search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Translated using Weblate (Estonian)
[phpmyadmin.git] / tbl_replace.php
blob25b0e064aa18df64f433c5cbcb04ecb5f4156caf
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * Manipulation of table data like inserting, replacing and updating
5 *
6 * Usually called as form action from tbl_change.php to insert or update table rows
7 *
8 * @todo 'edit_next' tends to not work as expected if used ...
9 * at least there is no order by it needs the original query
10 * and the row number and than replace the LIMIT clause
11 *
12 * @package PhpMyAdmin
13 */
14 declare(strict_types=1);
15
16 use PhpMyAdmin\Core;
17 use PhpMyAdmin\File;
18 use PhpMyAdmin\InsertEdit;
19 use PhpMyAdmin\Message;
20 use PhpMyAdmin\Plugins\IOTransformationsPlugin;
21 use PhpMyAdmin\Relation;
22 use PhpMyAdmin\Response;
23 use PhpMyAdmin\Table;
24 use PhpMyAdmin\Transformations;
25 use PhpMyAdmin\Util;
26
27 /**
28 * Gets some core libraries
29 */
30 require_once 'libraries/common.inc.php';
31
32 global $url_params;
33
34 // Check parameters
35 Util::checkParameters(['db', 'table', 'goto']);
36
37 $GLOBALS['dbi']->selectDb($GLOBALS['db']);
38
39 /**
40 * Initializes some variables
41 */
42 $goto_include = false;
43
44 $response = Response::getInstance();
45 $header = $response->getHeader();
46 $scripts = $header->getScripts();
47 $scripts->addFile('makegrid.js');
48 // Needed for generation of Inline Edit anchors
49 $scripts->addFile('sql.js');
50 $scripts->addFile('indexes.js');
51 $scripts->addFile('gis_data_editor.js');
52
53 $relation = new Relation();
54 $transformations = new Transformations();
55 $insertEdit = new InsertEdit($GLOBALS['dbi']);
56
57 // check whether insert row mode, if so include tbl_change.php
58 $insertEdit->isInsertRow();
59
60 $after_insert_actions = ['new_insert', 'same_insert', 'edit_next'];
61 if (isset($_REQUEST['after_insert'])
62 && in_array($_REQUEST['after_insert'], $after_insert_actions)
63 ) {
64 $url_params['after_insert'] = $_REQUEST['after_insert'];
65 if (isset($_REQUEST['where_clause'])) {
66 foreach ($_REQUEST['where_clause'] as $one_where_clause) {
67 if ($_REQUEST['after_insert'] == 'same_insert') {
68 $url_params['where_clause'][] = $one_where_clause;
69 } elseif ($_REQUEST['after_insert'] == 'edit_next') {
70 $insertEdit->setSessionForEditNext($one_where_clause);
71 }
72 }
73 }
74 }
75 //get $goto_include for different cases
76 $goto_include = $insertEdit->getGotoInclude($goto_include);
77
78 // Defines the url to return in case of failure of the query
79 $err_url = $insertEdit->getErrorUrl($url_params);
80
81 /**
82 * Prepares the update/insert of a row
83 */
84 list($loop_array, $using_key, $is_insert, $is_insertignore)
85 = $insertEdit->getParamsForUpdateOrInsert();
86
87 $query = [];
88 $value_sets = [];
89 $func_no_param = [
90 'CONNECTION_ID',
91 'CURRENT_USER',
92 'CURDATE',
93 'CURTIME',
94 'CURRENT_DATE',
95 'CURRENT_TIME',
96 'DATABASE',
97 'LAST_INSERT_ID',
98 'NOW',
99 'PI',
100 'RAND',
101 'SYSDATE',
102 'UNIX_TIMESTAMP',
103 'USER',
104 'UTC_DATE',
105 'UTC_TIME',
106 'UTC_TIMESTAMP',
107 'UUID',
108 'UUID_SHORT',
109 'VERSION',
110 ];
111 $func_optional_param = [
112 'RAND',
113 'UNIX_TIMESTAMP',
114 ];
115
116 $gis_from_text_functions = [
117 'GeomFromText',
118 'GeomCollFromText',
119 'LineFromText',
120 'MLineFromText',
121 'PointFromText',
122 'MPointFromText',
123 'PolyFromText',
124 'MPolyFromText',
125 ];
126
127 $gis_from_wkb_functions = [
128 'GeomFromWKB',
129 'GeomCollFromWKB',
130 'LineFromWKB',
131 'MLineFromWKB',
132 'PointFromWKB',
133 'MPointFromWKB',
134 'PolyFromWKB',
135 'MPolyFromWKB',
136 ];
137
138 //if some posted fields need to be transformed.
139 $mime_map = $transformations->getMime($GLOBALS['db'], $GLOBALS['table']);
140 if ($mime_map === false) {
141 $mime_map = [];
142 }
143
144 $query_fields = [];
145 $insert_errors = [];
146 $row_skipped = false;
147 $unsaved_values = [];
148 foreach ($loop_array as $rownumber => $where_clause) {
149 // skip fields to be ignored
150 if (! $using_key && isset($_REQUEST['insert_ignore_' . $where_clause])) {
151 continue;
152 }
153
154 // Defines the SET part of the sql query
155 $query_values = [];
156
157 // Map multi-edit keys to single-level arrays, dependent on how we got the fields
158 $multi_edit_columns
159 = isset($_REQUEST['fields']['multi_edit'][$rownumber])
160 ? $_REQUEST['fields']['multi_edit'][$rownumber]
161 : [];
162 $multi_edit_columns_name
163 = isset($_REQUEST['fields_name']['multi_edit'][$rownumber])
164 ? $_REQUEST['fields_name']['multi_edit'][$rownumber]
165 : [];
166 $multi_edit_columns_prev
167 = isset($_REQUEST['fields_prev']['multi_edit'][$rownumber])
168 ? $_REQUEST['fields_prev']['multi_edit'][$rownumber]
169 : null;
170 $multi_edit_funcs
171 = isset($_REQUEST['funcs']['multi_edit'][$rownumber])
172 ? $_REQUEST['funcs']['multi_edit'][$rownumber]
173 : null;
174 $multi_edit_salt
175 = isset($_REQUEST['salt']['multi_edit'][$rownumber])
176 ? $_REQUEST['salt']['multi_edit'][$rownumber]
177 : null;
178 $multi_edit_columns_type
179 = isset($_REQUEST['fields_type']['multi_edit'][$rownumber])
180 ? $_REQUEST['fields_type']['multi_edit'][$rownumber]
181 : null;
182 $multi_edit_columns_null
183 = isset($_REQUEST['fields_null']['multi_edit'][$rownumber])
184 ? $_REQUEST['fields_null']['multi_edit'][$rownumber]
185 : null;
186 $multi_edit_columns_null_prev
187 = isset($_REQUEST['fields_null_prev']['multi_edit'][$rownumber])
188 ? $_REQUEST['fields_null_prev']['multi_edit'][$rownumber]
189 : null;
190 $multi_edit_auto_increment
191 = isset($_REQUEST['auto_increment']['multi_edit'][$rownumber])
192 ? $_REQUEST['auto_increment']['multi_edit'][$rownumber]
193 : null;
194 $multi_edit_virtual
195 = isset($_REQUEST['virtual']['multi_edit'][$rownumber])
196 ? $_REQUEST['virtual']['multi_edit'][$rownumber]
197 : null;
198
199 // When a select field is nullified, it's not present in $_REQUEST
200 // so initialize it; this way, the foreach($multi_edit_columns) will process it
201 foreach ($multi_edit_columns_name as $key => $val) {
202 if (! isset($multi_edit_columns[$key])) {
203 $multi_edit_columns[$key] = '';
204 }
205 }
206
207 // Iterate in the order of $multi_edit_columns_name,
208 // not $multi_edit_columns, to avoid problems
209 // when inserting multiple entries
210 $insert_fail = false;
211 foreach ($multi_edit_columns_name as $key => $column_name) {
212 $current_value = $multi_edit_columns[$key];
213 // Note: $key is an md5 of the fieldname. The actual fieldname is
214 // available in $multi_edit_columns_name[$key]
215
216 $file_to_insert = new File();
217 $file_to_insert->checkTblChangeForm((string) $key, (string) $rownumber);
218
219 $possibly_uploaded_val = $file_to_insert->getContent();
220 if ($possibly_uploaded_val !== false) {
221 $current_value = $possibly_uploaded_val;
222 }
223 // Apply Input Transformation if defined
224 if (!empty($mime_map[$column_name])
225 && !empty($mime_map[$column_name]['input_transformation'])
226 ) {
227 $filename = 'libraries/classes/Plugins/Transformations/'
228 . $mime_map[$column_name]['input_transformation'];
229 if (is_file($filename)) {
230 include_once $filename;
231 $classname = $transformations->getClassName($filename);
232 /** @var IOTransformationsPlugin $transformation_plugin */
233 $transformation_plugin = new $classname();
234 $transformation_options = $transformations->getOptions(
235 $mime_map[$column_name]['input_transformation_options']
236 );
237 $current_value = $transformation_plugin->applyTransformation(
238 $current_value,
239 $transformation_options
240 );
241 // check if transformation was successful or not
242 // and accordingly set error messages & insert_fail
243 if (method_exists($transformation_plugin, 'isSuccess')
244 && !$transformation_plugin->isSuccess()
245 ) {
246 $insert_fail = true;
247 $row_skipped = true;
248 $insert_errors[] = sprintf(
249 __('Row: %1$s, Column: %2$s, Error: %3$s'),
250 $rownumber,
251 $column_name,
252 $transformation_plugin->getError()
253 );
254 }
255 }
256 }
257
258 if ($file_to_insert->isError()) {
259 $insert_errors[] = $file_to_insert->getError();
260 }
261 // delete $file_to_insert temporary variable
262 $file_to_insert->cleanUp();
263
264 $current_value = $insertEdit->getCurrentValueForDifferentTypes(
265 $possibly_uploaded_val,
266 $key,
267 $multi_edit_columns_type,
268 $current_value,
269 $multi_edit_auto_increment,
270 $rownumber,
271 $multi_edit_columns_name,
272 $multi_edit_columns_null,
273 $multi_edit_columns_null_prev,
274 $is_insert,
275 $using_key,
276 $where_clause,
277 $table,
278 $multi_edit_funcs
279 );
280
281 $current_value_as_an_array = $insertEdit->getCurrentValueAsAnArrayForMultipleEdit(
282 $multi_edit_funcs,
283 $multi_edit_salt,
284 $gis_from_text_functions,
285 $current_value,
286 $gis_from_wkb_functions,
287 $func_optional_param,
288 $func_no_param,
289 $key
290 );
291
292 if (! isset($multi_edit_virtual) || ! isset($multi_edit_virtual[$key])) {
293 list($query_values, $query_fields)
294 = $insertEdit->getQueryValuesForInsertAndUpdateInMultipleEdit(
295 $multi_edit_columns_name,
296 $multi_edit_columns_null,
297 $current_value,
298 $multi_edit_columns_prev,
299 $multi_edit_funcs,
300 $is_insert,
301 $query_values,
302 $query_fields,
303 $current_value_as_an_array,
304 $value_sets,
305 $key,
306 $multi_edit_columns_null_prev
307 );
308 }
309 if (isset($multi_edit_columns_null[$key])) {
310 $multi_edit_columns[$key] = null;
311 }
312 } //end of foreach
313
314 // temporarily store rows not inserted
315 // so that they can be populated again.
316 if ($insert_fail) {
317 $unsaved_values[$rownumber] = $multi_edit_columns;
318 }
319 if (!$insert_fail && count($query_values) > 0) {
320 if ($is_insert) {
321 $value_sets[] = implode(', ', $query_values);
322 } else {
323 // build update query
324 $query[] = 'UPDATE ' . Util::backquote($GLOBALS['table'])
325 . ' SET ' . implode(', ', $query_values)
326 . ' WHERE ' . $where_clause
327 . ($_REQUEST['clause_is_unique'] ? '' : ' LIMIT 1');
328 }
329 }
330 } // end foreach ($loop_array as $where_clause)
331 unset(
332 $multi_edit_columns_name,
333 $multi_edit_columns_prev,
334 $multi_edit_funcs,
335 $multi_edit_columns_type,
336 $multi_edit_columns_null,
337 $func_no_param,
338 $multi_edit_auto_increment,
339 $current_value_as_an_array,
340 $key,
341 $current_value,
342 $loop_array,
343 $where_clause,
344 $using_key,
345 $multi_edit_columns_null_prev,
346 $insert_fail
347 );
348
349 // Builds the sql query
350 if ($is_insert && count($value_sets) > 0) {
351 $query = $insertEdit->buildSqlQuery($is_insertignore, $query_fields, $value_sets);
352 } elseif (empty($query) && ! isset($_REQUEST['preview_sql']) && !$row_skipped) {
353 // No change -> move back to the calling script
354 //
355 // Note: logic passes here for inline edit
356 $message = Message::success(__('No change'));
357 // Avoid infinite recursion
358 if ($goto_include == 'tbl_replace.php') {
359 $goto_include = 'tbl_change.php';
360 }
361 $active_page = $goto_include;
362 include '' . Core::securePath($goto_include);
363 exit;
364 }
365 unset($multi_edit_columns, $is_insertignore);
366
367 // If there is a request for SQL previewing.
368 if (isset($_REQUEST['preview_sql'])) {
369 Core::previewSQL($query);
370 }
371
372 /**
373 * Executes the sql query and get the result, then move back to the calling
374 * page
375 */
376 list ($url_params, $total_affected_rows, $last_messages, $warning_messages,
377 $error_messages, $return_to_sql_query)
378 = $insertEdit->executeSqlQuery($url_params, $query);
379
380 if ($is_insert && (count($value_sets) > 0 || $row_skipped)) {
381 $message = Message::getMessageForInsertedRows(
382 $total_affected_rows
383 );
384 $unsaved_values = array_values($unsaved_values);
385 } else {
386 $message = Message::getMessageForAffectedRows(
387 $total_affected_rows
388 );
389 }
390 if ($row_skipped) {
391 $goto_include = 'tbl_change.php';
392 $message->addMessagesString($insert_errors, '<br />');
393 $message->isError(true);
394 }
395
396 $message->addMessages($last_messages, '<br />');
397
398 if (! empty($warning_messages)) {
399 $message->addMessagesString($warning_messages, '<br />');
400 $message->isError(true);
401 }
402 if (! empty($error_messages)) {
403 $message->addMessagesString($error_messages);
404 $message->isError(true);
405 }
406 unset(
407 $error_messages,
408 $warning_messages,
409 $total_affected_rows,
410 $last_messages,
411 $last_message,
412 $row_skipped,
413 $insert_errors
414 );
415
416 /**
417 * The following section only applies to grid editing.
418 * However, verifying isAjax() is not enough to ensure we are coming from
419 * grid editing. If we are coming from the Edit or Copy link in Browse mode,
420 * ajax_page_request is present in the POST parameters.
421 */
422 if ($response->isAjax() && ! isset($_POST['ajax_page_request'])) {
423 /**
424 * If we are in grid editing, we need to process the relational and
425 * transformed fields, if they were edited. After that, output the correct
426 * link/transformed value and exit
427 */
428 if (isset($_REQUEST['rel_fields_list']) && $_REQUEST['rel_fields_list'] != '') {
429 $map = $relation->getForeigners($db, $table, '', 'both');
430
431 $relation_fields = [];
432 parse_str($_REQUEST['rel_fields_list'], $relation_fields);
433
434 // loop for each relation cell
435 /** @var array $relation_fields */
436 foreach ($relation_fields as $cell_index => $curr_rel_field) {
437 foreach ($curr_rel_field as $relation_field => $relation_field_value) {
438 $where_comparison = "='" . $relation_field_value . "'";
439 $dispval = $insertEdit->getDisplayValueForForeignTableColumn(
440 $where_comparison,
441 $map,
442 $relation_field
443 );
444
445 $extra_data['relations'][$cell_index]
446 = $insertEdit->getLinkForRelationalDisplayField(
447 $map,
448 $relation_field,
449 $where_comparison,
450 $dispval,
451 $relation_field_value
452 );
453 }
454 } // end of loop for each relation cell
455 }
456 if (isset($_REQUEST['do_transformations'])
457 && $_REQUEST['do_transformations'] == true
458 ) {
459 $edited_values = [];
460 parse_str($_REQUEST['transform_fields_list'], $edited_values);
461
462 if (! isset($extra_data)) {
463 $extra_data = [];
464 }
465 $transformation_types = [
466 "input_transformation",
467 "transformation"
468 ];
469 foreach ($mime_map as $transformation) {
470 $column_name = $transformation['column_name'];
471 foreach ($transformation_types as $type) {
472 $file = Core::securePath($transformation[$type]);
473 $extra_data = $insertEdit->transformEditedValues(
474 $db,
475 $table,
476 $transformation,
477 $edited_values,
478 $file,
479 $column_name,
480 $extra_data,
481 $type
482 );
483 }
484 } // end of loop for each $mime_map
485 }
486
487 // Need to check the inline edited value can be truncated by MySQL
488 // without informing while saving
489 $column_name = $_REQUEST['fields_name']['multi_edit'][0][0];
490
491 $insertEdit->verifyWhetherValueCanBeTruncatedAndAppendExtraData(
492 $db,
493 $table,
494 $column_name,
495 $extra_data
496 );
497
498 /**Get the total row count of the table*/
499 $_table = new Table($_REQUEST['table'], $_REQUEST['db']);
500 $extra_data['row_count'] = $_table->countRecords();
501
502 $extra_data['sql_query'] = Util::getMessage(
503 $message,
504 $GLOBALS['display_query']
505 );
506
507 $response->setRequestStatus($message->isSuccess());
508 $response->addJSON('message', $message);
509 $response->addJSON($extra_data);
510 exit;
511 }
512
513 if (! empty($return_to_sql_query)) {
514 $disp_query = $GLOBALS['sql_query'];
515 $disp_message = $message;
516 unset($message);
517 $GLOBALS['sql_query'] = $return_to_sql_query;
518 }
519
520 $scripts->addFile('vendor/jquery/additional-methods.js');
521 $scripts->addFile('tbl_change.js');
522
523 $active_page = $goto_include;
524
525 /**
526 * If user asked for "and then Insert another new row" we have to remove
527 * WHERE clause information so that tbl_change.php does not go back
528 * to the current record
529 */
530 if (isset($_REQUEST['after_insert']) && 'new_insert' == $_REQUEST['after_insert']) {
531 unset($_REQUEST['where_clause']);
532 }
533
534 /**
535 * Load target page.
536 */
537 require '' . Core::securePath($goto_include);
538 exit;
phpMyAdmin