view_create.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * handles creation of VIEWs
   5  *
   6  * @todo js error when view name is empty (strFormEmpty)
   7  * @todo (also validate if js is disabled, after form submission?)
   8  * @package PhpMyAdmin
   9  */
  10
  11 /**
  12  *
  13  */
  14 require_once './libraries/common.inc.php';
  15
  16 /**
  17  * Runs common work
  18  */
  19 require './libraries/db_common.inc.php';
  20 $url_params['goto'] = 'tbl_structure.php';
  21 $url_params['back'] = 'view_create.php';
  22
  23 $view_algorithm_options = array(
  24     'UNDEFINED',
  25     'MERGE',
  26     'TEMPTABLE',
  27 );
  28
  29 $view_with_options = array(
  30     'CASCADED',
  31     'LOCAL'
  32 );
  33
  34 $view_security_options = array(
  35     'DEFINER',
  36     'INVOKER'
  37 );
  38
  39 $sql_query = '';
  40
  41 if (isset($_REQUEST['createview']) || isset($_REQUEST['alterview'])) {
  42     /**
  43      * Creates the view
  44      */
  45     $sep = "\r\n";
  46
  47     if (isset($_REQUEST['createview'])) {
  48         $sql_query = 'CREATE';
  49         if (isset($_REQUEST['view']['or_replace'])) {
  50             $sql_query .= ' OR REPLACE';
  51         }
  52     } else {
  53         $sql_query = 'ALTER';
  54     }
  55
  56     if (PMA_isValid($_REQUEST['view']['algorithm'], $view_algorithm_options)) {
  57         $sql_query .= $sep . ' ALGORITHM = ' . $_REQUEST['view']['algorithm'];
  58     }
  59
  60     if (! empty($_REQUEST['view']['definer'])) {
  61         $sql_query .= $sep . ' DEFINER = ' . $_REQUEST['view']['definer'];
  62     }
  63
  64     if (isset($_REQUEST['view']['sql_security'])) {
  65         if (in_array($_REQUEST['view']['sql_security'], $view_security_options)) {
  66             $sql_query .= $sep . ' SQL SECURITY '
  67                 . $_REQUEST['view']['sql_security'];
  68         }
  69     }
  70
  71     $sql_query .= $sep . ' VIEW ' . PMA_Util::backquote($_REQUEST['view']['name']);
  72
  73     if (! empty($_REQUEST['view']['column_names'])) {
  74         $sql_query .= $sep . ' (' . $_REQUEST['view']['column_names'] . ')';
  75     }
  76
  77     $sql_query .= $sep . ' AS ' . $_REQUEST['view']['as'];
  78
  79     if (isset($_REQUEST['view']['with'])) {
  80         if (in_array($_REQUEST['view']['with'], $view_with_options)) {
  81             $sql_query .= $sep . ' WITH ' . $_REQUEST['view']['with']
  82                 . '  CHECK OPTION';
  83         }
  84     }
  85
  86     if ($GLOBALS['dbi']->tryQuery($sql_query)) {
  87
  88         include_once './libraries/tbl_views.lib.php';
  89
  90         // If different column names defined for VIEW
  91         $view_columns = array();
  92         if (isset($_REQUEST['view']['column_names'])) {
  93             $view_columns = explode(',', $_REQUEST['view']['column_names']);
  94         }
  95
  96         $column_map = PMA_getColumnMap($_REQUEST['view']['as'], $view_columns);
  97         $pma_tranformation_data = PMA_getExistingTranformationData($GLOBALS['db']);
  98
  99         if ($pma_tranformation_data !== false) {
 100
 101             // SQL for store new transformation details of VIEW
 102             $new_transformations_sql = PMA_getNewTransformationDataSql(
 103                 $pma_tranformation_data, $column_map, $_REQUEST['view']['name'],
 104                 $GLOBALS['db']
 105             );
 106
 107             // Store new transformations
 108             if ($new_transformations_sql != '') {
 109                 $GLOBALS['dbi']->tryQuery($new_transformations_sql);
 110             }
 111
 112         }
 113         unset($pma_tranformation_data);
 114
 115         if (! isset($_REQUEST['ajax_dialog'])) {
 116             $message = PMA_Message::success();
 117             include 'tbl_structure.php';
 118         } else {
 119             $response = PMA_Response::getInstance();
 120             $response->addJSON(
 121                 'message',
 122                 PMA_Util::getMessage(
 123                     PMA_Message::success(), $sql_query
 124                 )
 125             );
 126             $response->isSuccess(true);
 127         }
 128
 129         exit;
 130
 131     } else {
 132         if (! isset($_REQUEST['ajax_dialog'])) {
 133             $message = PMA_Message::rawError($GLOBALS['dbi']->getError());
 134         } else {
 135             $response = PMA_Response::getInstance();
 136             $response->addJSON(
 137                 'message',
 138                 PMA_Message::error(
 139                     "<i>" . htmlspecialchars($sql_query) . "</i><br /><br />"
 140                     . $GLOBALS['dbi']->getError()
 141                 )
 142             );
 143             $response->isSuccess(false);
 144             exit;
 145         }
 146     }
 147 }
 148
 149 // prefill values if not already filled from former submission
 150 $view = array(
 151     'operation' => 'create',
 152     'or_replace' => '',
 153     'algorithm' => '',
 154     'definer' => '',
 155     'sql_security' => '',
 156     'name' => '',
 157     'column_names' => '',
 158     'as' => $sql_query,
 159     'with' => '',
 160 );
 161
 162 if (PMA_isValid($_REQUEST['view'], 'array')) {
 163     $view = array_merge($view, $_REQUEST['view']);
 164 }
 165
 166 $url_params['db'] = $GLOBALS['db'];
 167 $url_params['reload'] = 1;
 168
 169 /**
 170  * Displays the page
 171  */
 172 $htmlString = '<!-- CREATE VIEW options -->'
 173     . '<div id="div_view_options">'
 174     . '<form method="post" action="view_create.php">'
 175     . PMA_URL_getHiddenInputs($url_params)
 176     . '<fieldset>'
 177     . '<legend>'
 178     . (isset($_REQUEST['ajax_dialog']) ?
 179         __('Details') :
 180         ($view['operation'] == 'create' ? __('Create view') : __('Edit view'))
 181     )
 182     . '</legend>'
 183     . '<table class="rte_table">';
 184
 185 if ($view['operation'] == 'create') {
 186     $htmlString .= '<tr>'
 187         . '<td class="nowrap"><label for="or_replace">OR REPLACE</label></td>'
 188         . '<td><input type="checkbox" name="view[or_replace]" id="or_replace"';
 189     if ($view['or_replace']) {
 190         $htmlString .= ' checked="checked"';
 191     }
 192     $htmlString .= ' value="1" /></td></tr>';
 193 }
 194
 195 $htmlString .= '<tr>'
 196     . '<td class="nowrap"><label for="algorithm">ALGORITHM</label></td>'
 197     . '<td><select name="view[algorithm]" id="algorithm">';
 198 foreach ($view_algorithm_options as $option) {
 199     $htmlString .= '<option value="' . htmlspecialchars($option) . '"';
 200     if ($view['algorithm'] === $option) {
 201         $htmlString .= ' selected="selected"';
 202     }
 203     $htmlString .= '>' . htmlspecialchars($option) . '</option>';
 204 }
 205 $htmlString .= '</select>'
 206     . '</td></tr>';
 207
 208 $htmlString .= '<tr><td class="nowrap">' . __('Definer') . '</td>'
 209     . '<td><input type="text" maxlength="100" size="50" name="view[definer]"'
 210     . ' value="' . htmlspecialchars($view['definer']) . '" />'
 211     . '</td></tr>';
 212
 213 $htmlString .= '<tr><td class="nowrap">SQL SECURITY</td>'
 214     . '<td><select name="view[sql_security]">'
 215     . '<option value=""></option>';
 216 foreach ($view_security_options as $option) {
 217     $htmlString .= '<option value="' . htmlspecialchars($option) . '"';
 218     if ($option == $view['sql_security']) {
 219         $htmlString .= ' selected="selected"';
 220     }
 221     $htmlString .= '>' . htmlspecialchars($option) . '</option>';
 222 }
 223 $htmlString .= '<select>'
 224     . '</td></tr>';
 225
 226 if ($view['operation'] == 'create') {
 227     $htmlString .= '<tr><td class="nowrap">' . __('VIEW name') . '</td>'
 228         . '<td><input type="text" size="20" name="view[name]"'
 229         . ' onfocus="this.select()"'
 230         . ' value="' . htmlspecialchars($view['name']) . '" />'
 231         . '</td></tr>';
 232 } else {
 233     $htmlString .= '<tr><td><input type="hidden" name="view[name]"'
 234         . ' value="' . htmlspecialchars($view['name']) . '" />'
 235         . '</td></tr>';
 236 }
 237
 238 $htmlString .= '<tr><td class="nowrap">' . __('Column names') . '</td>'
 239     . '<td><input type="text" maxlength="100" size="50" name="view[column_names]"'
 240     . ' onfocus="this.select()"'
 241     . ' value="' . htmlspecialchars($view['column_names']) . '" />'
 242     . '</td></tr>';
 243
 244 $htmlString .= '<tr><td class="nowrap">AS</td>'
 245     . '<td>'
 246     . '<textarea name="view[as]" rows="' . $cfg['TextareaRows'] . '"'
 247     . ' cols="' . $cfg['TextareaCols'] . '" dir="' . $text_dir . '"';
 248 if ($GLOBALS['cfg']['TextareaAutoSelect'] || true) {
 249     $htmlString .= ' onclick="selectContent(this, sql_box_locked, true)"';
 250 }
 251 $htmlString .= '>' . htmlspecialchars($view['as']) . '</textarea>'
 252     . '</td></tr>';
 253
 254 $htmlString .= '<tr><td class="nowrap">WITH CHECK OPTION</td>'
 255     . '<td><select name="view[with]">'
 256     . '<option value=""></option>';
 257 foreach ($view_with_options as $option) {
 258     $htmlString .= '<option value="' . htmlspecialchars($option) . '"';
 259     if ($option == $view['with']) {
 260         $htmlString .= ' selected="selected"';
 261     }
 262     $htmlString .= '>' . htmlspecialchars($option) . '</option>';
 263 }
 264 $htmlString .= '<select>'
 265     . '</td></tr>';
 266
 267 $htmlString .= '</table>'
 268     . '</fieldset>';
 269
 270 if (! isset($_REQUEST['ajax_dialog'])) {
 271     $htmlString .= '<fieldset class="tblFooters">'
 272         . '<input type="hidden" name="'
 273         . ($view['operation'] == 'create' ? 'createview' : 'alterview' )
 274         . '" value="1" />'
 275         . '<input type="submit" name="" value="' . __('Go') . '" />'
 276         . '</fieldset>';
 277 } else {
 278     $htmlString .= '<input type="hidden" name="'
 279         . ($view['operation'] == 'create' ? 'createview' : 'alterview' )
 280         . '" value="1" />'
 281         . '<input type="hidden" name="ajax_dialog" value="1" />'
 282         . '<input type="hidden" name="ajax_request" value="1" />';
 283 }
 284
 285 $htmlString .= '</form>'
 286     . '</div>';
 287
 288 echo $htmlString;
 289 ?>