6 * Removes comment lines and splits up large sql files into individual queries
8 * Last revision: September 23, 2001 - gandon
10 * @param array the splitted sql commands
11 * @param string the sql commands
12 * @param integer the MySQL release number (because certains php3 versions
13 * can't get the value of a constant from within a function)
15 * @return boolean always true
19 function PMA_splitSqlFile(&$ret, $sql, $release)
22 $sql_len = strlen($sql);
28 for ($i = 0; $i < $sql_len; ++
$i) {
31 // We are in a string, check for not escaped end of strings except for
32 // backquotes that can't be escaped
35 $i = strpos($sql, $string_start, $i);
36 // No end of string found -> add the current substring to the
42 // Backquotes or no backslashes before quotes: it's indeed the
43 // end of the string -> exit the loop
44 else if ($string_start == '`' ||
$sql[$i-1] != '\\') {
49 // one or more Backslashes before the presumed end of string...
51 // ... first checks for escaped backslashes
53 $escaped_backslash = FALSE;
54 while ($i-$j > 0 && $sql[$i-$j] == '\\') {
55 $escaped_backslash = !$escaped_backslash;
58 // ... if escaped backslashes: it's really the end of the
59 // string -> exit the loop
60 if ($escaped_backslash) {
69 } // end if...elseif...else
71 } // end if (in string)
73 // We are not in a string, first check for delimiter...
74 else if ($char == ';') {
75 // if delimiter found, add the parsed part to the returned array
76 $ret[] = substr($sql, 0, $i);
77 $sql = ltrim(substr($sql, min($i +
1, $sql_len)));
78 $sql_len = strlen($sql);
82 // The submited statement(s) end(s) here
85 } // end else if (is delimiter)
87 // ... then check for start of a string,...
88 else if (($char == '"') ||
($char == '\'') ||
($char == '`')) {
90 $string_start = $char;
91 } // end else if (is start of string)
93 // ... for start of a comment (and remove this comment if found)...
95 ||
($char == ' ' && $i > 1 && $sql[$i-2] . $sql[$i-1] == '--')) {
96 // starting position of the comment depends on the comment type
97 $start_of_comment = (($sql[$i] == '#') ?
$i : $i-2);
98 // if no "\n" exits in the remaining string, checks for "\r"
100 $end_of_comment = (strpos(' ' . $sql, "\012", $i+
2))
101 ?
strpos(' ' . $sql, "\012", $i+
2)
102 : strpos(' ' . $sql, "\015", $i+
2);
103 if (!$end_of_comment) {
104 // no eol found after '#', add the parsed part to the returned
105 // array if required and exit
106 if ($start_of_comment > 0) {
107 $ret[] = trim(substr($sql, 0, $start_of_comment));
111 $sql = substr($sql, 0, $start_of_comment)
112 . ltrim(substr($sql, $end_of_comment));
113 $sql_len = strlen($sql);
116 } // end else if (is comment)
118 // ... and finally disactivate the "/*!...*/" syntax if MySQL < 3.22.07
119 else if ($release < 32270
120 && ($char == '!' && $i > 1 && $sql[$i-2] . $sql[$i-1] == '/*')) {
124 // loic1: send a fake header each 30 sec. to bypass browser timeout
126 if ($time1 >= $time0 +
30) {
128 header('X-pmaPing: Pong');
132 // add any rest to the returned array
133 if (!empty($sql) && ereg('[^[:space:]]+', $sql)) {
138 } // end of the 'PMA_splitSqlFile()' function
141 if (!function_exists('is_uploaded_file')) {
143 * Emulates the 'is_uploaded_file()' function for old php versions.
144 * Grabbed at the php manual:
145 * http://www.php.net/manual/en/features.file-upload.php
147 * @param string the name of the file to check
149 * @return boolean wether the file has been uploaded or not
153 function is_uploaded_file($filename) {
154 if (!$tmp_file = @get_cfg_var
('upload_tmp_dir')) {
155 $tmp_file = tempnam('','');
156 $deleted = @unlink
($tmp_file);
157 $tmp_file = dirname($tmp_file);
159 $tmp_file .= '/' . basename($filename);
161 // User might have trailing slash in php.ini...
162 return (ereg_replace('/+', '/', $tmp_file) == $filename);
163 } // end of the 'is_uploaded_file()' emulated function
169 * Gets some core libraries
171 require('./libraries/grab_globals.lib.php3');
172 require('./libraries/common.lib.php3');
176 * Increases the max. allowed time to run a script
178 @set_time_limit
($cfg['ExecTimeLimit']);
182 * Defines the url to return to in case of error in a sql statement
185 ||
($goto != 'db_details.php3' && $goto != 'tbl_properties.php3')) {
186 $goto = 'db_details.php3';
190 . '&convcharset=' . $convcharset
191 . '&server=' . $server
192 . '&db=' . urlencode($db)
193 . (($goto == 'tbl_properties.php3') ?
'&table=' . urlencode($table) : '');
197 * Set up default values for some variables
200 $sql_bookmark = isset($sql_bookmark) ?
$sql_bookmark : '';
201 $sql_query = isset($sql_query) ?
$sql_query : '';
202 $sql_file = !empty($sql_file) ?
$sql_file : 'none';
206 * Bookmark Support: get a query back from bookmark if required
208 if (!empty($id_bookmark)) {
209 include('./libraries/bookmark.lib.php3');
210 switch($action_bookmark) {
211 case 0: // bookmarked query that have to be run
212 $sql_query = PMA_queryBookmarks($db, $cfg['Bookmark'], $id_bookmark);
214 case 1: // bookmarked query that have to be displayed
215 $sql_query = PMA_queryBookmarks($db, $cfg['Bookmark'], $id_bookmark);
218 case 2: // bookmarked query that have to be deleted
219 $sql_query = PMA_deleteBookmarks($db, $cfg['Bookmark'], $id_bookmark);
226 * Prepares the sql query
228 // Gets the query from a file if required
229 if ($sql_file != 'none') {
230 if (file_exists($sql_file) && is_uploaded_file($sql_file)) {
233 if (PMA_PHP_INT_VERSION
>= 40000) {
234 $open_basedir = @ini_get
('open_basedir');
236 if (empty($open_basedir)) {
237 $open_basedir = @get_cfg_var
('open_basedir');
240 // If we are on a server with open_basedir, we must move the file
241 // before opening it. The doc explains how to create the "./tmp"
244 if (!empty($open_basedir)) {
245 // check if '.' is in open_basedir
246 $split_char = (PMA_IS_WINDOWS ?
';' : ':');
247 $pos = ereg('(^|' . $split_char . ')\\.(' . $split_char . '|$)', $open_basedir);
249 // from the PHP annotated manual
251 // if no '.' in openbasedir, do not move the file (open_basedir
252 // may only be a prefix), force the error and let PHP reports
254 error_reporting(E_ALL
);
255 $sql_query = fread(fopen($sql_file, 'r'), filesize($sql_file));
258 $sql_file_new = (PMA_IS_WINDOWS ?
'.\\tmp\\' : './tmp/')
259 . basename($sql_file);
260 if (PMA_PHP_INT_VERSION
< 40003) {
261 copy($sql_file, $sql_file_new);
263 move_uploaded_file($sql_file, $sql_file_new);
265 $sql_query = fread(fopen($sql_file_new, 'r'), filesize($sql_file_new));
266 unlink($sql_file_new);
270 // read from the normal upload dir
271 $sql_query = fread(fopen($sql_file, 'r'), filesize($sql_file));
274 if (get_magic_quotes_runtime() == 1) {
275 $sql_query = stripslashes($sql_query);
277 // Convert the file's charset if necessary
278 if ($cfg['AllowAnywhereRecoding'] && $allow_recoding
279 && isset($charset_of_file) && $charset_of_file != $charset) {
280 $sql_query = iconv($charset_of_file, $charset, $sql_query);
282 } // end uploaded file stuff
284 else if (empty($id_bookmark) && get_magic_quotes_gpc() == 1) {
285 $sql_query = stripslashes($sql_query);
288 // Kanji convert SQL textfile 2002/1/4 by Y.Kawada
289 if (@function_exists
('PMA_kanji_str_conv')) {
290 $sql_tmp = trim($sql_query);
291 PMA_change_enc_order();
292 $sql_query = PMA_kanji_str_conv($sql_tmp, $knjenc, isset($xkana) ?
$xkana : '');
293 PMA_change_enc_order();
295 $sql_query = trim($sql_query);
298 // $sql_query come from the query textarea, if it's a reposted query gets its
300 if (!empty($prev_sql_query)) {
301 $prev_sql_query = urldecode($prev_sql_query);
302 if ($sql_query == trim(htmlspecialchars($prev_sql_query))) {
303 $sql_query = $prev_sql_query;
307 // Drop database is not allowed -> ensure the query can be run
308 if (!$cfg['AllowUserDropDatabase']
309 && eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE ', $sql_query)) {
310 // Checks if the user is a Superuser
311 // TODO: set a global variable with this information
312 // loic1: optimized query
313 $result = @PMA_mysql_query
('USE mysql');
314 if (PMA_mysql_error()) {
315 include('./header.inc.php3');
316 PMA_mysqlDie($strNoDropDatabases, '', '', $err_url);
319 define('PMA_CHK_DROP', 1);
325 if ($sql_query != '') {
327 PMA_splitSqlFile($pieces, $sql_query, PMA_MYSQL_INT_VERSION
);
328 $pieces_count = count($pieces);
329 if ($pieces_count > 1) {
333 // Copy of the cleaned sql statement for display purpose only (see near the
334 // beginning of "db_details.php3" & "tbl_properties.php3")
335 if ($sql_file != 'none' && $pieces_count > 10) {
336 // Be nice with bandwidth...
337 $sql_query_cpy = $sql_query = '';
339 $sql_query_cpy = implode(";\n", $pieces) . ';';
342 // really run the query?
343 if ($view_bookmark == 0) {
344 // Only one query to run
345 if ($pieces_count == 1 && !empty($pieces[0])) {
346 // sql.php3 will stripslash the query if get_magic_quotes_gpc
347 if (get_magic_quotes_gpc() == 1) {
348 $sql_query = addslashes($pieces[0]);
350 $sql_query = $pieces[0];
352 if (eregi('^(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)', $sql_query)) {
355 include('./sql.php3');
359 // Runs multiple queries
360 else if (PMA_mysql_select_db($db)) {
362 for ($i = 0; $i < $pieces_count; $i++
) {
363 $a_sql_query = $pieces[$i];
364 $result = PMA_mysql_query($a_sql_query);
365 if ($result == FALSE) { // readdump failed
366 $my_die = $a_sql_query;
369 if (!isset($reload) && eregi('^(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)', $a_sql_query)) {
374 } // end if (really run the query)
382 if (isset($my_die)) {
383 $js_to_run = 'functions.js';
384 include('./header.inc.php3');
385 PMA_mysqlDie('', $my_die, '', $err_url);
390 * Go back to the calling script
392 // Checks for a valid target script
393 if (isset($table) && $table == '') {
396 if (isset($db) && $db == '') {
399 $is_db = $is_table = FALSE;
400 if ($goto == 'tbl_properties.php3') {
401 if (!isset($table)) {
402 $goto = 'db_details.php3';
404 $is_table = @PMA_mysql_query
('SHOW TABLES LIKE \'' . PMA_sqlAddslashes($table, TRUE) . '\'');
405 if (!($is_table && @mysql_numrows
($is_table))) {
406 $goto = 'db_details.php3';
409 } // end if... else...
411 if ($goto == 'db_details.php3') {
418 $is_db = @PMA_mysql_select_db
($db);
423 } // end if... else...
425 // Defines the message to be displayed
426 if (!empty($id_bookmark) && $action_bookmark == 2) {
427 $message = $strBookmarkDeleted;
428 } else if (!isset($sql_query_cpy)) {
429 $message = $strNoQuery;
430 } else if ($sql_query_cpy == '') {
431 $message = "$strSuccess :<br />$strTheContent ($pieces_count $strInstructions) ";
433 $message = $strSuccess;
435 // Loads to target script
436 if ($goto == 'db_details.php3' ||
$goto == 'tbl_properties.php3') {
437 $js_to_run = 'functions.js';
439 if ($goto != 'main.php3') {
440 include('./header.inc.php3');
442 require('./' . $goto);