search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bad query in query box
[phpmyadmin/crack.git] / tbl_select.php3
blobed430ea31f93227e260ace41540a613fe9f36164
1 <?php
2 /* $Id$ */
3
4
5 /**
6 * Gets some core libraries
7 */
8 require('./libraries/grab_globals.lib.php3');
9 require('./libraries/common.lib.php3');
10
11
12 /**
13 * Defines arrays of functions (should possibly be in config.inc.php3
14 * so it can also be used in tbl_qbe.php3)
15 */
16 $numfunctions = array('=', '>', '>=', '<', '<=', '!=');
17 $textfunctions = array('LIKE', '=', '!=');
18
19
20 /**
21 * Not selection yet required -> displays the selection form
22 */
23 if (!isset($param) || $param[0] == '') {
24 // Gets some core libraries
25 include('./tbl_properties_common.php3');
26 $err_url = 'tbl_select.php3' . $err_url;
27 $url_query .= '&amp;back=tbl_select.php3';
28 include('./tbl_properties_table_info.php3');
29
30 // Defines the url to return to in case of error in the next sql statement
31 $err_url = $goto
32 . '?lang=' . $lang
33 . '&amp;convcharset=' . $convcharset
34 . '&amp;server=' . $server
35 . '&amp;db=' . urlencode($db)
36 . '&amp;table=' . urlencode($table);
37
38 // Gets the list and number of fields
39 $local_query = 'SHOW FIELDS FROM ' . PMA_backquote($db) . '.' . PMA_backquote($table);
40 $result = @PMA_mysql_query($local_query);
41 if (!$result) {
42 PMA_mysqlDie('', $local_query, '', $err_url);
43 }
44 else {
45 $fields_cnt = mysql_num_rows($result);
46 while ($row = PMA_mysql_fetch_array($result)) {
47 $fields_list[] = $row['Field'];
48 $type = $row['Type'];
49 // reformat mysql query output - staybyte - 9. June 2001
50 $shorttype = substr($type, 0, 3);
51 if ($shorttype == 'set' || $shorttype == 'enu') {
52 $type = eregi_replace(',', ', ', $type);
53 // Removes automatic MySQL escape format
54 $type = str_replace('\'\'', '\\\'', $type);
55 }
56 $type = eregi_replace('BINARY', '', $type);
57 $type = eregi_replace('ZEROFILL', '', $type);
58 $type = eregi_replace('UNSIGNED', '', $type);
59 if (empty($type)) {
60 $type = '&nbsp;';
61 }
62 $fields_type[] = $type;
63 } // end while
64 mysql_free_result($result);
65 ?>
66 <form method="post" action="tbl_select.php3">
67 <input type="hidden" name="server" value="<?php echo $server; ?>" />
68 <input type="hidden" name="lang" value="<?php echo $lang; ?>" />
69 <input type="hidden" name="convcharset" value="<?php echo $convcharset; ?>" />
70 <input type="hidden" name="db" value="<?php echo $db; ?>" />
71 <input type="hidden" name="table" value="<?php echo $table; ?>" />
72 <input type="hidden" name="goto" value="<?php echo $goto; ?>" />
73 <input type="hidden" name="back" value="tbl_select.php3" />
74 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
75 <?php echo $strSelectFields; ?>&nbsp;:<br />
76 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
77 <select name="param[]" size="<?php echo ($fields_cnt < 10) ? $fields_cnt : 10; ?>" multiple="multiple">
78 <?php
79 echo "\n";
80 // Displays the list of the fields
81 for ($i = 0 ; $i < $fields_cnt; $i++) {
82 echo ' <option value="' . urlencode($fields_list[$i]) . '" selected="selected">' . htmlspecialchars($fields_list[$i]) . '</option>' . "\n";
83 }
84 ?>
85 </select><br />
86 <ul>
87 <li>
88 <div style="margin-bottom: 10px">
89 <?php echo $strLimitNumRows . "\n"; ?>
90 <input type="text" size="4" name="session_max_rows" value="<?php echo $cfg['MaxRows']; ?>" class="textfield" />
91 </div>
92 </li>
93 <li>
94 <?php echo $strAddSearchConditions; ?><br />
95 <input type="text" name="where" class="textfield" />&nbsp;
96 <?php echo PMA_showDocuShort('F/u/Functions.html') . "\n"; ?>
97 <br /><br />
98 <?php echo '<i>' . $strOr . '</i> ' . $strDoAQuery; ?><br />
99 <table border="<?php echo $cfg['Border']; ?>">
100 <tr>
101 <th><?php echo $strField; ?></th>
102 <th><?php echo $strType; ?></th>
103 <th><?php echo $strFunction; ?></th>
104 <th><?php echo $strValue; ?></th>
105 </tr>
106 <?php
107 for ($i = 0; $i < $fields_cnt; $i++) {
108 echo "\n";
109 $bgcolor = ($i % 2) ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo'];
110 ?>
111 <tr>
112 <td bgcolor="<?php echo $bgcolor; ?>"><?php echo htmlspecialchars($fields_list[$i]); ?></td>
113 <td bgcolor="<?php echo $bgcolor; ?>"><?php echo $fields_type[$i]; ?></td>
114 <td bgcolor="<?php echo $bgcolor; ?>">
115 <select name="func[]">
116 <?php
117 reset($numfunctions);
118 reset($textfunctions);
119 if (eregi('char|blob|text|set|enum', $fields_type[$i])) {
120 while (list($k, $fc) = each($textfunctions)) {
121 echo "\n" . ' '
122 . '<option value="' . htmlspecialchars($fc) . '">' . htmlspecialchars($fc) . '</option>';
123 } // end while
124 } else {
125 while (list($k, $fc) = each($numfunctions)) {
126 echo "\n" . ' '
127 . '<option value="' . htmlspecialchars($fc) . '">' . htmlspecialchars($fc) . '</option>';
128 } // end while
129 } // end if... else...
130 echo "\n";
131 ?>
132 </select>
133 </td>
134 <td bgcolor="<?php echo $bgcolor; ?>">
135 <input type="text" name="fields[]" size="40" class="textfield" />
136 <input type="hidden" name="names[]" value="<?php echo urlencode($fields_list[$i]); ?>" />
137 <input type="hidden" name="types[]" value="<?php echo $fields_type[$i]; ?>" />
138 </td>
139 </tr>
140 <?php
141 } // end for
142 echo "\n";
143 ?>
144 </table><br />
145 </li>
146 <li>
147 <?php echo $strDisplayOrder; ?><br />
148 <select name="orderField" style="vertical-align: middle">
149 <option value="--nil--"></option>
150 <?php
151 echo "\n";
152 for ($i = 0; $i < $fields_cnt; $i++) {
153 echo ' ';
154 echo '<option value="' . urlencode($fields_list[$i]) . '">' . htmlspecialchars($fields_list[$i]) . '</option>' . "\n";
155 } // end for
156 ?>
157 </select>
158 <input type="radio" name="order" value="ASC" checked="checked" />
159 <?php echo $strAscending; ?>&nbsp;
160 <input type="radio" name="order" value="DESC" />
161 <?php echo $strDescending; ?><br /><br />
162 </li>
163 </ul>
164
165 &nbsp;&nbsp;&nbsp;&nbsp;
166 <input type="submit" name="submit" value="<?php echo $strGo; ?>" />
167 </form>
168 <?php
169 } // end if
170 echo "\n";
171 include('./footer.inc.php3');
172 }
173
174
175 /**
176 * Selection criteria have been submitted -> do the work
177 */
178 else {
179 // Builds the query
180 $sql_query = 'SELECT ' . PMA_backquote(urldecode($param[0]));
181 $i = 0;
182 $c = count($param);
183 while ($i < $c) {
184 if ($i > 0) {
185 $sql_query .= ',' . PMA_backquote(urldecode($param[$i]));
186 }
187 $i++;
188 }
189 $sql_query .= ' FROM ' . PMA_backquote($table);
190 // The where clause
191 if ($where != '') {
192 $sql_query .= ' WHERE ' . ((get_magic_quotes_gpc()) ? stripslashes($where) : $where);
193 }
194 else {
195 $sql_query .= ' WHERE 1';
196 for ($i = 0; $i < count($fields); $i++) {
197 if (!empty($fields) && $fields[$i] != '') {
198 if (strtoupper($fields[$i]) == 'NULL' || strtoupper($fields[$i]) == 'NOT NULL') {
199 $quot = '';
200 $func[$i] = 'IS';
201 }
202 if (eregi('char|blob|text|set|enum|date|time|year', $types[$i])) {
203 $quot = '\'';
204 } else {
205 $quot = '';
206 }
207 $sql_query .= ' AND ' . PMA_backquote(urldecode($names[$i])) . " $func[$i] $quot$fields[$i]$quot";
208 } // end if
209 } // end for
210 } // end if
211
212 if ($orderField != '--nil--') {
213 $sql_query .= ' ORDER BY ' . PMA_backquote(urldecode($orderField)) . ' ' . $order;
214 } // end if
215
216 // The query will be stripslashed in sql.php3 if "magic_quotes_gpc" is on
217 if (get_magic_quotes_gpc()) {
218 $sql_query = addslashes($sql_query);
219 }
220 include('./sql.php3');
221
222 }
223
224 ?>
Drizzle / GSOC 2011