search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
updated czech translation
[phpmyadmin/crack.git] / tbl_select.php3
blobdb03e387690a7cb768bfb0abbd9c8f33f19ce540
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
4
5
6 /**
7 * Gets some core libraries
8 */
9 require('./libraries/grab_globals.lib.php3');
10 require('./libraries/common.lib.php3');
11 require('./libraries/relation.lib.php3'); // foreign keys
12
13
14 /**
15 * Defines arrays of functions (should possibly be in config.inc.php3
16 * so it can also be used in tbl_qbe.php3)
17 */
18 $numfunctions = array('=', '>', '>=', '<', '<=', '!=');
19 $textfunctions = array('LIKE', '=', '!=');
20
21
22 /**
23 * Not selection yet required -> displays the selection form
24 */
25 if (!isset($param) || $param[0] == '') {
26 // Gets some core libraries
27 include('./tbl_properties_common.php3');
28 //$err_url = 'tbl_select.php3' . $err_url;
29 $url_query .= '&amp;goto=tbl_select.php3&amp;back=tbl_select.php3';
30 include('./tbl_properties_table_info.php3');
31
32 if (!isset($goto)) {
33 $goto = $cfg['DefaultTabTable'];
34 }
35 // Defines the url to return to in case of error in the next sql statement
36 $err_url = $goto
37 . '?lang=' . $lang
38 . '&amp;convcharset=' . $convcharset
39 . '&amp;server=' . $server
40 . '&amp;db=' . urlencode($db)
41 . '&amp;table=' . urlencode($table);
42
43 // Gets the list and number of fields
44 $local_query = 'SHOW FIELDS FROM ' . PMA_backquote($table) . ' FROM ' . PMA_backquote($db);
45 $result = @PMA_mysql_query($local_query);
46 if (!$result) {
47 PMA_mysqlDie('', $local_query, '', $err_url);
48 }
49 else {
50 $fields_cnt = mysql_num_rows($result);
51 while ($row = PMA_mysql_fetch_array($result)) {
52 $fields_list[] = $row['Field'];
53 $type = $row['Type'];
54 // reformat mysql query output - staybyte - 9. June 2001
55 $shorttype = substr($type, 0, 3);
56 if ($shorttype == 'set' || $shorttype == 'enu') {
57 $type = eregi_replace(',', ', ', $type);
58 // Removes automatic MySQL escape format
59 $type = str_replace('\'\'', '\\\'', $type);
60 }
61 $type = eregi_replace('BINARY', '', $type);
62 $type = eregi_replace('ZEROFILL', '', $type);
63 $type = eregi_replace('UNSIGNED', '', $type);
64 if (empty($type)) {
65 $type = '&nbsp;';
66 }
67 $fields_type[] = $type;
68 } // end while
69 mysql_free_result($result);
70
71 // <markus@noga.de>
72 // retrieve keys into foreign fields, if any
73 $cfgRelation = PMA_getRelationsParam();
74 $foreigners = ($cfgRelation['relwork'] ? PMA_getForeigners($db, $table) : FALSE);
75 ?>
76 <form method="post" action="tbl_select.php3">
77 <input type="hidden" name="server" value="<?php echo $server; ?>" />
78 <input type="hidden" name="lang" value="<?php echo $lang; ?>" />
79 <input type="hidden" name="convcharset" value="<?php echo $convcharset; ?>" />
80 <input type="hidden" name="db" value="<?php echo htmlspecialchars($db); ?>" />
81 <input type="hidden" name="table" value="<?php echo htmlspecialchars($table); ?>" />
82 <input type="hidden" name="goto" value="<?php echo $goto; ?>" />
83 <input type="hidden" name="back" value="tbl_select.php3" />
84 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
85 <?php echo $strSelectFields; ?>&nbsp;:<br />
86 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
87 <select name="param[]" size="<?php echo ($fields_cnt < 10) ? $fields_cnt : 10; ?>" multiple="multiple">
88 <?php
89 echo "\n";
90 // Displays the list of the fields
91 for ($i = 0 ; $i < $fields_cnt; $i++) {
92 echo ' <option value="' . urlencode($fields_list[$i]) . '" selected="selected">' . htmlspecialchars($fields_list[$i]) . '</option>' . "\n";
93 }
94 ?>
95 </select><br />
96 <ul>
97 <li>
98 <div style="margin-bottom: 10px">
99 <?php echo $strLimitNumRows . "\n"; ?>
100 <input type="text" size="4" name="session_max_rows" value="<?php echo $cfg['MaxRows']; ?>" class="textfield" />
101 </div>
102 </li>
103 <li>
104 <?php echo $strAddSearchConditions; ?><br />
105 <input type="text" name="where" class="textfield" />&nbsp;
106 <?php echo PMA_showMySQLDocu('Reference', 'Functions') . "\n"; ?>
107 <br /><br />
108 <?php echo '<i>' . $strOr . '</i> ' . $strDoAQuery; ?><br />
109 <table border="<?php echo $cfg['Border']; ?>">
110 <tr>
111 <th><?php echo $strField; ?></th>
112 <th><?php echo $strType; ?></th>
113 <th><?php echo $strFunction; ?></th>
114 <th><?php echo $strValue; ?></th>
115 </tr>
116 <?php
117 for ($i = 0; $i < $fields_cnt; $i++) {
118 echo "\n";
119 $bgcolor = ($i % 2) ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo'];
120 ?>
121 <tr>
122 <td bgcolor="<?php echo $bgcolor; ?>"><?php echo htmlspecialchars($fields_list[$i]); ?></td>
123 <td bgcolor="<?php echo $bgcolor; ?>"><?php echo $fields_type[$i]; ?></td>
124 <td bgcolor="<?php echo $bgcolor; ?>">
125 <select name="func[]">
126 <?php
127 reset($numfunctions);
128 reset($textfunctions);
129 if (eregi('char|blob|text|set|enum', $fields_type[$i])) {
130 while (list($k, $fc) = each($textfunctions)) {
131 echo "\n" . ' '
132 . '<option value="' . htmlspecialchars($fc) . '">' . htmlspecialchars($fc) . '</option>';
133 } // end while
134 } else {
135 while (list($k, $fc) = each($numfunctions)) {
136 echo "\n" . ' '
137 . '<option value="' . htmlspecialchars($fc) . '">' . htmlspecialchars($fc) . '</option>';
138 } // end while
139 } // end if... else...
140 echo "\n";
141 ?>
142 </select>
143 </td>
144 <td bgcolor="<?php echo $bgcolor; ?>">
145 <?php
146 // <markus@noga.de>
147 $field = $fields_list[$i];
148
149 include('./libraries/get_foreign.lib.php3');
150
151 echo "\n";
152 // we got a bug report: in some cases, even if $disp is true,
153 // there are no rows, so we add a fetch_array
154 if ($foreigners && isset($foreigners[$field]) && isset($disp) && $disp && @PMA_mysql_fetch_array($disp)) {
155 echo ' <select name="fields[]">' . "\n";
156 echo ' <option value=""></option>' . "\n";
157 // go back to first row
158 mysql_data_seek($disp,0);
159 while ($relrow = @PMA_mysql_fetch_array($disp)) {
160 $key = $relrow[$foreign_field];
161 $value = (($foreign_display != FALSE) ? '-' . htmlspecialchars($relrow[$foreign_display]) : '');
162 echo ' <option value="' . urlencode($key) . '">'
163 . htmlspecialchars($key) . $value . '</option>' . "\n";
164 } // end while
165 echo ' </select>' . "\n";
166 } else {
167 echo ' <input type="text" name="fields[]" size="40" class="textfield" />' . "\n";
168 }
169 ?>
170 <input type="hidden" name="names[]" value="<?php echo urlencode($fields_list[$i]); ?>" />
171 <input type="hidden" name="types[]" value="<?php echo $fields_type[$i]; ?>" />
172 </td>
173 </tr>
174 <?php
175 } // end for
176 echo "\n";
177 ?>
178 </table><br />
179 </li>
180 <li>
181 <?php echo $strDisplayOrder; ?><br />
182 <select name="orderField" style="vertical-align: middle">
183 <option value="--nil--"></option>
184 <?php
185 echo "\n";
186 for ($i = 0; $i < $fields_cnt; $i++) {
187 echo ' ';
188 echo '<option value="' . urlencode($fields_list[$i]) . '">' . htmlspecialchars($fields_list[$i]) . '</option>' . "\n";
189 } // end for
190 ?>
191 </select>
192 <input type="radio" name="order" value="ASC" checked="checked" />
193 <?php echo $strAscending; ?>&nbsp;
194 <input type="radio" name="order" value="DESC" />
195 <?php echo $strDescending; ?><br /><br />
196 </li>
197 </ul>
198
199 &nbsp;&nbsp;&nbsp;&nbsp;
200 <input type="submit" name="submit" value="<?php echo $strGo; ?>" />
201 </form>
202 <?php
203 } // end if
204 echo "\n";
205 include('./footer.inc.php3');
206 }
207
208
209 /**
210 * Selection criteria have been submitted -> do the work
211 */
212 else {
213 // Builds the query
214 $sql_query = 'SELECT ' . PMA_backquote(urldecode($param[0]));
215 $i = 0;
216 $c = count($param);
217 while ($i < $c) {
218 if ($i > 0) {
219 $sql_query .= ',' . PMA_backquote(urldecode($param[$i]));
220 }
221 $i++;
222 }
223 $sql_query .= ' FROM ' . PMA_backquote($table);
224 // The where clause
225 if ($where != '') {
226 $sql_query .= ' WHERE ' . ((get_magic_quotes_gpc()) ? stripslashes($where) : $where);
227 }
228 else {
229 $sql_query .= ' WHERE 1';
230 for ($i = 0; $i < count($fields); $i++) {
231 if (!empty($fields) && $fields[$i] != '') {
232 if (eregi('char|blob|text|set|enum|date|time|year', $types[$i])) {
233 $quot = '\'';
234 } else {
235 $quot = '';
236 }
237 if (strtoupper($fields[$i]) == 'NULL' || strtoupper($fields[$i]) == 'NOT NULL') {
238 $quot = '';
239 $func[$i] = 'IS';
240 }
241 $sql_query .= ' AND ' . PMA_backquote(urldecode($names[$i])) . " $func[$i] $quot$fields[$i]$quot";
242 } // end if
243 } // end for
244 } // end if
245
246 if ($orderField != '--nil--') {
247 $sql_query .= ' ORDER BY ' . PMA_backquote(urldecode($orderField)) . ' ' . $order;
248 } // end if
249
250 // The query will be stripslashed in sql.php3 if "magic_quotes_gpc" is on
251 if (get_magic_quotes_gpc()) {
252 $sql_query = addslashes($sql_query);
253 }
254 include('./sql.php3');
255
256 }
257
258 ?>
Drizzle / GSOC 2011