view_create.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * handles creation of VIEWs
   5  *
   6  * @todo js error when view name is empty (strFormEmpty)
   7  * @todo (also validate if js is disabled, after form submission?)
   8  * @package PhpMyAdmin
   9  */
  10
  11 /**
  12  *
  13  */
  14 require_once './libraries/common.inc.php';
  15
  16 /**
  17  * Runs common work
  18  */
  19 require './libraries/db_common.inc.php';
  20 $url_params['goto'] = 'tbl_structure.php';
  21 $url_params['back'] = 'view_create.php';
  22
  23 $view_algorithm_options = array(
  24     'UNDEFINED',
  25     'MERGE',
  26     'TEMPTABLE',
  27 );
  28
  29 $view_with_options = array(
  30     'CASCADED',
  31     'LOCAL'
  32 );
  33
  34 $view_security_options = array(
  35     'DEFINER',
  36     'INVOKER'
  37 );
  38
  39 if (isset($_REQUEST['createview']) || isset($_REQUEST['alterview'])) {
  40     /**
  41      * Creates the view
  42      */
  43     $sep = "\r\n";
  44
  45     if (isset($_REQUEST['createview'])) {
  46         $sql_query = 'CREATE';
  47         if (isset($_REQUEST['view']['or_replace'])) {
  48             $sql_query .= ' OR REPLACE';
  49         }
  50     } else {
  51         $sql_query = 'ALTER';
  52     }
  53
  54     if (PMA_isValid($_REQUEST['view']['algorithm'], $view_algorithm_options)) {
  55         $sql_query .= $sep . ' ALGORITHM = ' . $_REQUEST['view']['algorithm'];
  56     }
  57
  58     if (! empty($_REQUEST['view']['definer'])) {
  59         $sql_query .= $sep . ' DEFINER = ' . $_REQUEST['view']['definer'];
  60     }
  61
  62     if (isset($_REQUEST['view']['sql_security'])) {
  63         if (in_array($_REQUEST['view']['sql_security'], $view_security_options)) {
  64             $sql_query .= $sep . ' SQL SECURITY '
  65                 . $_REQUEST['view']['sql_security'];
  66         }
  67     }
  68
  69     $sql_query .= $sep . ' VIEW ' . PMA_Util::backquote($_REQUEST['view']['name']);
  70
  71     if (! empty($_REQUEST['view']['column_names'])) {
  72         $sql_query .= $sep . ' (' . $_REQUEST['view']['column_names'] . ')';
  73     }
  74
  75     $sql_query .= $sep . ' AS ' . $_REQUEST['view']['as'];
  76
  77     if (isset($_REQUEST['view']['with'])) {
  78         if (in_array($_REQUEST['view']['with'], $view_with_options)) {
  79             $sql_query .= $sep . ' WITH ' . $_REQUEST['view']['with']
  80                 . '  CHECK OPTION';
  81         }
  82     }
  83
  84     if ($GLOBALS['dbi']->tryQuery($sql_query)) {
  85
  86         include_once './libraries/tbl_views.lib.php';
  87
  88         // If different column names defined for VIEW
  89         $view_columns = array();
  90         if (isset($_REQUEST['view']['column_names'])) {
  91             $view_columns = explode(',', $_REQUEST['view']['column_names']);
  92         }
  93
  94         $column_map = PMA_getColumnMap($_REQUEST['view']['as'], $view_columns);
  95         $pma_tranformation_data = PMA_getExistingTranformationData($GLOBALS['db']);
  96
  97         if ($pma_tranformation_data !== false) {
  98
  99             // SQL for store new transformation details of VIEW
 100             $new_transformations_sql = PMA_getNewTransformationDataSql(
 101                 $pma_tranformation_data, $column_map, $_REQUEST['view']['name'],
 102                 $GLOBALS['db']
 103             );
 104
 105             // Store new transformations
 106             if ($new_transformations_sql != '') {
 107                 $GLOBALS['dbi']->tryQuery($new_transformations_sql);
 108             }
 109
 110         }
 111         unset($pma_tranformation_data);
 112
 113         if (! isset($_REQUEST['ajax_dialog'])) {
 114             $message = PMA_Message::success();
 115             include 'tbl_structure.php';
 116         } else {
 117             $response = PMA_Response::getInstance();
 118             $response->addJSON(
 119                 'message',
 120                 PMA_Util::getMessage(
 121                     PMA_Message::success(), $sql_query
 122                 )
 123             );
 124             $response->isSuccess(true);
 125         }
 126
 127         exit;
 128
 129     } else {
 130         if (! isset($_REQUEST['ajax_dialog'])) {
 131             $message = PMA_Message::rawError($GLOBALS['dbi']->getError());
 132         } else {
 133             $response = PMA_Response::getInstance();
 134             $response->addJSON(
 135                 'message',
 136                 PMA_Message::error(
 137                     "<i>" . htmlspecialchars($sql_query) . "</i><br /><br />"
 138                     . $GLOBALS['dbi']->getError()
 139                 )
 140             );
 141             $response->isSuccess(false);
 142             exit;
 143         }
 144     }
 145 }
 146
 147 // prefill values if not already filled from former submission
 148 $view = array(
 149     'operation' => 'create',
 150     'or_replace' => '',
 151     'algorithm' => '',
 152     'definer' => '',
 153     'sql_security' => '',
 154     'name' => '',
 155     'column_names' => '',
 156     'as' => $sql_query,
 157     'with' => '',
 158 );
 159
 160 if (PMA_isValid($_REQUEST['view'], 'array')) {
 161     $view = array_merge($view, $_REQUEST['view']);
 162 }
 163
 164 $url_params['db'] = $GLOBALS['db'];
 165 $url_params['reload'] = 1;
 166
 167 /**
 168  * Displays the page
 169  */
 170 $htmlString = '<!-- CREATE VIEW options -->'
 171     . '<div id="div_view_options">'
 172     . '<form method="post" action="view_create.php">'
 173     . PMA_URL_getHiddenInputs($url_params)
 174     . '<fieldset>'
 175     . '<legend>'
 176     . (isset($_REQUEST['ajax_dialog']) ?
 177         __('Details') :
 178         ($view['operation'] == 'create' ? __('Create view') : __('Edit view'))
 179     )
 180     . '</legend>'
 181     . '<table class="rte_table">';
 182
 183 if ($view['operation'] == 'create') {
 184     $htmlString .= '<tr>'
 185         . '<td class="nowrap"><label for="or_replace">OR REPLACE</label></td>'
 186         . '<td><input type="checkbox" name="view[or_replace]" id="or_replace"';
 187     if ($view['or_replace']) {
 188         $htmlString .= ' checked="checked"';
 189     }
 190     $htmlString .= ' value="1" /></td></tr>';
 191 }
 192
 193 $htmlString .= '<tr>'
 194     . '<td class="nowrap"><label for="algorithm">ALGORITHM</label></td>'
 195     . '<td><select name="view[algorithm]" id="algorithm">';
 196 foreach ($view_algorithm_options as $option) {
 197     $htmlString .= '<option value="' . htmlspecialchars($option) . '"';
 198     if ($view['algorithm'] === $option) {
 199         $htmlString .= ' selected="selected"';
 200     }
 201     $htmlString .= '>' . htmlspecialchars($option) . '</option>';
 202 }
 203 $htmlString .= '</select>'
 204     . '</td></tr>';
 205
 206 $htmlString .= '<tr><td class="nowrap">' . __('Definer') . '</td>'
 207     . '<td><input type="text" maxlength="100" size="50" name="view[definer]"'
 208     . ' value="' . htmlspecialchars($view['definer']) . '" />'
 209     . '</td></tr>';
 210
 211 $htmlString .= '<tr><td class="nowrap">SQL SECURITY</td>'
 212     . '<td><select name="view[sql_security]">'
 213     . '<option value=""></option>';
 214 foreach ($view_security_options as $option) {
 215     $htmlString .= '<option value="' . htmlspecialchars($option) . '"';
 216     if ($option == $view['sql_security']) {
 217         $htmlString .= ' selected="selected"';
 218     }
 219     $htmlString .= '>' . htmlspecialchars($option) . '</option>';
 220 }
 221 $htmlString .= '<select>'
 222     . '</td></tr>';
 223
 224 if ($view['operation'] == 'create') {
 225     $htmlString .= '<tr><td class="nowrap">' . __('VIEW name') . '</td>'
 226         . '<td><input type="text" size="20" name="view[name]"'
 227         . ' onfocus="this.select()"'
 228         . ' value="' . htmlspecialchars($view['name']) . '" />'
 229         . '</td></tr>';
 230 } else {
 231     $htmlString .= '<tr><td><input type="hidden" name="view[name]"'
 232         . ' value="' . htmlspecialchars($view['name']) . '" />'
 233         . '</td></tr>';
 234 }
 235
 236 $htmlString .= '<tr><td class="nowrap">' . __('Column names') . '</td>'
 237     . '<td><input type="text" maxlength="100" size="50" name="view[column_names]"'
 238     . ' onfocus="this.select()"'
 239     . ' value="' . htmlspecialchars($view['column_names']) . '" />'
 240     . '</td></tr>';
 241
 242 $htmlString .= '<tr><td class="nowrap">AS</td>'
 243     . '<td>'
 244     . '<textarea name="view[as]" rows="' . $cfg['TextareaRows'] . '"'
 245     . ' cols="' . $cfg['TextareaCols'] . '" dir="' . $text_dir . '"';
 246 if ($GLOBALS['cfg']['TextareaAutoSelect'] || true) {
 247     $htmlString .= ' onclick="selectContent(this, sql_box_locked, true)"';
 248 }
 249 $htmlString .= '>' . htmlspecialchars($view['as']) . '</textarea>'
 250     . '</td></tr>';
 251
 252 $htmlString .= '<tr><td class="nowrap">WITH CHECK OPTION</td>'
 253     . '<td><select name="view[with]">'
 254     . '<option value=""></option>';
 255 foreach ($view_with_options as $option) {
 256     $htmlString .= '<option value="' . htmlspecialchars($option) . '"';
 257     if ($option == $view['with']) {
 258         $htmlString .= ' selected="selected"';
 259     }
 260     $htmlString .= '>' . htmlspecialchars($option) . '</option>';
 261 }
 262 $htmlString .= '<select>'
 263     . '</td></tr>';
 264
 265 $htmlString .= '</table>'
 266     . '</fieldset>';
 267
 268 if (! isset($_REQUEST['ajax_dialog'])) {
 269     $htmlString .= '<fieldset class="tblFooters">'
 270         . '<input type="hidden" name="'
 271         . ($view['operation'] == 'create' ? 'createview' : 'alterview' )
 272         . '" value="1" />'
 273         . '<input type="submit" name="" value="' . __('Go') . '" />'
 274         . '</fieldset>';
 275 } else {
 276     $htmlString .= '<input type="hidden" name="'
 277         . ($view['operation'] == 'create' ? 'createview' : 'alterview' )
 278         . '" value="1" />'
 279         . '<input type="hidden" name="ajax_dialog" value="1" />'
 280         . '<input type="hidden" name="ajax_request" value="1" />';
 281 }
 282
 283 $htmlString .= '</form>'
 284     . '</div>';
 285
 286 echo $htmlString;