beenull/adminerevo
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
adminerevo/adminer/include/adminer.inc.php
Lukáš Rajchl 2a5e8b6c21 Fix space indents created by previous updates
2024-04-08 07:49:57 +02:00

1138 lines
38 KiB
PHP
Raw Permalink Blame History

<?php
// any method change in this file should be transferred to editor/include/adminer.inc.php and plugins/plugin.php
class Adminer {
/** @var array operators used in select, null for all operators */
var $operators;
/** Name in title and navigation
* @return string HTML code
*/
function name() {
return "<a href='https://www.adminerevo.org/'" . target_blank() . " id='h1'>AdminerEvo</a>";
}
/** Connection parameters
* @return array ($server, $username, $password)
*/
function credentials() {
return array(SERVER, $_GET["username"], get_password());
}
/** Get SSL connection options
* @return array array("key" => filename, "cert" => filename, "ca" => filename) or null
*/
function connectSsl() {
}
/** Get key used for permanent login
* @param bool
* @return string cryptic string which gets combined with password or false in case of an error
*/
function permanentLogin($create = false) {
return password_file($create);
}
/** Return key used to group brute force attacks; behind a reverse proxy, you want to return the last part of X-Forwarded-For
* @return string
*/
function bruteForceKey() {
return $_SERVER["REMOTE_ADDR"];
}
/** Get server name displayed in breadcrumbs
* @param string
* @return string HTML code or null
*/
function serverName($server) {
return h($server);
}
/** Identifier of selected database
* @return string
*/
function database() {
// should be used everywhere instead of DB
return DB;
}
/** Get cached list of databases
* @param bool
* @return array
*/
function databases($flush = true) {
return get_databases($flush);
}
/** Get list of schemas
* @return array
*/
function schemas() {
return schemas();
}
/** Specify limit for waiting on some slow queries like DB list
* @return float number of seconds
*/
function queryTimeout() {
return 2;
}
/** Headers to send before HTML output
* @return null
*/
function headers() {
}
/** Get Content Security Policy headers
* @return array of arrays with directive name in key, allowed sources in value
*/
function csp() {
return csp();
}
/** Print HTML code inside <head>
* @return bool true to link favicon.ico and adminer.css if exists
*/
function head() {
?>
<link rel="stylesheet" type="text/css" href="../externals/jush/jush.css">
<?php
return true;
}
/** Get URLs of the CSS files
* @return array of strings
*/
function css() {
$return = array();
$filename = "adminer.css";
if (file_exists($filename)) {
$return[] = "$filename?v=" . crc32(file_get_contents($filename));
}
return $return;
}
/** Print login form
* @return null
*/
function loginForm() {
global $drivers;
echo "<table cellspacing='0' class='layout'>\n";
echo $this->loginFormField('driver', '<tr><th>' . lang('System') . '<td>', html_select("auth[driver]", $drivers, DRIVER, "loginDriver(this);") . "\n");
echo $this->loginFormField('server', '<tr><th>' . lang('Server') . '<td>', '<input name="auth[server]" value="' . h(SERVER) . '" title="hostname[:port]" placeholder="localhost" autocapitalize="off">' . "\n");
echo $this->loginFormField('username', '<tr><th>' . lang('Username') . '<td>', '<input name="auth[username]" id="username" value="' . h($_GET["username"]) . '" autocomplete="username" autocapitalize="off">' . script("focus(qs('#username')); qs('#username').form['auth[driver]'].onchange();"));
echo $this->loginFormField('password', '<tr><th>' . lang('Password') . '<td>', '<input type="password" name="auth[password]" autocomplete="current-password">' . "\n");
echo $this->loginFormField('db', '<tr><th>' . lang('Database') . '<td>', '<input name="auth[db]" value="' . h($_GET["db"]) . '" autocapitalize="off">' . "\n");
echo "</table>\n";
echo "<p><input type='submit' value='" . lang('Login') . "'>\n";
echo checkbox("auth[permanent]", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n";
}
/** Get login form field
* @param string
* @param string HTML
* @param string HTML
* @return string
*/
function loginFormField($name, $heading, $value) {
return $heading . $value;
}
/** Authorize the user
* @param string
* @param string
* @return mixed true for success, string for error message, false for unknown error
*/
function login($login, $password) {
if ($password == "") {
return lang('Adminer does not support accessing a database without a password, <a href="https://www.adminer.org/en/password/"%s>more information</a>.', target_blank());
}
return true;
}
/** Table caption used in navigation and headings
* @param array result of SHOW TABLE STATUS
* @return string HTML code, "" to ignore table
*/
function tableName($tableStatus) {
return h($tableStatus["Name"]);
}
/** Field caption used in select and edit
* @param array single field returned from fields()
* @param int order of column in select
* @return string HTML code, "" to ignore field
*/
function fieldName($field, $order = 0) {
return '<span title="' . h($field["full_type"]) . '">' . h($field["field"]) . '</span>';
}
/** Print links after select heading
* @param array result of SHOW TABLE STATUS
* @param string new item options, NULL for no new item
* @return null
*/
function selectLinks($tableStatus, $set = "") {
global $jush, $driver;
echo '<p class="links">';
$actions = array("select" => lang('Select data'));
if (support("table") || support("indexes")) {
$actions["table"] = lang('Show structure');
}
if (support("table")) {
if (is_view($tableStatus)) {
$actions["view"] = lang('Alter view');
} else {
$actions["create"] = lang('Alter table');
}
}
if ($set !== null) {
$actions["edit"] = lang('New item');
}
$name = $tableStatus["Name"];
$links = [];
foreach ($actions as $key => $val) {
$links[] = "<a href='" . h(ME) . "$key=" . urlencode($name) . ($key == "edit" ? $set : "") . "'" . bold(isset($_GET[$key])) . ">$val</a>";
}
echo generate_linksbar($links);
echo doc_link(array($jush => $driver->tableHelp($name)), "?");
echo "\n";
}
/** Get foreign keys for table
* @param string
* @return array same format as foreign_keys()
*/
function foreignKeys($table) {
return foreign_keys($table);
}
/** Find backward keys for table
* @param string
* @param string
* @return array $return[$target_table]["keys"][$key_name][$target_column] = $source_column; $return[$target_table]["name"] = $this->tableName($target_table);
*/
function backwardKeys($table, $tableName) {
return array();
}
/** Print backward keys for row
* @param array result of $this->backwardKeys()
* @param array
* @return null
*/
function backwardKeysPrint($backwardKeys, $row) {
}
/** Query printed in select before execution
* @param string query to be executed
* @param float start time of the query
* @param bool
* @return string
*/
function selectQuery($query, $start, $failed = false) {
global $jush, $driver;
if (!$failed && ($warnings = $driver->warnings())) {
$id = "warnings";
$return = ", <a href='#$id'>" . lang('Warnings') . "</a>" . script("qsl('a').onclick = partial(toggle, '$id');", "")
. "<div id='$id' class='hidden'>\n$warnings</div>\n"
;
}
$links = [
(support("sql") ? "<a href='" . h(ME) . "sql=" . urlencode($query) . "'>" . lang('Edit') . "</a>" : ""),
"<a href='#' class='copy-to-clipboard'>" . lang('Copy to clipboard') . "</a>",
];
return "<code class='jush-$jush copy-to-clipboard'>" . h(str_replace("\n", " ", $query)) . "</code> <span class='time'>(" . format_time($start) . ")</span>"
. generate_linksbar($links);
}
/** Query printed in SQL command before execution
* @param string query to be executed
* @return string escaped query to be printed
*/
function sqlCommandQuery($query)
{
return shorten_utf8(trim($query), 1000);
}
/** Description of a row in a table
* @param string
* @return string SQL expression, empty string for no description
*/
function rowDescription($table) {
return "";
}
/** Get descriptions of selected data
* @param array all data to print
* @param array
* @return array
*/
function rowDescriptions($rows, $foreignKeys) {
return $rows;
}
/** Get a link to use in select table
* @param string raw value of the field
* @param array single field returned from fields()
* @return string or null to create the default link
*/
function selectLink($val, $field) {
}
/** Value printed in select table
* @param string HTML-escaped value to print
* @param string link to foreign key
* @param array single field returned from fields()
* @param array original value before applying editVal() and escaping
* @return string
*/
function selectVal($val, $link, $field, $original) {
$return = ($val === null ? "<i>NULL</i>" : (preg_match("~char|binary|boolean~", $field["type"] ?? null) && !preg_match("~var~", $field["type"] ?? null) ? "<code>$val</code>" : $val));
if (preg_match('~blob|bytea|raw|file~', $field["type"] ?? null) && !is_utf8($val)) {
$return = "<i>" . lang('%d byte(s)', strlen($original)) . "</i>";
}
if (preg_match('~json~', $field["type"] ?? null)) {
$return = "<code class='jush-js'>$return</code>";
}
return ($link ? "<a href='" . h($link) . "'" . (is_url($link) ? target_blank() : "") . ">$return</a>" : $return);
}
/** Value conversion used in select and edit
* @param string
* @param array single field returned from fields()
* @return string
*/
function editVal($val, $field) {
return $val;
}
/** Print table structure in tabular format
* @param array data about individual fields
* @return null
*/
function tableStructurePrint($fields) {
echo "<div class='scrollable'>\n";
echo "<table cellspacing='0' class='nowrap'>\n";
echo "<thead><tr><th>" . lang('Column') . "<td>" . lang('Type') . (support("comment") ? "<td>" . lang('Comment') : "") . "</thead>\n";
foreach ($fields as $field) {
echo "<tr" . odd() . "><th>" . h($field["field"]);
echo "<td><span title='" . h($field["collation"]) . "'>" . h($field["full_type"]) . "</span>";
echo ($field["null"] ? " <i>NULL</i>" : "");
echo ($field["auto_increment"] ? " <i>" . lang('Auto Increment') . "</i>" : "");
echo (isset($field["default"]) ? " <span title='" . lang('Default value') . "'>[<b>" . h($field["default"]) . "</b>]</span>" : "");
echo (support("comment") ? "<td>" . h($field["comment"]) : "");
echo "\n";
}
echo "</table>\n";
echo "</div>\n";
}
/** Print list of indexes on table in tabular format
* @param array data about all indexes on a table
* @return null
*/
function tableIndexesPrint($indexes) {
echo "<table cellspacing='0'>\n";
foreach ($indexes as $name => $index) {
ksort($index["columns"]); // enforce correct columns order
$print = array();
foreach ($index["columns"] as $key => $val) {
$print[] = "<i>" . h($val) . "</i>"
. ($index["lengths"][$key] ? "(" . $index["lengths"][$key] . ")" : "")
. ($index["descs"][$key] ? " DESC" : "")
;
}
echo "<tr title='" . h($name) . "'><th>$index[type]<td>" . implode(", ", $print) . "\n";
}
echo "</table>\n";
}
/** Print columns box in select
* @param array result of selectColumnsProcess()[0]
* @param array selectable columns
* @return null
*/
function selectColumnsPrint($select, $columns) {
global $functions, $grouping;
print_fieldset("select", lang('Select'), $select);
$i = 0;
$select[""] = array();
foreach ($select as $key => $val) {
$val = $_GET["columns"][$key] ?? null;
$column = select_input(
" name='columns[$i][col]'",
$columns,
$val["col"] ?? null,
($key !== "" ? "selectFieldChange" : "selectAddRow")
);
echo "<div>" . ($functions || $grouping ? "<select name='columns[$i][fun]'>"
. optionlist(array(-1 => "") + array_filter(array(lang('Functions') => $functions, lang('Aggregation') => $grouping)), $val["fun"] ?? null) . "</select>"
. on_help("getTarget(event).value && getTarget(event).value.replace(/ |\$/, '(') + ')'", 1)
. script("qsl('select').onchange = function () { helpClose();" . ($key !== "" ? "" : " qsl('select, input', this.parentNode).onchange();") . " };", "")
. "($column)" : $column)
. " <input type='image' src='../adminer/static/cross.gif' class='jsonly icon' title='", h(lang('Remove')), "' alt='x'>"
. script('qsl(".icon").onclick = selectRemoveRow;', "")
. "</div>\n";
$i++;
}
echo "</div></fieldset>\n";
}
/** Print search box in select
* @param array result of selectSearchProcess()
* @param array selectable columns
* @param array
* @return null
*/
function selectSearchPrint($where, $columns, $indexes) {
print_fieldset("search", lang('Search'), $where);
foreach ($indexes as $i => $index) {
if ($index["type"] == "FULLTEXT") {
echo "<div>(<i>" . implode("</i>, <i>", array_map('h', $index["columns"])) . "</i>) AGAINST";
echo " <input type='search' name='fulltext[$i]' value='" . h($_GET["fulltext"][$i]) . "'>";
echo script("qsl('input').oninput = selectFieldChange;", "");
echo checkbox("boolean[$i]", 1, isset($_GET["boolean"][$i]), "BOOL");
echo "</div>\n";
}
}
$change_next = "this.parentNode.firstChild.onchange();";
foreach (array_merge((array) $_GET["where"], array(array())) as $i => $val) {
if (!$val || ("$val[col]$val[val]" != "" && in_array($val["op"], $this->operators))) {
echo "<div>" . select_input(
" name='where[$i][col]'",
$columns,
$val["col"],
($val ? "selectFieldChange" : "selectAddRow"),
"(" . lang('anywhere') . ")"
);
echo html_select("where[$i][op]", $this->operators, $val["op"], $change_next);
echo "<input type='search' name='where[$i][val]' value='" . h($val["val"]) . "'>";
echo script("mixin(qsl('input'), {oninput: function () { $change_next }, onkeydown: selectSearchKeydown, onsearch: selectSearchSearch});", "");
echo "<input type='image' src='../adminer/static/cross.gif' class='jsonly icon' title='", h(lang('Remove')), "' alt='x'>";
echo script('qsl(".icon").onclick = selectRemoveRow;', "");
echo "</div>\n";
}
}
echo "</div></fieldset>\n";
}
/** Print order box in select
* @param array result of selectOrderProcess()
* @param array selectable columns
* @param array
* @return null
*/
function selectOrderPrint($order, $columns, $indexes) {
print_fieldset("sort", lang('Sort'), $order);
$i = 0;
foreach ((array) $_GET["order"] as $key => $val) {
if ($val != "") {
echo "<div>" . select_input(" name='order[$i]'", $columns, $val, "selectFieldChange");
echo checkbox("desc[$i]", 1, isset($_GET["desc"][$key]), lang('descending'));
echo " <input type='image' src='../adminer/static/cross.gif' class='jsonly icon' title='", h(lang('Remove')), "' alt='x'>";
echo script('qsl(".icon").onclick = selectRemoveRow;', "");
echo "</div>\n";
$i++;
}
}
echo "<div>" . select_input(" name='order[$i]'", $columns, "", "selectAddRow");
echo checkbox("desc[$i]", 1, false, lang('descending'));
echo " <input type='image' src='../adminer/static/cross.gif' class='jsonly icon' title='", h(lang('Remove')), "' alt='x'>";
echo script('qsl(".icon").onclick = selectRemoveRow;', "");
echo "</div>\n";
echo "</div></fieldset>\n";
}
/** Print limit box in select
* @param string result of selectLimitProcess()
* @return null
*/
function selectLimitPrint($limit) {
echo "<fieldset><legend>" . lang('Limit') . "</legend><div>"; // <div> for easy styling
echo "<input type='number' name='limit' class='size' value='" . h($limit) . "'>";
echo script("qsl('input').oninput = selectFieldChange;", "");
echo "</div></fieldset>\n";
}
/** Print text length box in select
* @param string result of selectLengthProcess()
* @return null
*/
function selectLengthPrint($text_length) {
if ($text_length !== null) {
echo "<fieldset><legend>" . lang('Text length') . "</legend><div>";
echo "<input type='number' name='text_length' class='size' value='" . h($text_length) . "'>";
echo "</div></fieldset>\n";
}
}
/** Print action box in select
* @param array
* @return null
*/
function selectActionPrint($indexes) {
echo "<fieldset><legend>" . lang('Action') . "</legend><div>";
echo "<input type='submit' value='" . lang('Select') . "'>";
echo " <span id='noindex' title='" . lang('Full table scan') . "'></span>";
echo "<script" . nonce() . ">\n";
echo "var indexColumns = ";
$columns = array();
foreach ($indexes as $index) {
$current_key = reset($index["columns"]);
if ($index["type"] != "FULLTEXT" && $current_key) {
$columns[$current_key] = 1;
}
}
$columns[""] = 1;
foreach ($columns as $key => $val) {
json_row($key);
}
echo ";\n";
echo "selectFieldChange.call(qs('#form')['select']);\n";
echo "</script>\n";
echo "</div></fieldset>\n";
}
/** Print command box in select
* @return bool whether to print default commands
*/
function selectCommandPrint() {
return !information_schema(DB);
}
/** Print import box in select
* @return bool whether to print default import
*/
function selectImportPrint() {
return !information_schema(DB);
}
/** Print extra text in the end of a select form
* @param array fields holding e-mails
* @param array selectable columns
* @return null
*/
function selectEmailPrint($emailFields, $columns) {
}
/** Process columns box in select
* @param array selectable columns
* @param array
* @return array (array(select_expressions), array(group_expressions))
*/
function selectColumnsProcess($columns, $indexes) {
global $functions, $grouping;
$select = array(); // select expressions, empty for *
$group = array(); // expressions without aggregation - will be used for GROUP BY if an aggregation function is used
foreach ((array) $_GET["columns"] as $key => $val) {
if ($val["fun"] == "count" || ($val["col"] != "" && (!$val["fun"] || in_array($val["fun"], $functions) || in_array($val["fun"], $grouping)))) {
$select[$key] = apply_sql_function($val["fun"], ($val["col"] != "" ? idf_escape($val["col"]) : "*"));
if (!in_array($val["fun"], $grouping)) {
$group[] = $select[$key];
}
}
}
return array($select, $group);
}
/** Process search box in select
* @param array
* @param array
* @return array expressions to join by AND
*/
function selectSearchProcess($fields, $indexes) {
global $connection, $driver;
$return = array();
foreach ($indexes as $i => $index) {
if ($index["type"] == "FULLTEXT" && $_GET["fulltext"][$i] != "") {
$return[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST (" . q($_GET["fulltext"][$i]) . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
}
}
foreach ((array) $_GET["where"] as $key => $val) {
if ("$val[col]$val[val]" != "" && in_array($val["op"], $this->operators)) {
$prefix = "";
$cond = " $val[op]";
if (preg_match('~IN$~', $val["op"])) {
$in = process_length($val["val"]);
$cond .= " " . ($in != "" ? $in : "(NULL)");
} elseif ($val["op"] == "SQL") {
$cond = " $val[val]"; // SQL injection
} elseif ($val["op"] == "LIKE %%") {
$cond = " LIKE " . $this->processInput($fields[$val["col"]], "%$val[val]%");
} elseif ($val["op"] == "ILIKE %%") {
$cond = " ILIKE " . $this->processInput($fields[$val["col"]], "%$val[val]%");
} elseif ($val["op"] == "FIND_IN_SET") {
$prefix = "$val[op](" . q($val["val"]) . ", ";
$cond = ")";
} elseif (!preg_match('~NULL$~', $val["op"])) {
$cond .= " " . $this->processInput($fields[$val["col"]], $val["val"]);
}
if ($val["col"] != "") {
$return[] = $prefix . $driver->convertSearch(idf_escape($val["col"]), $val, $fields[$val["col"]]) . $cond;
} else {
// find anywhere
$cols = array();
foreach ($fields as $name => $field) {
if ((preg_match('~^[-\d.' . (preg_match('~IN$~', $val["op"]) ? ',' : '') . ']+$~', $val["val"]) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
&& (!preg_match("~[\x80-\xFF]~", $val["val"]) || preg_match('~char|text|enum|set~', $field["type"]))
&& (!preg_match('~date|timestamp~', $field["type"]) || preg_match('~^\d+-\d+-\d+~', $val["val"]))
) {
$cols[] = $prefix . $driver->convertSearch(idf_escape($name), $val, $field) . $cond;
}
}
$return[] = ($cols ? "(" . implode(" OR ", $cols) . ")" : "1 = 0");
}
}
}
return $return;
}
/** Process order box in select
* @param array
* @param array
* @return array expressions to join by comma
*/
function selectOrderProcess($fields, $indexes) {
$return = array();
foreach ((array) $_GET["order"] as $key => $val) {
if ($val != "") {
$return[] = (preg_match('~^((COUNT\(DISTINCT |[A-Z0-9_]+\()(`(?:[^`]|``)+`|"(?:[^"]|"")+")\)|COUNT\(\*\))$~', $val) ? $val : idf_escape($val)) //! MS SQL uses []
. (isset($_GET["desc"][$key]) ? " DESC" : "")
;
}
}
return $return;
}
/** Process limit box in select
* @return string expression to use in LIMIT, will be escaped
*/
function selectLimitProcess() {
return (isset($_GET["limit"]) ? $_GET["limit"] : "50");
}
/** Process length box in select
* @return string number of characters to shorten texts, will be escaped
*/
function selectLengthProcess() {
return (isset($_GET["text_length"]) ? $_GET["text_length"] : "100");
}
/** Process extras in select form
* @param array AND conditions
* @param array
* @return bool true if processed, false to process other parts of form
*/
function selectEmailProcess($where, $foreignKeys) {
return false;
}
/** Build SQL query used in select
* @param array result of selectColumnsProcess()[0]
* @param array result of selectSearchProcess()
* @param array result of selectColumnsProcess()[1]
* @param array result of selectOrderProcess()
* @param int result of selectLimitProcess()
* @param int index of page starting at zero
* @return string empty string to use default query
*/
function selectQueryBuild($select, $where, $group, $order, $limit, $page) {
return "";
}
/** Query printed after execution in the message
* @param string executed query
* @param string elapsed time
* @param bool
* @return string
*/
function messageQuery($query, $time, $failed = false) {
global $jush, $driver;
restart_session();
$history = &get_session("queries");
if (isset($history[$_GET["db"]]) === false) {
$history[$_GET["db"]] = array();
}
if (strlen($query) > 1e6) {
$query = preg_replace('~[\x80-\xFF]+$~', '', substr($query, 0, 1e6)) . "\n…"; // [\x80-\xFF] - valid UTF-8, \n - can end by one-line comment
}
$history[$_GET["db"]][] = array($query, time(), $time); // not DB - $_GET["db"] is changed in database.inc.php //! respect $_GET["ns"]
$sql_id = "sql-" . count($history[$_GET["db"]]);
$return = "<a href='#$sql_id' class='toggle'>" . lang('SQL command') . "</a> <a href='#' class='copy-to-clipboard icon expand' data-expand-id='$sql_id'></a>\n";
if (!$failed && ($warnings = $driver->warnings())) {
$id = "warnings-" . count($history[$_GET["db"]]);
$return = "<a href='#$id' class='toggle'>" . lang('Warnings') . "</a>, $return<div id='$id' class='hidden'>\n$warnings</div>\n";
}
$links = [];
if (support("sql")) {
$links[] = '<a href="' . h(str_replace("db=" . urlencode(DB), "db=" . urlencode($_GET["db"]), ME) . 'sql=&history=' . (count($history[$_GET["db"]]) - 1)) . '">' . lang('Edit') . '</a>';
$links[] = '<a href="#" class="copy-to-clipboard">' . lang('Copy to clipboard') . '</a>';
}
return " <span class='time'>" . @date("H:i:s") . "</span>" // @ - time zone may be not set
. " $return<div id='$sql_id' class='hidden'><pre><code class='jush-$jush copy-to-clipboard'>" . shorten_utf8($query, 1000) . "</code></pre>"
. ($time ? " <span class='time'>($time)</span>" : '')
. generate_linksbar($links)
. '</div>'
;
}
/** Print before edit form
* @param string
* @param array
* @param mixed
* @param bool
* @return null
*/
function editRowPrint($table, $fields, $row, $update) {
}
/** Functions displayed in edit form
* @param array single field from fields()
* @return array
*/
function editFunctions($field) {
global $edit_functions;
$return = ($field["null"] ? "NULL/" : "");
$update = isset($_GET["select"]) || where($_GET);
foreach ($edit_functions as $key => $functions) {
if (!$key || (!isset($_GET["call"]) && $update)) { // relative functions
foreach ($functions as $pattern => $val) {
if (!$pattern || preg_match("~$pattern~", $field["type"])) {
$return .= "/$val";
}
}
}
if ($key && !preg_match('~set|blob|bytea|raw|file|bool~', $field["type"])) {
$return .= "/SQL";
}
}
if ($field["auto_increment"] && !$update) {
$return = lang('Auto Increment');
}
return explode("/", $return);
}
/** Get options to display edit field
* @param string table name
* @param array single field from fields()
* @param string attributes to use inside the tag
* @param string
* @return string custom input field or empty string for default
*/
function editInput($table, $field, $attrs, $value) {
if ($field["type"] == "enum") {
$options = array();
$selected = $value;
if (isset($_GET["select"])) {
$options[-1] = lang('original');
if ($selected === null) {
$selected = -1;
}
}
if ($field["null"]) {
$options[""] = "NULL";
if ($value === null && !isset($_GET["select"])) {
$selected = "";
}
}
$options[0] = lang('empty');
preg_match_all("~'((?:[^']|'')*)'~", $field["length"], $matches);
foreach ($matches[1] as $i => $val) {
$val = stripcslashes(str_replace("''", "'", $val));
$options[$i + 1] = $val;
if ($value === $val) {
$selected = $i + 1;
}
}
return "<select$attrs>" . optionlist($options, (string) $selected, 1) . "</select>"; // 1 - use keys
}
return "";
}
/** Get hint for edit field
* @param string table name
* @param array single field from fields()
* @param string
* @return string
*/
function editHint($table, $field, $value) {
return "";
}
/** Process sent input
* @param array single field from fields()
* @param string
* @param string
* @return string expression to use in a query
*/
function processInput($field, $value, $function = "") {
if ($function == "SQL") {
return $value; // SQL injection
}
$name = $field["field"];
$return = q($value);
if (preg_match('~^(now|getdate|uuid)$~', $function)) {
$return = "$function()";
} elseif (preg_match('~^current_(date|timestamp)$~', $function)) {
$return = $function;
} elseif (preg_match('~^([+-]|\|\|)$~', $function)) {
$return = idf_escape($name) . " $function $return";
} elseif (preg_match('~^[+-] interval$~', $function)) {
$return = idf_escape($name) . " $function " . (preg_match("~^(\\d+|'[0-9.: -]') [A-Z_]+\$~i", $value) ? $value : $return);
} elseif (preg_match('~^(addtime|subtime|concat)$~', $function)) {
$return = "$function(" . idf_escape($name) . ", $return)";
} elseif (preg_match('~^(md5|sha1|password|encrypt)$~', $function)) {
$return = "$function($return)";
}
return unconvert_field($field, $return);
}
/** Returns export output options
* @return array
*/
function dumpOutput() {
$return = array('text' => lang('open'), 'file' => lang('save'));
if (function_exists('gzencode')) {
$return['gz'] = 'gzip';
}
return $return;
}
/** Returns export format options
* @return array empty to disable export
*/
function dumpFormat() {
return array('sql' => 'SQL', 'csv' => 'CSV,', 'csv;' => 'CSV;', 'tsv' => 'TSV');
}
/** Export database structure
* @param string
* @return null prints data
*/
function dumpDatabase($db) {
}
/** Export table structure
* @param string
* @param string
* @param int 0 table, 1 view, 2 temporary view table
* @return null prints data
*/
function dumpTable($table, $style, $is_view = 0) {
if ($_POST["format"] != "sql") {
echo "\xef\xbb\xbf"; // UTF-8 byte order mark
if ($style) {
dump_csv(array_keys(fields($table)));
}
} else {
if ($is_view == 2) {
$fields = array();
foreach (fields($table) as $name => $field) {
$fields[] = idf_escape($name) . " $field[full_type]";
}
$create = "CREATE TABLE " . table($table) . " (" . implode(", ", $fields) . ")";
} else {
$create = create_sql($table, $_POST["auto_increment"], $style);
}
set_utf8mb4($create);
if ($style && $create) {
if ($style == "DROP+CREATE" || $is_view == 1) {
echo "DROP " . ($is_view == 2 ? "VIEW" : "TABLE") . " IF EXISTS " . table($table) . ";\n";
}
if ($is_view == 1) {
$create = remove_definer($create);
}
echo "$create;\n\n";
}
}
}
/** Export table data
* @param string
* @param string
* @param string
* @return null prints data
*/
function dumpData($table, $style, $query) {
global $connection, $jush;
$max_packet = ($jush == "sqlite" ? 0 : 1048576); // default, minimum is 1024
if ($style) {
if ($_POST["format"] == "sql") {
if ($style == "TRUNCATE+INSERT") {
echo truncate_sql($table) . ";\n";
}
$fields = fields($table);
}
$result = $connection->query($query, 1); // 1 - MYSQLI_USE_RESULT //! enum and set as numbers
if ($result) {
$insert = "";
$buffer = "";
$keys = array();
$generatedKeys = array();
$suffix = "";
$fetch_function = ($table != '' ? 'fetch_assoc' : 'fetch_row');
while ($row = $result->$fetch_function()) {
if (!$keys) {
$values = array();
foreach ($row as $val) {
$field = $result->fetch_field();
if (!empty($fields[$field->name]['generated'])) {
$generatedKeys[$field->name] = true;
continue;
}
$keys[] = $field->name;
$key = idf_escape($field->name);
$values[] = "$key = VALUES($key)";
}
$suffix = ($style == "INSERT+UPDATE" ? "\nON DUPLICATE KEY UPDATE " . implode(", ", $values) : "") . ";\n";
}
if ($_POST["format"] != "sql") {
if ($style == "table") {
dump_csv($keys);
$style = "INSERT";
}
dump_csv($row);
} else {
if (!$insert) {
$insert = "INSERT INTO " . table($table) . " (" . implode(", ", array_map('idf_escape', $keys)) . ") VALUES";
}
foreach ($row as $key => $val) {
if (isset($generatedKeys[$key])) {
unset($row[$key]);
continue;
}
$field = $fields[$key];
$row[$key] = ($val !== null
? unconvert_field($field, preg_match(number_type(), $field["type"]) && !preg_match('~\[~', $field["full_type"]) && is_numeric($val) ? $val : q(($val === false ? 0 : $val)))
: "NULL"
);
}
$s = ($max_packet ? "\n" : " ") . "(" . implode(",\t", $row) . ")";
if (!$buffer) {
$buffer = $insert . $s;
} elseif (strlen($buffer) + 4 + strlen($s) + strlen($suffix) < $max_packet) { // 4 - length specification
$buffer .= ",$s";
} else {
echo $buffer . $suffix;
$buffer = $insert . $s;
}
}
}
if ($buffer) {
echo $buffer . $suffix;
}
} elseif ($_POST["format"] == "sql") {
echo "-- " . str_replace("\n", " ", $connection->error) . "\n";
}
}
}
/** Set export filename
* @param string
* @return string filename without extension
*/
function dumpFilename($identifier) {
return friendly_url($identifier != "" ? $identifier : (SERVER != "" ? SERVER : "localhost"));
}
/** Send headers for export
* @param string
* @param bool
* @return string extension
*/
function dumpHeaders($identifier, $multi_table = false) {
$output = $_POST["output"];
$ext = (preg_match('~sql~', $_POST["format"]) ? "sql" : ($multi_table ? "tar" : "csv")); // multiple CSV packed to TAR
header("Content-Type: " .
($output == "gz" ? "application/x-gzip" :
($ext == "tar" ? "application/x-tar" :
($ext == "sql" || $output != "file" ? "text/plain" : "text/csv") . "; charset=utf-8"
)));
if ($output == "gz") {
ob_start('ob_gzencode', 1e6);
}
return $ext;
}
/** Set the path of the file for webserver load
* @return string path of the sql dump file
*/
function importServerPath() {
return "adminer.sql";
}
/** Print homepage
* @return bool whether to print default homepage
*/
function homepage() {
$links = [];
if ($_GET["ns"] == "" && support("database")) {
$links[] = '<a href="' . h(ME) . 'database=">' . lang('Alter database') . '</a>';
}
if (support("scheme")) {
$links[] = "<a href='" . h(ME) . "scheme='>" . ($_GET["ns"] != "" ? lang('Alter schema') : lang('Create schema')) . "</a>";
}
if ($_GET["ns"] !== "") {
$links[] = '<a href="' . h(ME) . 'schema=">' . lang('Database schema') . '</a>';
}
if (support("privileges")) {
$links[] = "<a href='" . h(ME) . "privileges='>" . lang('Privileges') . "</a>";
}
echo generate_linksbar($links);
return true;
}
/** Prints navigation after Adminer title
* @param string can be "auth" if there is no database connection, "db" if there is no database selected, "ns" with invalid schema
* @return null
*/
function navigation($missing) {
global $VERSION, $jush, $drivers, $connection;
?>
<h1>
<?php echo $this->name(); ?> <span class="version"><?php echo $VERSION; ?></span>
<a href="https://download.adminerevo.org/latest/adminer/"<?php echo target_blank(); ?> id="version" title="<?php echo lang('A newer version of AdminerEvo is available, download it now!'); ?>"><?php echo (version_compare($VERSION, $_COOKIE["adminer_version"]) < 0 ? h($_COOKIE["adminer_version"]) : ""); ?></a>
</h1>
<?php
if ($missing == "auth") {
$output = "";
foreach ((array) $_SESSION["pwds"] as $vendor => $servers) {
foreach ($servers as $server => $usernames) {
foreach ($usernames as $username => $password) {
if ($password !== null) {
$dbs = $_SESSION["db"][$vendor][$server][$username];
foreach (($dbs ? array_keys($dbs) : array("")) as $db) {
$output .= "<li><a href='" . h(auth_url($vendor, $server, $username, $db)) . "'>($drivers[$vendor]) " . h($username . ($server != "" ? "@" . $this->serverName($server) : "") . ($db != "" ? " - $db" : "")) . "</a>\n";
}
}
}
}
}
if ($output) {
echo "<ul id='logins'>\n$output</ul>\n" . script("mixin(qs('#logins'), {onmouseover: menuOver, onmouseout: menuOut});");
}
} else {
$tables = array();
if ($_GET["ns"] !== "" && !$missing && DB != "") {
$connection->select_db(DB);
$tables = table_status('', true);
}
echo script_src("../externals/jush/modules/jush.js");
echo script_src("../externals/jush/modules/jush-textarea.js");
echo script_src("../externals/jush/modules/jush-txt.js");
echo script_src("../externals/jush/modules/jush-js.js");
if (support("sql")) {
echo script_src("../externals/jush/modules/jush-$jush.js");
?>
<script<?php echo nonce(); ?>>
<?php
if ($tables) {
$links = array();
foreach ($tables as $table => $type) {
$links[] = preg_quote($table, '/');
}
echo "var jushLinks = { $jush: [ '" . js_escape(ME) . (support("table") ? "table=" : "select=") . "\$&', /\\b(" . implode("|", $links) . ")\\b/g ] };\n";
foreach (array("bac", "bra", "sqlite_quo", "mssql_bra") as $val) {
echo "jushLinks.$val = jushLinks.$jush;\n";
}
}
$server_info = $connection->server_info;
?>
bodyLoad('<?php echo (is_object($connection) ? preg_replace('~^(\d\.?\d).*~s', '\1', $server_info) : ""); ?>'<?php echo (preg_match('~MariaDB~', $server_info) ? ", true" : ""); ?>);
</script>
<?php
}
$this->databasesPrint($missing);
$links = [];
if (DB == "" || !$missing) {
if (support("sql")) {
$links[] = "<a href='" . h(ME) . "sql='" . bold(isset($_GET["sql"]) && !isset($_GET["import"])) . ">" . lang('SQL command') . "</a>";
$links[] = "<a href='" . h(ME) . "import='" . bold(isset($_GET["import"])) . ">" . lang('Import') . "</a>";
}
if (support("dump")) {
$links[] = "<a href='" . h(ME) . "dump=" . urlencode(isset($_GET["table"]) ? $_GET["table"] : $_GET["select"]) . "' id='dump'" . bold(isset($_GET["dump"])) . ">" . lang('Export') . "</a>";
}
}
echo generate_linksbar($links);
if ($_GET["ns"] !== "" && !$missing && DB != "") {
echo generate_linksbar(['<a href="' . h(ME) . 'create="' . bold($_GET["create"] === "") . ">" . lang('Create table') . "</a>"]);
if (!$tables) {
echo "<p class='message'>" . lang('No tables.') . "\n";
} else {
$this->tablesPrint($tables);
}
}
}
}
/** Prints databases list in menu
* @param string
* @return null
*/
function databasesPrint($missing) {
global $adminer, $connection;
$databases = $this->databases();
if (DB && $databases && !in_array(DB, $databases)) {
array_unshift($databases, DB);
}
?>
<form action="">
<?php
echo "<table id='dbs'><tr><td width=1>";
hidden_fields_get();
$db_events = script("mixin(qsl('select'), {onmousedown: dbMouseDown, onchange: dbChange});");
echo "<label title='" . lang('database') . "' for='menu_db'>" . lang('DB') . "</label>:</td><td>" . ($databases
? "<select name='db' id='menu_db'>" . optionlist(array("" => "") + $databases, DB) . "</select>$db_events"
: "<input name='db' id='menu_db' value='" . h(DB) . "' autocapitalize='off'>\n"
);
echo "</td></tr>";
if (support("scheme")) {
if ($missing != "db" && DB != "" && $connection->select_db(DB)) {
echo "<tr><td><label for='menu_ns'>" . lang('Schema') . ":</label></td>";
echo "<td><select name='ns' id='menu_ns'>" . optionlist(array("" => "") + $adminer->schemas(), $_GET["ns"]) . "</select>$db_events";
if ($_GET["ns"] != "") {
set_schema($_GET["ns"]);
}
echo "</td></tr>";
}
}
echo "<tr" . ($databases ? " class='hidden'" : "") . "><td colspan=2><input type='submit' value='" . lang('Use') . "'></td></tr>\n";
echo "</table>";
foreach (array("import", "sql", "schema", "dump", "privileges") as $val) {
if (isset($_GET[$val])) {
echo "<input type='hidden' name='$val' value=''>";
break;
}
}
}
/** Prints table list in menu
* @param array result of table_status('', true)
* @return null
*/
function tablesPrint($tables) {
echo "<ul id='tables'>" . script("mixin(qs('#tables'), {onmouseover: menuOver, onmouseout: menuOut});");
foreach ($tables as $table => $status) {
$name = $this->tableName($status);
if ($name != "") {
echo '<li><a href="' . h(ME) . 'select=' . urlencode($table) . '"'
. bold($_GET["select"] == $table || $_GET["edit"] == $table, "select")
. " title='" . lang('Select data') . "'>" . lang('select') . "</a> "
;
echo (support("table") || support("indexes")
? '<a href="' . h(ME) . 'table=' . urlencode($table) . '"'
. bold(in_array($table, array($_GET["table"], $_GET["create"], $_GET["indexes"], $_GET["foreign"], $_GET["trigger"], $_GET["select"])), (is_view($status) ? "view" : "structure"))
. " title='" . lang('Show structure') . "'>$name</a>"
: "<span>$name</span>"
) . "\n";
}
}
echo "</ul>\n";
}
}
?>
Reference in a new issue View git blame Copy permalink