search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bug 619097
[phpmyadmin/crack.git] / tbl_relation.php3
blob73e895a7664601a1a4df08660535cb4c055accf5
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
4
5
6 /**
7 * Gets some core libraries
8 */
9 require('./libraries/grab_globals.lib.php3');
10 require('./libraries/common.lib.php3');
11 require('./tbl_properties_common.php3');
12 $url_query .= '&amp;goto=tbl_properties.php3';
13 require('./tbl_properties_table_info.php3');
14 require('./libraries/relation.lib.php3');
15
16
17 /**
18 * Gets the relation settings
19 */
20 $cfgRelation = PMA_getRelationsParam();
21
22
23 /**
24 * Adds/removes slashes if required
25 *
26 * @param string the string to slash
27 *
28 * @return string the slashed string
29 *
30 * @access public
31 */
32 function PMA_handleSlashes($val) {
33 return (get_magic_quotes_gpc() ? str_replace('\\"', '"', $val) : PMA_sqlAddslashes($val));
34 } // end of the "PMA_handleSlashes()" function
35
36
37 /**
38 * Updates
39 */
40
41 if ($cfgRelation['relwork']) {
42 $existrel = PMA_getForeigners($db, $table);
43 }
44 if ($cfgRelation['displaywork']) {
45 $disp = PMA_getDisplayField($db, $table);
46 }
47 if ($cfgRelation['relwork']
48 && isset($submit_rel) && $submit_rel == 'true') {
49
50 while (list($key, $value) = each($destination)) {
51 if ($value != 'nix') {
52 $for = explode('.', $value);
53 if (!isset($existrel[$key])) {
54 $upd_query = 'INSERT INTO ' . PMA_backquote($cfgRelation['relation'])
55 . '(master_db, master_table, master_field, foreign_db, foreign_table, foreign_field)'
56 . ' values('
57 . '\'' . PMA_sqlAddslashes($db) . '\', '
58 . '\'' . PMA_sqlAddslashes($table) . '\', '
59 . '\'' . PMA_handleSlashes($key) . '\', '
60 . '\'' . PMA_handleSlashes($for[0]) . '\', '
61 . '\'' . PMA_handleSlashes($for[1]) . '\','
62 . '\'' . PMA_handleSlashes($for[2]) . '\')';
63 } else if ($existrel[$key] != $value) {
64 $upd_query = 'UPDATE ' . PMA_backquote($cfgRelation['relation']) . ' SET'
65 . ' foreign_db = \'' . PMA_handleSlashes($for[0]) . '\', '
66 . ' foreign_table = \'' . PMA_handleSlashes($for[1]) . '\', '
67 . ' foreign_field = \'' . PMA_handleSlashes($for[2]) . '\' '
68 . ' WHERE master_db = \'' . PMA_sqlAddslashes($db) . '\''
69 . ' AND master_table = \'' . PMA_sqlAddslashes($table) . '\''
70 . ' AND master_field = \'' . PMA_handleSlashes($key) . '\'';
71 } // end if... else....
72 } else if (isset($existrel[$key])) {
73 $upd_query = 'DELETE FROM ' . PMA_backquote($cfgRelation['relation'])
74 . ' WHERE master_db = \'' . PMA_sqlAddslashes($db) . '\''
75 . ' AND master_table = \'' . PMA_sqlAddslashes($table) . '\''
76 . ' AND master_field = \'' . PMA_handleSlashes($key) . '\'';
77 } // end if... else....
78 if (isset($upd_query)) {
79 $upd_rs = PMA_query_as_cu($upd_query);
80 unset($upd_query);
81 }
82 } // end while
83 } // end if
84
85 if ($cfgRelation['displaywork']
86 && isset($submit_show) && $submit_show == 'true') {
87
88 if ($disp) {
89 $upd_query = 'UPDATE ' . PMA_backquote($cfgRelation['table_info'])
90 . ' SET display_field = \'' . PMA_handleSlashes($display_field) . '\''
91 . ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
92 . ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\'';
93 } else {
94 $upd_query = 'INSERT INTO ' . PMA_backquote($cfgRelation['table_info'])
95 . '(db_name, table_name, display_field) '
96 . ' VALUES('
97 . '\'' . PMA_sqlAddslashes($db) . '\','
98 . '\'' . PMA_sqlAddslashes($table) . '\','
99 . '\'' . PMA_handleSlashes($display_field) . '\')';
100 }
101 if (isset($upd_query)) {
102 $upd_rs = PMA_query_as_cu($upd_query);
103 }
104 } // end if
105
106 if ($cfgRelation['commwork']
107 && isset($submit_comm) && $submit_comm == 'true') {
108 while (list($key, $value) = each($comment)) {
109 $test_qry = 'SELECT comment FROM ' . PMA_backquote($cfgRelation['column_comments'])
110 . ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
111 . ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\''
112 . ' AND column_name = \'' . PMA_handleSlashes($key) . '\'';
113 $test_rs = PMA_query_as_cu($test_qry);
114 if ($test_rs && mysql_num_rows($test_rs) > 0) {
115 if (strlen($value) > 0) {
116 $upd_query = 'UPDATE ' . PMA_backquote($cfgRelation['column_comments'])
117 . ' SET comment = \'' . PMA_handleSlashes($value) . '\''
118 . ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
119 . ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\''
120 . ' AND column_name = \'' . PMA_handleSlashes($key) . '\'';
121 } else {
122 $upd_query = 'DELETE FROM ' . PMA_backquote($cfgRelation['column_comments'])
123 . ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
124 . ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\''
125 . ' AND column_name = \'' . PMA_handleSlashes($key) . '\'';
126 }
127 } else if (strlen($value) > 0) {
128 $upd_query = 'INSERT INTO ' . PMA_backquote($cfgRelation['column_comments'])
129 . ' (db_name, table_name, column_name, comment) '
130 . ' VALUES('
131 . '\'' . PMA_sqlAddslashes($db) . '\','
132 . '\'' . PMA_sqlAddslashes($table) . '\','
133 . '\'' . PMA_handleSlashes($key) . '\','
134 . '\'' . PMA_handleSlashes($value) . '\')';
135 }
136 if (isset($upd_query)){
137 $upd_rs = PMA_query_as_cu($upd_query);
138 }
139 } // end while (transferred data)
140 } // end if (commwork)
141
142 // Now that we might have changed we have to see again
143 if ($cfgRelation['relwork']) {
144 $existrel = PMA_getForeigners($db, $table);
145 }
146 if ($cfgRelation['displaywork']) {
147 $disp = PMA_getDisplayField($db, $table);
148 }
149 if ($cfgRelation['commwork']) {
150 $comments = PMA_getComments($db, $table);
151 }
152
153
154 /**
155 * Dialog
156 */
157 if ($cfgRelation['relwork']) {
158
159 // To choose relations we first need all tables names in current db
160 $tab_query = 'SHOW TABLES FROM ' . PMA_backquote($db);
161 $tab_rs = PMA_mysql_query($tab_query) or PMA_mysqlDie('', $tab_query, '', $err_url_0);
162 $selectboxall['nix'] = '--';
163 while ($curr_table = @PMA_mysql_fetch_array($tab_rs)) {
164 if (($curr_table[0] != $table) && ($curr_table[0] != $cfg['Server']['relation'])) {
165 $fi_query = 'SHOW KEYS FROM ' . PMA_backquote($curr_table[0]);
166 $fi_rs = PMA_mysql_query($fi_query) or PMA_mysqlDie('', $fi_query, '', $err_url_0);
167 if ($fi_rs && mysql_num_rows($fi_rs) > 0) {
168 while ($curr_field = PMA_mysql_fetch_array($fi_rs)) {
169 if (isset($curr_field['Key_name']) && $curr_field['Key_name'] == 'PRIMARY') {
170 $field_full = $db . '.' .$curr_field['Table'] . '.' . $curr_field['Column_name'];
171 $field_v = $curr_field['Table'] . '->' . $curr_field['Column_name'];
172 break;
173 } else if (isset($curr_field['Non_unique']) && $curr_field['Non_unique'] == 0) {
174 // if we can't find a primary key we take any unique one
175 $field_full = $db . '.' . $curr_field['Table'] . '.' . $curr_field['Column_name'];
176 $field_v = $curr_field['Table'] . '->' . $curr_field['Column_name'];
177 } // end if
178 } // end while over keys
179 if (isset($field_full) && isset($field_v)) {
180 $selectboxall[$field_full] = $field_v;
181 }
182 } // end if (mysql_num_rows)
183 // Mike Beck - 24.07.02: i've been asked to add all keys of the
184 // current table (see bug report #574851)
185 }
186 else if ($curr_table[0] == $table) {
187 $fi_query = 'SHOW KEYS FROM ' . PMA_backquote($curr_table[0]);
188 $fi_rs = PMA_mysql_query($fi_query) or PMA_mysqlDie('', $fi_query, '', $err_url_0);
189 if ($fi_rs && mysql_num_rows($fi_rs) > 0) {
190 while ($curr_field = PMA_mysql_fetch_array($fi_rs)) {
191 $field_full = $db . '.' . $curr_field['Table'] . '.' . $curr_field['Column_name'];
192 $field_v = $curr_field['Table'] . '->' . $curr_field['Column_name'];
193 if (isset($field_full) && isset($field_v)) {
194 $selectboxall[$field_full] = $field_v;
195 }
196 } // end while
197 } // end if (mysql_num_rows)
198 }
199 } // end while over tables
200
201 // Create array of relations (Mike Beck)
202 $rel_dest = PMA_getForeigners($db, $table);
203 } // end if
204
205 // Now find out the columns of our $table
206 $col_query = 'SHOW COLUMNS FROM ' . PMA_backquote($table);
207 $col_rs = PMA_mysql_query($col_query) or PMA_mysqlDie('', $col_query, '', $err_url_0);
208
209 if ($col_rs && mysql_num_rows($col_rs) > 0) {
210 while ($row = PMA_mysql_fetch_array($col_rs)) {
211 $save_row[] = $row;
212 }
213 $saved_row_cnt = count($save_row);
214
215 ?>
216 <form method="post" action="tbl_relation.php3">
217 <input type="hidden" name="lang" value="<?php echo $lang; ?>" />
218 <input type="hidden" name="server" value="<?php echo $server; ?>" />
219 <input type="hidden" name="db" value="<?php echo htmlspecialchars($db); ?>" />
220 <input type="hidden" name="table" value="<?php echo htmlspecialchars($table); ?>" />
221 <input type="hidden" name="submit_rel" value="true" />
222
223 <table>
224 <tr>
225 <th colspan="2" align="center"><b><?php echo $strLinksTo; ?></b></th>
226 </tr>
227 <?php
228 for ($i = 0; $i < $saved_row_cnt; $i++) {
229 echo "\n";
230 ?>
231 <tr>
232 <th><?php echo $save_row[$i]['Field']; ?></th>
233 <td>
234 <input type="hidden" name="src_field" value="<?php echo $save_row[$i]['Field']; ?>" />
235 <select name="destination[<?php echo htmlspecialchars($save_row[$i]['Field']); ?>]">
236 <?php
237 echo "\n";
238 reset($selectboxall);
239 while (list($key, $value) = each($selectboxall)) {
240 $myfield = $save_row[$i]['Field'];
241 if (isset($existrel[$myfield])) {
242 $test = $existrel[$myfield]['foreign_db'] . '.'
243 . $existrel[$myfield]['foreign_table'] . '.'
244 . $existrel[$myfield]['foreign_field'];
245 } else {
246 $test = FALSE;
247 }
248 echo ' '
249 . '<option value="' . htmlspecialchars($key) . '"';
250 if ($test && $key == $test) {
251 echo ' selected="selected"';
252 }
253 echo '>' . $value . '</option>'. "\n";
254 } // end while
255 ?>
256 </select>
257 </td>
258 </tr>
259 <?php
260 } // end for
261
262 echo "\n";
263 ?>
264 <tr>
265 <td colspan="2" align="center">
266 <input type="submit" value="<?php echo $strGo; ?>" />
267 </td>
268 </tr>
269 </table>
270 </form>
271
272 <?php
273 if ($cfgRelation['displaywork']) {
274 // Get "display_filed" infos
275 $disp = PMA_getDisplayField($db, $table);
276
277 echo "\n";
278 ?>
279 <form method="post" action="tbl_relation.php3">
280 <input type="hidden" name="lang" value="<?php echo $lang; ?>" />
281 <input type="hidden" name="server" value="<?php echo $server; ?>" />
282 <input type="hidden" name="db" value="<?php echo htmlspecialchars($db); ?>" />
283 <input type="hidden" name="table" value="<?php echo htmlspecialchars($table); ?>" />
284 <input type="hidden" name="submit_show" value="true" />
285
286 <p><?php echo $strChangeDisplay; ?></p>
287 <select name="display_field" onchange="this.form.submit();">
288 <?php
289 echo "\n";
290 mysql_data_seek($col_rs, 0);
291 while ($row = @PMA_mysql_fetch_array($col_rs)) {
292 echo ' <option value="' . htmlspecialchars($row['Field']) . '"';
293 if (isset($disp) && $row['Field'] == $disp) {
294 echo ' selected="selected"';
295 }
296 echo '>' . htmlspecialchars($row['Field']) . '</option>'. "\n";
297 } // end while
298 ?>
299 </select>
300 <script type="text/javascript" language="javascript">
301 <!--
302 // Fake js to allow the use of the <noscript> tag
303 //-->
304 </script>
305 <noscript>
306 <input type="submit" value="<?php echo $strGo; ?>" />
307 </noscript>
308 </form>
309 <?php
310 } // end if (displayworks)
311
312 if ($cfgRelation['commwork']) {
313
314 echo "\n";
315 ?>
316 <form method="post" action="tbl_relation.php3">
317 <input type="hidden" name="lang" value="<?php echo $lang; ?>" />
318 <input type="hidden" name="server" value="<?php echo $server; ?>" />
319 <input type="hidden" name="db" value="<?php echo htmlspecialchars($db); ?>" />
320 <input type="hidden" name="table" value="<?php echo htmlspecialchars($table); ?>" />
321 <input type="hidden" name="submit_comm" value="true" />
322
323 <table>
324 <tr>
325 <th colspan="2" align="center"><b><?php echo $strComments; ?></b></th>
326 </tr>
327 <?php
328 for ($i = 0; $i < $saved_row_cnt; $i++) {
329 $field = $save_row[$i]['Field'];
330 echo "\n";
331 ?>
332 <tr>
333 <th><?php echo $field; ?></th>
334 <td>
335 <input type="text" name="comment[<?php echo $field; ?>]" value="<?php echo (isset($comments[$field]) ? htmlspecialchars($comments[$field]) : ''); ?>" />
336 </td>
337 </tr>
338 <?php
339 } // end for
340
341 echo "\n";
342 ?>
343 <tr>
344 <td colspan="2" align="center">
345 <input type="submit" value="<?php echo $strGo; ?>" />
346 </td>
347 </tr>
348 </table>
349 </form>
350 <?php
351 } // end if (comments work)
352 } // end if (we have columns in this table)
353
354
355 /**
356 * Displays the footer
357 */
358 echo "\n";
359 require('./footer.inc.php3');
360 ?>
Drizzle / GSOC 2011