search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge remote-tracking branch 'origin/master' into drizzle
[phpmyadmin.git] / db_search.php
blob3ec891cdefab3ead102ee25450f10984ac05bd58
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * searchs the entire database
5 *
6 * @todo make use of UNION when searching multiple tables
7 * @todo display executed query, optional?
8 * @package phpMyAdmin
9 */
10
11 /**
12 *
13 */
14 require_once './libraries/common.inc.php';
15
16 $GLOBALS['js_include'][] = 'db_search.js';
17 $GLOBALS['js_include'][] = 'sql.js';
18 $GLOBALS['js_include'][] = 'makegrid.js';
19
20 /**
21 * Gets some core libraries and send headers
22 */
23 require './libraries/db_common.inc.php';
24
25 /**
26 * init
27 */
28 // If config variable $GLOBALS['cfg']['Usedbsearch'] is on false : exit.
29 if (! $GLOBALS['cfg']['UseDbSearch']) {
30 PMA_mysqlDie(__('Access denied'), '', false, $err_url);
31 } // end if
32 $url_query .= '&amp;goto=db_search.php';
33 $url_params['goto'] = 'db_search.php';
34
35 /**
36 * @global array list of tables from the current database
37 * but do not clash with $tables coming from db_info.inc.php
38 */
39 $tables_names_only = PMA_DBI_get_tables($GLOBALS['db']);
40
41 $search_options = array(
42 '1' => __('at least one of the words'),
43 '2' => __('all words'),
44 '3' => __('the exact phrase'),
45 '4' => __('as regular expression'),
46 );
47
48 if (empty($_REQUEST['search_option']) || ! is_string($_REQUEST['search_option'])
49 || ! array_key_exists($_REQUEST['search_option'], $search_options)) {
50 $search_option = 1;
51 unset($_REQUEST['submit_search']);
52 } else {
53 $search_option = (int) $_REQUEST['search_option'];
54 $option_str = $search_options[$_REQUEST['search_option']];
55 }
56
57 if (empty($_REQUEST['search_str']) || ! is_string($_REQUEST['search_str'])) {
58 unset($_REQUEST['submit_search']);
59 $searched = '';
60 } else {
61 $searched = htmlspecialchars($_REQUEST['search_str']);
62 // For "as regular expression" (search option 4), we should not treat
63 // this as an expression that contains a LIKE (second parameter of
64 // PMA_sqlAddSlashes()).
65 //
66 // Usage example: If user is seaching for a literal $ in a regexp search,
67 // he should enter \$ as the value.
68 $search_str = PMA_sqlAddSlashes($_REQUEST['search_str'], ($search_option == 4 ? false : true));
69 }
70
71 $tables_selected = array();
72 if (empty($_REQUEST['table_select']) || ! is_array($_REQUEST['table_select'])) {
73 unset($_REQUEST['submit_search']);
74 } elseif (! isset($_REQUEST['selectall']) && ! isset($_REQUEST['unselectall'])) {
75 $tables_selected = array_intersect($_REQUEST['table_select'], $tables_names_only);
76 }
77
78 if (isset($_REQUEST['selectall'])) {
79 $tables_selected = $tables_names_only;
80 } elseif (isset($_REQUEST['unselectall'])) {
81 $tables_selected = array();
82 }
83
84 if (empty($_REQUEST['field_str']) || ! is_string($_REQUEST['field_str'])) {
85 unset($field_str);
86 } else {
87 $field_str = PMA_sqlAddSlashes($_REQUEST['field_str'], true);
88 }
89
90 /**
91 * Displays top links if we are not in an Ajax request
92 */
93 $sub_part = '';
94
95 if ( $GLOBALS['is_ajax_request'] != true) {
96 require './libraries/db_info.inc.php';
97 echo '<div id="searchresults">';
98 }
99
100 /**
101 * 1. Main search form has been submitted
102 */
103 if (isset($_REQUEST['submit_search'])) {
104
105 /**
106 * Builds the SQL search query
107 *
108 * @todo can we make use of fulltextsearch IN BOOLEAN MODE for this?
109 * PMA_backquote
110 * PMA_DBI_free_result
111 * PMA_DBI_fetch_assoc
112 * $GLOBALS['db']
113 * explode
114 * count
115 * strlen
116 * @param string the table name
117 * @param string restrict the search to this field
118 * @param string the string to search
119 * @param integer type of search (1 -> 1 word at least, 2 -> all words,
120 * 3 -> exact string, 4 -> regexp)
121 *
122 * @return array 3 SQL querys (for count, display and delete results)
123 *
124 * @global string the url to return to in case of errors
125 * @global string charset connection
126 */
127 function PMA_getSearchSqls($table, $field, $search_str, $search_option)
128 {
129 global $err_url;
130
131 // Statement types
132 $sqlstr_select = 'SELECT';
133 $sqlstr_delete = 'DELETE';
134
135 // Fields to select
136 $tblfields = PMA_DBI_get_columns($GLOBALS['db'], $table);
137
138 // Table to use
139 $sqlstr_from = ' FROM ' . PMA_backquote($GLOBALS['db']) . '.' . PMA_backquote($table);
140
141 $search_words = (($search_option > 2) ? array($search_str) : explode(' ', $search_str));
142 $search_wds_cnt = count($search_words);
143
144 $like_or_regex = (($search_option == 4) ? 'REGEXP' : 'LIKE');
145 $automatic_wildcard = (($search_option < 3) ? '%' : '');
146
147 $fieldslikevalues = array();
148 foreach ($search_words as $search_word) {
149 // Eliminates empty values
150 if (strlen($search_word) === 0) {
151 continue;
152 }
153
154 $thefieldlikevalue = array();
155 foreach ($tblfields as $tblfield) {
156 if (! isset($field) || strlen($field) == 0 || $tblfield['Field'] == $field) {
157 // Drizzle has no CONVERT and all text columns are UTF-8
158 if (PMA_DRIZZLE) {
159 $thefieldlikevalue[] = PMA_backquote($tblfield['Field'])
160 . ' ' . $like_or_regex . ' '
161 . "'" . $automatic_wildcard
162 . $search_word
163 . $automatic_wildcard . "'";
164 } else {
165 $thefieldlikevalue[] = 'CONVERT(' . PMA_backquote($tblfield['Field']) . ' USING utf8)'
166 . ' ' . $like_or_regex . ' '
167 . "'" . $automatic_wildcard
168 . $search_word
169 . $automatic_wildcard . "'";
170 }
171 }
172 } // end for
173
174 if (count($thefieldlikevalue) > 0) {
175 $fieldslikevalues[] = implode(' OR ', $thefieldlikevalue);
176 }
177 } // end for
178
179 $implode_str = ($search_option == 1 ? ' OR ' : ' AND ');
180 if ( empty($fieldslikevalues)) {
181 // this could happen when the "inside field" does not exist
182 // in any selected tables
183 $sqlstr_where = ' WHERE FALSE';
184 } else {
185 $sqlstr_where = ' WHERE (' . implode(') ' . $implode_str . ' (', $fieldslikevalues) . ')';
186 }
187 unset($fieldslikevalues);
188
189 // Builds complete queries
190 $sql['select_fields'] = $sqlstr_select . ' * ' . $sqlstr_from . $sqlstr_where;
191 // here, I think we need to still use the COUNT clause, even for
192 // VIEWs, anyway we have a WHERE clause that should limit results
193 $sql['select_count'] = $sqlstr_select . ' COUNT(*) AS `count`' . $sqlstr_from . $sqlstr_where;
194 $sql['delete'] = $sqlstr_delete . $sqlstr_from . $sqlstr_where;
195
196 return $sql;
197 } // end of the "PMA_getSearchSqls()" function
198
199
200 /**
201 * Displays the results
202 */
203 $this_url_params = array(
204 'db' => $GLOBALS['db'],
205 'goto' => 'db_sql.php',
206 'pos' => 0,
207 'is_js_confirmed' => 0,
208 );
209
210 // Displays search string
211 echo '<br />' . "\n"
212 .'<table class="data">' . "\n"
213 .'<caption class="tblHeaders">' . "\n"
214 .sprintf(__('Search results for "<i>%s</i>" %s:'),
215 $searched, $option_str) . "\n"
216 .'</caption>' . "\n";
217
218 $num_search_result_total = 0;
219 $odd_row = true;
220
221 foreach ($tables_selected as $each_table) {
222 // Gets the SQL statements
223 $newsearchsqls = PMA_getSearchSqls($each_table, (! empty($field_str) ? $field_str : ''), $search_str, $search_option);
224
225 // Executes the "COUNT" statement
226 $res_cnt = PMA_DBI_fetch_value($newsearchsqls['select_count']);
227 $num_search_result_total += $res_cnt;
228
229 $sql_query .= $newsearchsqls['select_count'];
230
231 echo '<tr class="noclick ' . ($odd_row ? 'odd' : 'even') . '">'
232 .'<td>' . sprintf(_ngettext('%s match inside table <i>%s</i>', '%s matches inside table <i>%s</i>', $res_cnt), $res_cnt,
233 htmlspecialchars($each_table)) . "</td>\n";
234
235 if ($res_cnt > 0) {
236 $this_url_params['sql_query'] = $newsearchsqls['select_fields'];
237 $browse_result_path = 'sql.php' . PMA_generate_common_url($this_url_params);
238 ?>
239 <td> <a name="browse_search" href="<?php echo $browse_result_path; ?>" onclick="loadResult('<?php echo $browse_result_path ?> ',' <?php echo $each_table?> ' , '<?php echo PMA_generate_common_url($GLOBALS['db'], $each_table)?>','<?php echo ($GLOBALS['cfg']['AjaxEnable']); ?>');return false;" ><?php echo __('Browse') ?></a> </td>
240 <?php
241 $this_url_params['sql_query'] = $newsearchsqls['delete'];
242 $delete_result_path = 'sql.php' . PMA_generate_common_url($this_url_params);
243 ?>
244 <td> <a name="delete_search" href="<?php echo $delete_result_path; ?>" onclick="deleteResult('<?php echo $delete_result_path ?>' , ' <?php printf(__('Delete the matches for the %s table?'), htmlspecialchars($each_table)); ?>','<?php echo ($GLOBALS['cfg']['AjaxEnable']); ?>');return false;" ><?php echo __('Delete') ?></a> </td>
245 <?php
246 } else {
247 echo '<td>&nbsp;</td>' . "\n"
248 .'<td>&nbsp;</td>' . "\n";
249 }// end if else
250 $odd_row = ! $odd_row;
251 echo '</tr>' . "\n";
252 } // end for
253
254 echo '</table>' . "\n";
255
256 if (count($tables_selected) > 1) {
257 echo '<p>' . sprintf(_ngettext('<b>Total:</b> <i>%s</i> match', '<b>Total:</b> <i>%s</i> matches', $num_search_result_total),
258 $num_search_result_total) . '</p>' . "\n";
259 }
260 } // end 1.
261
262 /**
263 * If we are in an Ajax request, we need to exit after displaying all the HTML
264 */
265 if ($GLOBALS['is_ajax_request'] == true) {
266 exit;
267 }
268 else {
269 echo '</div>';//end searchresults div
270 }
271
272 /**
273 * 2. Displays the main search form
274 */
275 ?>
276 <a name="db_search"></a>
277 <form id="db_search_form"<?php echo ($GLOBALS['cfg']['AjaxEnable'] ? ' class="ajax"' : ''); ?> method="post" action="db_search.php" name="db_search">
278 <?php echo PMA_generate_common_hidden_inputs($GLOBALS['db']); ?>
279 <fieldset>
280 <legend><?php echo __('Search in database'); ?></legend>
281
282 <table class="formlayout">
283 <tr><td><?php echo __('Words or values to search for (wildcard: "%"):'); ?></td>
284 <td><input type="text" name="search_str" size="60"
285 value="<?php echo $searched; ?>" /></td>
286 </tr>
287 <tr><td align="right" valign="top">
288 <?php echo __('Find:'); ?></td>
289 <td><?php
290
291 $choices = array(
292 '1' => __('at least one of the words') . PMA_showHint(__('Words are separated by a space character (" ").')),
293 '2' => __('all words') . PMA_showHint(__('Words are separated by a space character (" ").')),
294 '3' => __('the exact phrase'),
295 '4' => __('as regular expression') . ' ' . PMA_showMySQLDocu('Regexp', 'Regexp')
296 );
297 // 4th parameter set to true to add line breaks
298 // 5th parameter set to false to avoid htmlspecialchars() escaping in the label
299 // since we have some HTML in some labels
300 PMA_display_html_radio('search_option', $choices, $search_option, true, false);
301 unset($choices);
302 ?>
303 </td>
304 </tr>
305 <tr><td align="right" valign="top">
306 <?php echo __('Inside tables:'); ?></td>
307 <td rowspan="2">
308 <?php
309 echo ' <select name="table_select[]" size="6" multiple="multiple">' . "\n";
310 foreach ($tables_names_only as $each_table) {
311 if (in_array($each_table, $tables_selected)) {
312 $is_selected = ' selected="selected"';
313 } else {
314 $is_selected = '';
315 }
316
317 echo ' <option value="' . htmlspecialchars($each_table) . '"'
318 . $is_selected . '>'
319 . str_replace(' ', '&nbsp;', htmlspecialchars($each_table)) . '</option>' . "\n";
320 } // end while
321
322 echo ' </select>' . "\n";
323 $alter_select =
324 '<a href="db_search.php' . PMA_generate_common_url(array_merge($url_params, array('selectall' => 1))) . '#db_search"'
325 . ' onclick="setSelectOptions(\'db_search\', \'table_select[]\', true); return false;">' . __('Select All') . '</a>'
326 . '&nbsp;/&nbsp;'
327 . '<a href="db_search.php' . PMA_generate_common_url(array_merge($url_params, array('unselectall' => 1))) . '#db_search"'
328 . ' onclick="setSelectOptions(\'db_search\', \'table_select[]\', false); return false;">' . __('Unselect All') . '</a>';
329 ?>
330 </td>
331 </tr>
332 <tr><td align="right" valign="bottom">
333 <?php echo $alter_select; ?></td>
334 </tr>
335 <tr><td align="right">
336 <?php echo __('Inside column:'); ?></td>
337 <td><input type="text" name="field_str" size="60"
338 value="<?php echo ! empty($field_str) ? htmlspecialchars($field_str) : ''; ?>" /></td>
339 </tr>
340 </table>
341 </fieldset>
342 <fieldset class="tblFooters">
343 <input type="submit" name="submit_search" value="<?php echo __('Go'); ?>"
344 id="buttonGo" />
345 </fieldset>
346 </form>
347
348 <!-- These two table-image and table-link elements display the table name in browse search results -->
349 <div id='table-info'>
350 <a class="item" id="table-link" ></a>
351 </div>
352 <div id="browse-results">
353 <!-- this browse-results div is used to load the browse and delete results in the db search -->
354 </div>
355 <br class="clearfloat" />
356 <div id="sqlqueryform">
357 <!-- this sqlqueryform div is used to load the delete form in the db search -->
358 </div>
359 <!-- toggle query box link-->
360 <a id="togglequerybox"></a>
361
362 <?php
363 /**
364 * Displays the footer
365 */
366 require './libraries/footer.inc.php';
367 ?>
phpMyAdmin