regenerate .po files
[phpmyadmin/crack.git] / tbl_select.php
blobd47baf79104496c567987f2fc935351b9b78f20b
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * Handles table search tab
6 * display table search form, create SQL query from form data
7 * and include sql.php to execute it
9 * @todo display search form again if no results from previous search
10 * @package phpMyAdmin
13 /**
14 * Gets some core libraries
16 require_once './libraries/common.inc.php';
17 require_once './libraries/mysql_charsets.lib.php';
19 $GLOBALS['js_include'][] = 'tbl_change.js';
20 $GLOBALS['js_include'][] = 'jquery/jquery-ui-1.8.custom.js';
21 $GLOBALS['js_include'][] = 'jquery/timepicker.js';
22 if ($GLOBALS['cfg']['PropertiesIconic'] == true) {
23 $titles['Browse'] =
24 '<img class="icon" width="16" height="16" src="' . $pmaThemeImage
25 .'b_browse.png" alt="' . __('Browse foreign values') . '" title="'
26 . __('Browse foreign values') . '" />';
28 if ($GLOBALS['cfg']['PropertiesIconic'] === 'both') {
29 $titles['Browse'] .= __('Browse foreign values');
31 } else {
32 $titles['Browse'] = __('Browse foreign values');
35 /**
36 * Not selection yet required -> displays the selection form
38 if (!isset($param) || $param[0] == '') {
39 // Gets some core libraries
40 require_once './libraries/tbl_common.php';
41 //$err_url = 'tbl_select.php' . $err_url;
42 $url_query .= '&amp;goto=tbl_select.php&amp;back=tbl_select.php';
44 /**
45 * Gets tables informations
47 require_once './libraries/tbl_info.inc.php';
49 /**
50 * Displays top menu links
52 require_once './libraries/tbl_links.inc.php';
54 if (!isset($goto)) {
55 $goto = $GLOBALS['cfg']['DefaultTabTable'];
57 // Defines the url to return to in case of error in the next sql statement
58 $err_url = $goto . '?' . PMA_generate_common_url($db, $table);
60 // Gets the list and number of fields
61 $result = PMA_DBI_query('SHOW FULL FIELDS FROM ' . PMA_backquote($table) . ' FROM ' . PMA_backquote($db) . ';', null, PMA_DBI_QUERY_STORE);
62 $fields_cnt = PMA_DBI_num_rows($result);
63 // rabue: we'd better ensure, that all arrays are empty.
64 $fields_list = $fields_null = $fields_type = $fields_collation = array();
65 while ($row = PMA_DBI_fetch_assoc($result)) {
66 $fields_list[] = $row['Field'];
67 $type = $row['Type'];
68 // reformat mysql query output
69 if (strncasecmp($type, 'set', 3) == 0
70 || strncasecmp($type, 'enum', 4) == 0) {
71 $type = str_replace(',', ', ', $type);
72 } else {
74 // strip the "BINARY" attribute, except if we find "BINARY(" because
75 // this would be a BINARY or VARBINARY field type
76 if (!preg_match('@BINARY[\(]@i', $type)) {
77 $type = preg_replace('@BINARY@i', '', $type);
79 $type = preg_replace('@ZEROFILL@i', '', $type);
80 $type = preg_replace('@UNSIGNED@i', '', $type);
82 $type = strtolower($type);
84 if (empty($type)) {
85 $type = '&nbsp;';
87 $fields_null[] = $row['Null'];
88 $fields_type[] = $type;
89 $fields_collation[] = !empty($row['Collation']) && $row['Collation'] != 'NULL'
90 ? $row['Collation']
91 : '';
92 } // end while
93 PMA_DBI_free_result($result);
94 unset($result, $type);
96 // retrieve keys into foreign fields, if any
97 // check also foreigners even if relwork is FALSE (to get
98 // foreign keys from innodb)
99 $foreigners = PMA_getForeigners($db, $table);
101 <script type="text/javascript">
102 // <![CDATA[
103 function PMA_tbl_select_operator(f, index, multiple) {
104 switch (f.elements["func[" + index + "]"].options[f.elements["func[" + index + "]"].selectedIndex].value) {
105 <?php
106 reset($GLOBALS['cfg']['UnaryOperators']);
107 while (list($operator) = each($GLOBALS['cfg']['UnaryOperators'])) {
108 echo ' case "' . $operator . "\":\r\n";
111 bDisabled = true;
112 break;
114 default:
115 bDisabled = false;
117 f.elements["fields[" + index + "]" + ((multiple) ? "[]": "")].disabled = bDisabled;
119 // ]]>
120 </script>
121 <form method="post" action="tbl_select.php" name="insertForm">
122 <?php echo PMA_generate_common_hidden_inputs($db, $table); ?>
123 <input type="hidden" name="goto" value="<?php echo $goto; ?>" />
124 <input type="hidden" name="back" value="tbl_select.php" />
126 <fieldset id="fieldset_table_search">
128 <fieldset id="fieldset_table_qbe">
129 <legend><?php echo __('Do a "query by example" (wildcard: "%")') ?></legend>
130 <table class="data">
131 <thead>
132 <tr><th><?php echo __('Column'); ?></th>
133 <th><?php echo __('Type'); ?></th>
134 <th><?php echo __('Collation'); ?></th>
135 <th><?php echo __('Operator'); ?></th>
136 <th><?php echo __('Value'); ?></th>
137 </tr>
138 </thead>
139 <tbody>
140 <?php
141 $odd_row = true;
143 for ($i = 0; $i < $fields_cnt; $i++) {
145 <tr class="<?php echo $odd_row ? 'odd' : 'even'; $odd_row = ! $odd_row; ?>">
146 <th><?php echo htmlspecialchars($fields_list[$i]); ?></th>
147 <td><?php echo $fields_type[$i]; ?></td>
148 <td><?php echo $fields_collation[$i]; ?></td>
149 <td><select name="func[]">
150 <?php
151 if (strncasecmp($fields_type[$i], 'enum', 4) == 0) {
152 foreach ($GLOBALS['cfg']['EnumOperators'] as $fc) {
153 echo "\n" . ' '
154 . '<option value="' . htmlspecialchars($fc) . '">'
155 . htmlspecialchars($fc) . '</option>';
157 } elseif (preg_match('@char|blob|text|set@i', $fields_type[$i])) {
158 foreach ($GLOBALS['cfg']['TextOperators'] as $fc) {
159 echo "\n" . ' '
160 . '<option value="' . htmlspecialchars($fc) . '">'
161 . htmlspecialchars($fc) . '</option>';
163 } else {
164 foreach ($GLOBALS['cfg']['NumOperators'] as $fc) {
165 echo "\n" . ' '
166 . '<option value="' . htmlspecialchars($fc) . '">'
167 . htmlspecialchars($fc) . '</option>';
169 } // end if... else...
170 if ($fields_null[$i]) {
171 foreach ($GLOBALS['cfg']['NullOperators'] as $fc) {
172 echo "\n" . ' '
173 . '<option value="' . htmlspecialchars($fc) . '">'
174 . htmlspecialchars($fc) . '</option>';
179 </select>
180 </td>
181 <td>
182 <?php
183 $field = $fields_list[$i];
185 $foreignData = PMA_getForeignData($foreigners, $field, false, '', '');
187 if ($foreigners && isset($foreigners[$field]) && is_array($foreignData['disp_row'])) {
188 // f o r e i g n k e y s
189 echo ' <select name="fields[' . $i . ']">' . "\n";
190 // go back to first row
192 // here, the 4th parameter is empty because there is no current
193 // value of data for the dropdown (the search page initial values
194 // are displayed empty)
195 echo PMA_foreignDropdown($foreignData['disp_row'],
196 $foreignData['foreign_field'],
197 $foreignData['foreign_display'],
198 '', $GLOBALS['cfg']['ForeignKeyMaxLimit']);
199 echo ' </select>' . "\n";
200 } elseif ($foreignData['foreign_link'] == true) {
202 <input type="text" name="fields[<?php echo $i; ?>]"
203 id="field_<?php echo md5($field); ?>[<?php echo $i; ?>]"
204 class="textfield" />
205 <script type="text/javascript">
206 // <![CDATA[
207 document.writeln('<a target="_blank" onclick="window.open(this.href, \'foreigners\', \'width=640,height=240,scrollbars=yes\'); return false" href="browse_foreigners.php?<?php echo PMA_generate_common_url($db, $table); ?>&amp;field=<?php echo urlencode($field); ?>&amp;fieldkey=<?php echo $i; ?>"><?php echo str_replace("'", "\'", $titles['Browse']); ?></a>');
208 // ]]>
209 </script>
210 <?php
211 } elseif (strncasecmp($fields_type[$i], 'enum', 4) == 0) {
212 // e n u m s
213 $enum_value=explode(', ', str_replace("'", '', substr($fields_type[$i], 5, -1)));
214 $cnt_enum_value = count($enum_value);
215 echo ' <select name="fields[' . $i . '][]"'
216 .' multiple="multiple" size="' . min(3, $cnt_enum_value) . '">' . "\n";
217 for ($j = 0; $j < $cnt_enum_value; $j++) {
218 echo ' <option value="' . $enum_value[$j] . '">'
219 . $enum_value[$j] . '</option>';
220 } // end for
221 echo ' </select>' . "\n";
222 } else {
223 // o t h e r c a s e s
224 echo ' <input type="text" name="fields[' . $i . ']"'
225 .' size="40" class="textfield" id="field_' . $i . '" />' . "\n";
227 $type = $fields_type[$i];
228 if ($type == 'date' || $type == 'datetime' || substr($type, 0, 9) == 'timestamp') {
230 <script type="text/javascript">
231 //<![CDATA[
232 $(function() {
233 $('#field_<?php echo $i; ?>').datepicker({
234 duration: '',
235 time24h: true,
236 stepMinutes: 1,
237 stepHours: 1,
238 <?php echo ($type == 'date' ? "showTime: false,":"showTime: true,"); ?>
239 altTimeField: '',
240 constrainInput: false
243 //]]>
244 </script>
245 <?php
248 <input type="hidden" name="names[<?php echo $i; ?>]"
249 value="<?php echo htmlspecialchars($fields_list[$i]); ?>" />
250 <input type="hidden" name="types[<?php echo $i; ?>]"
251 value="<?php echo $fields_type[$i]; ?>" />
252 <input type="hidden" name="collations[<?php echo $i; ?>]"
253 value="<?php echo $fields_collation[$i]; ?>" />
254 </td>
255 </tr>
256 <?php
257 } // end for
259 </tbody>
260 </table>
261 </fieldset>
262 <?php
263 PMA_generate_slider_effect('searchoptions', __('Options'));
265 <fieldset id="fieldset_select_fields">
266 <legend><?php echo __('Select columns (at least one):'); ?></legend>
267 <select name="param[]" size="<?php echo min($fields_cnt, 10); ?>"
268 multiple="multiple">
269 <?php
270 // Displays the list of the fields
271 foreach ($fields_list as $each_field) {
272 echo ' '
273 .'<option value="' . htmlspecialchars($each_field) . '"'
274 .' selected="selected">' . htmlspecialchars($each_field)
275 .'</option>' . "\n";
278 </select>
279 <input type="checkbox" name="distinct" value="DISTINCT" id="oDistinct" />
280 <label for="oDistinct">DISTINCT</label>
281 </fieldset>
283 <fieldset id="fieldset_search_conditions">
284 <legend><?php echo '<em>' . __('Or') . '</em> ' . __('Add search conditions (body of the "where" clause):'); ?></legend>
285 <?php echo PMA_showMySQLDocu('SQL-Syntax', 'Functions'); ?>
287 <input type="text" name="where" class="textfield" size="64" />
288 </fieldset>
290 <fieldset id="fieldset_limit_rows">
291 <legend><?php echo __('Number of rows per page'); ?></legend>
292 <input type="text" size="4" name="session_max_rows"
293 value="<?php echo $GLOBALS['cfg']['MaxRows']; ?>" class="textfield" />
294 </fieldset>
296 <fieldset id="fieldset_display_order">
297 <legend><?php echo __('Display order:'); ?></legend>
298 <select name="orderField">
299 <option value="--nil--"></option>
300 <?php
301 foreach ($fields_list as $each_field) {
302 echo ' '
303 .'<option value="' . htmlspecialchars($each_field) . '">'
304 .htmlspecialchars($each_field) . '</option>' . "\n";
305 } // end for
307 </select>
308 <?php
309 $choices = array(
310 'ASC' => __('Ascending'),
311 'DESC' => __('Descending')
313 PMA_display_html_radio('order', $choices, 'ASC', false, true, "formelement");
314 unset($choices);
316 </fieldset>
317 <br style="clear: both;"/>
318 </div>
319 </fieldset>
320 <fieldset class="tblFooters">
321 <input type="hidden" name="max_number_of_fields"
322 value="<?php echo $fields_cnt; ?>" />
323 <input type="submit" name="submit" value="<?php echo __('Go'); ?>" />
324 </fieldset>
325 </form>
326 <?php
327 require './libraries/footer.inc.php';
332 * Selection criteria have been submitted -> do the work
334 else {
335 // Builds the query
337 $sql_query = 'SELECT ' . (isset($distinct) ? 'DISTINCT ' : '');
339 // if all fields were selected to display, we do a SELECT *
340 // (more efficient and this helps prevent a problem in IE
341 // if one of the rows is edited and we come back to the Select results)
343 if (count($param) == $max_number_of_fields) {
344 $sql_query .= '* ';
345 } else {
346 $param = PMA_backquote($param);
347 $sql_query .= implode(', ', $param);
348 } // end if
350 // avoid a loop, for example when $cfg['DefaultTabTable'] is set
351 // to 'tbl_select.php'
352 unset($param);
354 $sql_query .= ' FROM ' . PMA_backquote($table);
356 // The where clause
357 if (trim($where) != '') {
358 $sql_query .= ' WHERE ' . $where;
359 } else {
360 $w = $charsets = array();
361 $cnt_func = count($func);
362 reset($func);
363 while (list($i, $func_type) = each($func)) {
364 list($charsets[$i]) = explode('_', $collations[$i]);
365 if (isset($GLOBALS['cfg']['UnaryOperators'][$func_type]) && $GLOBALS['cfg']['UnaryOperators'][$func_type] == 1) {
366 $fields[$i] = '';
367 $w[] = PMA_backquote($names[$i]) . ' ' . $func_type;
369 } elseif (strncasecmp($types[$i], 'enum', 4) == 0) {
370 if (!empty($fields[$i])) {
371 if (!is_array($fields[$i])) {
372 $fields[$i] = explode(',', $fields[$i]);
374 $enum_selected_count = count($fields[$i]);
375 if ($func_type == '=' && $enum_selected_count > 1) {
376 $func_type = $func[$i] = 'IN';
377 $parens_open = '(';
378 $parens_close = ')';
380 } elseif ($func_type == '!=' && $enum_selected_count > 1) {
381 $func_type = $func[$i] = 'NOT IN';
382 $parens_open = '(';
383 $parens_close = ')';
385 } else {
386 $parens_open = '';
387 $parens_close = '';
389 $enum_where = '\'' . PMA_sqlAddslashes($fields[$i][0]) . '\'';
390 for ($e = 1; $e < $enum_selected_count; $e++) {
391 $enum_where .= ', \'' . PMA_sqlAddslashes($fields[$i][$e]) . '\'';
394 $w[] = PMA_backquote($names[$i]) . ' ' . $func_type . ' ' . $parens_open . $enum_where . $parens_close;
397 } elseif ($fields[$i] != '') {
398 // For these types we quote the value. Even if it's another type (like INT),
399 // for a LIKE we always quote the value. MySQL converts strings to numbers
400 // and numbers to strings as necessary during the comparison
401 if (preg_match('@char|binary|blob|text|set|date|time|year@i', $types[$i]) || strpos(' ' . $func_type, 'LIKE')) {
402 $quot = '\'';
403 } else {
404 $quot = '';
407 // LIKE %...%
408 if ($func_type == 'LIKE %...%') {
409 $func_type = 'LIKE';
410 $fields[$i] = '%' . $fields[$i] . '%';
412 if ($func_type == 'REGEXP ^...$') {
413 $func_type = 'REGEXP';
414 $fields[$i] = '^' . $fields[$i] . '$';
417 if ($func_type == 'IN (...)' || $func_type == 'NOT IN (...)' || $func_type == 'BETWEEN' || $func_type == 'NOT BETWEEN') {
418 $func_type = str_replace(' (...)', '', $func_type);
420 // quote values one by one
421 $values = explode(',', $fields[$i]);
422 foreach ($values as &$value)
423 $value = $quot . PMA_sqlAddslashes(trim($value)) . $quot;
425 if ($func_type == 'BETWEEN' || $func_type == 'NOT BETWEEN')
426 $w[] = PMA_backquote($names[$i]) . ' ' . $func_type . ' ' . (isset($values[0]) ? $values[0] : '') . ' AND ' . (isset($values[1]) ? $values[1] : '');
427 else
428 $w[] = PMA_backquote($names[$i]) . ' ' . $func_type . ' (' . implode(',', $values) . ')';
430 else {
431 $w[] = PMA_backquote($names[$i]) . ' ' . $func_type . ' ' . $quot . PMA_sqlAddslashes($fields[$i]) . $quot;;
434 } // end if
435 } // end for
437 if ($w) {
438 $sql_query .= ' WHERE ' . implode(' AND ', $w);
440 } // end if
442 if ($orderField != '--nil--') {
443 $sql_query .= ' ORDER BY ' . PMA_backquote($orderField) . ' ' . $order;
444 } // end if
446 require './sql.php';