return $connection->quote($file);
|
||||
return q($file);
|
||||
}
|
||||
return $adminer->processInput($field, $value, $function);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -153,7 +153,7 @@ if ($_POST && !$error) {
|
|||
} else {
|
||||
$set = array();
|
||||
foreach ($matches2[1] as $i => $col) {
|
||||
$set[idf_escape($cols[$i])] = ($col == "" && $fields[$cols[$i]]["null"] ? "NULL" : $connection->quote(str_replace('""', '"', preg_replace('~^"|"$~', '', $col))));
|
||||
$set[idf_escape($cols[$i])] = ($col == "" && $fields[$cols[$i]]["null"] ? "NULL" : q(str_replace('""', '"', preg_replace('~^"|"$~', '', $col))));
|
||||
}
|
||||
$result = insert_update($TABLE, $set, $primary);
|
||||
if (!$result) {
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ if ($_POST) {
|
|||
}
|
||||
$grants = array();
|
||||
$old_pass = "";
|
||||
if (isset($_GET["host"]) && ($result = $connection->query("SHOW GRANTS FOR " . $connection->quote($USER) . "@" . $connection->quote($_GET["host"])))) { //! use information_schema for MySQL 5 - column names in column privileges are not escaped
|
||||
if (isset($_GET["host"]) && ($result = $connection->query("SHOW GRANTS FOR " . q($USER) . "@" . q($_GET["host"])))) { //! use information_schema for MySQL 5 - column names in column privileges are not escaped
|
||||
while ($row = $result->fetch_row()) {
|
||||
if (preg_match('~GRANT (.*) ON (.*) TO ~', $row[0], $match) && preg_match_all('~ *([^(,]*[^ ,(])( *\\([^)]+\\))?~', $match[1], $matches, PREG_SET_ORDER)) { //! escape the part between ON and TO
|
||||
foreach ($matches as $val) {
|
||||
|
|
@ -45,9 +45,9 @@ if (isset($_GET["host"]) && ($result = $connection->query("SHOW GRANTS FOR " . $
|
|||
}
|
||||
|
||||
if ($_POST && !$error) {
|
||||
$old_user = (isset($_GET["host"]) ? $connection->quote($USER) . "@" . $connection->quote($_GET["host"]) : "''");
|
||||
$new_user = $connection->quote($_POST["user"]) . "@" . $connection->quote($_POST["host"]); // if $_GET["host"] is not set then $new_user is always different
|
||||
$pass = $connection->quote($_POST["pass"]);
|
||||
$old_user = (isset($_GET["host"]) ? q($USER) . "@" . q($_GET["host"]) : "''");
|
||||
$new_user = q($_POST["user"]) . "@" . q($_POST["host"]); // if $_GET["host"] is not set then $new_user is always different
|
||||
$pass = q($_POST["pass"]);
|
||||
if ($_POST["drop"]) {
|
||||
query_redirect("DROP USER $old_user", ME . "privileges=", lang('User has been dropped.'));
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -61,13 +61,12 @@ document.getElementById('username').focus();
|
|||
}
|
||||
|
||||
function backwardKeys($table, $tableName) {
|
||||
global $connection;
|
||||
$return = array();
|
||||
foreach (get_rows("SELECT TABLE_NAME, CONSTRAINT_NAME, COLUMN_NAME, REFERENCED_COLUMN_NAME
|
||||
FROM information_schema.KEY_COLUMN_USAGE
|
||||
WHERE TABLE_SCHEMA = " . $connection->quote($this->database()) . "
|
||||
AND REFERENCED_TABLE_SCHEMA = " . $connection->quote($this->database()) . "
|
||||
AND REFERENCED_TABLE_NAME = " . $connection->quote($table) . "
|
||||
WHERE TABLE_SCHEMA = " . q($this->database()) . "
|
||||
AND REFERENCED_TABLE_SCHEMA = " . q($this->database()) . "
|
||||
AND REFERENCED_TABLE_NAME = " . q($table) . "
|
||||
ORDER BY ORDINAL_POSITION") as $row) { //! requires MySQL 5
|
||||
$return[$row["TABLE_NAME"]]["keys"][$row["CONSTRAINT_NAME"]][$row["COLUMN_NAME"]] = $row["REFERENCED_COLUMN_NAME"];
|
||||
}
|
||||
|
|
@ -404,7 +403,6 @@ ORDER BY ORDINAL_POSITION") as $row) { //! requires MySQL 5
|
|||
}
|
||||
|
||||
function processInput($field, $value, $function = "") {
|
||||
global $connection;
|
||||
if ($function == "now") {
|
||||
return "$function()";
|
||||
}
|
||||
|
|
@ -412,7 +410,7 @@ ORDER BY ORDINAL_POSITION") as $row) { //! requires MySQL 5
|
|||
if (ereg('date|timestamp', $field["type"]) && preg_match('(^' . str_replace('\\$1', '(?P<p1>[0-9]*)', preg_replace('~(\\\\\\$([2-6]))~', '(?P<p\\2>[0-9]{1,2})', preg_quote(lang('$1-$3-$5')))) . '(.*))', $value, $match)) {
|
||||
$return = ($match["p1"] != "" ? $match["p1"] : ($match["p2"] != "" ? ($match["p2"] < 70 ? 20 : 19) . $match["p2"] : gmdate("Y"))) . "-$match[p3]$match[p4]-$match[p5]$match[p6]" . end($match);
|
||||
}
|
||||
$return = $connection->quote($return);
|
||||
$return = q($return);
|
||||
if (!ereg('varchar|text', $field["type"]) && $field["full_type"] != "tinyint(1)" && $value == "") {
|
||||
$return = "NULL";
|
||||
} elseif (ereg('^(md5|sha1)$', $function)) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue