ldi_check.php3

   1 <?php
   2 /* $Id$ */
   3 // vim: expandtab sw=4 ts=4 sts=4:
   4
   5
   6 /**
   7  * This file checks and builds the sql-string for
   8  * LOAD DATA INFILE 'file_name.txt' [REPLACE | IGNORE] INTO TABLE table_name
   9  *    [FIELDS
  10  *        [TERMINATED BY '\t']
  11  *        [OPTIONALLY] ENCLOSED BY "]
  12  *        [ESCAPED BY '\\' ]]
  13  *    [LINES TERMINATED BY '\n']
  14  *    [(column_name,...)]
  15  */
  16
  17
  18 /**
  19  * Gets some core scripts
  20  */
  21 require('./libraries/grab_globals.lib.php3');
  22 require('./libraries/common.lib.php3');
  23
  24
  25 /**
  26  * If a file from UploadDir was submitted, use this file
  27  */
  28 $unlink_local_textfile = false;
  29 if (isset($btnLDI) && isset($local_textfile) && $local_textfile != '') {
  30     if (empty($DOCUMENT_ROOT)) {
  31         if (!empty($_SERVER) && isset($_SERVER['DOCUMENT_ROOT'])) {
  32             $DOCUMENT_ROOT = $_SERVER['DOCUMENT_ROOT'];
  33         }
  34         else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['DOCUMENT_ROOT'])) {
  35             $DOCUMENT_ROOT = $HTTP_SERVER_VARS['DOCUMENT_ROOT'];
  36         }
  37         else if (!empty($_ENV) && isset($_ENV['DOCUMENT_ROOT'])) {
  38             $DOCUMENT_ROOT = $_ENV['DOCUMENT_ROOT'];
  39         }
  40         else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['DOCUMENT_ROOT'])) {
  41             $DOCUMENT_ROOT = $HTTP_ENV_VARS['DOCUMENT_ROOT'];
  42         }
  43         else if (@getenv('DOCUMENT_ROOT')) {
  44             $DOCUMENT_ROOT = getenv('DOCUMENT_ROOT');
  45         }
  46         else {
  47             $DOCUMENT_ROOT = '.';
  48         }
  49     } // end if
  50
  51     $textfile = $DOCUMENT_ROOT . dirname($PHP_SELF) . '/' . eregi_replace('^./', '', $cfg['UploadDir']) . eregi_replace('\.\.*', '.', $local_textfile);
  52     if (file_exists($textfile)) {
  53         $open_basedir     = '';
  54         if (PMA_PHP_INT_VERSION >= 40000) {
  55             $open_basedir = @ini_get('open_basedir');
  56         }
  57         if (empty($open_basedir)) {
  58             $open_basedir = @get_cfg_var('open_basedir');
  59         }
  60
  61         // If we are on a server with open_basedir, we must move the file
  62         // before opening it. The doc explains how to create the "./tmp"
  63         // directory
  64
  65         if (!empty($open_basedir)) {
  66
  67             $tmp_subdir = (PMA_IS_WINDOWS ? '.\\tmp\\' : './tmp/');
  68
  69             // function is_writeable() is valid on PHP3 and 4
  70             if (!is_writeable($tmp_subdir)) {
  71                 // if we cannot move the file, let PHP report the error
  72                 error_reporting(E_ALL);
  73             } else {
  74                 $textfile_new = $tmp_subdir . basename($textfile);
  75                 if (PMA_PHP_INT_VERSION < 40003) {
  76                     copy($textfile, $textfile_new);
  77                 } else {
  78                     move_uploaded_file($textfile, $textfile_new);
  79                 }
  80                 $textfile = $textfile_new;
  81                 $unlink_local_textfile = true;
  82             }
  83         }
  84     }
  85 }
  86
  87 /**
  88  * The form used to define the query has been submitted -> do the work
  89  */
  90 if (isset($btnLDI) && empty($textfile)) {
  91     $js_to_run = 'functions.js';
  92     include('./header.inc.php3');
  93     $message = $strMustSelectFile;
  94     include('./ldi_table.php3');
  95 } elseif (isset($btnLDI) && ($textfile != 'none')) {
  96     if (!isset($replace)) {
  97         $replace = '';
  98     }
  99
 100     error_reporting(E_ALL);
 101     chmod($textfile, 0644);
 102
 103     // Kanji encoding convert appended by Y.Kawada
 104     if (function_exists('PMA_kanji_file_conv')) {
 105         $textfile         = PMA_kanji_file_conv($textfile, $knjenc, isset($xkana) ? $xkana : '');
 106     }
 107
 108     // Convert the file's charset if necessary
 109     if ($cfg['AllowAnywhereRecoding'] && $allow_recoding
 110         && isset($charset_of_file) && $charset_of_file != $charset) {
 111         $textfile         = PMA_convert_file($charset_of_file, $convcharset, $textfile);
 112     }
 113
 114     // Formats the data posted to this script
 115     $textfile             = PMA_sqlAddslashes($textfile);
 116     $enclosed             = PMA_sqlAddslashes($enclosed);
 117     $escaped              = PMA_sqlAddslashes($escaped);
 118     $column_name          = PMA_sqlAddslashes($column_name);
 119
 120     // (try to) make sure the file is readable:
 121     chmod($textfile, 0777);
 122
 123     // Builds the query
 124     $sql_query     =  'LOAD DATA';
 125
 126     // for versions before 3.23.49, we use the LOCAL keyword, because
 127     // there was a version (cannot find which one, and it does not work
 128     // with 3.23.38) where the user can LOAD, even if the user does not
 129     // have FILE priv, and even if the file is on the server
 130     // (which is the present case)
 131     //
 132     // we could also code our own loader, but LOAD DATA INFILE is optimized
 133     // for speed
 134
 135     if (PMA_MYSQL_INT_VERSION < 32349) {
 136         $sql_query     .= ' LOCAL';
 137     }
 138
 139     if (PMA_MYSQL_INT_VERSION > 40003) {
 140         $tmp_query  = "SHOW VARIABLES LIKE 'local\\_infile'";
 141         $result = PMA_mysql_query($tmp_query);
 142         if ($result != FALSE && mysql_num_rows($result) > 0) {
 143             $tmp = PMA_mysql_fetch_row($result);
 144             if ($tmp[1] == 'ON') {
 145                 $sql_query     .= ' LOCAL';
 146             }
 147         }
 148         mysql_free_result($result);
 149     }
 150
 151     $sql_query     .= ' INFILE \'' . $textfile . '\'';
 152     if (!empty($replace)) {
 153         $sql_query .= ' ' . $replace;
 154     }
 155     $sql_query     .= ' INTO TABLE ' . PMA_backquote($into_table);
 156     if (isset($field_terminater)) {
 157         $sql_query .= ' FIELDS TERMINATED BY \'' . $field_terminater . '\'';
 158     }
 159     if (isset($enclose_option) && strlen($enclose_option) > 0) {
 160         $sql_query .= ' OPTIONALLY';
 161     }
 162     if (strlen($enclosed) > 0) {
 163         $sql_query .= ' ENCLOSED BY \'' . $enclosed . '\'';
 164     }
 165     if (strlen($escaped) > 0) {
 166         $sql_query .= ' ESCAPED BY \'' . $escaped . '\'';
 167     }
 168     if (strlen($line_terminator) > 0){
 169         $sql_query .= ' LINES TERMINATED BY \'' . $line_terminator . '\'';
 170     }
 171     if (strlen($column_name) > 0) {
 172         if (PMA_MYSQL_INT_VERSION >= 32306) {
 173             $sql_query .= ' (';
 174             $tmp   = split(',( ?)', $column_name);
 175             for ($i = 0; $i < count($tmp); $i++) {
 176                 if ($i > 0) {
 177                     $sql_query .= ', ';
 178                 }
 179                 $sql_query     .= PMA_backquote(trim($tmp[$i]));
 180             } // end for
 181             $sql_query .= ')';
 182         } else {
 183             $sql_query .= ' (' . $column_name . ')';
 184         }
 185     }
 186
 187     // We could rename the ldi* scripts to tbl_properties_ldi* to improve
 188     // consistency with the other sub-pages.
 189     //
 190     // The $goto in ldi_table.php3 is set to tbl_properties.php3 but maybe
 191     // if would be better to Browse the latest inserted data.
 192     include('./sql.php3');
 193     if ($unlink_local_textfile) {
 194         unlink($textfile);
 195     }
 196 }
 197
 198
 199 /**
 200  * The form used to define the query hasn't been yet submitted -> loads it
 201  */
 202 else {
 203     include('./ldi_table.php3');
 204 }
 205 ?>