From 7951b2bacc63d7dc408ead0cf2fcb126c001d17e Mon Sep 17 00:00:00 2001
From: Marc Delisle <marc@infomarc.info>
Date: Sat, 31 Jul 2010 14:54:05 -0400
Subject: [PATCH] bug #3034026 [confirmation] TRUNCATE queries get no
 confirmation request

---
 ChangeLog       |  1 +
 js/functions.js | 12 +++++++-----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 455c3900c4..3482348057 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,6 +9,7 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
 - bug #3033063 [core] Navi gets wrong db name
 - bug #3031705 [core] Fix generating condition for real numbers by comparing
   them to string.
+- bug #3034026 [confirmation] TRUNCATE queries get no confirmation request
 
 3.3.5.0 (2010-07-26)
 - patch #2932113 [information_schema] Slow export when having lots of
diff --git a/js/functions.js b/js/functions.js
index 8c924e0330..93cee6047b 100644
--- a/js/functions.js
+++ b/js/functions.js
@@ -152,7 +152,7 @@ function confirmQuery(theForm1, sqlQuery1)
             } // end if
         } // end if
 
-        // Confirms a "DROP/DELETE/ALTER" statement
+        // Confirms a "DROP/DELETE/ALTER/TRUNCATE" statement
         //
         // TODO: find a way (if possible) to use the parser-analyser
         // for this kind of verification
@@ -162,22 +162,24 @@ function confirmQuery(theForm1, sqlQuery1)
         var do_confirm_re_0 = new RegExp('^\\s*DROP\\s+(IF EXISTS\\s+)?(TABLE|DATABASE|PROCEDURE)\\s', 'i');
         var do_confirm_re_1 = new RegExp('^\\s*ALTER\\s+TABLE\\s+((`[^`]+`)|([A-Za-z0-9_$]+))\\s+DROP\\s', 'i');
         var do_confirm_re_2 = new RegExp('^\\s*DELETE\\s+FROM\\s', 'i');
+        var do_confirm_re_3 = new RegExp('^\\s*TRUNCATE\\s', 'i');
+
         if (do_confirm_re_0.test(sqlQuery1.value)
             || do_confirm_re_1.test(sqlQuery1.value)
-            || do_confirm_re_2.test(sqlQuery1.value)) {
+            || do_confirm_re_2.test(sqlQuery1.value)
+            || do_confirm_re_3.test(sqlQuery1.value)) {
             var message      = (sqlQuery1.value.length > 100)
                              ? sqlQuery1.value.substr(0, 100) + '\n    ...'
                              : sqlQuery1.value;
             var is_confirmed = confirm(PMA_messages['strDoYouReally'] + ' :\n' + message);
-            // drop/delete/alter statement is confirmed -> update the
+            // statement is confirmed -> update the
             // "is_js_confirmed" form field so the confirm test won't be
             // run on the server side and allows to submit the form
             if (is_confirmed) {
                 theForm1.elements['is_js_confirmed'].value = 1;
                 return true;
             }
-            // "DROP/DELETE/ALTER" statement is rejected -> do not submit
-            // the form
+            // statement is rejected -> do not submit the form
             else {
                 window.focus();
                 sqlQuery1.focus();
-- 
2.11.4.GIT