search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
xhtml typo
[phpmyadmin/crack.git] / libraries / relation.lib.php3
blobb86fdd14f9abf850973cad369b5c625ce140511b
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
4
5 /**
6 * Set of functions used with the relation and pdf feature
7 */
8
9
10 if (!defined('PMA_RELATION_LIB_INCLUDED')){
11 define('PMA_RELATION_LIB_INCLUDED', 1);
12
13 /**
14 * Executes a query as controluser if possible, otherwise as normal user
15 *
16 * @param string the query to execute
17 * @param boolean whether to display SQL error messages or not
18 *
19 * @return integer the result id
20 *
21 * @global string the URL of the page to show in case of error
22 * @global string the name of db to come back to
23 * @global integer the ressource id of DB connect as controluser
24 * @global array configuration infos about the relations stuff
25 *
26 * @access public
27 *
28 * @author Mike Beck <mikebeck@users.sourceforge.net>
29 */
30 function PMA_query_as_cu($sql, $show_error = TRUE) {
31 global $err_url_0, $db, $dbh, $cfgRelation;
32
33 if (isset($dbh)) {
34 PMA_mysql_select_db($cfgRelation['db'], $dbh);
35 $result = @PMA_mysql_query($sql, $dbh);
36 if (!$result && $show_error == TRUE) {
37 PMA_mysqlDie(mysql_error($dbh), $sql, '', $err_url_0);
38 }
39 PMA_mysql_select_db($db, $dbh);
40 } else {
41 PMA_mysql_select_db($cfgRelation['db']);
42 $result = @PMA_mysql_query($sql);
43 if ($result && $show_error == TRUE) {
44 PMA_mysqlDie('', $sql, '', $err_url_0);
45 }
46 PMA_mysql_select_db($db);
47 } // end if... else...
48
49 if ($result) {
50 return $result;
51 } else {
52 return FALSE;
53 }
54 } // end of the "PMA_query_as_cu()" function
55
56
57 /**
58 * Defines the relation parameters for the current user
59 * just a copy of the functions used for relations ;-)
60 * but added some stuff to check what will work
61 *
62 * @param boolean whether to check validity of settings or not
63 *
64 * @return array the relation parameters for the current user
65 *
66 * @global array the list of settings for servers
67 * @global integer the id of the current server
68 * @global string the URL of the page to show in case of error
69 * @global string the name of the current db
70 * @global string the name of the current table
71 * @global array configuration infos about the relations stuff
72 *
73 * @access public
74 *
75 * @author Mike Beck <mikebeck@users.sourceforge.net>
76 */
77 function PMA_getRelationsParam($verbose = FALSE)
78 {
79 global $cfg, $server, $err_url_0, $db, $table;
80 global $cfgRelation;
81
82 $cfgRelation = array();
83 $cfgRelation['relwork'] = FALSE;
84 $cfgRelation['displaywork'] = FALSE;
85 $cfgRelation['bookmarkwork']= FALSE;
86 $cfgRelation['pdfwork'] = FALSE;
87 $cfgRelation['commwork'] = FALSE;
88 $cfgRelation['mimework'] = FALSE;
89 $cfgRelation['historywork'] = FALSE;
90 $cfgRelation['allworks'] = FALSE;
91
92 // No server selected -> no bookmark table
93 // we return the array with the FALSEs in it,
94 // to avoid some 'Unitialized string offset' errors later
95 if ($server == 0
96 || empty($cfg['Server'])
97 || empty($cfg['Server']['pmadb'])) {
98 if ($verbose == TRUE) {
99 echo 'PMA Database ... '
100 . '<font color="red"><b>' . $GLOBALS['strNotOK'] . '</b></font>'
101 . '[ <a href="Documentation.html#pmadb">' . $GLOBALS['strDocu'] . '</a> ]<br />' . "\n"
102 . $GLOBALS['strGeneralRelationFeat']
103 . ' <font color="green">' . $GLOBALS['strDisabled'] . '</font>' . "\n";
104 }
105 return $cfgRelation;
106 }
107
108 $cfgRelation['user'] = $cfg['Server']['user'];
109 $cfgRelation['db'] = $cfg['Server']['pmadb'];
110
111 // Now I just check if all tables that i need are present so I can for
112 // example enable relations but not pdf...
113 // I was thinking of checking if they have all required columns but I
114 // fear it might be too slow
115 // PMA_mysql_select_db($cfgRelation['db']);
116
117 $tab_query = 'SHOW TABLES FROM ' . PMA_backquote($cfgRelation['db']);
118 $tab_rs = PMA_query_as_cu($tab_query, FALSE);
119
120 while ($curr_table = @PMA_mysql_fetch_array($tab_rs)) {
121 if ($curr_table[0] == $cfg['Server']['bookmarktable']) {
122 $cfgRelation['bookmark'] = $curr_table[0];
123 } else if ($curr_table[0] == $cfg['Server']['relation']) {
124 $cfgRelation['relation'] = $curr_table[0];
125 } else if ($curr_table[0] == $cfg['Server']['table_info']) {
126 $cfgRelation['table_info'] = $curr_table[0];
127 } else if ($curr_table[0] == $cfg['Server']['table_coords']) {
128 $cfgRelation['table_coords'] = $curr_table[0];
129 } else if ($curr_table[0] == $cfg['Server']['column_info']) {
130 $cfgRelation['column_info'] = $curr_table[0];
131 } else if ($curr_table[0] == $cfg['Server']['pdf_pages']) {
132 $cfgRelation['pdf_pages'] = $curr_table[0];
133 } else if ($curr_table[0] == $cfg['Server']['history']) {
134 $cfgRelation['history'] = $curr_table[0];
135 }
136 } // end while
137 if (isset($cfgRelation['relation'])) {
138 $cfgRelation['relwork'] = TRUE;
139 if (isset($cfgRelation['table_info'])) {
140 $cfgRelation['displaywork'] = TRUE;
141 }
142 if (isset($cfgRelation['table_coords']) && isset($cfgRelation['pdf_pages'])) {
143 $cfgRelation['pdfwork'] = TRUE;
144 }
145 if (isset($cfgRelation['column_info'])) {
146 $cfgRelation['commwork'] = TRUE;
147
148 if ($cfg['Server']['verbose_check']) {
149 $mime_query = 'SHOW FIELDS FROM ' . PMA_backquote($cfgRelation['db']) . '.' . PMA_backquote($cfgRelation['column_info']);
150 $mime_rs = PMA_query_as_cu($mime_query, FALSE);
151
152 $mime_field_mimetype = FALSE;
153 $mime_field_transformation = FALSE;
154 $mime_field_transformation_options = FALSE;
155 while ($curr_mime_field = @PMA_mysql_fetch_array($mime_rs)) {
156 if ($curr_mime_field[0] == 'mimetype') {
157 $mime_field_mimetype = TRUE;
158 } else if ($curr_mime_field[0] == 'transformation') {
159 $mime_field_transformation = TRUE;
160 } else if ($curr_mime_field[0] == 'transformation_options') {
161 $mime_field_transformation_options = TRUE;
162 }
163 }
164
165 if ($mime_field_mimetype == TRUE
166 && $mime_field_transformation == TRUE
167 && $mime_field_transformation_options == TRUE) {
168 $cfgRelation['mimework'] = TRUE;
169 }
170 } else {
171 $cfgRelation['mimework'] = TRUE;
172 }
173 }
174 } // end if
175
176 if (isset($cfgRelation['history'])) {
177 $cfgRelation['historywork'] = TRUE;
178 }
179
180 if (isset($cfgRelation['bookmark'])) {
181 $cfgRelation['bookmarkwork'] = TRUE;
182 }
183
184 if ($cfgRelation['relwork'] == TRUE && $cfgRelation['displaywork'] == TRUE
185 && $cfgRelation['pdfwork'] == TRUE && $cfgRelation['commwork'] == TRUE
186 && $cfgRelation['mimework'] == TRUE && $cfgRelation['historywork'] == TRUE
187 && $cfgRelation['bookmarkwork'] == TRUE) {
188 $cfgRelation['allworks'] = TRUE;
189 }
190 if ($tab_rs) {
191 mysql_free_result($tab_rs);
192 } else {
193 $cfg['Server']['pmadb'] = FALSE;
194 }
195
196 if ($verbose == TRUE) {
197 $shit = '<font color="red"><b>' . $GLOBALS['strNotOK'] . '</b></font> [ <a href="Documentation.html#%s">' . $GLOBALS['strDocu'] . '</a> ]';
198 $hit = '<font color="green"><b>' . $GLOBALS['strOK'] . '</b></font>';
199 $enabled = '<font color="green">' . $GLOBALS['strEnabled'] . '</font>';
200 $disabled = '<font color="red">' . $GLOBALS['strDisabled'] . '</font>';
201
202 echo '<table>' . "\n";
203 echo ' <tr><th align="left">$cfg[\'Servers\'][$i][\'pmadb\'] ... </th><td align="right">'
204 . (($cfg['Server']['pmadb'] == FALSE) ? sprintf($shit, 'pmadb') : $hit)
205 . '</td></tr>' . "\n";
206 echo ' <tr><td>&nbsp;</td></tr>' . "\n";
207
208 echo ' <tr><th align="left">$cfg[\'Servers\'][$i][\'relation\'] ... </th><td align="right">'
209 . ((isset($cfgRelation['relation'])) ? $hit : sprintf($shit, 'relation'))
210 . '</td></tr>' . "\n";
211 echo ' <tr><td colspan=2 align="center">'. $GLOBALS['strGeneralRelationFeat'] . ': '
212 . (($cfgRelation['relwork'] == TRUE) ? $enabled : $disabled)
213 . '</td></tr>' . "\n";
214 echo ' <tr><td>&nbsp;</td></tr>' . "\n";
215
216 echo ' <tr><th align="left">$cfg[\'Servers\'][$i][\'table_info\'] ... </th><td align="right">'
217 . (($cfgRelation['displaywork'] == FALSE) ? sprintf($shit, 'table_info') : $hit)
218 . '</td></tr>' . "\n";
219 echo ' <tr><td colspan=2 align="center">' . $GLOBALS['strDisplayFeat'] . ': '
220 . (($cfgRelation['displaywork'] == TRUE) ? $enabled : $disabled)
221 . '</td></tr>' . "\n";
222 echo ' <tr><td>&nbsp;</td></tr>' . "\n";
223
224 echo ' <tr><th align="left">$cfg[\'Servers\'][$i][\'table_coords\'] ... </th><td align="right">'
225 . ((isset($cfgRelation['table_coords'])) ? $hit : sprintf($shit, 'table_coords'))
226 . '</td></tr>' . "\n";
227 echo ' <tr><th align="left">$cfg[\'Servers\'][$i][\'pdf_pages\'] ... </th><td align="right">'
228 . ((isset($cfgRelation['pdf_pages'])) ? $hit : sprintf($shit, 'table_coords'))
229 . '</td></tr>' . "\n";
230 echo ' <tr><td colspan=2 align="center">' . $GLOBALS['strCreatePdfFeat'] . ': '
231 . (($cfgRelation['pdfwork'] == TRUE) ? $enabled : $disabled)
232 . '</td></tr>' . "\n";
233 echo ' <tr><td>&nbsp;</td></tr>' . "\n";
234
235 echo ' <tr><th align="left">$cfg[\'Servers\'][$i][\'column_info\'] ... </th><td align="right">'
236 . ((isset($cfgRelation['column_info'])) ? $hit : sprintf($shit, 'col_com'))
237 . '</td></tr>' . "\n";
238 echo ' <tr><td colspan=2 align="center">' . $GLOBALS['strColComFeat'] . ': '
239 . (($cfgRelation['commwork'] == TRUE) ? $enabled : $disabled)
240 . '</td></tr>' . "\n";
241 echo ' <tr><td colspan=2 align="center">' . $GLOBALS['strBookmarkQuery'] . ': '
242 . (($cfgRelation['bookmarkwork'] == TRUE) ? $enabled : $disabled)
243 . '</td></tr>' . "\n";
244 echo ' <tr><td colspan=2 align="center">MIME: '
245 . (($cfgRelation['mimework'] == TRUE) ? $enabled : $disabled)
246 . '</td></tr>' . "\n";
247
248 // . '<br />(MIME: ' . (($cfgRelation['mimework'] == TRUE) ? $enabled : $disabled) . ')'
249
250 echo ' <tr><th align="left">$cfg[\'Servers\'][$i][\'history\'] ... </th><td align="right">'
251 . ((isset($cfgRelation['history'])) ? $hit : sprintf($shit, 'history'))
252 . '</td></tr>' . "\n";
253 echo ' <tr><td colspan=2 align="center">' . $GLOBALS['strQuerySQLHistory'] . ': '
254 . (($cfgRelation['historywork'] == TRUE) ? $enabled : $disabled)
255 . '</td></tr>' . "\n";
256
257 echo '</table>' . "\n";
258 } // end if ($verbose == TRUE) {
259
260 return $cfgRelation;
261 } // end of the 'PMA_getRelationsParam()' function
262
263
264 /**
265 * Gets all Relations to foreign tables for a given table or
266 * optionally a given column in a table
267 *
268 * @param string the name of the db to check for
269 * @param string the name of the table to check for
270 * @param string the name of the column to check for
271 *
272 * @return array db,table,column
273 *
274 * @global array the list of relations settings
275 * @global string the URL of the page to show in case of error
276 *
277 * @access public
278 *
279 * @author Mike Beck <mikebeck@users.sourceforge.net>
280 */
281 function PMA_getForeigners($db, $table, $column = '') {
282 global $cfgRelation, $err_url_0;
283
284 $rel_query = 'SELECT master_field, foreign_db, foreign_table, foreign_field'
285 . ' FROM ' . PMA_backquote($cfgRelation['relation'])
286 . ' WHERE master_db = \'' . PMA_sqlAddslashes($db) . '\' '
287 . ' AND master_table = \'' . PMA_sqlAddslashes($table) . '\' ';
288 if (!empty($column)) {
289 $rel_query .= ' AND master_field = \'' . PMA_sqlAddslashes($column) . '\'';
290 }
291 $relations = PMA_query_as_cu($rel_query);
292 $i = 0;
293 while ($relrow = @PMA_mysql_fetch_array($relations)) {
294 $field = $relrow['master_field'];
295 $foreign[$field]['foreign_db'] = $relrow['foreign_db'];
296 $foreign[$field]['foreign_table'] = $relrow['foreign_table'];
297 $foreign[$field]['foreign_field'] = $relrow['foreign_field'];
298 $i++;
299 } // end while
300
301 if (isset($foreign) && is_array($foreign)) {
302 return $foreign;
303 } else {
304 return FALSE;
305 }
306 } // end of the 'PMA_getForeigners()' function
307
308
309 /**
310 * Gets the display field of a table
311 *
312 * @param string the name of the db to check for
313 * @param string the name of the table to check for
314 *
315 * @return string field name
316 *
317 * @global array the list of relations settings
318 *
319 * @access public
320 *
321 * @author Mike Beck <mikebeck@users.sourceforge.net>
322 */
323 function PMA_getDisplayField($db, $table) {
324 global $cfgRelation;
325
326 $disp_query = 'SELECT display_field FROM ' . PMA_backquote($cfgRelation['table_info'])
327 . ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
328 . ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\'';
329
330 $disp_res = PMA_query_as_cu($disp_query);
331 $row = ($disp_res ? PMA_mysql_fetch_array($disp_res) : '');
332 if (isset($row['display_field'])) {
333 return $row['display_field'];
334 } else {
335 return FALSE;
336 }
337 } // end of the 'PMA_getDisplayField()' function
338
339
340 /**
341 * Gets the comments for all rows of a table
342 *
343 * @param string the name of the db to check for
344 * @param string the name of the table to check for
345 *
346 * @return array [field_name] = comment
347 *
348 * @global array the list of relations settings
349 *
350 * @access public
351 *
352 * @author Mike Beck <mikebeck@users.sourceforge.net>
353 */
354 function PMA_getComments($db, $table = '') {
355 global $cfgRelation;
356
357 if ($table != '') {
358 $com_qry = 'SELECT column_name, ' . PMA_backquote('comment') . ' FROM ' . PMA_backquote($cfgRelation['column_info'])
359 . ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
360 . ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\'';
361 $com_rs = PMA_query_as_cu($com_qry);
362 } else {
363 $com_qry = 'SELECT comment FROM ' . PMA_backquote($cfgRelation['column_info'])
364 . ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
365 . ' AND table_name = \'\''
366 . ' AND column_name = \'(db_comment)\'';
367 $com_rs = PMA_query_as_cu($com_qry);
368 }
369
370 $i = 0;
371 while ($row = @PMA_mysql_fetch_array($com_rs)) {
372 $i++;
373 $col = ($table != '' ? $row['column_name'] : $i);
374
375 if (strlen($row['comment']) > 0) {
376 $comment[$col] = $row['comment'];
377 }
378
379 } // end while
380
381 if (isset($comment) && is_array($comment)) {
382 return $comment;
383 } else {
384 return FALSE;
385 }
386 } // end of the 'PMA_getComments()' function
387
388 /**
389 * Adds/removes slashes if required
390 *
391 * @param string the string to slash
392 *
393 * @return string the slashed string
394 *
395 * @access public
396 */
397 function PMA_handleSlashes($val) {
398 return (get_magic_quotes_gpc() ? str_replace('\\"', '"', $val) : PMA_sqlAddslashes($val));
399 } // end of the "PMA_handleSlashes()" function
400
401 /**
402 * Set a single comment to a certain value.
403 *
404 * @param string the name of the db
405 * @param string the name of the table
406 * @param string the name of the column
407 * @param string the value of the column
408 * @param string (optional) if a column is renamed, this is the name of the former key which will get deleted
409 *
410 * @return boolean true, if comment-query was made.
411 *
412 * @global array the list of relations settings
413 *
414 * @access public
415 */
416 function PMA_setComment($db, $table, $key, $value, $removekey = '') {
417 global $cfgRelation;
418
419 if ($removekey != '' AND $removekey != $key) {
420 $remove_query = 'DELETE FROM ' . PMA_backquote($cfgRelation['column_info'])
421 . ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
422 . ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\''
423 . ' AND column_name = \'' . PMA_sqlAddslashes($removekey) . '\'';
424 $rmv_rs = PMA_query_as_cu($remove_query);
425 unset($rmv_query);
426 }
427
428 $test_qry = 'SELECT ' . PMA_backquote('comment') . ', mimetype, transformation, transformation_options FROM ' . PMA_backquote($cfgRelation['column_info'])
429 . ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
430 . ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\''
431 . ' AND column_name = \'' . PMA_sqlAddslashes($key) . '\'';
432 $test_rs = PMA_query_as_cu($test_qry);
433
434 if ($test_rs && mysql_num_rows($test_rs) > 0) {
435 $row = @PMA_mysql_fetch_array($test_rs);
436
437 if (strlen($value) > 0 || strlen($row['mimetype']) > 0 || strlen($row['transformation']) > 0 || strlen($row['transformation_options']) > 0) {
438 $upd_query = 'UPDATE ' . PMA_backquote($cfgRelation['column_info'])
439 . ' SET ' . PMA_backquote('comment') . ' = \'' . PMA_sqlAddslashes($value) . '\''
440 . ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
441 . ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\''
442 . ' AND column_name = \'' . PMA_sqlAddSlashes($key) . '\'';
443 } else {
444 $upd_query = 'DELETE FROM ' . PMA_backquote($cfgRelation['column_info'])
445 . ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
446 . ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\''
447 . ' AND column_name = \'' . PMA_sqlAddslashes($key) . '\'';
448 }
449 } else if (strlen($value) > 0) {
450 $upd_query = 'INSERT INTO ' . PMA_backquote($cfgRelation['column_info'])
451 . ' (db_name, table_name, column_name, ' . PMA_backquote('comment') . ') '
452 . ' VALUES('
453 . '\'' . PMA_sqlAddslashes($db) . '\','
454 . '\'' . PMA_sqlAddslashes($table) . '\','
455 . '\'' . PMA_sqlAddslashes($key) . '\','
456 . '\'' . PMA_sqlAddslashes($value) . '\')';
457 }
458
459 if (isset($upd_query)){
460 $upd_rs = PMA_query_as_cu($upd_query);
461 unset($upd_query);
462 return true;
463 } else {
464 return false;
465 }
466 } // end of 'PMA_setComment()' function
467
468 /**
469 * Set a SQL history entry
470 *
471 * @param string the name of the db
472 * @param string the name of the table
473 * @param string the username
474 * @param string the sql query
475 *
476 * @return boolean true
477 *
478 * @access public
479 */
480 function PMA_setHistory($db, $table, $username, $sqlquery) {
481 global $cfgRelation;
482
483 $hist_rs = PMA_query_as_cu('INSERT INTO ' . PMA_backquote($cfgRelation['history']) . ' ('
484 . PMA_backquote('username') . ','
485 . PMA_backquote('db') . ','
486 . PMA_backquote('table') . ','
487 . PMA_backquote('timevalue') . ','
488 . PMA_backquote('sqlquery')
489 . ') VALUES ('
490 . '\'' . PMA_sqlAddslashes($username) . '\','
491 . '\'' . PMA_sqlAddslashes($db) . '\','
492 . '\'' . PMA_sqlAddslashes($table) . '\','
493 . 'NOW(),'
494 . '\'' . PMA_sqlAddslashes($sqlquery) . '\')');
495 return true;
496 } // end of 'PMA_setHistory()' function
497
498 /**
499 * Gets a SQL history entry
500 *
501 * @param string the username
502 *
503 * @return array list of history items
504 *
505 * @access public
506 */
507 function PMA_getHistory($username) {
508 global $cfgRelation;
509
510 $hist_rs = PMA_query_as_cu('SELECT '
511 . PMA_backquote('db') . ','
512 . PMA_backquote('table') . ','
513 . PMA_backquote('sqlquery')
514 . ' FROM ' . PMA_backquote($cfgRelation['history']) . ' WHERE username = \'' . PMA_sqlAddslashes($username) . '\' ORDER BY timevalue DESC');
515
516 $history = array();
517
518 while ($row = @PMA_mysql_fetch_array($hist_rs)) {
519 $history[] = $row;
520 }
521
522 return $history;
523
524 } // end of 'PMA_getHistory()' function
525
526 /**
527 * Set a SQL history entry
528 *
529 * @param string the name of the db
530 * @param string the name of the table
531 * @param string the username
532 * @param string the sql query
533 *
534 * @return boolean true
535 *
536 * @access public
537 */
538 function PMA_purgeHistory($username) {
539 global $cfgRelation, $cfg;
540
541 $purge_rs = PMA_query_as_cu('SELECT timevalue FROM ' . PMA_backquote($cfgRelation['history']) . ' WHERE username = \'' . PMA_sqlAddSlashes($username) . '\' ORDER BY timevalue DESC LIMIT ' . $cfg['QueryHistoryMax'] . ', 1');
542 $i = 0;
543 $row = @PMA_mysql_fetch_array($purge_rs);
544
545 if (is_array($row) && $row[0] > 0) {
546 $maxtime = $row[0];
547 $remove_rs = PMA_query_as_cu('DELETE FROM ' . PMA_backquote($cfgRelation['history']) . ' WHERE timevalue <= ' . $maxtime);
548 }
549
550 return true;
551 } // end of 'PMA_purgeHistory()' function
552 } // $__PMA_RELATION_LIB__
553 ?>
Drizzle / GSOC 2011