search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
update
[phpmyadmin/crack.git] / mult_submits.inc.php3
blob8f32efc09b15082959fdae8608daf3dc664cc318
1 <?php
2 /* $Id$ */
3
4
5 /**
6 * Prepares the work and runs some other scripts if required
7 */
8 if (!empty($submit_mult)
9 && (!empty($selected_db) || !empty($selected_tbl) || !empty($selected_fld))) {
10
11 if (get_magic_quotes_gpc()) {
12 $submit_mult = stripslashes($submit_mult);
13 }
14 if (!empty($selected_db)) {
15 $selected = $selected_db;
16 $what = 'drop_db';
17 } else if (!empty($selected_tbl)) {
18 if ($submit_mult == $strPrintView) {
19 include('./tbl_printview.php3');
20 exit();
21 } else {
22 $selected = $selected_tbl;
23 switch ($submit_mult) {
24 case $strDrop:
25 $what = 'drop_tbl';
26 break;
27 case $strEmpty:
28 $what = 'empty_tbl';
29 break;
30 case $strOptimizeTable:
31 unset($submit_mult);
32 $query_type = 'optimize_tbl';
33 $mult_btn = (get_magic_quotes_gpc() ? addslashes($strYes) : $strYes);
34 break;
35 case $strRepairTable:
36 unset($submit_mult);
37 $query_type = 'repair_tbl';
38 $mult_btn = (get_magic_quotes_gpc() ? addslashes($strYes) : $strYes);
39 break;
40 } // end switch
41 }
42 } else {
43 $selected = $selected_fld;
44 if ($submit_mult == $strDrop) {
45 $what = 'drop_fld';
46 } else {
47 include('./tbl_alter.php3');
48 exit();
49 }
50 }
51 } // end if
52
53
54 /**
55 * Displays the confirmation form if required
56 */
57 if (!empty($submit_mult) && !empty($what)) {
58 // Builds the query
59 $full_query = '';
60 $selected_cnt = count($selected);
61 for ($i = 0; $i < $selected_cnt; $i++) {
62 switch ($what) {
63 case 'drop_db':
64 $full_query .= 'DROP DATABASE '
65 . PMA_backquote(htmlspecialchars(urldecode($selected[$i])))
66 . ';<br />';
67 break;
68
69 case 'drop_tbl':
70 $full_query .= (empty($full_query) ? 'DROP TABLE ' : ', ')
71 . PMA_backquote(htmlspecialchars(urldecode($selected[$i])))
72 . (($i == $selected_cnt - 1) ? ';<br />' : '');
73 break;
74
75 case 'empty_tbl':
76 if (PMA_MYSQL_INT_VERSION >= 40000) {
77 $full_query .= 'TRUNCATE ';
78 } else {
79 $full_query .= 'DELETE FROM ';
80 }
81 $full_query .= PMA_backquote(htmlspecialchars(urldecode($selected[$i])))
82 . ';<br />';
83 break;
84
85 case 'drop_fld':
86 if ($full_query == '') {
87 $full_query .= 'ALTER TABLE '
88 . PMA_backquote(htmlspecialchars($table))
89 . '<br />&nbsp;&nbsp;DROP '
90 . PMA_backquote(htmlspecialchars(urldecode($selected[$i])))
91 . ',';
92 } else {
93 $full_query .= '<br />&nbsp;&nbsp;DROP '
94 . PMA_backquote(htmlspecialchars(urldecode($selected[$i])))
95 . ',';
96 }
97 if ($i == $selected_cnt-1) {
98 $full_query = ereg_replace(',$', ';<br />', $full_query);
99 }
100 break;
101 } // end switch
102 }
103
104 // Displays the form
105 echo $strDoYouReally . '&nbsp;:<br />' . "\n";
106 echo '<tt>' . $full_query . '</tt>&nbsp;?<br/>' . "\n";
107 ?>
108 <form action="<?php echo $action; ?>" method="post">
109 <input type="hidden" name="lang" value="<?php echo $lang; ?>" />
110 <input type="hidden" name="convcharset" value="<?php echo $convcharset; ?>" />
111 <input type="hidden" name="server" value="<?php echo $server; ?>" />
112 <?php
113 echo "\n";
114 if (strpos(' ' . $action, 'db_details') == 1) {
115 echo ' <input type="hidden" name="db" value="' . $db . '" />' . "\n";
116 } else if (strpos(' ' . $action, 'tbl_properties') == 1) {
117 echo ' <input type="hidden" name="db" value="' . $db . '" />' . "\n";
118 echo ' <input type="hidden" name="table" value="' . $table . '" />' . "\n";
119 }
120 for ($i = 0; $i < $selected_cnt; $i++) {
121 echo ' <input type="hidden" name="selected[]" value="' . $selected[$i] . '" />' . "\n";
122 }
123 ?>
124 <input type="hidden" name="query_type" value="<?php echo $what; ?>" />
125 <input type="submit" name="mult_btn" value="<?php echo $strYes; ?>" />
126 <input type="submit" name="mult_btn" value="<?php echo $strNo; ?>" />
127 </form>
128 <?php
129 echo"\n";
130
131 include('./footer.inc.php3');
132 exit();
133 } // end if
134
135
136 /**
137 * Executes the query
138 */
139 else if ((get_magic_quotes_gpc() && stripslashes($mult_btn) == $strYes)
140 || $mult_btn == $strYes) {
141
142 $sql_query = '';
143 $selected_cnt = count($selected);
144 for ($i = 0; $i < $selected_cnt; $i++) {
145 switch ($query_type) {
146 case 'drop_db':
147 $a_query = 'DROP DATABASE '
148 . PMA_backquote(urldecode($selected[$i]));
149 $reload = 1;
150 break;
151
152 case 'drop_tbl':
153 $sql_query .= (empty($sql_query) ? 'DROP TABLE ' : ', ')
154 . PMA_backquote(urldecode($selected[$i]))
155 . (($i == $selected_cnt-1) ? ';' : '');
156 $reload = 1;
157 break;
158
159 case 'optimize_tbl':
160 $sql_query .= (empty($sql_query) ? 'OPTIMIZE TABLE ' : ', ')
161 . PMA_backquote(urldecode($selected[$i]))
162 . (($i == $selected_cnt-1) ? ';' : '');
163 break;
164
165 case 'repair_tbl':
166 $sql_query .= (empty($sql_query) ? 'REPAIR TABLE ' : ', ')
167 . PMA_backquote(urldecode($selected[$i]))
168 . (($i == $selected_cnt-1) ? ';' : '');
169 break;
170
171 case 'empty_tbl':
172 $a_query = 'DELETE FROM '
173 . PMA_backquote(urldecode($selected[$i]));
174 break;
175
176 case 'drop_fld':
177 $sql_query .= (empty($sql_query) ? 'ALTER TABLE ' . PMA_backquote($table) : ',')
178 . ' DROP ' . PMA_backquote(urldecode($selected[$i]))
179 . (($i == $selected_cnt-1) ? ';' : '');
180 break;
181 } // end switch
182
183 // All "DROP TABLE","DROP FIELD", "OPTIMIZE TABLE" and "REPAIR TABLE"
184 // statements will be run at once below
185 if ($query_type != 'drop_tbl'
186 && $query_type != 'drop_fld'
187 && $query_type != 'repair_tbl'
188 && $query_type != 'optimize_tbl') {
189 $sql_query .= $a_query . ';' . "\n";
190
191 if ($query_type != 'drop_db') {
192 PMA_mysql_select_db($db);
193 }
194 $result = @PMA_mysql_query($a_query) or PMA_mysqlDie('', $a_query, FALSE, $err_url);
195 } // end if
196 } // end for
197
198 if ($query_type == 'drop_tbl'
199 || $query_type == 'drop_fld'
200 || $query_type == 'repair_tbl'
201 || $query_type == 'optimize_tbl') {
202 PMA_mysql_select_db($db);
203 $result = @PMA_mysql_query($sql_query) or PMA_mysqlDie('', '', FALSE, $err_url);
204 }
205
206 PMA_showMessage($strSuccess);
207 }
208
209 ?>
Drizzle / GSOC 2011