search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
update
[phpmyadmin/crack.git] / ldi_check.php3
blob95d9ebaefc2645a95ac26534efc7a2e698c91d30
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
4
5
6 /**
7 * This file checks and builds the sql-string for
8 * LOAD DATA INFILE 'file_name.txt' [REPLACE | IGNORE] INTO TABLE table_name
9 * [FIELDS
10 * [TERMINATED BY '\t']
11 * [OPTIONALLY] ENCLOSED BY "]
12 * [ESCAPED BY '\\' ]]
13 * [LINES TERMINATED BY '\n']
14 * [(column_name,...)]
15 */
16
17
18 /**
19 * Gets some core scripts
20 */
21 require('./libraries/grab_globals.lib.php3');
22 require('./libraries/common.lib.php3');
23
24 // Check parameters
25
26 PMA_checkParameters(array('db', 'table'));
27
28 /**
29 * If a file from UploadDir was submitted, use this file
30 */
31 $unlink_local_textfile = false;
32 if (isset($btnLDI) && isset($local_textfile) && $local_textfile != '') {
33 if (empty($DOCUMENT_ROOT)) {
34 if (!empty($_SERVER) && isset($_SERVER['DOCUMENT_ROOT'])) {
35 $DOCUMENT_ROOT = $_SERVER['DOCUMENT_ROOT'];
36 }
37 else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['DOCUMENT_ROOT'])) {
38 $DOCUMENT_ROOT = $HTTP_SERVER_VARS['DOCUMENT_ROOT'];
39 }
40 else if (!empty($_ENV) && isset($_ENV['DOCUMENT_ROOT'])) {
41 $DOCUMENT_ROOT = $_ENV['DOCUMENT_ROOT'];
42 }
43 else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['DOCUMENT_ROOT'])) {
44 $DOCUMENT_ROOT = $HTTP_ENV_VARS['DOCUMENT_ROOT'];
45 }
46 else if (@getenv('DOCUMENT_ROOT')) {
47 $DOCUMENT_ROOT = getenv('DOCUMENT_ROOT');
48 }
49 else {
50 $DOCUMENT_ROOT = '.';
51 }
52 } // end if
53
54 $textfile = $DOCUMENT_ROOT . dirname($PHP_SELF) . '/' . eregi_replace('^./', '', $cfg['UploadDir']) . eregi_replace('\.\.*', '.', $local_textfile);
55 if (file_exists($textfile)) {
56 $open_basedir = '';
57 if (PMA_PHP_INT_VERSION >= 40000) {
58 $open_basedir = @ini_get('open_basedir');
59 }
60 if (empty($open_basedir)) {
61 $open_basedir = @get_cfg_var('open_basedir');
62 }
63
64 // If we are on a server with open_basedir, we must move the file
65 // before opening it. The doc explains how to create the "./tmp"
66 // directory
67
68 if (!empty($open_basedir)) {
69
70 $tmp_subdir = (PMA_IS_WINDOWS ? '.\\tmp\\' : './tmp/');
71
72 // function is_writeable() is valid on PHP3 and 4
73 if (!is_writeable($tmp_subdir)) {
74 echo $strWebServerUploadDirectoryError . ': ' . $tmp_subdir
75 . '<br />';
76 exit();
77 } else {
78 $textfile_new = $tmp_subdir . basename($textfile);
79 if (PMA_PHP_INT_VERSION < 40003) {
80 copy($textfile, $textfile_new);
81 } else {
82 move_uploaded_file($textfile, $textfile_new);
83 }
84 $textfile = $textfile_new;
85 $unlink_local_textfile = true;
86 }
87 }
88 }
89 }
90
91 /**
92 * The form used to define the query has been submitted -> do the work
93 */
94 if (isset($btnLDI) && empty($textfile)) {
95 $js_to_run = 'functions.js';
96 include('./header.inc.php3');
97 $message = $strMustSelectFile;
98 include('./ldi_table.php3');
99 } elseif (isset($btnLDI) && ($textfile != 'none')) {
100 if (!isset($replace)) {
101 $replace = '';
102 }
103
104 // the error message does not correspond exactly to the error...
105 if (!@chmod($textfile, 0644)) {
106 echo $strFileCouldNotBeRead . ' ' . $textfile . '<br />';
107 exit();
108 }
109
110 // Kanji encoding convert appended by Y.Kawada
111 if (function_exists('PMA_kanji_file_conv')) {
112 $textfile = PMA_kanji_file_conv($textfile, $knjenc, isset($xkana) ? $xkana : '');
113 }
114
115 // Convert the file's charset if necessary
116 if ($cfg['AllowAnywhereRecoding'] && $allow_recoding
117 && isset($charset_of_file) && $charset_of_file != $charset) {
118 $textfile = PMA_convert_file($charset_of_file, $convcharset, $textfile);
119 }
120
121 // Formats the data posted to this script
122 $textfile = PMA_sqlAddslashes($textfile);
123 $enclosed = PMA_sqlAddslashes($enclosed);
124 $escaped = PMA_sqlAddslashes($escaped);
125 $column_name = PMA_sqlAddslashes($column_name);
126
127 // (try to) make sure the file is readable:
128 chmod($textfile, 0777);
129
130 // Builds the query
131 $sql_query = 'LOAD DATA';
132
133 if ($local_option == "1") {
134 $sql_query .= ' LOCAL';
135 }
136
137 $sql_query .= ' INFILE \'' . $textfile . '\'';
138 if (!empty($replace)) {
139 $sql_query .= ' ' . $replace;
140 }
141 $sql_query .= ' INTO TABLE ' . PMA_backquote($into_table);
142 if (isset($field_terminater)) {
143 $sql_query .= ' FIELDS TERMINATED BY \'' . $field_terminater . '\'';
144 }
145 if (isset($enclose_option) && strlen($enclose_option) > 0) {
146 $sql_query .= ' OPTIONALLY';
147 }
148 if (strlen($enclosed) > 0) {
149 $sql_query .= ' ENCLOSED BY \'' . $enclosed . '\'';
150 }
151 if (strlen($escaped) > 0) {
152 $sql_query .= ' ESCAPED BY \'' . $escaped . '\'';
153 }
154 if (strlen($line_terminator) > 0){
155 $sql_query .= ' LINES TERMINATED BY \'' . $line_terminator . '\'';
156 }
157 if (strlen($column_name) > 0) {
158 if (PMA_MYSQL_INT_VERSION >= 32306) {
159 $sql_query .= ' (';
160 $tmp = split(',( ?)', $column_name);
161 for ($i = 0; $i < count($tmp); $i++) {
162 if ($i > 0) {
163 $sql_query .= ', ';
164 }
165 $sql_query .= PMA_backquote(trim($tmp[$i]));
166 } // end for
167 $sql_query .= ')';
168 } else {
169 $sql_query .= ' (' . $column_name . ')';
170 }
171 }
172
173 // We could rename the ldi* scripts to tbl_properties_ldi* to improve
174 // consistency with the other sub-pages.
175 //
176 // The $goto in ldi_table.php3 is set to tbl_properties.php3 but maybe
177 // if would be better to Browse the latest inserted data.
178 include('./sql.php3');
179 if ($unlink_local_textfile) {
180 unlink($textfile);
181 }
182 }
183
184
185 /**
186 * The form used to define the query hasn't been yet submitted -> loads it
187 */
188 else {
189 include('./ldi_table.php3');
190 }
191 ?>
Drizzle / GSOC 2011