search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Translated using Weblate (Estonian)
[phpmyadmin.git] / libraries / classes / InsertEdit.php
blob1a2ffc80b0061f3bcc8491962a1bb68b1cc03630
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * set of functions with the insert/edit features in pma
5 *
6 * @package PhpMyAdmin
7 */
8 declare(strict_types=1);
9
10 namespace PhpMyAdmin;
11
12 use PhpMyAdmin\Plugins\TransformationsPlugin;
13
14 /**
15 * PhpMyAdmin\InsertEdit class
16 *
17 * @package PhpMyAdmin
18 */
19 class InsertEdit
20 {
21 /**
22 * DatabaseInterface instance
23 *
24 * @var DatabaseInterface
25 */
26 private $dbi;
27
28 /**
29 * @var Relation
30 */
31 private $relation;
32
33 /**
34 * @var Transformations
35 */
36 private $transformations;
37
38 /**
39 * @var FileListing
40 */
41 private $fileListing;
42
43 /**
44 * @var Template
45 */
46 public $template;
47
48 /**
49 * Constructor
50 *
51 * @param DatabaseInterface $dbi DatabaseInterface instance
52 */
53 public function __construct(DatabaseInterface $dbi)
54 {
55 $this->dbi = $dbi;
56 $this->relation = new Relation($GLOBALS['dbi']);
57 $this->transformations = new Transformations();
58 $this->fileListing = new FileListing();
59 $this->template = new Template();
60 }
61
62 /**
63 * Retrieve form parameters for insert/edit form
64 *
65 * @param string $db name of the database
66 * @param string $table name of the table
67 * @param array|null $where_clauses where clauses
68 * @param array $where_clause_array array of where clauses
69 * @param string $err_url error url
70 *
71 * @return array array of insert/edit form parameters
72 */
73 public function getFormParametersForInsertForm(
74 $db,
75 $table,
76 ?array $where_clauses,
77 array $where_clause_array,
78 $err_url
79 ) {
80 $_form_params = [
81 'db' => $db,
82 'table' => $table,
83 'goto' => $GLOBALS['goto'],
84 'err_url' => $err_url,
85 'sql_query' => $_POST['sql_query'],
86 ];
87 if (isset($where_clauses)) {
88 foreach ($where_clause_array as $key_id => $where_clause) {
89 $_form_params['where_clause[' . $key_id . ']'] = trim($where_clause);
90 }
91 }
92 if (isset($_POST['clause_is_unique'])) {
93 $_form_params['clause_is_unique'] = $_POST['clause_is_unique'];
94 }
95 return $_form_params;
96 }
97
98 /**
99 * Creates array of where clauses
100 *
101 * @param array|string|null $where_clause where clause
102 *
103 * @return array whereClauseArray array of where clauses
104 */
105 private function getWhereClauseArray($where_clause)
106 {
107 if (! isset($where_clause)) {
108 return [];
109 }
110
111 if (is_array($where_clause)) {
112 return $where_clause;
113 }
114
115 return [0 => $where_clause];
116 }
117
118 /**
119 * Analysing where clauses array
120 *
121 * @param array $where_clause_array array of where clauses
122 * @param string $table name of the table
123 * @param string $db name of the database
124 *
125 * @return array $where_clauses, $result, $rows, $found_unique_key
126 */
127 private function analyzeWhereClauses(
128 array $where_clause_array,
129 $table,
130 $db
131 ) {
132 $rows = [];
133 $result = [];
134 $where_clauses = [];
135 $found_unique_key = false;
136 foreach ($where_clause_array as $key_id => $where_clause) {
137 $local_query = 'SELECT * FROM '
138 . Util::backquote($db) . '.'
139 . Util::backquote($table)
140 . ' WHERE ' . $where_clause . ';';
141 $result[$key_id] = $this->dbi->query(
142 $local_query,
143 DatabaseInterface::CONNECT_USER,
144 DatabaseInterface::QUERY_STORE
145 );
146 $rows[$key_id] = $this->dbi->fetchAssoc($result[$key_id]);
147
148 $where_clauses[$key_id] = str_replace('\\', '\\\\', $where_clause);
149 $has_unique_condition = $this->showEmptyResultMessageOrSetUniqueCondition(
150 $rows,
151 $key_id,
152 $where_clause_array,
153 $local_query,
154 $result
155 );
156 if ($has_unique_condition) {
157 $found_unique_key = true;
158 }
159 }
160 return [
161 $where_clauses,
162 $result,
163 $rows,
164 $found_unique_key,
165 ];
166 }
167
168 /**
169 * Show message for empty result or set the unique_condition
170 *
171 * @param array $rows MySQL returned rows
172 * @param string $key_id ID in current key
173 * @param array $where_clause_array array of where clauses
174 * @param string $local_query query performed
175 * @param array $result MySQL result handle
176 *
177 * @return boolean
178 */
179 private function showEmptyResultMessageOrSetUniqueCondition(
180 array $rows,
181 $key_id,
182 array $where_clause_array,
183 $local_query,
184 array $result
185 ) {
186 $has_unique_condition = false;
187
188 // No row returned
189 if (! $rows[$key_id]) {
190 unset($rows[$key_id], $where_clause_array[$key_id]);
191 Response::getInstance()->addHTML(
192 Util::getMessage(
193 __('MySQL returned an empty result set (i.e. zero rows).'),
194 $local_query
195 )
196 );
197 /**
198 * @todo not sure what should be done at this point, but we must not
199 * exit if we want the message to be displayed
200 */
201 } else {// end if (no row returned)
202 $meta = $this->dbi->getFieldsMeta($result[$key_id]);
203
204 list($unique_condition, $tmp_clause_is_unique)
205 = Util::getUniqueCondition(
206 $result[$key_id], // handle
207 count($meta), // fields_cnt
208 $meta, // fields_meta
209 $rows[$key_id], // row
210 true, // force_unique
211 false, // restrict_to_table
212 null // analyzed_sql_results
213 );
214
215 if (! empty($unique_condition)) {
216 $has_unique_condition = true;
217 }
218 unset($unique_condition, $tmp_clause_is_unique);
219 }
220 return $has_unique_condition;
221 }
222
223 /**
224 * No primary key given, just load first row
225 *
226 * @param string $table name of the table
227 * @param string $db name of the database
228 *
229 * @return array containing $result and $rows arrays
230 */
231 private function loadFirstRow($table, $db)
232 {
233 $result = $this->dbi->query(
234 'SELECT * FROM ' . Util::backquote($db)
235 . '.' . Util::backquote($table) . ' LIMIT 1;',
236 DatabaseInterface::CONNECT_USER,
237 DatabaseInterface::QUERY_STORE
238 );
239 $rows = array_fill(0, $GLOBALS['cfg']['InsertRows'], false);
240 return [
241 $result,
242 $rows,
243 ];
244 }
245
246 /**
247 * Add some url parameters
248 *
249 * @param array $url_params containing $db and $table as url parameters
250 * @param array $where_clause_array where clauses array
251 * @param string|null $where_clause where clause
252 *
253 * @return array Add some url parameters to $url_params array and return it
254 */
255 public function urlParamsInEditMode(
256 array $url_params,
257 array $where_clause_array,
258 ?string $where_clause
259 ) {
260 if (isset($where_clause)) {
261 foreach ($where_clause_array as $where_clause) {
262 $url_params['where_clause'] = trim($where_clause);
263 }
264 }
265 if (! empty($_POST['sql_query'])) {
266 $url_params['sql_query'] = $_POST['sql_query'];
267 }
268 return $url_params;
269 }
270
271 /**
272 * Show type information or function selectors in Insert/Edit
273 *
274 * @param string $which function|type
275 * @param array $url_params containing url parameters
276 * @param boolean $is_show whether to show the element in $which
277 *
278 * @return string an HTML snippet
279 */
280 public function showTypeOrFunction($which, array $url_params, $is_show)
281 {
282 $params = [];
283
284 switch ($which) {
285 case 'function':
286 $params['ShowFunctionFields'] = ($is_show ? 0 : 1);
287 $params['ShowFieldTypesInDataEditView']
288 = $GLOBALS['cfg']['ShowFieldTypesInDataEditView'];
289 break;
290 case 'type':
291 $params['ShowFieldTypesInDataEditView'] = ($is_show ? 0 : 1);
292 $params['ShowFunctionFields']
293 = $GLOBALS['cfg']['ShowFunctionFields'];
294 break;
295 }
296
297 $params['goto'] = 'sql.php';
298 $this_url_params = array_merge($url_params, $params);
299
300 if (! $is_show) {
301 return ' : <a href="' . Url::getFromRoute('/table/change') . '" data-post="'
302 . Url::getCommon($this_url_params, '') . '">'
303 . $this->showTypeOrFunctionLabel($which)
304 . '</a>';
305 }
306 return '<th><a href="' . Url::getFromRoute('/table/change') . '" data-post="'
307 . Url::getCommon($this_url_params, '')
308 . '" title="' . __('Hide') . '">'
309 . $this->showTypeOrFunctionLabel($which)
310 . '</a></th>';
311 }
312
313 /**
314 * Show type information or function selectors labels in Insert/Edit
315 *
316 * @param string $which function|type
317 *
318 * @return string|null an HTML snippet
319 */
320 private function showTypeOrFunctionLabel($which)
321 {
322 switch ($which) {
323 case 'function':
324 return __('Function');
325 case 'type':
326 return __('Type');
327 }
328
329 return null;
330 }
331
332 /**
333 * Analyze the table column array
334 *
335 * @param array $column description of column in given table
336 * @param array $comments_map comments for every column that has a comment
337 * @param boolean $timestamp_seen whether a timestamp has been seen
338 *
339 * @return array description of column in given table
340 */
341 private function analyzeTableColumnsArray(
342 array $column,
343 array $comments_map,
344 $timestamp_seen
345 ) {
346 $column['Field_html'] = htmlspecialchars($column['Field']);
347 $column['Field_md5'] = md5($column['Field']);
348 // True_Type contains only the type (stops at first bracket)
349 $column['True_Type'] = preg_replace('@\(.*@s', '', $column['Type']);
350 $column['len'] = preg_match('@float|double@', $column['Type']) ? 100 : -1;
351 $column['Field_title'] = $this->getColumnTitle($column, $comments_map);
352 $column['is_binary'] = $this->isColumn(
353 $column,
354 [
355 'binary',
356 'varbinary',
357 ]
358 );
359 $column['is_blob'] = $this->isColumn(
360 $column,
361 [
362 'blob',
363 'tinyblob',
364 'mediumblob',
365 'longblob',
366 ]
367 );
368 $column['is_char'] = $this->isColumn(
369 $column,
370 [
371 'char',
372 'varchar',
373 ]
374 );
375
376 list($column['pma_type'], $column['wrap'], $column['first_timestamp'])
377 = $this->getEnumSetAndTimestampColumns($column, $timestamp_seen);
378
379 return $column;
380 }
381
382 /**
383 * Retrieve the column title
384 *
385 * @param array $column description of column in given table
386 * @param array $comments_map comments for every column that has a comment
387 *
388 * @return string column title
389 */
390 private function getColumnTitle(array $column, array $comments_map)
391 {
392 if (isset($comments_map[$column['Field']])) {
393 return '<span style="border-bottom: 1px dashed black;" title="'
394 . htmlspecialchars($comments_map[$column['Field']]) . '">'
395 . $column['Field_html'] . '</span>';
396 }
397
398 return $column['Field_html'];
399 }
400
401 /**
402 * check whether the column is of a certain type
403 * the goal is to ensure that types such as "enum('one','two','binary',..)"
404 * or "enum('one','two','varbinary',..)" are not categorized as binary
405 *
406 * @param array $column description of column in given table
407 * @param array $types the types to verify
408 *
409 * @return boolean whether the column's type if one of the $types
410 */
411 public function isColumn(array $column, array $types)
412 {
413 foreach ($types as $one_type) {
414 if (mb_stripos($column['Type'], $one_type) === 0) {
415 return true;
416 }
417 }
418 return false;
419 }
420
421 /**
422 * Retrieve set, enum, timestamp table columns
423 *
424 * @param array $column description of column in given table
425 * @param boolean $timestamp_seen whether a timestamp has been seen
426 *
427 * @return array $column['pma_type'], $column['wrap'], $column['first_timestamp']
428 */
429 private function getEnumSetAndTimestampColumns(array $column, $timestamp_seen)
430 {
431 $column['first_timestamp'] = false;
432 switch ($column['True_Type']) {
433 case 'set':
434 $column['pma_type'] = 'set';
435 $column['wrap'] = '';
436 break;
437 case 'enum':
438 $column['pma_type'] = 'enum';
439 $column['wrap'] = '';
440 break;
441 case 'timestamp':
442 if (! $timestamp_seen) { // can only occur once per table
443 $column['first_timestamp'] = true;
444 }
445 $column['pma_type'] = $column['Type'];
446 $column['wrap'] = ' nowrap';
447 break;
448
449 default:
450 $column['pma_type'] = $column['Type'];
451 $column['wrap'] = ' nowrap';
452 break;
453 }
454 return [
455 $column['pma_type'],
456 $column['wrap'],
457 $column['first_timestamp'],
458 ];
459 }
460
461 /**
462 * The function column
463 * We don't want binary data to be destroyed
464 * Note: from the MySQL manual: "BINARY doesn't affect how the column is
465 * stored or retrieved" so it does not mean that the contents is binary
466 *
467 * @param array $column description of column in given table
468 * @param boolean $is_upload upload or no
469 * @param string $column_name_appendix the name attribute
470 * @param string $onChangeClause onchange clause for fields
471 * @param array $no_support_types list of datatypes that are not (yet)
472 * handled by PMA
473 * @param integer $tabindex_for_function +3000
474 * @param integer $tabindex tab index
475 * @param integer $idindex id index
476 * @param boolean $insert_mode insert mode or edit mode
477 * @param boolean $readOnly is column read only or not
478 * @param array $foreignData foreign key data
479 *
480 * @return string an html snippet
481 */
482 private function getFunctionColumn(
483 array $column,
484 $is_upload,
485 $column_name_appendix,
486 $onChangeClause,
487 array $no_support_types,
488 $tabindex_for_function,
489 $tabindex,
490 $idindex,
491 $insert_mode,
492 $readOnly,
493 array $foreignData
494 ) {
495 $html_output = '';
496 if (($GLOBALS['cfg']['ProtectBinary'] === 'blob'
497 && $column['is_blob'] && ! $is_upload)
498 || ($GLOBALS['cfg']['ProtectBinary'] === 'all'
499 && $column['is_binary'])
500 || ($GLOBALS['cfg']['ProtectBinary'] === 'noblob'
501 && $column['is_binary'])
502 ) {
503 $html_output .= '<td class="center">' . __('Binary') . '</td>' . "\n";
504 } elseif ($readOnly
505 || mb_strstr($column['True_Type'], 'enum')
506 || mb_strstr($column['True_Type'], 'set')
507 || in_array($column['pma_type'], $no_support_types)
508 ) {
509 $html_output .= '<td class="center">--</td>' . "\n";
510 } else {
511 $html_output .= '<td>' . "\n";
512
513 $html_output .= '<select name="funcs' . $column_name_appendix . '"'
514 . ' ' . $onChangeClause
515 . ' tabindex="' . ($tabindex + $tabindex_for_function) . '"'
516 . ' id="field_' . $idindex . '_1">';
517 $html_output .= Util::getFunctionsForField(
518 $column,
519 $insert_mode,
520 $foreignData
521 ) . "\n";
522
523 $html_output .= '</select>' . "\n";
524 $html_output .= '</td>' . "\n";
525 }
526 return $html_output;
527 }
528
529 /**
530 * The null column
531 *
532 * @param array $column description of column in given table
533 * @param string $column_name_appendix the name attribute
534 * @param boolean $real_null_value is column value null or not null
535 * @param integer $tabindex tab index
536 * @param integer $tabindex_for_null +6000
537 * @param integer $idindex id index
538 * @param string $vkey [multi_edit]['row_id']
539 * @param array $foreigners keys into foreign fields
540 * @param array $foreignData data about the foreign keys
541 * @param boolean $readOnly is column read only or not
542 *
543 * @return string an html snippet
544 */
545 private function getNullColumn(
546 array $column,
547 $column_name_appendix,
548 $real_null_value,
549 $tabindex,
550 $tabindex_for_null,
551 $idindex,
552 $vkey,
553 array $foreigners,
554 array $foreignData,
555 $readOnly
556 ) {
557 if ($column['Null'] != 'YES' || $readOnly) {
558 return "<td></td>\n";
559 }
560 $html_output = '';
561 $html_output .= '<td>' . "\n";
562 $html_output .= '<input type="hidden" name="fields_null_prev'
563 . $column_name_appendix . '"';
564 if ($real_null_value && ! $column['first_timestamp']) {
565 $html_output .= ' value="on"';
566 }
567 $html_output .= '>' . "\n";
568
569 $html_output .= '<input type="checkbox" class="checkbox_null" tabindex="'
570 . ($tabindex + $tabindex_for_null) . '"'
571 . ' name="fields_null' . $column_name_appendix . '"';
572 if ($real_null_value) {
573 $html_output .= ' checked="checked"';
574 }
575 $html_output .= ' id="field_' . $idindex . '_2">';
576
577 // nullify_code is needed by the js nullify() function
578 $nullify_code = $this->getNullifyCodeForNullColumn(
579 $column,
580 $foreigners,
581 $foreignData
582 );
583 // to be able to generate calls to nullify() in jQuery
584 $html_output .= '<input type="hidden" class="nullify_code" name="nullify_code'
585 . $column_name_appendix . '" value="' . $nullify_code . '">';
586 $html_output .= '<input type="hidden" class="hashed_field" name="hashed_field'
587 . $column_name_appendix . '" value="' . $column['Field_md5'] . '">';
588 $html_output .= '<input type="hidden" class="multi_edit" name="multi_edit'
589 . $column_name_appendix . '" value="' . Sanitize::escapeJsString($vkey) . '">';
590 $html_output .= '</td>' . "\n";
591
592 return $html_output;
593 }
594
595 /**
596 * Retrieve the nullify code for the null column
597 *
598 * @param array $column description of column in given table
599 * @param array $foreigners keys into foreign fields
600 * @param array $foreignData data about the foreign keys
601 *
602 * @return string
603 */
604 private function getNullifyCodeForNullColumn(
605 array $column,
606 array $foreigners,
607 array $foreignData
608 ): string {
609 $foreigner = $this->relation->searchColumnInForeigners($foreigners, $column['Field']);
610 if (mb_strstr($column['True_Type'], 'enum')) {
611 if (mb_strlen((string) $column['Type']) > 20) {
612 $nullify_code = '1';
613 } else {
614 $nullify_code = '2';
615 }
616 } elseif (mb_strstr($column['True_Type'], 'set')) {
617 $nullify_code = '3';
618 } elseif (! empty($foreigners)
619 && ! empty($foreigner)
620 && $foreignData['foreign_link'] == false
621 ) {
622 // foreign key in a drop-down
623 $nullify_code = '4';
624 } elseif (! empty($foreigners)
625 && ! empty($foreigner)
626 && $foreignData['foreign_link'] == true
627 ) {
628 // foreign key with a browsing icon
629 $nullify_code = '6';
630 } else {
631 $nullify_code = '5';
632 }
633 return $nullify_code;
634 }
635
636 /**
637 * Get the HTML elements for value column in insert form
638 * (here, "column" is used in the sense of HTML column in HTML table)
639 *
640 * @param array $column description of column in given table
641 * @param string $backup_field hidden input field
642 * @param string $column_name_appendix the name attribute
643 * @param string $onChangeClause onchange clause for fields
644 * @param integer $tabindex tab index
645 * @param integer $tabindex_for_value offset for the values tabindex
646 * @param integer $idindex id index
647 * @param string $data description of the column field
648 * @param string $special_chars special characters
649 * @param array $foreignData data about the foreign keys
650 * @param array $paramTableDbArray array containing $table and $db
651 * @param integer $rownumber the row number
652 * @param array $titles An HTML IMG tag for a particular icon from
653 * a theme, which may be an actual file or
654 * an icon from a sprite
655 * @param string $text_dir text direction
656 * @param string $special_chars_encoded replaced char if the string starts
657 * with a \r\n pair (0x0d0a) add an extra \n
658 * @param string $vkey [multi_edit]['row_id']
659 * @param boolean $is_upload is upload or not
660 * @param integer $biggest_max_file_size 0 integer
661 * @param string $default_char_editing default char editing mode which is stored
662 * in the config.inc.php script
663 * @param array $no_support_types list of datatypes that are not (yet)
664 * handled by PMA
665 * @param array $gis_data_types list of GIS data types
666 * @param array $extracted_columnspec associative array containing type,
667 * spec_in_brackets and possibly
668 * enum_set_values (another array)
669 * @param boolean $readOnly is column read only or not
670 *
671 * @return string an html snippet
672 */
673 private function getValueColumn(
674 array $column,
675 $backup_field,
676 $column_name_appendix,
677 $onChangeClause,
678 $tabindex,
679 $tabindex_for_value,
680 $idindex,
681 $data,
682 $special_chars,
683 array $foreignData,
684 array $paramTableDbArray,
685 $rownumber,
686 array $titles,
687 $text_dir,
688 $special_chars_encoded,
689 $vkey,
690 $is_upload,
691 $biggest_max_file_size,
692 $default_char_editing,
693 array $no_support_types,
694 array $gis_data_types,
695 array $extracted_columnspec,
696 $readOnly
697 ) {
698 // HTML5 data-* attribute data-type
699 $data_type = $this->dbi->types->getTypeClass($column['True_Type']);
700 $html_output = '';
701
702 if ($foreignData['foreign_link'] == true) {
703 $html_output .= $this->getForeignLink(
704 $column,
705 $backup_field,
706 $column_name_appendix,
707 $onChangeClause,
708 $tabindex,
709 $tabindex_for_value,
710 $idindex,
711 $data,
712 $paramTableDbArray,
713 $rownumber,
714 $titles,
715 $readOnly
716 );
717 } elseif (is_array($foreignData['disp_row'])) {
718 $html_output .= $this->dispRowForeignData(
719 $column,
720 $backup_field,
721 $column_name_appendix,
722 $onChangeClause,
723 $tabindex,
724 $tabindex_for_value,
725 $idindex,
726 $data,
727 $foreignData,
728 $readOnly
729 );
730 } elseif ($GLOBALS['cfg']['LongtextDoubleTextarea']
731 && mb_strstr($column['pma_type'], 'longtext')
732 ) {
733 $html_output .= $this->getTextarea(
734 $column,
735 $backup_field,
736 $column_name_appendix,
737 $onChangeClause,
738 $tabindex,
739 $tabindex_for_value,
740 $idindex,
741 $text_dir,
742 $special_chars_encoded,
743 $data_type,
744 $readOnly
745 );
746 } elseif (mb_strstr($column['pma_type'], 'text')) {
747 $html_output .= $this->getTextarea(
748 $column,
749 $backup_field,
750 $column_name_appendix,
751 $onChangeClause,
752 $tabindex,
753 $tabindex_for_value,
754 $idindex,
755 $text_dir,
756 $special_chars_encoded,
757 $data_type,
758 $readOnly
759 );
760 $html_output .= "\n";
761 if (mb_strlen($special_chars) > 32000) {
762 $html_output .= "</td>\n";
763 $html_output .= '<td>' . __(
764 'Because of its length,<br> this column might not be editable.'
765 );
766 }
767 } elseif ($column['pma_type'] == 'enum') {
768 $html_output .= $this->getPmaTypeEnum(
769 $column,
770 $backup_field,
771 $column_name_appendix,
772 $extracted_columnspec,
773 $onChangeClause,
774 $tabindex,
775 $tabindex_for_value,
776 $idindex,
777 $data,
778 $readOnly
779 );
780 } elseif ($column['pma_type'] == 'set') {
781 $html_output .= $this->getPmaTypeSet(
782 $column,
783 $extracted_columnspec,
784 $backup_field,
785 $column_name_appendix,
786 $onChangeClause,
787 $tabindex,
788 $tabindex_for_value,
789 $idindex,
790 $data,
791 $readOnly
792 );
793 } elseif ($column['is_binary'] || $column['is_blob']) {
794 $html_output .= $this->getBinaryAndBlobColumn(
795 $column,
796 $data,
797 $special_chars,
798 $biggest_max_file_size,
799 $backup_field,
800 $column_name_appendix,
801 $onChangeClause,
802 $tabindex,
803 $tabindex_for_value,
804 $idindex,
805 $text_dir,
806 $special_chars_encoded,
807 $vkey,
808 $is_upload,
809 $readOnly
810 );
811 } elseif (! in_array($column['pma_type'], $no_support_types)) {
812 $html_output .= $this->getValueColumnForOtherDatatypes(
813 $column,
814 $default_char_editing,
815 $backup_field,
816 $column_name_appendix,
817 $onChangeClause,
818 $tabindex,
819 $special_chars,
820 $tabindex_for_value,
821 $idindex,
822 $text_dir,
823 $special_chars_encoded,
824 $data,
825 $extracted_columnspec,
826 $readOnly
827 );
828 }
829
830 if (in_array($column['pma_type'], $gis_data_types)) {
831 $html_output .= $this->getHtmlForGisDataTypes();
832 }
833
834 return $html_output;
835 }
836
837 /**
838 * Get HTML for foreign link in insert form
839 *
840 * @param array $column description of column in given table
841 * @param string $backup_field hidden input field
842 * @param string $column_name_appendix the name attribute
843 * @param string $onChangeClause onchange clause for fields
844 * @param integer $tabindex tab index
845 * @param integer $tabindex_for_value offset for the values tabindex
846 * @param integer $idindex id index
847 * @param string $data data to edit
848 * @param array $paramTableDbArray array containing $table and $db
849 * @param integer $rownumber the row number
850 * @param array $titles An HTML IMG tag for a particular icon from
851 * a theme, which may be an actual file or
852 * an icon from a sprite
853 * @param boolean $readOnly is column read only or not
854 *
855 * @return string an html snippet
856 */
857 private function getForeignLink(
858 array $column,
859 $backup_field,
860 $column_name_appendix,
861 $onChangeClause,
862 $tabindex,
863 $tabindex_for_value,
864 $idindex,
865 $data,
866 array $paramTableDbArray,
867 $rownumber,
868 array $titles,
869 $readOnly
870 ) {
871 list($table, $db) = $paramTableDbArray;
872 $html_output = '';
873 $html_output .= $backup_field . "\n";
874
875 $html_output .= '<input type="hidden" name="fields_type'
876 . $column_name_appendix . '" value="foreign">';
877
878 $html_output .= '<input type="text" name="fields' . $column_name_appendix . '" '
879 . 'class="textfield" '
880 . $onChangeClause . ' '
881 . ($readOnly ? 'readonly="readonly" ' : '')
882 . 'tabindex="' . ($tabindex + $tabindex_for_value) . '" '
883 . 'id="field_' . $idindex . '_3" '
884 . 'value="' . htmlspecialchars($data) . '">';
885
886 $html_output .= '<a class="ajax browse_foreign" href="browse_foreigners.php" data-post="'
887 . Url::getCommon(
888 [
889 'db' => $db,
890 'table' => $table,
891 'field' => $column['Field'],
892 'rownumber' => $rownumber,
893 'data' => $data,
894 ],
895 ''
896 ) . '">'
897 . str_replace("'", "\'", $titles['Browse']) . '</a>';
898 return $html_output;
899 }
900
901 /**
902 * Get HTML to display foreign data
903 *
904 * @param array $column description of column in given table
905 * @param string $backup_field hidden input field
906 * @param string $column_name_appendix the name attribute
907 * @param string $onChangeClause onchange clause for fields
908 * @param integer $tabindex tab index
909 * @param integer $tabindex_for_value offset for the values tabindex
910 * @param integer $idindex id index
911 * @param string $data data to edit
912 * @param array $foreignData data about the foreign keys
913 * @param boolean $readOnly is display read only or not
914 *
915 * @return string an html snippet
916 */
917 private function dispRowForeignData(
918 $column,
919 $backup_field,
920 $column_name_appendix,
921 $onChangeClause,
922 $tabindex,
923 $tabindex_for_value,
924 $idindex,
925 $data,
926 array $foreignData,
927 $readOnly
928 ) {
929 $html_output = '';
930 $html_output .= $backup_field . "\n";
931 $html_output .= '<input type="hidden"'
932 . ' name="fields_type' . $column_name_appendix . '"';
933 if ($column['is_binary']) {
934 $html_output .= ' value="hex">';
935 } else {
936 $html_output .= ' value="foreign">';
937 }
938
939 $html_output .= '<select name="fields' . $column_name_appendix . '"'
940 . ' ' . $onChangeClause
941 . ' class="textfield"'
942 . ($readOnly ? ' disabled' : '')
943 . ' tabindex="' . ($tabindex + $tabindex_for_value) . '"'
944 . ' id="field_' . $idindex . '_3">';
945 $html_output .= $this->relation->foreignDropdown(
946 $foreignData['disp_row'],
947 $foreignData['foreign_field'],
948 $foreignData['foreign_display'],
949 $data,
950 $GLOBALS['cfg']['ForeignKeyMaxLimit']
951 );
952 $html_output .= '</select>';
953
954 //Add hidden input, as disabled <select> input does not included in POST.
955 if ($readOnly) {
956 $html_output .= '<input name="fields' . $column_name_appendix . '"'
957 . ' type="hidden" value="' . htmlspecialchars($data) . '">';
958 }
959
960 return $html_output;
961 }
962
963 /**
964 * Get HTML textarea for insert form
965 *
966 * @param array $column column information
967 * @param string $backup_field hidden input field
968 * @param string $column_name_appendix the name attribute
969 * @param string $onChangeClause onchange clause for fields
970 * @param integer $tabindex tab index
971 * @param integer $tabindex_for_value offset for the values tabindex
972 * @param integer $idindex id index
973 * @param string $text_dir text direction
974 * @param string $special_chars_encoded replaced char if the string starts
975 * with a \r\n pair (0x0d0a) add an extra \n
976 * @param string $data_type the html5 data-* attribute type
977 * @param boolean $readOnly is column read only or not
978 *
979 * @return string an html snippet
980 */
981 private function getTextarea(
982 array $column,
983 $backup_field,
984 $column_name_appendix,
985 $onChangeClause,
986 $tabindex,
987 $tabindex_for_value,
988 $idindex,
989 $text_dir,
990 $special_chars_encoded,
991 $data_type,
992 $readOnly
993 ) {
994 $the_class = '';
995 $textAreaRows = $GLOBALS['cfg']['TextareaRows'];
996 $textareaCols = $GLOBALS['cfg']['TextareaCols'];
997
998 if ($column['is_char']) {
999 /**
1000 * @todo clarify the meaning of the "textfield" class and explain
1001 * why character columns have the "char" class instead
1002 */
1003 $the_class = 'char charField';
1004 $textAreaRows = max($GLOBALS['cfg']['CharTextareaRows'], 7);
1005 $textareaCols = $GLOBALS['cfg']['CharTextareaCols'];
1006 $extracted_columnspec = Util::extractColumnSpec(
1007 $column['Type']
1008 );
1009 $maxlength = $extracted_columnspec['spec_in_brackets'];
1010 } elseif ($GLOBALS['cfg']['LongtextDoubleTextarea']
1011 && mb_strstr($column['pma_type'], 'longtext')
1012 ) {
1013 $textAreaRows = $GLOBALS['cfg']['TextareaRows'] * 2;
1014 $textareaCols = $GLOBALS['cfg']['TextareaCols'] * 2;
1015 }
1016 $html_output = $backup_field . "\n"
1017 . '<textarea name="fields' . $column_name_appendix . '"'
1018 . ' class="' . $the_class . '"'
1019 . ($readOnly ? ' readonly="readonly"' : '')
1020 . (isset($maxlength) ? ' data-maxlength="' . $maxlength . '"' : '')
1021 . ' rows="' . $textAreaRows . '"'
1022 . ' cols="' . $textareaCols . '"'
1023 . ' dir="' . $text_dir . '"'
1024 . ' id="field_' . $idindex . '_3"'
1025 . (! empty($onChangeClause) ? ' ' . $onChangeClause : '')
1026 . ' tabindex="' . ($tabindex + $tabindex_for_value) . '"'
1027 . ' data-type="' . $data_type . '">'
1028 . $special_chars_encoded
1029 . '</textarea>';
1030
1031 return $html_output;
1032 }
1033
1034 /**
1035 * Get HTML for enum type
1036 *
1037 * @param array $column description of column in given table
1038 * @param string $backup_field hidden input field
1039 * @param string $column_name_appendix the name attribute
1040 * @param array $extracted_columnspec associative array containing type,
1041 * spec_in_brackets and possibly
1042 * enum_set_values (another array)
1043 * @param string $onChangeClause onchange clause for fields
1044 * @param integer $tabindex tab index
1045 * @param integer $tabindex_for_value offset for the values tabindex
1046 * @param integer $idindex id index
1047 * @param mixed $data data to edit
1048 * @param boolean $readOnly is column read only or not
1049 *
1050 * @return string an html snippet
1051 */
1052 private function getPmaTypeEnum(
1053 array $column,
1054 $backup_field,
1055 $column_name_appendix,
1056 array $extracted_columnspec,
1057 $onChangeClause,
1058 $tabindex,
1059 $tabindex_for_value,
1060 $idindex,
1061 $data,
1062 $readOnly
1063 ) {
1064 $html_output = '';
1065 if (! isset($column['values'])) {
1066 $column['values'] = $this->getColumnEnumValues(
1067 $column,
1068 $extracted_columnspec
1069 );
1070 }
1071 $column_enum_values = $column['values'];
1072 $html_output .= '<input type="hidden" name="fields_type'
1073 . $column_name_appendix . '" value="enum">';
1074 $html_output .= "\n" . ' ' . $backup_field . "\n";
1075 if (mb_strlen($column['Type']) > 20) {
1076 $html_output .= $this->getDropDownDependingOnLength(
1077 $column,
1078 $column_name_appendix,
1079 $onChangeClause,
1080 $tabindex,
1081 $tabindex_for_value,
1082 $idindex,
1083 $data,
1084 $column_enum_values,
1085 $readOnly
1086 );
1087 } else {
1088 $html_output .= $this->getRadioButtonDependingOnLength(
1089 $column_name_appendix,
1090 $onChangeClause,
1091 $tabindex,
1092 $column,
1093 $tabindex_for_value,
1094 $idindex,
1095 $data,
1096 $column_enum_values,
1097 $readOnly
1098 );
1099 }
1100 return $html_output;
1101 }
1102
1103 /**
1104 * Get column values
1105 *
1106 * @param array $column description of column in given table
1107 * @param array $extracted_columnspec associative array containing type,
1108 * spec_in_brackets and possibly enum_set_values
1109 * (another array)
1110 *
1111 * @return array column values as an associative array
1112 */
1113 private function getColumnEnumValues(array $column, array $extracted_columnspec)
1114 {
1115 $column['values'] = [];
1116 foreach ($extracted_columnspec['enum_set_values'] as $val) {
1117 $column['values'][] = [
1118 'plain' => $val,
1119 'html' => htmlspecialchars($val),
1120 ];
1121 }
1122 return $column['values'];
1123 }
1124
1125 /**
1126 * Get HTML drop down for more than 20 string length
1127 *
1128 * @param array $column description of column in given table
1129 * @param string $column_name_appendix the name attribute
1130 * @param string $onChangeClause onchange clause for fields
1131 * @param integer $tabindex tab index
1132 * @param integer $tabindex_for_value offset for the values tabindex
1133 * @param integer $idindex id index
1134 * @param string $data data to edit
1135 * @param array $column_enum_values $column['values']
1136 * @param boolean $readOnly is column read only or not
1137 *
1138 * @return string an html snippet
1139 */
1140 private function getDropDownDependingOnLength(
1141 array $column,
1142 $column_name_appendix,
1143 $onChangeClause,
1144 $tabindex,
1145 $tabindex_for_value,
1146 $idindex,
1147 $data,
1148 array $column_enum_values,
1149 $readOnly
1150 ) {
1151 $html_output = '<select name="fields' . $column_name_appendix . '"'
1152 . ' ' . $onChangeClause
1153 . ' class="textfield"'
1154 . ' tabindex="' . ($tabindex + $tabindex_for_value) . '"'
1155 . ($readOnly ? ' disabled' : '')
1156 . ' id="field_' . $idindex . '_3">';
1157 $html_output .= '<option value="">&nbsp;</option>' . "\n";
1158
1159 $selected_html = '';
1160 foreach ($column_enum_values as $enum_value) {
1161 $html_output .= '<option value="' . $enum_value['html'] . '"';
1162 if ($data == $enum_value['plain']
1163 || ($data == ''
1164 && (! isset($_POST['where_clause']) || $column['Null'] != 'YES')
1165 && isset($column['Default'])
1166 && $enum_value['plain'] == $column['Default'])
1167 ) {
1168 $html_output .= ' selected="selected"';
1169 $selected_html = $enum_value['html'];
1170 }
1171 $html_output .= '>' . $enum_value['html'] . '</option>' . "\n";
1172 }
1173 $html_output .= '</select>';
1174
1175 //Add hidden input, as disabled <select> input does not included in POST.
1176 if ($readOnly) {
1177 $html_output .= '<input name="fields' . $column_name_appendix . '"'
1178 . ' type="hidden" value="' . $selected_html . '">';
1179 }
1180 return $html_output;
1181 }
1182
1183 /**
1184 * Get HTML radio button for less than 20 string length
1185 *
1186 * @param string $column_name_appendix the name attribute
1187 * @param string $onChangeClause onchange clause for fields
1188 * @param integer $tabindex tab index
1189 * @param array $column description of column in given table
1190 * @param integer $tabindex_for_value offset for the values tabindex
1191 * @param integer $idindex id index
1192 * @param string $data data to edit
1193 * @param array $column_enum_values $column['values']
1194 * @param boolean $readOnly is column read only or not
1195 *
1196 * @return string an html snippet
1197 */
1198 private function getRadioButtonDependingOnLength(
1199 $column_name_appendix,
1200 $onChangeClause,
1201 $tabindex,
1202 array $column,
1203 $tabindex_for_value,
1204 $idindex,
1205 $data,
1206 array $column_enum_values,
1207 $readOnly
1208 ) {
1209 $j = 0;
1210 $html_output = '';
1211 foreach ($column_enum_values as $enum_value) {
1212 $html_output .= ' '
1213 . '<input type="radio" name="fields' . $column_name_appendix . '"'
1214 . ' class="textfield"'
1215 . ' value="' . $enum_value['html'] . '"'
1216 . ' id="field_' . $idindex . '_3_' . $j . '"'
1217 . ' ' . $onChangeClause;
1218 if ($data == $enum_value['plain']
1219 || ($data == ''
1220 && (! isset($_POST['where_clause']) || $column['Null'] != 'YES')
1221 && isset($column['Default'])
1222 && $enum_value['plain'] == $column['Default'])
1223 ) {
1224 $html_output .= ' checked="checked"';
1225 } elseif ($readOnly) {
1226 $html_output .= ' disabled';
1227 }
1228 $html_output .= ' tabindex="' . ($tabindex + $tabindex_for_value) . '">';
1229 $html_output .= '<label for="field_' . $idindex . '_3_' . $j . '">'
1230 . $enum_value['html'] . '</label>' . "\n";
1231 $j++;
1232 }
1233 return $html_output;
1234 }
1235
1236 /**
1237 * Get the HTML for 'set' pma type
1238 *
1239 * @param array $column description of column in given table
1240 * @param array $extracted_columnspec associative array containing type,
1241 * spec_in_brackets and possibly
1242 * enum_set_values (another array)
1243 * @param string $backup_field hidden input field
1244 * @param string $column_name_appendix the name attribute
1245 * @param string $onChangeClause onchange clause for fields
1246 * @param integer $tabindex tab index
1247 * @param integer $tabindex_for_value offset for the values tabindex
1248 * @param integer $idindex id index
1249 * @param string $data description of the column field
1250 * @param boolean $readOnly is column read only or not
1251 *
1252 * @return string an html snippet
1253 */
1254 private function getPmaTypeSet(
1255 array $column,
1256 array $extracted_columnspec,
1257 $backup_field,
1258 $column_name_appendix,
1259 $onChangeClause,
1260 $tabindex,
1261 $tabindex_for_value,
1262 $idindex,
1263 $data,
1264 $readOnly
1265 ) {
1266 list($column_set_values, $select_size) = $this->getColumnSetValueAndSelectSize(
1267 $column,
1268 $extracted_columnspec
1269 );
1270 $vset = array_flip(explode(',', $data));
1271 $html_output = $backup_field . "\n";
1272 $html_output .= '<input type="hidden" name="fields_type'
1273 . $column_name_appendix . '" value="set">';
1274 $html_output .= '<select name="fields' . $column_name_appendix . '[]"'
1275 . ' class="textfield"'
1276 . ($readOnly ? ' disabled' : '')
1277 . ' size="' . $select_size . '"'
1278 . ' multiple="multiple"'
1279 . ' ' . $onChangeClause
1280 . ' tabindex="' . ($tabindex + $tabindex_for_value) . '"'
1281 . ' id="field_' . $idindex . '_3">';
1282
1283 $selected_html = '';
1284 foreach ($column_set_values as $column_set_value) {
1285 $html_output .= '<option value="' . $column_set_value['html'] . '"';
1286 if (isset($vset[$column_set_value['plain']])) {
1287 $html_output .= ' selected="selected"';
1288 $selected_html = $column_set_value['html'];
1289 }
1290 $html_output .= '>' . $column_set_value['html'] . '</option>' . "\n";
1291 }
1292 $html_output .= '</select>';
1293
1294 //Add hidden input, as disabled <select> input does not included in POST.
1295 if ($readOnly) {
1296 $html_output .= '<input name="fields' . $column_name_appendix . '[]"'
1297 . ' type="hidden" value="' . $selected_html . '">';
1298 }
1299 return $html_output;
1300 }
1301
1302 /**
1303 * Retrieve column 'set' value and select size
1304 *
1305 * @param array $column description of column in given table
1306 * @param array $extracted_columnspec associative array containing type,
1307 * spec_in_brackets and possibly enum_set_values
1308 * (another array)
1309 *
1310 * @return array $column['values'], $column['select_size']
1311 */
1312 private function getColumnSetValueAndSelectSize(
1313 array $column,
1314 array $extracted_columnspec
1315 ) {
1316 if (! isset($column['values'])) {
1317 $column['values'] = [];
1318 foreach ($extracted_columnspec['enum_set_values'] as $val) {
1319 $column['values'][] = [
1320 'plain' => $val,
1321 'html' => htmlspecialchars($val),
1322 ];
1323 }
1324 $column['select_size'] = min(4, count($column['values']));
1325 }
1326 return [
1327 $column['values'],
1328 $column['select_size'],
1329 ];
1330 }
1331
1332 /**
1333 * Get HTML for binary and blob column
1334 *
1335 * @param array $column description of column in given table
1336 * @param string|null $data data to edit
1337 * @param string $special_chars special characters
1338 * @param integer $biggest_max_file_size biggest max file size for uploading
1339 * @param string $backup_field hidden input field
1340 * @param string $column_name_appendix the name attribute
1341 * @param string $onChangeClause onchange clause for fields
1342 * @param integer $tabindex tab index
1343 * @param integer $tabindex_for_value offset for the values tabindex
1344 * @param integer $idindex id index
1345 * @param string $text_dir text direction
1346 * @param string $special_chars_encoded replaced char if the string starts
1347 * with a \r\n pair (0x0d0a) add an
1348 * extra \n
1349 * @param string $vkey [multi_edit]['row_id']
1350 * @param boolean $is_upload is upload or not
1351 * @param boolean $readOnly is column read only or not
1352 *
1353 * @return string an html snippet
1354 */
1355 private function getBinaryAndBlobColumn(
1356 array $column,
1357 ?string $data,
1358 $special_chars,
1359 $biggest_max_file_size,
1360 $backup_field,
1361 $column_name_appendix,
1362 $onChangeClause,
1363 $tabindex,
1364 $tabindex_for_value,
1365 $idindex,
1366 $text_dir,
1367 $special_chars_encoded,
1368 $vkey,
1369 $is_upload,
1370 $readOnly
1371 ) {
1372 $html_output = '';
1373 // Add field type : Protected or Hexadecimal
1374 $fields_type_html = '<input type="hidden" name="fields_type'
1375 . $column_name_appendix . '" value="%s">';
1376 // Default value : hex
1377 $fields_type_val = 'hex';
1378 if (($GLOBALS['cfg']['ProtectBinary'] === 'blob' && $column['is_blob'])
1379 || ($GLOBALS['cfg']['ProtectBinary'] === 'all')
1380 || ($GLOBALS['cfg']['ProtectBinary'] === 'noblob' && ! $column['is_blob'])
1381 ) {
1382 $html_output .= __('Binary - do not edit');
1383 if (isset($data)) {
1384 $data_size = Util::formatByteDown(
1385 mb_strlen(stripslashes($data)),
1386 3,
1387 1
1388 );
1389 $html_output .= ' (' . $data_size[0] . ' ' . $data_size[1] . ')';
1390 unset($data_size);
1391 }
1392 $fields_type_val = 'protected';
1393 $html_output .= '<input type="hidden" name="fields'
1394 . $column_name_appendix . '" value="">';
1395 } elseif ($column['is_blob']
1396 || ($column['len'] > $GLOBALS['cfg']['LimitChars'])
1397 ) {
1398 $html_output .= "\n" . $this->getTextarea(
1399 $column,
1400 $backup_field,
1401 $column_name_appendix,
1402 $onChangeClause,
1403 $tabindex,
1404 $tabindex_for_value,
1405 $idindex,
1406 $text_dir,
1407 $special_chars_encoded,
1408 'HEX',
1409 $readOnly
1410 );
1411 } else {
1412 // field size should be at least 4 and max $GLOBALS['cfg']['LimitChars']
1413 $fieldsize = min(max($column['len'], 4), $GLOBALS['cfg']['LimitChars']);
1414 $html_output .= "\n" . $backup_field . "\n" . $this->getHtmlInput(
1415 $column,
1416 $column_name_appendix,
1417 $special_chars,
1418 $fieldsize,
1419 $onChangeClause,
1420 $tabindex,
1421 $tabindex_for_value,
1422 $idindex,
1423 'HEX',
1424 $readOnly
1425 );
1426 }
1427 $html_output .= sprintf($fields_type_html, $fields_type_val);
1428
1429 if ($is_upload && $column['is_blob'] && ! $readOnly) {
1430 // We don't want to prevent users from using
1431 // browser's default drag-drop feature on some page(s),
1432 // so we add noDragDrop class to the input
1433 $html_output .= '<br>'
1434 . '<input type="file"'
1435 . ' name="fields_upload' . $vkey . '[' . $column['Field_md5'] . ']"'
1436 . ' class="textfield noDragDrop" id="field_' . $idindex . '_3" size="10"'
1437 . ' ' . $onChangeClause . '>&nbsp;';
1438 list($html_out,) = $this->getMaxUploadSize(
1439 $column,
1440 $biggest_max_file_size
1441 );
1442 $html_output .= $html_out;
1443 }
1444
1445 if (! empty($GLOBALS['cfg']['UploadDir']) && ! $readOnly) {
1446 $html_output .= $this->getSelectOptionForUpload($vkey, $column);
1447 }
1448
1449 return $html_output;
1450 }
1451
1452 /**
1453 * Get HTML input type
1454 *
1455 * @param array $column description of column in given table
1456 * @param string $column_name_appendix the name attribute
1457 * @param string $special_chars special characters
1458 * @param integer $fieldsize html field size
1459 * @param string $onChangeClause onchange clause for fields
1460 * @param integer $tabindex tab index
1461 * @param integer $tabindex_for_value offset for the values tabindex
1462 * @param integer $idindex id index
1463 * @param string $data_type the html5 data-* attribute type
1464 * @param boolean $readOnly is column read only or not
1465 *
1466 * @return string an html snippet
1467 */
1468 private function getHtmlInput(
1469 array $column,
1470 $column_name_appendix,
1471 $special_chars,
1472 $fieldsize,
1473 $onChangeClause,
1474 $tabindex,
1475 $tabindex_for_value,
1476 $idindex,
1477 $data_type,
1478 $readOnly
1479 ) {
1480 $input_type = 'text';
1481 // do not use the 'date' or 'time' types here; they have no effect on some
1482 // browsers and create side effects (see bug #4218)
1483
1484 $the_class = 'textfield';
1485 // verify True_Type which does not contain the parentheses and length
1486 if (! $readOnly) {
1487 if ($column['True_Type'] === 'date') {
1488 $the_class .= ' datefield';
1489 } elseif ($column['True_Type'] === 'time') {
1490 $the_class .= ' timefield';
1491 } elseif ($column['True_Type'] === 'datetime'
1492 || $column['True_Type'] === 'timestamp'
1493 ) {
1494 $the_class .= ' datetimefield';
1495 }
1496 }
1497 $input_min_max = false;
1498 if (in_array($column['True_Type'], $this->dbi->types->getIntegerTypes())) {
1499 $extracted_columnspec = Util::extractColumnSpec(
1500 $column['Type']
1501 );
1502 $is_unsigned = $extracted_columnspec['unsigned'];
1503 $min_max_values = $this->dbi->types->getIntegerRange(
1504 $column['True_Type'],
1505 ! $is_unsigned
1506 );
1507 $input_min_max = 'min="' . $min_max_values[0] . '" '
1508 . 'max="' . $min_max_values[1] . '"';
1509 $data_type = 'INT';
1510 }
1511 return '<input type="' . $input_type . '"'
1512 . ' name="fields' . $column_name_appendix . '"'
1513 . ' value="' . $special_chars . '" size="' . $fieldsize . '"'
1514 . (isset($column['is_char']) && $column['is_char']
1515 ? ' data-maxlength="' . $fieldsize . '"'
1516 : '')
1517 . ($readOnly ? ' readonly="readonly"' : '')
1518 . ($input_min_max !== false ? ' ' . $input_min_max : '')
1519 . ' data-type="' . $data_type . '"'
1520 . ($input_type === 'time' ? ' step="1"' : '')
1521 . ' class="' . $the_class . '" ' . $onChangeClause
1522 . ' tabindex="' . ($tabindex + $tabindex_for_value) . '"'
1523 . ' id="field_' . $idindex . '_3">';
1524 }
1525
1526 /**
1527 * Get HTML select option for upload
1528 *
1529 * @param string $vkey [multi_edit]['row_id']
1530 * @param array $column description of column in given table
1531 *
1532 * @return string|null an html snippet
1533 */
1534 private function getSelectOptionForUpload($vkey, array $column)
1535 {
1536 $files = $this->fileListing->getFileSelectOptions(
1537 Util::userDir($GLOBALS['cfg']['UploadDir'])
1538 );
1539
1540 if ($files === false) {
1541 return '<span style="color:red">' . __('Error') . '</span><br>' . "\n"
1542 . __('The directory you set for upload work cannot be reached.') . "\n";
1543 } elseif (! empty($files)) {
1544 return "<br>\n"
1545 . '<i>' . __('Or') . '</i> '
1546 . __('web server upload directory:') . '<br>' . "\n"
1547 . '<select size="1" name="fields_uploadlocal'
1548 . $vkey . '[' . $column['Field_md5'] . ']">' . "\n"
1549 . '<option value="" selected="selected"></option>' . "\n"
1550 . $files
1551 . '</select>' . "\n";
1552 }
1553
1554 return null;
1555 }
1556
1557 /**
1558 * Retrieve the maximum upload file size
1559 *
1560 * @param array $column description of column in given table
1561 * @param integer $biggest_max_file_size biggest max file size for uploading
1562 *
1563 * @return array an html snippet and $biggest_max_file_size
1564 */
1565 private function getMaxUploadSize(array $column, $biggest_max_file_size)
1566 {
1567 // find maximum upload size, based on field type
1568 /**
1569 * @todo with functions this is not so easy, as you can basically
1570 * process any data with function like MD5
1571 */
1572 global $max_upload_size;
1573 $max_field_sizes = [
1574 'tinyblob' => '256',
1575 'blob' => '65536',
1576 'mediumblob' => '16777216',
1577 'longblob' => '4294967296',// yeah, really
1578 ];
1579
1580 $this_field_max_size = $max_upload_size; // from PHP max
1581 if ($this_field_max_size > $max_field_sizes[$column['pma_type']]) {
1582 $this_field_max_size = $max_field_sizes[$column['pma_type']];
1583 }
1584 $html_output
1585 = Util::getFormattedMaximumUploadSize(
1586 $this_field_max_size
1587 ) . "\n";
1588 // do not generate here the MAX_FILE_SIZE, because we should
1589 // put only one in the form to accommodate the biggest field
1590 if ($this_field_max_size > $biggest_max_file_size) {
1591 $biggest_max_file_size = $this_field_max_size;
1592 }
1593 return [
1594 $html_output,
1595 $biggest_max_file_size,
1596 ];
1597 }
1598
1599 /**
1600 * Get HTML for the Value column of other datatypes
1601 * (here, "column" is used in the sense of HTML column in HTML table)
1602 *
1603 * @param array $column description of column in given table
1604 * @param string $default_char_editing default char editing mode which is stored
1605 * in the config.inc.php script
1606 * @param string $backup_field hidden input field
1607 * @param string $column_name_appendix the name attribute
1608 * @param string $onChangeClause onchange clause for fields
1609 * @param integer $tabindex tab index
1610 * @param string $special_chars special characters
1611 * @param integer $tabindex_for_value offset for the values tabindex
1612 * @param integer $idindex id index
1613 * @param string $text_dir text direction
1614 * @param string $special_chars_encoded replaced char if the string starts
1615 * with a \r\n pair (0x0d0a) add an extra \n
1616 * @param string $data data to edit
1617 * @param array $extracted_columnspec associative array containing type,
1618 * spec_in_brackets and possibly
1619 * enum_set_values (another array)
1620 * @param boolean $readOnly is column read only or not
1621 *
1622 * @return string an html snippet
1623 */
1624 private function getValueColumnForOtherDatatypes(
1625 array $column,
1626 $default_char_editing,
1627 $backup_field,
1628 $column_name_appendix,
1629 $onChangeClause,
1630 $tabindex,
1631 $special_chars,
1632 $tabindex_for_value,
1633 $idindex,
1634 $text_dir,
1635 $special_chars_encoded,
1636 $data,
1637 array $extracted_columnspec,
1638 $readOnly
1639 ) {
1640 // HTML5 data-* attribute data-type
1641 $data_type = $this->dbi->types->getTypeClass($column['True_Type']);
1642 $fieldsize = $this->getColumnSize($column, $extracted_columnspec);
1643 $html_output = $backup_field . "\n";
1644 if ($column['is_char']
1645 && ($GLOBALS['cfg']['CharEditing'] == 'textarea'
1646 || mb_strpos($data, "\n") !== false)
1647 ) {
1648 $html_output .= "\n";
1649 $GLOBALS['cfg']['CharEditing'] = $default_char_editing;
1650 $html_output .= $this->getTextarea(
1651 $column,
1652 $backup_field,
1653 $column_name_appendix,
1654 $onChangeClause,
1655 $tabindex,
1656 $tabindex_for_value,
1657 $idindex,
1658 $text_dir,
1659 $special_chars_encoded,
1660 $data_type,
1661 $readOnly
1662 );
1663 } else {
1664 $html_output .= $this->getHtmlInput(
1665 $column,
1666 $column_name_appendix,
1667 $special_chars,
1668 $fieldsize,
1669 $onChangeClause,
1670 $tabindex,
1671 $tabindex_for_value,
1672 $idindex,
1673 $data_type,
1674 $readOnly
1675 );
1676
1677 if (preg_match('/(VIRTUAL|PERSISTENT|GENERATED)/', $column['Extra']) && $column['Extra'] !== 'DEFAULT_GENERATED') {
1678 $html_output .= '<input type="hidden" name="virtual'
1679 . $column_name_appendix . '" value="1">';
1680 }
1681 if ($column['Extra'] == 'auto_increment') {
1682 $html_output .= '<input type="hidden" name="auto_increment'
1683 . $column_name_appendix . '" value="1">';
1684 }
1685 if (substr($column['pma_type'], 0, 9) == 'timestamp') {
1686 $html_output .= '<input type="hidden" name="fields_type'
1687 . $column_name_appendix . '" value="timestamp">';
1688 }
1689 if (substr($column['pma_type'], 0, 8) == 'datetime') {
1690 $html_output .= '<input type="hidden" name="fields_type'
1691 . $column_name_appendix . '" value="datetime">';
1692 }
1693 if ($column['True_Type'] == 'bit') {
1694 $html_output .= '<input type="hidden" name="fields_type'
1695 . $column_name_appendix . '" value="bit">';
1696 }
1697 }
1698 return $html_output;
1699 }
1700
1701 /**
1702 * Get the field size
1703 *
1704 * @param array $column description of column in given table
1705 * @param array $extracted_columnspec associative array containing type,
1706 * spec_in_brackets and possibly enum_set_values
1707 * (another array)
1708 *
1709 * @return integer field size
1710 */
1711 private function getColumnSize(array $column, array $extracted_columnspec)
1712 {
1713 if ($column['is_char']) {
1714 $fieldsize = $extracted_columnspec['spec_in_brackets'];
1715 if ($fieldsize > $GLOBALS['cfg']['MaxSizeForInputField']) {
1716 /**
1717 * This case happens for CHAR or VARCHAR columns which have
1718 * a size larger than the maximum size for input field.
1719 */
1720 $GLOBALS['cfg']['CharEditing'] = 'textarea';
1721 }
1722 } else {
1723 /**
1724 * This case happens for example for INT or DATE columns;
1725 * in these situations, the value returned in $column['len']
1726 * seems appropriate.
1727 */
1728 $fieldsize = $column['len'];
1729 }
1730 return min(
1731 max($fieldsize, $GLOBALS['cfg']['MinSizeForInputField']),
1732 $GLOBALS['cfg']['MaxSizeForInputField']
1733 );
1734 }
1735
1736 /**
1737 * Get HTML for gis data types
1738 *
1739 * @return string an html snippet
1740 */
1741 private function getHtmlForGisDataTypes()
1742 {
1743 $edit_str = Util::getIcon('b_edit', __('Edit/Insert'));
1744 return '<span class="open_gis_editor">'
1745 . Util::linkOrButton(
1746 '#',
1747 $edit_str,
1748 [],
1749 '_blank'
1750 )
1751 . '</span>';
1752 }
1753
1754 /**
1755 * get html for continue insertion form
1756 *
1757 * @param string $table name of the table
1758 * @param string $db name of the database
1759 * @param array $where_clause_array array of where clauses
1760 * @param string $err_url error url
1761 *
1762 * @return string an html snippet
1763 */
1764 public function getContinueInsertionForm(
1765 $table,
1766 $db,
1767 array $where_clause_array,
1768 $err_url
1769 ) {
1770 return $this->template->render('table/insert/continue_insertion_form', [
1771 'db' => $db,
1772 'table' => $table,
1773 'where_clause_array' => $where_clause_array,
1774 'err_url' => $err_url,
1775 'goto' => $GLOBALS['goto'],
1776 'sql_query' => isset($_POST['sql_query']) ? $_POST['sql_query'] : null,
1777 'has_where_clause' => isset($_POST['where_clause']),
1778 'insert_rows_default' => $GLOBALS['cfg']['InsertRows'],
1779 ]);
1780 }
1781
1782 /**
1783 * Get action panel
1784 *
1785 * @param array|null $where_clause where clause
1786 * @param string $after_insert insert mode, e.g. new_insert, same_insert
1787 * @param integer $tabindex tab index
1788 * @param integer $tabindex_for_value offset for the values tabindex
1789 * @param boolean $found_unique_key boolean variable for unique key
1790 *
1791 * @return string an html snippet
1792 */
1793 public function getActionsPanel(
1794 $where_clause,
1795 $after_insert,
1796 $tabindex,
1797 $tabindex_for_value,
1798 $found_unique_key
1799 ) {
1800 $html_output = '<fieldset id="actions_panel">'
1801 . '<table cellpadding="5" cellspacing="0" class="tdblock width100">'
1802 . '<tr>'
1803 . '<td class="nowrap vmiddle">'
1804 . $this->getSubmitTypeDropDown($where_clause, $tabindex, $tabindex_for_value)
1805 . "\n";
1806
1807 $html_output .= '</td>'
1808 . '<td class="vmiddle">'
1809 . '&nbsp;&nbsp;&nbsp;<strong>'
1810 . __('and then') . '</strong>&nbsp;&nbsp;&nbsp;'
1811 . '</td>'
1812 . '<td class="nowrap vmiddle">'
1813 . $this->getAfterInsertDropDown(
1814 $where_clause,
1815 $after_insert,
1816 $found_unique_key
1817 )
1818 . '</td>'
1819 . '</tr>';
1820 $html_output .= '<tr>'
1821 . $this->getSubmitAndResetButtonForActionsPanel($tabindex, $tabindex_for_value)
1822 . '</tr>'
1823 . '</table>'
1824 . '</fieldset>';
1825 return $html_output;
1826 }
1827
1828 /**
1829 * Get a HTML drop down for submit types
1830 *
1831 * @param array|null $where_clause where clause
1832 * @param integer $tabindex tab index
1833 * @param integer $tabindex_for_value offset for the values tabindex
1834 *
1835 * @return string an html snippet
1836 */
1837 private function getSubmitTypeDropDown(
1838 $where_clause,
1839 $tabindex,
1840 $tabindex_for_value
1841 ) {
1842 $html_output = '<select name="submit_type" class="control_at_footer" tabindex="'
1843 . ($tabindex + $tabindex_for_value + 1) . '">';
1844 if (isset($where_clause)) {
1845 $html_output .= '<option value="save">' . __('Save') . '</option>';
1846 }
1847 $html_output .= '<option value="insert">'
1848 . __('Insert as new row')
1849 . '</option>'
1850 . '<option value="insertignore">'
1851 . __('Insert as new row and ignore errors')
1852 . '</option>'
1853 . '<option value="showinsert">'
1854 . __('Show insert query')
1855 . '</option>'
1856 . '</select>';
1857 return $html_output;
1858 }
1859
1860 /**
1861 * Get HTML drop down for after insert
1862 *
1863 * @param array|null $where_clause where clause
1864 * @param string $after_insert insert mode, e.g. new_insert, same_insert
1865 * @param boolean $found_unique_key boolean variable for unique key
1866 *
1867 * @return string an html snippet
1868 */
1869 private function getAfterInsertDropDown($where_clause, $after_insert, $found_unique_key)
1870 {
1871 $html_output = '<select name="after_insert" class="control_at_footer">'
1872 . '<option value="back" '
1873 . ($after_insert == 'back' ? 'selected="selected"' : '') . '>'
1874 . __('Go back to previous page') . '</option>'
1875 . '<option value="new_insert" '
1876 . ($after_insert == 'new_insert' ? 'selected="selected"' : '') . '>'
1877 . __('Insert another new row') . '</option>';
1878
1879 if (isset($where_clause)) {
1880 $html_output .= '<option value="same_insert" '
1881 . ($after_insert == 'same_insert' ? 'selected="selected"' : '') . '>'
1882 . __('Go back to this page') . '</option>';
1883
1884 // If we have just numeric primary key, we can also edit next
1885 // in 2.8.2, we were looking for `field_name` = numeric_value
1886 //if (preg_match('@^[\s]*`[^`]*` = [0-9]+@', $where_clause)) {
1887 // in 2.9.0, we are looking for `table_name`.`field_name` = numeric_value
1888 $is_numeric = false;
1889 if (! is_array($where_clause)) {
1890 $where_clause = [$where_clause];
1891 }
1892 for ($i = 0, $nb = count($where_clause); $i < $nb; $i++) {
1893 // preg_match() returns 1 if there is a match
1894 $is_numeric = (preg_match(
1895 '@^[\s]*`[^`]*`[\.]`[^`]*` = [0-9]+@',
1896 $where_clause[$i]
1897 ) == 1);
1898 if ($is_numeric === true) {
1899 break;
1900 }
1901 }
1902 if ($found_unique_key && $is_numeric) {
1903 $html_output .= '<option value="edit_next" '
1904 . ($after_insert == 'edit_next' ? 'selected="selected"' : '') . '>'
1905 . __('Edit next row') . '</option>';
1906 }
1907 }
1908 $html_output .= '</select>';
1909 return $html_output;
1910 }
1911
1912 /**
1913 * get Submit button and Reset button for action panel
1914 *
1915 * @param integer $tabindex tab index
1916 * @param integer $tabindex_for_value offset for the values tabindex
1917 *
1918 * @return string an html snippet
1919 */
1920 private function getSubmitAndResetButtonForActionsPanel($tabindex, $tabindex_for_value)
1921 {
1922 return '<td>'
1923 . Util::showHint(
1924 __(
1925 'Use TAB key to move from value to value,'
1926 . ' or CTRL+arrows to move anywhere.'
1927 )
1928 )
1929 . '</td>'
1930 . '<td colspan="3" class="right vmiddle">'
1931 . '<input type="button" class="btn btn-secondary preview_sql" value="' . __('Preview SQL') . '"'
1932 . ' tabindex="' . ($tabindex + $tabindex_for_value + 6) . '">'
1933 . '<input type="reset" class="btn btn-secondary control_at_footer" value="' . __('Reset') . '"'
1934 . ' tabindex="' . ($tabindex + $tabindex_for_value + 7) . '">'
1935 . '<input type="submit" class="btn btn-primary control_at_footer" value="' . __('Go') . '"'
1936 . ' tabindex="' . ($tabindex + $tabindex_for_value + 8) . '" id="buttonYes">'
1937 . '</td>';
1938 }
1939
1940 /**
1941 * Get table head and table foot for insert row table
1942 *
1943 * @param array $url_params url parameters
1944 *
1945 * @return string an html snippet
1946 */
1947 private function getHeadAndFootOfInsertRowTable(array $url_params)
1948 {
1949 $html_output = '<div class="responsivetable">'
1950 . '<table class="insertRowTable topmargin">'
1951 . '<thead>'
1952 . '<tr>'
1953 . '<th>' . __('Column') . '</th>';
1954
1955 if ($GLOBALS['cfg']['ShowFieldTypesInDataEditView']) {
1956 $html_output .= $this->showTypeOrFunction('type', $url_params, true);
1957 }
1958 if ($GLOBALS['cfg']['ShowFunctionFields']) {
1959 $html_output .= $this->showTypeOrFunction('function', $url_params, true);
1960 }
1961
1962 $html_output .= '<th>' . __('Null') . '</th>'
1963 . '<th class="fillPage">' . __('Value') . '</th>'
1964 . '</tr>'
1965 . '</thead>'
1966 . ' <tfoot>'
1967 . '<tr>'
1968 . '<th colspan="5" class="tblFooters right">'
1969 . '<input class="btn btn-primary" type="submit" value="' . __('Go') . '">'
1970 . '</th>'
1971 . '</tr>'
1972 . '</tfoot>';
1973 return $html_output;
1974 }
1975
1976 /**
1977 * Prepares the field value and retrieve special chars, backup field and data array
1978 *
1979 * @param array $current_row a row of the table
1980 * @param array $column description of column in given table
1981 * @param array $extracted_columnspec associative array containing type,
1982 * spec_in_brackets and possibly
1983 * enum_set_values (another array)
1984 * @param boolean $real_null_value whether column value null or not null
1985 * @param array $gis_data_types list of GIS data types
1986 * @param string $column_name_appendix string to append to column name in input
1987 * @param bool $as_is use the data as is, used in repopulating
1988 *
1989 * @return array $real_null_value, $data, $special_chars, $backup_field,
1990 * $special_chars_encoded
1991 */
1992 private function getSpecialCharsAndBackupFieldForExistingRow(
1993 array $current_row,
1994 array $column,
1995 array $extracted_columnspec,
1996 $real_null_value,
1997 array $gis_data_types,
1998 $column_name_appendix,
1999 $as_is
2000 ) {
2001 $special_chars_encoded = '';
2002 $data = null;
2003 // (we are editing)
2004 if (! isset($current_row[$column['Field']])) {
2005 $real_null_value = true;
2006 $current_row[$column['Field']] = '';
2007 $special_chars = '';
2008 $data = $current_row[$column['Field']];
2009 } elseif ($column['True_Type'] == 'bit') {
2010 $special_chars = $as_is
2011 ? $current_row[$column['Field']]
2012 : Util::printableBitValue(
2013 (int) $current_row[$column['Field']],
2014 (int) $extracted_columnspec['spec_in_brackets']
2015 );
2016 } elseif ((substr($column['True_Type'], 0, 9) == 'timestamp'
2017 || $column['True_Type'] == 'datetime'
2018 || $column['True_Type'] == 'time')
2019 && (mb_strpos($current_row[$column['Field']], ".") !== false)
2020 ) {
2021 $current_row[$column['Field']] = $as_is
2022 ? $current_row[$column['Field']]
2023 : Util::addMicroseconds(
2024 $current_row[$column['Field']]
2025 );
2026 $special_chars = htmlspecialchars($current_row[$column['Field']]);
2027 } elseif (in_array($column['True_Type'], $gis_data_types)) {
2028 // Convert gis data to Well Know Text format
2029 $current_row[$column['Field']] = $as_is
2030 ? $current_row[$column['Field']]
2031 : Util::asWKT(
2032 $current_row[$column['Field']],
2033 true
2034 );
2035 $special_chars = htmlspecialchars($current_row[$column['Field']]);
2036 } else {
2037 // special binary "characters"
2038 if ($column['is_binary']
2039 || ($column['is_blob'] && $GLOBALS['cfg']['ProtectBinary'] !== 'all')
2040 ) {
2041 $current_row[$column['Field']] = $as_is
2042 ? $current_row[$column['Field']]
2043 : bin2hex(
2044 $current_row[$column['Field']]
2045 );
2046 } // end if
2047 $special_chars = htmlspecialchars($current_row[$column['Field']]);
2048
2049 //We need to duplicate the first \n or otherwise we will lose
2050 //the first newline entered in a VARCHAR or TEXT column
2051 $special_chars_encoded
2052 = Util::duplicateFirstNewline($special_chars);
2053
2054 $data = $current_row[$column['Field']];
2055 } // end if... else...
2056
2057 //when copying row, it is useful to empty auto-increment column
2058 // to prevent duplicate key error
2059 if (isset($_POST['default_action'])
2060 && $_POST['default_action'] === 'insert'
2061 ) {
2062 if ($column['Key'] === 'PRI'
2063 && mb_strpos($column['Extra'], 'auto_increment') !== false
2064 ) {
2065 $data = $special_chars_encoded = $special_chars = null;
2066 }
2067 }
2068 // If a timestamp field value is not included in an update
2069 // statement MySQL auto-update it to the current timestamp;
2070 // however, things have changed since MySQL 4.1, so
2071 // it's better to set a fields_prev in this situation
2072 $backup_field = '<input type="hidden" name="fields_prev'
2073 . $column_name_appendix . '" value="'
2074 . htmlspecialchars($current_row[$column['Field']]) . '">';
2075
2076 return [
2077 $real_null_value,
2078 $special_chars_encoded,
2079 $special_chars,
2080 $data,
2081 $backup_field,
2082 ];
2083 }
2084
2085 /**
2086 * display default values
2087 *
2088 * @param array $column description of column in given table
2089 * @param boolean $real_null_value whether column value null or not null
2090 *
2091 * @return array $real_null_value, $data, $special_chars,
2092 * $backup_field, $special_chars_encoded
2093 */
2094 private function getSpecialCharsAndBackupFieldForInsertingMode(
2095 array $column,
2096 $real_null_value
2097 ) {
2098 if (! isset($column['Default'])) {
2099 $column['Default'] = '';
2100 $real_null_value = true;
2101 $data = '';
2102 } else {
2103 $data = $column['Default'];
2104 }
2105
2106 $trueType = $column['True_Type'];
2107
2108 if ($trueType == 'bit') {
2109 $special_chars = Util::convertBitDefaultValue(
2110 $column['Default']
2111 );
2112 } elseif (substr($trueType, 0, 9) == 'timestamp'
2113 || $trueType == 'datetime'
2114 || $trueType == 'time'
2115 ) {
2116 $special_chars = Util::addMicroseconds($column['Default']);
2117 } elseif ($trueType == 'binary' || $trueType == 'varbinary') {
2118 $special_chars = bin2hex($column['Default']);
2119 } else {
2120 $special_chars = htmlspecialchars($column['Default']);
2121 }
2122 $backup_field = '';
2123 $special_chars_encoded = Util::duplicateFirstNewline(
2124 $special_chars
2125 );
2126 return [
2127 $real_null_value,
2128 $data,
2129 $special_chars,
2130 $backup_field,
2131 $special_chars_encoded,
2132 ];
2133 }
2134
2135 /**
2136 * Prepares the update/insert of a row
2137 *
2138 * @return array $loop_array, $using_key, $is_insert, $is_insertignore
2139 */
2140 public function getParamsForUpdateOrInsert()
2141 {
2142 if (isset($_POST['where_clause'])) {
2143 // we were editing something => use the WHERE clause
2144 $loop_array = is_array($_POST['where_clause'])
2145 ? $_POST['where_clause']
2146 : [$_POST['where_clause']];
2147 $using_key = true;
2148 $is_insert = isset($_POST['submit_type'])
2149 && ($_POST['submit_type'] == 'insert'
2150 || $_POST['submit_type'] == 'showinsert'
2151 || $_POST['submit_type'] == 'insertignore');
2152 } else {
2153 // new row => use indexes
2154 $loop_array = [];
2155 if (! empty($_POST['fields'])) {
2156 foreach ($_POST['fields']['multi_edit'] as $key => $dummy) {
2157 $loop_array[] = $key;
2158 }
2159 }
2160 $using_key = false;
2161 $is_insert = true;
2162 }
2163 $is_insertignore = isset($_POST['submit_type'])
2164 && $_POST['submit_type'] == 'insertignore';
2165 return [
2166 $loop_array,
2167 $using_key,
2168 $is_insert,
2169 $is_insertignore,
2170 ];
2171 }
2172
2173 /**
2174 * Check wether insert row mode and if so include tbl_changen script and set
2175 * global variables.
2176 *
2177 * @return void
2178 */
2179 public function isInsertRow()
2180 {
2181 if (isset($_POST['insert_rows'])
2182 && is_numeric($_POST['insert_rows'])
2183 && $_POST['insert_rows'] != $GLOBALS['cfg']['InsertRows']
2184 ) {
2185 $GLOBALS['cfg']['InsertRows'] = $_POST['insert_rows'];
2186 $response = Response::getInstance();
2187 $header = $response->getHeader();
2188 $scripts = $header->getScripts();
2189 $scripts->addFile('vendor/jquery/additional-methods.js');
2190 $scripts->addFile('table/change.js');
2191 if (! defined('TESTSUITE')) {
2192 include ROOT_PATH . 'libraries/entry_points/table/change.php';
2193 exit;
2194 }
2195 }
2196 }
2197
2198 /**
2199 * set $_SESSION for edit_next
2200 *
2201 * @param string $one_where_clause one where clause from where clauses array
2202 *
2203 * @return void
2204 */
2205 public function setSessionForEditNext($one_where_clause)
2206 {
2207 $local_query = 'SELECT * FROM ' . Util::backquote($GLOBALS['db'])
2208 . '.' . Util::backquote($GLOBALS['table']) . ' WHERE '
2209 . str_replace('` =', '` >', $one_where_clause) . ' LIMIT 1;';
2210
2211 $res = $this->dbi->query($local_query);
2212 $row = $this->dbi->fetchRow($res);
2213 $meta = $this->dbi->getFieldsMeta($res);
2214 // must find a unique condition based on unique key,
2215 // not a combination of all fields
2216 list($unique_condition, $clause_is_unique)
2217 = Util::getUniqueCondition(
2218 $res, // handle
2219 count($meta), // fields_cnt
2220 $meta, // fields_meta
2221 $row, // row
2222 true, // force_unique
2223 false, // restrict_to_table
2224 null // analyzed_sql_results
2225 );
2226 if (! empty($unique_condition)) {
2227 $_SESSION['edit_next'] = $unique_condition;
2228 }
2229 unset($unique_condition, $clause_is_unique);
2230 }
2231
2232 /**
2233 * set $goto_include variable for different cases and retrieve like,
2234 * if $GLOBALS['goto'] empty, if $goto_include previously not defined
2235 * and new_insert, same_insert, edit_next
2236 *
2237 * @param string $goto_include store some script for include, otherwise it is
2238 * boolean false
2239 *
2240 * @return string
2241 */
2242 public function getGotoInclude($goto_include)
2243 {
2244 $valid_options = [
2245 'new_insert',
2246 'same_insert',
2247 'edit_next',
2248 ];
2249 if (isset($_POST['after_insert'])
2250 && in_array($_POST['after_insert'], $valid_options)
2251 ) {
2252 $goto_include = 'libraries/entry_points/table/change.php';
2253 } elseif (! empty($GLOBALS['goto'])) {
2254 if (! preg_match('@^[a-z_]+\.php$@', $GLOBALS['goto'])) {
2255 // this should NOT happen
2256 //$GLOBALS['goto'] = false;
2257 $goto_include = false;
2258 } else {
2259 $goto_include = $GLOBALS['goto'];
2260 }
2261 if ($GLOBALS['goto'] == 'db_sql.php' && strlen($GLOBALS['table']) > 0) {
2262 $GLOBALS['table'] = '';
2263 }
2264 }
2265 if (! $goto_include) {
2266 if (strlen($GLOBALS['table']) === 0) {
2267 $goto_include = 'db_sql.php';
2268 } else {
2269 $goto_include = 'tbl_sql.php';
2270 }
2271 }
2272 return $goto_include;
2273 }
2274
2275 /**
2276 * Defines the url to return in case of failure of the query
2277 *
2278 * @param array $url_params url parameters
2279 *
2280 * @return string error url for query failure
2281 */
2282 public function getErrorUrl(array $url_params)
2283 {
2284 if (isset($_POST['err_url'])) {
2285 return $_POST['err_url'];
2286 }
2287
2288 return Url::getFromRoute('/table/change', $url_params);
2289 }
2290
2291 /**
2292 * Builds the sql query
2293 *
2294 * @param boolean $is_insertignore $_POST['submit_type'] == 'insertignore'
2295 * @param array $query_fields column names array
2296 * @param array $value_sets array of query values
2297 *
2298 * @return array of query
2299 */
2300 public function buildSqlQuery($is_insertignore, array $query_fields, array $value_sets)
2301 {
2302 if ($is_insertignore) {
2303 $insert_command = 'INSERT IGNORE ';
2304 } else {
2305 $insert_command = 'INSERT ';
2306 }
2307 $query = [
2308 $insert_command . 'INTO '
2309 . Util::backquote($GLOBALS['table'])
2310 . ' (' . implode(', ', $query_fields) . ') VALUES ('
2311 . implode('), (', $value_sets) . ')',
2312 ];
2313 return $query;
2314 }
2315
2316 /**
2317 * Executes the sql query and get the result, then move back to the calling page
2318 *
2319 * @param array $url_params url parameters array
2320 * @param array $query built query from buildSqlQuery()
2321 *
2322 * @return array $url_params, $total_affected_rows, $last_messages
2323 * $warning_messages, $error_messages, $return_to_sql_query
2324 */
2325 public function executeSqlQuery(array $url_params, array $query)
2326 {
2327 $return_to_sql_query = '';
2328 if (! empty($GLOBALS['sql_query'])) {
2329 $url_params['sql_query'] = $GLOBALS['sql_query'];
2330 $return_to_sql_query = $GLOBALS['sql_query'];
2331 }
2332 $GLOBALS['sql_query'] = implode('; ', $query) . ';';
2333 // to ensure that the query is displayed in case of
2334 // "insert as new row" and then "insert another new row"
2335 $GLOBALS['display_query'] = $GLOBALS['sql_query'];
2336
2337 $total_affected_rows = 0;
2338 $last_messages = [];
2339 $warning_messages = [];
2340 $error_messages = [];
2341
2342 foreach ($query as $single_query) {
2343 if ($_POST['submit_type'] == 'showinsert') {
2344 $last_messages[] = Message::notice(__('Showing SQL query'));
2345 continue;
2346 }
2347 if ($GLOBALS['cfg']['IgnoreMultiSubmitErrors']) {
2348 $result = $this->dbi->tryQuery($single_query);
2349 } else {
2350 $result = $this->dbi->query($single_query);
2351 }
2352 if (! $result) {
2353 $error_messages[] = $this->dbi->getError();
2354 } else {
2355 // The next line contains a real assignment, it's not a typo
2356 if ($tmp = @$this->dbi->affectedRows()) {
2357 $total_affected_rows += $tmp;
2358 }
2359 unset($tmp);
2360
2361 $insert_id = $this->dbi->insertId();
2362 if ($insert_id != 0) {
2363 // insert_id is id of FIRST record inserted in one insert, so if we
2364 // inserted multiple rows, we had to increment this
2365
2366 if ($total_affected_rows > 0) {
2367 $insert_id += $total_affected_rows - 1;
2368 }
2369 $last_message = Message::notice(__('Inserted row id: %1$d'));
2370 $last_message->addParam($insert_id);
2371 $last_messages[] = $last_message;
2372 }
2373 $this->dbi->freeResult($result);
2374 }
2375 $warning_messages = $this->getWarningMessages();
2376 }
2377 return [
2378 $url_params,
2379 $total_affected_rows,
2380 $last_messages,
2381 $warning_messages,
2382 $error_messages,
2383 $return_to_sql_query,
2384 ];
2385 }
2386
2387 /**
2388 * get the warning messages array
2389 *
2390 * @return array
2391 */
2392 private function getWarningMessages()
2393 {
2394 $warning_essages = [];
2395 foreach ($this->dbi->getWarnings() as $warning) {
2396 $warning_essages[] = Message::sanitize(
2397 $warning['Level'] . ': #' . $warning['Code'] . ' ' . $warning['Message']
2398 );
2399 }
2400 return $warning_essages;
2401 }
2402
2403 /**
2404 * Column to display from the foreign table?
2405 *
2406 * @param string $where_comparison string that contain relation field value
2407 * @param array $map all Relations to foreign tables for a given
2408 * table or optionally a given column in a table
2409 * @param string $relation_field relation field
2410 *
2411 * @return string display value from the foreign table
2412 */
2413 public function getDisplayValueForForeignTableColumn(
2414 $where_comparison,
2415 array $map,
2416 $relation_field
2417 ) {
2418 $foreigner = $this->relation->searchColumnInForeigners($map, $relation_field);
2419 $display_field = $this->relation->getDisplayField(
2420 $foreigner['foreign_db'],
2421 $foreigner['foreign_table']
2422 );
2423 // Field to display from the foreign table?
2424 if ($display_field !== null && strlen($display_field) > 0) {
2425 $dispsql = 'SELECT ' . Util::backquote($display_field)
2426 . ' FROM ' . Util::backquote($foreigner['foreign_db'])
2427 . '.' . Util::backquote($foreigner['foreign_table'])
2428 . ' WHERE ' . Util::backquote($foreigner['foreign_field'])
2429 . $where_comparison;
2430 $dispresult = $this->dbi->tryQuery(
2431 $dispsql,
2432 DatabaseInterface::CONNECT_USER,
2433 DatabaseInterface::QUERY_STORE
2434 );
2435 if ($dispresult && $this->dbi->numRows($dispresult) > 0) {
2436 list($dispval) = $this->dbi->fetchRow($dispresult);
2437 } else {
2438 $dispval = '';
2439 }
2440 if ($dispresult) {
2441 $this->dbi->freeResult($dispresult);
2442 }
2443 return $dispval;
2444 }
2445 return '';
2446 }
2447
2448 /**
2449 * Display option in the cell according to user choices
2450 *
2451 * @param array $map all Relations to foreign tables for a given
2452 * table or optionally a given column in a table
2453 * @param string $relation_field relation field
2454 * @param string $where_comparison string that contain relation field value
2455 * @param string $dispval display value from the foreign table
2456 * @param string $relation_field_value relation field value
2457 *
2458 * @return string HTML <a> tag
2459 */
2460 public function getLinkForRelationalDisplayField(
2461 array $map,
2462 $relation_field,
2463 $where_comparison,
2464 $dispval,
2465 $relation_field_value
2466 ) {
2467 $foreigner = $this->relation->searchColumnInForeigners($map, $relation_field);
2468 if ('K' == $_SESSION['tmpval']['relational_display']) {
2469 // user chose "relational key" in the display options, so
2470 // the title contains the display field
2471 $title = ! empty($dispval)
2472 ? ' title="' . htmlspecialchars($dispval) . '"'
2473 : '';
2474 } else {
2475 $title = ' title="' . htmlspecialchars($relation_field_value) . '"';
2476 }
2477 $_url_params = [
2478 'db' => $foreigner['foreign_db'],
2479 'table' => $foreigner['foreign_table'],
2480 'pos' => '0',
2481 'sql_query' => 'SELECT * FROM '
2482 . Util::backquote($foreigner['foreign_db'])
2483 . '.' . Util::backquote($foreigner['foreign_table'])
2484 . ' WHERE ' . Util::backquote($foreigner['foreign_field'])
2485 . $where_comparison,
2486 ];
2487 $output = '<a href="sql.php'
2488 . Url::getCommon($_url_params) . '"' . $title . '>';
2489
2490 if ('D' == $_SESSION['tmpval']['relational_display']) {
2491 // user chose "relational display field" in the
2492 // display options, so show display field in the cell
2493 $output .= ! empty($dispval) ? htmlspecialchars($dispval) : '';
2494 } else {
2495 // otherwise display data in the cell
2496 $output .= htmlspecialchars($relation_field_value);
2497 }
2498 $output .= '</a>';
2499 return $output;
2500 }
2501
2502 /**
2503 * Transform edited values
2504 *
2505 * @param string $db db name
2506 * @param string $table table name
2507 * @param array $transformation mimetypes for all columns of a table
2508 * [field_name][field_key]
2509 * @param array $edited_values transform columns list and new values
2510 * @param string $file file containing the transformation plugin
2511 * @param string $column_name column name
2512 * @param array $extra_data extra data array
2513 * @param string $type the type of transformation
2514 *
2515 * @return array
2516 */
2517 public function transformEditedValues(
2518 $db,
2519 $table,
2520 array $transformation,
2521 array &$edited_values,
2522 $file,
2523 $column_name,
2524 array $extra_data,
2525 $type
2526 ) {
2527 $include_file = 'libraries/classes/Plugins/Transformations/' . $file;
2528 if (is_file($include_file)) {
2529 $_url_params = [
2530 'db' => $db,
2531 'table' => $table,
2532 'where_clause' => $_POST['where_clause'],
2533 'transform_key' => $column_name,
2534 ];
2535 $transform_options = $this->transformations->getOptions(
2536 isset($transformation[$type . '_options'])
2537 ? $transformation[$type . '_options']
2538 : ''
2539 );
2540 $transform_options['wrapper_link'] = Url::getCommon($_url_params);
2541 $class_name = $this->transformations->getClassName($include_file);
2542 if (class_exists($class_name)) {
2543 /** @var TransformationsPlugin $transformation_plugin */
2544 $transformation_plugin = new $class_name();
2545
2546 foreach ($edited_values as $cell_index => $curr_cell_edited_values) {
2547 if (isset($curr_cell_edited_values[$column_name])) {
2548 $edited_values[$cell_index][$column_name]
2549 = $extra_data['transformations'][$cell_index]
2550 = $transformation_plugin->applyTransformation(
2551 $curr_cell_edited_values[$column_name],
2552 $transform_options
2553 );
2554 }
2555 } // end of loop for each transformation cell
2556 }
2557 }
2558 return $extra_data;
2559 }
2560
2561 /**
2562 * Get current value in multi edit mode
2563 *
2564 * @param array $multi_edit_funcs multiple edit functions array
2565 * @param array $multi_edit_salt multiple edit array with encryption salt
2566 * @param array $gis_from_text_functions array that contains gis from text functions
2567 * @param string $current_value current value in the column
2568 * @param array $gis_from_wkb_functions initially $val is $multi_edit_columns[$key]
2569 * @param array $func_optional_param array('RAND','UNIX_TIMESTAMP')
2570 * @param array $func_no_param array of set of string
2571 * @param string $key an md5 of the column name
2572 *
2573 * @return string
2574 */
2575 public function getCurrentValueAsAnArrayForMultipleEdit(
2576 $multi_edit_funcs,
2577 $multi_edit_salt,
2578 $gis_from_text_functions,
2579 $current_value,
2580 $gis_from_wkb_functions,
2581 $func_optional_param,
2582 $func_no_param,
2583 $key
2584 ) {
2585 if (empty($multi_edit_funcs[$key])) {
2586 return $current_value;
2587 } elseif ('UUID' === $multi_edit_funcs[$key]) {
2588 /* This way user will know what UUID new row has */
2589 $uuid = $this->dbi->fetchValue('SELECT UUID()');
2590 return "'" . $uuid . "'";
2591 } elseif ((in_array($multi_edit_funcs[$key], $gis_from_text_functions)
2592 && substr($current_value, 0, 3) == "'''")
2593 || in_array($multi_edit_funcs[$key], $gis_from_wkb_functions)
2594 ) {
2595 // Remove enclosing apostrophes
2596 $current_value = mb_substr($current_value, 1, -1);
2597 // Remove escaping apostrophes
2598 $current_value = str_replace("''", "'", $current_value);
2599 return $multi_edit_funcs[$key] . '(' . $current_value . ')';
2600 } elseif (! in_array($multi_edit_funcs[$key], $func_no_param)
2601 || ($current_value != "''"
2602 && in_array($multi_edit_funcs[$key], $func_optional_param))
2603 ) {
2604 if ((isset($multi_edit_salt[$key])
2605 && ($multi_edit_funcs[$key] == "AES_ENCRYPT"
2606 || $multi_edit_funcs[$key] == "AES_DECRYPT"))
2607 || (! empty($multi_edit_salt[$key])
2608 && ($multi_edit_funcs[$key] == "DES_ENCRYPT"
2609 || $multi_edit_funcs[$key] == "DES_DECRYPT"
2610 || $multi_edit_funcs[$key] == "ENCRYPT"))
2611 ) {
2612 return $multi_edit_funcs[$key] . '(' . $current_value . ",'"
2613 . $this->dbi->escapeString($multi_edit_salt[$key]) . "')";
2614 }
2615
2616 return $multi_edit_funcs[$key] . '(' . $current_value . ')';
2617 }
2618
2619 return $multi_edit_funcs[$key] . '()';
2620 }
2621
2622 /**
2623 * Get query values array and query fields array for insert and update in multi edit
2624 *
2625 * @param array $multi_edit_columns_name multiple edit columns name array
2626 * @param array $multi_edit_columns_null multiple edit columns null array
2627 * @param string $current_value current value in the column in loop
2628 * @param array $multi_edit_columns_prev multiple edit previous columns array
2629 * @param array $multi_edit_funcs multiple edit functions array
2630 * @param boolean $is_insert boolean value whether insert or not
2631 * @param array $query_values SET part of the sql query
2632 * @param array $query_fields array of query fields
2633 * @param string $current_value_as_an_array current value in the column
2634 * as an array
2635 * @param array $value_sets array of valu sets
2636 * @param string $key an md5 of the column name
2637 * @param array $multi_edit_columns_null_prev array of multiple edit columns
2638 * null previous
2639 *
2640 * @return array ($query_values, $query_fields)
2641 */
2642 public function getQueryValuesForInsertAndUpdateInMultipleEdit(
2643 $multi_edit_columns_name,
2644 $multi_edit_columns_null,
2645 $current_value,
2646 $multi_edit_columns_prev,
2647 $multi_edit_funcs,
2648 $is_insert,
2649 $query_values,
2650 $query_fields,
2651 $current_value_as_an_array,
2652 $value_sets,
2653 $key,
2654 $multi_edit_columns_null_prev
2655 ) {
2656 // i n s e r t
2657 if ($is_insert) {
2658 // no need to add column into the valuelist
2659 if (strlen($current_value_as_an_array) > 0) {
2660 $query_values[] = $current_value_as_an_array;
2661 // first inserted row so prepare the list of fields
2662 if (empty($value_sets)) {
2663 $query_fields[] = Util::backquote(
2664 $multi_edit_columns_name[$key]
2665 );
2666 }
2667 }
2668 } elseif (! empty($multi_edit_columns_null_prev[$key])
2669 && ! isset($multi_edit_columns_null[$key])
2670 ) {
2671 // u p d a t e
2672
2673 // field had the null checkbox before the update
2674 // field no longer has the null checkbox
2675 $query_values[]
2676 = Util::backquote($multi_edit_columns_name[$key])
2677 . ' = ' . $current_value_as_an_array;
2678 } elseif (! (empty($multi_edit_funcs[$key])
2679 && isset($multi_edit_columns_prev[$key])
2680 && (("'" . $this->dbi->escapeString($multi_edit_columns_prev[$key]) . "'" === $current_value)
2681 || ('0x' . $multi_edit_columns_prev[$key] === $current_value)))
2682 && ! empty($current_value)
2683 ) {
2684 // avoid setting a field to NULL when it's already NULL
2685 // (field had the null checkbox before the update
2686 // field still has the null checkbox)
2687 if (empty($multi_edit_columns_null_prev[$key])
2688 || empty($multi_edit_columns_null[$key])
2689 ) {
2690 $query_values[]
2691 = Util::backquote($multi_edit_columns_name[$key])
2692 . ' = ' . $current_value_as_an_array;
2693 }
2694 }
2695 return [
2696 $query_values,
2697 $query_fields,
2698 ];
2699 }
2700
2701 /**
2702 * Get the current column value in the form for different data types
2703 *
2704 * @param string|false $possibly_uploaded_val uploaded file content
2705 * @param string $key an md5 of the column name
2706 * @param array|null $multi_edit_columns_type array of multi edit column types
2707 * @param string $current_value current column value in the form
2708 * @param array|null $multi_edit_auto_increment multi edit auto increment
2709 * @param integer $rownumber index of where clause array
2710 * @param array $multi_edit_columns_name multi edit column names array
2711 * @param array $multi_edit_columns_null multi edit columns null array
2712 * @param array $multi_edit_columns_null_prev multi edit columns previous null
2713 * @param boolean $is_insert whether insert or not
2714 * @param boolean $using_key whether editing or new row
2715 * @param string $where_clause where clause
2716 * @param string $table table name
2717 * @param array $multi_edit_funcs multiple edit functions array
2718 *
2719 * @return string current column value in the form
2720 */
2721 public function getCurrentValueForDifferentTypes(
2722 $possibly_uploaded_val,
2723 $key,
2724 ?array $multi_edit_columns_type,
2725 $current_value,
2726 ?array $multi_edit_auto_increment,
2727 $rownumber,
2728 $multi_edit_columns_name,
2729 $multi_edit_columns_null,
2730 $multi_edit_columns_null_prev,
2731 $is_insert,
2732 $using_key,
2733 $where_clause,
2734 $table,
2735 $multi_edit_funcs
2736 ) {
2737 // Fetch the current values of a row to use in case we have a protected field
2738 if ($is_insert
2739 && $using_key && isset($multi_edit_columns_type)
2740 && is_array($multi_edit_columns_type) && ! empty($where_clause)
2741 ) {
2742 $protected_row = $this->dbi->fetchSingleRow(
2743 'SELECT * FROM ' . Util::backquote($table)
2744 . ' WHERE ' . $where_clause . ';'
2745 );
2746 }
2747
2748 if (false !== $possibly_uploaded_val) {
2749 $current_value = $possibly_uploaded_val;
2750 } elseif (! empty($multi_edit_funcs[$key])) {
2751 $current_value = "'" . $this->dbi->escapeString($current_value)
2752 . "'";
2753 } else {
2754 // c o l u m n v a l u e i n t h e f o r m
2755 if (isset($multi_edit_columns_type[$key])) {
2756 $type = $multi_edit_columns_type[$key];
2757 } else {
2758 $type = '';
2759 }
2760
2761 if ($type != 'protected' && $type != 'set' && strlen($current_value) === 0) {
2762 // best way to avoid problems in strict mode
2763 // (works also in non-strict mode)
2764 if (isset($multi_edit_auto_increment, $multi_edit_auto_increment[$key])) {
2765 $current_value = 'NULL';
2766 } else {
2767 $current_value = "''";
2768 }
2769 } elseif ($type == 'set') {
2770 if (! empty($_POST['fields']['multi_edit'][$rownumber][$key])) {
2771 $current_value = implode(
2772 ',',
2773 $_POST['fields']['multi_edit'][$rownumber][$key]
2774 );
2775 $current_value = "'"
2776 . $this->dbi->escapeString($current_value) . "'";
2777 } else {
2778 $current_value = "''";
2779 }
2780 } elseif ($type == 'protected') {
2781 // here we are in protected mode (asked in the config)
2782 // so tbl_change has put this special value in the
2783 // columns array, so we do not change the column value
2784 // but we can still handle column upload
2785
2786 // when in UPDATE mode, do not alter field's contents. When in INSERT
2787 // mode, insert empty field because no values were submitted.
2788 // If protected blobs where set, insert original fields content.
2789 if (! empty($protected_row[$multi_edit_columns_name[$key]])) {
2790 $current_value = '0x'
2791 . bin2hex($protected_row[$multi_edit_columns_name[$key]]);
2792 } else {
2793 $current_value = '';
2794 }
2795 } elseif ($type === 'hex') {
2796 if (substr($current_value, 0, 2) != '0x') {
2797 $current_value = '0x' . $current_value;
2798 }
2799 } elseif ($type == 'bit') {
2800 $current_value = preg_replace('/[^01]/', '0', $current_value);
2801 $current_value = "b'" . $this->dbi->escapeString($current_value)
2802 . "'";
2803 } elseif (! ($type == 'datetime' || $type == 'timestamp')
2804 || ($current_value != 'CURRENT_TIMESTAMP'
2805 && $current_value != 'current_timestamp()')
2806 ) {
2807 $current_value = "'" . $this->dbi->escapeString($current_value)
2808 . "'";
2809 }
2810
2811 // Was the Null checkbox checked for this field?
2812 // (if there is a value, we ignore the Null checkbox: this could
2813 // be possible if Javascript is disabled in the browser)
2814 if (! empty($multi_edit_columns_null[$key])
2815 && ($current_value == "''" || $current_value == '')
2816 ) {
2817 $current_value = 'NULL';
2818 }
2819
2820 // The Null checkbox was unchecked for this field
2821 if (empty($current_value)
2822 && ! empty($multi_edit_columns_null_prev[$key])
2823 && ! isset($multi_edit_columns_null[$key])
2824 ) {
2825 $current_value = "''";
2826 }
2827 } // end else (column value in the form)
2828 return $current_value;
2829 }
2830
2831 /**
2832 * Check whether inline edited value can be truncated or not,
2833 * and add additional parameters for extra_data array if needed
2834 *
2835 * @param string $db Database name
2836 * @param string $table Table name
2837 * @param string $column_name Column name
2838 * @param array $extra_data Extra data for ajax response
2839 *
2840 * @return void
2841 */
2842 public function verifyWhetherValueCanBeTruncatedAndAppendExtraData(
2843 $db,
2844 $table,
2845 $column_name,
2846 array &$extra_data
2847 ) {
2848 $extra_data['isNeedToRecheck'] = false;
2849
2850 $sql_for_real_value = 'SELECT ' . Util::backquote($table) . '.'
2851 . Util::backquote($column_name)
2852 . ' FROM ' . Util::backquote($db) . '.'
2853 . Util::backquote($table)
2854 . ' WHERE ' . $_POST['where_clause'][0];
2855
2856 $result = $this->dbi->tryQuery($sql_for_real_value);
2857 $fields_meta = $this->dbi->getFieldsMeta($result);
2858 $meta = $fields_meta[0];
2859 if ($row = $this->dbi->fetchRow($result)) {
2860 $new_value = $row[0];
2861 if ((substr($meta->type, 0, 9) == 'timestamp')
2862 || ($meta->type == 'datetime')
2863 || ($meta->type == 'time')
2864 ) {
2865 $new_value = Util::addMicroseconds($new_value);
2866 } elseif (mb_strpos($meta->flags, 'binary') !== false) {
2867 $new_value = '0x' . bin2hex($new_value);
2868 }
2869 $extra_data['isNeedToRecheck'] = true;
2870 $extra_data['truncatableFieldValue'] = $new_value;
2871 }
2872 $this->dbi->freeResult($result);
2873 }
2874
2875 /**
2876 * Function to get the columns of a table
2877 *
2878 * @param string $db current db
2879 * @param string $table current table
2880 *
2881 * @return array
2882 */
2883 public function getTableColumns($db, $table)
2884 {
2885 $this->dbi->selectDb($db);
2886 return array_values($this->dbi->getColumns($db, $table, null, true));
2887 }
2888
2889 /**
2890 * Function to determine Insert/Edit rows
2891 *
2892 * @param string $where_clause where clause
2893 * @param string $db current database
2894 * @param string $table current table
2895 *
2896 * @return mixed
2897 */
2898 public function determineInsertOrEdit($where_clause, $db, $table)
2899 {
2900 if (isset($_POST['where_clause'])) {
2901 $where_clause = $_POST['where_clause'];
2902 }
2903 if (isset($_SESSION['edit_next'])) {
2904 $where_clause = $_SESSION['edit_next'];
2905 unset($_SESSION['edit_next']);
2906 $after_insert = 'edit_next';
2907 }
2908 if (isset($_POST['ShowFunctionFields'])) {
2909 $GLOBALS['cfg']['ShowFunctionFields'] = $_POST['ShowFunctionFields'];
2910 }
2911 if (isset($_POST['ShowFieldTypesInDataEditView'])) {
2912 $GLOBALS['cfg']['ShowFieldTypesInDataEditView']
2913 = $_POST['ShowFieldTypesInDataEditView'];
2914 }
2915 if (isset($_POST['after_insert'])) {
2916 $after_insert = $_POST['after_insert'];
2917 }
2918
2919 if (isset($where_clause)) {
2920 // we are editing
2921 $insert_mode = false;
2922 $where_clause_array = $this->getWhereClauseArray($where_clause);
2923 list($where_clauses, $result, $rows, $found_unique_key)
2924 = $this->analyzeWhereClauses(
2925 $where_clause_array,
2926 $table,
2927 $db
2928 );
2929 } else {
2930 // we are inserting
2931 $insert_mode = true;
2932 $where_clause = null;
2933 list($result, $rows) = $this->loadFirstRow($table, $db);
2934 $where_clauses = null;
2935 $where_clause_array = [];
2936 $found_unique_key = false;
2937 }
2938
2939 // Copying a row - fetched data will be inserted as a new row,
2940 // therefore the where clause is needless.
2941 if (isset($_POST['default_action'])
2942 && $_POST['default_action'] === 'insert'
2943 ) {
2944 $where_clause = $where_clauses = null;
2945 }
2946
2947 return [
2948 $insert_mode,
2949 $where_clause,
2950 $where_clause_array,
2951 $where_clauses,
2952 $result,
2953 $rows,
2954 $found_unique_key,
2955 isset($after_insert) ? $after_insert : null,
2956 ];
2957 }
2958
2959 /**
2960 * Function to get comments for the table columns
2961 *
2962 * @param string $db current database
2963 * @param string $table current table
2964 *
2965 * @return array comments for columns
2966 */
2967 public function getCommentsMap($db, $table)
2968 {
2969 $comments_map = [];
2970
2971 if ($GLOBALS['cfg']['ShowPropertyComments']) {
2972 $comments_map = $this->relation->getComments($db, $table);
2973 }
2974
2975 return $comments_map;
2976 }
2977
2978 /**
2979 * Function to get URL parameters
2980 *
2981 * @param string $db current database
2982 * @param string $table current table
2983 *
2984 * @return array url parameters
2985 */
2986 public function getUrlParameters($db, $table)
2987 {
2988 global $goto;
2989 /**
2990 * @todo check if we could replace by "db_|tbl_" - please clarify!?
2991 */
2992 $url_params = [
2993 'db' => $db,
2994 'sql_query' => $_POST['sql_query'],
2995 ];
2996
2997 if (0 === strpos($goto, "tbl_")) {
2998 $url_params['table'] = $table;
2999 }
3000
3001 return $url_params;
3002 }
3003
3004 /**
3005 * Function to get html for the gis editor div
3006 *
3007 * @return string
3008 */
3009 public function getHtmlForGisEditor()
3010 {
3011 return '<div id="gis_editor"></div>'
3012 . '<div id="popup_background"></div>'
3013 . '<br>';
3014 }
3015
3016 /**
3017 * Function to get html for the ignore option in insert mode
3018 *
3019 * @param int $row_id row id
3020 * @param bool $checked ignore option is checked or not
3021 *
3022 * @return string
3023 */
3024 public function getHtmlForIgnoreOption($row_id, $checked = true)
3025 {
3026 return '<input type="checkbox"'
3027 . ($checked ? ' checked="checked"' : '')
3028 . ' name="insert_ignore_' . $row_id . '"'
3029 . ' id="insert_ignore_' . $row_id . '">'
3030 . '<label for="insert_ignore_' . $row_id . '">'
3031 . __('Ignore')
3032 . '</label><br>' . "\n";
3033 }
3034
3035 /**
3036 * Function to get html for the function option
3037 *
3038 * @param array $column column
3039 * @param string $column_name_appendix column name appendix
3040 *
3041 * @return String
3042 */
3043 private function getHtmlForFunctionOption(array $column, $column_name_appendix)
3044 {
3045 return '<tr class="noclick">'
3046 . '<td '
3047 . 'class="center">'
3048 . $column['Field_title']
3049 . '<input type="hidden" name="fields_name' . $column_name_appendix
3050 . '" value="' . $column['Field_html'] . '">'
3051 . '</td>';
3052 }
3053
3054 /**
3055 * Function to get html for the column type
3056 *
3057 * @param array $column column
3058 *
3059 * @return string
3060 */
3061 private function getHtmlForInsertEditColumnType(array $column)
3062 {
3063 return '<td class="center' . $column['wrap'] . '">'
3064 . '<span class="column_type" dir="ltr">' . $column['pma_type'] . '</span>'
3065 . '</td>';
3066 }
3067
3068 /**
3069 * Function to get html for the insert edit form header
3070 *
3071 * @param bool $has_blob_field whether has blob field
3072 * @param bool $is_upload whether is upload
3073 *
3074 * @return string
3075 */
3076 public function getHtmlForInsertEditFormHeader($has_blob_field, $is_upload)
3077 {
3078 $html_output = '<form id="insertForm" class="lock-page ';
3079 if ($has_blob_field && $is_upload) {
3080 $html_output .= 'disableAjax';
3081 }
3082 $html_output .= '" method="post" action="tbl_replace.php" name="insertForm" ';
3083 if ($is_upload) {
3084 $html_output .= ' enctype="multipart/form-data"';
3085 }
3086 $html_output .= '>';
3087
3088 return $html_output;
3089 }
3090
3091 /**
3092 * Function to get html for each insert/edit column
3093 *
3094 * @param array $table_columns table columns
3095 * @param int $column_number column index in table_columns
3096 * @param array $comments_map comments map
3097 * @param bool $timestamp_seen whether timestamp seen
3098 * @param array $current_result current result
3099 * @param string $chg_evt_handler javascript change event handler
3100 * @param string $jsvkey javascript validation key
3101 * @param string $vkey validation key
3102 * @param bool $insert_mode whether insert mode
3103 * @param array $current_row current row
3104 * @param int $o_rows row offset
3105 * @param int $tabindex tab index
3106 * @param int $columns_cnt columns count
3107 * @param bool $is_upload whether upload
3108 * @param int $tabindex_for_function tab index offset for function
3109 * @param array $foreigners foreigners
3110 * @param int $tabindex_for_null tab index offset for null
3111 * @param int $tabindex_for_value tab index offset for value
3112 * @param string $table table
3113 * @param string $db database
3114 * @param int $row_id row id
3115 * @param array $titles titles
3116 * @param int $biggest_max_file_size biggest max file size
3117 * @param string $default_char_editing default char editing mode which is stored
3118 * in the config.inc.php script
3119 * @param string $text_dir text direction
3120 * @param array $repopulate the data to be repopulated
3121 * @param array $column_mime the mime information of column
3122 * @param string $where_clause the where clause
3123 *
3124 * @return string
3125 */
3126 private function getHtmlForInsertEditFormColumn(
3127 array $table_columns,
3128 $column_number,
3129 array $comments_map,
3130 $timestamp_seen,
3131 $current_result,
3132 $chg_evt_handler,
3133 $jsvkey,
3134 $vkey,
3135 $insert_mode,
3136 array $current_row,
3137 &$o_rows,
3138 &$tabindex,
3139 $columns_cnt,
3140 $is_upload,
3141 $tabindex_for_function,
3142 array $foreigners,
3143 $tabindex_for_null,
3144 $tabindex_for_value,
3145 $table,
3146 $db,
3147 $row_id,
3148 array $titles,
3149 $biggest_max_file_size,
3150 $default_char_editing,
3151 $text_dir,
3152 array $repopulate,
3153 array $column_mime,
3154 $where_clause
3155 ) {
3156 $column = $table_columns[$column_number];
3157 $readOnly = false;
3158
3159 if (! isset($column['processed'])) {
3160 $column = $this->analyzeTableColumnsArray(
3161 $column,
3162 $comments_map,
3163 $timestamp_seen
3164 );
3165 }
3166 $as_is = false;
3167 if (! empty($repopulate) && ! empty($current_row)) {
3168 $current_row[$column['Field']] = $repopulate[$column['Field_md5']];
3169 $as_is = true;
3170 }
3171
3172 $extracted_columnspec
3173 = Util::extractColumnSpec($column['Type']);
3174
3175 if (-1 === $column['len']) {
3176 $column['len'] = $this->dbi->fieldLen(
3177 $current_result,
3178 $column_number
3179 );
3180 // length is unknown for geometry fields,
3181 // make enough space to edit very simple WKTs
3182 if (-1 === $column['len']) {
3183 $column['len'] = 30;
3184 }
3185 }
3186 //Call validation when the form submitted...
3187 $onChangeClause = $chg_evt_handler
3188 . "=\"return verificationsAfterFieldChange('"
3189 . Sanitize::escapeJsString($column['Field_md5']) . "', '"
3190 . Sanitize::escapeJsString($jsvkey) . "','" . $column['pma_type'] . "')\"";
3191
3192 // Use an MD5 as an array index to avoid having special characters
3193 // in the name attribute (see bug #1746964 )
3194 $column_name_appendix = $vkey . '[' . $column['Field_md5'] . ']';
3195
3196 if ($column['Type'] === 'datetime'
3197 && ! isset($column['Default'])
3198 && $column['Default'] !== null
3199 && $insert_mode
3200 ) {
3201 $column['Default'] = date('Y-m-d H:i:s', time());
3202 }
3203
3204 $html_output = $this->getHtmlForFunctionOption(
3205 $column,
3206 $column_name_appendix
3207 );
3208
3209 if ($GLOBALS['cfg']['ShowFieldTypesInDataEditView']) {
3210 $html_output .= $this->getHtmlForInsertEditColumnType($column);
3211 } //End if
3212
3213 // Get a list of GIS data types.
3214 $gis_data_types = Util::getGISDatatypes();
3215
3216 // Prepares the field value
3217 $real_null_value = false;
3218 $special_chars_encoded = '';
3219 if (! empty($current_row)) {
3220 // (we are editing)
3221 list(
3222 $real_null_value, $special_chars_encoded, $special_chars,
3223 $data, $backup_field
3224 )
3225 = $this->getSpecialCharsAndBackupFieldForExistingRow(
3226 $current_row,
3227 $column,
3228 $extracted_columnspec,
3229 $real_null_value,
3230 $gis_data_types,
3231 $column_name_appendix,
3232 $as_is
3233 );
3234 } else {
3235 // (we are inserting)
3236 // display default values
3237 $tmp = $column;
3238 if (isset($repopulate[$column['Field_md5']])) {
3239 $tmp['Default'] = $repopulate[$column['Field_md5']];
3240 }
3241 list($real_null_value, $data, $special_chars, $backup_field,
3242 $special_chars_encoded
3243 )
3244 = $this->getSpecialCharsAndBackupFieldForInsertingMode(
3245 $tmp,
3246 $real_null_value
3247 );
3248 unset($tmp);
3249 }
3250
3251 $idindex = ($o_rows * $columns_cnt) + $column_number + 1;
3252 $tabindex = $idindex;
3253
3254 // Get a list of data types that are not yet supported.
3255 $no_support_types = Util::unsupportedDatatypes();
3256
3257 // The function column
3258 // -------------------
3259 $foreignData = $this->relation->getForeignData(
3260 $foreigners,
3261 $column['Field'],
3262 false,
3263 '',
3264 ''
3265 );
3266 if ($GLOBALS['cfg']['ShowFunctionFields']) {
3267 $html_output .= $this->getFunctionColumn(
3268 $column,
3269 $is_upload,
3270 $column_name_appendix,
3271 $onChangeClause,
3272 $no_support_types,
3273 $tabindex_for_function,
3274 $tabindex,
3275 $idindex,
3276 $insert_mode,
3277 $readOnly,
3278 $foreignData
3279 );
3280 }
3281
3282 // The null column
3283 // ---------------
3284 $html_output .= $this->getNullColumn(
3285 $column,
3286 $column_name_appendix,
3287 $real_null_value,
3288 $tabindex,
3289 $tabindex_for_null,
3290 $idindex,
3291 $vkey,
3292 $foreigners,
3293 $foreignData,
3294 $readOnly
3295 );
3296
3297 // The value column (depends on type)
3298 // ----------------
3299 // See bug #1667887 for the reason why we don't use the maxlength
3300 // HTML attribute
3301
3302 //add data attributes "no of decimals" and "data type"
3303 $no_decimals = 0;
3304 $type = current(explode("(", $column['pma_type']));
3305 if (preg_match('/\(([^()]+)\)/', $column['pma_type'], $match)) {
3306 $match[0] = trim($match[0], '()');
3307 $no_decimals = $match[0];
3308 }
3309 $html_output .= '<td data-type="' . $type . '" data-decimals="'
3310 . $no_decimals . '">' . "\n";
3311 // Will be used by js/table/change.js to set the default value
3312 // for the "Continue insertion" feature
3313 $html_output .= '<span class="default_value hide">'
3314 . $special_chars . '</span>';
3315
3316 // Check input transformation of column
3317 $transformed_html = '';
3318 if (! empty($column_mime['input_transformation'])) {
3319 $file = $column_mime['input_transformation'];
3320 $include_file = 'libraries/classes/Plugins/Transformations/' . $file;
3321 if (is_file($include_file)) {
3322 $class_name = $this->transformations->getClassName($include_file);
3323 if (class_exists($class_name)) {
3324 $transformation_plugin = new $class_name();
3325 $transformation_options = $this->transformations->getOptions(
3326 $column_mime['input_transformation_options']
3327 );
3328 $_url_params = [
3329 'db' => $db,
3330 'table' => $table,
3331 'transform_key' => $column['Field'],
3332 'where_clause' => $where_clause,
3333 ];
3334 $transformation_options['wrapper_link']
3335 = Url::getCommon($_url_params);
3336 $current_value = '';
3337 if (isset($current_row[$column['Field']])) {
3338 $current_value = $current_row[$column['Field']];
3339 }
3340 if (method_exists($transformation_plugin, 'getInputHtml')) {
3341 $transformed_html = $transformation_plugin->getInputHtml(
3342 $column,
3343 $row_id,
3344 $column_name_appendix,
3345 $transformation_options,
3346 $current_value,
3347 $text_dir,
3348 $tabindex,
3349 $tabindex_for_value,
3350 $idindex
3351 );
3352 }
3353 if (method_exists($transformation_plugin, 'getScripts')) {
3354 $GLOBALS['plugin_scripts'] = array_merge(
3355 $GLOBALS['plugin_scripts'],
3356 $transformation_plugin->getScripts()
3357 );
3358 }
3359 }
3360 }
3361 }
3362 if (! empty($transformed_html)) {
3363 $html_output .= $transformed_html;
3364 } else {
3365 $html_output .= $this->getValueColumn(
3366 $column,
3367 $backup_field,
3368 $column_name_appendix,
3369 $onChangeClause,
3370 $tabindex,
3371 $tabindex_for_value,
3372 $idindex,
3373 $data,
3374 $special_chars,
3375 $foreignData,
3376 [
3377 $table,
3378 $db,
3379 ],
3380 $row_id,
3381 $titles,
3382 $text_dir,
3383 $special_chars_encoded,
3384 $vkey,
3385 $is_upload,
3386 $biggest_max_file_size,
3387 $default_char_editing,
3388 $no_support_types,
3389 $gis_data_types,
3390 $extracted_columnspec,
3391 $readOnly
3392 );
3393 }
3394 return $html_output;
3395 }
3396
3397 /**
3398 * Function to get html for each insert/edit row
3399 *
3400 * @param array $url_params url parameters
3401 * @param array $table_columns table columns
3402 * @param array $comments_map comments map
3403 * @param bool $timestamp_seen whether timestamp seen
3404 * @param array $current_result current result
3405 * @param string $chg_evt_handler javascript change event handler
3406 * @param string $jsvkey javascript validation key
3407 * @param string $vkey validation key
3408 * @param bool $insert_mode whether insert mode
3409 * @param array $current_row current row
3410 * @param int $o_rows row offset
3411 * @param int $tabindex tab index
3412 * @param int $columns_cnt columns count
3413 * @param bool $is_upload whether upload
3414 * @param int $tabindex_for_function tab index offset for function
3415 * @param array $foreigners foreigners
3416 * @param int $tabindex_for_null tab index offset for null
3417 * @param int $tabindex_for_value tab index offset for value
3418 * @param string $table table
3419 * @param string $db database
3420 * @param int $row_id row id
3421 * @param array $titles titles
3422 * @param int $biggest_max_file_size biggest max file size
3423 * @param string $text_dir text direction
3424 * @param array $repopulate the data to be repopulated
3425 * @param array $where_clause_array the array of where clauses
3426 *
3427 * @return string
3428 */
3429 public function getHtmlForInsertEditRow(
3430 array $url_params,
3431 array $table_columns,
3432 array $comments_map,
3433 $timestamp_seen,
3434 $current_result,
3435 $chg_evt_handler,
3436 $jsvkey,
3437 $vkey,
3438 $insert_mode,
3439 array $current_row,
3440 &$o_rows,
3441 &$tabindex,
3442 $columns_cnt,
3443 $is_upload,
3444 $tabindex_for_function,
3445 array $foreigners,
3446 $tabindex_for_null,
3447 $tabindex_for_value,
3448 $table,
3449 $db,
3450 $row_id,
3451 array $titles,
3452 $biggest_max_file_size,
3453 $text_dir,
3454 array $repopulate,
3455 array $where_clause_array
3456 ) {
3457 $html_output = $this->getHeadAndFootOfInsertRowTable($url_params)
3458 . '<tbody>';
3459
3460 //store the default value for CharEditing
3461 $default_char_editing = $GLOBALS['cfg']['CharEditing'];
3462 $mime_map = $this->transformations->getMime($db, $table);
3463 $where_clause = '';
3464 if (isset($where_clause_array[$row_id])) {
3465 $where_clause = $where_clause_array[$row_id];
3466 }
3467 for ($column_number = 0; $column_number < $columns_cnt; $column_number++) {
3468 $table_column = $table_columns[$column_number];
3469 $column_mime = [];
3470 if (isset($mime_map[$table_column['Field']])) {
3471 $column_mime = $mime_map[$table_column['Field']];
3472 }
3473
3474 $virtual = [
3475 'VIRTUAL',
3476 'PERSISTENT',
3477 'VIRTUAL GENERATED',
3478 'STORED GENERATED',
3479 ];
3480 if (! in_array($table_column['Extra'], $virtual)) {
3481 $html_output .= $this->getHtmlForInsertEditFormColumn(
3482 $table_columns,
3483 $column_number,
3484 $comments_map,
3485 $timestamp_seen,
3486 $current_result,
3487 $chg_evt_handler,
3488 $jsvkey,
3489 $vkey,
3490 $insert_mode,
3491 $current_row,
3492 $o_rows,
3493 $tabindex,
3494 $columns_cnt,
3495 $is_upload,
3496 $tabindex_for_function,
3497 $foreigners,
3498 $tabindex_for_null,
3499 $tabindex_for_value,
3500 $table,
3501 $db,
3502 $row_id,
3503 $titles,
3504 $biggest_max_file_size,
3505 $default_char_editing,
3506 $text_dir,
3507 $repopulate,
3508 $column_mime,
3509 $where_clause
3510 );
3511 }
3512 } // end for
3513 $o_rows++;
3514 $html_output .= ' </tbody>'
3515 . '</table></div><br>'
3516 . '<div class="clearfloat"></div>';
3517
3518 return $html_output;
3519 }
3520 }
phpMyAdmin