libraries/Tracker.class.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  *
   5  * @author Alexander Rutkowski
   6  * @version $Id$
   7  * @package phpMyAdmin
   8  */
   9
  10 /**
  11  * Gets relation settings
  12  */
  13 require_once './libraries/relation.lib.php';
  14
  15 /**
  16  * This class tracks changes on databases, tables and views.
  17  * For more information please see phpMyAdmin/Documentation.html
  18  *
  19  * @author Alexander Rutkowski <alexander.rutkowski@googlemail.com>
  20  * @package phpMyAdmin
  21  *
  22  * @todo use stristr instead of strstr
  23  */
  24 class PMA_Tracker
  25 {
  26     /**
  27      * Whether tracking is ready.
  28      */
  29     static protected $enabled = false;
  30
  31     /**
  32      * Defines the internal PMA table which contains tracking data.
  33      *
  34      * @access  protected
  35      * @var string
  36      */
  37     static protected $pma_table;
  38
  39     /**
  40      * Defines the usage of DROP TABLE statment in SQL dumps.
  41      *
  42      * @access protected
  43      * @var boolean
  44      */
  45     static protected $add_drop_table;
  46
  47     /**
  48      * Defines the usage of DROP VIEW statment in SQL dumps.
  49      *
  50      * @access protected
  51      * @var boolean
  52      */
  53     static protected $add_drop_view;
  54
  55     /**
  56      * Defines the usage of DROP DATABASE statment in SQL dumps.
  57      *
  58      * @access protected
  59      * @var boolean
  60      */
  61     static protected $add_drop_database;
  62
  63     /**
  64      * Defines auto-creation of tracking versions.
  65      *
  66      * @var boolean
  67      */
  68     static protected $version_auto_create;
  69
  70     /**
  71      * Defines the default set of tracked statements.
  72      *
  73      * @var string
  74      */
  75     static protected $default_tracking_set;
  76
  77     /**
  78      * Initializes settings. See phpMyAdmin/Documentation.html.
  79      *
  80      * @static
  81      *
  82      */
  83     static public function init()
  84     {
  85         self::$pma_table = PMA_backquote($GLOBALS['cfg']['Server']['pmadb']) .".".
  86                            PMA_backquote($GLOBALS['cfg']['Server']['tracking']);
  87
  88         self::$add_drop_table = $GLOBALS['cfg']['Server']['tracking_add_drop_table'];
  89
  90         self::$add_drop_view = $GLOBALS['cfg']['Server']['tracking_add_drop_view'];
  91
  92         self::$add_drop_database = $GLOBALS['cfg']['Server']['tracking_add_drop_database'];
  93
  94         self::$default_tracking_set = $GLOBALS['cfg']['Server']['tracking_default_statements'];
  95
  96         self::$version_auto_create = $GLOBALS['cfg']['Server']['tracking_version_auto_create'];
  97
  98     }
  99
 100     /**
 101      * Actually enables tracking. This needs to be done after all
 102      * underlaying code is initialized.
 103      *
 104      * @static
 105      *
 106      */
 107     static public function enable()
 108     {
 109         self::$enabled = true;
 110     }
 111
 112     /**
 113      * Gets the on/off value of the Tracker module, starts initialization.
 114      *
 115      * @static
 116      *
 117      * @return boolean (true=on|false=off)
 118      */
 119     static public function isActive()
 120     {
 121         if (! self::$enabled) {
 122             return false;
 123         }
 124         /* We need to avoid attempt to track any queries from PMA_getRelationsParam */
 125         self::$enabled = false;
 126         $cfgRelation = PMA_getRelationsParam();
 127         /* Restore original state */
 128         self::$enabled = true;
 129         if (! $cfgRelation['trackingwork']) {
 130             return false;
 131         }
 132         self::init();
 133
 134         if (isset(self::$pma_table)) {
 135             return true;
 136         } else {
 137             return false;
 138         }
 139     }
 140
 141     /**
 142      * Returns a simple DROP TABLE statement.
 143      *
 144      * @param string $tablename
 145      * @return string
 146      */
 147     static public function getStatementDropTable($tablename)
 148     {
 149         return 'DROP TABLE IF EXISTS ' . $tablename;
 150     }
 151
 152     /**
 153      * Returns a simple DROP VIEW statement.
 154      *
 155      * @param string $viewname
 156      * @return string
 157      */
 158     static public function getStatementDropView($viewname)
 159     {
 160         return 'DROP VIEW IF EXISTS ' . $viewname;
 161     }
 162
 163     /**
 164      * Returns a simple DROP DATABASE statement.
 165      *
 166      * @param string $dbname
 167      * @return string
 168      */
 169     static public function getStatementDropDatabase($dbname)
 170     {
 171         return 'DROP DATABASE IF EXISTS ' . $dbname;
 172     }
 173
 174     /**
 175      * Parses the name of a table from a SQL statement substring.
 176      *
 177      * @static
 178      *
 179      * @param  string $string      part of SQL statement
 180      *
 181      * @return string the name of table
 182      */
 183     static protected function getTableName($string)
 184     {
 185         if (strstr($string, '.')) {
 186             $temp = explode('.', $string);
 187             $tablename = $temp[1];
 188         }
 189         else {
 190             $tablename = $string;
 191         }
 192
 193         $str = explode("\n", $tablename);
 194         $tablename = $str[0];
 195
 196         $tablename = str_replace(';', '', $tablename);
 197         $tablename = str_replace('`', '', $tablename);
 198         $tablename = trim($tablename);
 199
 200         return $tablename;
 201     }
 202
 203
 204     /**
 205      * Gets the tracking status of a table, is it active or deactive ?
 206      *
 207      * @static
 208      *
 209      * @param  string $dbname      name of database
 210      * @param  string $tablename   name of table
 211      *
 212      * @return boolean true or false
 213      */
 214     static public function isTracked($dbname, $tablename)
 215     {
 216         if (! self::$enabled) {
 217             return false;
 218         }
 219         /* We need to avoid attempt to track any queries from PMA_getRelationsParam */
 220         self::$enabled = false;
 221         $cfgRelation = PMA_getRelationsParam();
 222         /* Restore original state */
 223         self::$enabled = true;
 224         if (! $cfgRelation['trackingwork']) {
 225             return false;
 226         }
 227
 228         $sql_query =
 229         " SELECT tracking_active FROM " . self::$pma_table .
 230         " WHERE " . PMA_backquote('db_name') . " = '" . PMA_sqlAddslashes($dbname) . "' " .
 231         " AND " . PMA_backquote('table_name') . " = '" . PMA_sqlAddslashes($tablename) . "' " .
 232         " ORDER BY version DESC";
 233
 234         $row = PMA_DBI_fetch_array(PMA_query_as_controluser($sql_query));
 235
 236         if (isset($row['tracking_active']) && $row['tracking_active'] == 1) {
 237             return true;
 238         } else {
 239             return false;
 240         }
 241     }
 242
 243     /**
 244      * Returns the comment line for the log.
 245      *
 246      * @return string Comment, contains date and username
 247      */
 248     static public function getLogComment()
 249     {
 250         $date = date('Y-m-d H:i:s');
 251
 252         return "# log " . $date . " " . $GLOBALS['cfg']['Server']['user'] . "\n";
 253     }
 254
 255     /**
 256      * Creates tracking version of a table / view
 257      * (in other words: create a job to track future changes on the table).
 258      *
 259      * @static
 260      *
 261      * @param  string $dbname       name of database
 262      * @param  string $tablename    name of table
 263      * @param  string $version      version
 264      * @param  string $tracking_set set of tracking statements
 265      * @param  string $is_view      if table is a view
 266      *
 267      * @return int result of version insertion
 268      */
 269     static public function createVersion($dbname, $tablename, $version, $tracking_set = '', $is_view = false)
 270     {
 271         global $sql_backquotes;
 272
 273         if ($tracking_set == '') {
 274             $tracking_set = self::$default_tracking_set;
 275         }
 276
 277         require_once './libraries/export/sql.php';
 278
 279         $sql_backquotes = true;
 280
 281         $date = date('Y-m-d H:i:s');
 282
 283         // Get data definition snapshot of table
 284         $sql_query = '
 285         SHOW FULL COLUMNS FROM ' . PMA_backquote($dbname) . '.' . PMA_backquote($tablename);
 286
 287         $sql_result = PMA_DBI_query($sql_query);
 288
 289         while ($row = PMA_DBI_fetch_array($sql_result)) {
 290             $columns[] = $row;
 291         }
 292
 293         $sql_query = '
 294         SHOW INDEX FROM ' . PMA_backquote($dbname) . '.' . PMA_backquote($tablename);
 295
 296         $sql_result = PMA_DBI_query($sql_query);
 297
 298         $indexes = array();
 299
 300         while($row = PMA_DBI_fetch_array($sql_result)) {
 301             $indexes[] = $row;
 302         }
 303
 304         $snapshot = array('COLUMNS' => $columns, 'INDEXES' => $indexes);
 305         $snapshot = serialize($snapshot);
 306
 307         // Get DROP TABLE / DROP VIEW and CREATE TABLE SQL statements
 308         $sql_backquotes = true;
 309
 310         $create_sql  = "";
 311
 312         if (self::$add_drop_table == true && $is_view == false) {
 313             $create_sql .= self::getLogComment() .
 314                            self::getStatementDropTable(PMA_backquote($tablename)) . ";\n";
 315
 316         }
 317
 318         if (self::$add_drop_view == true && $is_view == true) {
 319             $create_sql .= self::getLogComment() .
 320                            self::getStatementDropView(PMA_backquote($tablename)) . ";\n";
 321         }
 322
 323         $create_sql .= self::getLogComment() .
 324                        PMA_getTableDef($dbname, $tablename, "\n", "");
 325
 326         // Save version
 327
 328         $sql_query =
 329         "/*NOTRACK*/\n" .
 330         "INSERT INTO" . self::$pma_table . " (" .
 331         "db_name, " .
 332         "table_name, " .
 333         "version, " .
 334         "date_created, " .
 335         "date_updated, " .
 336         "schema_snapshot, " .
 337         "schema_sql, " .
 338         "data_sql, " .
 339         "tracking " .
 340         ") " .
 341         "values (
 342         '" . PMA_sqlAddslashes($dbname) . "',
 343         '" . PMA_sqlAddslashes($tablename) . "',
 344         '" . PMA_sqlAddslashes($version) . "',
 345         '" . PMA_sqlAddslashes($date) . "',
 346         '" . PMA_sqlAddslashes($date) . "',
 347         '" . PMA_sqlAddslashes($snapshot) . "',
 348         '" . PMA_sqlAddslashes($create_sql) . "',
 349         '" . PMA_sqlAddslashes("\n") . "',
 350         '" . PMA_sqlAddslashes($tracking_set) . "' )";
 351
 352         $result = PMA_query_as_controluser($sql_query);
 353
 354         if ($result) {
 355             // Deactivate previous version
 356             self::deactivateTracking($dbname, $tablename, ($version - 1));
 357         }
 358
 359         return $result;
 360     }
 361
 362
 363     /**
 364      * Removes all tracking data for a table
 365      *
 366      * @static
 367      *
 368      * @param  string $dbname       name of database
 369      * @param  string $tablename    name of table
 370      *
 371      * @return int result of version insertion
 372      */
 373     static public function deleteTracking($dbname, $tablename)
 374     {
 375         $sql_query =
 376         "/*NOTRACK*/\n" .
 377         "DELETE FROM " . self::$pma_table . " WHERE `db_name` = '" . PMA_sqlAddslashes($dbname) . "' AND `table_name` = '" . PMA_sqlAddslashes($tablename) . "'";
 378         $result = PMA_query_as_controluser($sql_query);
 379
 380         return $result;
 381     }
 382
 383     /**
 384      * Creates tracking version of a database
 385      * (in other words: create a job to track future changes on the database).
 386      *
 387      * @static
 388      *
 389      * @param  string $dbname       name of database
 390      * @param  string $version      version
 391      * @param  string $query        query
 392      * @param  string $tracking_set set of tracking statements
 393      *
 394      * @return int result of version insertion
 395      */
 396     static public function createDatabaseVersion($dbname, $version, $query, $tracking_set = 'CREATE DATABASE,ALTER DATABASE,DROP DATABASE')
 397     {
 398         global $sql_backquotes;
 399
 400         $date = date('Y-m-d H:i:s');
 401
 402         if ($tracking_set == '') {
 403             $tracking_set = self::$default_tracking_set;
 404         }
 405
 406         require_once './libraries/export/sql.php';
 407
 408         $create_sql  = "";
 409
 410         if (self::$add_drop_database == true) {
 411             $create_sql .= self::getLogComment() .
 412                            self::getStatementDropDatabase(PMA_backquote($dbname)) . ";\n";
 413         }
 414
 415         $create_sql .= self::getLogComment() . $query;
 416
 417         // Save version
 418         $sql_query =
 419         "/*NOTRACK*/\n" .
 420         "INSERT INTO" . self::$pma_table . " (" .
 421         "db_name, " .
 422         "table_name, " .
 423         "version, " .
 424         "date_created, " .
 425         "date_updated, " .
 426         "schema_snapshot, " .
 427         "schema_sql, " .
 428         "data_sql, " .
 429         "tracking " .
 430         ") " .
 431         "values (
 432         '" . PMA_sqlAddslashes($dbname) . "',
 433         '" . PMA_sqlAddslashes('') . "',
 434         '" . PMA_sqlAddslashes($version) . "',
 435         '" . PMA_sqlAddslashes($date) . "',
 436         '" . PMA_sqlAddslashes($date) . "',
 437         '" . PMA_sqlAddslashes('') . "',
 438         '" . PMA_sqlAddslashes($create_sql) . "',
 439         '" . PMA_sqlAddslashes("\n") . "',
 440         '" . PMA_sqlAddslashes($tracking_set) . "' )";
 441
 442         $result = PMA_query_as_controluser($sql_query);
 443
 444         return $result;
 445     }
 446
 447
 448
 449     /**
 450      * Changes tracking of a table.
 451      *
 452      * @static
 453      *
 454      * @param  string $dbname       name of database
 455      * @param  string $tablename    name of table
 456      * @param  string $version      version
 457      * @param  integer $new_state   the new state of tracking
 458      *
 459      * @return int result of SQL query
 460      */
 461     static private function changeTracking($dbname, $tablename, $version, $new_state)
 462     {
 463         $sql_query =
 464         " UPDATE " . self::$pma_table .
 465         " SET `tracking_active` = '" . $new_state . "' " .
 466         " WHERE `db_name` = '" . PMA_sqlAddslashes($dbname) . "' " .
 467         " AND `table_name` = '" . PMA_sqlAddslashes($tablename) . "' " .
 468         " AND `version` = '" . PMA_sqlAddslashes($version) . "' ";
 469
 470         $result = PMA_query_as_controluser($sql_query);
 471
 472         return $result;
 473     }
 474
 475     /**
 476      * Activates tracking of a table.
 477      *
 478      * @static
 479      *
 480      * @param  string $dbname       name of database
 481      * @param  string $tablename    name of table
 482      * @param  string $version      version
 483      *
 484      * @return int result of SQL query
 485      */
 486     static public function activateTracking($dbname, $tablename, $version)
 487     {
 488         return self::changeTracking($dbname, $tablename, $version, 1);
 489     }
 490
 491
 492     /**
 493      * Deactivates tracking of a table.
 494      *
 495      * @static
 496      *
 497      * @param  string $dbname       name of database
 498      * @param  string $tablename    name of table
 499      * @param  string $version      version
 500      *
 501      * @return int result of SQL query
 502      */
 503     static public function deactivateTracking($dbname, $tablename, $version)
 504     {
 505         return self::changeTracking($dbname, $tablename, $version, 0);
 506     }
 507
 508
 509     /**
 510      * Gets the newest version of a tracking job
 511      * (in other words: gets the HEAD version).
 512      *
 513      * @static
 514      *
 515      * @param  string $dbname      name of database
 516      * @param  string $tablename   name of table
 517      * @param  string $statement   tracked statement
 518      *
 519      * @return int (-1 if no version exists | >  0 if a version exists)
 520      */
 521     static public function getVersion($dbname, $tablename, $statement = null)
 522     {
 523         $sql_query =
 524         " SELECT MAX(version) FROM " . self::$pma_table .
 525         " WHERE `db_name` = '" . PMA_sqlAddslashes($dbname) . "' " .
 526         " AND `table_name` = '" . PMA_sqlAddslashes($tablename) . "' ";
 527
 528         if ($statement != "") {
 529             $sql_query .= " AND FIND_IN_SET('" . $statement . "',tracking) > 0" ;
 530         }
 531         $row = PMA_DBI_fetch_array(PMA_query_as_controluser($sql_query));
 532         if (isset($row[0])) {
 533             $version = $row[0];
 534         }
 535         if (! isset($version)) {
 536             $version = -1;
 537         }
 538         return $version;
 539     }
 540
 541
 542     /**
 543      * Gets the record of a tracking job.
 544      *
 545      * @static
 546      *
 547      * @param  string $dbname      name of database
 548      * @param  string $tablename   name of table
 549      * @param  string $version     version number
 550      *
 551      * @return mixed record DDM log, DDL log, structure snapshot, tracked statements.
 552      */
 553     static public function getTrackedData($dbname, $tablename, $version)
 554     {
 555         if (! isset(self::$pma_table)) {
 556             self::init();
 557         }
 558         $sql_query = " SELECT * FROM " . self::$pma_table .
 559             " WHERE `db_name` = '" . PMA_sqlAddslashes($dbname) . "' ";
 560         if (! empty($tablename)) {
 561             $sql_query .= " AND `table_name` = '" . PMA_sqlAddslashes($tablename) ."' ";
 562         }
 563         $sql_query .= " AND `version` = '" . PMA_sqlAddslashes($version) ."' ".
 564                      " ORDER BY `version` DESC ";
 565
 566         $mixed = PMA_DBI_fetch_array(PMA_query_as_controluser($sql_query));
 567
 568         // Parse log
 569         $log_schema_entries = explode('# log ',  $mixed['schema_sql']);
 570         $log_data_entries   = explode('# log ',  $mixed['data_sql']);
 571
 572         $ddl_date_from = $date = date('Y-m-d H:i:s');
 573
 574         $ddlog = array();
 575         $i = 0;
 576
 577         // Iterate tracked data definition statements
 578         // For each log entry we want to get date, username and statement
 579         foreach ($log_schema_entries as $log_entry) {
 580             if (trim($log_entry) != '') {
 581                 $date      = substr($log_entry, 0, 19);
 582                 $username  = substr($log_entry, 20, strpos($log_entry, "\n") - 20);
 583                 if ($i == 0) {
 584                     $ddl_date_from = $date;
 585                 }
 586                 $statement = rtrim(strstr($log_entry, "\n"));
 587
 588                 $ddlog[] = array( 'date' => $date,
 589                                   'username'=> $username,
 590                                   'statement' => $statement );
 591                 $i++;
 592             }
 593         }
 594
 595         $date_from = $ddl_date_from;
 596         $date_to   = $ddl_date_to = $date;
 597
 598         $dml_date_from = $date_from;
 599
 600         $dmlog = array();
 601         $i = 0;
 602
 603         // Iterate tracked data manipulation statements
 604         // For each log entry we want to get date, username and statement
 605         foreach ($log_data_entries as $log_entry) {
 606             if (trim($log_entry) != '') {
 607                 $date      = substr($log_entry, 0, 19);
 608                 $username  = substr($log_entry, 20, strpos($log_entry, "\n") - 20);
 609                 if ($i == 0) {
 610                     $dml_date_from = $date;
 611                 }
 612                 $statement = rtrim(strstr($log_entry, "\n"));
 613
 614                 $dmlog[] = array( 'date' => $date,
 615                                   'username' => $username,
 616                                   'statement' => $statement );
 617                 $i++;
 618             }
 619         }
 620
 621         $dml_date_to = $date;
 622
 623         // Define begin and end of date range for both logs
 624         if (strtotime($ddl_date_from) <= strtotime($dml_date_from)) {
 625             $data['date_from'] = $ddl_date_from;
 626         } else {
 627             $data['date_from'] = $dml_date_from;
 628         }
 629         if (strtotime($ddl_date_to) >= strtotime($dml_date_to)) {
 630             $data['date_to'] = $ddl_date_to;
 631         } else {
 632             $data['date_to'] = $dml_date_to;
 633         }
 634         $data['ddlog']           = $ddlog;
 635         $data['dmlog']           = $dmlog;
 636         $data['tracking']        = $mixed['tracking'];
 637         $data['schema_snapshot'] = $mixed['schema_snapshot'];
 638
 639         return $data;
 640     }
 641
 642
 643     /**
 644      * Parses a query. Gets
 645      *  - statement identifier (UPDATE, ALTER TABLE, ...)
 646      *  - type of statement, is it part of DDL or DML ?
 647      *  - tablename
 648      *
 649      * @static
 650      * @todo: using PMA SQL Parser when possible
 651      * @todo: support multi-table/view drops
 652      *
 653      * @param string $query
 654      *
 655      * @return mixed Array containing identifier, type and tablename.
 656      *
 657      */
 658     static public function parseQuery($query)
 659     {
 660
 661         // Usage of PMA_SQP does not work here
 662         //
 663         // require_once("libraries/sqlparser.lib.php");
 664         // $parsed_sql = PMA_SQP_parse($query);
 665         // $sql_info = PMA_SQP_analyze($parsed_sql);
 666
 667         $query = str_replace("\n", " ", $query);
 668         $query = str_replace("\r", " ", $query);
 669
 670         $query = trim($query);
 671         $query = trim($query, ' -');
 672
 673         $tokens = explode(" ", $query);
 674         $tokens = array_map('strtoupper', $tokens);
 675
 676         // Parse USE statement, need it for SQL dump imports
 677         if (substr($query, 0, 4) == 'USE ') {
 678             $prefix = explode('USE ', $query);
 679             $GLOBALS['db'] = self::getTableName($prefix[1]);
 680         }
 681
 682         /*
 683          * DDL statements
 684          */
 685
 686         $result['type']         = 'DDL';
 687
 688         // Parse CREATE VIEW statement
 689         if (in_array('CREATE', $tokens) == true &&
 690            in_array('VIEW', $tokens) == true &&
 691            in_array('AS', $tokens) == true) {
 692             $result['identifier'] = 'CREATE VIEW';
 693
 694             $index = array_search('VIEW', $tokens);
 695
 696             $result['tablename'] = strtolower(self::getTableName($tokens[$index + 1]));
 697         }
 698
 699         // Parse ALTER VIEW statement
 700         if (in_array('ALTER', $tokens) == true &&
 701            in_array('VIEW', $tokens) == true &&
 702            in_array('AS', $tokens) == true &&
 703            ! isset($result['identifier'])) {
 704             $result['identifier'] = 'ALTER VIEW';
 705
 706             $index = array_search('VIEW', $tokens);
 707
 708             $result['tablename'] = strtolower(self::getTableName($tokens[$index + 1]));
 709         }
 710
 711         // Parse DROP VIEW statement
 712         if (! isset($result['identifier']) && substr($query, 0, 10) == 'DROP VIEW ') {
 713             $result['identifier'] = 'DROP VIEW';
 714
 715             $prefix  = explode('DROP VIEW ', $query);
 716             $str = strstr($prefix[1], 'IF EXISTS');
 717
 718             if ($str == FALSE ) {
 719                 $str = $prefix[1];
 720             }
 721             $result['tablename'] = self::getTableName($str);
 722         }
 723
 724         // Parse CREATE DATABASE statement
 725         if (! isset($result['identifier']) && substr($query, 0, 15) == 'CREATE DATABASE') {
 726             $result['identifier'] = 'CREATE DATABASE';
 727             $str = str_replace('CREATE DATABASE', '', $query);
 728             $str = str_replace('IF NOT EXISTS', '', $str);
 729
 730             $prefix = explode('DEFAULT ', $str);
 731
 732             $result['tablename'] = '';
 733             $GLOBALS['db'] = self::getTableName($prefix[0]);
 734         }
 735
 736         // Parse ALTER DATABASE statement
 737         if (! isset($result['identifier']) && substr($query, 0, 14) == 'ALTER DATABASE') {
 738             $result['identifier'] = 'ALTER DATABASE';
 739             $result['tablename'] = '';
 740         }
 741
 742         // Parse DROP DATABASE statement
 743         if (! isset($result['identifier']) && substr($query, 0, 13) == 'DROP DATABASE') {
 744             $result['identifier'] = 'DROP DATABASE';
 745             $str = str_replace('DROP DATABASE', '', $query);
 746             $str = str_replace('IF EXISTS', '', $str);
 747             $GLOBALS['db'] = self::getTableName($str);
 748             $result['tablename'] = '';
 749         }
 750
 751         // Parse CREATE TABLE statement
 752         if (! isset($result['identifier']) && substr($query, 0, 12) == 'CREATE TABLE' ) {
 753             $result['identifier'] = 'CREATE TABLE';
 754             $query   = str_replace('IF NOT EXISTS', '', $query);
 755             $prefix  = explode('CREATE TABLE ', $query);
 756             $suffix  = explode('(', $prefix[1]);
 757             $result['tablename'] = self::getTableName($suffix[0]);
 758         }
 759
 760         // Parse ALTER TABLE statement
 761         if (! isset($result['identifier']) && substr($query, 0, 12) == 'ALTER TABLE ') {
 762             $result['identifier'] = 'ALTER TABLE';
 763
 764             $prefix  = explode('ALTER TABLE ', $query);
 765             $suffix  = explode(' ', $prefix[1]);
 766             $result['tablename']  = self::getTableName($suffix[0]);
 767         }
 768
 769         // Parse DROP TABLE statement
 770         if (! isset($result['identifier']) && substr($query, 0, 11) == 'DROP TABLE ') {
 771             $result['identifier'] = 'DROP TABLE';
 772
 773             $prefix  = explode('DROP TABLE ', $query);
 774             $str = strstr($prefix[1], 'IF EXISTS');
 775
 776             if ($str == FALSE ) {
 777                 $str = $prefix[1];
 778             }
 779             $result['tablename'] = self::getTableName($str);
 780         }
 781
 782         // Parse CREATE INDEX statement
 783         if (! isset($result['identifier']) &&
 784             (   substr($query, 0, 12) == 'CREATE INDEX' ||
 785                 substr($query, 0, 19) == 'CREATE UNIQUE INDEX' ||
 786                 substr($query, 0, 20) == 'CREATE SPATIAL INDEX'
 787             )
 788         ) {
 789              $result['identifier'] = 'CREATE INDEX';
 790              $prefix = explode('ON ', $query);
 791              $suffix = explode('(', $prefix[1]);
 792              $result['tablename'] = self::getTableName($suffix[0]);
 793         }
 794
 795         // Parse DROP INDEX statement
 796         if (! isset($result['identifier']) && substr($query, 0, 10) == 'DROP INDEX') {
 797              $result['identifier'] = 'DROP INDEX';
 798              $prefix = explode('ON ', $query);
 799              $result['tablename'] = self::getTableName($prefix[1]);
 800         }
 801
 802         // Parse RENAME TABLE statement
 803         if (! isset($result['identifier']) && substr($query, 0, 13) == 'RENAME TABLE ') {
 804             $result['identifier'] = 'RENAME TABLE';
 805             $prefix = explode('RENAME TABLE ', $query);
 806             $names  = explode(' TO ', $prefix[1]);
 807             $result['tablename']      = self::getTableName($names[0]);
 808             $result["tablename_after_rename"]  = self::getTableName($names[1]);
 809         }
 810
 811         /*
 812          * DML statements
 813          */
 814
 815         if (! isset($result['identifier'])) {
 816             $result["type"]       = 'DML';
 817         }
 818         // Parse UPDATE statement
 819         if (! isset($result['identifier']) && substr($query, 0, 6) == 'UPDATE') {
 820             $result['identifier'] = 'UPDATE';
 821             $prefix  = explode('UPDATE ', $query);
 822             $suffix  = explode(' ', $prefix[1]);
 823             $result['tablename'] = self::getTableName($suffix[0]);
 824         }
 825
 826         // Parse INSERT INTO statement
 827         if (! isset($result['identifier']) && substr($query, 0, 11 ) == 'INSERT INTO') {
 828             $result['identifier'] = 'INSERT';
 829             $prefix  = explode('INSERT INTO', $query);
 830             $suffix  = explode('(', $prefix[1]);
 831             $result['tablename'] = self::getTableName($suffix[0]);
 832         }
 833
 834         // Parse DELETE statement
 835         if (! isset($result['identifier']) && substr($query, 0, 6 ) == 'DELETE') {
 836             $result['identifier'] = 'DELETE';
 837             $prefix  = explode('FROM ', $query);
 838             $suffix  = explode(' ', $prefix[1]);
 839             $result['tablename'] = self::getTableName($suffix[0]);
 840         }
 841
 842         // Parse TRUNCATE statement
 843         if (! isset($result['identifier']) && substr($query, 0, 8 ) == 'TRUNCATE') {
 844             $result['identifier'] = 'TRUNCATE';
 845             $prefix  = explode('TRUNCATE', $query);
 846             $result['tablename'] = self::getTableName($prefix[1]);
 847         }
 848
 849         return $result;
 850     }
 851
 852
 853     /**
 854      * Analyzes a given SQL statement and saves tracking data.
 855      *
 856      *
 857      * @static
 858      * @param   string $query a SQL query
 859      */
 860     static public function handleQuery($query)
 861     {
 862         // If query is marked as untouchable, leave
 863         if (strstr($query, "/*NOTRACK*/")) {
 864             return false;
 865         }
 866
 867         if (! (substr($query, -1) == ';')) {
 868             $query = $query . ";\n";
 869         }
 870         // Get some information about query
 871         $result = self::parseQuery($query);
 872
 873         // Get database name
 874         $dbname = trim($GLOBALS['db'], '`');
 875         // $dbname can be empty, for example when coming from Synchronize
 876         // and this is a query for the remote server
 877         if (empty($dbname)) {
 878             return false;
 879         }
 880
 881         // If we found a valid statement
 882         if (isset($result['identifier'])) {
 883             $version = self::getVersion($dbname, $result['tablename'], $result['identifier']);
 884
 885             // If version not exists and auto-creation is enabled
 886             if (self::$version_auto_create == true
 887                 && self::isTracked($dbname, $result['tablename']) == false
 888                 && $version == -1) {
 889                 // Create the version
 890
 891                 switch ($result['identifier']) {
 892                 case 'CREATE TABLE':
 893                     self::createVersion($dbname, $result['tablename'], '1');
 894                     break;
 895                 case 'CREATE VIEW':
 896                     self::createVersion($dbname, $result['tablename'], '1', '', true);
 897                     break;
 898                 case 'CREATE DATABASE':
 899                     self::createDatabaseVersion($dbname, '1', $query);
 900                     break;
 901                 } // end switch
 902             }
 903
 904             // If version exists
 905             if (self::isTracked($dbname, $result['tablename']) && $version != -1) {
 906                 if ($result['type'] == 'DDL') {
 907                     $save_to = 'schema_sql';
 908                 } elseif ($result['type'] == 'DML') {
 909                     $save_to = 'data_sql';
 910                 } else {
 911                     $save_to = '';
 912                 }
 913                 $date  = date('Y-m-d H:i:s');
 914
 915                 // Cut off `dbname`. from query
 916                 $query = preg_replace('/`' . $dbname . '`\s?\./', '', $query);
 917
 918                 // Add log information
 919                 $query = self::getLogComment() . $query ;
 920
 921                 // Mark it as untouchable
 922                 $sql_query =
 923                 " /*NOTRACK*/\n" .
 924                 " UPDATE " . self::$pma_table .
 925                 " SET " . PMA_backquote($save_to) ." = CONCAT( " . PMA_backquote($save_to) . ",'\n" . PMA_sqlAddslashes($query) . "') ," .
 926                 " `date_updated` = '" . $date . "' ";
 927
 928                 // If table was renamed we have to change the tablename attribute in pma_tracking too
 929                 if ($result['identifier'] == 'RENAME TABLE') {
 930                     $sql_query .= ', `table_name` = \'' . PMA_sqlAddslashes($result['tablename_after_rename']) . '\' ';
 931                 }
 932
 933                 // Save the tracking information only for
 934                 //     1. the database
 935                 //     2. the table / view
 936                 //     3. the statements
 937                 // we want to track
 938                 $sql_query .=
 939                 " WHERE FIND_IN_SET('" . $result['identifier'] . "',tracking) > 0" .
 940                 " AND `db_name` = '" . PMA_sqlAddslashes($dbname) . "' " .
 941                 " AND `table_name` = '" . PMA_sqlAddslashes($result['tablename']) . "' " .
 942                 " AND `version` = '" . PMA_sqlAddslashes($version) . "' ";
 943
 944                 $result = PMA_query_as_controluser($sql_query);
 945             }
 946         }
 947     }
 948 }
 949 ?>