search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
previous fix was incompatible with mysql extension
[phpmyadmin/crack.git] / querywindow.php
blobd1858e47d479dcfa6119bb27157ec67a0d29b0b9
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * this file is register_globals save
5 *
6 * @todo move JavaScript out of here into .js files
7 * @uses $cfg['QueryWindowDefTab']
8 * @uses $cfg['PropertiesIconic']
9 * @uses $cfg['QueryHistoryDB']
10 * @uses $cfg['Server']['user']
11 * @uses $cfg['AllowUserDropDatabase']
12 * @uses $cfg['Confirm']
13 * @uses $GLOBALS['db']
14 * @uses $GLOBALS['table']
15 * @uses $GLOBALS['strSQL']
16 * @uses $GLOBALS['strImportFiles']
17 * @uses $GLOBALS['strQuerySQLHistory']
18 * @uses $GLOBALS['strAll']
19 * @uses $GLOBALS['strChange']
20 * @uses $GLOBALS['strFormEmpty']
21 * @uses $GLOBALS['strNotNumber']
22 * @uses $GLOBALS['strNoDropDatabases']
23 * @uses $GLOBALS['strDoYouReally']
24 * @uses $GLOBALS['strQuerySQLHistory']
25 * @uses PMA_isSuperuser()
26 * @uses PMA_outBufferPre()
27 * @uses PMA_getRelationsParam()
28 * @uses PMA_isValid()
29 * @uses PMA_ifSetOr()
30 * @uses PMA_setHistory()
31 * @uses PMA_getHistory()
32 * @uses PMA_generate_common_url()
33 * @uses PMA_generate_common_hidden_inputs()
34 * @uses PMA_escapeJsString()
35 * @uses PMA_getTabs()
36 * @uses PMA_sqlQueryForm()
37 * @uses PMA_jsFormat()
38 * @uses in_array()
39 * @uses strlen()
40 * @uses preg_replace()
41 * @uses htmlspecialchars()
42 * @version $Id$
43 */
44
45 /**
46 *
47 */
48 require_once './libraries/common.inc.php';
49
50 $is_superuser = PMA_isSuperuser();
51
52 /**
53 * Gets a core script and starts output buffering work
54 */
55 require_once './libraries/sql_query_form.lib.php';
56
57 /**
58 * starts output buffering if requested and supported
59 */
60 require_once './libraries/ob.lib.php';
61 PMA_outBufferPre();
62
63 /**
64 * load relations
65 */
66 require_once './libraries/relation.lib.php';
67 $cfgRelation = PMA_getRelationsParam();
68
69 /**
70 * load bookmark support
71 */
72 require_once './libraries/bookmark.lib.php';
73
74 $querydisplay_tabs = array(
75 'sql',
76 'files',
77 'history',
78 'full',
79 );
80
81 if (isset($_REQUEST['querydisplay_tab'])
82 && in_array($_REQUEST['querydisplay_tab'], $querydisplay_tabs)) {
83 $querydisplay_tab = $_REQUEST['querydisplay_tab'];
84 } else {
85 $querydisplay_tab = $GLOBALS['cfg']['QueryWindowDefTab'];
86 }
87
88 /**
89 * $_REQUEST['no_js'] is set if open new window by JavaScript failed
90 * so this page is loaded in main frame
91 */
92 $no_js = PMA_ifSetOr($_REQUEST['no_js'], false);
93
94 if ($no_js) {
95 $querydisplay_tab = 'full';
96 $tabs = false;
97 } else {
98 $tabs = array();
99 $tabs['sql']['icon'] = 'b_sql.png';
100 $tabs['sql']['text'] = $GLOBALS['strSQL'];
101 $tabs['sql']['fragment'] = '#';
102 $tabs['sql']['attr'] = 'onclick="javascript:PMA_querywindowCommit(\'sql\');return false;"';
103 $tabs['sql']['active'] = (bool) ($querydisplay_tab == 'sql');
104 $tabs['import']['icon'] = 'b_import.png';
105 $tabs['import']['text'] = $GLOBALS['strImportFiles'];
106 $tabs['import']['fragment'] = '#';
107 $tabs['import']['attr'] = 'onclick="javascript:PMA_querywindowCommit(\'files\');return false;"';
108 $tabs['import']['active'] = (bool) ($querydisplay_tab == 'files');
109 $tabs['history']['icon'] = 'b_bookmark.png';
110 $tabs['history']['text'] = $GLOBALS['strQuerySQLHistory'];
111 $tabs['history']['fragment'] = '#';
112 $tabs['history']['attr'] = 'onclick="javascript:PMA_querywindowCommit(\'history\');return false;"';
113 $tabs['history']['active'] = (bool) ($querydisplay_tab == 'history');
114
115 if ($GLOBALS['cfg']['QueryWindowDefTab'] == 'full') {
116 $tabs['all']['text'] = $GLOBALS['strAll'];
117 $tabs['all']['fragment'] = '#';
118 $tabs['all']['attr'] = 'onclick="javascript:PMA_querywindowCommit(\'full\');return false;"';
119 $tabs['all']['active'] = (bool) ($querydisplay_tab == 'full');
120 }
121 }
122
123 if ($GLOBALS['cfg']['PropertiesIconic']) {
124 $titles['Change'] =
125 '<img class="icon" width="16" height="16" src="' . $pmaThemeImage
126 . 'b_edit.png" alt="' . $GLOBALS['strChange'] . '" title="' . $GLOBALS['strChange']
127 . '" />';
128
129 if ('both' === $GLOBALS['cfg']['PropertiesIconic']) {
130 $titles['Change'] .= $GLOBALS['strChange'];
131 }
132 } else {
133 $titles['Change'] = $GLOBALS['strChange'];
134 }
135
136 $url_query = PMA_generate_common_url($db, $table);
137
138 if (! empty($sql_query)) {
139 $show_query = 1;
140 }
141
142 if ($no_js) {
143 // ... we redirect to appropriate query sql page
144 // works only full if $db and $table is also stored/grabbed from $_COOKIE
145 if (strlen($table)) {
146 require './tbl_sql.php';
147 } elseif (strlen($db)) {
148 require './db_sql.php';
149 } else {
150 require './server_sql.php';
151 }
152 exit;
153 }
154
155 /**
156 * Defines the query to be displayed in the query textarea
157 */
158 if (! empty($show_query)) {
159 $query_to_display = $sql_query;
160 } else {
161 $query_to_display = '';
162 }
163 $sql_query = '';
164
165 /**
166 * start HTML output
167 */
168 require_once './libraries/header_http.inc.php';
169 require_once './libraries/header_meta_style.inc.php';
170 ?>
171 <script type="text/javascript">
172 //<![CDATA[
173 var errorMsg0 = '<?php echo PMA_escapeJsString($GLOBALS['strFormEmpty']); ?>';
174 var errorMsg1 = '<?php echo PMA_escapeJsString($GLOBALS['strNotNumber']); ?>';
175 var noDropDbMsg = '<?php echo (!$is_superuser && !$GLOBALS['cfg']['AllowUserDropDatabase'])
176 ? PMA_escapeJsString($GLOBALS['strNoDropDatabases']) : ''; ?>';
177 var confirmMsg = '<?php echo $GLOBALS['cfg']['Confirm']
178 ? PMA_escapeJsString($GLOBALS['strDoYouReally']) : ''; ?>';
179
180 function PMA_queryAutoCommit() {
181 document.getElementById('sqlqueryform').target = window.opener.frame_content.name;
182 document.getElementById('sqlqueryform').submit();
183 return;
184 }
185
186 function PMA_querywindowCommit(tab) {
187 document.getElementById('hiddenqueryform').querydisplay_tab.value = tab;
188 document.getElementById('hiddenqueryform').submit();
189 return false;
190 }
191
192 function PMA_querywindowResize() {
193 // for Gecko
194 if (typeof(self.sizeToContent) == 'function') {
195 self.sizeToContent();
196 //self.scrollbars.visible = false;
197 // give some more space ... to prevent 'fli(pp/ck)ing'
198 self.resizeBy(10, 50);
199 return;
200 }
201
202 // for IE, Opera
203 if (document.getElementById && typeof(document.getElementById('querywindowcontainer')) != 'undefined') {
204
205 // get content size
206 var newWidth = document.getElementById('querywindowcontainer').offsetWidth;
207 var newHeight = document.getElementById('querywindowcontainer').offsetHeight;
208
209 // set size to contentsize
210 // plus some offset for scrollbars, borders, statusbar, menus ...
211 self.resizeTo(newWidth + 45, newHeight + 75);
212 }
213 }
214
215 function PMA_querywindowInit()
216 {
217 <?php
218 if (PMA_isValid($_REQUEST['auto_commit'], 'identical', 'true')) {
219 echo 'PMA_queryAutoCommit();' . "\n";
220 }
221 if (PMA_isValid($_REQUEST['init'])) {
222 echo 'PMA_querywindowResize();' . "\n";
223 }
224 ?>
225 }
226
227 //]]>
228 </script>
229 <script src="./js/functions.js" type="text/javascript"></script>
230 </head>
231
232 <body id="bodyquerywindow" onload="PMA_querywindowInit();">
233 <div id="querywindowcontainer">
234 <?php
235
236 if ($tabs) {
237 echo PMA_getTabs($tabs);
238 unset($tabs);
239 }
240
241 PMA_sqlQueryForm($query_to_display, $querydisplay_tab);
242
243 // Hidden forms and query frame interaction stuff
244
245 $_sql_history = PMA_getHistory($GLOBALS['cfg']['Server']['user']);
246 if (! empty($_sql_history)
247 && ($querydisplay_tab == 'history' || $querydisplay_tab == 'full')) {
248 $tab = $querydisplay_tab != 'full' ? 'sql' : 'full';
249 echo $GLOBALS['strQuerySQLHistory'] . ':<br />' . "\n"
250 .'<ul>';
251 foreach ($_sql_history as $query) {
252 echo '<li>' . "\n";
253
254 // edit link
255 $url_params = array(
256 'querydisplay_tab' => $tab,
257 'sql_query' => $query['sqlquery'],
258 'db' => $query['db'],
259 'table' => $query['table'],
260 );
261 echo '<a href="querywindow.php' . PMA_generate_common_url($url_params)
262 . '">' . $titles['Change'] . '</a>';
263
264 // execute link
265 $url_params['auto_commit'] = 'true';
266 echo '<a href="import.php' . PMA_generate_common_url($url_params) . '"'
267 . ' target="frame_content">';
268
269 if (! empty($query['db'])) {
270 echo '[';
271 echo htmlspecialchars(PMA_backquote($query['db']));
272 if (! empty($query['table'])) {
273 echo '.' . htmlspecialchars(PMA_backquote($query['table']));
274 }
275 echo '] ';
276 }
277 if (strlen($query['sqlquery']) > 120) {
278 echo '<span title="' . htmlspecialchars($query['sqlquery']) . '">';
279 echo htmlspecialchars(substr($query['sqlquery'], 0, 50)) . ' [...] ';
280 echo htmlspecialchars(substr($query['sqlquery'], -50));
281 echo '</span>';
282 } else {
283 echo htmlspecialchars($query['sqlquery']);
284 }
285 echo '</a>' . "\n";
286 echo '</li>' . "\n";
287 }
288 unset($tab, $_sql_history, $query);
289 echo '</ul>' . "\n";
290 }
291 ?>
292 <form action="querywindow.php" method="post" name="hiddenqueryform"
293 id="hiddenqueryform">
294 <?php echo PMA_generate_common_hidden_inputs('', ''); ?>
295 <input type="hidden" name="db" value="<?php echo htmlspecialchars($db); ?>" />
296 <input type="hidden" name="table" value="<?php echo htmlspecialchars($table); ?>" />
297 <input type="hidden" name="sql_query" value="" />
298 <input type="hidden" name="querydisplay_tab" value="<?php echo $querydisplay_tab; ?>" />
299 </form>
300 </div>
301 </body>
302 </html>
303
304 <?php
305 /**
306 * Close MySql connections
307 */
308 if (! empty($controllink)) {
309 PMA_DBI_close($controllink);
310 }
311 if (! empty($userlink)) {
312 PMA_DBI_close($userlink);
313 }
314 ?>
Drizzle / GSOC 2011