search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Translated using Weblate (Spanish)
[phpmyadmin.git] / sql.php
blob7f03feef3ad6963378014d66e8ac56f77f0d1c8a
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * SQL executor
5 *
6 * @todo we must handle the case if sql.php is called directly with a query
7 * that returns 0 rows - to prevent cyclic redirects or includes
8 * @package PhpMyAdmin
9 */
10
11 /**
12 * Gets some core libraries
13 */
14 require_once 'libraries/common.inc.php';
15 require_once 'libraries/Table.class.php';
16 require_once 'libraries/Header.class.php';
17 require_once 'libraries/check_user_privileges.lib.php';
18 require_once 'libraries/bookmark.lib.php';
19 require_once 'libraries/sql.lib.php';
20
21 $response = PMA_Response::getInstance();
22 $header = $response->getHeader();
23 $scripts = $header->getScripts();
24 $scripts->addFile('jquery/jquery-ui-timepicker-addon.js');
25 $scripts->addFile('tbl_change.js');
26 // the next one needed because sql.php may do a "goto" to tbl_structure.php
27 $scripts->addFile('tbl_structure.js');
28 $scripts->addFile('indexes.js');
29 $scripts->addFile('gis_data_editor.js');
30
31 /**
32 * Set ajax_reload in the response if it was already set
33 */
34 if (isset($ajax_reload) && $ajax_reload['reload'] === true) {
35 $response->addJSON('ajax_reload', $ajax_reload);
36 }
37
38 /**
39 * Sets globals from $_POST
40 */
41 $post_params = array(
42 'bkm_all_users',
43 'fields',
44 'store_bkm'
45 );
46 foreach ($post_params as $one_post_param) {
47 if (isset($_POST[$one_post_param])) {
48 $GLOBALS[$one_post_param] = $_POST[$one_post_param];
49 }
50 }
51
52 /**
53 * Sets globals from $_GET
54 */
55 $get_params = array(
56 'id_bookmark',
57 'label',
58 'sql_query'
59 );
60 foreach ($get_params as $one_get_param) {
61 if (isset($_GET[$one_get_param])) {
62 $GLOBALS[$one_get_param] = $_GET[$one_get_param];
63 }
64 }
65
66
67 if (isset($_REQUEST['printview'])) {
68 $GLOBALS['printview'] = $_REQUEST['printview'];
69 }
70
71 if (isset($_SESSION['profiling'])) {
72 $response = PMA_Response::getInstance();
73 $header = $response->getHeader();
74 $scripts = $header->getScripts();
75 /* < IE 9 doesn't support canvas natively */
76 if (PMA_USR_BROWSER_AGENT == 'IE' && PMA_USR_BROWSER_VER < 9) {
77 $scripts->addFile('canvg/flashcanvas.js');
78 }
79 $scripts->addFile('jqplot/jquery.jqplot.js');
80 $scripts->addFile('jqplot/plugins/jqplot.pieRenderer.js');
81 $scripts->addFile('canvg/canvg.js');
82 }
83
84 if (!isset($_SESSION['is_multi_query'])) {
85 $_SESSION['is_multi_query'] = false;
86 }
87
88 /**
89 * Defines the url to return to in case of error in a sql statement
90 */
91 // Security checkings
92 if (! empty($goto)) {
93 $is_gotofile = preg_replace('@^([^?]+).*$@s', '\\1', $goto);
94 if (! @file_exists('' . $is_gotofile)) {
95 unset($goto);
96 } else {
97 $is_gotofile = ($is_gotofile == $goto);
98 }
99 } else {
100 if (empty($table)) {
101 $goto = $cfg['DefaultTabDatabase'];
102 } else {
103 $goto = $cfg['DefaultTabTable'];
104 }
105 $is_gotofile = true;
106 } // end if
107
108 if (! isset($err_url)) {
109 $err_url = (! empty($back) ? $back : $goto)
110 . '?' . PMA_generate_common_url($db)
111 . ((strpos(' ' . $goto, 'db_') != 1 && strlen($table))
112 ? '&amp;table=' . urlencode($table)
113 : ''
114 );
115 } // end if
116
117 // Coming from a bookmark dialog
118 if (isset($fields['query'])) {
119 $sql_query = $fields['query'];
120 }
121
122 // This one is just to fill $db
123 if (isset($fields['dbase'])) {
124 $db = $fields['dbase'];
125 }
126
127
128 // During grid edit, if we have a relational field, show the dropdown for it.
129 if (isset($_REQUEST['get_relational_values'])
130 && $_REQUEST['get_relational_values'] == true
131 ) {
132 $column = $_REQUEST['column'];
133 if ($_SESSION['tmp_user_values']['relational_display'] == 'D'
134 && isset($display_field)
135 && strlen($display_field)
136 && isset($_REQUEST['relation_key_or_display_column'])
137 && $_REQUEST['relation_key_or_display_column']
138 ) {
139 $curr_value = $_REQUEST['relation_key_or_display_column'];
140 } else {
141 $curr_value = $_REQUEST['curr_value'];
142 }
143 $dropdown = PMA_getHtmlForRelationalColumnDropdown($db, $table, $column, $curr_value);
144 $response = PMA_Response::getInstance();
145 $response->addJSON('dropdown', $dropdown);
146 exit;
147 }
148
149 // Just like above, find possible values for enum fields during grid edit.
150 if (isset($_REQUEST['get_enum_values']) && $_REQUEST['get_enum_values'] == true) {
151 $column = $_REQUEST['column'];
152 $curr_value = $_REQUEST['curr_value'];
153 $dropdown = PMA_getHtmlForEnumColumnDropdown($db, $table, $column, $curr_value);
154 $response = PMA_Response::getInstance();
155 $response->addJSON('dropdown', $dropdown);
156 exit;
157 }
158
159
160 // Find possible values for set fields during grid edit.
161 if (isset($_REQUEST['get_set_values']) && $_REQUEST['get_set_values'] == true) {
162 $column = $_REQUEST['column'];
163 $curr_value = $_REQUEST['curr_value'];
164 $select = PMA_getHtmlForSetColumn($db, $table, $column, $curr_value);
165 $response = PMA_Response::getInstance();
166 $response->addJSON('select', $select);
167 exit;
168 }
169
170 /**
171 * Check ajax request to set the column order
172 */
173 if (isset($_REQUEST['set_col_prefs']) && $_REQUEST['set_col_prefs'] == true) {
174 $pmatable = new PMA_Table($table, $db);
175 $retval = false;
176
177 // set column order
178 if (isset($_REQUEST['col_order'])) {
179 $col_order = explode(',', $_REQUEST['col_order']);
180 $retval = $pmatable->setUiProp(
181 PMA_Table::PROP_COLUMN_ORDER,
182 $col_order,
183 $_REQUEST['table_create_time']
184 );
185 if (gettype($retval) != 'boolean') {
186 $response = PMA_Response::getInstance();
187 $response->isSuccess(false);
188 $response->addJSON('message', $retval->getString());
189 exit;
190 }
191 }
192
193 // set column visibility
194 if ($retval === true && isset($_REQUEST['col_visib'])) {
195 $col_visib = explode(',', $_REQUEST['col_visib']);
196 $retval = $pmatable->setUiProp(
197 PMA_Table::PROP_COLUMN_VISIB, $col_visib,
198 $_REQUEST['table_create_time']
199 );
200 if (gettype($retval) != 'boolean') {
201 $response = PMA_Response::getInstance();
202 $response->isSuccess(false);
203 $response->addJSON('message', $retval->getString());
204 exit;
205 }
206 }
207
208 $response = PMA_Response::getInstance();
209 $response->isSuccess($retval == true);
210 exit;
211 }
212
213 // Default to browse if no query set and we have table
214 // (needed for browsing from DefaultTabTable)
215 if (empty($sql_query) && strlen($table) && strlen($db)) {
216 include_once 'libraries/bookmark.lib.php';
217 $book_sql_query = PMA_Bookmark_get(
218 $db,
219 '\'' . PMA_Util::sqlAddSlashes($table) . '\'',
220 'label',
221 false,
222 true
223 );
224
225 if (! empty($book_sql_query)) {
226 $GLOBALS['using_bookmark_message'] = PMA_message::notice(
227 __('Using bookmark "%s" as default browse query.')
228 );
229 $GLOBALS['using_bookmark_message']->addParam($table);
230 $GLOBALS['using_bookmark_message']->addMessage(
231 PMA_Util::showDocu('faq', 'faq6-22')
232 );
233 $sql_query = $book_sql_query;
234 } else {
235 $sql_query = 'SELECT * FROM ' . PMA_Util::backquote($table);
236 }
237 unset($book_sql_query);
238
239 // set $goto to what will be displayed if query returns 0 rows
240 $goto = '';
241 } else {
242 // Now we can check the parameters
243 PMA_Util::checkParameters(array('sql_query'));
244 }
245
246 // instead of doing the test twice
247 $is_drop_database = preg_match(
248 '/DROP[[:space:]]+(DATABASE|SCHEMA)[[:space:]]+/i',
249 $sql_query
250 );
251
252 /**
253 * Check rights in case of DROP DATABASE
254 *
255 * This test may be bypassed if $is_js_confirmed = 1 (already checked with js)
256 * but since a malicious user may pass this variable by url/form, we don't take
257 * into account this case.
258 */
259 if (! defined('PMA_CHK_DROP')
260 && ! $cfg['AllowUserDropDatabase']
261 && $is_drop_database
262 && ! $is_superuser
263 ) {
264 PMA_Util::mysqlDie(
265 __('"DROP DATABASE" statements are disabled.'),
266 '',
267 '',
268 $err_url
269 );
270 } // end if
271
272 // Include PMA_Index class for use in PMA_DisplayResults class
273 require_once './libraries/Index.class.php';
274
275 require_once 'libraries/DisplayResults.class.php';
276
277 $displayResultsObject = new PMA_DisplayResults(
278 $GLOBALS['db'], $GLOBALS['table'], $GLOBALS['goto'], $GLOBALS['sql_query']
279 );
280
281 $displayResultsObject->setConfigParamsForDisplayTable();
282
283 /**
284 * Need to find the real end of rows?
285 */
286 if (isset($find_real_end) && $find_real_end) {
287 $unlim_num_rows = PMA_Table::countRecords($db, $table, true);
288 $_SESSION['tmp_user_values']['pos'] = @((ceil(
289 $unlim_num_rows / $_SESSION['tmp_user_values']['max_rows']
290 ) - 1) * $_SESSION['tmp_user_values']['max_rows']);
291 }
292
293
294 /**
295 * Bookmark add
296 */
297 if (isset($store_bkm)) {
298 $result = PMA_Bookmark_save(
299 $fields,
300 (isset($bkm_all_users) && $bkm_all_users == 'true' ? true : false)
301 );
302 $response = PMA_Response::getInstance();
303 if ($response->isAjax()) {
304 if ($result) {
305 $msg = PMA_message::success(__('Bookmark %s created'));
306 $msg->addParam($fields['label']);
307 $response->addJSON('message', $msg);
308 } else {
309 $msg = PMA_message::error(__('Bookmark not created'));
310 $response->isSuccess(false);
311 $response->addJSON('message', $msg);
312 }
313 exit;
314 } else {
315 // go back to sql.php to redisplay query; do not use &amp; in this case:
316 PMA_sendHeaderLocation(
317 $cfg['PmaAbsoluteUri'] . $goto . '&label=' . $fields['label']
318 );
319 }
320 } // end if
321
322 /**
323 * Parse and analyze the query
324 */
325 require_once 'libraries/parse_analyze.lib.php';
326
327 /**
328 * Sets or modifies the $goto variable if required
329 */
330 if ($goto == 'sql.php') {
331 $is_gotofile = false;
332 $goto = 'sql.php?'
333 . PMA_generate_common_url($db, $table)
334 . '&amp;sql_query=' . urlencode($sql_query);
335 } // end if
336
337 /**
338 * Go back to further page if table should not be dropped
339 */
340 if (isset($_REQUEST['btnDrop']) && $_REQUEST['btnDrop'] == __('No')) {
341 if (! empty($back)) {
342 $goto = $back;
343 }
344 if ($is_gotofile) {
345 if (strpos($goto, 'db_') === 0 && strlen($table)) {
346 $table = '';
347 }
348 $active_page = $goto;
349 include '' . PMA_securePath($goto);
350 } else {
351 PMA_sendHeaderLocation(
352 $cfg['PmaAbsoluteUri'] . str_replace('&amp;', '&', $goto)
353 );
354 }
355 exit();
356 } // end if
357
358
359 /**
360 * Displays the confirm page if required
361 *
362 * This part of the script is bypassed if $is_js_confirmed = 1 (already checked
363 * with js) because possible security issue is not so important here: at most,
364 * the confirm message isn't displayed.
365 *
366 * Also bypassed if only showing php code.or validating a SQL query
367 */
368 // if we are coming from a "Create PHP code" or a "Without PHP Code"
369 // dialog, we won't execute the query anyway, so don't confirm
370 if (! $cfg['Confirm']
371 || isset($_REQUEST['is_js_confirmed'])
372 || isset($_REQUEST['btnDrop'])
373 || isset($GLOBALS['show_as_php'])
374 || ! empty($GLOBALS['validatequery'])
375 ) {
376 $do_confirm = false;
377 } else {
378 $do_confirm = isset($analyzed_sql[0]['queryflags']['need_confirm']);
379 }
380
381 if ($do_confirm) {
382 $stripped_sql_query = $sql_query;
383 $input = '<input type="hidden" name="%s" value="%s" />';
384 $output = '';
385 if ($is_drop_database) {
386 $output .= '<h1 class="error">';
387 $output .= __('You are about to DESTROY a complete database!');
388 $output .= '</h1>';
389 }
390 $form = '<form class="disableAjax" action="sql.php" method="post">';
391 $form .= PMA_generate_common_hidden_inputs($db, $table);
392
393 $form .= sprintf(
394 $input, 'sql_query', htmlspecialchars($sql_query)
395 );
396 $form .= sprintf(
397 $input, 'message_to_show',
398 (isset($message_to_show) ? PMA_sanitize($message_to_show, true) : '')
399 );
400 $form .= sprintf(
401 $input, 'goto', $goto
402 );
403 $form .= sprintf(
404 $input, 'back',
405 (isset($back) ? PMA_sanitize($back, true) : '')
406 );
407 $form .= sprintf(
408 $input, 'reload',
409 (isset($reload) ? PMA_sanitize($reload, true) : '')
410 );
411 $form .= sprintf(
412 $input, 'purge',
413 (isset($purge) ? PMA_sanitize($purge, true) : '')
414 );
415 $form .= sprintf(
416 $input, 'dropped_column',
417 (isset($dropped_column) ? PMA_sanitize($dropped_column, true) : '')
418 );
419 $form .= sprintf(
420 $input, 'show_query',
421 (isset($message_to_show) ? PMA_sanitize($show_query, true) : '')
422 );
423 $form = str_replace('%', '%%', $form) . '%s</form>';
424
425 $output .='<fieldset class="confirmation">'
426 .'<legend>'
427 . __('Do you really want to execute the following query?')
428 . '</legend>'
429 .'<code>' . htmlspecialchars($stripped_sql_query) . '</code>'
430 .'</fieldset>'
431 .'<fieldset class="tblFooters">';
432
433 $yes_input = sprintf($input, 'btnDrop', __('Yes'));
434 $yes_input .= '<input type="submit" value="' . __('Yes') . '" id="buttonYes" />';
435 $no_input = sprintf($input, 'btnDrop', __('No'));
436 $no_input .= '<input type="submit" value="' . __('No') . '" id="buttonNo" />';
437
438 $output .= sprintf($form, $yes_input);
439 $output .= sprintf($form, $no_input);
440
441 $output .='</fieldset>';
442 $output .= '';
443
444 PMA_Response::getInstance()->addHTML($output);
445
446 exit;
447 } // end if $do_confirm
448
449
450 // Defines some variables
451 // A table has to be created, renamed, dropped -> navi frame should be reloaded
452 /**
453 * @todo use the parser/analyzer
454 */
455
456 if (empty($reload)
457 && preg_match('/^(CREATE|ALTER|DROP)\s+(VIEW|TABLE|DATABASE|SCHEMA)\s+/i', $sql_query)
458 ) {
459 $reload = 1;
460 }
461
462 // $is_group added for use in calculation of total number of rows.
463 // $is_count is changed for more correct "LIMIT" clause
464 // appending in queries like
465 // "SELECT COUNT(...) FROM ... GROUP BY ..."
466
467 /**
468 * @todo detect all this with the parser, to avoid problems finding
469 * those strings in comments or backquoted identifiers
470 */
471 list($is_group, $is_func, $is_count, $is_export, $is_analyse, $is_explain,
472 $is_delete, $is_affected, $is_insert, $is_replace, $is_show, $is_maint)
473 = PMA_getDisplayPropertyParams(
474 $sql_query, $is_select
475 );
476
477 // assign default full_sql_query
478 $full_sql_query = $sql_query;
479
480 // Handle remembered sorting order, only for single table query
481 if ($GLOBALS['cfg']['RememberSorting']
482 && ! ($is_count || $is_export || $is_func || $is_analyse)
483 && isset($analyzed_sql[0]['select_expr'])
484 && (count($analyzed_sql[0]['select_expr']) == 0)
485 && isset($analyzed_sql[0]['queryflags']['select_from'])
486 && count($analyzed_sql[0]['table_ref']) == 1
487 ) {
488 PMA_handleSortOrder($db, $table, $analyzed_sql, $full_sql_query);
489 }
490
491 $sql_limit_to_append = '';
492 // Do append a "LIMIT" clause?
493 if (($_SESSION['tmp_user_values']['max_rows'] != 'all')
494 && ! ($is_count || $is_export || $is_func || $is_analyse)
495 && isset($analyzed_sql[0]['queryflags']['select_from'])
496 && ! isset($analyzed_sql[0]['queryflags']['offset'])
497 && empty($analyzed_sql[0]['limit_clause'])
498 ) {
499 $sql_limit_to_append = ' LIMIT ' . $_SESSION['tmp_user_values']['pos']
500 . ', ' . $_SESSION['tmp_user_values']['max_rows'] . " ";
501 $full_sql_query = PMA_getSqlWithLimitClause(
502 $full_sql_query,
503 $analyzed_sql,
504 $sql_limit_to_append
505 );
506
507 /**
508 * @todo pretty printing of this modified query
509 */
510 if (isset($display_query)) {
511 // if the analysis of the original query revealed that we found
512 // a section_after_limit, we now have to analyze $display_query
513 // to display it correctly
514
515 if (! empty($analyzed_sql[0]['section_after_limit'])
516 && trim($analyzed_sql[0]['section_after_limit']) != ';'
517 ) {
518 $analyzed_display_query = PMA_SQP_analyze(
519 PMA_SQP_parse($display_query)
520 );
521 $display_query = $analyzed_display_query[0]['section_before_limit']
522 . "\n" . $sql_limit_to_append
523 . $analyzed_display_query[0]['section_after_limit'];
524 }
525 }
526 }
527
528 if (strlen($db)) {
529 PMA_DBI_selectDb($db);
530 }
531
532 // E x e c u t e t h e q u e r y
533
534 // Only if we didn't ask to see the php code
535 if (isset($GLOBALS['show_as_php']) || ! empty($GLOBALS['validatequery'])) {
536 unset($result);
537 $num_rows = 0;
538 $unlim_num_rows = 0;
539 } else {
540 if (isset($_SESSION['profiling']) && PMA_Util::profilingSupported()) {
541 PMA_DBI_query('SET PROFILING=1;');
542 }
543
544 // Measure query time.
545 $querytime_before = array_sum(explode(' ', microtime()));
546
547 $result = @PMA_DBI_tryQuery($full_sql_query, null, PMA_DBI_QUERY_STORE);
548
549 // If a stored procedure was called, there may be more results that are
550 // queued up and waiting to be flushed from the buffer. So let's do that.
551 do {
552 PMA_DBI_storeResult();
553 if (! PMA_DBI_moreResults()) {
554 break;
555 }
556 } while (PMA_DBI_nextResult());
557
558 $is_procedure = false;
559 if (stripos($full_sql_query, 'call') !== false) {
560 $is_procedure = true;
561 }
562
563 $querytime_after = array_sum(explode(' ', microtime()));
564
565 $GLOBALS['querytime'] = $querytime_after - $querytime_before;
566
567 // Displays an error message if required and stop parsing the script
568 $error = PMA_DBI_getError();
569 if ($error) {
570 if ($is_gotofile) {
571 if (strpos($goto, 'db_') === 0 && strlen($table)) {
572 $table = '';
573 }
574 $active_page = $goto;
575 $message = PMA_Message::rawError($error);
576
577 if ($GLOBALS['is_ajax_request'] == true) {
578 $response = PMA_Response::getInstance();
579 $response->isSuccess(false);
580 $response->addJSON('message', $message);
581 exit;
582 }
583
584 /**
585 * Go to target path.
586 */
587 include '' . PMA_securePath($goto);
588 } else {
589 $full_err_url = $err_url;
590 if (preg_match('@^(db|tbl)_@', $err_url)) {
591 $full_err_url .= '&amp;show_query=1&amp;sql_query='
592 . urlencode($sql_query);
593 }
594 PMA_Util::mysqlDie($error, $full_sql_query, '', $full_err_url);
595 }
596 exit;
597 }
598 unset($error);
599
600 // If there are no errors and bookmarklabel was given,
601 // store the query as a bookmark
602 if (! empty($bkm_label) && ! empty($import_text)) {
603 include_once 'libraries/bookmark.lib.php';
604 $bfields = array(
605 'dbase' => $db,
606 'user' => $cfg['Bookmark']['user'],
607 'query' => urlencode($import_text),
608 'label' => $bkm_label
609 );
610
611 // Should we replace bookmark?
612 if (isset($bkm_replace)) {
613 $bookmarks = PMA_Bookmark_getList($db);
614 foreach ($bookmarks as $key => $val) {
615 if ($val == $bkm_label) {
616 PMA_Bookmark_delete($db, $key);
617 }
618 }
619 }
620
621 PMA_Bookmark_save($bfields, isset($bkm_all_users));
622
623 $bookmark_created = true;
624 } // end store bookmarks
625
626 // Gets the number of rows affected/returned
627 // (This must be done immediately after the query because
628 // mysql_affected_rows() reports about the last query done)
629
630 if (! $is_affected) {
631 $num_rows = ($result) ? @PMA_DBI_numRows($result) : 0;
632 } elseif (! isset($num_rows)) {
633 $num_rows = @PMA_DBI_affectedRows();
634 }
635
636 // Grabs the profiling results
637 if (isset($_SESSION['profiling']) && PMA_Util::profilingSupported()) {
638 $profiling_results = PMA_DBI_fetchResult('SHOW PROFILE;');
639 }
640
641 // Checks if the current database has changed
642 // This could happen if the user sends a query like "USE `database`;"
643 /**
644 * commented out auto-switching to active database - really required?
645 * bug #2558 win: table list disappears (mixed case db names)
646 * https://sourceforge.net/p/phpmyadmin/bugs/2558/
647 * @todo RELEASE test and comit or rollback before release
648 $current_db = PMA_DBI_fetchValue('SELECT DATABASE()');
649 if ($db !== $current_db) {
650 $db = $current_db;
651 $reload = 1;
652 }
653 unset($current_db);
654 */
655
656 // tmpfile remove after convert encoding appended by Y.Kawada
657 if (function_exists('PMA_kanji_file_conv')
658 && (isset($textfile) && file_exists($textfile))
659 ) {
660 unlink($textfile);
661 }
662
663 // Counts the total number of rows for the same 'SELECT' query without the
664 // 'LIMIT' clause that may have been programatically added
665
666 if (empty($sql_limit_to_append)) {
667 $unlim_num_rows = $num_rows;
668 // if we did not append a limit, set this to get a correct
669 // "Showing rows..." message
670 //$_SESSION['tmp_user_values']['max_rows'] = 'all';
671 } elseif ($is_select) {
672
673 // c o u n t q u e r y
674
675 // If we are "just browsing", there is only one table,
676 // and no WHERE clause (or just 'WHERE 1 '),
677 // we do a quick count (which uses MaxExactCount) because
678 // SQL_CALC_FOUND_ROWS is not quick on large InnoDB tables
679
680 // However, do not count again if we did it previously
681 // due to $find_real_end == true
682 if (! $is_group
683 && ! isset($analyzed_sql[0]['queryflags']['union'])
684 && ! isset($analyzed_sql[0]['queryflags']['distinct'])
685 && ! isset($analyzed_sql[0]['table_ref'][1]['table_name'])
686 && (empty($analyzed_sql[0]['where_clause'])
687 || $analyzed_sql[0]['where_clause'] == '1 ')
688 && ! isset($find_real_end)
689 ) {
690 // "j u s t b r o w s i n g"
691 $unlim_num_rows = PMA_Table::countRecords($db, $table);
692
693 } else { // n o t " j u s t b r o w s i n g "
694
695 // add select expression after the SQL_CALC_FOUND_ROWS
696
697 // for UNION, just adding SQL_CALC_FOUND_ROWS
698 // after the first SELECT works.
699
700 // take the left part, could be:
701 // SELECT
702 // (SELECT
703 $count_query = PMA_SQP_formatHtml(
704 $parsed_sql,
705 'query_only',
706 0,
707 $analyzed_sql[0]['position_of_first_select'] + 1
708 );
709 $count_query .= ' SQL_CALC_FOUND_ROWS ';
710 // add everything that was after the first SELECT
711 $count_query .= PMA_SQP_formatHtml(
712 $parsed_sql,
713 'query_only',
714 $analyzed_sql[0]['position_of_first_select'] + 1
715 );
716 // ensure there is no semicolon at the end of the
717 // count query because we'll probably add
718 // a LIMIT 1 clause after it
719 $count_query = rtrim($count_query);
720 $count_query = rtrim($count_query, ';');
721
722 // if using SQL_CALC_FOUND_ROWS, add a LIMIT to avoid
723 // long delays. Returned count will be complete anyway.
724 // (but a LIMIT would disrupt results in an UNION)
725
726 if (! isset($analyzed_sql[0]['queryflags']['union'])) {
727 $count_query .= ' LIMIT 1';
728 }
729
730 // run the count query
731
732 PMA_DBI_tryQuery($count_query);
733 // if (mysql_error()) {
734 // void.
735 // I tried the case
736 // (SELECT `User`, `Host`, `Db`, `Select_priv` FROM `db`)
737 // UNION (SELECT `User`, `Host`, "%" AS "Db",
738 // `Select_priv`
739 // FROM `user`) ORDER BY `User`, `Host`, `Db`;
740 // and although the generated count_query is wrong
741 // the SELECT FOUND_ROWS() work! (maybe it gets the
742 // count from the latest query that worked)
743 //
744 // another case where the count_query is wrong:
745 // SELECT COUNT(*), f1 from t1 group by f1
746 // and you click to sort on count(*)
747 // }
748 $unlim_num_rows = PMA_DBI_fetchValue('SELECT FOUND_ROWS()');
749 } // end else "just browsing"
750
751 } else { // not $is_select
752 $unlim_num_rows = 0;
753 } // end rows total count
754
755 // if a table or database gets dropped, check column comments.
756 if (isset($purge) && $purge == '1') {
757 /**
758 * Cleanup relations.
759 */
760 include_once 'libraries/relation_cleanup.lib.php';
761
762 if (strlen($table) && strlen($db)) {
763 PMA_relationsCleanupTable($db, $table);
764 } elseif (strlen($db)) {
765 PMA_relationsCleanupDatabase($db);
766 } else {
767 // VOID. No DB/Table gets deleted.
768 } // end if relation-stuff
769 } // end if ($purge)
770
771 // If a column gets dropped, do relation magic.
772 if (isset($dropped_column)
773 && strlen($db)
774 && strlen($table)
775 && ! empty($dropped_column)
776 ) {
777 include_once 'libraries/relation_cleanup.lib.php';
778 PMA_relationsCleanupColumn($db, $table, $dropped_column);
779 // to refresh the list of indexes (Ajax mode)
780 $extra_data['indexes_list'] = PMA_Index::getView($table, $db);
781 } // end if column was dropped
782 } // end else "didn't ask to see php code"
783
784 // No rows returned -> move back to the calling page
785 if ((0 == $num_rows && 0 == $unlim_num_rows) || $is_affected) {
786 // Delete related tranformation information
787 if (!empty($analyzed_sql[0]['querytype'])
788 && (($analyzed_sql[0]['querytype'] == 'ALTER')
789 || ($analyzed_sql[0]['querytype'] == 'DROP'))
790 ) {
791 include_once 'libraries/transformations.lib.php';
792 if ($analyzed_sql[0]['querytype'] == 'ALTER') {
793 if (stripos($analyzed_sql[0]['unsorted_query'], 'DROP') !== false) {
794 $drop_column = PMA_getColumnNameInColumnDropSql(
795 $analyzed_sql[0]['unsorted_query']
796 );
797
798 if ($drop_column != '') {
799 PMA_clearTransformations($db, $table, $drop_column);
800 }
801 }
802
803 } else if (($analyzed_sql[0]['querytype'] == 'DROP') && ($table != '')) {
804 PMA_clearTransformations($db, $table);
805 }
806 }
807
808 if ($is_delete) {
809 $message = PMA_Message::getMessageForDeletedRows($num_rows);
810 } elseif ($is_insert) {
811 if ($is_replace) {
812 // For replace we get DELETED + INSERTED row count,
813 // so we have to call it affected
814 $message = PMA_Message::getMessageForAffectedRows($num_rows);
815 } else {
816 $message = PMA_Message::getMessageForInsertedRows($num_rows);
817 }
818 $insert_id = PMA_DBI_insertId();
819 if ($insert_id != 0) {
820 // insert_id is id of FIRST record inserted in one insert,
821 // so if we inserted multiple rows, we had to increment this
822 $message->addMessage('[br]');
823 // need to use a temporary because the Message class
824 // currently supports adding parameters only to the first
825 // message
826 $_inserted = PMA_Message::notice(__('Inserted row id: %1$d'));
827 $_inserted->addParam($insert_id + $num_rows - 1);
828 $message->addMessage($_inserted);
829 }
830 } elseif ($is_affected) {
831 $message = PMA_Message::getMessageForAffectedRows($num_rows);
832
833 // Ok, here is an explanation for the !$is_select.
834 // The form generated by sql_query_form.lib.php
835 // and db_sql.php has many submit buttons
836 // on the same form, and some confusion arises from the
837 // fact that $message_to_show is sent for every case.
838 // The $message_to_show containing a success message and sent with
839 // the form should not have priority over errors
840 } elseif (! empty($message_to_show) && ! $is_select) {
841 $message = PMA_Message::rawSuccess(htmlspecialchars($message_to_show));
842 } elseif (! empty($GLOBALS['show_as_php'])) {
843 $message = PMA_Message::success(__('Showing as PHP code'));
844 } elseif (isset($GLOBALS['show_as_php'])) {
845 /* User disable showing as PHP, query is only displayed */
846 $message = PMA_Message::notice(__('Showing SQL query'));
847 } elseif (! empty($GLOBALS['validatequery'])) {
848 $message = PMA_Message::notice(__('Validated SQL'));
849 } else {
850 $message = PMA_Message::success(
851 __('MySQL returned an empty result set (i.e. zero rows).')
852 );
853 }
854
855 if (isset($GLOBALS['querytime'])) {
856 $_querytime = PMA_Message::notice('(' . __('Query took %01.4f sec') . ')');
857 $_querytime->addParam($GLOBALS['querytime']);
858 $message->addMessage($_querytime);
859 }
860
861 if ($GLOBALS['is_ajax_request'] == true) {
862 if ($cfg['ShowSQL']) {
863 $extra_data['sql_query'] = PMA_Util::getMessage(
864 $message, $GLOBALS['sql_query'], 'success'
865 );
866 }
867 if (isset($GLOBALS['reload']) && $GLOBALS['reload'] == 1) {
868 $extra_data['reload'] = 1;
869 $extra_data['db'] = $GLOBALS['db'];
870 }
871 $response = PMA_Response::getInstance();
872 $response->isSuccess($message->isSuccess());
873 // No need to manually send the message
874 // The Response class will handle that automatically
875 $query__type = PMA_DisplayResults::QUERY_TYPE_SELECT;
876 if ($analyzed_sql[0]['querytype'] == $query__type) {
877 $createViewHTML = $displayResultsObject->getCreateViewQueryResultOp(
878 $analyzed_sql
879 );
880 $response->addHTML($createViewHTML.'<br />');
881 }
882
883 $response->addJSON(isset($extra_data) ? $extra_data : array());
884 if (empty($_REQUEST['ajax_page_request'])) {
885 $response->addJSON('message', $message);
886 exit;
887 }
888 }
889
890 if ($is_gotofile) {
891 $goto = PMA_securePath($goto);
892 // Checks for a valid target script
893 $is_db = $is_table = false;
894 if (isset($_REQUEST['purge']) && $_REQUEST['purge'] == '1') {
895 $table = '';
896 unset($url_params['table']);
897 }
898 include 'libraries/db_table_exists.lib.php';
899
900 if (strpos($goto, 'tbl_') === 0 && ! $is_table) {
901 if (strlen($table)) {
902 $table = '';
903 }
904 $goto = 'db_sql.php';
905 }
906 if (strpos($goto, 'db_') === 0 && ! $is_db) {
907 if (strlen($db)) {
908 $db = '';
909 }
910 $goto = 'index.php';
911 }
912 // Loads to target script
913 if (strlen($goto) > 0) {
914 $active_page = $goto;
915 include '' . $goto;
916 } else {
917 // Echo at least one character to prevent showing last page from history
918 echo " ";
919 }
920
921 } else {
922 // avoid a redirect loop when last record was deleted
923 if (0 == $num_rows && 'sql.php' == $cfg['DefaultTabTable']) {
924 $goto = str_replace('sql.php', 'tbl_structure.php', $goto);
925 }
926 PMA_sendHeaderLocation(
927 $cfg['PmaAbsoluteUri'] . str_replace('&amp;', '&', $goto)
928 . '&message=' . urlencode($message)
929 );
930 } // end else
931 exit();
932 // end no rows returned
933 } else {
934 $html_output='';
935 // At least one row is returned -> displays a table with results
936 //If we are retrieving the full value of a truncated field or the original
937 // value of a transformed field, show it here and exit
938 if ($GLOBALS['grid_edit'] == true) {
939 $row = PMA_DBI_fetchRow($result);
940 $response = PMA_Response::getInstance();
941 $response->addJSON('value', $row[0]);
942 exit;
943 }
944
945 if (isset($_REQUEST['ajax_request']) && isset($_REQUEST['table_maintenance'])) {
946 $response = PMA_Response::getInstance();
947 $header = $response->getHeader();
948 $scripts = $header->getScripts();
949 $scripts->addFile('makegrid.js');
950 $scripts->addFile('sql.js');
951
952 // Gets the list of fields properties
953 if (isset($result) && $result) {
954 $fields_meta = PMA_DBI_getFieldsMeta($result);
955 $fields_cnt = count($fields_meta);
956 }
957
958 if (empty($disp_mode)) {
959 // see the "PMA_setDisplayMode()" function in
960 // libraries/DisplayResults.class.php
961 $disp_mode = 'urdr111101';
962 }
963
964 // hide edit and delete links for information_schema
965 if (PMA_is_system_schema($db)) {
966 $disp_mode = 'nnnn110111';
967 }
968
969 if (isset($message)) {
970 $message = PMA_Message::success($message);
971 $html_output .= PMA_Util::getMessage(
972 $message, $GLOBALS['sql_query'], 'success'
973 );
974 }
975
976 // Should be initialized these parameters before parsing
977 $showtable = isset($showtable) ? $showtable : null;
978 $printview = isset($printview) ? $printview : null;
979 $url_query = isset($url_query) ? $url_query : null;
980
981 if (!empty($sql_data) && ($sql_data['valid_queries'] > 1)) {
982
983 $_SESSION['is_multi_query'] = true;
984 $html_output .= getTableHtmlForMultipleQueries(
985 $displayResultsObject, $db, $sql_data, $goto,
986 $pmaThemeImage, $text_dir, $printview, $url_query,
987 $disp_mode, $sql_limit_to_append, false
988 );
989 } else {
990 $_SESSION['is_multi_query'] = false;
991 $displayResultsObject->setProperties(
992 $unlim_num_rows, $fields_meta, $is_count, $is_export, $is_func,
993 $is_analyse, $num_rows, $fields_cnt, $querytime, $pmaThemeImage,
994 $text_dir, $is_maint, $is_explain, $is_show, $showtable,
995 $printview, $url_query, false
996 );
997
998 $html_output .= $displayResultsObject->getTable(
999 $result, $disp_mode, $analyzed_sql
1000 );
1001 $response = PMA_Response::getInstance();
1002 $response->addHTML($html_output);
1003 exit();
1004 }
1005 }
1006
1007 // Displays the headers
1008 if (isset($show_query)) {
1009 unset($show_query);
1010 }
1011 if (isset($printview) && $printview == '1') {
1012 PMA_Util::checkParameters(array('db', 'full_sql_query'));
1013
1014 $response = PMA_Response::getInstance();
1015 $header = $response->getHeader();
1016 $header->enablePrintView();
1017
1018 $html_output .= PMA_getHtmlForPrintViewHeader(
1019 $db, $full_sql_query, $num_rows
1020 );
1021 } else {
1022 $response = PMA_Response::getInstance();
1023 $header = $response->getHeader();
1024 $scripts = $header->getScripts();
1025 $scripts->addFile('makegrid.js');
1026 $scripts->addFile('sql.js');
1027
1028 unset($message);
1029
1030 if (! $GLOBALS['is_ajax_request']) {
1031 if (strlen($table)) {
1032 include 'libraries/tbl_common.inc.php';
1033 $url_query .= '&amp;goto=tbl_sql.php&amp;back=tbl_sql.php';
1034 include 'libraries/tbl_info.inc.php';
1035 } elseif (strlen($db)) {
1036 include 'libraries/db_common.inc.php';
1037 include 'libraries/db_info.inc.php';
1038 } else {
1039 include 'libraries/server_common.inc.php';
1040 }
1041 } else {
1042 //we don't need to buffer the output in getMessage here.
1043 //set a global variable and check against it in the function
1044 $GLOBALS['buffer_message'] = false;
1045 }
1046 }
1047
1048 if (strlen($db)) {
1049 $cfgRelation = PMA_getRelationsParam();
1050 }
1051
1052 // Gets the list of fields properties
1053 if (isset($result) && $result) {
1054 $fields_meta = PMA_DBI_getFieldsMeta($result);
1055 $fields_cnt = count($fields_meta);
1056 }
1057
1058 //begin the sqlqueryresults div here. container div
1059 $html_output .= '<div id="sqlqueryresults"';
1060 $html_output .= ' class="ajax"';
1061 $html_output .= '>';
1062
1063 // Display previous update query (from tbl_replace)
1064 if (isset($disp_query) && ($cfg['ShowSQL'] == true) && empty($sql_data)) {
1065 $html_output .= PMA_Util::getMessage($disp_message, $disp_query, 'success');
1066 }
1067
1068 if (isset($profiling_results)) {
1069 // pma_token/url_query needed for chart export
1070 $token = $_SESSION[' PMA_token '];
1071 $url = (isset($url_query) ? $url_query : PMA_generate_common_url($db));
1072
1073 $html_output .= PMA_getHtmlForProfilingChart(
1074 $url, $token, $profiling_results
1075 );
1076 }
1077
1078 // Displays the results in a table
1079 if (empty($disp_mode)) {
1080 // see the "PMA_setDisplayMode()" function in
1081 // libraries/DisplayResults.class.php
1082 $disp_mode = 'urdr111101';
1083 }
1084
1085 $resultSetContainsUniqueKey = PMA_resultSetContainsUniqueKey(
1086 $db, $table, $fields_meta
1087 );
1088
1089 // hide edit and delete links:
1090 // - for information_schema
1091 // - if the result set does not contain all the columns of a unique key
1092 if (PMA_is_system_schema($db) || ! $resultSetContainsUniqueKey) {
1093 $disp_mode = 'nnnn110111';
1094 $msg = PMA_message::notice(
1095 __(
1096 'This table does not contain a unique column.'
1097 . ' Grid edit, checkbox, Edit, Copy and Delete features'
1098 . ' are not available.'
1099 )
1100 );
1101 $html_output .= $msg->getDisplay();
1102 }
1103
1104 if (isset($label)) {
1105 $msg = PMA_message::success(__('Bookmark %s created'));
1106 $msg->addParam($label);
1107 $html_output .= $msg->getDisplay();
1108 }
1109
1110 // Should be initialized these parameters before parsing
1111 $showtable = isset($showtable) ? $showtable : null;
1112 $printview = isset($printview) ? $printview : null;
1113 $url_query = isset($url_query) ? $url_query : null;
1114
1115 if (! empty($sql_data) && ($sql_data['valid_queries'] > 1) || $is_procedure) {
1116
1117 $_SESSION['is_multi_query'] = true;
1118 $html_output .= getTableHtmlForMultipleQueries(
1119 $displayResultsObject, $db, $sql_data, $goto,
1120 $pmaThemeImage, $text_dir, $printview, $url_query,
1121 $disp_mode, $sql_limit_to_append, $resultSetContainsUniqueKey
1122 );
1123 } else {
1124 $_SESSION['is_multi_query'] = false;
1125 $displayResultsObject->setProperties(
1126 $unlim_num_rows, $fields_meta, $is_count, $is_export, $is_func,
1127 $is_analyse, $num_rows, $fields_cnt, $querytime, $pmaThemeImage,
1128 $text_dir, $is_maint, $is_explain, $is_show, $showtable,
1129 $printview, $url_query, $resultSetContainsUniqueKey
1130 );
1131
1132 $html_output .= $displayResultsObject->getTable($result, $disp_mode, $analyzed_sql);
1133 PMA_DBI_freeResult($result);
1134 }
1135
1136 // BEGIN INDEX CHECK See if indexes should be checked.
1137 if (isset($query_type)
1138 && $query_type == 'check_tbl'
1139 && isset($selected)
1140 && is_array($selected)
1141 ) {
1142 foreach ($selected as $idx => $tbl_name) {
1143 $check = PMA_Index::findDuplicates($tbl_name, $db);
1144 if (! empty($check)) {
1145 $html_output .= sprintf(__('Problems with indexes of table `%s`'), $tbl_name);
1146 $html_output .= $check;
1147 }
1148 }
1149 } // End INDEX CHECK
1150
1151 // Bookmark support if required
1152 if ($disp_mode[7] == '1'
1153 && (! empty($cfg['Bookmark']) && empty($id_bookmark))
1154 && ! empty($sql_query)
1155 ) {
1156 $html_output .= "\n";
1157 $goto = 'sql.php?'
1158 . PMA_generate_common_url($db, $table)
1159 . '&amp;sql_query=' . urlencode($sql_query)
1160 . '&amp;id_bookmark=1';
1161
1162 $html_output .= '<form action="sql.php" method="post"'
1163 . ' onsubmit="return ! emptyFormElements(this, \'fields[label]\');"'
1164 . ' id="bookmarkQueryForm">';
1165 $html_output .= PMA_generate_common_hidden_inputs();
1166 $html_output .= '<input type="hidden" name="goto" value="' . $goto . '" />';
1167 $html_output .= '<input type="hidden" name="fields[dbase]"'
1168 . ' value="' . htmlspecialchars($db) . '" />';
1169 $html_output .= '<input type="hidden" name="fields[user]"'
1170 . ' value="' . $cfg['Bookmark']['user'] . '" />';
1171 $html_output .= '<input type="hidden" name="fields[query]"' . ' value="'
1172 . urlencode(isset($complete_query) ? $complete_query : $sql_query)
1173 . '" />';
1174 $html_output .= '<fieldset>';
1175 $html_output .= '<legend>';
1176 $html_output .= PMA_Util::getIcon(
1177 'b_bookmark.png', __('Bookmark this SQL query'), true
1178 );
1179 $html_output .= '</legend>';
1180 $html_output .= '<div class="formelement">';
1181 $html_output .= '<label for="fields_label_">' . __('Label:') . '</label>';
1182 $html_output .= '<input type="text" id="fields_label_"'
1183 . ' name="fields[label]" value="" />';
1184 $html_output .= '</div>';
1185 $html_output .= '<div class="formelement">';
1186 $html_output .= '<input type="checkbox" name="bkm_all_users"'
1187 . ' id="bkm_all_users" value="true" />';
1188 $html_output .= '<label for="bkm_all_users">'
1189 . __('Let every user access this bookmark')
1190 . '</label>';
1191 $html_output .= '</div>';
1192 $html_output .= '<div class="clearfloat"></div>';
1193 $html_output .= '</fieldset>';
1194 $html_output .= '<fieldset class="tblFooters">';
1195 $html_output .= '<input type="hidden" name="store_bkm" value="1" />';
1196 $html_output .= '<input type="submit"'
1197 . ' value="' . __('Bookmark this SQL query') . '" />';
1198 $html_output .= '</fieldset>';
1199 $html_output .= '</form>';
1200 } // end bookmark support
1201
1202 // Do print the page if required
1203 if (isset($printview) && $printview == '1') {
1204 $html_output .= PMA_Util::getButton();
1205 } // end print case
1206 $html_output .= '</div>'; // end sqlqueryresults div
1207 $response = PMA_Response::getInstance();
1208 $response->addHTML($html_output);
1209 } // end rows returned
1210
1211 $_SESSION['is_multi_query'] = false;
1212
1213 /**
1214 * Displays the footer
1215 */
1216 if (! isset($_REQUEST['table_maintenance'])) {
1217 exit;
1218 }
1219
1220 ?>
phpMyAdmin