2 /* vim: set expandtab sw=4 ts=4 sts=4: */
4 * handles creation of VIEWs
6 * @todo js error when view name is empty (strFormEmpty)
7 * @todo (also validate if js is disabled, after form submission?)
10 declare(strict_types
=1);
13 use PhpMyAdmin\DatabaseInterface
;
14 use PhpMyAdmin\Di\Container
;
15 use PhpMyAdmin\Message
;
16 use PhpMyAdmin\Response
;
17 use PhpMyAdmin\Template
;
20 if (! defined('ROOT_PATH')) {
21 define('ROOT_PATH', __DIR__
. DIRECTORY_SEPARATOR
);
26 require_once ROOT_PATH
. 'libraries/common.inc.php';
27 require ROOT_PATH
. 'libraries/db_common.inc.php';
29 $container = Container
::getDefaultContainer();
30 $container->set(Response
::class, Response
::getInstance());
32 /** @var Response $response */
33 $response = $container->get(Response
::class);
35 /** @var DatabaseInterface $dbi */
36 $dbi = $container->get(DatabaseInterface
::class);
38 $url_params['goto'] = 'tbl_structure.php';
39 $url_params['back'] = 'view_create.php';
41 /** @var Template $template */
42 $template = $containerBuilder->get('template');
44 $view_algorithm_options = [
50 $view_with_options = [
55 $view_security_options = [
60 // View name is a compulsory field
61 if (isset($_POST['view']['name'])
62 && empty($_POST['view']['name'])
64 $message = Message
::error(__('View name can not be empty!'));
69 $response->setRequestStatus(false);
73 if (isset($_POST['createview']) ||
isset($_POST['alterview'])) {
79 if (isset($_POST['createview'])) {
80 $sql_query = 'CREATE';
81 if (isset($_POST['view']['or_replace'])) {
82 $sql_query .= ' OR REPLACE';
88 if (Core
::isValid($_POST['view']['algorithm'], $view_algorithm_options)) {
89 $sql_query .= $sep . ' ALGORITHM = ' . $_POST['view']['algorithm'];
92 if (! empty($_POST['view']['definer'])) {
93 if (strpos($_POST['view']['definer'], '@') === false) {
94 $sql_query .= $sep . 'DEFINER='
95 . Util
::backquote($_POST['view']['definer']);
97 $arr = explode('@', $_POST['view']['definer']);
98 $sql_query .= $sep . 'DEFINER=' . Util
::backquote($arr[0]);
99 $sql_query .= '@' . Util
::backquote($arr[1]) . ' ';
103 if (isset($_POST['view']['sql_security']) && in_array($_POST['view']['sql_security'], $view_security_options)) {
104 $sql_query .= $sep . ' SQL SECURITY '
105 . $_POST['view']['sql_security'];
108 $sql_query .= $sep . ' VIEW '
109 . Util
::backquote($_POST['view']['name']);
111 if (! empty($_POST['view']['column_names'])) {
112 $sql_query .= $sep . ' (' . $_POST['view']['column_names'] . ')';
115 $sql_query .= $sep . ' AS ' . $_POST['view']['as'];
117 if (isset($_POST['view']['with'])) {
118 if (in_array($_POST['view']['with'], $view_with_options)) {
119 $sql_query .= $sep . ' WITH ' . $_POST['view']['with']
124 if (! $dbi->tryQuery($sql_query)) {
125 if (! isset($_POST['ajax_dialog'])) {
126 $message = Message
::rawError($dbi->getError());
133 "<i>" . htmlspecialchars($sql_query) . "</i><br><br>"
137 $response->setRequestStatus(false);
141 // If different column names defined for VIEW
143 if (isset($_POST['view']['column_names'])) {
144 $view_columns = explode(',', $_POST['view']['column_names']);
147 $column_map = $dbi->getColumnMapFromSql(
148 $_POST['view']['as'],
152 $systemDb = $dbi->getSystemDatabase();
153 $pma_transformation_data = $systemDb->getExistingTransformationData(
157 if ($pma_transformation_data !== false) {
158 // SQL for store new transformation details of VIEW
159 $new_transformations_sql = $systemDb->getNewTransformationDataSql(
160 $pma_transformation_data,
162 $_POST['view']['name'],
166 // Store new transformations
167 if ($new_transformations_sql != '') {
168 $dbi->tryQuery($new_transformations_sql);
171 unset($pma_transformation_data);
173 if (! isset($_POST['ajax_dialog'])) {
174 $message = Message
::success();
175 include ROOT_PATH
. 'tbl_structure.php';
184 $response->setRequestStatus(true);
190 $sql_query = ! empty($_POST['sql_query']) ?
$_POST['sql_query'] : '';
192 // prefill values if not already filled from former submission
194 'operation' => 'create',
198 'sql_security' => '',
200 'column_names' => '',
205 // Used to prefill the fields when editing a view
206 if (isset($_GET['db']) && isset($_GET['table'])) {
207 $item = $dbi->fetchSingleRow(
209 "SELECT `VIEW_DEFINITION`, `CHECK_OPTION`, `DEFINER`,
211 FROM `INFORMATION_SCHEMA`.`VIEWS`
212 WHERE TABLE_SCHEMA='%s'
213 AND TABLE_NAME='%s';",
214 $dbi->escapeString($_GET['db']),
215 $dbi->escapeString($_GET['table'])
218 $createView = $dbi->getTable($_GET['db'], $_GET['table'])
221 // CREATE ALGORITHM=<ALGORITHM> DE...
222 $parts = explode(" ", substr($createView, 17));
223 $item['ALGORITHM'] = $parts[0];
225 $view['operation'] = 'alter';
226 $view['definer'] = $item['DEFINER'];
227 $view['sql_security'] = $item['SECURITY_TYPE'];
228 $view['name'] = $_GET['table'];
229 $view['as'] = $item['VIEW_DEFINITION'];
230 $view['with'] = $item['CHECK_OPTION'];
231 $view['algorithm'] = $item['ALGORITHM'];
234 if (Core
::isValid($_POST['view'], 'array')) {
235 $view = array_merge($view, $_POST['view']);
238 $url_params['db'] = $GLOBALS['db'];
239 $url_params['reload'] = 1;
241 echo $template->render('view_create', [
242 'ajax_dialog' => isset($_POST['ajax_dialog']),
243 'text_dir' => $text_dir,
244 'url_params' => $url_params,
246 'view_algorithm_options' => $view_algorithm_options,
247 'view_with_options' => $view_with_options,
248 'view_security_options' => $view_security_options,