2 /* vim: set expandtab sw=4 ts=4 sts=4: */
4 * Manipulation of table data like inserting, replacing and updating
6 * Usually called as form action from tbl_change.php to insert or update table rows
8 * @todo 'edit_next' tends to not work as expected if used ...
9 * at least there is no order by it needs the original query
10 * and the row number and than replace the LIMIT clause
16 use PhpMyAdmin\Plugins\IOTransformationsPlugin
;
17 use PhpMyAdmin\Response
;
19 use PhpMyAdmin\Transformations
;
22 * Gets some core libraries
24 require_once 'libraries/common.inc.php';
27 * functions implementation for this script
29 require_once 'libraries/insert_edit.lib.php';
32 PhpMyAdmin\Util
::checkParameters(array('db', 'table', 'goto'));
34 $GLOBALS['dbi']->selectDb($GLOBALS['db']);
37 * Initializes some variables
39 $goto_include = false;
41 $response = Response
::getInstance();
42 $header = $response->getHeader();
43 $scripts = $header->getScripts();
44 $scripts->addFile('makegrid.js');
45 // Needed for generation of Inline Edit anchors
46 $scripts->addFile('sql.js');
47 $scripts->addFile('indexes.js');
48 $scripts->addFile('gis_data_editor.js');
50 // check whether insert row mode, if so include tbl_change.php
53 $after_insert_actions = array('new_insert', 'same_insert', 'edit_next');
54 if (isset($_REQUEST['after_insert'])
55 && in_array($_REQUEST['after_insert'], $after_insert_actions)
57 $url_params['after_insert'] = $_REQUEST['after_insert'];
58 if (isset($_REQUEST['where_clause'])) {
59 foreach ($_REQUEST['where_clause'] as $one_where_clause) {
60 if ($_REQUEST['after_insert'] == 'same_insert') {
61 $url_params['where_clause'][] = $one_where_clause;
62 } elseif ($_REQUEST['after_insert'] == 'edit_next') {
63 PMA_setSessionForEditNext($one_where_clause);
68 //get $goto_include for different cases
69 $goto_include = PMA_getGotoInclude($goto_include);
71 // Defines the url to return in case of failure of the query
72 $err_url = PMA_getErrorUrl($url_params);
75 * Prepares the update/insert of a row
77 list($loop_array, $using_key, $is_insert, $is_insertignore)
78 = PMA_getParamsForUpdateOrInsert();
81 $value_sets = array();
82 $func_no_param = array(
104 $func_optional_param = array(
109 $gis_from_text_functions = array(
120 $gis_from_wkb_functions = array(
131 //if some posted fields need to be transformed.
132 $mime_map = Transformations
::getMIME($GLOBALS['db'], $GLOBALS['table']);
133 if ($mime_map === false) {
137 $query_fields = array();
138 $insert_errors = array();
139 $row_skipped = false;
140 $unsaved_values = array();
141 foreach ($loop_array as $rownumber => $where_clause) {
142 // skip fields to be ignored
143 if (! $using_key && isset($_REQUEST['insert_ignore_' . $where_clause])) {
147 // Defines the SET part of the sql query
148 $query_values = array();
150 // Map multi-edit keys to single-level arrays, dependent on how we got the fields
152 = isset($_REQUEST['fields']['multi_edit'][$rownumber])
153 ?
$_REQUEST['fields']['multi_edit'][$rownumber]
155 $multi_edit_columns_name
156 = isset($_REQUEST['fields_name']['multi_edit'][$rownumber])
157 ?
$_REQUEST['fields_name']['multi_edit'][$rownumber]
159 $multi_edit_columns_prev
160 = isset($_REQUEST['fields_prev']['multi_edit'][$rownumber])
161 ?
$_REQUEST['fields_prev']['multi_edit'][$rownumber]
164 = isset($_REQUEST['funcs']['multi_edit'][$rownumber])
165 ?
$_REQUEST['funcs']['multi_edit'][$rownumber]
168 = isset($_REQUEST['salt']['multi_edit'][$rownumber])
169 ?
$_REQUEST['salt']['multi_edit'][$rownumber]
171 $multi_edit_columns_type
172 = isset($_REQUEST['fields_type']['multi_edit'][$rownumber])
173 ?
$_REQUEST['fields_type']['multi_edit'][$rownumber]
175 $multi_edit_columns_null
176 = isset($_REQUEST['fields_null']['multi_edit'][$rownumber])
177 ?
$_REQUEST['fields_null']['multi_edit'][$rownumber]
179 $multi_edit_columns_null_prev
180 = isset($_REQUEST['fields_null_prev']['multi_edit'][$rownumber])
181 ?
$_REQUEST['fields_null_prev']['multi_edit'][$rownumber]
183 $multi_edit_auto_increment
184 = isset($_REQUEST['auto_increment']['multi_edit'][$rownumber])
185 ?
$_REQUEST['auto_increment']['multi_edit'][$rownumber]
188 = isset($_REQUEST['virtual']['multi_edit'][$rownumber])
189 ?
$_REQUEST['virtual']['multi_edit'][$rownumber]
192 // When a select field is nullified, it's not present in $_REQUEST
193 // so initialize it; this way, the foreach($multi_edit_columns) will process it
194 foreach ($multi_edit_columns_name as $key => $val) {
195 if (! isset($multi_edit_columns[$key])) {
196 $multi_edit_columns[$key] = '';
200 // Iterate in the order of $multi_edit_columns_name,
201 // not $multi_edit_columns, to avoid problems
202 // when inserting multiple entries
203 $insert_fail = false;
204 foreach ($multi_edit_columns_name as $key => $column_name) {
205 $current_value = $multi_edit_columns[$key];
206 // Note: $key is an md5 of the fieldname. The actual fieldname is
207 // available in $multi_edit_columns_name[$key]
209 $file_to_insert = new PhpMyAdmin\
File();
210 $file_to_insert->checkTblChangeForm($key, $rownumber);
212 $possibly_uploaded_val = $file_to_insert->getContent();
213 if ($possibly_uploaded_val !== false) {
214 $current_value = $possibly_uploaded_val;
216 // Apply Input Transformation if defined
217 if (!empty($mime_map[$column_name])
218 && !empty($mime_map[$column_name]['input_transformation'])
220 $filename = 'libraries/classes/Plugins/Transformations/'
221 . $mime_map[$column_name]['input_transformation'];
222 if (is_file($filename)) {
223 include_once $filename;
224 $classname = Transformations
::getClassName($filename);
225 /** @var IOTransformationsPlugin $transformation_plugin */
226 $transformation_plugin = new $classname();
227 $transformation_options = Transformations
::getOptions(
228 $mime_map[$column_name]['input_transformation_options']
230 $current_value = $transformation_plugin->applyTransformation(
231 $current_value, $transformation_options
233 // check if transformation was successful or not
234 // and accordingly set error messages & insert_fail
235 if (method_exists($transformation_plugin, 'isSuccess')
236 && !$transformation_plugin->isSuccess()
240 $insert_errors[] = sprintf(
241 __('Row: %1$s, Column: %2$s, Error: %3$s'),
242 $rownumber, $column_name,
243 $transformation_plugin->getError()
249 if ($file_to_insert->isError()) {
250 $insert_errors[] = $file_to_insert->getError();
252 // delete $file_to_insert temporary variable
253 $file_to_insert->cleanUp();
255 $current_value = PMA_getCurrentValueForDifferentTypes(
256 $possibly_uploaded_val, $key, $multi_edit_columns_type,
257 $current_value, $multi_edit_auto_increment,
258 $rownumber, $multi_edit_columns_name, $multi_edit_columns_null,
259 $multi_edit_columns_null_prev, $is_insert,
260 $using_key, $where_clause, $table, $multi_edit_funcs
263 $current_value_as_an_array = PMA_getCurrentValueAsAnArrayForMultipleEdit(
265 $multi_edit_salt, $gis_from_text_functions, $current_value,
266 $gis_from_wkb_functions, $func_optional_param, $func_no_param, $key
269 if (! isset($multi_edit_virtual) ||
! isset($multi_edit_virtual[$key])) {
270 list($query_values, $query_fields)
271 = PMA_getQueryValuesForInsertAndUpdateInMultipleEdit(
272 $multi_edit_columns_name, $multi_edit_columns_null,
273 $current_value, $multi_edit_columns_prev, $multi_edit_funcs,
274 $is_insert, $query_values, $query_fields,
275 $current_value_as_an_array, $value_sets, $key,
276 $multi_edit_columns_null_prev
279 if (isset($multi_edit_columns_null[$key])) {
280 $multi_edit_columns[$key] = null;
284 // temporarily store rows not inserted
285 // so that they can be populated again.
287 $unsaved_values[$rownumber] = $multi_edit_columns;
289 if (!$insert_fail && count($query_values) > 0) {
291 $value_sets[] = implode(', ', $query_values);
293 // build update query
294 $query[] = 'UPDATE ' . PhpMyAdmin\Util
::backquote($GLOBALS['table'])
295 . ' SET ' . implode(', ', $query_values)
296 . ' WHERE ' . $where_clause
297 . ($_REQUEST['clause_is_unique'] ?
'' : ' LIMIT 1');
300 } // end foreach ($loop_array as $where_clause)
302 $multi_edit_columns_name, $multi_edit_columns_prev, $multi_edit_funcs,
303 $multi_edit_columns_type, $multi_edit_columns_null, $func_no_param,
304 $multi_edit_auto_increment, $current_value_as_an_array, $key, $current_value,
305 $loop_array, $where_clause, $using_key, $multi_edit_columns_null_prev,
309 // Builds the sql query
310 if ($is_insert && count($value_sets) > 0) {
311 $query = PMA_buildSqlQuery($is_insertignore, $query_fields, $value_sets);
312 } elseif (empty($query) && ! isset($_REQUEST['preview_sql']) && !$row_skipped) {
313 // No change -> move back to the calling script
315 // Note: logic passes here for inline edit
316 $message = PhpMyAdmin\Message
::success(__('No change'));
317 // Avoid infinite recursion
318 if ($goto_include == 'tbl_replace.php') {
319 $goto_include = 'tbl_change.php';
321 $active_page = $goto_include;
322 include '' . Core
::securePath($goto_include);
325 unset($multi_edit_columns, $is_insertignore);
327 // If there is a request for SQL previewing.
328 if (isset($_REQUEST['preview_sql'])) {
329 Core
::previewSQL($query);
333 * Executes the sql query and get the result, then move back to the calling
336 list ($url_params, $total_affected_rows, $last_messages, $warning_messages,
337 $error_messages, $return_to_sql_query)
338 = PMA_executeSqlQuery($url_params, $query);
340 if ($is_insert && (count($value_sets) > 0 ||
$row_skipped)) {
341 $message = PhpMyAdmin\Message
::getMessageForInsertedRows(
344 $unsaved_values = array_values($unsaved_values);
346 $message = PhpMyAdmin\Message
::getMessageForAffectedRows(
351 $goto_include = 'tbl_change.php';
352 $message->addMessagesString($insert_errors, '<br />');
353 $message->isError(true);
356 $message->addMessages($last_messages, '<br />');
358 if (! empty($warning_messages)) {
359 $message->addMessagesString($warning_messages, '<br />');
360 $message->isError(true);
362 if (! empty($error_messages)) {
363 $message->addMessagesString($error_messages);
364 $message->isError(true);
367 $error_messages, $warning_messages, $total_affected_rows,
368 $last_messages, $last_message, $row_skipped, $insert_errors
372 * The following section only applies to grid editing.
373 * However, verifying isAjax() is not enough to ensure we are coming from
374 * grid editing. If we are coming from the Edit or Copy link in Browse mode,
375 * ajax_page_request is present in the POST parameters.
377 if ($response->isAjax() && ! isset($_POST['ajax_page_request'])) {
379 * If we are in grid editing, we need to process the relational and
380 * transformed fields, if they were edited. After that, output the correct
381 * link/transformed value and exit
383 * Logic taken from libraries/DisplayResults.php
386 if (isset($_REQUEST['rel_fields_list']) && $_REQUEST['rel_fields_list'] != '') {
388 $map = PMA_getForeigners($db, $table, '', 'both');
390 $relation_fields = array();
391 parse_str($_REQUEST['rel_fields_list'], $relation_fields);
393 // loop for each relation cell
394 /** @var array $relation_fields */
395 foreach ($relation_fields as $cell_index => $curr_rel_field) {
396 foreach ($curr_rel_field as $relation_field => $relation_field_value) {
397 $where_comparison = "='" . $relation_field_value . "'";
398 $dispval = PMA_getDisplayValueForForeignTableColumn(
399 $where_comparison, $map, $relation_field
402 $extra_data['relations'][$cell_index]
403 = PMA_getLinkForRelationalDisplayField(
404 $map, $relation_field, $where_comparison,
405 $dispval, $relation_field_value
408 } // end of loop for each relation cell
410 if (isset($_REQUEST['do_transformations'])
411 && $_REQUEST['do_transformations'] == true
413 $edited_values = array();
414 parse_str($_REQUEST['transform_fields_list'], $edited_values);
416 if (! isset($extra_data)) {
417 $extra_data = array();
419 $transformation_types = array(
420 "input_transformation",
423 foreach ($mime_map as $transformation) {
424 $column_name = $transformation['column_name'];
425 foreach ($transformation_types as $type) {
426 $file = Core
::securePath($transformation[$type]);
427 $extra_data = PMA_transformEditedValues(
428 $db, $table, $transformation, $edited_values, $file,
429 $column_name, $extra_data, $type
432 } // end of loop for each $mime_map
435 // Need to check the inline edited value can be truncated by MySQL
436 // without informing while saving
437 $column_name = $_REQUEST['fields_name']['multi_edit'][0][0];
439 PMA_verifyWhetherValueCanBeTruncatedAndAppendExtraData(
440 $db, $table, $column_name, $extra_data
443 /**Get the total row count of the table*/
444 $_table = new Table($_REQUEST['table'], $_REQUEST['db']);
445 $extra_data['row_count'] = $_table->countRecords();
447 $extra_data['sql_query']
448 = PhpMyAdmin\Util
::getMessage($message, $GLOBALS['display_query']);
450 $response->setRequestStatus($message->isSuccess());
451 $response->addJSON('message', $message);
452 $response->addJSON($extra_data);
456 if (! empty($return_to_sql_query)) {
457 $disp_query = $GLOBALS['sql_query'];
458 $disp_message = $message;
460 $GLOBALS['sql_query'] = $return_to_sql_query;
463 $scripts->addFile('tbl_change.js');
465 $active_page = $goto_include;
468 * If user asked for "and then Insert another new row" we have to remove
469 * WHERE clause information so that tbl_change.php does not go back
470 * to the current record
472 if (isset($_REQUEST['after_insert']) && 'new_insert' == $_REQUEST['after_insert']) {
473 unset($_REQUEST['where_clause']);
479 require '' . Core
::securePath($goto_include);
