search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
short comments for inputs:
[phpmyadmin.git] / db_search.php
blob0b68ba3d4426c88535cef30110d9d23a5bbbae16
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * searchs the entire database
5 *
6 * @todo make use of UNION when searching multiple tables
7 * @todo display executed query, optional?
8 * @uses $cfg['UseDbSearch']
9 * @uses $GLOBALS['db']
10 * @uses PMA_DBI_get_tables()
11 * @uses PMA_sqlAddslashes()
12 * @uses PMA_getSearchSqls()
13 * @uses PMA_DBI_fetch_value()
14 * @uses PMA_linkOrButton()
15 * @uses PMA_generate_common_url()
16 * @uses PMA_generate_common_hidden_inputs()
17 * @uses PMA_showMySQLDocu()
18 * @uses $_REQUEST['search_str']
19 * @uses $_REQUEST['submit_search']
20 * @uses $_REQUEST['search_option']
21 * @uses $_REQUEST['table_select']
22 * @uses $_REQUEST['unselectall']
23 * @uses $_REQUEST['selectall']
24 * @uses $_REQUEST['field_str']
25 * @uses is_string()
26 * @uses htmlspecialchars()
27 * @uses array_key_exists()
28 * @uses is_array()
29 * @uses array_intersect()
30 * @uses sprintf()
31 * @uses in_array()
32 * @package phpMyAdmin
33 */
34
35 /**
36 *
37 */
38 require_once './libraries/common.inc.php';
39
40 /**
41 * Gets some core libraries and send headers
42 */
43 require './libraries/db_common.inc.php';
44
45 /**
46 * init
47 */
48 // If config variable $GLOBALS['cfg']['Usedbsearch'] is on false : exit.
49 if (! $GLOBALS['cfg']['UseDbSearch']) {
50 PMA_mysqlDie(__('Access denied'), '', false, $err_url);
51 } // end if
52 $url_query .= '&amp;goto=db_search.php';
53 $url_params['goto'] = 'db_search.php';
54
55 /**
56 * @global array list of tables from the current database
57 * but do not clash with $tables coming from db_info.inc.php
58 */
59 $tables_names_only = PMA_DBI_get_tables($GLOBALS['db']);
60
61 $search_options = array(
62 '1' => __('at least one of the words'),
63 '2' => __('all words'),
64 '3' => __('the exact phrase'),
65 '4' => __('as regular expression'),
66 );
67
68 if (empty($_REQUEST['search_option']) || ! is_string($_REQUEST['search_option'])
69 || ! array_key_exists($_REQUEST['search_option'], $search_options)) {
70 $search_option = 1;
71 unset($_REQUEST['submit_search']);
72 } else {
73 $search_option = (int) $_REQUEST['search_option'];
74 $option_str = $search_options[$_REQUEST['search_option']];
75 }
76
77 if (empty($_REQUEST['search_str']) || ! is_string($_REQUEST['search_str'])) {
78 unset($_REQUEST['submit_search']);
79 $searched = '';
80 } else {
81 $searched = htmlspecialchars($_REQUEST['search_str']);
82 // For "as regular expression" (search option 4), we should not treat
83 // this as an expression that contains a LIKE (second parameter of
84 // PMA_sqlAddslashes()).
85 //
86 // Usage example: If user is seaching for a literal $ in a regexp search,
87 // he should enter \$ as the value.
88 $search_str = PMA_sqlAddslashes($_REQUEST['search_str'], ($search_option == 4 ? false : true));
89 }
90
91 $tables_selected = array();
92 if (empty($_REQUEST['table_select']) || ! is_array($_REQUEST['table_select'])) {
93 unset($_REQUEST['submit_search']);
94 } elseif (! isset($_REQUEST['selectall']) && ! isset($_REQUEST['unselectall'])) {
95 $tables_selected = array_intersect($_REQUEST['table_select'], $tables_names_only);
96 }
97
98 if (isset($_REQUEST['selectall'])) {
99 $tables_selected = $tables_names_only;
100 } elseif (isset($_REQUEST['unselectall'])) {
101 $tables_selected = array();
102 }
103
104 if (empty($_REQUEST['field_str']) || ! is_string($_REQUEST['field_str'])) {
105 unset($field_str);
106 } else {
107 $field_str = PMA_sqlAddslashes($_REQUEST['field_str'], true);
108 }
109
110 /**
111 * Displays top links
112 */
113 $sub_part = '';
114 require './libraries/db_info.inc.php';
115
116
117 /**
118 * 1. Main search form has been submitted
119 */
120 if (isset($_REQUEST['submit_search'])) {
121
122 /**
123 * Builds the SQL search query
124 *
125 * @todo can we make use of fulltextsearch IN BOOLEAN MODE for this?
126 * @uses PMA_DBI_query
127 * PMA_backquote
128 * PMA_DBI_free_result
129 * PMA_DBI_fetch_assoc
130 * $GLOBALS['db']
131 * explode
132 * count
133 * strlen
134 * @param string the table name
135 * @param string restrict the search to this field
136 * @param string the string to search
137 * @param integer type of search (1 -> 1 word at least, 2 -> all words,
138 * 3 -> exact string, 4 -> regexp)
139 *
140 * @return array 3 SQL querys (for count, display and delete results)
141 *
142 * @global string the url to return to in case of errors
143 * @global string charset connection
144 */
145 function PMA_getSearchSqls($table, $field, $search_str, $search_option)
146 {
147 global $err_url;
148
149 // Statement types
150 $sqlstr_select = 'SELECT';
151 $sqlstr_delete = 'DELETE';
152
153 // Fields to select
154 $tblfields = PMA_DBI_fetch_result('SHOW FIELDS FROM ' . PMA_backquote($table) . ' FROM ' . PMA_backquote($GLOBALS['db']),
155 null, 'Field');
156
157 // Table to use
158 $sqlstr_from = ' FROM ' . PMA_backquote($GLOBALS['db']) . '.' . PMA_backquote($table);
159
160 $search_words = (($search_option > 2) ? array($search_str) : explode(' ', $search_str));
161 $search_wds_cnt = count($search_words);
162
163 $like_or_regex = (($search_option == 4) ? 'REGEXP' : 'LIKE');
164 $automatic_wildcard = (($search_option < 3) ? '%' : '');
165
166 $fieldslikevalues = array();
167 foreach ($search_words as $search_word) {
168 // Eliminates empty values
169 if (strlen($search_word) === 0) {
170 continue;
171 }
172
173 $thefieldlikevalue = array();
174 foreach ($tblfields as $tblfield) {
175 if (! isset($field) || strlen($field) == 0 || $tblfield == $field) {
176 $thefieldlikevalue[] = PMA_backquote($tblfield)
177 . ' ' . $like_or_regex . ' '
178 . "'" . $automatic_wildcard
179 . $search_word
180 . $automatic_wildcard . "'";
181 }
182 } // end for
183
184 if (count($thefieldlikevalue) > 0) {
185 $fieldslikevalues[] = implode(' OR ', $thefieldlikevalue);
186 }
187 } // end for
188
189 $implode_str = ($search_option == 1 ? ' OR ' : ' AND ');
190 if ( empty($fieldslikevalues)) {
191 // this could happen when the "inside field" does not exist
192 // in any selected tables
193 $sqlstr_where = ' WHERE FALSE';
194 } else {
195 $sqlstr_where = ' WHERE (' . implode(') ' . $implode_str . ' (', $fieldslikevalues) . ')';
196 }
197 unset($fieldslikevalues);
198
199 // Builds complete queries
200 $sql['select_fields'] = $sqlstr_select . ' * ' . $sqlstr_from . $sqlstr_where;
201 // here, I think we need to still use the COUNT clause, even for
202 // VIEWs, anyway we have a WHERE clause that should limit results
203 $sql['select_count'] = $sqlstr_select . ' COUNT(*) AS `count`' . $sqlstr_from . $sqlstr_where;
204 $sql['delete'] = $sqlstr_delete . $sqlstr_from . $sqlstr_where;
205
206 return $sql;
207 } // end of the "PMA_getSearchSqls()" function
208
209
210 /**
211 * Displays the results
212 */
213 $this_url_params = array(
214 'db' => $GLOBALS['db'],
215 'goto' => 'db_sql.php',
216 'pos' => 0,
217 'is_js_confirmed' => 0,
218 );
219
220 // Displays search string
221 echo '<br />' . "\n"
222 .'<table class="data">' . "\n"
223 .'<caption class="tblHeaders">' . "\n"
224 .sprintf(__('Search results for "<i>%s</i>" %s:'),
225 $searched, $option_str) . "\n"
226 .'</caption>' . "\n";
227
228 $num_search_result_total = 0;
229 $odd_row = true;
230
231 foreach ($tables_selected as $each_table) {
232 // Gets the SQL statements
233 $newsearchsqls = PMA_getSearchSqls($each_table, (! empty($field_str) ? $field_str : ''), $search_str, $search_option);
234
235 // Executes the "COUNT" statement
236 $res_cnt = PMA_DBI_fetch_value($newsearchsqls['select_count']);
237 $num_search_result_total += $res_cnt;
238
239 $sql_query .= $newsearchsqls['select_count'];
240
241 echo '<tr class="' . ($odd_row ? 'odd' : 'even') . '">'
242 .'<td>' . sprintf(_ngettext('%s match inside table <i>%s</i>', '%s matches inside table <i>%s</i>', $res_cnt), $res_cnt,
243 htmlspecialchars($each_table)) . "</td>\n";
244
245 if ($res_cnt > 0) {
246 $this_url_params['sql_query'] = $newsearchsqls['select_fields'];
247 echo '<td>' . PMA_linkOrButton(
248 'sql.php' . PMA_generate_common_url($this_url_params),
249 __('Browse'), '') . "</td>\n";
250
251 $this_url_params['sql_query'] = $newsearchsqls['delete'];
252 echo '<td>' . PMA_linkOrButton(
253 'sql.php' . PMA_generate_common_url($this_url_params),
254 __('Delete'), $newsearchsqls['delete']) . "</td>\n";
255
256 } else {
257 echo '<td>&nbsp;</td>' . "\n"
258 .'<td>&nbsp;</td>' . "\n";
259 }// end if else
260 $odd_row = ! $odd_row;
261 echo '</tr>' . "\n";
262 } // end for
263
264 echo '</table>' . "\n";
265
266 if (count($tables_selected) > 1) {
267 echo '<p>' . sprintf(_ngettext('<b>Total:</b> <i>%s</i> match', '<b>Total:</b> <i>%s</i> matches', $num_search_result_total),
268 $num_search_result_total) . '</p>' . "\n";
269 }
270 } // end 1.
271
272
273 /**
274 * 2. Displays the main search form
275 */
276 ?>
277 <a name="db_search"></a>
278 <form method="post" action="db_search.php" name="db_search">
279 <?php echo PMA_generate_common_hidden_inputs($GLOBALS['db']); ?>
280 <fieldset>
281 <legend><?php echo __('Search in database'); ?></legend>
282
283 <table class="formlayout">
284 <tr><td><?php echo __('Word(s) or value(s) to search for (wildcard: "%"):'); ?></td>
285 <td><input type="text" name="search_str" size="60"
286 value="<?php echo $searched; ?>" /></td>
287 </tr>
288 <tr><td align="right" valign="top">
289 <?php echo __('Find:'); ?></td>
290 <td><?php
291
292 $choices = array(
293 '1' => __('at least one of the words') . PMA_showHint(__('Words are separated by a space character (" ").')),
294 '2' => __('all words') . PMA_showHint(__('Words are separated by a space character (" ").')),
295 '3' => __('the exact phrase'),
296 '4' => __('as regular expression') . ' ' . PMA_showMySQLDocu('Regexp', 'Regexp')
297 );
298 // 4th parameter set to true to add line breaks
299 // 5th parameter set to false to avoid htmlspecialchars() escaping in the label
300 // since we have some HTML in some labels
301 PMA_display_html_radio('search_option', $choices, $search_option, true, false);
302 unset($choices);
303 ?>
304 </td>
305 </tr>
306 <tr><td align="right" valign="top">
307 <?php echo __('Inside table(s):'); ?></td>
308 <td rowspan="2">
309 <?php
310 echo ' <select name="table_select[]" size="6" multiple="multiple">' . "\n";
311 foreach ($tables_names_only as $each_table) {
312 if (in_array($each_table, $tables_selected)) {
313 $is_selected = ' selected="selected"';
314 } else {
315 $is_selected = '';
316 }
317
318 echo ' <option value="' . htmlspecialchars($each_table) . '"'
319 . $is_selected . '>'
320 . str_replace(' ', '&nbsp;', htmlspecialchars($each_table)) . '</option>' . "\n";
321 } // end while
322
323 echo ' </select>' . "\n";
324 $alter_select =
325 '<a href="db_search.php' . PMA_generate_common_url(array_merge($url_params, array('selectall' => 1))) . '#db_search"'
326 . ' onclick="setSelectOptions(\'db_search\', \'table_select[]\', true); return false;">' . __('Select All') . '</a>'
327 . '&nbsp;/&nbsp;'
328 . '<a href="db_search.php' . PMA_generate_common_url(array_merge($url_params, array('unselectall' => 1))) . '#db_search"'
329 . ' onclick="setSelectOptions(\'db_search\', \'table_select[]\', false); return false;">' . __('Unselect All') . '</a>';
330 ?>
331 </td>
332 </tr>
333 <tr><td align="right" valign="bottom">
334 <?php echo $alter_select; ?></td>
335 </tr>
336 <tr><td align="right">
337 <?php echo __('Inside column:'); ?></td>
338 <td><input type="text" name="field_str" size="60"
339 value="<?php echo ! empty($field_str) ? $field_str : ''; ?>" /></td>
340 </tr>
341 </table>
342 </fieldset>
343 <fieldset class="tblFooters">
344 <input type="submit" name="submit_search" value="<?php echo __('Go'); ?>"
345 id="buttonGo" />
346 </fieldset>
347 </form>
348
349 <?php
350 /**
351 * Displays the footer
352 */
353 require './libraries/footer.inc.php';
354 ?>
phpMyAdmin