search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove the content when AJAX dialog closes
[phpmyadmin/crack.git] / libraries / sql_query_form.lib.php
blobe38cac2093bb788221d0558ed1c65de63e7e5380
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * functions for displaying the sql query form
5 *
6 * @usedby server_sql.php
7 * @usedby db_sql.php
8 * @usedby tbl_sql.php
9 * @usedby tbl_structure.php
10 * @usedby tbl_tracking.php
11 * @usedby querywindow.php
12 * @package phpMyAdmin
13 */
14 if (! defined('PHPMYADMIN')) {
15 exit;
16 }
17
18 /**
19 *
20 */
21 require_once './libraries/file_listing.php'; // used for file listing
22 require_once './libraries/bookmark.lib.php'; // used for file listing
23
24 /**
25 * prints the sql query boxes
26 *
27 * @usedby server_sql.php
28 * @usedby db_sql.php
29 * @usedby tbl_sql.php
30 * @usedby tbl_structure.php
31 * @usedby tbl_tracking.php
32 * @usedby querywindow.php
33 * @param boolean|string $query query to display in the textarea
34 * or true to display last executed
35 * @param boolean|string $display_tab sql|files|history|full|false
36 * what part to display
37 * false if not inside querywindow
38 * @param string $delimiter
39 */
40 function PMA_sqlQueryForm($query = true, $display_tab = false, $delimiter = ';')
41 {
42 // check tab to display if inside querywindow
43 if (! $display_tab) {
44 $display_tab = 'full';
45 $is_querywindow = false;
46 } else {
47 $is_querywindow = true;
48 }
49
50 // query to show
51 if (true === $query) {
52 $query = $GLOBALS['sql_query'];
53 }
54
55 // set enctype to multipart for file uploads
56 if ($GLOBALS['is_upload']) {
57 $enctype = ' enctype="multipart/form-data"';
58 } else {
59 $enctype = '';
60 }
61
62 $table = '';
63 $db = '';
64 if (! strlen($GLOBALS['db'])) {
65 // prepare for server related
66 $goto = empty($GLOBALS['goto']) ?
67 'server_sql.php' : $GLOBALS['goto'];
68 } elseif (! strlen($GLOBALS['table'])) {
69 // prepare for db related
70 $db = $GLOBALS['db'];
71 $goto = empty($GLOBALS['goto']) ?
72 'db_sql.php' : $GLOBALS['goto'];
73 } else {
74 $table = $GLOBALS['table'];
75 $db = $GLOBALS['db'];
76 $goto = empty($GLOBALS['goto']) ?
77 'tbl_sql.php' : $GLOBALS['goto'];
78 }
79
80
81 // start output
82 if ($is_querywindow) {
83 ?>
84 <form method="post" id="sqlqueryform" target="frame_content"
85 action="import.php"<?php echo $enctype; ?> name="sqlform"
86 onsubmit="var save_name = window.opener.parent.frame_content.name;
87 window.opener.parent.frame_content.name = save_name + '<?php echo time(); ?>';
88 this.target = window.opener.parent.frame_content.name;
89 return checkSqlQuery(this)">
90 <?php
91 } else {
92 echo '<form method="post" action="import.php" ' . $enctype;
93 if ($GLOBALS['cfg']['AjaxEnable']) {
94 echo ' class="ajax"';
95 }
96 echo ' id="sqlqueryform" name="sqlform">' . "\n";
97 }
98
99 if ($is_querywindow) {
100 echo '<input type="hidden" name="focus_querywindow" value="true" />'
101 ."\n";
102 if ($display_tab != 'sql' && $display_tab != 'full') {
103 echo '<input type="hidden" name="sql_query" value="" />' . "\n";
104 echo '<input type="hidden" name="show_query" value="1" />' . "\n";
105 }
106 }
107 echo '<input type="hidden" name="is_js_confirmed" value="0" />' . "\n"
108 .PMA_generate_common_hidden_inputs($db, $table) . "\n"
109 .'<input type="hidden" name="pos" value="0" />' . "\n"
110 .'<input type="hidden" name="goto" value="'
111 .htmlspecialchars($goto) . '" />' . "\n"
112 .'<input type="hidden" name="message_to_show" value="'
113 . htmlspecialchars(__('Your SQL query has been executed successfully')) . '" />' . "\n"
114 .'<input type="hidden" name="prev_sql_query" value="'
115 . htmlspecialchars($query) . '" />' . "\n";
116
117 // display querybox
118 if ($display_tab === 'full' || $display_tab === 'sql') {
119 PMA_sqlQueryFormInsert($query, $is_querywindow, $delimiter);
120 }
121
122 // display uploads
123 if ($display_tab === 'files' && $GLOBALS['is_upload']) {
124 PMA_sqlQueryFormUpload();
125 }
126
127 // Bookmark Support
128 if ($display_tab === 'full' || $display_tab === 'history') {
129 if (! empty($GLOBALS['cfg']['Bookmark'])) {
130 PMA_sqlQueryFormBookmark();
131 }
132 }
133
134 // Encoding setting form appended by Y.Kawada
135 if (function_exists('PMA_set_enc_form')) {
136 echo PMA_set_enc_form(' ');
137 }
138
139 echo '</form>' . "\n";
140 if ($is_querywindow) {
141 ?>
142 <script type="text/javascript">
143 //<![CDATA[
144 if (window.opener) {
145 window.opener.parent.insertQuery();
146 }
147 //]]>
148 </script>
149 <?php
150 }
151
152 // print an empty div, which will be later filled with the sql query results by ajax
153 echo '<div id="sqlqueryresults"></div>';
154 }
155
156 /**
157 * prints querybox fieldset
158 *
159 * @usedby PMA_sqlQueryForm()
160 * @param string $query query to display in the textarea
161 * @param boolean $is_querywindow if inside querywindow or not
162 * @param string $delimiter default delimiter to use
163 */
164 function PMA_sqlQueryFormInsert($query = '', $is_querywindow = false, $delimiter = ';')
165 {
166
167 // enable auto select text in textarea
168 if ($GLOBALS['cfg']['TextareaAutoSelect']) {
169 $auto_sel = ' onfocus="selectContent(this, sql_box_locked, true)"';
170 } else {
171 $auto_sel = '';
172 }
173
174 // enable locking if inside query window
175 if ($is_querywindow) {
176 $locking = ' onkeypress="document.sqlform.elements[\'LockFromUpdate\'].'
177 .'checked = true;"';
178 $height = $GLOBALS['cfg']['TextareaRows'] * 1.25;
179 } else {
180 $locking = '';
181 $height = $GLOBALS['cfg']['TextareaRows'] * 2;
182 }
183
184 $table = '';
185 $db = '';
186 $fields_list = array();
187 if (! strlen($GLOBALS['db'])) {
188 // prepare for server related
189 $legend = sprintf(__('Run SQL query/queries on server %s'),
190 '&quot;' . htmlspecialchars(
191 ! empty($GLOBALS['cfg']['Servers'][$GLOBALS['server']]['verbose']) ? $GLOBALS['cfg']['Servers'][$GLOBALS['server']]['verbose'] : $GLOBALS['cfg']['Servers'][$GLOBALS['server']]['host']) . '&quot;');
192 } elseif (! strlen($GLOBALS['table'])) {
193 // prepare for db related
194 $db = $GLOBALS['db'];
195 // if you want navigation:
196 $tmp_db_link = '<a href="' . $GLOBALS['cfg']['DefaultTabDatabase']
197 . '?' . PMA_generate_common_url($db) . '"';
198 if ($is_querywindow) {
199 $tmp_db_link .= ' target="_self"'
200 . ' onclick="this.target=window.opener.frame_content.name"';
201 }
202 $tmp_db_link .= '>'
203 . htmlspecialchars($db) . '</a>';
204 // else use
205 // $tmp_db_link = htmlspecialchars($db);
206 $legend = sprintf(__('Run SQL query/queries on database %s'), $tmp_db_link);
207 if (empty($query)) {
208 $query = PMA_expandUserString($GLOBALS['cfg']['DefaultQueryDatabase'], 'PMA_backquote');
209 }
210 } else {
211 $table = $GLOBALS['table'];
212 $db = $GLOBALS['db'];
213 // Get the list and number of fields
214 // we do a try_query here, because we could be in the query window,
215 // trying to synchonize and the table has not yet been created
216 $fields_list = PMA_DBI_fetch_result(
217 'SHOW FULL COLUMNS FROM ' . PMA_backquote($db)
218 . '.' . PMA_backquote($GLOBALS['table']));
219
220 $tmp_db_link = '<a href="' . $GLOBALS['cfg']['DefaultTabDatabase']
221 . '?' . PMA_generate_common_url($db) . '"';
222 if ($is_querywindow) {
223 $tmp_db_link .= ' target="_self"'
224 . ' onclick="this.target=window.opener.frame_content.name"';
225 }
226 $tmp_db_link .= '>'
227 . htmlspecialchars($db) . '</a>';
228 // else use
229 // $tmp_db_link = htmlspecialchars($db);
230 $legend = sprintf(__('Run SQL query/queries on database %s'), $tmp_db_link);
231 if (empty($query)) {
232 $query = PMA_expandUserString($GLOBALS['cfg']['DefaultQueryTable'], 'PMA_backquote');
233 }
234 }
235 $legend .= ': ' . PMA_showMySQLDocu('SQL-Syntax', 'SELECT');
236
237 if (count($fields_list)) {
238 $sqlquerycontainer_id = 'sqlquerycontainer';
239 } else {
240 $sqlquerycontainer_id = 'sqlquerycontainerfull';
241 }
242
243 echo '<a name="querybox"></a>' . "\n"
244 .'<div id="queryboxcontainer">' . "\n"
245 .'<fieldset id="querybox">' . "\n";
246 echo '<legend>' . $legend . '</legend>' . "\n";
247 echo '<div id="queryfieldscontainer">' . "\n";
248 echo '<div id="' . $sqlquerycontainer_id . '">' . "\n"
249 .'<textarea tabindex="100" name="sql_query" id="sqlquery"'
250 .' cols="' . $GLOBALS['cfg']['TextareaCols'] . '"'
251 .' rows="' . $height . '"'
252 .' dir="' . $GLOBALS['text_dir'] . '"'
253 .$auto_sel . $locking . '>' . htmlspecialchars($query) . '</textarea>' . "\n";
254 // Add buttons to generate query easily for select all,single select,insert,update and delete
255 if (count($fields_list)) {
256 echo '<input type="button" value="SELECT *" id="selectall" class="sqlbutton" />';
257 echo '<input type="button" value="SELECT" id="select" class="sqlbutton" />';
258 echo '<input type="button" value="INSERT" id="insert" class="sqlbutton" />';
259 echo '<input type="button" value="UPDATE" id="update" class="sqlbutton" />';
260 echo '<input type="button" value="DELETE" id="delete" class="sqlbutton" />';
261 }
262 echo '<input type="button" value="' . __('Clear') . '" id="clear" class="sqlbutton" />';
263 echo '</div>' . "\n";
264
265 if (count($fields_list)) {
266 echo '<div id="tablefieldscontainer">' . "\n"
267 .'<label>' . __('Columns') . '</label>' . "\n"
268 .'<select id="tablefields" name="dummy" '
269 .'size="' . ($GLOBALS['cfg']['TextareaRows'] - 2) . '" '
270 .'multiple="multiple" ondblclick="insertValueQuery()">' . "\n";
271 foreach ($fields_list as $field) {
272 echo '<option value="'
273 .PMA_backquote(htmlspecialchars($field['Field'])) . '"';
274 if (isset($field['Field']) && strlen($field['Field']) && isset($field['Comment'])) {
275 echo ' title="' . htmlspecialchars($field['Comment']) . '"';
276 }
277 echo '>' . htmlspecialchars($field['Field']) . '</option>' . "\n";
278 }
279 echo '</select>' . "\n"
280 .'<div id="tablefieldinsertbuttoncontainer">' . "\n";
281 if ($GLOBALS['cfg']['PropertiesIconic']) {
282 echo '<input type="button" name="insert" value="&lt;&lt;"'
283 .' onclick="insertValueQuery()"'
284 .' title="' . __('Insert') . '" />' . "\n";
285 } else {
286 echo '<input type="button" name="insert"'
287 .' value="' . __('Insert') . '"'
288 .' onclick="insertValueQuery()" />' . "\n";
289 }
290 echo '</div>' . "\n"
291 .'</div>' . "\n";
292 }
293
294 echo '<div class="clearfloat"></div>' . "\n";
295 echo '</div>' . "\n";
296
297 if (! empty($GLOBALS['cfg']['Bookmark'])) {
298 ?>
299 <div id="bookmarkoptions">
300 <div class="formelement">
301 <label for="bkm_label">
302 <?php echo __('Bookmark this SQL query'); ?>:</label>
303 <input type="text" name="bkm_label" id="bkm_label" tabindex="110" value="" />
304 </div>
305 <div class="formelement">
306 <input type="checkbox" name="bkm_all_users" tabindex="111" id="id_bkm_all_users"
307 value="true" />
308 <label for="id_bkm_all_users">
309 <?php echo __('Let every user access this bookmark'); ?></label>
310 </div>
311 <div class="formelement">
312 <input type="checkbox" name="bkm_replace" tabindex="112" id="id_bkm_replace"
313 value="true" />
314 <label for="id_bkm_replace">
315 <?php echo __('Replace existing bookmark of same name'); ?></label>
316 </div>
317 </div>
318 <?php
319 }
320
321 echo '<div class="clearfloat"></div>' . "\n";
322 echo '</fieldset>' . "\n"
323 .'</div>' . "\n";
324
325 echo '<fieldset id="queryboxfooter" class="tblFooters">' . "\n";
326 echo '<div class="formelement">' . "\n";
327 if ($is_querywindow) {
328 ?>
329 <script type="text/javascript">
330 //<![CDATA[
331 document.writeln(' <input type="checkbox" name="LockFromUpdate" checked="checked" tabindex="120" id="checkbox_lock" /> <label for="checkbox_lock"><?php echo __('Do not overwrite this query from outside the window'); ?></label> ');
332 //]]>
333 </script>
334 <?php
335 }
336 echo '</div>' . "\n";
337 echo '<div class="formelement">' . "\n";
338 echo '<label for="id_sql_delimiter">[ ' . __('Delimiter')
339 .'</label>' . "\n";
340 echo '<input type="text" name="sql_delimiter" tabindex="131" size="3" '
341 .'value="' . $delimiter . '" '
342 .'id="id_sql_delimiter" /> ]' . "\n";
343
344 echo '<input type="checkbox" name="show_query" value="1" '
345 .'id="checkbox_show_query" tabindex="132" checked="checked" />' . "\n"
346 .'<label for="checkbox_show_query">' . __(' Show this query here again ')
347 .'</label>' . "\n";
348
349 echo '</div>' . "\n";
350 echo '<input type="submit" name="SQL" tabindex="200" value="' . __('Go') . '" />'
351 ."\n";
352 echo '<div class="clearfloat"></div>' . "\n";
353 echo '</fieldset>' . "\n";
354 }
355
356 /**
357 * prints bookmark fieldset
358 *
359 * @usedby PMA_sqlQueryForm()
360 */
361 function PMA_sqlQueryFormBookmark()
362 {
363 $bookmark_list = PMA_Bookmark_getList($GLOBALS['db']);
364 if (! $bookmark_list || count($bookmark_list) < 1) {
365 return;
366 }
367
368 echo '<fieldset id="bookmarkoptions">';
369 echo '<legend>';
370 echo __('Bookmarked SQL query') . '</legend>' . "\n";
371 echo '<div class="formelement">';
372 echo '<select name="id_bookmark">' . "\n";
373 echo '<option value="">&nbsp;</option>' . "\n";
374 foreach ($bookmark_list as $key => $value) {
375 echo '<option value="' . htmlspecialchars($key) . '">'
376 .htmlspecialchars($value) . '</option>' . "\n";
377 }
378 // &nbsp; is required for correct display with styles/line height
379 echo '</select>&nbsp;' . "\n";
380 echo '</div>' . "\n";
381 echo '<div class="formelement">' . "\n";
382 echo __('Variable');
383 if ($GLOBALS['cfg']['ReplaceHelpImg']) {
384 echo ' <a href="./Documentation.html#faqbookmark"'
385 .' target="documentation">'
386 .'<img class="icon ic_b_help_s" src="themes/dot.gif"'
387 .' alt="' . __('Documentation') . '" /></a> ';
388 } else {
389 echo ' (<a href="./Documentation.html#faqbookmark"'
390 .' target="documentation">' . __('Documentation') . '</a>): ';
391 }
392 echo '<input type="text" name="bookmark_variable" class="textfield"'
393 .' size="10" />' . "\n";
394 echo '</div>' . "\n";
395 echo '<div class="formelement">' . "\n";
396 echo '<input type="radio" name="action_bookmark" value="0"'
397 .' id="radio_bookmark_exe" checked="checked" />'
398 .'<label for="radio_bookmark_exe">' . __('Submit')
399 .'</label>' . "\n";
400 echo '<input type="radio" name="action_bookmark" value="1"'
401 .' id="radio_bookmark_view" />'
402 .'<label for="radio_bookmark_view">' . __('View only')
403 .'</label>' . "\n";
404 echo '<input type="radio" name="action_bookmark" value="2"'
405 .' id="radio_bookmark_del" />'
406 .'<label for="radio_bookmark_del">' . __('Delete')
407 .'</label>' . "\n";
408 echo '</div>' . "\n";
409 echo '<div class="clearfloat"></div>' . "\n";
410 echo '</fieldset>' . "\n";
411
412 echo '<fieldset id="bookmarkoptionsfooter" class="tblFooters">' . "\n";
413 echo '<input type="submit" name="SQL" value="' . __('Go') . '" />';
414 echo '<div class="clearfloat"></div>' . "\n";
415 echo '</fieldset>' . "\n";
416 }
417
418 /**
419 * prints bookmark fieldset
420 *
421 * @usedby PMA_sqlQueryForm()
422 */
423 function PMA_sqlQueryFormUpload() {
424 $errors = array ();
425
426 $matcher = '@\.sql(\.(' . PMA_supportedDecompressions() . '))?$@'; // we allow only SQL here
427
428 if (!empty($GLOBALS['cfg']['UploadDir'])) {
429 $files = PMA_getFileSelectOptions(PMA_userDir($GLOBALS['cfg']['UploadDir']), $matcher, (isset($timeout_passed) && $timeout_passed && isset($local_import_file)) ? $local_import_file : '');
430 } else {
431 $files = '';
432 }
433
434 // start output
435 echo '<fieldset id="">';
436 echo '<legend>';
437 echo __('Location of the text file') . '</legend>';
438 echo '<div class="formelement">';
439 echo '<input type="file" name="sql_file" class="textfield" /> ';
440 echo PMA_displayMaximumUploadSize($GLOBALS['max_upload_size']);
441 // some browsers should respect this :)
442 echo PMA_generateHiddenMaxFileSize($GLOBALS['max_upload_size']) . "\n";
443 echo '</div>';
444
445 if ($files === false) {
446 $errors[] = PMA_Message::error( __('The directory you set for upload work cannot be reached'));
447 } elseif (!empty($files)) {
448 echo '<div class="formelement">';
449 echo '<strong>' . __('web server upload directory') .':</strong>' . "\n";
450 echo '<select size="1" name="sql_localfile">' . "\n";
451 echo '<option value="" selected="selected"></option>' . "\n";
452 echo $files;
453 echo '</select>' . "\n";
454 echo '</div>';
455 }
456
457 echo '<div class="clearfloat"></div>' . "\n";
458 echo '</fieldset>';
459
460
461 echo '<fieldset id="" class="tblFooters">';
462 echo __('Character set of the file:') . "\n";
463 echo PMA_generateCharsetDropdownBox(PMA_CSDROPDOWN_CHARSET,
464 'charset_of_file', null, 'utf8', false);
465 echo '<input type="submit" name="SQL" value="' . __('Go')
466 .'" />' . "\n";
467 echo '<div class="clearfloat"></div>' . "\n";
468 echo '</fieldset>';
469
470 foreach ($errors as $error) {
471 $error->display();
472 }
473 }
474 ?>
Drizzle / GSOC 2011