search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Prepared announcement for 2.4.0. Please feel free to correct it if necessary.
[phpmyadmin/crack.git] / tbl_replace_fields.php3
bloba174673b1228b2dda5bd108594412e7b5ac7c00b
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
4
5 // note: grab_globals has extracted the fields from _FILES
6 // or HTTP_POST_FILES
7
8 // f i e l d u p l o a d e d f r o m a f i l e
9
10 if (isset(${"fields_upload_" . $key}) && !empty(${"fields_upload_" . $key}) && ${"fields_upload_" . $key} != 'none') {
11 $data_file = ${"fields_upload_" . $key};
12 $val = fread(fopen($data_file, "rb"), filesize($data_file));
13 if (isset(${"fields_upload_binary_" . $key})) {
14 // nijel: This is probably the best way how to put binary data
15 // into MySQL and it also allow not to care about charset
16 // conversion that would otherwise corrupt the data.
17 $val = '0x' . bin2hex($val);
18 $seen_binary = TRUE;
19 } else {
20 // must always add slashes for an uploaded file:
21 // - do not use PMA_sqlAddslashes()
22 // - do not check get_magic_quotes_gpc()
23 $val = "'" . addslashes($val) . "'";
24 }
25 } else {
26
27 // f i e l d v a l u e i n t h e f o r m
28 switch (strtolower($val)) {
29 case 'null':
30 break;
31 case '$enum$':
32 // if we have an enum, then construct the value
33 $f = 'field_' . md5($key);
34 if (!empty($$f)) {
35 $val = implode(',', $$f);
36 if ($val == 'null') {
37 // void
38 } else {
39 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
40 }
41 } else {
42 $val = "''";
43 }
44 break;
45 case '$set$':
46 // if we have a set, then construct the value
47 $f = 'field_' . md5($key);
48 if (!empty($$f)) {
49 $val = implode(',', $$f);
50 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
51 } else {
52 $val = "''";
53 }
54 break;
55 case '$foreign$':
56 // if we have a foreign key, then construct the value
57 $f = 'field_' . md5($key);
58 if (!empty($$f)) {
59 $val = implode(',', $$f);
60 if ($val == 'null') {
61 // void
62 } else {
63 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
64 }
65 } else {
66 $val = "''";
67 }
68 break;
69 case '$protected$':
70 // here we are in protected mode (asked in the config)
71 // so tbl_change has put this special value in the
72 // fields array, so we do not change the field value
73 // but we can still handle field upload
74
75 $val = "''";
76 break;
77 default:
78 if (get_magic_quotes_gpc()) {
79 $val = "'" . str_replace('\\"', '"', $val) . "'";
80 } else {
81 $val = "'" . PMA_sqlAddslashes($val) . "'";
82 }
83 break;
84 } // end switch
85
86 // Was the Null checkbox checked for this field?
87 // (if there is a value, we ignore the Null checkbox: this could
88 // be possible if Javascript is disabled in the browser)
89 if (isset($fields_null) && isset($fields_null[$encoded_key])
90 && $val=="''") {
91 $val = 'NULL';
92 }
93 } // end else (field value in the form)
94 ?>
Drizzle / GSOC 2011