search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
from Loic
[phpmyadmin/crack.git] / tbl_replace.php3
blob3af4fdb993fb2ea5559e0a6daa0766b223420517
1 <?php
2 /* $Id$ */
3
4
5 /**
6 * Gets some core libraries
7 */
8 require('./libraries/grab_globals.lib.php3');
9 require('./libraries/common.lib.php3');
10
11
12 /**
13 * Initializes some variables
14 */
15 // Defines the url to return in case of success of the query
16 if (isset($sql_query)) {
17 $sql_query = urldecode($sql_query);
18 }
19 $is_gotofile = FALSE;
20 if (isset($after_insert) && $after_insert == 'new_insert') {
21 $goto = 'tbl_change.php3'
22 . '?lang=' . $lang
23 . '&convcharset=' . $convcharset
24 . '&server=' . $server
25 . '&db=' . urlencode($db)
26 . '&table=' . urlencode($table)
27 . '&goto=' . urlencode($goto)
28 . '&pos=' . $pos
29 . '&session_max_rows=' . $session_max_rows
30 . '&disp_direction=' . $disp_direction
31 . '&repeat_cells=' . $repeat_cells
32 . (empty($sql_query) ? '' : '&sql_query=' . urlencode($sql_query));
33 } else if ($goto == 'sql.php3') {
34 $goto = 'sql.php3?'
35 . 'lang=' . $lang
36 . '&convcharset=' . $convcharset
37 . '&server=' . $server
38 . '&db=' . urlencode($db)
39 . '&table=' . urlencode($table)
40 . '&pos=' . $pos
41 . '&session_max_rows=' . $session_max_rows
42 . '&disp_direction=' . $disp_direction
43 . '&repeat_cells=' . $repeat_cells
44 . '&sql_query=' . urlencode($sql_query);
45 } else if (!empty($goto)) {
46 // Security checkings
47 $is_gotofile = ereg_replace('^([^?]+).*$', '\\1', $goto);
48 if (!@file_exists('./' . $is_gotofile)) {
49 $goto = (empty($table)) ? 'db_details.php3' : 'tbl_properties.php3';
50 $is_gotofile = TRUE;
51 } else {
52 $is_gotofile = ($is_gotofile == $goto);
53 }
54 }
55
56 // Defines the url to return in case of failure of the query
57 if (isset($err_url)) {
58 $err_url = urldecode($err_url);
59 } else {
60 $err_url = str_replace('&', '&amp;', $goto)
61 . (empty($primary_key) ? '' : '&amp;primary_key=' . $primary_key);
62 }
63
64 // Resets tables defined in the configuration file
65 reset($fields);
66 if (isset($funcs)) {
67 reset($funcs);
68 }
69
70 // Misc
71 if (get_magic_quotes_gpc()) {
72 $submit_type = stripslashes($submit_type);
73 }
74
75
76 /**
77 * Prepares the update of a row
78 */
79 if (isset($primary_key) && ($submit_type != $strInsertAsNewRow)) {
80 // Restore the "primary key" to a convenient format
81 $primary_key = urldecode($primary_key);
82
83 // Defines the SET part of the sql query
84 $valuelist = '';
85 while (list($key, $val) = each($fields)) {
86 $encoded_key = $key;
87 $key = urldecode($key);
88
89 switch (strtolower($val)) {
90 case 'null':
91 break;
92 case '$enum$':
93 // if we have an enum, then construct the value
94 $f = 'field_' . md5($key);
95 if (!empty($$f)) {
96 $val = implode(',', $$f);
97 if ($val == 'null') {
98 // void
99 } else {
100 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
101 }
102 } else {
103 $val = "''";
104 }
105 break;
106 case '$set$':
107 // if we have a set, then construct the value
108 $f = 'field_' . md5($key);
109 if (!empty($$f)) {
110 $val = implode(',', $$f);
111 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
112 } else {
113 $val = "''";
114 }
115 break;
116 default:
117 if (get_magic_quotes_gpc()) {
118 $val = "'" . str_replace('\\"', '"', $val) . "'";
119 } else {
120 $val = "'" . PMA_sqlAddslashes($val) . "'";
121 }
122 break;
123 } // end switch
124
125 // Was the Null checkbox checked for this field?
126 if (isset($fields_null) && isset($fields_null[$encoded_key])) {
127 $val = 'NULL';
128 }
129
130 // No change for this column and no MySQL function is used -> next column
131 if (empty($funcs[$encoded_key])
132 && isset($fields_prev) && isset($fields_prev[$encoded_key])
133 && ("'" . PMA_sqlAddslashes(urldecode($fields_prev[$encoded_key])) . "'" == $val)) {
134 continue;
135 }
136 else if (!empty($val)) {
137 if (empty($funcs[$encoded_key])) {
138 $valuelist .= PMA_backquote($key) . ' = ' . $val . ', ';
139 } else if ($val == '\'\''
140 && (ereg('^(NOW|CURDATE|CURTIME|UNIX_TIMESTAMP|RAND|USER|LAST_INSERT_ID)$', $funcs[$encoded_key]))) {
141 $valuelist .= PMA_backquote($key) . ' = ' . $funcs[$encoded_key] . '(), ';
142 } else {
143 $valuelist .= PMA_backquote($key) . ' = ' . $funcs[$encoded_key] . "($val), ";
144 }
145 }
146 } // end while
147
148 // Builds the sql upate query
149 $valuelist = ereg_replace(', $', '', $valuelist);
150 if (!empty($valuelist)) {
151 $query = 'UPDATE ' . PMA_backquote($table) . ' SET ' . $valuelist . ' WHERE' . $primary_key
152 . ((PMA_MYSQL_INT_VERSION >= 32300) ? ' LIMIT 1' : '');
153 $message = $strAffectedRows . '&nbsp;';
154 }
155 // No change -> move back to the calling script
156 else {
157 $message = $strNoModification;
158 if ($is_gotofile) {
159 $js_to_run = 'functions.js';
160 include('./header.inc.php3');
161 include('./' . ereg_replace('\.\.*', '.', $goto));
162 } else {
163 header('Location: ' . $cfg['PmaAbsoluteUri'] . $goto . '&message=' . urlencode($message));
164 }
165 exit();
166 }
167 } // end row update
168
169
170 /**
171 * Prepares the insert of a row
172 */
173 else {
174 $fieldlist = '';
175 $valuelist = '';
176 while (list($key, $val) = each($fields)) {
177 $encoded_key = $key;
178 $key = urldecode($key);
179 $fieldlist .= PMA_backquote($key) . ', ';
180
181 switch (strtolower($val)) {
182 case 'null':
183 break;
184 case '$enum$':
185 // if we have a set, then construct the value
186 $f = 'field_' . md5($key);
187 if (!empty($$f)) {
188 $val = implode(',', $$f);
189 if ($val == 'null') {
190 // void
191 } else {
192 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
193 }
194 } else {
195 $val = "''";
196 }
197 break;
198 case '$set$':
199 // if we have a set, then construct the value
200 $f = 'field_' . md5($key);
201 if (!empty($$f)) {
202 $val = implode(',', $$f);
203 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
204 } else {
205 $val = "''";
206 }
207 break;
208 default:
209 if (get_magic_quotes_gpc()) {
210 $val = "'" . str_replace('\\"', '"', $val) . "'";
211 } else {
212 $val = "'" . PMA_sqlAddslashes($val) . "'";
213 }
214 break;
215 } // end switch
216
217 // Was the Null checkbox checked for this field?
218 if (isset($fields_null) && isset($fields_null[$encoded_key])) {
219 $val = 'NULL';
220 }
221
222 if (empty($funcs[$encoded_key])) {
223 $valuelist .= $val . ', ';
224 } else if (($val == '\'\''
225 && ereg('^(UNIX_TIMESTAMP|RAND|LAST_INSERT_ID)$', $funcs[$encoded_key]))
226 || ereg('^(NOW|CURDATE|CURTIME|USER)$', $funcs[$encoded_key])) {
227 $valuelist .= $funcs[$encoded_key] . '(), ';
228 } else {
229 $valuelist .= $funcs[$encoded_key] . '(' . $val . '), ';
230 }
231 } // end while
232
233 // Builds the sql insert query
234 $fieldlist = ereg_replace(', $', '', $fieldlist);
235 $valuelist = ereg_replace(', $', '', $valuelist);
236 $query = 'INSERT INTO ' . PMA_backquote($table) . ' (' . $fieldlist . ') VALUES (' . $valuelist . ')';
237 $message = $strInsertedRows . '&nbsp;';
238 } // end row insertion
239
240
241 /**
242 * Executes the sql query and get the result, then move back to the calling
243 * page
244 */
245 PMA_mysql_select_db($db);
246 $sql_query = $query . ';';
247 $result = PMA_mysql_query($query);
248
249 if (!$result) {
250 $error = PMA_mysql_error();
251 include('./header.inc.php3');
252 PMA_mysqlDie($error, '', '', $err_url);
253 } else {
254 if (@mysql_affected_rows()) {
255 $message .= @mysql_affected_rows();
256 } else {
257 $message = $strModifications;
258 }
259 if ($is_gotofile) {
260 if ($goto == 'db_details.php3' && !empty($table)) {
261 unset($table);
262 }
263 $js_to_run = 'functions.js';
264 include('./header.inc.php3');
265 include('./' . ereg_replace('\.\.*', '.', $goto));
266 } else {
267 $add_query = (strpos(' ' . $goto, 'tbl_change') ? '&disp_query=' . urlencode($sql_query) : '');
268 header('Location: ' . $cfg['PmaAbsoluteUri'] . $goto . '&message=' . urlencode($message) . $add_query);
269 }
270 exit();
271 } // end if
272 ?>
Drizzle / GSOC 2011