", "<=", ">=", "!=", "LIKE", "REGEXP", "IN", "IS NULL", "NOT LIKE", "NOT REGEXP", "NOT IN", "IS NOT NULL"); if (eregi('^(MyISAM|Maria)$', $table_status["Engine"])) { $operators[] = "AGAINST"; } $fields = fields($_GET["select"]); $rights = array(); $columns = array(); unset($text_length); foreach ($fields as $key => $field) { if (isset($field["privileges"]["select"])) { $columns[] = $key; if (preg_match('~text|blob~', $field["type"])) { $text_length = (isset($_GET["text_length"]) ? $_GET["text_length"] : "100"); } } $rights += $field["privileges"]; } $select = array(); $group = array(); foreach ((array) $_GET["columns"] as $key => $val) { if ($val["fun"] == "count" || (in_array($val["col"], $columns, true) && (!$val["fun"] || in_array($val["fun"], $functions) || in_array($val["fun"], $grouping)))) { $select[$key] = (in_array($val["col"], $columns, true) ? (!$val["fun"] ? idf_escape($val["col"]) : ($val["fun"] == "distinct" ? "COUNT(DISTINCT " : strtoupper("$val[fun](")) . idf_escape($val["col"]) . ")") : "COUNT(*)"); if (!in_array($val["fun"], $grouping)) { $group[] = $select[$key]; } } } $where = array(); foreach ($indexes as $i => $index) { if ($index["type"] == "FULLTEXT" && strlen($_GET["fulltext"][$i])) { $where[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST ('" . $dbh->escape_string($_GET["fulltext"][$i]) . "'" . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")"; } } foreach ((array) $_GET["where"] as $val) { if (strlen("$val[col]$val[val]") && in_array($val["op"], $operators)) { if ($val["op"] == "AGAINST") { $where[] = "MATCH (" . idf_escape($val["col"]) . ") AGAINST ('" . $dbh->escape_string($val["val"]) . "' IN BOOLEAN MODE)"; } elseif (ereg('IN$', $val["op"]) && !strlen($in = process_length($val["val"]))) { $where[] = "0"; } else { $cond = " $val[op]" . (ereg('NULL$', $val["op"]) ? "" : (ereg('IN$', $val["op"]) ? " ($in)" : " '" . $dbh->escape_string($val["val"]) . "'")); //! this searches in numeric values too if (strlen($val["col"])) { $where[] = idf_escape($val["col"]) . $cond; } else { $cols = array(); foreach ($fields as $name => $field) { if (is_numeric($val["val"]) || !ereg('int|float|double|decimal', $field["type"])) { $cols[] = $name; } } $where[] = ($cols ? "(" . implode("$cond OR ", array_map('idf_escape', $cols)) . "$cond)" : "0"); } } } } $order = array(); foreach ((array) $_GET["order"] as $key => $val) { if (in_array($val, $columns, true) || preg_match('(^(COUNT\\(\\*\\)|(' . strtoupper(implode('|', $functions) . '|' . implode('|', $grouping)) . ')\\((' . implode('|', array_map('preg_quote', array_map('idf_escape', $columns))) . ')\\))$)', $val)) { $order[] = idf_escape($val) . (isset($_GET["desc"][$key]) ? " DESC" : ""); } } $limit = (isset($_GET["limit"]) ? $_GET["limit"] : "30"); $from = "FROM " . idf_escape($_GET["select"]) . ($where ? " WHERE " . implode(" AND ", $where) : "") . ($group && count($group) < count($select) ? " GROUP BY " . implode(", ", $group) : "") . ($order ? " ORDER BY " . implode(", ", $order) : "") . (strlen($limit) ? " LIMIT " . intval($limit) . (intval($_GET["page"]) ? " OFFSET " . ($limit * $_GET["page"]) : "") : ""); if ($_POST && !$error) { if ($_POST["export"]) { dump_headers($_GET["select"]); dump_table($_GET["select"], ""); if (is_array($_POST["check"])) { foreach ($_POST["check"] as $val) { parse_str($val, $check); dump_data($_GET["select"], "INSERT", "FROM " . idf_escape($_GET["select"]) . " WHERE " . implode(" AND ", where($check)) . " LIMIT 1"); } } else { dump_data($_GET["select"], "INSERT", ($where ? "FROM " . idf_escape($_GET["select"]) . " WHERE " . implode(" AND ", $where) : "")); } exit; } if (!$_POST["import"]) { // edit $result = true; $affected = 0; $command = ($_POST["delete"] ? ($_POST["all"] && !$where ? "TRUNCATE " : "DELETE FROM ") : ($_POST["clone"] ? "INSERT INTO " : "UPDATE ")) . idf_escape($_GET["select"]); if (!$_POST["delete"]) { $set = array(); foreach ($fields as $name => $field) { $val = process_input($name, $field); if ($_POST["clone"]) { $set[] = ($val !== false ? $val : idf_escape($name)); } elseif ($val !== false) { $set[] = idf_escape($name) . " = $val"; } } $command .= ($_POST["clone"] ? " SELECT " . implode(", ", $set) . " FROM " . idf_escape($_GET["select"]) : " SET " . implode(", ", $set)); } if (!$_POST["delete"] && !$set) { // nothing } elseif ($_POST["all"]) { $result = queries($command . ($where ? " WHERE " . implode(" AND ", $where) : "")); $affected = $dbh->affected_rows; } else { foreach ((array) $_POST["check"] as $val) { parse_str($val, $check); $result = queries($command . " WHERE " . implode(" AND ", where($check)) . " LIMIT 1"); if (!$result) { break; } $affected += $dbh->affected_rows; } } query_redirect(queries(), remove_from_uri("page"), lang('%d item(s) have been affected.', $affected), $result, false, !$result); //! display edit page in case of an error } elseif (is_string($file = get_file("csv_file"))) { $file = preg_replace("~^\xEF\xBB\xBF~", '', $file); //! character set $cols = ""; $rows = array(); //! packet size preg_match_all('~("[^"]*"|[^"\\n]+)+~', $file, $matches); foreach ($matches[0] as $key => $val) { $row = array(); preg_match_all('~(("[^"]*")+|[^,]*),~', "$val,", $matches2); if (!$key && !array_diff($matches2[1], array_keys($fields))) { //! doesn't work with column names containing ",\n $cols = " (" . implode(", ", array_map('idf_escape', $matches2[1])) . ")"; } else { foreach ($matches2[1] as $col) { $row[] = (!strlen($col) ? "NULL" : "'" . $dbh->escape_string(str_replace('""', '"', preg_replace('~^".*"$~s', '', $col))) . "'"); } $rows[] = "(" . implode(", ", $row) . ")"; } } $result = queries("INSERT INTO " . idf_escape($_GET["select"]) . "$cols VALUES " . implode(", ", $rows)); query_redirect(queries(), remove_from_uri("page"), lang('%d row(s) has been imported.', $dbh->affected_rows), $result, false, !$result); } else { $error = lang('Unable to upload a file.'); } } page_header(lang('Select') . ": " . htmlspecialchars($_GET["select"]), $error); echo "

"; if (isset($rights["insert"])) { //! pass search values forth and back echo '' . lang('New item') . ' '; } echo '' . lang('Table structure') . ''; echo "

\n"; if (!$columns) { echo "

" . lang('Unable to select the table') . ($fields ? "" : ": " . htmlspecialchars($dbh->error)) . ".

\n"; } else { echo "
\n"; echo "
" . lang('Select') . "\n"; if (strlen($_GET["server"])) { echo ''; } echo ''; echo ''; echo "\n"; $i = 0; $fun_group = array(lang('Functions') => $functions, lang('Aggregation') => $grouping); foreach ($select as $key => $val) { $val = $_GET["columns"][$key]; echo "
"; echo "
\n"; $i++; } echo "
"; echo "
\n"; echo "
\n"; echo "
" . lang('Search') . "\n"; foreach ($indexes as $i => $index) { if ($index["type"] == "FULLTEXT") { echo "(" . implode(", ", array_map('htmlspecialchars', $index["columns"])) . ") AGAINST"; echo ' '; echo ""; echo "
\n"; } } $i = 0; foreach ((array) $_GET["where"] as $val) { if (strlen("$val[col]$val[val]") && in_array($val["op"], $operators)) { echo "
"; echo ""; echo "
\n"; $i++; } } echo "
"; echo ""; echo "
\n"; echo "
\n"; echo "
" . lang('Limit') . "
"; echo hidden_fields(array("order" => (array) $_GET["order"], "desc" => (array) $_GET["desc"])); echo "
\n"; if (isset($text_length)) { echo "
" . lang('Text length') . "
\n"; } echo "
" . lang('Action') . "
\n"; echo "
\n"; $query = "SELECT " . ($select ? (count($group) < count($select) ? "SQL_CALC_FOUND_ROWS " : "") . implode(", ", $select) : "*") . " $from"; echo "

" . htmlspecialchars($query) . " " . lang('Edit') . "

\n"; $result = $dbh->query($query); if (!$result) { echo "

" . htmlspecialchars($dbh->error) . "

\n"; } else { echo "
\n"; if (!$result->num_rows) { echo "

" . lang('No rows.') . "

\n"; } else { $foreign_keys = array(); foreach (foreign_keys($_GET["select"]) as $foreign_key) { foreach ($foreign_key["source"] as $val) { $foreign_keys[$val][] = $foreign_key; } } echo "\n"; for ($j=0; $row = $result->fetch_assoc(); $j++) { if (!$j) { echo ''; foreach ($row as $key => $val) { $pos = array_search($key, (array) $_GET["order"]); $uri = remove_from_uri($pos !== false ? "(order|desc)%5B$pos%5D" : ""); $pos2 = 0; if ($_GET["order"]) { $pos2 = max(array_keys($_GET["order"])); $pos2 += ($pos2 !== $pos ? 1 : 0); } echo ''; } echo "\n"; } $unique_idf = implode('&', unique_idf($row, $indexes)); echo '' : ''); foreach ($row as $key => $val) { if (!isset($val)) { $val = "NULL"; } elseif (preg_match('~blob|binary~', $fields[$key]["type"]) && preg_match('~[\\0-\\x8\\xb\\xc\\xe-\\x1F\\x80-\\xFF]~', $val)) { $val = '' . lang('%d byte(s)', strlen($val)) . ''; } else { if (intval($text_length) > 0 && preg_match('~blob|text~', $fields[$key]["type"])) { $val = shorten_utf8($val, intval($text_length)); } else { $val = nl2br(htmlspecialchars($val)); if ($fields[$key]["type"] == "char") { $val = "$val"; } } foreach ((array) $foreign_keys[$key] as $foreign_key) { if (count($foreign_keys[$key]) == 1 || count($foreign_key["source"]) == 1) { $val = "\">$val"; foreach ($foreign_key["source"] as $i => $source) { $val = "&where%5B$i%5D%5Bcol%5D=" . urlencode($foreign_key["target"][$i]) . "&where%5B$i%5D%5Bop%5D=%3D&where%5B$i%5D%5Bval%5D=" . urlencode($row[$source]) . $val; } $val = ' 3) { echo " ..."; } for ($i = max(1, $_GET["page"] - 2); $i < min($max_page, $_GET["page"] + 3); $i++) { print_page($i); } if ($_GET["page"] + 3 < $max_page) { echo " ..."; } print_page($max_page); } echo " (" . lang('%d row(s)', $found_rows) . ")

\n"; echo ($_GET["db"] != "information_schema" ? "
" . lang('Edit') . "
\n" : ""); echo "
" . lang('Export') . "
$dump_output $dump_format
\n"; } $result->free(); echo "
" . lang('CSV Import') . "
\n"; echo "\n"; } }
' . htmlspecialchars($key) . ''; echo '
' . (count($select) == count($group) && $_GET["db"] != "information_schema" ? ' ' . lang('edit') . ' ' . lang('clone') . '