"PRIMARY", "columns" => array($oid)); } parse_str($_COOKIE["adminer_import"], $adminer_import); $rights = array(); // privilege => 0 $columns = array(); // selectable columns $text_length = null; foreach ($fields as $key => $field) { $name = $adminer->fieldName($field); if (isset($field["privileges"]["select"]) && $name != "") { $columns[$key] = html_entity_decode(strip_tags($name), ENT_QUOTES); if (is_shortable($field)) { $text_length = $adminer->selectLengthProcess(); } } $rights += $field["privileges"]; } list($select, $group) = $adminer->selectColumnsProcess($columns, $indexes); $is_group = count($group) < count($select); $where = $adminer->selectSearchProcess($fields, $indexes); $order = $adminer->selectOrderProcess($fields, $indexes); $limit = $adminer->selectLimitProcess(); $from = ($select ? implode(", ", $select) : "*" . ($oid ? ", $oid" : "")) . convert_fields($columns, $fields, $select) . "\nFROM " . table($TABLE); $group_by = ($group && $is_group ? "\nGROUP BY " . implode(", ", $group) : "") . ($order ? "\nORDER BY " . implode(", ", $order) : ""); if ($_GET["val"] && is_ajax()) { header("Content-Type: text/plain; charset=utf-8"); foreach ($_GET["val"] as $unique_idf => $row) { $as = convert_field($fields[key($row)]); echo $connection->result("SELECT" . limit($as ? $as : idf_escape(key($row)) . " FROM " . table($TABLE), " WHERE " . where_check($unique_idf, $fields) . ($where ? " AND " . implode(" AND ", $where) : "") . ($order ? " ORDER BY " . implode(", ", $order) : ""), 1)); } exit; } if ($_POST && !$error) { $where_check = $where; if (is_array($_POST["check"])) { $where_check[] = "((" . implode(") OR (", array_map('where_check', $_POST["check"])) . "))"; } $where_check = ($where_check ? "\nWHERE " . implode(" AND ", $where_check) : ""); $primary = $unselected = null; foreach ($indexes as $index) { if ($index["type"] == "PRIMARY") { $primary = array_flip($index["columns"]); $unselected = ($select ? $primary : array()); break; } } foreach ((array) $unselected as $key => $val) { if (in_array(idf_escape($key), $select)) { unset($unselected[$key]); } } if ($_POST["export"]) { cookie("adminer_import", "output=" . urlencode($_POST["output"]) . "&format=" . urlencode($_POST["format"])); dump_headers($TABLE); $adminer->dumpTable($TABLE, ""); if (!is_array($_POST["check"]) || $unselected === array()) { $query = "SELECT $from$where_check$group_by"; } else { $union = array(); foreach ($_POST["check"] as $val) { // where is not unique so OR can't be used $union[] = "(SELECT" . limit($from, "\nWHERE " . ($where ? implode(" AND ", $where) . " AND " : "") . where_check($val, $fields) . $group_by, 1) . ")"; } $query = implode(" UNION ALL ", $union); } $adminer->dumpData($TABLE, "table", $query); exit; } if (!$adminer->selectEmailProcess($where, $foreign_keys)) { if ($_POST["save"] || $_POST["delete"]) { // edit $result = true; $affected = 0; $query = table($TABLE); $set = array(); if (!$_POST["delete"]) { foreach ($columns as $name => $val) { //! should check also for edit or insert privileges $val = process_input($fields[$name]); if ($val !== null) { if ($_POST["clone"]) { $set[idf_escape($name)] = ($val !== false ? $val : idf_escape($name)); } elseif ($val !== false) { $set[] = idf_escape($name) . " = $val"; } } } $query .= ($_POST["clone"] ? " (" . implode(", ", array_keys($set)) . ")\nSELECT " . implode(", ", $set) . "\nFROM " . table($TABLE) : " SET\n" . implode(",\n", $set)); } if ($_POST["delete"] || $set) { $command = "UPDATE"; if ($_POST["delete"]) { $command = "DELETE"; $query = "FROM $query"; } if ($_POST["clone"]) { $command = "INSERT"; $query = "INTO $query"; } if ($_POST["all"] || ($unselected === array() && is_array($_POST["check"])) || $is_group) { $result = queries("$command $query$where_check"); $affected = $connection->affected_rows; } else { foreach ((array) $_POST["check"] as $val) { // where is not unique so OR can't be used $result = queries($command . limit1($query, "\nWHERE " . ($where ? implode(" AND ", $where) . " AND " : "") . where_check($val, $fields))); if (!$result) { break; } $affected += $connection->affected_rows; } } } $message = lang('%d item(s) have been affected.', $affected); if ($_POST["clone"] && $result && $affected == 1) { $last_id = last_id(); if ($last_id) { $message = lang('Item%s has been inserted.', " $last_id"); } } queries_redirect(remove_from_uri($_POST["all"] && $_POST["delete"] ? "page" : ""), $message, $result); //! display edit page in case of an error } elseif (!$_POST["import"]) { // modify if (!$_POST["val"]) { $error = lang('Ctrl+click on a value to modify it.'); } else { $result = true; $affected = 0; foreach ($_POST["val"] as $unique_idf => $row) { $set = array(); foreach ($row as $key => $val) { $key = bracket_escape($key, 1); // 1 - back $set[] = idf_escape($key) . " = " . (ereg('char|text', $fields[$key]["type"]) || $val != "" ? $adminer->processInput($fields[$key], $val) : "NULL"); } $query = table($TABLE) . " SET " . implode(", ", $set); $where2 = " WHERE " . where_check($unique_idf, $fields) . ($where ? " AND " . implode(" AND ", $where) : ""); $result = queries("UPDATE" . ($is_group || $unselected === array() ? " $query$where2" : limit1($query, $where2))); // can change row on a different page without unique key if (!$result) { break; } $affected += $connection->affected_rows; } queries_redirect(remove_from_uri(), lang('%d item(s) have been affected.', $affected), $result); } } elseif (is_string($file = get_file("csv_file", true))) { //! character set cookie("adminer_import", "output=" . urlencode($adminer_import["output"]) . "&format=" . urlencode($_POST["separator"])); $result = true; $cols = array_keys($fields); preg_match_all('~(?>"[^"]*"|[^"\\r\\n]+)+~', $file, $matches); $affected = count($matches[0]); begin(); $separator = ($_POST["separator"] == "csv" ? "," : ($_POST["separator"] == "tsv" ? "\t" : ";")); foreach ($matches[0] as $key => $val) { preg_match_all("~((?>\"[^\"]*\")+|[^$separator]*)$separator~", $val . $separator, $matches2); if (!$key && !array_diff($matches2[1], $cols)) { //! doesn't work with column names containing ",\n // first row corresponds to column names - use it for table structure $cols = $matches2[1]; $affected--; } else { $set = array(); foreach ($matches2[1] as $i => $col) { $set[idf_escape($cols[$i])] = ($col == "" && $fields[$cols[$i]]["null"] ? "NULL" : q(str_replace('""', '"', preg_replace('~^"|"$~', '', $col)))); } $result = insert_update($TABLE, $set, $primary); if (!$result) { break; } } } if ($result) { queries("COMMIT"); } queries_redirect(remove_from_uri("page"), lang('%d row(s) have been imported.', $affected), $result); queries("ROLLBACK"); // after queries_redirect() to not overwrite error } else { $error = upload_error($file); } } } $table_name = $adminer->tableName($table_status); if (is_ajax()) { // needs to send headers ob_start(); } page_header(lang('Select') . ": $table_name", $error); $set = null; if (isset($rights["insert"])) { $set = ""; foreach ((array) $_GET["where"] as $val) { if (count($foreign_keys[$val["col"]]) == 1 && ($val["op"] == "=" || (!$val["op"] && !ereg('[_%]', $val["val"])) // LIKE in Editor )) { $set .= "&set" . urlencode("[" . bracket_escape($val["col"]) . "]") . "=" . urlencode($val["val"]); } } } $adminer->selectLinks($table_status, $set); if (!$columns) { echo "
" . lang('Unable to select the table') . ($fields ? "." : ": " . error()) . "\n"; } else { echo "
\n"; $page = $_GET["page"]; if ($page == "last") { $found_rows = $connection->result("SELECT COUNT(*) FROM " . table($TABLE) . ($where ? " WHERE " . implode(" AND ", $where) : "")); $page = floor(max(0, $found_rows - 1) / $limit); } $query = $adminer->selectQueryBuild($select, $where, $group, $order, $limit, $page); if (!$query) { $query = "SELECT" . limit( (+$limit && $group && $is_group && $jush == "sql" ? "SQL_CALC_FOUND_ROWS " : "") . $from, ($where ? "\nWHERE " . implode(" AND ", $where) : "") . $group_by, ($limit != "" ? +$limit : null), ($page ? $limit * $page : 0), "\n" ); } echo $adminer->selectQuery($query); $result = $connection->query($query); if (!$result) { echo "" . error() . "\n"; } else { if ($jush == "mssql" && $page) { $result->seek($limit * $page); } $email_fields = array(); echo "
\n"; } } if (is_ajax()) { ob_end_clean(); exit; }