search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
no priv messages for db creation
[phpmyadmin/crack.git] / tbl_create.php3
blob9ac21d94a8ec60d9a7a2c3b204140172f9d6bf98
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
4
5
6 /**
7 * Get some core libraries
8 */
9 require('./libraries/grab_globals.lib.php3');
10 if (isset($submit)) {
11 $js_to_run = 'functions.js';
12 }
13 require('./header.inc.php3');
14
15
16 /**
17 * Defines the url to return to in case of error in a sql statement
18 */
19 $err_url = 'tbl_properties.php3'
20 . '?lang=' . $lang
21 . '&amp;convcharset=' . $convcharset
22 . '&amp;server=' . $server
23 . '&amp;db=' . urlencode($db)
24 . '&amp;table=' . urlencode($table);
25
26
27 /**
28 * Selects the database to work with
29 */
30 PMA_mysql_select_db($db);
31
32
33 /**
34 * The form used to define the structure of the table has been submitted
35 */
36 if (isset($submit)) {
37 $sql_query = $query_cpy = '';
38
39 // Transforms the radio button field_key into 3 arrays
40 $field_cnt = count($field_name);
41 for ($i = 0; $i < $field_cnt; ++$i) {
42 if (isset(${'field_key_' . $i})) {
43 if (${'field_key_' . $i} == 'primary_' . $i) {
44 $field_primary[] = $i;
45 }
46 if (${'field_key_' . $i} == 'index_' . $i) {
47 $field_index[] = $i;
48 }
49 if (${'field_key_' . $i} == 'unique_' . $i) {
50 $field_unique[] = $i;
51 }
52 } // end if
53 } // end for
54 // Builds the fields creation statements
55 for ($i = 0; $i < $field_cnt; $i++) {
56 if (empty($field_name[$i])) {
57 continue;
58 }
59 if (get_magic_quotes_gpc()) {
60 $field_name[$i] = stripslashes($field_name[$i]);
61 }
62 if (PMA_MYSQL_INT_VERSION < 32306) {
63 PMA_checkReservedWords($field_name[$i], $err_url);
64 }
65 $query = PMA_backquote($field_name[$i]) . ' ' . $field_type[$i];
66 if ($field_length[$i] != '') {
67 if (get_magic_quotes_gpc()) {
68 $query .= '(' . stripslashes($field_length[$i]) . ')';
69 } else {
70 $query .= '(' . $field_length[$i] . ')';
71 }
72 }
73 if ($field_attribute[$i] != '') {
74 $query .= ' ' . $field_attribute[$i];
75 }
76 if ($field_default[$i] != '') {
77 if (strtoupper($field_default[$i]) == 'NULL') {
78 $query .= ' DEFAULT NULL';
79 } else if (get_magic_quotes_gpc()) {
80 $query .= ' DEFAULT \'' . PMA_sqlAddslashes(stripslashes($field_default[$i])) . '\'';
81 } else {
82 $query .= ' DEFAULT \'' . PMA_sqlAddslashes($field_default[$i]) . '\'';
83 }
84 }
85 if ($field_null[$i] != '') {
86 $query .= ' ' . $field_null[$i];
87 }
88 if ($field_extra[$i] != '') {
89 $query .= ' ' . $field_extra[$i];
90 }
91 $query .= ', ';
92 $sql_query .= $query;
93 $query_cpy .= "\n" . ' ' . $query;
94 } // end for
95 unset($field_cnt);
96 unset($query);
97 $sql_query = ereg_replace(', $', '', $sql_query);
98 $query_cpy = ereg_replace(', $', '', $query_cpy);
99
100 // Builds the primary keys statements
101 $primary = '';
102 $primary_cnt = (isset($field_primary) ? count($field_primary) : 0);
103 for ($i = 0; $i < $primary_cnt; $i++) {
104 $j = $field_primary[$i];
105 if (!empty($field_name[$j])) {
106 if (get_magic_quotes_gpc()) {
107 $field_name[$j] = stripslashes($field_name[$j]);
108 }
109 $primary .= PMA_backquote($field_name[$j]) . ', ';
110 }
111 } // end for
112 unset($primary_cnt);
113 $primary = ereg_replace(', $', '', $primary);
114 if (!empty($primary)) {
115 $sql_query .= ', PRIMARY KEY (' . $primary . ')';
116 $query_cpy .= ',' . "\n" . ' PRIMARY KEY (' . $primary . ')';
117 }
118 unset($primary);
119
120 // Builds the indexes statements
121 $index = '';
122 $index_cnt = (isset($field_index) ? count($field_index) : 0);
123 for ($i = 0;$i < $index_cnt; $i++) {
124 $j = $field_index[$i];
125 if (!empty($field_name[$j])) {
126 if (get_magic_quotes_gpc()) {
127 $field_name[$j] = stripslashes($field_name[$j]);
128 }
129 $index .= PMA_backquote($field_name[$j]) . ', ';
130 }
131 } // end for
132 unset($index_cnt);
133 $index = ereg_replace(', $', '', $index);
134 if (!empty($index)) {
135 $sql_query .= ', INDEX (' . $index . ')';
136 $query_cpy .= ',' . "\n" . ' INDEX (' . $index . ')';
137 }
138 unset($index);
139
140 // Builds the uniques statements
141 $unique = '';
142 $unique_cnt = (isset($field_unique) ? count($field_unique) : 0);
143 for ($i = 0; $i < $unique_cnt; $i++) {
144 $j = $field_unique[$i];
145 if (!empty($field_name[$j])) {
146 if (get_magic_quotes_gpc()) {
147 $field_name[$j] = stripslashes($field_name[$j]);
148 }
149 $unique .= PMA_backquote($field_name[$j]) . ', ';
150 }
151 } // end for
152 unset($unique_cnt);
153 $unique = ereg_replace(', $', '', $unique);
154 if (!empty($unique)) {
155 $sql_query .= ', UNIQUE (' . $unique . ')';
156 $query_cpy .= ',' . "\n" . ' UNIQUE (' . $unique . ')';
157 }
158 unset($unique);
159
160 // Builds the fulltextes statements
161 $fulltext = '';
162 $fulltext_cnt = (isset($field_fulltext) ? count($field_fulltext) : 0);
163 for ($i = 0; $i < $fulltext_cnt; $i++) {
164 $j = $field_fulltext[$i];
165 if (!empty($field_name[$j])) {
166 if (get_magic_quotes_gpc()) {
167 $field_name[$j] = stripslashes($field_name[$j]);
168 }
169 $fulltext .= PMA_backquote($field_name[$j]) . ', ';
170 }
171 } // end for
172 unset($field_fulltext);
173 $fulltext = ereg_replace(', $', '', $fulltext);
174 if (!empty($fulltext)) {
175 $sql_query .= ', FULLTEXT (' . $fulltext . ')';
176 $query_cpy .= ',' . "\n" . ' FULLTEXT (' . $fulltext . ')';
177 }
178 unset($fulltext);
179
180 // Builds the 'create table' statement
181 $sql_query = 'CREATE TABLE ' . PMA_backquote($table) . ' (' . $sql_query . ')';
182 $query_cpy = 'CREATE TABLE ' . PMA_backquote($table) . ' (' . $query_cpy . "\n" . ')';
183
184 // Adds table type and comments (2 May 2001 - Robbat2)
185 if (!empty($tbl_type) && ($tbl_type != 'Default')) {
186 $sql_query .= ' TYPE = ' . $tbl_type;
187 $query_cpy .= ' TYPE = ' . $tbl_type;
188 }
189 if (PMA_MYSQL_INT_VERSION >= 32300 && !empty($comment)) {
190 if (get_magic_quotes_gpc()) {
191 $comment = stripslashes($comment);
192 }
193 $sql_query .= ' COMMENT = \'' . PMA_sqlAddslashes($comment) . '\'';
194 $query_cpy .= "\n" . 'COMMENT = \'' . PMA_sqlAddslashes($comment) . '\'';
195 }
196
197 // Executes the query
198 $result = PMA_mysql_query($sql_query) or PMA_mysqlDie('', '', '', $err_url);
199 $sql_query = $query_cpy . ';';
200 unset($query_cpy);
201 $message = $strTable . ' ' . htmlspecialchars($table) . ' ' . $strHasBeenCreated;
202 include('./' . $cfg['DefaultTabTable']);
203 exit();
204 } // end do create table
205
206
207 /**
208 * Displays the form used to define the structure of the table
209 */
210 else {
211 if (isset($num_fields)) {
212 $num_fields = intval($num_fields);
213 }
214 // No table name
215 if (!isset($table) || trim($table) == '') {
216 PMA_mysqlDie($strTableEmpty, '', '', $err_url);
217 }
218 // No valid number of fields
219 else if (empty($num_fields) || !is_int($num_fields)) {
220 PMA_mysqlDie($strFieldsEmpty, '', '', $err_url);
221 }
222 // Table name and number of fields are valid -> show the form
223 else {
224 // Ensures the table name is valid
225 if (get_magic_quotes_gpc()) {
226 $table = stripslashes($table);
227 }
228 if (PMA_MYSQL_INT_VERSION < 32306) {
229 PMA_checkReservedWords($table, $err_url);
230 }
231
232 $action = 'tbl_create.php3';
233 include('./tbl_properties.inc.php3');
234 // Diplays the footer
235 echo "\n";
236 include('./footer.inc.php3');
237 }
238 }
239
240 ?>
Drizzle / GSOC 2011