search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Removed note about intetional slash that causes problems.
[phpmyadmin/crack.git] / read_dump.php3
blob6180bc4e2579448c6041aaca2e648a7f3a4d8f13
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
4
5
6 /**
7 * Removes comment lines and splits up large sql files into individual queries
8 *
9 * Last revision: September 23, 2001 - gandon
10 *
11 * @param array the splitted sql commands
12 * @param string the sql commands
13 * @param integer the MySQL release number (because certains php3 versions
14 * can't get the value of a constant from within a function)
15 *
16 * @return boolean always true
17 *
18 * @access public
19 */
20 function PMA_splitSqlFile(&$ret, $sql, $release)
21 {
22 $sql = trim($sql);
23 $sql_len = strlen($sql);
24 $char = '';
25 $string_start = '';
26 $in_string = FALSE;
27 $time0 = time();
28
29 for ($i = 0; $i < $sql_len; ++$i) {
30 $char = $sql[$i];
31
32 // We are in a string, check for not escaped end of strings except for
33 // backquotes that can't be escaped
34 if ($in_string) {
35 for (;;) {
36 $i = strpos($sql, $string_start, $i);
37 // No end of string found -> add the current substring to the
38 // returned array
39 if (!$i) {
40 $ret[] = $sql;
41 return TRUE;
42 }
43 // Backquotes or no backslashes before quotes: it's indeed the
44 // end of the string -> exit the loop
45 else if ($string_start == '`' || $sql[$i-1] != '\\') {
46 $string_start = '';
47 $in_string = FALSE;
48 break;
49 }
50 // one or more Backslashes before the presumed end of string...
51 else {
52 // ... first checks for escaped backslashes
53 $j = 2;
54 $escaped_backslash = FALSE;
55 while ($i-$j > 0 && $sql[$i-$j] == '\\') {
56 $escaped_backslash = !$escaped_backslash;
57 $j++;
58 }
59 // ... if escaped backslashes: it's really the end of the
60 // string -> exit the loop
61 if ($escaped_backslash) {
62 $string_start = '';
63 $in_string = FALSE;
64 break;
65 }
66 // ... else loop
67 else {
68 $i++;
69 }
70 } // end if...elseif...else
71 } // end for
72 } // end if (in string)
73
74 // We are not in a string, first check for delimiter...
75 else if ($char == ';') {
76 // if delimiter found, add the parsed part to the returned array
77 $ret[] = substr($sql, 0, $i);
78 $sql = ltrim(substr($sql, min($i + 1, $sql_len)));
79 $sql_len = strlen($sql);
80 if ($sql_len) {
81 $i = -1;
82 } else {
83 // The submited statement(s) end(s) here
84 return TRUE;
85 }
86 } // end else if (is delimiter)
87
88 // ... then check for start of a string,...
89 else if (($char == '"') || ($char == '\'') || ($char == '`')) {
90 $in_string = TRUE;
91 $string_start = $char;
92 } // end else if (is start of string)
93
94 // ... for start of a comment (and remove this comment if found)...
95 else if ($char == '#'
96 || ($char == ' ' && $i > 1 && $sql[$i-2] . $sql[$i-1] == '--')) {
97 // starting position of the comment depends on the comment type
98 $start_of_comment = (($sql[$i] == '#') ? $i : $i-2);
99 // if no "\n" exits in the remaining string, checks for "\r"
100 // (Mac eol style)
101 $end_of_comment = (strpos(' ' . $sql, "\012", $i+2))
102 ? strpos(' ' . $sql, "\012", $i+2)
103 : strpos(' ' . $sql, "\015", $i+2);
104 if (!$end_of_comment) {
105 // no eol found after '#', add the parsed part to the returned
106 // array if required and exit
107 if ($start_of_comment > 0) {
108 $ret[] = trim(substr($sql, 0, $start_of_comment));
109 }
110 return TRUE;
111 } else {
112 $sql = substr($sql, 0, $start_of_comment)
113 . ltrim(substr($sql, $end_of_comment));
114 $sql_len = strlen($sql);
115 $i--;
116 } // end if...else
117 } // end else if (is comment)
118
119 // ... and finally disactivate the "/*!...*/" syntax if MySQL < 3.22.07
120 else if ($release < 32270
121 && ($char == '!' && $i > 1 && $sql[$i-2] . $sql[$i-1] == '/*')) {
122 $sql[$i] = ' ';
123 } // end else if
124
125 // loic1: send a fake header each 30 sec. to bypass browser timeout
126 $time1 = time();
127 if ($time1 >= $time0 + 30) {
128 $time0 = $time1;
129 header('X-pmaPing: Pong');
130 } // end if
131 } // end for
132
133 // add any rest to the returned array
134 if (!empty($sql) && ereg('[^[:space:]]+', $sql)) {
135 $ret[] = $sql;
136 }
137
138 return TRUE;
139 } // end of the 'PMA_splitSqlFile()' function
140
141
142 /**
143 * Reads (and decompresses) a (compressed) file into a string
144 *
145 * @param string the path to the file
146 * @param string the MIME type of the file
147 *
148 * @global array the phpMyAdmin configuration
149 *
150 * @return string the content of the file or
151 * boolean FALSE in case of an error.
152 */
153 function PMA_readFile($path, $mime = 'text/plain') {
154 global $cfg;
155
156 switch ($mime) {
157 case 'text/plain':
158 $file = fopen($path, 'rb');
159 $content = fread($file, filesize($path));
160 fclose($file);
161 break;
162 case 'application/x-gzip':
163 if ($cfg['GZipDump'] && @function_exists('gzopen')) {
164 $file = gzopen($path, 'rb');
165 $content = '';
166 while (!gzeof($file)) {
167 $content .= gzgetc($file);
168 }
169 gzclose($file);
170 } else {
171 return FALSE;
172 }
173 break;
174 case 'application/x-bzip':
175 if ($cfg['BZipDump'] && @function_exists('bzdecompress')) {
176 $file = fopen($path, 'rb');
177 $content = fread($file, filesize($path));
178 fclose($file);
179 $content = bzdecompress($content);
180 } else {
181 return FALSE;
182 }
183 break;
184 default:
185 return FALSE;
186 }
187 if (!file_exists($path)) {
188 return FALSE;
189 }
190 return $content;
191 }
192
193
194 /**
195 * Gets some core libraries
196 */
197 require('./libraries/grab_globals.lib.php3');
198 require('./libraries/common.lib.php3');
199
200
201 /**
202 * Increases the max. allowed time to run a script
203 */
204 @set_time_limit($cfg['ExecTimeLimit']);
205
206
207 /**
208 * Defines the url to return to in case of error in a sql statement
209 */
210 if (!isset($goto)
211 || ($goto != 'db_details.php3' && $goto != 'tbl_properties.php3')) {
212 $goto = 'db_details.php3';
213 }
214 $err_url = $goto
215 . '?' . PMA_generate_common_url($db)
216 . (($goto == 'tbl_properties.php3') ? '&amp;table=' . urlencode($table) : '');
217
218
219 /**
220 * Set up default values for some variables
221 */
222 $view_bookmark = 0;
223 $sql_bookmark = isset($sql_bookmark) ? $sql_bookmark : '';
224 $sql_query = isset($sql_query) ? $sql_query : '';
225 if (!empty($sql_localfile) && $cfg['UploadDir'] != '') {
226 $sql_file = $cfg['UploadDir'] . $sql_localfile;
227 } else if (empty($sql_file)) {
228 $sql_file = 'none';
229 }
230
231
232 /**
233 * Bookmark Support: get a query back from bookmark if required
234 */
235 if (!empty($id_bookmark)) {
236 include('./libraries/bookmark.lib.php3');
237 switch ($action_bookmark) {
238 case 0: // bookmarked query that have to be run
239 $sql_query = PMA_queryBookmarks($db, $cfg['Bookmark'], $id_bookmark);
240 break;
241 case 1: // bookmarked query that have to be displayed
242 $sql_query = PMA_queryBookmarks($db, $cfg['Bookmark'], $id_bookmark);
243 $view_bookmark = 1;
244 break;
245 case 2: // bookmarked query that have to be deleted
246 $sql_query = PMA_deleteBookmarks($db, $cfg['Bookmark'], $id_bookmark);
247 break;
248 }
249 } // end if
250
251
252 /**
253 * Prepares the sql query
254 */
255 // Gets the query from a file if required
256 if ($sql_file != 'none') {
257 // loic1 : fixed a security issue
258 // if ((file_exists($sql_file) && is_uploaded_file($sql_file))
259 // || file_exists($cfg['UploadDir'] . $sql_localfile)) {
260 if (file_exists($sql_file)
261 && ((isset($sql_localfile) && $sql_file == $cfg['UploadDir'] . $sql_localfile) || is_uploaded_file($sql_file))) {
262 $open_basedir = '';
263 if (PMA_PHP_INT_VERSION >= 40000) {
264 $open_basedir = @ini_get('open_basedir');
265 }
266 if (empty($open_basedir)) {
267 $open_basedir = @get_cfg_var('open_basedir');
268 }
269
270 // If we are on a server with open_basedir, we must move the file
271 // before opening it. The doc explains how to create the "./tmp"
272 // directory
273
274 if (!empty($open_basedir)) {
275
276 $tmp_subdir = (PMA_IS_WINDOWS ? '.\\tmp\\' : './tmp/');
277
278 // function is_writeable() is valid on PHP3 and 4
279 if (!is_writeable($tmp_subdir)) {
280 // if we cannot move the file, let PHP report the error
281 error_reporting(E_ALL);
282 $sql_query = PMA_readFile($sql_file, $sql_file_compression);
283 }
284 else {
285 $sql_file_new = $tmp_subdir . basename($sql_file);
286 if (PMA_PHP_INT_VERSION < 40003) {
287 copy($sql_file, $sql_file_new);
288 } else {
289 move_uploaded_file($sql_file, $sql_file_new);
290 }
291 $sql_query = PMA_readFile($sql_file_new, $sql_file_compression);
292 unlink($sql_file_new);
293 }
294 }
295 else {
296 // read from the normal upload dir
297 $sql_query = PMA_readFile($sql_file, $sql_file_compression);
298 }
299
300 if (get_magic_quotes_runtime() == 1) {
301 $sql_query = stripslashes($sql_query);
302 }
303 // Convert the file's charset if necessary
304 if ($cfg['AllowAnywhereRecoding'] && $allow_recoding
305 && isset($charset_of_file) && $charset_of_file != $charset) {
306 $sql_query = PMA_convert_string($charset_of_file, $charset, $sql_query);
307 }
308 } // end uploaded file stuff
309 }
310 else if (empty($id_bookmark) && get_magic_quotes_gpc() == 1) {
311 $sql_query = stripslashes($sql_query);
312 }
313
314 // Kanji convert SQL textfile 2002/1/4 by Y.Kawada
315 if (@function_exists('PMA_kanji_str_conv')) {
316 $sql_tmp = trim($sql_query);
317 PMA_change_enc_order();
318 $sql_query = PMA_kanji_str_conv($sql_tmp, $knjenc, isset($xkana) ? $xkana : '');
319 PMA_change_enc_order();
320 } else {
321 $sql_query = trim($sql_query);
322 }
323
324 // $sql_query come from the query textarea, if it's a reposted query gets its
325 // 'true' value
326 if (!empty($prev_sql_query)) {
327 $prev_sql_query = urldecode($prev_sql_query);
328 if ($sql_query == trim(htmlspecialchars($prev_sql_query))) {
329 $sql_query = $prev_sql_query;
330 }
331 }
332
333 // Drop database is not allowed -> ensure the query can be run
334 if (!$cfg['AllowUserDropDatabase']
335 && eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE ', $sql_query)) {
336 // Checks if the user is a Superuser
337 // TODO: set a global variable with this information
338 // loic1: optimized query
339 $result = @PMA_mysql_query('USE mysql');
340 if (PMA_mysql_error()) {
341 include('./header.inc.php3');
342 PMA_mysqlDie($strNoDropDatabases, '', '', $err_url);
343 }
344 }
345 define('PMA_CHK_DROP', 1);
346
347 /**
348 * Executes the query
349 */
350 if ($sql_query != '') {
351 $pieces = array();
352 PMA_splitSqlFile($pieces, $sql_query, PMA_MYSQL_INT_VERSION);
353 $pieces_count = count($pieces);
354 if ($pieces_count > 1) {
355 $is_multiple = TRUE;
356 }
357
358 // Copy of the cleaned sql statement for display purpose only (see near the
359 // beginning of "db_details.php3" & "tbl_properties.php3")
360 if ($sql_file != 'none' && $pieces_count > 10) {
361 // Be nice with bandwidth...
362 $sql_query_cpy = $sql_query = '';
363 } else {
364 $sql_query_cpy = implode(";\n", $pieces) . ';';
365 // Be nice with bandwidth... for now, an arbitrary limit of 500,
366 // could be made configurable but probably not necessary
367 if (strlen($sql_query_cpy) > 500) {
368 $sql_query_cpy = $sql_query = '';
369 }
370 }
371
372 // really run the query?
373 if ($view_bookmark == 0) {
374 // Only one query to run
375 if ($pieces_count == 1 && !empty($pieces[0])) {
376 // sql.php3 will stripslash the query if get_magic_quotes_gpc
377 if (get_magic_quotes_gpc() == 1) {
378 $sql_query = addslashes($pieces[0]);
379 } else {
380 $sql_query = $pieces[0];
381 }
382 if (eregi('^(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)', $sql_query)) {
383 $reload = 1;
384 }
385 include('./sql.php3');
386 exit();
387 }
388
389 // Runs multiple queries
390 else if (PMA_mysql_select_db($db)) {
391 $mult = TRUE;
392 for ($i = 0; $i < $pieces_count; $i++) {
393 $a_sql_query = $pieces[$i];
394 $result = PMA_mysql_query($a_sql_query);
395 if ($result == FALSE) { // readdump failed
396 $my_die = $a_sql_query;
397 break;
398 }
399 if (!isset($reload) && eregi('^(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)', $a_sql_query)) {
400 $reload = 1;
401 }
402 } // end for
403 } // end else if
404 } // end if (really run the query)
405 unset($pieces);
406 } // end if
407
408
409
410 /**
411 * MySQL error
412 */
413 if (isset($my_die)) {
414 $js_to_run = 'functions.js';
415 include('./header.inc.php3');
416 PMA_mysqlDie('', $my_die, '', $err_url);
417 }
418
419
420 /**
421 * Go back to the calling script
422 */
423 // Checks for a valid target script
424 if (isset($table) && $table == '') {
425 unset($table);
426 }
427 if (isset($db) && $db == '') {
428 unset($db);
429 }
430 $is_db = $is_table = FALSE;
431 if ($goto == 'tbl_properties.php3') {
432 if (!isset($table)) {
433 $goto = 'db_details.php3';
434 } else {
435 $is_table = @PMA_mysql_query('SHOW TABLES LIKE \'' . PMA_sqlAddslashes($table, TRUE) . '\'');
436 if (!($is_table && @mysql_numrows($is_table))) {
437 $goto = 'db_details.php3';
438 unset($table);
439 }
440 } // end if... else...
441 }
442 if ($goto == 'db_details.php3') {
443 if (isset($table)) {
444 unset($table);
445 }
446 if (!isset($db)) {
447 $goto = 'main.php3';
448 } else {
449 $is_db = @PMA_mysql_select_db($db);
450 if (!$is_db) {
451 $goto = 'main.php3';
452 unset($db);
453 }
454 } // end if... else...
455 }
456 // Defines the message to be displayed
457 if (!empty($id_bookmark) && $action_bookmark == 2) {
458 $message = $strBookmarkDeleted;
459 } else if (!isset($sql_query_cpy)) {
460 $message = $strNoQuery;
461 } else if ($sql_query_cpy == '') {
462 $message = "$strSuccess&nbsp;:<br />$strTheContent ($pieces_count $strInstructions)&nbsp;";
463 } else {
464 $message = $strSuccess;
465 }
466 // Loads to target script
467 if ($goto == 'db_details.php3' || $goto == 'tbl_properties.php3') {
468 $js_to_run = 'functions.js';
469 }
470 if ($goto != 'main.php3') {
471 include('./header.inc.php3');
472 }
473 require('./' . $goto);
474 ?>
Drizzle / GSOC 2011