search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
serbian latin and cyrillic
[phpmyadmin/crack.git] / tbl_query_box.php3
blob1fbfcfc6b478a35b18673d9e36ec2da9c7c26884
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
4
5 // Check parameters
6
7 if (!defined('PMA_COMMON_LIB_INCLUDED')) {
8 include('./libraries/common.lib.php3');
9 }
10 if (!defined('PMA_BOOKMARK_LIB_INCLUDED')) {
11 include('./libraries/bookmark.lib.php3');
12 }
13
14 PMA_checkParameters(array('db','table','url_query'));
15
16 /**
17 * Defines the query to be displayed in the query textarea
18 */
19 if (isset($show_query) && $show_query == '1') {
20 // This script has been called by read_dump.php3
21 if (isset($sql_query_cpy)) {
22 $query_to_display = $sql_query_cpy;
23 }
24 // Other cases
25 else {
26 $query_to_display = $sql_query;
27 }
28 } else {
29 $query_to_display = '';
30 }
31 unset($sql_query);
32
33 /**
34 * Get the list and number of fields
35 */
36 $fields_cnt = 0;
37 if (isset($db) && isset($table) && $table != '' && $db != '') {
38 $local_query = 'SHOW FIELDS FROM ' . PMA_backquote($table) . ' FROM ' . PMA_backquote($db);
39 $result = @PMA_mysql_query($local_query);
40 if (!$result) {
41 PMA_mysqlDie('', $local_query, '', $err_url);
42 }
43 else {
44 $fields_cnt = mysql_num_rows($result);
45 while ($row = PMA_mysql_fetch_array($result)) {
46 $fields_list[] = $row['Field'];
47 } // end while
48 mysql_free_result($result);
49 }
50 }
51
52 /**
53 * Work on the table
54 */
55 // loic1: defines wether file upload is available or not
56 // ($is_upload now defined in common.lib.php3)
57
58 if ($cfg['QueryFrame'] && $cfg['QueryFrameJS'] && isset($is_inside_querywindow) && $is_inside_querywindow == TRUE && isset($querydisplay_tab) && ($querydisplay_tab == 'sql' || $querydisplay_tab == 'full')) {
59 $locking = 'onKeyPress="document.sqlform.elements[\'LockFromUpdate\'].checked = true;"';
60 } else {
61 $locking = '';
62 }
63
64 $auto_sel = ($cfg['TextareaAutoSelect']
65 // 2003-02-05 rabus: This causes big trouble with Opera 7 for
66 // Windows, so let's disable it there...
67 && !(PMA_USR_OS == 'Win' && PMA_USR_BROWSER_AGENT == 'OPERA' && PMA_USR_BROWSER_VER >= 7))
68 ? "\n" . ' onfocus="if (typeof(document.layers) == \'undefined\' || typeof(textarea_selected) == \'undefined\') {textarea_selected = 1; document.sqlform.elements[\'sql_query\'].select();}"'
69 : '';
70 $auto_sel .= ' ' . $locking;
71
72 // garvin: If non-JS query window is embedded, display a list of databases to choose from.
73 // Apart from that, a non-js query window sucks badly.
74
75 if ($cfg['QueryFrame'] && (!$cfg['QueryFrameJS'] && !$db || ($cfg['QueryFrameJS'] && !$db))) {
76 /**
77 * Get the list and number of available databases.
78 */
79 if ($server > 0) {
80 PMA_availableDatabases(); // this function is defined in "common.lib.php3"
81 } else {
82 $num_dbs = 0;
83 }
84
85 if ($num_dbs > 0) {
86 $queryframe_db_list = '<select size=1 name="db">';
87 for ($i = 0; $i < $num_dbs; $i++) {
88 $t_db = $dblist[$i];
89 $queryframe_db_list .= '<option value="' . htmlspecialchars($t_db) . '">' . htmlspecialchars($t_db) . '</option>';
90 }
91 $queryframe_db_list .= '</select>';
92 } else {
93 $queryframe_db_list = '';
94 }
95 } else {
96 $queryframe_db_list = '';
97 }
98
99 $form_items = 0;
100
101 if ($cfg['QueryFrame'] && $cfg['QueryFrameJS'] && isset($is_inside_querywindow) && $is_inside_querywindow) {
102 ?>
103 <script type="text/javascript">
104 <!--
105 document.writeln('<form method="post" target="phpmain' + <?php echo ((isset($is_inside_querywindow) && $is_inside_querywindow == TRUE) ? 'opener.' : '');?>parent.frames.queryframe.document.hashform.hash.value + '" action="read_dump.php3"<?php if ($is_upload) echo ' enctype="multipart/form-data"'; ?> onsubmit="return checkSqlQuery(this)" name="sqlform">');
106 //-->
107 </script>
108 <noscript>
109 <form method="post" target="phpmain<?php echo md5($cfg['PmaAbsoluteUri']); ?>" action="read_dump.php3"<?php if ($is_upload) echo ' enctype="multipart/form-data"'; ?> name="sqlform">
110 </noscript>
111 <?php
112 } else {
113 ?>
114 <form method="post" action="read_dump.php3"<?php if ($is_upload) echo ' enctype="multipart/form-data"'; ?> onsubmit="return checkSqlQuery(this)" name="sqlform">
115 <?php
116 }
117 ?>
118 <input type="hidden" name="is_js_confirmed" value="0" />
119 <?php echo PMA_generate_common_hidden_inputs($db, $table); ?>
120 <input type="hidden" name="pos" value="0" />
121 <input type="hidden" name="goto" value="<?php echo $goto; ?>" />
122 <input type="hidden" name="zero_rows" value="<?php echo $strSuccess; ?>" />
123 <input type="hidden" name="prev_sql_query" value="<?php echo ((!empty($query_to_display)) ? urlencode($query_to_display) : ''); ?>" />
124 <?php
125 if (!isset($is_inside_querywindow) ||
126 (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE && isset($querydisplay_tab) && ($querydisplay_tab == 'sql' || $querydisplay_tab == 'full'))) {
127 ?>
128 <!-- Query box and bookmark support -->
129 <?php
130 if (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE) {
131 ?>
132 <input type="hidden" name="focus_querywindow" value="true" />
133 <?php
134 }
135 ?>
136 <a name="querybox"></a>
137 <table cellpadding="1" cellspacing="1">
138 <tr>
139 <td>
140 <?php echo sprintf($strRunSQLQuery, htmlspecialchars($db)) . $queryframe_db_list . (isset($is_inside_querywindow) ? '<br />' : ' ') . PMA_showMySQLDocu('Reference', 'SELECT'); ?>
141 <br />
142 <textarea name="sql_query" rows="<?php echo $cfg['TextareaRows']; ?>" cols="<?php echo (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE ? ceil($cfg['TextareaCols'] * 1.25) : $cfg['TextareaCols'] * 2); ?>" wrap="virtual" dir="<?php echo $text_dir; ?>"<?php echo $auto_sel; ?>>
143 <?php echo ((!empty($query_to_display)) ? htmlspecialchars($query_to_display) : 'SELECT * FROM ' . htmlspecialchars(PMA_backquote($table)) . ' WHERE 1'); ?></textarea>
144 </td>
145 <?php if (isset($table) && $fields_cnt > 0) { ?>
146 <td align="center" valign="top"><?php echo (isset($is_inside_querywindow) ? '<br />' : '') . $strFields; ?>:<br />
147 <select name="dummy" size="4" multiple>
148 <?php
149 echo "\n";
150 for ($i = 0 ; $i < $fields_cnt; $i++) {
151 echo ' '
152 . '<option value="' . PMA_backquote(htmlspecialchars($fields_list[$i])) . '">' . htmlspecialchars($fields_list[$i]) . '</option>' . "\n";
153 }
154 ?>
155 </select><br /><br />
156 <input type="button" name="insert" value="<?php echo($strInsert); ?>" onclick="insertValueQuery()" />
157 </td>
158 <?php
159 }
160 ?>
161 </tr>
162 </table>
163 <input type="checkbox" name="show_query" value="1" id="checkbox_show_query" checked="checked" />&nbsp;
164 <label for="checkbox_show_query"><?php echo $strShowThisQuery; ?></label><br />
165 <?php
166 if (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE) {
167 ?>
168 <script type="text/javascript">
169 document.writeln('<input type="checkbox" name="LockFromUpdate" value="1" id="checkbox_lock" />&nbsp;');
170 document.writeln(' <label for="checkbox_lock"><?php echo $strQueryWindowLock; ?></label><br />');
171 </script>
172 <?php
173 }
174
175 $form_items++;
176 ?>
177 </div>
178 <?php
179 } else {
180 ?>
181 <input type="hidden" name="sql_query" value="" />
182 <input type="hidden" name="show_query" value="1" />
183 <?php
184 }
185
186 // loic1: displays import dump feature only if file upload available
187 if ($is_upload && (!isset($is_inside_querywindow) ||
188 (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE && isset($querydisplay_tab) && ($querydisplay_tab == 'files' || $querydisplay_tab == 'full')))) {
189 $form_items++;
190 echo ' ' . ((isset($is_inside_querywindow) && $is_inside_querywindow == TRUE && isset($querydisplay_tab) && $querydisplay_tab == 'full') || !isset($is_inside_querywindow) ? '<i>' . $strOr . '</i>' : '') . ' ' . $strLocationTextfile . '&nbsp;:<br />' . "\n";
191 ?>
192 <div style="margin-bottom: 5px">
193 <input type="file" name="sql_file" class="textfield" /><br />
194 <?php
195 if (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE) {
196 ?>
197 <input type="hidden" name="focus_querywindow" value="true" />
198 <?php
199 }
200
201 $is_gzip = ($cfg['GZipDump'] && @function_exists('gzopen'));
202 $is_bzip = ($cfg['BZipDump'] && @function_exists('bzdecompress'));
203 if ($is_bzip || $is_gzip) {
204 echo ' ' . $strCompression . ':' . "\n"
205 . ' <input type="radio" id="radio_sql_file_compression_auto" name="sql_file_compression" value="" checked="checked" />' . "\n"
206 . ' <label for="radio_sql_file_compression_auto">' . $strAutodetect . '</label>&nbsp;&nbsp;&nbsp;' . "\n"
207 . ' <input type="radio" id="radio_sql_file_compression_plain" name="sql_file_compression" value="text/plain" />' . "\n"
208 . ' <label for="radio_sql_file_compression_plain">' . $strNone . '</label>&nbsp;&nbsp;&nbsp;' . "\n";
209 if ($is_gzip) {
210 echo ' <input type="radio" id="radio_sql_file_compression_gzip" name="sql_file_compression" value="application/x-gzip" />' . "\n"
211 . ' <label for="radio_sql_file_compression_gzip">' . $strGzip . '</label>&nbsp;&nbsp;&nbsp;' . "\n";
212 }
213 if ($is_bzip) {
214 echo ' <input type="radio" id="radio_sql_file_compression_bzip" name="sql_file_compression" value="application/x-bzip" />' . "\n"
215 . ' <label for="radio_sql_file_compression_bzip">' . $strBzip . '</label>&nbsp;&nbsp;&nbsp;' . "\n";
216 }
217 } else {
218 echo ' <input type="hidden" name="sql_file_compression" value="text/plain" />' . "\n";
219 }
220 ?>
221 </div>
222 <?php
223 } // end if
224 echo "\n";
225
226 // web-server upload directory
227 $is_upload_dir = false;
228 if ($cfg['UploadDir'] != '' && !isset($is_inside_querywindow) ||
229 ($cfg['UploadDir'] != '' && isset($is_inside_querywindow) && $is_inside_querywindow == TRUE && isset($querydisplay_tab) && ($querydisplay_tab == 'files' || $querydisplay_tab == 'full'))) {
230
231 if ($handle = @opendir($cfg['UploadDir'])) {
232 if (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE) {
233 ?>
234 <input type="hidden" name="focus_querywindow" value="true" />
235 <?php
236 }
237
238 $is_first = 0;
239 while ($file = @readdir($handle)) {
240 if (is_file($cfg['UploadDir'] . $file) && substr($file, -4) == '.sql') {
241 if ($is_first == 0) {
242 $is_upload_dir = true;
243 echo "\n";
244 echo ' ' . ((isset($is_inside_querywindow) && $is_inside_querywindow == TRUE && isset($querydisplay_tab) && $querydisplay_tab == 'full') || !isset($is_inside_querywindow) ? '<i>' . $strOr . '</i>' : '') . ' ' . $strWebServerUploadDirectory . '&nbsp;:<br />' . "\n";
245 echo ' <div style="margin-bottom: 5px">' . "\n";
246 echo ' <select size="1" name="sql_localfile">' . "\n";
247 echo ' <option value="" selected="selected"></option>' . "\n";
248 $form_items++;
249 } // end if (is_first)
250 echo ' <option value="' . htmlspecialchars($file) . '">' . htmlspecialchars($file) . '</option>' . "\n";
251 $is_first++;
252 } // end if (is_file)
253 } // end while
254 if ($is_first > 0) {
255 echo ' </select>' . "\n"
256 . ' </div>' . "\n\n";
257 } // end if (isfirst > 0)
258 @closedir($handle);
259 } else {
260 echo ' <div style="margin-bottom: 5px">' . "\n";
261 echo ' <font color="red">' . $strError . '</font><br />' . "\n";
262 echo ' ' . $strWebServerUploadDirectoryError . "\n";
263 echo ' </div>' . "\n";
264 }
265 } // end if (web-server upload directory)
266 echo "\n";
267
268 // Encoding setting form appended by Y.Kawada
269 if (function_exists('PMA_set_enc_form')) {
270 echo PMA_set_enc_form(' ');
271 $form_items++;
272 }
273
274 // Charset conversion options
275 if (($is_upload || $is_upload_dir) &&
276 (!isset($is_inside_querywindow) ||
277 (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE && isset($querydisplay_tab) && ($querydisplay_tab == 'files' || $querydisplay_tab == 'full')))
278 && isset($db) && $db != ''){
279 if ($cfg['AllowAnywhereRecoding'] && $allow_recoding) {
280 $form_items++;
281 echo ' <div style="margin-bottom: 5px">' . "\n";
282 $temp_charset = reset($cfg['AvailableCharsets']);
283 echo $strCharsetOfFile . "\n"
284 . ' <select name="charset_of_file" size="1">' . "\n"
285 . ' <option value="' . $temp_charset . '"';
286 if ($temp_charset == $charset) {
287 echo ' selected="selected"';
288 }
289 echo '>' . $temp_charset . '</option>' . "\n";
290 while ($temp_charset = next($cfg['AvailableCharsets'])) {
291 echo ' <option value="' . $temp_charset . '"';
292 if ($temp_charset == $charset) {
293 echo ' selected="selected"';
294 }
295 echo '>' . $temp_charset . '</option>' . "\n";
296 }
297 echo ' </select><br />' . "\n" . ' ';
298 echo ' </div>' . "\n";
299 } // end if (recoding)
300 }
301
302 // Bookmark Support
303 $bookmark_go = FALSE;
304 if (!isset($is_inside_querywindow) ||
305 (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE && isset($querydisplay_tab) && ($querydisplay_tab == 'history' || $querydisplay_tab == 'full'))) {
306 if ($cfg['Bookmark']['db'] && $cfg['Bookmark']['table']) {
307 if (($bookmark_list = PMA_listBookmarks($db, $cfg['Bookmark'])) && count($bookmark_list) > 0) {
308 $form_items++;
309 echo " " . ((isset($is_inside_querywindow) && $is_inside_querywindow == TRUE && isset($querydisplay_tab) && $querydisplay_tab == 'full') || !isset($is_inside_querywindow) ? "<i>$strOr</i>" : '') . " $strBookmarkQuery&nbsp;:<br />\n";
310
311 if (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE) {
312 ?>
313 <input type="hidden" name="focus_querywindow" value="true" />
314 <?php
315 }
316
317 echo ' <div style="margin-bottom: 5px">' . "\n";
318 echo ' <select name="id_bookmark" style="vertical-align: middle">' . "\n";
319 echo ' <option value=""></option>' . "\n";
320 while (list($key, $value) = each($bookmark_list)) {
321 echo ' <option value="' . $value . '">' . htmlspecialchars($key) . '</option>' . "\n";
322 }
323 echo ' </select>' . "<br />\n";
324 echo ' ' . $strVar . ' (<a href="./Documentation.html#faqbookmark" target="documentation">' . $strDocu . '</a>): <input type="text" name="bookmark_variable" class="textfield" size="10" />' . "\n";
325 echo ' <input type="radio" name="action_bookmark" value="0" id="radio_bookmark0" checked="checked" style="vertical-align: middle" /><label for="radio_bookmark0">' . $strSubmit . '</label>' . "\n";
326 echo ' &nbsp;<input type="radio" name="action_bookmark" value="1" id="radio_bookmark1" style="vertical-align: middle" /><label for="radio_bookmark1">' . $strBookmarkView . '</label>' . "\n";
327 echo ' &nbsp;<input type="radio" name="action_bookmark" value="2" id="radio_bookmark2" style="vertical-align: middle" /><label for="radio_bookmark2">' . $strDelete . '</label>' . "\n";
328 echo ' <br />' . "\n";
329 echo ' </div>' . "\n";
330 $bookmark_go = TRUE;
331 }
332 }
333 }
334
335 if (!isset($is_inside_querywindow) || (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE && isset($querydisplay_tab) && (($querydisplay_tab == 'files') || $querydisplay_tab == 'sql' || $querydisplay_tab == 'full' || ($querydisplay_tab == 'history' && $bookmark_go)))) {
336 if ($form_items > 0) {
337 ?>
338 <input type="submit" name="SQL" value="<?php echo $strGo; ?>" />
339 <?php
340 } else {
341 // TODO: Add a more complete warning that no items (like for file import) where found.
342 // (After 2.5.2 release!)
343 echo $strWebServerUploadDirectoryError;
344 }
345 }
346 ?>
347 </form>
348 <?php
349 if (!isset($is_inside_querywindow) ||
350 (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE && isset($querydisplay_tab) && ($querydisplay_tab == 'files' || $querydisplay_tab == 'full')) && isset($db) && $db != '') {
351
352 // loic1: displays import dump feature only if file upload available
353 $ldi_target = 'ldi_table.php3?' . $url_query . (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE ? '&amp;focus_querywindow=true' : '');
354
355 if ($is_upload && isset($db) && isset($table)) {
356 ?>
357 <!-- Insert a text file -->
358 <br /><br />
359 <li>
360 <?php
361 if ($cfg['QueryFrame'] && $cfg['QueryFrameJS']) {
362 ?>
363
364 <script type="text/javascript">
365 document.writeln('<div style="margin-bottom: 10px"><a href="<?php echo (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE ? '#' : $ldi_target); ?>" <?php echo (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE ? 'onclick="opener.parent.frames.phpmain\' + opener.parent.frames.queryframe.document.hashform.hash.value + \'.location.href = \\\'' . $ldi_target . '\\\'; return false;"' : ''); ?>><?php echo addslashes($strInsertTextfiles); ?></a></div>');
366 </script>
367
368 <?php
369 } else {
370 ?>
371
372 <script type="text/javascript">
373 document.writeln('<div style="margin-bottom: 10px"><a href="<?php echo (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE ? '#' : $ldi_target); ?>" <?php echo (isset($is_inside_querywindow) && $is_inside_querywindow == TRUE ? 'onclick="opener.parent.frames.phpmain' . md5($cfg['PmaAbsoluteUri']) . '.location.href = \\\'' . $ldi_target . '\\\'; return false;"' : ''); ?>><?php echo addslashes($strInsertTextfiles); ?></a></div>');
374 </script>
375
376 <?php
377 }
378 ?>
379
380 <noscript>
381 <div style="margin-bottom: 10px"><a href="<?php echo $ldi_target; ?>"><?php echo $strInsertTextfiles; ?></a></div>
382 </noscript>
383 </li>
384 <?php
385 }
386 }
387 echo "\n";
388 ?>
Drizzle / GSOC 2011