restoreSession bug fix in new form validation engine
[openemr.git] / phpmyadmin / view_create.php
blob3ec2ef7c50498fae30d23e59802a673b735b8ab9
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * handles creation of VIEWs
6 * @todo js error when view name is empty (strFormEmpty)
7 * @todo (also validate if js is disabled, after form submission?)
8 * @package PhpMyAdmin
9 */
11 require_once './libraries/common.inc.php';
12 require_once './libraries/SystemDatabase.class.php';
14 /**
15 * Runs common work
17 require './libraries/db_common.inc.php';
18 $url_params['goto'] = 'tbl_structure.php';
19 $url_params['back'] = 'view_create.php';
21 $view_algorithm_options = array(
22 'UNDEFINED',
23 'MERGE',
24 'TEMPTABLE',
27 $view_with_options = array(
28 'CASCADED',
29 'LOCAL'
32 $view_security_options = array(
33 'DEFINER',
34 'INVOKER'
37 if (empty($sql_query)) {
38 $sql_query = '';
41 if (isset($_REQUEST['createview']) || isset($_REQUEST['alterview'])) {
42 /**
43 * Creates the view
45 $sep = "\r\n";
47 if (isset($_REQUEST['createview'])) {
48 $sql_query = 'CREATE';
49 if (isset($_REQUEST['view']['or_replace'])) {
50 $sql_query .= ' OR REPLACE';
52 } else {
53 $sql_query = 'ALTER';
56 if (PMA_isValid($_REQUEST['view']['algorithm'], $view_algorithm_options)) {
57 $sql_query .= $sep . ' ALGORITHM = ' . $_REQUEST['view']['algorithm'];
60 if (! empty($_REQUEST['view']['definer'])) {
61 $arr = explode('@', $_REQUEST['view']['definer']);
62 $sql_query .= $sep . 'DEFINER=' . PMA_Util::backquote($arr[0]);
63 $sql_query .= '@' . PMA_Util::backquote($arr[1]) . ' ';
66 if (isset($_REQUEST['view']['sql_security'])) {
67 if (in_array($_REQUEST['view']['sql_security'], $view_security_options)) {
68 $sql_query .= $sep . ' SQL SECURITY '
69 . $_REQUEST['view']['sql_security'];
73 $sql_query .= $sep . ' VIEW ' . PMA_Util::backquote($_REQUEST['view']['name']);
75 if (! empty($_REQUEST['view']['column_names'])) {
76 $sql_query .= $sep . ' (' . $_REQUEST['view']['column_names'] . ')';
79 $sql_query .= $sep . ' AS ' . $_REQUEST['view']['as'];
81 if (isset($_REQUEST['view']['with'])) {
82 if (in_array($_REQUEST['view']['with'], $view_with_options)) {
83 $sql_query .= $sep . ' WITH ' . $_REQUEST['view']['with']
84 . ' CHECK OPTION';
88 if (!$GLOBALS['dbi']->tryQuery($sql_query)) {
89 if (! isset($_REQUEST['ajax_dialog'])) {
90 $message = PMA_Message::rawError($GLOBALS['dbi']->getError());
91 return;
94 $response = PMA_Response::getInstance();
95 $response->addJSON(
96 'message',
97 PMA_Message::error(
98 "<i>" . htmlspecialchars($sql_query) . "</i><br /><br />"
99 . $GLOBALS['dbi']->getError()
102 $response->isSuccess(false);
103 exit;
106 // If different column names defined for VIEW
107 $view_columns = array();
108 if (isset($_REQUEST['view']['column_names'])) {
109 $view_columns = explode(',', $_REQUEST['view']['column_names']);
112 $column_map = $GLOBALS['dbi']->getColumnMapFromSql(
113 $_REQUEST['view']['as'], $view_columns
116 $systemDb = $GLOBALS['dbi']->getSystemDatabase();
117 $pma_transformation_data = $systemDb->getExistingTransformationData(
118 $GLOBALS['db']
121 if ($pma_transformation_data !== false) {
123 // SQL for store new transformation details of VIEW
124 $new_transformations_sql = $systemDb->getNewTransformationDataSql(
125 $pma_transformation_data, $column_map,
126 $_REQUEST['view']['name'], $GLOBALS['db']
129 // Store new transformations
130 if ($new_transformations_sql != '') {
131 $GLOBALS['dbi']->tryQuery($new_transformations_sql);
135 unset($pma_transformation_data);
137 if (! isset($_REQUEST['ajax_dialog'])) {
138 $message = PMA_Message::success();
139 include 'tbl_structure.php';
140 } else {
141 $response = PMA_Response::getInstance();
142 $response->addJSON(
143 'message',
144 PMA_Util::getMessage(PMA_Message::success(), $sql_query)
146 $response->isSuccess(true);
149 exit;
152 // prefill values if not already filled from former submission
153 $view = array(
154 'operation' => 'create',
155 'or_replace' => '',
156 'algorithm' => '',
157 'definer' => '',
158 'sql_security' => '',
159 'name' => '',
160 'column_names' => '',
161 'as' => $sql_query,
162 'with' => '',
165 if (PMA_isValid($_REQUEST['view'], 'array')) {
166 $view = array_merge($view, $_REQUEST['view']);
169 $url_params['db'] = $GLOBALS['db'];
170 $url_params['reload'] = 1;
173 * Displays the page
175 $htmlString = '<!-- CREATE VIEW options -->'
176 . '<div id="div_view_options">'
177 . '<form method="post" action="view_create.php">'
178 . PMA_URL_getHiddenInputs($url_params)
179 . '<fieldset>'
180 . '<legend>'
181 . (isset($_REQUEST['ajax_dialog']) ?
182 __('Details') :
183 ($view['operation'] == 'create' ? __('Create view') : __('Edit view'))
185 . '</legend>'
186 . '<table class="rte_table">';
188 if ($view['operation'] == 'create') {
189 $htmlString .= '<tr>'
190 . '<td class="nowrap"><label for="or_replace">OR REPLACE</label></td>'
191 . '<td><input type="checkbox" name="view[or_replace]" id="or_replace"';
192 if ($view['or_replace']) {
193 $htmlString .= ' checked="checked"';
195 $htmlString .= ' value="1" /></td></tr>';
198 $htmlString .= '<tr>'
199 . '<td class="nowrap"><label for="algorithm">ALGORITHM</label></td>'
200 . '<td><select name="view[algorithm]" id="algorithm">';
201 foreach ($view_algorithm_options as $option) {
202 $htmlString .= '<option value="' . htmlspecialchars($option) . '"';
203 if ($view['algorithm'] === $option) {
204 $htmlString .= ' selected="selected"';
206 $htmlString .= '>' . htmlspecialchars($option) . '</option>';
208 $htmlString .= '</select>'
209 . '</td></tr>';
211 $htmlString .= '<tr><td class="nowrap">' . __('Definer') . '</td>'
212 . '<td><input type="text" maxlength="100" size="50" name="view[definer]"'
213 . ' value="' . htmlspecialchars($view['definer']) . '" />'
214 . '</td></tr>';
216 $htmlString .= '<tr><td class="nowrap">SQL SECURITY</td>'
217 . '<td><select name="view[sql_security]">'
218 . '<option value=""></option>';
219 foreach ($view_security_options as $option) {
220 $htmlString .= '<option value="' . htmlspecialchars($option) . '"';
221 if ($option == $view['sql_security']) {
222 $htmlString .= ' selected="selected"';
224 $htmlString .= '>' . htmlspecialchars($option) . '</option>';
226 $htmlString .= '<select>'
227 . '</td></tr>';
229 if ($view['operation'] == 'create') {
230 $htmlString .= '<tr><td class="nowrap">' . __('VIEW name') . '</td>'
231 . '<td><input type="text" size="20" name="view[name]"'
232 . ' onfocus="this.select()" maxlength="64"'
233 . ' value="' . htmlspecialchars($view['name']) . '" />'
234 . '</td></tr>';
235 } else {
236 $htmlString .= '<tr><td><input type="hidden" name="view[name]"'
237 . ' value="' . htmlspecialchars($view['name']) . '" />'
238 . '</td></tr>';
241 $htmlString .= '<tr><td class="nowrap">' . __('Column names') . '</td>'
242 . '<td><input type="text" maxlength="100" size="50" name="view[column_names]"'
243 . ' onfocus="this.select()"'
244 . ' value="' . htmlspecialchars($view['column_names']) . '" />'
245 . '</td></tr>';
247 $htmlString .= '<tr><td class="nowrap">AS</td>'
248 . '<td>'
249 . '<textarea name="view[as]" rows="15" cols="40" dir="' . $text_dir . '"';
250 if ($GLOBALS['cfg']['TextareaAutoSelect'] || true) {
251 $htmlString .= ' onclick="selectContent(this, sql_box_locked, true)"';
253 $htmlString .= '>' . htmlspecialchars($view['as']) . '</textarea>'
254 . '</td></tr>';
256 $htmlString .= '<tr><td class="nowrap">WITH CHECK OPTION</td>'
257 . '<td><select name="view[with]">'
258 . '<option value=""></option>';
259 foreach ($view_with_options as $option) {
260 $htmlString .= '<option value="' . htmlspecialchars($option) . '"';
261 if ($option == $view['with']) {
262 $htmlString .= ' selected="selected"';
264 $htmlString .= '>' . htmlspecialchars($option) . '</option>';
266 $htmlString .= '<select>'
267 . '</td></tr>';
269 $htmlString .= '</table>'
270 . '</fieldset>';
272 if (! isset($_REQUEST['ajax_dialog'])) {
273 $htmlString .= '<fieldset class="tblFooters">'
274 . '<input type="hidden" name="'
275 . ($view['operation'] == 'create' ? 'createview' : 'alterview' )
276 . '" value="1" />'
277 . '<input type="submit" name="" value="' . __('Go') . '" />'
278 . '</fieldset>';
279 } else {
280 $htmlString .= '<input type="hidden" name="'
281 . ($view['operation'] == 'create' ? 'createview' : 'alterview' )
282 . '" value="1" />'
283 . '<input type="hidden" name="ajax_dialog" value="1" />'
284 . '<input type="hidden" name="ajax_request" value="1" />';
287 $htmlString .= '</form>'
288 . '</div>';
290 echo $htmlString;