3 // vim: expandtab sw=4 ts=4 sts=4:
7 * Gets some core libraries
9 require('./libraries/grab_globals.lib.php3');
10 require('./libraries/common.lib.php3');
14 * Initializes some variables
16 // Defines the url to return in case of success of the query
17 if (isset($sql_query)) {
18 $sql_query = urldecode($sql_query);
20 if (!isset($dontlimitchars)) {
24 if (isset($after_insert) && $after_insert == 'new_insert') {
25 $goto = 'tbl_change.php3'
27 . '&convcharset=' . $convcharset
28 . '&server=' . $server
29 . '&db=' . urlencode($db)
30 . '&table=' . urlencode($table)
31 . '&goto=' . urlencode($goto)
33 . '&session_max_rows=' . $session_max_rows
34 . '&disp_direction=' . $disp_direction
35 . '&repeat_cells=' . $repeat_cells
36 . '&dontlimitchars=' . $dontlimitchars
37 . (empty($sql_query) ?
'' : '&sql_query=' . urlencode($sql_query));
38 } else if ($goto == 'sql.php3') {
41 . '&convcharset=' . $convcharset
42 . '&server=' . $server
43 . '&db=' . urlencode($db)
44 . '&table=' . urlencode($table)
46 . '&session_max_rows=' . $session_max_rows
47 . '&disp_direction=' . $disp_direction
48 . '&repeat_cells=' . $repeat_cells
49 . '&dontlimitchars=' . $dontlimitchars
50 . '&sql_query=' . urlencode($sql_query);
51 } else if (!empty($goto)) {
53 $is_gotofile = ereg_replace('^([^?]+).*$', '\\1', $goto);
54 if (!@file_exists
('./' . $is_gotofile)) {
55 $goto = (empty($table)) ?
'db_details.php3' : 'tbl_properties.php3';
58 $is_gotofile = ($is_gotofile == $goto);
62 // Defines the url to return in case of failure of the query
63 if (isset($err_url)) {
64 $err_url = urldecode($err_url);
66 $err_url = str_replace('&', '&', $goto)
67 . (empty($primary_key) ?
'' : '&primary_key=' . $primary_key);
70 // Resets tables defined in the configuration file
77 if (get_magic_quotes_gpc()) {
78 $submit_type = stripslashes($submit_type);
83 * Prepares the update of a row
85 if (isset($primary_key) && ($submit_type != $strInsertAsNewRow)) {
86 // Restore the "primary key" to a convenient format
87 $primary_key = urldecode($primary_key);
89 // Defines the SET part of the sql query
91 while (list($key, $val) = each($fields)) {
93 $key = urldecode($key);
95 switch (strtolower($val)) {
99 // if we have an enum, then construct the value
100 $f = 'field_' . md5($key);
102 $val = implode(',', $
$f);
103 if ($val == 'null') {
106 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
113 // if we have a set, then construct the value
114 $f = 'field_' . md5($key);
116 $val = implode(',', $
$f);
117 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
123 // if we have a foreign key, then construct the value
124 $f = 'field_' . md5($key);
126 $val = implode(',', $
$f);
127 if ($val == 'null') {
130 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
137 if (get_magic_quotes_gpc()) {
138 $val = "'" . str_replace('\\"', '"', $val) . "'";
140 $val = "'" . PMA_sqlAddslashes($val) . "'";
145 // Was the Null checkbox checked for this field?
146 if (isset($fields_null) && isset($fields_null[$encoded_key])) {
150 // No change for this column and no MySQL function is used -> next column
151 if (empty($funcs[$encoded_key])
152 && isset($fields_prev) && isset($fields_prev[$encoded_key])
153 && ("'" . PMA_sqlAddslashes(urldecode($fields_prev[$encoded_key])) . "'" == $val)) {
156 else if (!empty($val)) {
157 if (empty($funcs[$encoded_key])) {
158 $valuelist .= PMA_backquote($key) . ' = ' . $val . ', ';
159 } else if ($val == '\'\''
160 && (ereg('^(NOW|CURDATE|CURTIME|UNIX_TIMESTAMP|RAND|USER|LAST_INSERT_ID)$', $funcs[$encoded_key]))) {
161 $valuelist .= PMA_backquote($key) . ' = ' . $funcs[$encoded_key] . '(), ';
163 $valuelist .= PMA_backquote($key) . ' = ' . $funcs[$encoded_key] . "($val), ";
168 // Builds the sql upate query
169 $valuelist = ereg_replace(', $', '', $valuelist);
170 if (!empty($valuelist)) {
171 $query = 'UPDATE ' . PMA_backquote($table) . ' SET ' . $valuelist . ' WHERE' . $primary_key
172 . ((PMA_MYSQL_INT_VERSION
>= 32300) ?
' LIMIT 1' : '');
173 $message = $strAffectedRows . ' ';
175 // No change -> move back to the calling script
177 $message = $strNoModification;
179 $js_to_run = 'functions.js';
180 include('./header.inc.php3');
181 include('./' . ereg_replace('\.\.*', '.', $goto));
183 header('Location: ' . $cfg['PmaAbsoluteUri'] . $goto . '&message=' . urlencode($message));
191 * Prepares the insert of a row
196 while (list($key, $val) = each($fields)) {
198 $key = urldecode($key);
199 $fieldlist .= PMA_backquote($key) . ', ';
201 switch (strtolower($val)) {
205 // if we have a set, then construct the value
206 $f = 'field_' . md5($key);
208 $val = implode(',', $
$f);
209 if ($val == 'null') {
212 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
219 // if we have a set, then construct the value
220 $f = 'field_' . md5($key);
222 $val = implode(',', $
$f);
223 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
229 // if we have a foreign key, then construct the value
230 $f = 'field_' . md5($key);
232 $val = implode(',', $
$f);
233 if ($val == 'null') {
236 $val = "'" . PMA_sqlAddslashes(urldecode($val)) . "'";
243 if (get_magic_quotes_gpc()) {
244 $val = "'" . str_replace('\\"', '"', $val) . "'";
246 $val = "'" . PMA_sqlAddslashes($val) . "'";
251 // Was the Null checkbox checked for this field?
252 if (isset($fields_null) && isset($fields_null[$encoded_key])) {
256 if (empty($funcs[$encoded_key])) {
257 $valuelist .= $val . ', ';
258 } else if (($val == '\'\''
259 && ereg('^(UNIX_TIMESTAMP|RAND|LAST_INSERT_ID)$', $funcs[$encoded_key]))
260 ||
ereg('^(NOW|CURDATE|CURTIME|USER)$', $funcs[$encoded_key])) {
261 $valuelist .= $funcs[$encoded_key] . '(), ';
263 $valuelist .= $funcs[$encoded_key] . '(' . $val . '), ';
267 // Builds the sql insert query
268 $fieldlist = ereg_replace(', $', '', $fieldlist);
269 $valuelist = ereg_replace(', $', '', $valuelist);
270 $query = 'INSERT INTO ' . PMA_backquote($table) . ' (' . $fieldlist . ') VALUES (' . $valuelist . ')';
271 $message = $strInsertedRows . ' ';
272 } // end row insertion
276 * Executes the sql query and get the result, then move back to the calling
279 PMA_mysql_select_db($db);
280 $sql_query = $query . ';';
281 $result = PMA_mysql_query($query);
284 $error = PMA_mysql_error();
285 include('./header.inc.php3');
286 PMA_mysqlDie($error, '', '', $err_url);
288 if (@mysql_affected_rows
()) {
289 $message .= @mysql_affected_rows
();
291 $message = $strModifications;
294 if ($goto == 'db_details.php3' && !empty($table)) {
297 $js_to_run = 'functions.js';
298 include('./header.inc.php3');
299 include('./' . ereg_replace('\.\.*', '.', $goto));
301 $add_query = (strpos(' ' . $goto, 'tbl_change') ?
'&disp_query=' . urlencode($sql_query) : '');
302 header('Location: ' . $cfg['PmaAbsoluteUri'] . $goto . '&message=' . urlencode($message) . $add_query);