search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Translated using Weblate (Turkish)
[phpmyadmin.git] / tbl_replace.php
blob1bbc5e2b4377a02a49b04c29b43f6201f1e062fb
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * Manipulation of table data like inserting, replacing and updating
5 *
6 * Usually called as form action from tbl_change.php to insert or update table rows
7 *
8 * @todo 'edit_next' tends to not work as expected if used ...
9 * at least there is no order by it needs the original query
10 * and the row number and than replace the LIMIT clause
11 *
12 * @package PhpMyAdmin
13 */
14 declare(strict_types=1);
15
16 use PhpMyAdmin\Core;
17 use PhpMyAdmin\File;
18 use PhpMyAdmin\InsertEdit;
19 use PhpMyAdmin\Message;
20 use PhpMyAdmin\Plugins\IOTransformationsPlugin;
21 use PhpMyAdmin\Relation;
22 use PhpMyAdmin\Response;
23 use PhpMyAdmin\Table;
24 use PhpMyAdmin\Transformations;
25 use PhpMyAdmin\Util;
26
27 if (! defined('ROOT_PATH')) {
28 define('ROOT_PATH', __DIR__ . DIRECTORY_SEPARATOR);
29 }
30
31 /**
32 * Gets some core libraries
33 */
34 require_once ROOT_PATH . 'libraries/common.inc.php';
35
36 global $url_params;
37
38 // Check parameters
39 Util::checkParameters(['db', 'table', 'goto']);
40
41 $GLOBALS['dbi']->selectDb($GLOBALS['db']);
42
43 /**
44 * Initializes some variables
45 */
46 $goto_include = false;
47
48 $response = Response::getInstance();
49 $header = $response->getHeader();
50 $scripts = $header->getScripts();
51 $scripts->addFile('makegrid.js');
52 // Needed for generation of Inline Edit anchors
53 $scripts->addFile('sql.js');
54 $scripts->addFile('indexes.js');
55 $scripts->addFile('gis_data_editor.js');
56
57 $relation = new Relation($GLOBALS['dbi']);
58 $transformations = new Transformations();
59 $insertEdit = new InsertEdit($GLOBALS['dbi']);
60
61 // check whether insert row mode, if so include tbl_change.php
62 $insertEdit->isInsertRow();
63
64 $after_insert_actions = [
65 'new_insert',
66 'same_insert',
67 'edit_next',
68 ];
69 if (isset($_POST['after_insert'])
70 && in_array($_POST['after_insert'], $after_insert_actions)
71 ) {
72 $url_params['after_insert'] = $_POST['after_insert'];
73 if (isset($_POST['where_clause'])) {
74 foreach ($_POST['where_clause'] as $one_where_clause) {
75 if ($_POST['after_insert'] == 'same_insert') {
76 $url_params['where_clause'][] = $one_where_clause;
77 } elseif ($_POST['after_insert'] == 'edit_next') {
78 $insertEdit->setSessionForEditNext($one_where_clause);
79 }
80 }
81 }
82 }
83 //get $goto_include for different cases
84 $goto_include = $insertEdit->getGotoInclude($goto_include);
85
86 // Defines the url to return in case of failure of the query
87 $err_url = $insertEdit->getErrorUrl($url_params);
88
89 /**
90 * Prepares the update/insert of a row
91 */
92 list($loop_array, $using_key, $is_insert, $is_insertignore)
93 = $insertEdit->getParamsForUpdateOrInsert();
94
95 $query = [];
96 $value_sets = [];
97 $func_no_param = [
98 'CONNECTION_ID',
99 'CURRENT_USER',
100 'CURDATE',
101 'CURTIME',
102 'CURRENT_DATE',
103 'CURRENT_TIME',
104 'DATABASE',
105 'LAST_INSERT_ID',
106 'NOW',
107 'PI',
108 'RAND',
109 'SYSDATE',
110 'UNIX_TIMESTAMP',
111 'USER',
112 'UTC_DATE',
113 'UTC_TIME',
114 'UTC_TIMESTAMP',
115 'UUID',
116 'UUID_SHORT',
117 'VERSION',
118 ];
119 $func_optional_param = [
120 'RAND',
121 'UNIX_TIMESTAMP',
122 ];
123
124 $gis_from_text_functions = [
125 'GeomFromText',
126 'GeomCollFromText',
127 'LineFromText',
128 'MLineFromText',
129 'PointFromText',
130 'MPointFromText',
131 'PolyFromText',
132 'MPolyFromText',
133 ];
134
135 $gis_from_wkb_functions = [
136 'GeomFromWKB',
137 'GeomCollFromWKB',
138 'LineFromWKB',
139 'MLineFromWKB',
140 'PointFromWKB',
141 'MPointFromWKB',
142 'PolyFromWKB',
143 'MPolyFromWKB',
144 ];
145
146 //if some posted fields need to be transformed.
147 $mime_map = $transformations->getMime($GLOBALS['db'], $GLOBALS['table']);
148 if ($mime_map === false) {
149 $mime_map = [];
150 }
151
152 $query_fields = [];
153 $insert_errors = [];
154 $row_skipped = false;
155 $unsaved_values = [];
156 foreach ($loop_array as $rownumber => $where_clause) {
157 // skip fields to be ignored
158 if (! $using_key && isset($_POST['insert_ignore_' . $where_clause])) {
159 continue;
160 }
161
162 // Defines the SET part of the sql query
163 $query_values = [];
164
165 // Map multi-edit keys to single-level arrays, dependent on how we got the fields
166 $multi_edit_columns
167 = isset($_POST['fields']['multi_edit'][$rownumber])
168 ? $_POST['fields']['multi_edit'][$rownumber]
169 : [];
170 $multi_edit_columns_name
171 = isset($_POST['fields_name']['multi_edit'][$rownumber])
172 ? $_POST['fields_name']['multi_edit'][$rownumber]
173 : [];
174 $multi_edit_columns_prev
175 = isset($_POST['fields_prev']['multi_edit'][$rownumber])
176 ? $_POST['fields_prev']['multi_edit'][$rownumber]
177 : null;
178 $multi_edit_funcs
179 = isset($_POST['funcs']['multi_edit'][$rownumber])
180 ? $_POST['funcs']['multi_edit'][$rownumber]
181 : null;
182 $multi_edit_salt
183 = isset($_POST['salt']['multi_edit'][$rownumber])
184 ? $_POST['salt']['multi_edit'][$rownumber]
185 : null;
186 $multi_edit_columns_type
187 = isset($_POST['fields_type']['multi_edit'][$rownumber])
188 ? $_POST['fields_type']['multi_edit'][$rownumber]
189 : null;
190 $multi_edit_columns_null
191 = isset($_POST['fields_null']['multi_edit'][$rownumber])
192 ? $_POST['fields_null']['multi_edit'][$rownumber]
193 : null;
194 $multi_edit_columns_null_prev
195 = isset($_POST['fields_null_prev']['multi_edit'][$rownumber])
196 ? $_POST['fields_null_prev']['multi_edit'][$rownumber]
197 : null;
198 $multi_edit_auto_increment
199 = isset($_POST['auto_increment']['multi_edit'][$rownumber])
200 ? $_POST['auto_increment']['multi_edit'][$rownumber]
201 : null;
202 $multi_edit_virtual
203 = isset($_POST['virtual']['multi_edit'][$rownumber])
204 ? $_POST['virtual']['multi_edit'][$rownumber]
205 : null;
206
207 // When a select field is nullified, it's not present in $_POST
208 // so initialize it; this way, the foreach($multi_edit_columns) will process it
209 foreach ($multi_edit_columns_name as $key => $val) {
210 if (! isset($multi_edit_columns[$key])) {
211 $multi_edit_columns[$key] = '';
212 }
213 }
214
215 // Iterate in the order of $multi_edit_columns_name,
216 // not $multi_edit_columns, to avoid problems
217 // when inserting multiple entries
218 $insert_fail = false;
219 foreach ($multi_edit_columns_name as $key => $column_name) {
220 $current_value = $multi_edit_columns[$key];
221 // Note: $key is an md5 of the fieldname. The actual fieldname is
222 // available in $multi_edit_columns_name[$key]
223
224 $file_to_insert = new File();
225 $file_to_insert->checkTblChangeForm((string) $key, (string) $rownumber);
226
227 $possibly_uploaded_val = $file_to_insert->getContent();
228 if ($possibly_uploaded_val !== false) {
229 $current_value = $possibly_uploaded_val;
230 }
231 // Apply Input Transformation if defined
232 if (! empty($mime_map[$column_name])
233 && ! empty($mime_map[$column_name]['input_transformation'])
234 ) {
235 $filename = 'libraries/classes/Plugins/Transformations/'
236 . $mime_map[$column_name]['input_transformation'];
237 if (is_file($filename)) {
238 $classname = $transformations->getClassName($filename);
239 if (class_exists($classname)) {
240 /** @var IOTransformationsPlugin $transformation_plugin */
241 $transformation_plugin = new $classname();
242 $transformation_options = $transformations->getOptions(
243 $mime_map[$column_name]['input_transformation_options']
244 );
245 $current_value = $transformation_plugin->applyTransformation(
246 $current_value,
247 $transformation_options
248 );
249 // check if transformation was successful or not
250 // and accordingly set error messages & insert_fail
251 if (method_exists($transformation_plugin, 'isSuccess')
252 && ! $transformation_plugin->isSuccess()
253 ) {
254 $insert_fail = true;
255 $row_skipped = true;
256 $insert_errors[] = sprintf(
257 __('Row: %1$s, Column: %2$s, Error: %3$s'),
258 $rownumber,
259 $column_name,
260 $transformation_plugin->getError()
261 );
262 }
263 }
264 }
265 }
266
267 if ($file_to_insert->isError()) {
268 $insert_errors[] = $file_to_insert->getError();
269 }
270 // delete $file_to_insert temporary variable
271 $file_to_insert->cleanUp();
272
273 $current_value = $insertEdit->getCurrentValueForDifferentTypes(
274 $possibly_uploaded_val,
275 $key,
276 $multi_edit_columns_type,
277 $current_value,
278 $multi_edit_auto_increment,
279 $rownumber,
280 $multi_edit_columns_name,
281 $multi_edit_columns_null,
282 $multi_edit_columns_null_prev,
283 $is_insert,
284 $using_key,
285 $where_clause,
286 $table,
287 $multi_edit_funcs
288 );
289
290 $current_value_as_an_array = $insertEdit->getCurrentValueAsAnArrayForMultipleEdit(
291 $multi_edit_funcs,
292 $multi_edit_salt,
293 $gis_from_text_functions,
294 $current_value,
295 $gis_from_wkb_functions,
296 $func_optional_param,
297 $func_no_param,
298 $key
299 );
300
301 if (! isset($multi_edit_virtual) || ! isset($multi_edit_virtual[$key])) {
302 list($query_values, $query_fields)
303 = $insertEdit->getQueryValuesForInsertAndUpdateInMultipleEdit(
304 $multi_edit_columns_name,
305 $multi_edit_columns_null,
306 $current_value,
307 $multi_edit_columns_prev,
308 $multi_edit_funcs,
309 $is_insert,
310 $query_values,
311 $query_fields,
312 $current_value_as_an_array,
313 $value_sets,
314 $key,
315 $multi_edit_columns_null_prev
316 );
317 }
318 if (isset($multi_edit_columns_null[$key])) {
319 $multi_edit_columns[$key] = null;
320 }
321 } //end of foreach
322
323 // temporarily store rows not inserted
324 // so that they can be populated again.
325 if ($insert_fail) {
326 $unsaved_values[$rownumber] = $multi_edit_columns;
327 }
328 if (! $insert_fail && count($query_values) > 0) {
329 if ($is_insert) {
330 $value_sets[] = implode(', ', $query_values);
331 } else {
332 // build update query
333 $query[] = 'UPDATE ' . Util::backquote($GLOBALS['table'])
334 . ' SET ' . implode(', ', $query_values)
335 . ' WHERE ' . $where_clause
336 . ($_POST['clause_is_unique'] ? '' : ' LIMIT 1');
337 }
338 }
339 } // end foreach ($loop_array as $where_clause)
340 unset(
341 $multi_edit_columns_name,
342 $multi_edit_columns_prev,
343 $multi_edit_funcs,
344 $multi_edit_columns_type,
345 $multi_edit_columns_null,
346 $func_no_param,
347 $multi_edit_auto_increment,
348 $current_value_as_an_array,
349 $key,
350 $current_value,
351 $loop_array,
352 $where_clause,
353 $using_key,
354 $multi_edit_columns_null_prev,
355 $insert_fail
356 );
357
358 // Builds the sql query
359 if ($is_insert && count($value_sets) > 0) {
360 $query = $insertEdit->buildSqlQuery($is_insertignore, $query_fields, $value_sets);
361 } elseif (empty($query) && ! isset($_POST['preview_sql']) && ! $row_skipped) {
362 // No change -> move back to the calling script
363 //
364 // Note: logic passes here for inline edit
365 $message = Message::success(__('No change'));
366 // Avoid infinite recursion
367 if ($goto_include == 'tbl_replace.php') {
368 $goto_include = 'tbl_change.php';
369 }
370 $active_page = $goto_include;
371 include ROOT_PATH . Core::securePath($goto_include);
372 exit;
373 }
374 unset($multi_edit_columns, $is_insertignore);
375
376 // If there is a request for SQL previewing.
377 if (isset($_POST['preview_sql'])) {
378 Core::previewSQL($query);
379 }
380
381 /**
382 * Executes the sql query and get the result, then move back to the calling
383 * page
384 */
385 list ($url_params, $total_affected_rows, $last_messages, $warning_messages,
386 $error_messages, $return_to_sql_query)
387 = $insertEdit->executeSqlQuery($url_params, $query);
388
389 if ($is_insert && (count($value_sets) > 0 || $row_skipped)) {
390 $message = Message::getMessageForInsertedRows(
391 $total_affected_rows
392 );
393 $unsaved_values = array_values($unsaved_values);
394 } else {
395 $message = Message::getMessageForAffectedRows(
396 $total_affected_rows
397 );
398 }
399 if ($row_skipped) {
400 $goto_include = 'tbl_change.php';
401 $message->addMessagesString($insert_errors, '<br>');
402 $message->isError(true);
403 }
404
405 $message->addMessages($last_messages, '<br>');
406
407 if (! empty($warning_messages)) {
408 $message->addMessagesString($warning_messages, '<br>');
409 $message->isError(true);
410 }
411 if (! empty($error_messages)) {
412 $message->addMessagesString($error_messages);
413 $message->isError(true);
414 }
415 unset(
416 $error_messages,
417 $warning_messages,
418 $total_affected_rows,
419 $last_messages,
420 $last_message,
421 $row_skipped,
422 $insert_errors
423 );
424
425 /**
426 * The following section only applies to grid editing.
427 * However, verifying isAjax() is not enough to ensure we are coming from
428 * grid editing. If we are coming from the Edit or Copy link in Browse mode,
429 * ajax_page_request is present in the POST parameters.
430 */
431 if ($response->isAjax() && ! isset($_POST['ajax_page_request'])) {
432 /**
433 * If we are in grid editing, we need to process the relational and
434 * transformed fields, if they were edited. After that, output the correct
435 * link/transformed value and exit
436 */
437 if (isset($_POST['rel_fields_list']) && $_POST['rel_fields_list'] != '') {
438 $map = $relation->getForeigners($db, $table, '', 'both');
439
440 $relation_fields = [];
441 parse_str($_POST['rel_fields_list'], $relation_fields);
442
443 // loop for each relation cell
444 /** @var array $relation_fields */
445 foreach ($relation_fields as $cell_index => $curr_rel_field) {
446 foreach ($curr_rel_field as $relation_field => $relation_field_value) {
447 $where_comparison = "='" . $relation_field_value . "'";
448 $dispval = $insertEdit->getDisplayValueForForeignTableColumn(
449 $where_comparison,
450 $map,
451 $relation_field
452 );
453
454 $extra_data['relations'][$cell_index]
455 = $insertEdit->getLinkForRelationalDisplayField(
456 $map,
457 $relation_field,
458 $where_comparison,
459 $dispval,
460 $relation_field_value
461 );
462 }
463 } // end of loop for each relation cell
464 }
465 if (isset($_POST['do_transformations'])
466 && $_POST['do_transformations'] == true
467 ) {
468 $edited_values = [];
469 parse_str($_POST['transform_fields_list'], $edited_values);
470
471 if (! isset($extra_data)) {
472 $extra_data = [];
473 }
474 $transformation_types = [
475 "input_transformation",
476 "transformation",
477 ];
478 foreach ($mime_map as $transformation) {
479 $column_name = $transformation['column_name'];
480 foreach ($transformation_types as $type) {
481 $file = Core::securePath($transformation[$type]);
482 $extra_data = $insertEdit->transformEditedValues(
483 $db,
484 $table,
485 $transformation,
486 $edited_values,
487 $file,
488 $column_name,
489 $extra_data,
490 $type
491 );
492 }
493 } // end of loop for each $mime_map
494 }
495
496 // Need to check the inline edited value can be truncated by MySQL
497 // without informing while saving
498 $column_name = $_POST['fields_name']['multi_edit'][0][0];
499
500 $insertEdit->verifyWhetherValueCanBeTruncatedAndAppendExtraData(
501 $db,
502 $table,
503 $column_name,
504 $extra_data
505 );
506
507 /**Get the total row count of the table*/
508 $_table = new Table($_POST['table'], $_POST['db']);
509 $extra_data['row_count'] = $_table->countRecords();
510
511 $extra_data['sql_query'] = Util::getMessage(
512 $message,
513 $GLOBALS['display_query']
514 );
515
516 $response->setRequestStatus($message->isSuccess());
517 $response->addJSON('message', $message);
518 $response->addJSON($extra_data);
519 exit;
520 }
521
522 if (! empty($return_to_sql_query)) {
523 $disp_query = $GLOBALS['sql_query'];
524 $disp_message = $message;
525 unset($message);
526 $GLOBALS['sql_query'] = $return_to_sql_query;
527 }
528
529 $scripts->addFile('vendor/jquery/additional-methods.js');
530 $scripts->addFile('tbl_change.js');
531
532 $active_page = $goto_include;
533
534 /**
535 * If user asked for "and then Insert another new row" we have to remove
536 * WHERE clause information so that tbl_change.php does not go back
537 * to the current record
538 */
539 if (isset($_POST['after_insert']) && 'new_insert' == $_POST['after_insert']) {
540 unset($_POST['where_clause']);
541 }
542
543 /**
544 * Load target page.
545 */
546 require ROOT_PATH . Core::securePath($goto_include);
547 exit;
phpMyAdmin