2 /* vim: set expandtab sw=4 ts=4 sts=4: */
6 * @todo we must handle the case if sql.php is called directly with a query
7 * that returns 0 rows - to prevent cyclic redirects or includes
12 * Gets some core libraries
14 require_once 'libraries/common.inc.php';
15 require_once 'libraries/Table.class.php';
16 require_once 'libraries/Header.class.php';
17 require_once 'libraries/check_user_privileges.lib.php';
18 require_once 'libraries/bookmark.lib.php';
19 require_once 'libraries/sql.lib.php';
21 $response = PMA_Response
::getInstance();
22 $header = $response->getHeader();
23 $scripts = $header->getScripts();
24 $scripts->addFile('jquery/jquery-ui-timepicker-addon.js');
25 $scripts->addFile('tbl_change.js');
26 // the next one needed because sql.php may do a "goto" to tbl_structure.php
27 $scripts->addFile('tbl_structure.js');
28 $scripts->addFile('indexes.js');
29 $scripts->addFile('gis_data_editor.js');
32 * Set ajax_reload in the response if it was already set
34 if (isset($ajax_reload) && $ajax_reload['reload'] === true) {
35 $response->addJSON('ajax_reload', $ajax_reload);
39 * Sets globals from $_POST
46 foreach ($post_params as $one_post_param) {
47 if (isset($_POST[$one_post_param])) {
48 $GLOBALS[$one_post_param] = $_POST[$one_post_param];
53 * Sets globals from $_GET
60 foreach ($get_params as $one_get_param) {
61 if (isset($_GET[$one_get_param])) {
62 $GLOBALS[$one_get_param] = $_GET[$one_get_param];
67 if (isset($_REQUEST['printview'])) {
68 $GLOBALS['printview'] = $_REQUEST['printview'];
71 if (isset($_SESSION['profiling'])) {
72 $response = PMA_Response
::getInstance();
73 $header = $response->getHeader();
74 $scripts = $header->getScripts();
75 /* < IE 9 doesn't support canvas natively */
76 if (PMA_USR_BROWSER_AGENT
== 'IE' && PMA_USR_BROWSER_VER
< 9) {
77 $scripts->addFile('canvg/flashcanvas.js');
79 $scripts->addFile('jqplot/jquery.jqplot.js');
80 $scripts->addFile('jqplot/plugins/jqplot.pieRenderer.js');
81 $scripts->addFile('canvg/canvg.js');
84 if (!isset($_SESSION['is_multi_query'])) {
85 $_SESSION['is_multi_query'] = false;
89 * Defines the url to return to in case of error in a sql statement
93 $is_gotofile = preg_replace('@^([^?]+).*$@s', '\\1', $goto);
94 if (! @file_exists
('' . $is_gotofile)) {
97 $is_gotofile = ($is_gotofile == $goto);
101 $goto = $cfg['DefaultTabDatabase'];
103 $goto = $cfg['DefaultTabTable'];
108 if (! isset($err_url)) {
109 $err_url = (! empty($back) ?
$back : $goto)
110 . '?' . PMA_generate_common_url($db)
111 . ((strpos(' ' . $goto, 'db_') != 1 && strlen($table))
112 ?
'&table=' . urlencode($table)
117 // Coming from a bookmark dialog
118 if (isset($fields['query'])) {
119 $sql_query = $fields['query'];
122 // This one is just to fill $db
123 if (isset($fields['dbase'])) {
124 $db = $fields['dbase'];
128 // During grid edit, if we have a relational field, show the dropdown for it.
129 if (isset($_REQUEST['get_relational_values'])
130 && $_REQUEST['get_relational_values'] == true
132 $column = $_REQUEST['column'];
133 if ($_SESSION['tmp_user_values']['relational_display'] == 'D'
134 && isset($display_field)
135 && strlen($display_field)
136 && isset($_REQUEST['relation_key_or_display_column'])
137 && $_REQUEST['relation_key_or_display_column']
139 $curr_value = $_REQUEST['relation_key_or_display_column'];
141 $curr_value = $_REQUEST['curr_value'];
143 $dropdown = PMA_getHtmlForRelationalColumnDropdown($db, $table, $column, $curr_value);
144 $response = PMA_Response
::getInstance();
145 $response->addJSON('dropdown', $dropdown);
149 // Just like above, find possible values for enum fields during grid edit.
150 if (isset($_REQUEST['get_enum_values']) && $_REQUEST['get_enum_values'] == true) {
151 $column = $_REQUEST['column'];
152 $curr_value = $_REQUEST['curr_value'];
153 $dropdown = PMA_getHtmlForEnumColumnDropdown($db, $table, $column, $curr_value);
154 $response = PMA_Response
::getInstance();
155 $response->addJSON('dropdown', $dropdown);
160 // Find possible values for set fields during grid edit.
161 if (isset($_REQUEST['get_set_values']) && $_REQUEST['get_set_values'] == true) {
162 $column = $_REQUEST['column'];
163 $curr_value = $_REQUEST['curr_value'];
164 $select = PMA_getHtmlForSetColumn($db, $table, $column, $curr_value);
165 $response = PMA_Response
::getInstance();
166 $response->addJSON('select', $select);
171 * Check ajax request to set the column order
173 if (isset($_REQUEST['set_col_prefs']) && $_REQUEST['set_col_prefs'] == true) {
174 $pmatable = new PMA_Table($table, $db);
178 if (isset($_REQUEST['col_order'])) {
179 $col_order = explode(',', $_REQUEST['col_order']);
180 $retval = $pmatable->setUiProp(
181 PMA_Table
::PROP_COLUMN_ORDER
,
183 $_REQUEST['table_create_time']
185 if (gettype($retval) != 'boolean') {
186 $response = PMA_Response
::getInstance();
187 $response->isSuccess(false);
188 $response->addJSON('message', $retval->getString());
193 // set column visibility
194 if ($retval === true && isset($_REQUEST['col_visib'])) {
195 $col_visib = explode(',', $_REQUEST['col_visib']);
196 $retval = $pmatable->setUiProp(
197 PMA_Table
::PROP_COLUMN_VISIB
, $col_visib,
198 $_REQUEST['table_create_time']
200 if (gettype($retval) != 'boolean') {
201 $response = PMA_Response
::getInstance();
202 $response->isSuccess(false);
203 $response->addJSON('message', $retval->getString());
208 $response = PMA_Response
::getInstance();
209 $response->isSuccess($retval == true);
213 // Default to browse if no query set and we have table
214 // (needed for browsing from DefaultTabTable)
215 if (empty($sql_query) && strlen($table) && strlen($db)) {
216 include_once 'libraries/bookmark.lib.php';
217 $book_sql_query = PMA_Bookmark_get(
219 '\'' . PMA_Util
::sqlAddSlashes($table) . '\'',
225 if (! empty($book_sql_query)) {
226 $GLOBALS['using_bookmark_message'] = PMA_message
::notice(
227 __('Using bookmark "%s" as default browse query.')
229 $GLOBALS['using_bookmark_message']->addParam($table);
230 $GLOBALS['using_bookmark_message']->addMessage(
231 PMA_Util
::showDocu('faq', 'faq6-22')
233 $sql_query = $book_sql_query;
235 $sql_query = 'SELECT * FROM ' . PMA_Util
::backquote($table);
237 unset($book_sql_query);
239 // set $goto to what will be displayed if query returns 0 rows
242 // Now we can check the parameters
243 PMA_Util
::checkParameters(array('sql_query'));
246 // instead of doing the test twice
247 $is_drop_database = preg_match(
248 '/DROP[[:space:]]+(DATABASE|SCHEMA)[[:space:]]+/i',
253 * Check rights in case of DROP DATABASE
255 * This test may be bypassed if $is_js_confirmed = 1 (already checked with js)
256 * but since a malicious user may pass this variable by url/form, we don't take
257 * into account this case.
259 if (! defined('PMA_CHK_DROP')
260 && ! $cfg['AllowUserDropDatabase']
265 __('"DROP DATABASE" statements are disabled.'),
272 // Include PMA_Index class for use in PMA_DisplayResults class
273 require_once './libraries/Index.class.php';
275 require_once 'libraries/DisplayResults.class.php';
277 $displayResultsObject = new PMA_DisplayResults(
278 $GLOBALS['db'], $GLOBALS['table'], $GLOBALS['goto'], $GLOBALS['sql_query']
281 $displayResultsObject->setConfigParamsForDisplayTable();
284 * Need to find the real end of rows?
286 if (isset($find_real_end) && $find_real_end) {
287 $unlim_num_rows = PMA_Table
::countRecords($db, $table, true);
288 $_SESSION['tmp_user_values']['pos'] = @((ceil(
289 $unlim_num_rows / $_SESSION['tmp_user_values']['max_rows']
290 ) - 1) * $_SESSION['tmp_user_values']['max_rows']);
297 if (isset($store_bkm)) {
298 $result = PMA_Bookmark_save(
300 (isset($bkm_all_users) && $bkm_all_users == 'true' ?
true : false)
302 $response = PMA_Response
::getInstance();
303 if ($response->isAjax()) {
305 $msg = PMA_message
::success(__('Bookmark %s created'));
306 $msg->addParam($fields['label']);
307 $response->addJSON('message', $msg);
309 $msg = PMA_message
::error(__('Bookmark not created'));
310 $response->isSuccess(false);
311 $response->addJSON('message', $msg);
315 // go back to sql.php to redisplay query; do not use & in this case:
316 PMA_sendHeaderLocation(
317 $cfg['PmaAbsoluteUri'] . $goto . '&label=' . $fields['label']
323 * Parse and analyze the query
325 require_once 'libraries/parse_analyze.lib.php';
328 * Sets or modifies the $goto variable if required
330 if ($goto == 'sql.php') {
331 $is_gotofile = false;
333 . PMA_generate_common_url($db, $table)
334 . '&sql_query=' . urlencode($sql_query);
338 * Go back to further page if table should not be dropped
340 if (isset($_REQUEST['btnDrop']) && $_REQUEST['btnDrop'] == __('No')) {
341 if (! empty($back)) {
345 if (strpos($goto, 'db_') === 0 && strlen($table)) {
348 $active_page = $goto;
349 include '' . PMA_securePath($goto);
351 PMA_sendHeaderLocation(
352 $cfg['PmaAbsoluteUri'] . str_replace('&', '&', $goto)
360 * Displays the confirm page if required
362 * This part of the script is bypassed if $is_js_confirmed = 1 (already checked
363 * with js) because possible security issue is not so important here: at most,
364 * the confirm message isn't displayed.
366 * Also bypassed if only showing php code.or validating a SQL query
368 // if we are coming from a "Create PHP code" or a "Without PHP Code"
369 // dialog, we won't execute the query anyway, so don't confirm
370 if (! $cfg['Confirm']
371 ||
isset($_REQUEST['is_js_confirmed'])
372 ||
isset($_REQUEST['btnDrop'])
373 ||
isset($GLOBALS['show_as_php'])
374 ||
! empty($GLOBALS['validatequery'])
378 $do_confirm = isset($analyzed_sql[0]['queryflags']['need_confirm']);
382 $stripped_sql_query = $sql_query;
383 $input = '<input type="hidden" name="%s" value="%s" />';
385 if ($is_drop_database) {
386 $output .= '<h1 class="error">';
387 $output .= __('You are about to DESTROY a complete database!');
390 $form = '<form class="disableAjax" action="sql.php" method="post">';
391 $form .= PMA_generate_common_hidden_inputs($db, $table);
394 $input, 'sql_query', htmlspecialchars($sql_query)
397 $input, 'message_to_show',
398 (isset($message_to_show) ?
PMA_sanitize($message_to_show, true) : '')
401 $input, 'goto', $goto
405 (isset($back) ?
PMA_sanitize($back, true) : '')
409 (isset($reload) ?
PMA_sanitize($reload, true) : '')
413 (isset($purge) ?
PMA_sanitize($purge, true) : '')
416 $input, 'dropped_column',
417 (isset($dropped_column) ?
PMA_sanitize($dropped_column, true) : '')
420 $input, 'show_query',
421 (isset($message_to_show) ?
PMA_sanitize($show_query, true) : '')
423 $form = str_replace('%', '%%', $form) . '%s</form>';
425 $output .='<fieldset class="confirmation">'
427 . __('Do you really want to execute the following query?')
429 .'<code>' . htmlspecialchars($stripped_sql_query) . '</code>'
431 .'<fieldset class="tblFooters">';
433 $yes_input = sprintf($input, 'btnDrop', __('Yes'));
434 $yes_input .= '<input type="submit" value="' . __('Yes') . '" id="buttonYes" />';
435 $no_input = sprintf($input, 'btnDrop', __('No'));
436 $no_input .= '<input type="submit" value="' . __('No') . '" id="buttonNo" />';
438 $output .= sprintf($form, $yes_input);
439 $output .= sprintf($form, $no_input);
441 $output .='</fieldset>';
444 PMA_Response
::getInstance()->addHTML($output);
447 } // end if $do_confirm
450 // Defines some variables
451 // A table has to be created, renamed, dropped -> navi frame should be reloaded
453 * @todo use the parser/analyzer
457 && preg_match('/^(CREATE|ALTER|DROP)\s+(VIEW|TABLE|DATABASE|SCHEMA)\s+/i', $sql_query)
462 // $is_group added for use in calculation of total number of rows.
463 // $is_count is changed for more correct "LIMIT" clause
464 // appending in queries like
465 // "SELECT COUNT(...) FROM ... GROUP BY ..."
468 * @todo detect all this with the parser, to avoid problems finding
469 * those strings in comments or backquoted identifiers
471 list($is_group, $is_func, $is_count, $is_export, $is_analyse, $is_explain,
472 $is_delete, $is_affected, $is_insert, $is_replace, $is_show, $is_maint)
473 = PMA_getDisplayPropertyParams(
474 $sql_query, $is_select
477 // assign default full_sql_query
478 $full_sql_query = $sql_query;
480 // Handle remembered sorting order, only for single table query
481 if ($GLOBALS['cfg']['RememberSorting']
482 && ! ($is_count ||
$is_export ||
$is_func ||
$is_analyse)
483 && isset($analyzed_sql[0]['select_expr'])
484 && (count($analyzed_sql[0]['select_expr']) == 0)
485 && isset($analyzed_sql[0]['queryflags']['select_from'])
486 && count($analyzed_sql[0]['table_ref']) == 1
488 PMA_handleSortOrder($db, $table, $analyzed_sql, $full_sql_query);
491 $sql_limit_to_append = '';
492 // Do append a "LIMIT" clause?
493 if (($_SESSION['tmp_user_values']['max_rows'] != 'all')
494 && ! ($is_count ||
$is_export ||
$is_func ||
$is_analyse)
495 && isset($analyzed_sql[0]['queryflags']['select_from'])
496 && ! isset($analyzed_sql[0]['queryflags']['offset'])
497 && empty($analyzed_sql[0]['limit_clause'])
499 $sql_limit_to_append = ' LIMIT ' . $_SESSION['tmp_user_values']['pos']
500 . ', ' . $_SESSION['tmp_user_values']['max_rows'] . " ";
501 $full_sql_query = PMA_getSqlWithLimitClause(
508 * @todo pretty printing of this modified query
510 if (isset($display_query)) {
511 // if the analysis of the original query revealed that we found
512 // a section_after_limit, we now have to analyze $display_query
513 // to display it correctly
515 if (! empty($analyzed_sql[0]['section_after_limit'])
516 && trim($analyzed_sql[0]['section_after_limit']) != ';'
518 $analyzed_display_query = PMA_SQP_analyze(
519 PMA_SQP_parse($display_query)
521 $display_query = $analyzed_display_query[0]['section_before_limit']
522 . "\n" . $sql_limit_to_append
523 . $analyzed_display_query[0]['section_after_limit'];
529 PMA_DBI_selectDb($db);
532 // E x e c u t e t h e q u e r y
534 // Only if we didn't ask to see the php code
535 if (isset($GLOBALS['show_as_php']) ||
! empty($GLOBALS['validatequery'])) {
540 if (isset($_SESSION['profiling']) && PMA_Util
::profilingSupported()) {
541 PMA_DBI_query('SET PROFILING=1;');
544 // Measure query time.
545 $querytime_before = array_sum(explode(' ', microtime()));
547 $result = @PMA_DBI_tryQuery
($full_sql_query, null, PMA_DBI_QUERY_STORE
);
549 // If a stored procedure was called, there may be more results that are
550 // queued up and waiting to be flushed from the buffer. So let's do that.
552 PMA_DBI_storeResult();
553 if (! PMA_DBI_moreResults()) {
556 } while (PMA_DBI_nextResult());
558 $is_procedure = false;
559 if (stripos($full_sql_query, 'call') !== false) {
560 $is_procedure = true;
563 $querytime_after = array_sum(explode(' ', microtime()));
565 $GLOBALS['querytime'] = $querytime_after - $querytime_before;
567 // Displays an error message if required and stop parsing the script
568 $error = PMA_DBI_getError();
571 if (strpos($goto, 'db_') === 0 && strlen($table)) {
574 $active_page = $goto;
575 $message = PMA_Message
::rawError($error);
577 if ($GLOBALS['is_ajax_request'] == true) {
578 $response = PMA_Response
::getInstance();
579 $response->isSuccess(false);
580 $response->addJSON('message', $message);
587 include '' . PMA_securePath($goto);
589 $full_err_url = $err_url;
590 if (preg_match('@^(db|tbl)_@', $err_url)) {
591 $full_err_url .= '&show_query=1&sql_query='
592 . urlencode($sql_query);
594 PMA_Util
::mysqlDie($error, $full_sql_query, '', $full_err_url);
600 // If there are no errors and bookmarklabel was given,
601 // store the query as a bookmark
602 if (! empty($bkm_label) && ! empty($import_text)) {
603 include_once 'libraries/bookmark.lib.php';
606 'user' => $cfg['Bookmark']['user'],
607 'query' => urlencode($import_text),
608 'label' => $bkm_label
611 // Should we replace bookmark?
612 if (isset($bkm_replace)) {
613 $bookmarks = PMA_Bookmark_getList($db);
614 foreach ($bookmarks as $key => $val) {
615 if ($val == $bkm_label) {
616 PMA_Bookmark_delete($db, $key);
621 PMA_Bookmark_save($bfields, isset($bkm_all_users));
623 $bookmark_created = true;
624 } // end store bookmarks
626 // Gets the number of rows affected/returned
627 // (This must be done immediately after the query because
628 // mysql_affected_rows() reports about the last query done)
630 if (! $is_affected) {
631 $num_rows = ($result) ? @PMA_DBI_numRows
($result) : 0;
632 } elseif (! isset($num_rows)) {
633 $num_rows = @PMA_DBI_affectedRows
();
636 // Grabs the profiling results
637 if (isset($_SESSION['profiling']) && PMA_Util
::profilingSupported()) {
638 $profiling_results = PMA_DBI_fetchResult('SHOW PROFILE;');
641 // Checks if the current database has changed
642 // This could happen if the user sends a query like "USE `database`;"
644 * commented out auto-switching to active database - really required?
645 * bug #2558 win: table list disappears (mixed case db names)
646 * https://sourceforge.net/p/phpmyadmin/bugs/2558/
647 * @todo RELEASE test and comit or rollback before release
648 $current_db = PMA_DBI_fetchValue('SELECT DATABASE()');
649 if ($db !== $current_db) {
656 // tmpfile remove after convert encoding appended by Y.Kawada
657 if (function_exists('PMA_kanji_file_conv')
658 && (isset($textfile) && file_exists($textfile))
663 // Counts the total number of rows for the same 'SELECT' query without the
664 // 'LIMIT' clause that may have been programatically added
666 if (empty($sql_limit_to_append)) {
667 $unlim_num_rows = $num_rows;
668 // if we did not append a limit, set this to get a correct
669 // "Showing rows..." message
670 //$_SESSION['tmp_user_values']['max_rows'] = 'all';
671 } elseif ($is_select) {
673 // c o u n t q u e r y
675 // If we are "just browsing", there is only one table,
676 // and no WHERE clause (or just 'WHERE 1 '),
677 // we do a quick count (which uses MaxExactCount) because
678 // SQL_CALC_FOUND_ROWS is not quick on large InnoDB tables
680 // However, do not count again if we did it previously
681 // due to $find_real_end == true
683 && ! isset($analyzed_sql[0]['queryflags']['union'])
684 && ! isset($analyzed_sql[0]['queryflags']['distinct'])
685 && ! isset($analyzed_sql[0]['table_ref'][1]['table_name'])
686 && (empty($analyzed_sql[0]['where_clause'])
687 ||
$analyzed_sql[0]['where_clause'] == '1 ')
688 && ! isset($find_real_end)
690 // "j u s t b r o w s i n g"
691 $unlim_num_rows = PMA_Table
::countRecords($db, $table);
693 } else { // n o t " j u s t b r o w s i n g "
695 // add select expression after the SQL_CALC_FOUND_ROWS
697 // for UNION, just adding SQL_CALC_FOUND_ROWS
698 // after the first SELECT works.
700 // take the left part, could be:
703 $count_query = PMA_SQP_formatHtml(
707 $analyzed_sql[0]['position_of_first_select'] +
1
709 $count_query .= ' SQL_CALC_FOUND_ROWS ';
710 // add everything that was after the first SELECT
711 $count_query .= PMA_SQP_formatHtml(
714 $analyzed_sql[0]['position_of_first_select'] +
1
716 // ensure there is no semicolon at the end of the
717 // count query because we'll probably add
718 // a LIMIT 1 clause after it
719 $count_query = rtrim($count_query);
720 $count_query = rtrim($count_query, ';');
722 // if using SQL_CALC_FOUND_ROWS, add a LIMIT to avoid
723 // long delays. Returned count will be complete anyway.
724 // (but a LIMIT would disrupt results in an UNION)
726 if (! isset($analyzed_sql[0]['queryflags']['union'])) {
727 $count_query .= ' LIMIT 1';
730 // run the count query
732 PMA_DBI_tryQuery($count_query);
733 // if (mysql_error()) {
736 // (SELECT `User`, `Host`, `Db`, `Select_priv` FROM `db`)
737 // UNION (SELECT `User`, `Host`, "%" AS "Db",
739 // FROM `user`) ORDER BY `User`, `Host`, `Db`;
740 // and although the generated count_query is wrong
741 // the SELECT FOUND_ROWS() work! (maybe it gets the
742 // count from the latest query that worked)
744 // another case where the count_query is wrong:
745 // SELECT COUNT(*), f1 from t1 group by f1
746 // and you click to sort on count(*)
748 $unlim_num_rows = PMA_DBI_fetchValue('SELECT FOUND_ROWS()');
749 } // end else "just browsing"
751 } else { // not $is_select
753 } // end rows total count
755 // if a table or database gets dropped, check column comments.
756 if (isset($purge) && $purge == '1') {
760 include_once 'libraries/relation_cleanup.lib.php';
762 if (strlen($table) && strlen($db)) {
763 PMA_relationsCleanupTable($db, $table);
764 } elseif (strlen($db)) {
765 PMA_relationsCleanupDatabase($db);
767 // VOID. No DB/Table gets deleted.
768 } // end if relation-stuff
771 // If a column gets dropped, do relation magic.
772 if (isset($dropped_column)
775 && ! empty($dropped_column)
777 include_once 'libraries/relation_cleanup.lib.php';
778 PMA_relationsCleanupColumn($db, $table, $dropped_column);
779 // to refresh the list of indexes (Ajax mode)
780 $extra_data['indexes_list'] = PMA_Index
::getView($table, $db);
781 } // end if column was dropped
782 } // end else "didn't ask to see php code"
784 // No rows returned -> move back to the calling page
785 if ((0 == $num_rows && 0 == $unlim_num_rows) ||
$is_affected) {
786 // Delete related tranformation information
787 if (!empty($analyzed_sql[0]['querytype'])
788 && (($analyzed_sql[0]['querytype'] == 'ALTER')
789 ||
($analyzed_sql[0]['querytype'] == 'DROP'))
791 include_once 'libraries/transformations.lib.php';
792 if ($analyzed_sql[0]['querytype'] == 'ALTER') {
793 if (stripos($analyzed_sql[0]['unsorted_query'], 'DROP') !== false) {
794 $drop_column = PMA_getColumnNameInColumnDropSql(
795 $analyzed_sql[0]['unsorted_query']
798 if ($drop_column != '') {
799 PMA_clearTransformations($db, $table, $drop_column);
803 } else if (($analyzed_sql[0]['querytype'] == 'DROP') && ($table != '')) {
804 PMA_clearTransformations($db, $table);
809 $message = PMA_Message
::getMessageForDeletedRows($num_rows);
810 } elseif ($is_insert) {
812 // For replace we get DELETED + INSERTED row count,
813 // so we have to call it affected
814 $message = PMA_Message
::getMessageForAffectedRows($num_rows);
816 $message = PMA_Message
::getMessageForInsertedRows($num_rows);
818 $insert_id = PMA_DBI_insertId();
819 if ($insert_id != 0) {
820 // insert_id is id of FIRST record inserted in one insert,
821 // so if we inserted multiple rows, we had to increment this
822 $message->addMessage('[br]');
823 // need to use a temporary because the Message class
824 // currently supports adding parameters only to the first
826 $_inserted = PMA_Message
::notice(__('Inserted row id: %1$d'));
827 $_inserted->addParam($insert_id +
$num_rows - 1);
828 $message->addMessage($_inserted);
830 } elseif ($is_affected) {
831 $message = PMA_Message
::getMessageForAffectedRows($num_rows);
833 // Ok, here is an explanation for the !$is_select.
834 // The form generated by sql_query_form.lib.php
835 // and db_sql.php has many submit buttons
836 // on the same form, and some confusion arises from the
837 // fact that $message_to_show is sent for every case.
838 // The $message_to_show containing a success message and sent with
839 // the form should not have priority over errors
840 } elseif (! empty($message_to_show) && ! $is_select) {
841 $message = PMA_Message
::rawSuccess(htmlspecialchars($message_to_show));
842 } elseif (! empty($GLOBALS['show_as_php'])) {
843 $message = PMA_Message
::success(__('Showing as PHP code'));
844 } elseif (isset($GLOBALS['show_as_php'])) {
845 /* User disable showing as PHP, query is only displayed */
846 $message = PMA_Message
::notice(__('Showing SQL query'));
847 } elseif (! empty($GLOBALS['validatequery'])) {
848 $message = PMA_Message
::notice(__('Validated SQL'));
850 $message = PMA_Message
::success(
851 __('MySQL returned an empty result set (i.e. zero rows).')
855 if (isset($GLOBALS['querytime'])) {
856 $_querytime = PMA_Message
::notice('(' . __('Query took %01.4f sec') . ')');
857 $_querytime->addParam($GLOBALS['querytime']);
858 $message->addMessage($_querytime);
861 if ($GLOBALS['is_ajax_request'] == true) {
862 if ($cfg['ShowSQL']) {
863 $extra_data['sql_query'] = PMA_Util
::getMessage(
864 $message, $GLOBALS['sql_query'], 'success'
867 if (isset($GLOBALS['reload']) && $GLOBALS['reload'] == 1) {
868 $extra_data['reload'] = 1;
869 $extra_data['db'] = $GLOBALS['db'];
871 $response = PMA_Response
::getInstance();
872 $response->isSuccess($message->isSuccess());
873 // No need to manually send the message
874 // The Response class will handle that automatically
875 $query__type = PMA_DisplayResults
::QUERY_TYPE_SELECT
;
876 if ($analyzed_sql[0]['querytype'] == $query__type) {
877 $createViewHTML = $displayResultsObject->getCreateViewQueryResultOp(
880 $response->addHTML($createViewHTML.'<br />');
883 $response->addJSON(isset($extra_data) ?
$extra_data : array());
884 if (empty($_REQUEST['ajax_page_request'])) {
885 $response->addJSON('message', $message);
891 $goto = PMA_securePath($goto);
892 // Checks for a valid target script
893 $is_db = $is_table = false;
894 if (isset($_REQUEST['purge']) && $_REQUEST['purge'] == '1') {
896 unset($url_params['table']);
898 include 'libraries/db_table_exists.lib.php';
900 if (strpos($goto, 'tbl_') === 0 && ! $is_table) {
901 if (strlen($table)) {
904 $goto = 'db_sql.php';
906 if (strpos($goto, 'db_') === 0 && ! $is_db) {
912 // Loads to target script
913 if (strlen($goto) > 0) {
914 $active_page = $goto;
917 // Echo at least one character to prevent showing last page from history
922 // avoid a redirect loop when last record was deleted
923 if (0 == $num_rows && 'sql.php' == $cfg['DefaultTabTable']) {
924 $goto = str_replace('sql.php', 'tbl_structure.php', $goto);
926 PMA_sendHeaderLocation(
927 $cfg['PmaAbsoluteUri'] . str_replace('&', '&', $goto)
928 . '&message=' . urlencode($message)
932 // end no rows returned
935 // At least one row is returned -> displays a table with results
936 //If we are retrieving the full value of a truncated field or the original
937 // value of a transformed field, show it here and exit
938 if ($GLOBALS['grid_edit'] == true) {
939 $row = PMA_DBI_fetchRow($result);
940 $response = PMA_Response
::getInstance();
941 $response->addJSON('value', $row[0]);
945 if (isset($_REQUEST['ajax_request']) && isset($_REQUEST['table_maintenance'])) {
946 $response = PMA_Response
::getInstance();
947 $header = $response->getHeader();
948 $scripts = $header->getScripts();
949 $scripts->addFile('makegrid.js');
950 $scripts->addFile('sql.js');
952 // Gets the list of fields properties
953 if (isset($result) && $result) {
954 $fields_meta = PMA_DBI_getFieldsMeta($result);
955 $fields_cnt = count($fields_meta);
958 if (empty($disp_mode)) {
959 // see the "PMA_setDisplayMode()" function in
960 // libraries/DisplayResults.class.php
961 $disp_mode = 'urdr111101';
964 // hide edit and delete links for information_schema
965 if (PMA_is_system_schema($db)) {
966 $disp_mode = 'nnnn110111';
969 if (isset($message)) {
970 $message = PMA_Message
::success($message);
971 $html_output .= PMA_Util
::getMessage(
972 $message, $GLOBALS['sql_query'], 'success'
976 // Should be initialized these parameters before parsing
977 $showtable = isset($showtable) ?
$showtable : null;
978 $printview = isset($printview) ?
$printview : null;
979 $url_query = isset($url_query) ?
$url_query : null;
981 if (!empty($sql_data) && ($sql_data['valid_queries'] > 1)) {
983 $_SESSION['is_multi_query'] = true;
984 $html_output .= getTableHtmlForMultipleQueries(
985 $displayResultsObject, $db, $sql_data, $goto,
986 $pmaThemeImage, $text_dir, $printview, $url_query,
987 $disp_mode, $sql_limit_to_append, false
990 $_SESSION['is_multi_query'] = false;
991 $displayResultsObject->setProperties(
992 $unlim_num_rows, $fields_meta, $is_count, $is_export, $is_func,
993 $is_analyse, $num_rows, $fields_cnt, $querytime, $pmaThemeImage,
994 $text_dir, $is_maint, $is_explain, $is_show, $showtable,
995 $printview, $url_query, false
998 $html_output .= $displayResultsObject->getTable(
999 $result, $disp_mode, $analyzed_sql
1001 $response = PMA_Response
::getInstance();
1002 $response->addHTML($html_output);
1007 // Displays the headers
1008 if (isset($show_query)) {
1011 if (isset($printview) && $printview == '1') {
1012 PMA_Util
::checkParameters(array('db', 'full_sql_query'));
1014 $response = PMA_Response
::getInstance();
1015 $header = $response->getHeader();
1016 $header->enablePrintView();
1018 $html_output .= PMA_getHtmlForPrintViewHeader(
1019 $db, $full_sql_query, $num_rows
1022 $response = PMA_Response
::getInstance();
1023 $header = $response->getHeader();
1024 $scripts = $header->getScripts();
1025 $scripts->addFile('makegrid.js');
1026 $scripts->addFile('sql.js');
1030 if (! $GLOBALS['is_ajax_request']) {
1031 if (strlen($table)) {
1032 include 'libraries/tbl_common.inc.php';
1033 $url_query .= '&goto=tbl_sql.php&back=tbl_sql.php';
1034 include 'libraries/tbl_info.inc.php';
1035 } elseif (strlen($db)) {
1036 include 'libraries/db_common.inc.php';
1037 include 'libraries/db_info.inc.php';
1039 include 'libraries/server_common.inc.php';
1042 //we don't need to buffer the output in getMessage here.
1043 //set a global variable and check against it in the function
1044 $GLOBALS['buffer_message'] = false;
1049 $cfgRelation = PMA_getRelationsParam();
1052 // Gets the list of fields properties
1053 if (isset($result) && $result) {
1054 $fields_meta = PMA_DBI_getFieldsMeta($result);
1055 $fields_cnt = count($fields_meta);
1058 //begin the sqlqueryresults div here. container div
1059 $html_output .= '<div id="sqlqueryresults"';
1060 $html_output .= ' class="ajax"';
1061 $html_output .= '>';
1063 // Display previous update query (from tbl_replace)
1064 if (isset($disp_query) && ($cfg['ShowSQL'] == true) && empty($sql_data)) {
1065 $html_output .= PMA_Util
::getMessage($disp_message, $disp_query, 'success');
1068 if (isset($profiling_results)) {
1069 // pma_token/url_query needed for chart export
1070 $token = $_SESSION[' PMA_token '];
1071 $url = (isset($url_query) ?
$url_query : PMA_generate_common_url($db));
1073 $html_output .= PMA_getHtmlForProfilingChart(
1074 $url, $token, $profiling_results
1078 // Displays the results in a table
1079 if (empty($disp_mode)) {
1080 // see the "PMA_setDisplayMode()" function in
1081 // libraries/DisplayResults.class.php
1082 $disp_mode = 'urdr111101';
1085 $resultSetContainsUniqueKey = PMA_resultSetContainsUniqueKey(
1086 $db, $table, $fields_meta
1089 // hide edit and delete links:
1090 // - for information_schema
1091 // - if the result set does not contain all the columns of a unique key
1092 if (PMA_is_system_schema($db) ||
! $resultSetContainsUniqueKey) {
1093 $disp_mode = 'nnnn110111';
1094 $msg = PMA_message
::notice(
1096 'This table does not contain a unique column.'
1097 . ' Grid edit, checkbox, Edit, Copy and Delete features'
1098 . ' are not available.'
1101 $html_output .= $msg->getDisplay();
1104 if (isset($label)) {
1105 $msg = PMA_message
::success(__('Bookmark %s created'));
1106 $msg->addParam($label);
1107 $html_output .= $msg->getDisplay();
1110 // Should be initialized these parameters before parsing
1111 $showtable = isset($showtable) ?
$showtable : null;
1112 $printview = isset($printview) ?
$printview : null;
1113 $url_query = isset($url_query) ?
$url_query : null;
1115 if (! empty($sql_data) && ($sql_data['valid_queries'] > 1) ||
$is_procedure) {
1117 $_SESSION['is_multi_query'] = true;
1118 $html_output .= getTableHtmlForMultipleQueries(
1119 $displayResultsObject, $db, $sql_data, $goto,
1120 $pmaThemeImage, $text_dir, $printview, $url_query,
1121 $disp_mode, $sql_limit_to_append, $resultSetContainsUniqueKey
1124 $_SESSION['is_multi_query'] = false;
1125 $displayResultsObject->setProperties(
1126 $unlim_num_rows, $fields_meta, $is_count, $is_export, $is_func,
1127 $is_analyse, $num_rows, $fields_cnt, $querytime, $pmaThemeImage,
1128 $text_dir, $is_maint, $is_explain, $is_show, $showtable,
1129 $printview, $url_query, $resultSetContainsUniqueKey
1132 $html_output .= $displayResultsObject->getTable($result, $disp_mode, $analyzed_sql);
1133 PMA_DBI_freeResult($result);
1136 // BEGIN INDEX CHECK See if indexes should be checked.
1137 if (isset($query_type)
1138 && $query_type == 'check_tbl'
1140 && is_array($selected)
1142 foreach ($selected as $idx => $tbl_name) {
1143 $check = PMA_Index
::findDuplicates($tbl_name, $db);
1144 if (! empty($check)) {
1145 $html_output .= sprintf(__('Problems with indexes of table `%s`'), $tbl_name);
1146 $html_output .= $check;
1149 } // End INDEX CHECK
1151 // Bookmark support if required
1152 if ($disp_mode[7] == '1'
1153 && (! empty($cfg['Bookmark']) && empty($id_bookmark))
1154 && ! empty($sql_query)
1156 $html_output .= "\n";
1158 . PMA_generate_common_url($db, $table)
1159 . '&sql_query=' . urlencode($sql_query)
1160 . '&id_bookmark=1';
1162 $html_output .= '<form action="sql.php" method="post"'
1163 . ' onsubmit="return ! emptyFormElements(this, \'fields[label]\');"'
1164 . ' id="bookmarkQueryForm">';
1165 $html_output .= PMA_generate_common_hidden_inputs();
1166 $html_output .= '<input type="hidden" name="goto" value="' . $goto . '" />';
1167 $html_output .= '<input type="hidden" name="fields[dbase]"'
1168 . ' value="' . htmlspecialchars($db) . '" />';
1169 $html_output .= '<input type="hidden" name="fields[user]"'
1170 . ' value="' . $cfg['Bookmark']['user'] . '" />';
1171 $html_output .= '<input type="hidden" name="fields[query]"' . ' value="'
1172 . urlencode(isset($complete_query) ?
$complete_query : $sql_query)
1174 $html_output .= '<fieldset>';
1175 $html_output .= '<legend>';
1176 $html_output .= PMA_Util
::getIcon(
1177 'b_bookmark.png', __('Bookmark this SQL query'), true
1179 $html_output .= '</legend>';
1180 $html_output .= '<div class="formelement">';
1181 $html_output .= '<label for="fields_label_">' . __('Label:') . '</label>';
1182 $html_output .= '<input type="text" id="fields_label_"'
1183 . ' name="fields[label]" value="" />';
1184 $html_output .= '</div>';
1185 $html_output .= '<div class="formelement">';
1186 $html_output .= '<input type="checkbox" name="bkm_all_users"'
1187 . ' id="bkm_all_users" value="true" />';
1188 $html_output .= '<label for="bkm_all_users">'
1189 . __('Let every user access this bookmark')
1191 $html_output .= '</div>';
1192 $html_output .= '<div class="clearfloat"></div>';
1193 $html_output .= '</fieldset>';
1194 $html_output .= '<fieldset class="tblFooters">';
1195 $html_output .= '<input type="hidden" name="store_bkm" value="1" />';
1196 $html_output .= '<input type="submit"'
1197 . ' value="' . __('Bookmark this SQL query') . '" />';
1198 $html_output .= '</fieldset>';
1199 $html_output .= '</form>';
1200 } // end bookmark support
1202 // Do print the page if required
1203 if (isset($printview) && $printview == '1') {
1204 $html_output .= PMA_Util
::getButton();
1206 $html_output .= '</div>'; // end sqlqueryresults div
1207 $response = PMA_Response
::getInstance();
1208 $response->addHTML($html_output);
1209 } // end rows returned
1211 $_SESSION['is_multi_query'] = false;
1214 * Displays the footer
1216 if (! isset($_REQUEST['table_maintenance'])) {