view_create.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * handles creation of VIEWs
   5  *
   6  * @todo js error when view name is empty (strFormEmpty)
   7  * @todo (also validate if js is disabled, after form submission?)
   8  * @package PhpMyAdmin
   9  */
  10
  11 /**
  12  *
  13  */
  14 require_once './libraries/common.inc.php';
  15
  16 /**
  17  * Runs common work
  18  */
  19 require './libraries/db_common.inc.php';
  20 $url_params['goto'] = 'tbl_structure.php';
  21 $url_params['back'] = 'view_create.php';
  22
  23 $view_algorithm_options = array(
  24     'UNDEFINED',
  25     'MERGE',
  26     'TEMPTABLE',
  27 );
  28
  29 $view_with_options = array(
  30     'CASCADED',
  31     'LOCAL'
  32 );
  33
  34 $view_security_options = array(
  35     'DEFINER',
  36     'INVOKER'
  37 );
  38
  39 if (empty($sql_query)) {
  40     $sql_query = '';
  41 }
  42
  43 if (isset($_REQUEST['createview']) || isset($_REQUEST['alterview'])) {
  44     /**
  45      * Creates the view
  46      */
  47     $sep = "\r\n";
  48
  49     if (isset($_REQUEST['createview'])) {
  50         $sql_query = 'CREATE';
  51         if (isset($_REQUEST['view']['or_replace'])) {
  52             $sql_query .= ' OR REPLACE';
  53         }
  54     } else {
  55         $sql_query = 'ALTER';
  56     }
  57
  58     if (PMA_isValid($_REQUEST['view']['algorithm'], $view_algorithm_options)) {
  59         $sql_query .= $sep . ' ALGORITHM = ' . $_REQUEST['view']['algorithm'];
  60     }
  61
  62     if (! empty($_REQUEST['view']['definer'])) {
  63         $sql_query .= $sep . ' DEFINER = ' . $_REQUEST['view']['definer'];
  64     }
  65
  66     if (isset($_REQUEST['view']['sql_security'])) {
  67         if (in_array($_REQUEST['view']['sql_security'], $view_security_options)) {
  68             $sql_query .= $sep . ' SQL SECURITY '
  69                 . $_REQUEST['view']['sql_security'];
  70         }
  71     }
  72
  73     $sql_query .= $sep . ' VIEW ' . PMA_Util::backquote($_REQUEST['view']['name']);
  74
  75     if (! empty($_REQUEST['view']['column_names'])) {
  76         $sql_query .= $sep . ' (' . $_REQUEST['view']['column_names'] . ')';
  77     }
  78
  79     $sql_query .= $sep . ' AS ' . $_REQUEST['view']['as'];
  80
  81     if (isset($_REQUEST['view']['with'])) {
  82         if (in_array($_REQUEST['view']['with'], $view_with_options)) {
  83             $sql_query .= $sep . ' WITH ' . $_REQUEST['view']['with']
  84                 . '  CHECK OPTION';
  85         }
  86     }
  87
  88     if ($GLOBALS['dbi']->tryQuery($sql_query)) {
  89
  90         include_once './libraries/tbl_views.lib.php';
  91
  92         // If different column names defined for VIEW
  93         $view_columns = array();
  94         if (isset($_REQUEST['view']['column_names'])) {
  95             $view_columns = explode(',', $_REQUEST['view']['column_names']);
  96         }
  97
  98         $column_map = PMA_getColumnMap($_REQUEST['view']['as'], $view_columns);
  99         $pma_tranformation_data = PMA_getExistingTransformationData($GLOBALS['db']);
 100
 101         if ($pma_tranformation_data !== false) {
 102
 103             // SQL for store new transformation details of VIEW
 104             $new_transformations_sql = PMA_getNewTransformationDataSql(
 105                 $pma_tranformation_data, $column_map, $_REQUEST['view']['name'],
 106                 $GLOBALS['db']
 107             );
 108
 109             // Store new transformations
 110             if ($new_transformations_sql != '') {
 111                 $GLOBALS['dbi']->tryQuery($new_transformations_sql);
 112             }
 113
 114         }
 115         unset($pma_tranformation_data);
 116
 117         if (! isset($_REQUEST['ajax_dialog'])) {
 118             $message = PMA_Message::success();
 119             include 'tbl_structure.php';
 120         } else {
 121             $response = PMA_Response::getInstance();
 122             $response->addJSON(
 123                 'message',
 124                 PMA_Util::getMessage(
 125                     PMA_Message::success(), $sql_query
 126                 )
 127             );
 128             $response->isSuccess(true);
 129         }
 130
 131         exit;
 132
 133     } else {
 134         if (! isset($_REQUEST['ajax_dialog'])) {
 135             $message = PMA_Message::rawError($GLOBALS['dbi']->getError());
 136         } else {
 137             $response = PMA_Response::getInstance();
 138             $response->addJSON(
 139                 'message',
 140                 PMA_Message::error(
 141                     "<i>" . htmlspecialchars($sql_query) . "</i><br /><br />"
 142                     . $GLOBALS['dbi']->getError()
 143                 )
 144             );
 145             $response->isSuccess(false);
 146             exit;
 147         }
 148     }
 149 }
 150
 151 // prefill values if not already filled from former submission
 152 $view = array(
 153     'operation' => 'create',
 154     'or_replace' => '',
 155     'algorithm' => '',
 156     'definer' => '',
 157     'sql_security' => '',
 158     'name' => '',
 159     'column_names' => '',
 160     'as' => $sql_query,
 161     'with' => '',
 162 );
 163
 164 if (PMA_isValid($_REQUEST['view'], 'array')) {
 165     $view = array_merge($view, $_REQUEST['view']);
 166 }
 167
 168 $url_params['db'] = $GLOBALS['db'];
 169 $url_params['reload'] = 1;
 170
 171 /**
 172  * Displays the page
 173  */
 174 $htmlString = '<!-- CREATE VIEW options -->'
 175     . '<div id="div_view_options">'
 176     . '<form method="post" action="view_create.php">'
 177     . PMA_URL_getHiddenInputs($url_params)
 178     . '<fieldset>'
 179     . '<legend>'
 180     . (isset($_REQUEST['ajax_dialog']) ?
 181         __('Details') :
 182         ($view['operation'] == 'create' ? __('Create view') : __('Edit view'))
 183     )
 184     . '</legend>'
 185     . '<table class="rte_table">';
 186
 187 if ($view['operation'] == 'create') {
 188     $htmlString .= '<tr>'
 189         . '<td class="nowrap"><label for="or_replace">OR REPLACE</label></td>'
 190         . '<td><input type="checkbox" name="view[or_replace]" id="or_replace"';
 191     if ($view['or_replace']) {
 192         $htmlString .= ' checked="checked"';
 193     }
 194     $htmlString .= ' value="1" /></td></tr>';
 195 }
 196
 197 $htmlString .= '<tr>'
 198     . '<td class="nowrap"><label for="algorithm">ALGORITHM</label></td>'
 199     . '<td><select name="view[algorithm]" id="algorithm">';
 200 foreach ($view_algorithm_options as $option) {
 201     $htmlString .= '<option value="' . htmlspecialchars($option) . '"';
 202     if ($view['algorithm'] === $option) {
 203         $htmlString .= ' selected="selected"';
 204     }
 205     $htmlString .= '>' . htmlspecialchars($option) . '</option>';
 206 }
 207 $htmlString .= '</select>'
 208     . '</td></tr>';
 209
 210 $htmlString .= '<tr><td class="nowrap">' . __('Definer') . '</td>'
 211     . '<td><input type="text" maxlength="100" size="50" name="view[definer]"'
 212     . ' value="' . htmlspecialchars($view['definer']) . '" />'
 213     . '</td></tr>';
 214
 215 $htmlString .= '<tr><td class="nowrap">SQL SECURITY</td>'
 216     . '<td><select name="view[sql_security]">'
 217     . '<option value=""></option>';
 218 foreach ($view_security_options as $option) {
 219     $htmlString .= '<option value="' . htmlspecialchars($option) . '"';
 220     if ($option == $view['sql_security']) {
 221         $htmlString .= ' selected="selected"';
 222     }
 223     $htmlString .= '>' . htmlspecialchars($option) . '</option>';
 224 }
 225 $htmlString .= '<select>'
 226     . '</td></tr>';
 227
 228 if ($view['operation'] == 'create') {
 229     $htmlString .= '<tr><td class="nowrap">' . __('VIEW name') . '</td>'
 230         . '<td><input type="text" size="20" name="view[name]"'
 231         . ' onfocus="this.select()"'
 232         . ' value="' . htmlspecialchars($view['name']) . '" />'
 233         . '</td></tr>';
 234 } else {
 235     $htmlString .= '<tr><td><input type="hidden" name="view[name]"'
 236         . ' value="' . htmlspecialchars($view['name']) . '" />'
 237         . '</td></tr>';
 238 }
 239
 240 $htmlString .= '<tr><td class="nowrap">' . __('Column names') . '</td>'
 241     . '<td><input type="text" maxlength="100" size="50" name="view[column_names]"'
 242     . ' onfocus="this.select()"'
 243     . ' value="' . htmlspecialchars($view['column_names']) . '" />'
 244     . '</td></tr>';
 245
 246 $htmlString .= '<tr><td class="nowrap">AS</td>'
 247     . '<td>'
 248     . '<textarea name="view[as]" rows="' . $cfg['TextareaRows'] . '"'
 249     . ' cols="' . $cfg['TextareaCols'] . '" dir="' . $text_dir . '"';
 250 if ($GLOBALS['cfg']['TextareaAutoSelect'] || true) {
 251     $htmlString .= ' onclick="selectContent(this, sql_box_locked, true)"';
 252 }
 253 $htmlString .= '>' . htmlspecialchars($view['as']) . '</textarea>'
 254     . '</td></tr>';
 255
 256 $htmlString .= '<tr><td class="nowrap">WITH CHECK OPTION</td>'
 257     . '<td><select name="view[with]">'
 258     . '<option value=""></option>';
 259 foreach ($view_with_options as $option) {
 260     $htmlString .= '<option value="' . htmlspecialchars($option) . '"';
 261     if ($option == $view['with']) {
 262         $htmlString .= ' selected="selected"';
 263     }
 264     $htmlString .= '>' . htmlspecialchars($option) . '</option>';
 265 }
 266 $htmlString .= '<select>'
 267     . '</td></tr>';
 268
 269 $htmlString .= '</table>'
 270     . '</fieldset>';
 271
 272 if (! isset($_REQUEST['ajax_dialog'])) {
 273     $htmlString .= '<fieldset class="tblFooters">'
 274         . '<input type="hidden" name="'
 275         . ($view['operation'] == 'create' ? 'createview' : 'alterview' )
 276         . '" value="1" />'
 277         . '<input type="submit" name="" value="' . __('Go') . '" />'
 278         . '</fieldset>';
 279 } else {
 280     $htmlString .= '<input type="hidden" name="'
 281         . ($view['operation'] == 'create' ? 'createview' : 'alterview' )
 282         . '" value="1" />'
 283         . '<input type="hidden" name="ajax_dialog" value="1" />'
 284         . '<input type="hidden" name="ajax_request" value="1" />';
 285 }
 286
 287 $htmlString .= '</form>'
 288     . '</div>';
 289
 290 echo $htmlString;
 291 ?>