2 declare(strict_types
=1);
4 namespace PhpMyAdmin\Controllers\Table
;
7 use PhpMyAdmin\Html\Generator
;
10 use function htmlspecialchars
;
16 * Provides download to a given field defined in parameters.
18 class GetFieldController
extends AbstractController
20 public function index(): void
24 $this->response
->disable();
26 /* Check parameters */
27 Util
::checkParameters([
33 if (! $this->dbi
->selectDb($db)) {
35 sprintf(__('\'%s\' database does not exist.'), htmlspecialchars($db)),
41 /* Check if table exists */
42 if (! $this->dbi
->getColumns($db, $table)) {
43 Generator
::mysqlDie(__('Invalid table name'));
46 if (! isset($_GET['where_clause'])
47 ||
! isset($_GET['where_clause_sign'])
48 ||
! Core
::checkSqlQuerySignature($_GET['where_clause'], $_GET['where_clause_sign'])
50 /* l10n: In case a SQL query did not pass a security check */
51 Core
::fatalError(__('There is an issue with your request.'));
56 $sql = 'SELECT ' . Util
::backquote($_GET['transform_key'])
57 . ' FROM ' . Util
::backquote($table)
58 . ' WHERE ' . $_GET['where_clause'] . ';';
59 $result = $this->dbi
->fetchValue($sql);
61 /* Check return code */
62 if ($result === false) {
64 __('MySQL returned an empty result set (i.e. zero rows).'),
69 /* Avoid corrupting data */
70 ini_set('url_rewriter.tags', '');
73 $table . '-' . $_GET['transform_key'] . '.bin',
74 Mime
::detect($result),