You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2520 lines
89 KiB
2520 lines
89 KiB
<?php |
|
/** |
|
* set of functions with the insert/edit features in pma |
|
*/ |
|
|
|
declare(strict_types=1); |
|
|
|
namespace PhpMyAdmin; |
|
|
|
use PhpMyAdmin\ConfigStorage\Relation; |
|
use PhpMyAdmin\Dbal\ResultInterface; |
|
use PhpMyAdmin\Html\Generator; |
|
use PhpMyAdmin\Plugins\TransformationsPlugin; |
|
use PhpMyAdmin\Utils\Gis; |
|
|
|
use function __; |
|
use function array_fill; |
|
use function array_key_exists; |
|
use function array_keys; |
|
use function array_merge; |
|
use function array_values; |
|
use function bin2hex; |
|
use function class_exists; |
|
use function count; |
|
use function current; |
|
use function date; |
|
use function explode; |
|
use function htmlspecialchars; |
|
use function implode; |
|
use function in_array; |
|
use function is_array; |
|
use function is_file; |
|
use function is_string; |
|
use function max; |
|
use function mb_stripos; |
|
use function mb_strlen; |
|
use function mb_strstr; |
|
use function mb_substr; |
|
use function md5; |
|
use function method_exists; |
|
use function min; |
|
use function password_hash; |
|
use function preg_match; |
|
use function preg_replace; |
|
use function str_contains; |
|
use function str_replace; |
|
use function stripcslashes; |
|
use function stripslashes; |
|
use function strlen; |
|
use function substr; |
|
use function time; |
|
use function trim; |
|
|
|
use const ENT_COMPAT; |
|
use const PASSWORD_DEFAULT; |
|
|
|
/** |
|
* PhpMyAdmin\InsertEdit class |
|
*/ |
|
class InsertEdit |
|
{ |
|
/** |
|
* DatabaseInterface instance |
|
* |
|
* @var DatabaseInterface |
|
*/ |
|
private $dbi; |
|
|
|
/** @var Relation */ |
|
private $relation; |
|
|
|
/** @var Transformations */ |
|
private $transformations; |
|
|
|
/** @var FileListing */ |
|
private $fileListing; |
|
|
|
/** @var Template */ |
|
public $template; |
|
|
|
/** |
|
* @param DatabaseInterface $dbi DatabaseInterface instance |
|
*/ |
|
public function __construct(DatabaseInterface $dbi) |
|
{ |
|
$this->dbi = $dbi; |
|
$this->relation = new Relation($this->dbi); |
|
$this->transformations = new Transformations(); |
|
$this->fileListing = new FileListing(); |
|
$this->template = new Template(); |
|
} |
|
|
|
/** |
|
* Retrieve form parameters for insert/edit form |
|
* |
|
* @param string $db name of the database |
|
* @param string $table name of the table |
|
* @param array|null $whereClauses where clauses |
|
* @param array $whereClauseArray array of where clauses |
|
* @param string $errorUrl error url |
|
* |
|
* @return array array of insert/edit form parameters |
|
*/ |
|
public function getFormParametersForInsertForm( |
|
$db, |
|
$table, |
|
?array $whereClauses, |
|
array $whereClauseArray, |
|
$errorUrl |
|
): array { |
|
$formParams = [ |
|
'db' => $db, |
|
'table' => $table, |
|
'goto' => $GLOBALS['goto'], |
|
'err_url' => $errorUrl, |
|
'sql_query' => $_POST['sql_query'] ?? '', |
|
]; |
|
if (isset($whereClauses)) { |
|
foreach ($whereClauseArray as $keyId => $whereClause) { |
|
$formParams['where_clause[' . $keyId . ']'] = trim($whereClause); |
|
} |
|
} |
|
|
|
if (isset($_POST['clause_is_unique'])) { |
|
$formParams['clause_is_unique'] = $_POST['clause_is_unique']; |
|
} |
|
|
|
return $formParams; |
|
} |
|
|
|
/** |
|
* Creates array of where clauses |
|
* |
|
* @param array|string|null $whereClause where clause |
|
* |
|
* @return array whereClauseArray array of where clauses |
|
*/ |
|
private function getWhereClauseArray($whereClause): array |
|
{ |
|
if ($whereClause === null) { |
|
return []; |
|
} |
|
|
|
if (is_array($whereClause)) { |
|
return $whereClause; |
|
} |
|
|
|
return [0 => $whereClause]; |
|
} |
|
|
|
/** |
|
* Analysing where clauses array |
|
* |
|
* @param array $whereClauseArray array of where clauses |
|
* @param string $table name of the table |
|
* @param string $db name of the database |
|
* |
|
* @return array $where_clauses, $result, $rows, $found_unique_key |
|
*/ |
|
private function analyzeWhereClauses( |
|
array $whereClauseArray, |
|
$table, |
|
$db |
|
): array { |
|
$rows = []; |
|
$result = []; |
|
$whereClauses = []; |
|
$foundUniqueKey = false; |
|
foreach ($whereClauseArray as $keyId => $whereClause) { |
|
$localQuery = 'SELECT * FROM ' |
|
. Util::backquote($db) . '.' |
|
. Util::backquote($table) |
|
. ' WHERE ' . $whereClause . ';'; |
|
$result[$keyId] = $this->dbi->query($localQuery); |
|
$rows[$keyId] = $result[$keyId]->fetchAssoc(); |
|
|
|
$whereClauses[$keyId] = str_replace('\\', '\\\\', $whereClause); |
|
$hasUniqueCondition = $this->showEmptyResultMessageOrSetUniqueCondition( |
|
$rows, |
|
$keyId, |
|
$whereClauseArray, |
|
$localQuery, |
|
$result |
|
); |
|
if (! $hasUniqueCondition) { |
|
continue; |
|
} |
|
|
|
$foundUniqueKey = true; |
|
} |
|
|
|
return [ |
|
$whereClauses, |
|
$result, |
|
$rows, |
|
$foundUniqueKey, |
|
]; |
|
} |
|
|
|
/** |
|
* Show message for empty result or set the unique_condition |
|
* |
|
* @param array $rows MySQL returned rows |
|
* @param string $keyId ID in current key |
|
* @param array $whereClauseArray array of where clauses |
|
* @param string $localQuery query performed |
|
* @param ResultInterface[] $result MySQL result handle |
|
*/ |
|
private function showEmptyResultMessageOrSetUniqueCondition( |
|
array $rows, |
|
$keyId, |
|
array $whereClauseArray, |
|
$localQuery, |
|
array $result |
|
): bool { |
|
// No row returned |
|
if (! $rows[$keyId]) { |
|
unset($rows[$keyId], $whereClauseArray[$keyId]); |
|
ResponseRenderer::getInstance()->addHTML( |
|
Generator::getMessage( |
|
__('MySQL returned an empty result set (i.e. zero rows).'), |
|
$localQuery |
|
) |
|
); |
|
/** |
|
* @todo not sure what should be done at this point, but we must not |
|
* exit if we want the message to be displayed |
|
*/ |
|
|
|
return false; |
|
} |
|
|
|
$meta = $this->dbi->getFieldsMeta($result[$keyId]); |
|
|
|
[$uniqueCondition] = Util::getUniqueCondition( |
|
count($meta), |
|
$meta, |
|
$rows[$keyId], |
|
true |
|
); |
|
|
|
return (bool) $uniqueCondition; |
|
} |
|
|
|
/** |
|
* No primary key given, just load first row |
|
* |
|
* @param string $table name of the table |
|
* @param string $db name of the database |
|
* |
|
* @return array containing $result and $rows arrays |
|
*/ |
|
private function loadFirstRow($table, $db) |
|
{ |
|
$result = $this->dbi->query( |
|
'SELECT * FROM ' . Util::backquote($db) |
|
. '.' . Util::backquote($table) . ' LIMIT 1;' |
|
); |
|
// Can be a string on some old configuration storage settings |
|
$rows = array_fill(0, (int) $GLOBALS['cfg']['InsertRows'], false); |
|
|
|
return [ |
|
$result, |
|
$rows, |
|
]; |
|
} |
|
|
|
/** |
|
* Add some url parameters |
|
* |
|
* @param array $urlParams containing $db and $table as url parameters |
|
* @param array $whereClauseArray where clauses array |
|
* |
|
* @return array Add some url parameters to $url_params array and return it |
|
*/ |
|
public function urlParamsInEditMode( |
|
array $urlParams, |
|
array $whereClauseArray |
|
): array { |
|
foreach ($whereClauseArray as $whereClause) { |
|
$urlParams['where_clause'] = trim($whereClause); |
|
} |
|
|
|
if (! empty($_POST['sql_query'])) { |
|
$urlParams['sql_query'] = $_POST['sql_query']; |
|
} |
|
|
|
return $urlParams; |
|
} |
|
|
|
/** |
|
* Show type information or function selectors in Insert/Edit |
|
* |
|
* @param string $which function|type |
|
* @param array $urlParams containing url parameters |
|
* @param bool $isShow whether to show the element in $which |
|
* |
|
* @return string an HTML snippet |
|
*/ |
|
public function showTypeOrFunction($which, array $urlParams, $isShow): string |
|
{ |
|
$params = []; |
|
|
|
switch ($which) { |
|
case 'function': |
|
$params['ShowFunctionFields'] = ($isShow ? 0 : 1); |
|
$params['ShowFieldTypesInDataEditView'] = $GLOBALS['cfg']['ShowFieldTypesInDataEditView']; |
|
break; |
|
case 'type': |
|
$params['ShowFieldTypesInDataEditView'] = ($isShow ? 0 : 1); |
|
$params['ShowFunctionFields'] = $GLOBALS['cfg']['ShowFunctionFields']; |
|
break; |
|
} |
|
|
|
$params['goto'] = Url::getFromRoute('/sql'); |
|
$thisUrlParams = array_merge($urlParams, $params); |
|
|
|
if (! $isShow) { |
|
return ' : <a href="' . Url::getFromRoute('/table/change') . '" data-post="' |
|
. Url::getCommon($thisUrlParams, '', false) . '">' |
|
. $this->showTypeOrFunctionLabel($which) |
|
. '</a>'; |
|
} |
|
|
|
return '<th><a href="' . Url::getFromRoute('/table/change') . '" data-post="' |
|
. Url::getCommon($thisUrlParams, '', false) |
|
. '" title="' . __('Hide') . '">' |
|
. $this->showTypeOrFunctionLabel($which) |
|
. '</a></th>'; |
|
} |
|
|
|
/** |
|
* Show type information or function selectors labels in Insert/Edit |
|
* |
|
* @param string $which function|type |
|
* |
|
* @return string an HTML snippet |
|
*/ |
|
private function showTypeOrFunctionLabel($which): string |
|
{ |
|
switch ($which) { |
|
case 'function': |
|
return __('Function'); |
|
|
|
case 'type': |
|
return __('Type'); |
|
} |
|
|
|
return ''; |
|
} |
|
|
|
/** |
|
* Analyze the table column array |
|
* |
|
* @param array $column description of column in given table |
|
* @param array $commentsMap comments for every column that has a comment |
|
* @param bool $timestampSeen whether a timestamp has been seen |
|
* |
|
* @return array description of column in given table |
|
*/ |
|
private function analyzeTableColumnsArray( |
|
array $column, |
|
array $commentsMap, |
|
$timestampSeen |
|
) { |
|
$column['Field_md5'] = md5($column['Field']); |
|
// True_Type contains only the type (stops at first bracket) |
|
$column['True_Type'] = preg_replace('@\(.*@s', '', $column['Type']); |
|
$column['len'] = preg_match('@float|double@', $column['Type']) ? 100 : -1; |
|
$column['Field_title'] = $this->getColumnTitle($column, $commentsMap); |
|
$column['is_binary'] = $this->isColumn( |
|
$column, |
|
[ |
|
'binary', |
|
'varbinary', |
|
] |
|
); |
|
$column['is_blob'] = $this->isColumn( |
|
$column, |
|
[ |
|
'blob', |
|
'tinyblob', |
|
'mediumblob', |
|
'longblob', |
|
] |
|
); |
|
$column['is_char'] = $this->isColumn( |
|
$column, |
|
[ |
|
'char', |
|
'varchar', |
|
] |
|
); |
|
|
|
[ |
|
$column['pma_type'], |
|
$column['wrap'], |
|
$column['first_timestamp'], |
|
] = $this->getEnumSetAndTimestampColumns($column, $timestampSeen); |
|
|
|
return $column; |
|
} |
|
|
|
/** |
|
* Retrieve the column title |
|
* |
|
* @param array $column description of column in given table |
|
* @param array $commentsMap comments for every column that has a comment |
|
* |
|
* @return string column title |
|
*/ |
|
private function getColumnTitle(array $column, array $commentsMap): string |
|
{ |
|
if (isset($commentsMap[$column['Field']])) { |
|
return '<span style="border-bottom: 1px dashed black;" title="' |
|
. htmlspecialchars($commentsMap[$column['Field']]) . '">' |
|
. htmlspecialchars($column['Field']) . '</span>'; |
|
} |
|
|
|
return htmlspecialchars($column['Field']); |
|
} |
|
|
|
/** |
|
* check whether the column is of a certain type |
|
* the goal is to ensure that types such as "enum('one','two','binary',..)" |
|
* or "enum('one','two','varbinary',..)" are not categorized as binary |
|
* |
|
* @param array $column description of column in given table |
|
* @param string[] $types the types to verify |
|
*/ |
|
public function isColumn(array $column, array $types): bool |
|
{ |
|
foreach ($types as $oneType) { |
|
if (mb_stripos($column['Type'], $oneType) === 0) { |
|
return true; |
|
} |
|
} |
|
|
|
return false; |
|
} |
|
|
|
/** |
|
* Retrieve set, enum, timestamp table columns |
|
* |
|
* @param array $column description of column in given table |
|
* @param bool $timestampSeen whether a timestamp has been seen |
|
* |
|
* @return array $column['pma_type'], $column['wrap'], $column['first_timestamp'] |
|
* @psalm-return array{0: mixed, 1: string, 2: bool} |
|
*/ |
|
private function getEnumSetAndTimestampColumns(array $column, $timestampSeen) |
|
{ |
|
switch ($column['True_Type']) { |
|
case 'set': |
|
return [ |
|
'set', |
|
'', |
|
false, |
|
]; |
|
|
|
case 'enum': |
|
return [ |
|
'enum', |
|
'', |
|
false, |
|
]; |
|
|
|
case 'timestamp': |
|
return [ |
|
$column['Type'], |
|
' text-nowrap', |
|
! $timestampSeen, // can only occur once per table |
|
]; |
|
|
|
default: |
|
return [ |
|
$column['Type'], |
|
' text-nowrap', |
|
false, |
|
]; |
|
} |
|
} |
|
|
|
/** |
|
* Retrieve the nullify code for the null column |
|
* |
|
* @param array $column description of column in given table |
|
* @param array $foreigners keys into foreign fields |
|
* @param array $foreignData data about the foreign keys |
|
*/ |
|
private function getNullifyCodeForNullColumn( |
|
array $column, |
|
array $foreigners, |
|
array $foreignData |
|
): string { |
|
$foreigner = $this->relation->searchColumnInForeigners($foreigners, $column['Field']); |
|
if (mb_strstr($column['True_Type'], 'enum')) { |
|
if (mb_strlen((string) $column['Type']) > 20) { |
|
$nullifyCode = '1'; |
|
} else { |
|
$nullifyCode = '2'; |
|
} |
|
} elseif (mb_strstr($column['True_Type'], 'set')) { |
|
$nullifyCode = '3'; |
|
} elseif ($foreigner && $foreignData['foreign_link'] == false) { |
|
// foreign key in a drop-down |
|
$nullifyCode = '4'; |
|
} elseif ($foreigner && $foreignData['foreign_link'] == true) { |
|
// foreign key with a browsing icon |
|
$nullifyCode = '6'; |
|
} else { |
|
$nullifyCode = '5'; |
|
} |
|
|
|
return $nullifyCode; |
|
} |
|
|
|
/** |
|
* Get HTML textarea for insert form |
|
* |
|
* @param array $column column information |
|
* @param string $backupField hidden input field |
|
* @param string $columnNameAppendix the name attribute |
|
* @param string $onChangeClause onchange clause for fields |
|
* @param int $tabindex tab index |
|
* @param int $tabindexForValue offset for the values tabindex |
|
* @param int $idindex id index |
|
* @param string $textDir text direction |
|
* @param string $specialCharsEncoded replaced char if the string starts |
|
* with a \r\n pair (0x0d0a) add an extra \n |
|
* @param string $dataType the html5 data-* attribute type |
|
* @param bool $readOnly is column read only or not |
|
* |
|
* @return string an html snippet |
|
*/ |
|
private function getTextarea( |
|
array $column, |
|
$backupField, |
|
$columnNameAppendix, |
|
$onChangeClause, |
|
$tabindex, |
|
$tabindexForValue, |
|
$idindex, |
|
$textDir, |
|
$specialCharsEncoded, |
|
$dataType, |
|
$readOnly |
|
): string { |
|
$theClass = ''; |
|
$textAreaRows = $GLOBALS['cfg']['TextareaRows']; |
|
$textareaCols = $GLOBALS['cfg']['TextareaCols']; |
|
|
|
if ($column['is_char']) { |
|
/** |
|
* @todo clarify the meaning of the "textfield" class and explain |
|
* why character columns have the "char" class instead |
|
*/ |
|
$theClass = 'char charField'; |
|
$textAreaRows = $GLOBALS['cfg']['CharTextareaRows']; |
|
$textareaCols = $GLOBALS['cfg']['CharTextareaCols']; |
|
$extractedColumnspec = Util::extractColumnSpec($column['Type']); |
|
$maxlength = $extractedColumnspec['spec_in_brackets']; |
|
} elseif ($GLOBALS['cfg']['LongtextDoubleTextarea'] && mb_strstr($column['pma_type'], 'longtext')) { |
|
$textAreaRows = $GLOBALS['cfg']['TextareaRows'] * 2; |
|
$textareaCols = $GLOBALS['cfg']['TextareaCols'] * 2; |
|
} |
|
|
|
return $backupField . "\n" |
|
. '<textarea name="fields' . $columnNameAppendix . '"' |
|
. ' class="' . $theClass . '"' |
|
. ($readOnly ? ' readonly="readonly"' : '') |
|
. (isset($maxlength) ? ' data-maxlength="' . $maxlength . '"' : '') |
|
. ' rows="' . $textAreaRows . '"' |
|
. ' cols="' . $textareaCols . '"' |
|
. ' dir="' . $textDir . '"' |
|
. ' id="field_' . $idindex . '_3"' |
|
. ($onChangeClause ? ' ' . $onChangeClause : '') |
|
. ' tabindex="' . ($tabindex + $tabindexForValue) . '"' |
|
. ' data-type="' . $dataType . '">' |
|
. $specialCharsEncoded |
|
. '</textarea>'; |
|
} |
|
|
|
/** |
|
* Get column values |
|
* |
|
* @param string[] $enum_set_values |
|
* |
|
* @return array column values as an associative array |
|
* @psalm-return list<array{html: string, plain: string}> |
|
*/ |
|
private function getColumnEnumValues(array $enum_set_values): array |
|
{ |
|
$values = []; |
|
foreach ($enum_set_values as $val) { |
|
$values[] = [ |
|
'plain' => $val, |
|
'html' => htmlspecialchars($val), |
|
]; |
|
} |
|
|
|
return $values; |
|
} |
|
|
|
/** |
|
* Retrieve column 'set' value and select size |
|
* |
|
* @param array $column description of column in given table |
|
* @param string[] $enum_set_values |
|
* |
|
* @return array $column['values'], $column['select_size'] |
|
*/ |
|
private function getColumnSetValueAndSelectSize( |
|
array $column, |
|
array $enum_set_values |
|
): array { |
|
if (! isset($column['values'])) { |
|
$column['values'] = []; |
|
foreach ($enum_set_values as $val) { |
|
$column['values'][] = [ |
|
'plain' => $val, |
|
'html' => htmlspecialchars($val), |
|
]; |
|
} |
|
|
|
$column['select_size'] = min(4, count($column['values'])); |
|
} |
|
|
|
return [ |
|
$column['values'], |
|
$column['select_size'], |
|
]; |
|
} |
|
|
|
/** |
|
* Get HTML input type |
|
* |
|
* @param array $column description of column in given table |
|
* @param string $columnNameAppendix the name attribute |
|
* @param string $specialChars special characters |
|
* @param int $fieldsize html field size |
|
* @param string $onChangeClause onchange clause for fields |
|
* @param int $tabindex tab index |
|
* @param int $tabindexForValue offset for the values tabindex |
|
* @param int $idindex id index |
|
* @param string $dataType the html5 data-* attribute type |
|
* @param bool $readOnly is column read only or not |
|
* |
|
* @return string an html snippet |
|
*/ |
|
private function getHtmlInput( |
|
array $column, |
|
$columnNameAppendix, |
|
$specialChars, |
|
$fieldsize, |
|
$onChangeClause, |
|
$tabindex, |
|
$tabindexForValue, |
|
$idindex, |
|
$dataType, |
|
$readOnly |
|
): string { |
|
$theClass = 'textfield'; |
|
// verify True_Type which does not contain the parentheses and length |
|
if (! $readOnly) { |
|
if ($column['True_Type'] === 'date') { |
|
$theClass .= ' datefield'; |
|
} elseif ($column['True_Type'] === 'time') { |
|
$theClass .= ' timefield'; |
|
} elseif ($column['True_Type'] === 'datetime' || $column['True_Type'] === 'timestamp') { |
|
$theClass .= ' datetimefield'; |
|
} |
|
} |
|
|
|
$inputMinMax = ''; |
|
if (in_array($column['True_Type'], $this->dbi->types->getIntegerTypes())) { |
|
$extractedColumnspec = Util::extractColumnSpec($column['Type']); |
|
$isUnsigned = $extractedColumnspec['unsigned']; |
|
$minMaxValues = $this->dbi->types->getIntegerRange($column['True_Type'], ! $isUnsigned); |
|
$inputMinMax = 'min="' . $minMaxValues[0] . '" ' |
|
. 'max="' . $minMaxValues[1] . '"'; |
|
$dataType = 'INT'; |
|
} |
|
|
|
// do not use the 'date' or 'time' types here; they have no effect on some |
|
// browsers and create side effects (see bug #4218) |
|
return '<input type="text"' |
|
. ' name="fields' . $columnNameAppendix . '"' |
|
. ' value="' . $specialChars . '" size="' . $fieldsize . '"' |
|
. (isset($column['is_char']) && $column['is_char'] |
|
? ' data-maxlength="' . $fieldsize . '"' |
|
: '') |
|
. ($readOnly ? ' readonly="readonly"' : '') |
|
. ($inputMinMax ? ' ' . $inputMinMax : '') |
|
. ' data-type="' . $dataType . '"' |
|
. ' class="' . $theClass . '" ' . $onChangeClause |
|
. ' tabindex="' . ($tabindex + $tabindexForValue) . '"' |
|
. ' id="field_' . $idindex . '_3">'; |
|
} |
|
|
|
/** |
|
* Get HTML select option for upload |
|
* |
|
* @param string $vkey [multi_edit]['row_id'] |
|
* @param string $fieldHashMd5 array index as an MD5 to avoid having special characters |
|
* |
|
* @return string an HTML snippet |
|
*/ |
|
private function getSelectOptionForUpload(string $vkey, string $fieldHashMd5): string |
|
{ |
|
$files = $this->fileListing->getFileSelectOptions( |
|
Util::userDir((string) ($GLOBALS['cfg']['UploadDir'] ?? '')) |
|
); |
|
|
|
if ($files === false) { |
|
return '<span style="color:red">' . __('Error') . '</span><br>' . "\n" |
|
. __('The directory you set for upload work cannot be reached.') . "\n"; |
|
} |
|
|
|
if ($files === '') { |
|
return ''; |
|
} |
|
|
|
return "<br>\n" |
|
. '<i>' . __('Or') . '</i> ' |
|
. __('web server upload directory:') . '<br>' . "\n" |
|
. '<select size="1" name="fields_uploadlocal' |
|
. $vkey . '[' . $fieldHashMd5 . ']">' . "\n" |
|
. '<option value="" selected="selected"></option>' . "\n" |
|
. $files |
|
. '</select>' . "\n"; |
|
} |
|
|
|
/** |
|
* Retrieve the maximum upload file size |
|
* |
|
* @param string $pma_type column type |
|
* @param int $biggestMaxFileSize biggest max file size for uploading |
|
* |
|
* @return array an html snippet and $biggest_max_file_size |
|
* @psalm-return array{non-empty-string, int} |
|
*/ |
|
private function getMaxUploadSize(string $pma_type, $biggestMaxFileSize): array |
|
{ |
|
// find maximum upload size, based on field type |
|
/** |
|
* @todo with functions this is not so easy, as you can basically |
|
* process any data with function like MD5 |
|
*/ |
|
$maxFieldSizes = [ |
|
'tinyblob' => 256, |
|
'blob' => 65536, |
|
'mediumblob' => 16777216, |
|
'longblob' => 4294967296,// yeah, really |
|
]; |
|
|
|
$thisFieldMaxSize = (int) $GLOBALS['config']->get('max_upload_size'); // from PHP max |
|
if ($thisFieldMaxSize > $maxFieldSizes[$pma_type]) { |
|
$thisFieldMaxSize = $maxFieldSizes[$pma_type]; |
|
} |
|
|
|
$htmlOutput = Util::getFormattedMaximumUploadSize($thisFieldMaxSize) . "\n"; |
|
// do not generate here the MAX_FILE_SIZE, because we should |
|
// put only one in the form to accommodate the biggest field |
|
if ($thisFieldMaxSize > $biggestMaxFileSize) { |
|
$biggestMaxFileSize = $thisFieldMaxSize; |
|
} |
|
|
|
return [ |
|
$htmlOutput, |
|
$biggestMaxFileSize, |
|
]; |
|
} |
|
|
|
/** |
|
* Get HTML for the Value column of other datatypes |
|
* (here, "column" is used in the sense of HTML column in HTML table) |
|
* |
|
* @param array $column description of column in given table |
|
* @param string $defaultCharEditing default char editing mode which is stored |
|
* in the config.inc.php script |
|
* @param string $backupField hidden input field |
|
* @param string $columnNameAppendix the name attribute |
|
* @param string $onChangeClause onchange clause for fields |
|
* @param int $tabindex tab index |
|
* @param string $specialChars special characters |
|
* @param int $tabindexForValue offset for the values tabindex |
|
* @param int $idindex id index |
|
* @param string $textDir text direction |
|
* @param string $specialCharsEncoded replaced char if the string starts |
|
* with a \r\n pair (0x0d0a) add an extra \n |
|
* @param string $data data to edit |
|
* @param array $extractedColumnspec associative array containing type, |
|
* spec_in_brackets and possibly |
|
* enum_set_values (another array) |
|
* @param bool $readOnly is column read only or not |
|
* |
|
* @return string an html snippet |
|
*/ |
|
private function getValueColumnForOtherDatatypes( |
|
array $column, |
|
$defaultCharEditing, |
|
$backupField, |
|
$columnNameAppendix, |
|
$onChangeClause, |
|
$tabindex, |
|
$specialChars, |
|
$tabindexForValue, |
|
$idindex, |
|
$textDir, |
|
$specialCharsEncoded, |
|
$data, |
|
array $extractedColumnspec, |
|
$readOnly |
|
): string { |
|
// HTML5 data-* attribute data-type |
|
$dataType = $this->dbi->types->getTypeClass($column['True_Type']); |
|
$fieldsize = $this->getColumnSize($column, $extractedColumnspec['spec_in_brackets']); |
|
$htmlOutput = $backupField . "\n"; |
|
if ($column['is_char'] && ($GLOBALS['cfg']['CharEditing'] === 'textarea' || str_contains($data, "\n"))) { |
|
$htmlOutput .= "\n"; |
|
$GLOBALS['cfg']['CharEditing'] = $defaultCharEditing; |
|
$htmlOutput .= $this->getTextarea( |
|
$column, |
|
$backupField, |
|
$columnNameAppendix, |
|
$onChangeClause, |
|
$tabindex, |
|
$tabindexForValue, |
|
$idindex, |
|
$textDir, |
|
$specialCharsEncoded, |
|
$dataType, |
|
$readOnly |
|
); |
|
} else { |
|
$htmlOutput .= $this->getHtmlInput( |
|
$column, |
|
$columnNameAppendix, |
|
$specialChars, |
|
$fieldsize, |
|
$onChangeClause, |
|
$tabindex, |
|
$tabindexForValue, |
|
$idindex, |
|
$dataType, |
|
$readOnly |
|
); |
|
|
|
if ( |
|
preg_match('/(VIRTUAL|PERSISTENT|GENERATED)/', $column['Extra']) |
|
&& ! str_contains($column['Extra'], 'DEFAULT_GENERATED') |
|
) { |
|
$htmlOutput .= '<input type="hidden" name="virtual' |
|
. $columnNameAppendix . '" value="1">'; |
|
} |
|
|
|
if ($column['Extra'] === 'auto_increment') { |
|
$htmlOutput .= '<input type="hidden" name="auto_increment' |
|
. $columnNameAppendix . '" value="1">'; |
|
} |
|
|
|
if (substr($column['pma_type'], 0, 9) === 'timestamp') { |
|
$htmlOutput .= '<input type="hidden" name="fields_type' |
|
. $columnNameAppendix . '" value="timestamp">'; |
|
} |
|
|
|
if (substr($column['pma_type'], 0, 4) === 'date') { |
|
$type = substr($column['pma_type'], 0, 8) === 'datetime' ? 'datetime' : 'date'; |
|
$htmlOutput .= '<input type="hidden" name="fields_type' |
|
. $columnNameAppendix . '" value="' . $type . '">'; |
|
} |
|
|
|
if ($column['True_Type'] === 'bit') { |
|
$htmlOutput .= '<input type="hidden" name="fields_type' |
|
. $columnNameAppendix . '" value="bit">'; |
|
} |
|
} |
|
|
|
return $htmlOutput; |
|
} |
|
|
|
/** |
|
* Get the field size |
|
* |
|
* @param array $column description of column in given table |
|
* @param string $specInBrackets text in brackets inside column definition |
|
* |
|
* @return int field size |
|
*/ |
|
private function getColumnSize(array $column, string $specInBrackets): int |
|
{ |
|
if ($column['is_char']) { |
|
$fieldsize = (int) $specInBrackets; |
|
if ($fieldsize > $GLOBALS['cfg']['MaxSizeForInputField']) { |
|
/** |
|
* This case happens for CHAR or VARCHAR columns which have |
|
* a size larger than the maximum size for input field. |
|
*/ |
|
$GLOBALS['cfg']['CharEditing'] = 'textarea'; |
|
} |
|
} else { |
|
/** |
|
* This case happens for example for INT or DATE columns; |
|
* in these situations, the value returned in $column['len'] |
|
* seems appropriate. |
|
*/ |
|
$fieldsize = $column['len']; |
|
} |
|
|
|
return min( |
|
max($fieldsize, $GLOBALS['cfg']['MinSizeForInputField']), |
|
$GLOBALS['cfg']['MaxSizeForInputField'] |
|
); |
|
} |
|
|
|
/** |
|
* get html for continue insertion form |
|
* |
|
* @param string $table name of the table |
|
* @param string $db name of the database |
|
* @param array $whereClauseArray array of where clauses |
|
* @param string $errorUrl error url |
|
* |
|
* @return string an html snippet |
|
*/ |
|
public function getContinueInsertionForm( |
|
$table, |
|
$db, |
|
array $whereClauseArray, |
|
$errorUrl |
|
): string { |
|
return $this->template->render('table/insert/continue_insertion_form', [ |
|
'db' => $db, |
|
'table' => $table, |
|
'where_clause_array' => $whereClauseArray, |
|
'err_url' => $errorUrl, |
|
'goto' => $GLOBALS['goto'], |
|
'sql_query' => $_POST['sql_query'] ?? null, |
|
'has_where_clause' => isset($_POST['where_clause']), |
|
'insert_rows_default' => $GLOBALS['cfg']['InsertRows'], |
|
]); |
|
} |
|
|
|
/** |
|
* @param string[]|string|null $whereClause |
|
* |
|
* @psalm-pure |
|
*/ |
|
public static function isWhereClauseNumeric($whereClause): bool |
|
{ |
|
if ($whereClause === null) { |
|
return false; |
|
} |
|
|
|
if (! is_array($whereClause)) { |
|
$whereClause = [$whereClause]; |
|
} |
|
|
|
// If we have just numeric primary key, we can also edit next |
|
// we are looking for `table_name`.`field_name` = numeric_value |
|
foreach ($whereClause as $clause) { |
|
// preg_match() returns 1 if there is a match |
|
$isNumeric = preg_match('@^[\s]*`[^`]*`[\.]`[^`]*` = [0-9]+@', $clause) === 1; |
|
if ($isNumeric) { |
|
return true; |
|
} |
|
} |
|
|
|
return false; |
|
} |
|
|
|
/** |
|
* Get table head and table foot for insert row table |
|
* |
|
* @param array $urlParams url parameters |
|
* |
|
* @return string an html snippet |
|
*/ |
|
private function getHeadAndFootOfInsertRowTable(array $urlParams): string |
|
{ |
|
$type = ''; |
|
$function = ''; |
|
|
|
if ($GLOBALS['cfg']['ShowFieldTypesInDataEditView']) { |
|
$type = $this->showTypeOrFunction('type', $urlParams, true); |
|
} |
|
|
|
if ($GLOBALS['cfg']['ShowFunctionFields']) { |
|
$function = $this->showTypeOrFunction('function', $urlParams, true); |
|
} |
|
|
|
$template = new Template(); |
|
|
|
return $template->render('table/insert/get_head_and_foot_of_insert_row_table', [ |
|
'type' => $type, |
|
'function' => $function, |
|
]); |
|
} |
|
|
|
/** |
|
* Prepares the field value and retrieve special chars, backup field and data array |
|
* |
|
* @param array $currentRow a row of the table |
|
* @param array $column description of column in given table |
|
* @param array $extractedColumnspec associative array containing type, |
|
* spec_in_brackets and possibly |
|
* enum_set_values (another array) |
|
* @param array $gisDataTypes list of GIS data types |
|
* @param string $columnNameAppendix string to append to column name in input |
|
* @param bool $asIs use the data as is, used in repopulating |
|
* |
|
* @return array $real_null_value, $data, $special_chars, $backup_field, |
|
* $special_chars_encoded |
|
*/ |
|
private function getSpecialCharsAndBackupFieldForExistingRow( |
|
array $currentRow, |
|
array $column, |
|
array $extractedColumnspec, |
|
array $gisDataTypes, |
|
$columnNameAppendix, |
|
$asIs |
|
) { |
|
$specialCharsEncoded = ''; |
|
$data = null; |
|
$realNullValue = false; |
|
// (we are editing) |
|
if (! isset($currentRow[$column['Field']])) { |
|
$realNullValue = true; |
|
$currentRow[$column['Field']] = ''; |
|
$specialChars = ''; |
|
$data = $currentRow[$column['Field']]; |
|
} elseif ($column['True_Type'] === 'bit') { |
|
$specialChars = $asIs |
|
? $currentRow[$column['Field']] |
|
: Util::printableBitValue( |
|
(int) $currentRow[$column['Field']], |
|
(int) $extractedColumnspec['spec_in_brackets'] |
|
); |
|
} elseif ( |
|
(substr($column['True_Type'], 0, 9) === 'timestamp' |
|
|| $column['True_Type'] === 'datetime' |
|
|| $column['True_Type'] === 'time') |
|
&& (str_contains($currentRow[$column['Field']], '.')) |
|
) { |
|
$currentRow[$column['Field']] = $asIs |
|
? $currentRow[$column['Field']] |
|
: Util::addMicroseconds($currentRow[$column['Field']]); |
|
$specialChars = htmlspecialchars($currentRow[$column['Field']], ENT_COMPAT); |
|
} elseif (in_array($column['True_Type'], $gisDataTypes)) { |
|
// Convert gis data to Well Know Text format |
|
$currentRow[$column['Field']] = $asIs |
|
? $currentRow[$column['Field']] |
|
: Gis::convertToWellKnownText($currentRow[$column['Field']], true); |
|
$specialChars = htmlspecialchars($currentRow[$column['Field']], ENT_COMPAT); |
|
} else { |
|
// special binary "characters" |
|
if ($column['is_binary'] || ($column['is_blob'] && $GLOBALS['cfg']['ProtectBinary'] !== 'all')) { |
|
$currentRow[$column['Field']] = $asIs |
|
? $currentRow[$column['Field']] |
|
: bin2hex($currentRow[$column['Field']]); |
|
} |
|
|
|
$specialChars = htmlspecialchars($currentRow[$column['Field']], ENT_COMPAT); |
|
|
|
//We need to duplicate the first \n or otherwise we will lose |
|
//the first newline entered in a VARCHAR or TEXT column |
|
$specialCharsEncoded = Util::duplicateFirstNewline($specialChars); |
|
|
|
$data = $currentRow[$column['Field']]; |
|
} |
|
|
|
//when copying row, it is useful to empty auto-increment column |
|
// to prevent duplicate key error |
|
if (isset($_POST['default_action']) && $_POST['default_action'] === 'insert') { |
|
if ($column['Key'] === 'PRI' && str_contains($column['Extra'], 'auto_increment')) { |
|
$data = $specialCharsEncoded = $specialChars = null; |
|
} |
|
} |
|
|
|
// If a timestamp field value is not included in an update |
|
// statement MySQL auto-update it to the current timestamp; |
|
// however, things have changed since MySQL 4.1, so |
|
// it's better to set a fields_prev in this situation |
|
$backupField = '<input type="hidden" name="fields_prev' |
|
. $columnNameAppendix . '" value="' |
|
. htmlspecialchars($currentRow[$column['Field']], ENT_COMPAT) . '">'; |
|
|
|
return [ |
|
$realNullValue, |
|
$specialCharsEncoded, |
|
$specialChars, |
|
$data, |
|
$backupField, |
|
]; |
|
} |
|
|
|
/** |
|
* display default values |
|
* |
|
* @param array $column description of column in given table |
|
* |
|
* @return array $real_null_value, $data, $special_chars, |
|
* $backup_field, $special_chars_encoded |
|
* @psalm-return array{bool, mixed, string, string, string} |
|
*/ |
|
private function getSpecialCharsAndBackupFieldForInsertingMode( |
|
array $column |
|
) { |
|
if (! isset($column['Default'])) { |
|
$column['Default'] = ''; |
|
$realNullValue = true; |
|
$data = ''; |
|
} else { |
|
$realNullValue = false; |
|
$data = $column['Default']; |
|
} |
|
|
|
$trueType = $column['True_Type']; |
|
|
|
if ($trueType === 'bit') { |
|
$specialChars = Util::convertBitDefaultValue($column['Default']); |
|
} elseif (substr($trueType, 0, 9) === 'timestamp' || $trueType === 'datetime' || $trueType === 'time') { |
|
$specialChars = Util::addMicroseconds($column['Default']); |
|
} elseif ($trueType === 'binary' || $trueType === 'varbinary') { |
|
$specialChars = bin2hex($column['Default']); |
|
} elseif (substr($trueType, -4) === 'text') { |
|
$textDefault = substr($column['Default'], 1, -1); |
|
$specialChars = stripcslashes($textDefault !== false ? $textDefault : $column['Default']); |
|
} else { |
|
$specialChars = htmlspecialchars($column['Default']); |
|
} |
|
|
|
$specialCharsEncoded = Util::duplicateFirstNewline($specialChars); |
|
|
|
return [ |
|
$realNullValue, |
|
$data, |
|
$specialChars, |
|
'', |
|
$specialCharsEncoded, |
|
]; |
|
} |
|
|
|
/** |
|
* Prepares the update/insert of a row |
|
* |
|
* @return array $loop_array, $using_key, $is_insert, $is_insertignore |
|
* @psalm-return array{array, bool, bool, bool} |
|
*/ |
|
public function getParamsForUpdateOrInsert() |
|
{ |
|
if (isset($_POST['where_clause'])) { |
|
// we were editing something => use the WHERE clause |
|
$loopArray = is_array($_POST['where_clause']) |
|
? $_POST['where_clause'] |
|
: [$_POST['where_clause']]; |
|
$usingKey = true; |
|
$isInsert = isset($_POST['submit_type']) |
|
&& ($_POST['submit_type'] === 'insert' |
|
|| $_POST['submit_type'] === 'showinsert' |
|
|| $_POST['submit_type'] === 'insertignore'); |
|
} else { |
|
// new row => use indexes |
|
$loopArray = []; |
|
if (! empty($_POST['fields'])) { |
|
$loopArray = array_keys($_POST['fields']['multi_edit']); |
|
} |
|
|
|
$usingKey = false; |
|
$isInsert = true; |
|
} |
|
|
|
$isInsertIgnore = isset($_POST['submit_type']) |
|
&& $_POST['submit_type'] === 'insertignore'; |
|
|
|
return [ |
|
$loopArray, |
|
$usingKey, |
|
$isInsert, |
|
$isInsertIgnore, |
|
]; |
|
} |
|
|
|
/** |
|
* set $_SESSION for edit_next |
|
* |
|
* @param string $oneWhereClause one where clause from where clauses array |
|
*/ |
|
public function setSessionForEditNext($oneWhereClause): void |
|
{ |
|
$localQuery = 'SELECT * FROM ' . Util::backquote($GLOBALS['db']) |
|
. '.' . Util::backquote($GLOBALS['table']) . ' WHERE ' |
|
. str_replace('` =', '` >', $oneWhereClause) . ' LIMIT 1;'; |
|
|
|
$res = $this->dbi->query($localQuery); |
|
$row = $res->fetchRow(); |
|
$meta = $this->dbi->getFieldsMeta($res); |
|
// must find a unique condition based on unique key, |
|
// not a combination of all fields |
|
[$uniqueCondition] = Util::getUniqueCondition( |
|
count($meta), |
|
$meta, |
|
$row, |
|
true |
|
); |
|
if (! $uniqueCondition) { |
|
return; |
|
} |
|
|
|
$_SESSION['edit_next'] = $uniqueCondition; |
|
} |
|
|
|
/** |
|
* set $goto_include variable for different cases and retrieve like, |
|
* if $GLOBALS['goto'] empty, if $goto_include previously not defined |
|
* and new_insert, same_insert, edit_next |
|
* |
|
* @param string|false $gotoInclude store some script for include, otherwise it is |
|
* boolean false |
|
*/ |
|
public function getGotoInclude($gotoInclude): string |
|
{ |
|
$validOptions = [ |
|
'new_insert', |
|
'same_insert', |
|
'edit_next', |
|
]; |
|
if (isset($_POST['after_insert']) && in_array($_POST['after_insert'], $validOptions)) { |
|
return '/table/change'; |
|
} |
|
|
|
if (! empty($GLOBALS['goto'])) { |
|
if (! preg_match('@^[a-z_]+\.php$@', $GLOBALS['goto'])) { |
|
// this should NOT happen |
|
//$GLOBALS['goto'] = false; |
|
if ($GLOBALS['goto'] === 'index.php?route=/sql') { |
|
$gotoInclude = '/sql'; |
|
} else { |
|
$gotoInclude = false; |
|
} |
|
} else { |
|
$gotoInclude = $GLOBALS['goto']; |
|
} |
|
|
|
if ($GLOBALS['goto'] === 'index.php?route=/database/sql' && strlen($GLOBALS['table']) > 0) { |
|
$GLOBALS['table'] = ''; |
|
} |
|
} |
|
|
|
if (! $gotoInclude) { |
|
if (strlen($GLOBALS['table']) === 0) { |
|
$gotoInclude = '/database/sql'; |
|
} else { |
|
$gotoInclude = '/table/sql'; |
|
} |
|
} |
|
|
|
return $gotoInclude; |
|
} |
|
|
|
/** |
|
* Defines the url to return in case of failure of the query |
|
* |
|
* @param array $urlParams url parameters |
|
* |
|
* @return string error url for query failure |
|
*/ |
|
public function getErrorUrl(array $urlParams) |
|
{ |
|
if (isset($_POST['err_url'])) { |
|
return $_POST['err_url']; |
|
} |
|
|
|
return Url::getFromRoute('/table/change', $urlParams); |
|
} |
|
|
|
/** |
|
* Builds the sql query |
|
* |
|
* @param bool $isInsertIgnore $_POST['submit_type'] === 'insertignore' |
|
* @param array $queryFields column names array |
|
* @param array $valueSets array of query values |
|
* |
|
* @return array of query |
|
* @psalm-return array{string} |
|
*/ |
|
public function buildSqlQuery(bool $isInsertIgnore, array $queryFields, array $valueSets) |
|
{ |
|
if ($isInsertIgnore) { |
|
$insertCommand = 'INSERT IGNORE '; |
|
} else { |
|
$insertCommand = 'INSERT '; |
|
} |
|
|
|
return [ |
|
$insertCommand . 'INTO ' |
|
. Util::backquote($GLOBALS['table']) |
|
. ' (' . implode(', ', $queryFields) . ') VALUES (' |
|
. implode('), (', $valueSets) . ')', |
|
]; |
|
} |
|
|
|
/** |
|
* Executes the sql query and get the result, then move back to the calling page |
|
* |
|
* @param array $urlParams url parameters array |
|
* @param array $query built query from buildSqlQuery() |
|
* |
|
* @return array $url_params, $total_affected_rows, $last_messages |
|
* $warning_messages, $error_messages, $return_to_sql_query |
|
*/ |
|
public function executeSqlQuery(array $urlParams, array $query) |
|
{ |
|
$returnToSqlQuery = ''; |
|
if (! empty($GLOBALS['sql_query'])) { |
|
$urlParams['sql_query'] = $GLOBALS['sql_query']; |
|
$returnToSqlQuery = $GLOBALS['sql_query']; |
|
} |
|
|
|
$GLOBALS['sql_query'] = implode('; ', $query) . ';'; |
|
// to ensure that the query is displayed in case of |
|
// "insert as new row" and then "insert another new row" |
|
$GLOBALS['display_query'] = $GLOBALS['sql_query']; |
|
|
|
$totalAffectedRows = 0; |
|
$lastMessages = []; |
|
$warningMessages = []; |
|
$errorMessages = []; |
|
|
|
foreach ($query as $singleQuery) { |
|
if (isset($_POST['submit_type']) && $_POST['submit_type'] === 'showinsert') { |
|
$lastMessages[] = Message::notice(__('Showing SQL query')); |
|
continue; |
|
} |
|
|
|
if ($GLOBALS['cfg']['IgnoreMultiSubmitErrors']) { |
|
$result = $this->dbi->tryQuery($singleQuery); |
|
} else { |
|
$result = $this->dbi->query($singleQuery); |
|
} |
|
|
|
if (! $result) { |
|
$errorMessages[] = $this->dbi->getError(); |
|
} else { |
|
$totalAffectedRows += $this->dbi->affectedRows(); |
|
|
|
$insertId = $this->dbi->insertId(); |
|
if ($insertId) { |
|
// insert_id is id of FIRST record inserted in one insert, so if we |
|
// inserted multiple rows, we had to increment this |
|
|
|
if ($totalAffectedRows > 0) { |
|
$insertId += $totalAffectedRows - 1; |
|
} |
|
|
|
$lastMessage = Message::notice(__('Inserted row id: %1$d')); |
|
$lastMessage->addParam($insertId); |
|
$lastMessages[] = $lastMessage; |
|
} |
|
} |
|
|
|
$warningMessages = $this->getWarningMessages(); |
|
} |
|
|
|
return [ |
|
$urlParams, |
|
$totalAffectedRows, |
|
$lastMessages, |
|
$warningMessages, |
|
$errorMessages, |
|
$returnToSqlQuery, |
|
]; |
|
} |
|
|
|
/** |
|
* get the warning messages array |
|
* |
|
* @return string[] |
|
*/ |
|
private function getWarningMessages(): array |
|
{ |
|
$warningMessages = []; |
|
foreach ($this->dbi->getWarnings() as $warning) { |
|
$warningMessages[] = htmlspecialchars((string) $warning); |
|
} |
|
|
|
return $warningMessages; |
|
} |
|
|
|
/** |
|
* Column to display from the foreign table? |
|
* |
|
* @param string $whereComparison string that contain relation field value |
|
* @param array $map all Relations to foreign tables for a given |
|
* table or optionally a given column in a table |
|
* @param string $relationField relation field |
|
* |
|
* @return string display value from the foreign table |
|
*/ |
|
public function getDisplayValueForForeignTableColumn( |
|
$whereComparison, |
|
array $map, |
|
$relationField |
|
) { |
|
$foreigner = $this->relation->searchColumnInForeigners($map, $relationField); |
|
|
|
if (! is_array($foreigner)) { |
|
return ''; |
|
} |
|
|
|
$displayField = $this->relation->getDisplayField($foreigner['foreign_db'], $foreigner['foreign_table']); |
|
// Field to display from the foreign table? |
|
if (is_string($displayField) && strlen($displayField) > 0) { |
|
$dispsql = 'SELECT ' . Util::backquote($displayField) |
|
. ' FROM ' . Util::backquote($foreigner['foreign_db']) |
|
. '.' . Util::backquote($foreigner['foreign_table']) |
|
. ' WHERE ' . Util::backquote($foreigner['foreign_field']) |
|
. $whereComparison; |
|
$dispresult = $this->dbi->tryQuery($dispsql); |
|
if ($dispresult && $dispresult->numRows() > 0) { |
|
return (string) $dispresult->fetchValue(); |
|
} |
|
} |
|
|
|
return ''; |
|
} |
|
|
|
/** |
|
* Display option in the cell according to user choices |
|
* |
|
* @param array $map all Relations to foreign tables for a given |
|
* table or optionally a given column in a table |
|
* @param string $relationField relation field |
|
* @param string $whereComparison string that contain relation field value |
|
* @param string $dispval display value from the foreign table |
|
* @param string $relationFieldValue relation field value |
|
* |
|
* @return string HTML <a> tag |
|
*/ |
|
public function getLinkForRelationalDisplayField( |
|
array $map, |
|
$relationField, |
|
$whereComparison, |
|
$dispval, |
|
$relationFieldValue |
|
): string { |
|
$foreigner = $this->relation->searchColumnInForeigners($map, $relationField); |
|
|
|
if (! is_array($foreigner)) { |
|
return ''; |
|
} |
|
|
|
if ($_SESSION['tmpval']['relational_display'] === 'K') { |
|
// user chose "relational key" in the display options, so |
|
// the title contains the display field |
|
$title = $dispval |
|
? ' title="' . htmlspecialchars($dispval) . '"' |
|
: ''; |
|
} else { |
|
$title = ' title="' . htmlspecialchars($relationFieldValue) . '"'; |
|
} |
|
|
|
$sqlQuery = 'SELECT * FROM ' |
|
. Util::backquote($foreigner['foreign_db']) |
|
. '.' . Util::backquote($foreigner['foreign_table']) |
|
. ' WHERE ' . Util::backquote($foreigner['foreign_field']) |
|
. $whereComparison; |
|
$urlParams = [ |
|
'db' => $foreigner['foreign_db'], |
|
'table' => $foreigner['foreign_table'], |
|
'pos' => '0', |
|
'sql_signature' => Core::signSqlQuery($sqlQuery), |
|
'sql_query' => $sqlQuery, |
|
]; |
|
$output = '<a href="' . Url::getFromRoute('/sql', $urlParams) . '"' . $title . '>'; |
|
|
|
if ($_SESSION['tmpval']['relational_display'] === 'D') { |
|
// user chose "relational display field" in the |
|
// display options, so show display field in the cell |
|
$output .= htmlspecialchars($dispval); |
|
} else { |
|
// otherwise display data in the cell |
|
$output .= htmlspecialchars($relationFieldValue); |
|
} |
|
|
|
$output .= '</a>'; |
|
|
|
return $output; |
|
} |
|
|
|
/** |
|
* Transform edited values |
|
* |
|
* @param string $db db name |
|
* @param string $table table name |
|
* @param array $transformation mimetypes for all columns of a table |
|
* [field_name][field_key] |
|
* @param array $editedValues transform columns list and new values |
|
* @param string $file file containing the transformation plugin |
|
* @param string $columnName column name |
|
* @param array $extraData extra data array |
|
* @param string $type the type of transformation |
|
* |
|
* @return array |
|
*/ |
|
public function transformEditedValues( |
|
$db, |
|
$table, |
|
array $transformation, |
|
array &$editedValues, |
|
$file, |
|
$columnName, |
|
array $extraData, |
|
$type |
|
) { |
|
$includeFile = 'libraries/classes/Plugins/Transformations/' . $file; |
|
if (is_file(ROOT_PATH . $includeFile)) { |
|
// $cfg['SaveCellsAtOnce'] = true; JS code sends an array |
|
$whereClause = is_array($_POST['where_clause']) ? $_POST['where_clause'][0] : $_POST['where_clause']; |
|
$urlParams = [ |
|
'db' => $db, |
|
'table' => $table, |
|
'where_clause_sign' => Core::signSqlQuery($whereClause), |
|
'where_clause' => $whereClause, |
|
'transform_key' => $columnName, |
|
]; |
|
$transformOptions = $this->transformations->getOptions($transformation[$type . '_options'] ?? ''); |
|
$transformOptions['wrapper_link'] = Url::getCommon($urlParams); |
|
$transformOptions['wrapper_params'] = $urlParams; |
|
$className = $this->transformations->getClassName($includeFile); |
|
if (class_exists($className)) { |
|
/** @var TransformationsPlugin $transformationPlugin */ |
|
$transformationPlugin = new $className(); |
|
|
|
foreach ($editedValues as $cellIndex => $currCellEditedValues) { |
|
if (! isset($currCellEditedValues[$columnName])) { |
|
continue; |
|
} |
|
|
|
$extraData['transformations'][$cellIndex] = $transformationPlugin->applyTransformation( |
|
$currCellEditedValues[$columnName], |
|
$transformOptions |
|
); |
|
$editedValues[$cellIndex][$columnName] = $extraData['transformations'][$cellIndex]; |
|
} |
|
} |
|
} |
|
|
|
return $extraData; |
|
} |
|
|
|
/** |
|
* Get current value in multi edit mode |
|
* |
|
* @param array $multiEditFuncs multiple edit functions array |
|
* @param array $multiEditSalt multiple edit array with encryption salt |
|
* @param array $gisFromTextFunctions array that contains gis from text functions |
|
* @param string $currentValue current value in the column |
|
* @param array $gisFromWkbFunctions initially $val is $multi_edit_columns[$key] |
|
* @param array $funcOptionalParam array('RAND','UNIX_TIMESTAMP') |
|
* @param array $funcNoParam array of set of string |
|
* @param string $key an md5 of the column name |
|
*/ |
|
public function getCurrentValueAsAnArrayForMultipleEdit( |
|
$multiEditFuncs, |
|
$multiEditSalt, |
|
$gisFromTextFunctions, |
|
$currentValue, |
|
$gisFromWkbFunctions, |
|
$funcOptionalParam, |
|
$funcNoParam, |
|
$key |
|
): string { |
|
if (empty($multiEditFuncs[$key])) { |
|
return $currentValue; |
|
} |
|
|
|
if ($multiEditFuncs[$key] === 'PHP_PASSWORD_HASH') { |
|
/** |
|
* @see https://github.com/vimeo/psalm/issues/3350 |
|
* |
|
* @psalm-suppress InvalidArgument |
|
*/ |
|
$hash = password_hash($currentValue, PASSWORD_DEFAULT); |
|
|
|
return "'" . $hash . "'"; |
|
} |
|
|
|
if ($multiEditFuncs[$key] === 'UUID') { |
|
/* This way user will know what UUID new row has */ |
|
$uuid = (string) $this->dbi->fetchValue('SELECT UUID()'); |
|
|
|
return "'" . $uuid . "'"; |
|
} |
|
|
|
if ( |
|
in_array($multiEditFuncs[$key], $gisFromTextFunctions) |
|
|| in_array($multiEditFuncs[$key], $gisFromWkbFunctions) |
|
) { |
|
// Remove enclosing apostrophes |
|
$currentValue = mb_substr($currentValue, 1, -1); |
|
// Remove escaping apostrophes |
|
$currentValue = str_replace("''", "'", $currentValue); |
|
// Remove backslash-escaped apostrophes |
|
$currentValue = str_replace("\'", "'", $currentValue); |
|
|
|
return $multiEditFuncs[$key] . '(' . $currentValue . ')'; |
|
} |
|
|
|
if ( |
|
! in_array($multiEditFuncs[$key], $funcNoParam) |
|
|| ($currentValue != "''" |
|
&& in_array($multiEditFuncs[$key], $funcOptionalParam)) |
|
) { |
|
if ( |
|
(isset($multiEditSalt[$key]) |
|
&& ($multiEditFuncs[$key] === 'AES_ENCRYPT' |
|
|| $multiEditFuncs[$key] === 'AES_DECRYPT')) |
|
|| (! empty($multiEditSalt[$key]) |
|
&& ($multiEditFuncs[$key] === 'DES_ENCRYPT' |
|
|| $multiEditFuncs[$key] === 'DES_DECRYPT' |
|
|| $multiEditFuncs[$key] === 'ENCRYPT')) |
|
) { |
|
return $multiEditFuncs[$key] . '(' . $currentValue . ",'" |
|
. $this->dbi->escapeString($multiEditSalt[$key]) . "')"; |
|
} |
|
|
|
return $multiEditFuncs[$key] . '(' . $currentValue . ')'; |
|
} |
|
|
|
return $multiEditFuncs[$key] . '()'; |
|
} |
|
|
|
/** |
|
* Get query values array and query fields array for insert and update in multi edit |
|
* |
|
* @param array $multiEditColumnsName multiple edit columns name array |
|
* @param array $multiEditColumnsNull multiple edit columns null array |
|
* @param string $currentValue current value in the column in loop |
|
* @param array $multiEditColumnsPrev multiple edit previous columns array |
|
* @param array $multiEditFuncs multiple edit functions array |
|
* @param bool $isInsert boolean value whether insert or not |
|
* @param array $queryValues SET part of the sql query |
|
* @param array $queryFields array of query fields |
|
* @param string $currentValueAsAnArray current value in the column |
|
* as an array |
|
* @param array $valueSets array of valu sets |
|
* @param string $key an md5 of the column name |
|
* @param array $multiEditColumnsNullPrev array of multiple edit columns |
|
* null previous |
|
* |
|
* @return array[] ($query_values, $query_fields) |
|
*/ |
|
public function getQueryValuesForInsertAndUpdateInMultipleEdit( |
|
$multiEditColumnsName, |
|
$multiEditColumnsNull, |
|
$currentValue, |
|
$multiEditColumnsPrev, |
|
$multiEditFuncs, |
|
$isInsert, |
|
$queryValues, |
|
$queryFields, |
|
$currentValueAsAnArray, |
|
$valueSets, |
|
$key, |
|
$multiEditColumnsNullPrev |
|
) { |
|
// i n s e r t |
|
if ($isInsert) { |
|
// no need to add column into the valuelist |
|
if (strlen($currentValueAsAnArray) > 0) { |
|
$queryValues[] = $currentValueAsAnArray; |
|
// first inserted row so prepare the list of fields |
|
if (empty($valueSets)) { |
|
$queryFields[] = Util::backquote($multiEditColumnsName[$key]); |
|
} |
|
} |
|
} elseif (! empty($multiEditColumnsNullPrev[$key]) && ! isset($multiEditColumnsNull[$key])) { |
|
// u p d a t e |
|
|
|
// field had the null checkbox before the update |
|
// field no longer has the null checkbox |
|
$queryValues[] = Util::backquote($multiEditColumnsName[$key]) |
|
. ' = ' . $currentValueAsAnArray; |
|
} elseif ( |
|
! (empty($multiEditFuncs[$key]) |
|
&& isset($multiEditColumnsPrev[$key]) |
|
&& (($currentValue === "'" . $this->dbi->escapeString($multiEditColumnsPrev[$key]) . "'") |
|
|| ($currentValue === '0x' . $multiEditColumnsPrev[$key]))) |
|
&& $currentValue |
|
) { |
|
// avoid setting a field to NULL when it's already NULL |
|
// (field had the null checkbox before the update |
|
// field still has the null checkbox) |
|
if (empty($multiEditColumnsNullPrev[$key]) || empty($multiEditColumnsNull[$key])) { |
|
$queryValues[] = Util::backquote($multiEditColumnsName[$key]) |
|
. ' = ' . $currentValueAsAnArray; |
|
} |
|
} |
|
|
|
return [ |
|
$queryValues, |
|
$queryFields, |
|
]; |
|
} |
|
|
|
/** |
|
* Get the current column value in the form for different data types |
|
* |
|
* @param string|false $possiblyUploadedVal uploaded file content |
|
* @param string $key an md5 of the column name |
|
* @param array|null $multiEditColumnsType array of multi edit column types |
|
* @param string $currentValue current column value in the form |
|
* @param array|null $multiEditAutoIncrement multi edit auto increment |
|
* @param int $rownumber index of where clause array |
|
* @param array $multiEditColumnsName multi edit column names array |
|
* @param array $multiEditColumnsNull multi edit columns null array |
|
* @param array $multiEditColumnsNullPrev multi edit columns previous null |
|
* @param bool $isInsert whether insert or not |
|
* @param bool $usingKey whether editing or new row |
|
* @param string $whereClause where clause |
|
* @param string $table table name |
|
* @param array $multiEditFuncs multiple edit functions array |
|
* |
|
* @return string current column value in the form |
|
*/ |
|
public function getCurrentValueForDifferentTypes( |
|
$possiblyUploadedVal, |
|
$key, |
|
?array $multiEditColumnsType, |
|
$currentValue, |
|
?array $multiEditAutoIncrement, |
|
$rownumber, |
|
$multiEditColumnsName, |
|
$multiEditColumnsNull, |
|
$multiEditColumnsNullPrev, |
|
$isInsert, |
|
$usingKey, |
|
$whereClause, |
|
$table, |
|
$multiEditFuncs |
|
): string { |
|
if ($possiblyUploadedVal !== false) { |
|
return $possiblyUploadedVal; |
|
} |
|
|
|
if (! empty($multiEditFuncs[$key])) { |
|
return "'" . $this->dbi->escapeString($currentValue) . "'"; |
|
} |
|
|
|
// c o l u m n v a l u e i n t h e f o r m |
|
$type = $multiEditColumnsType[$key] ?? ''; |
|
|
|
if ($type !== 'protected' && $type !== 'set' && strlen($currentValue) === 0) { |
|
// best way to avoid problems in strict mode |
|
// (works also in non-strict mode) |
|
$currentValue = "''"; |
|
if (isset($multiEditAutoIncrement, $multiEditAutoIncrement[$key])) { |
|
$currentValue = 'NULL'; |
|
} |
|
} elseif ($type === 'set') { |
|
$currentValue = "''"; |
|
if (! empty($_POST['fields']['multi_edit'][$rownumber][$key])) { |
|
$currentValue = implode(',', $_POST['fields']['multi_edit'][$rownumber][$key]); |
|
$currentValue = "'" |
|
. $this->dbi->escapeString($currentValue) . "'"; |
|
} |
|
} elseif ($type === 'protected') { |
|
// Fetch the current values of a row to use in case we have a protected field |
|
if ( |
|
$isInsert |
|
&& $usingKey |
|
&& is_array($multiEditColumnsType) && $whereClause |
|
) { |
|
$protectedRow = $this->dbi->fetchSingleRow( |
|
'SELECT * FROM ' . Util::backquote($table) |
|
. ' WHERE ' . $whereClause . ';' |
|
); |
|
} |
|
|
|
// here we are in protected mode (asked in the config) |
|
// so tbl_change has put this special value in the |
|
// columns array, so we do not change the column value |
|
// but we can still handle column upload |
|
|
|
// when in UPDATE mode, do not alter field's contents. When in INSERT |
|
// mode, insert empty field because no values were submitted. |
|
// If protected blobs where set, insert original fields content. |
|
$currentValue = ''; |
|
if (! empty($protectedRow[$multiEditColumnsName[$key]])) { |
|
$currentValue = '0x' |
|
. bin2hex($protectedRow[$multiEditColumnsName[$key]]); |
|
} |
|
} elseif ($type === 'hex') { |
|
if (substr($currentValue, 0, 2) != '0x') { |
|
$currentValue = '0x' . $currentValue; |
|
} |
|
} elseif ($type === 'bit') { |
|
$currentValue = (string) preg_replace('/[^01]/', '0', $currentValue); |
|
$currentValue = "b'" . $this->dbi->escapeString($currentValue) . "'"; |
|
} elseif ( |
|
! ($type === 'datetime' || $type === 'timestamp' || $type === 'date') |
|
|| ($currentValue !== 'CURRENT_TIMESTAMP' |
|
&& $currentValue !== 'current_timestamp()') |
|
) { |
|
$currentValue = "'" . $this->dbi->escapeString($currentValue) |
|
. "'"; |
|
} |
|
|
|
// Was the Null checkbox checked for this field? |
|
// (if there is a value, we ignore the Null checkbox: this could |
|
// be possible if Javascript is disabled in the browser) |
|
if (! empty($multiEditColumnsNull[$key]) && ($currentValue == "''" || $currentValue == '')) { |
|
$currentValue = 'NULL'; |
|
} |
|
|
|
// The Null checkbox was unchecked for this field |
|
if ( |
|
empty($currentValue) |
|
&& ! empty($multiEditColumnsNullPrev[$key]) |
|
&& ! isset($multiEditColumnsNull[$key]) |
|
) { |
|
$currentValue = "''"; |
|
} |
|
|
|
return $currentValue; |
|
} |
|
|
|
/** |
|
* Check whether inline edited value can be truncated or not, |
|
* and add additional parameters for extra_data array if needed |
|
* |
|
* @param string $db Database name |
|
* @param string $table Table name |
|
* @param string $columnName Column name |
|
* @param array $extraData Extra data for ajax response |
|
*/ |
|
public function verifyWhetherValueCanBeTruncatedAndAppendExtraData( |
|
$db, |
|
$table, |
|
$columnName, |
|
array &$extraData |
|
): void { |
|
$extraData['isNeedToRecheck'] = false; |
|
|
|
$sqlForRealValue = 'SELECT ' . Util::backquote($table) . '.' |
|
. Util::backquote($columnName) |
|
. ' FROM ' . Util::backquote($db) . '.' |
|
. Util::backquote($table) |
|
. ' WHERE ' . $_POST['where_clause'][0]; |
|
|
|
$result = $this->dbi->tryQuery($sqlForRealValue); |
|
|
|
if (! $result) { |
|
return; |
|
} |
|
|
|
$fieldsMeta = $this->dbi->getFieldsMeta($result); |
|
$meta = $fieldsMeta[0]; |
|
$newValue = $result->fetchValue(); |
|
|
|
if ($newValue === false) { |
|
return; |
|
} |
|
|
|
if ($meta->isTimeType()) { |
|
$newValue = Util::addMicroseconds($newValue); |
|
} elseif ($meta->isBinary()) { |
|
$newValue = '0x' . bin2hex($newValue); |
|
} |
|
|
|
$extraData['isNeedToRecheck'] = true; |
|
$extraData['truncatableFieldValue'] = $newValue; |
|
} |
|
|
|
/** |
|
* Function to get the columns of a table |
|
* |
|
* @param string $db current db |
|
* @param string $table current table |
|
* |
|
* @return array[] |
|
*/ |
|
public function getTableColumns($db, $table) |
|
{ |
|
$this->dbi->selectDb($db); |
|
|
|
return array_values($this->dbi->getColumns($db, $table, true)); |
|
} |
|
|
|
/** |
|
* Function to determine Insert/Edit rows |
|
* |
|
* @param string|null $whereClause where clause |
|
* @param string $db current database |
|
* @param string $table current table |
|
* |
|
* @return array |
|
*/ |
|
public function determineInsertOrEdit($whereClause, $db, $table): array |
|
{ |
|
if (isset($_POST['where_clause'])) { |
|
$whereClause = $_POST['where_clause']; |
|
} |
|
|
|
if (isset($_SESSION['edit_next'])) { |
|
$whereClause = $_SESSION['edit_next']; |
|
unset($_SESSION['edit_next']); |
|
$afterInsert = 'edit_next'; |
|
} |
|
|
|
if (isset($_POST['ShowFunctionFields'])) { |
|
$GLOBALS['cfg']['ShowFunctionFields'] = $_POST['ShowFunctionFields']; |
|
} |
|
|
|
if (isset($_POST['ShowFieldTypesInDataEditView'])) { |
|
$GLOBALS['cfg']['ShowFieldTypesInDataEditView'] = $_POST['ShowFieldTypesInDataEditView']; |
|
} |
|
|
|
if (isset($_POST['after_insert'])) { |
|
$afterInsert = $_POST['after_insert']; |
|
} |
|
|
|
if (isset($whereClause)) { |
|
// we are editing |
|
$insertMode = false; |
|
$whereClauseArray = $this->getWhereClauseArray($whereClause); |
|
[$whereClauses, $result, $rows, $foundUniqueKey] = $this->analyzeWhereClauses( |
|
$whereClauseArray, |
|
$table, |
|
$db |
|
); |
|
} else { |
|
// we are inserting |
|
$insertMode = true; |
|
$whereClause = null; |
|
[$result, $rows] = $this->loadFirstRow($table, $db); |
|
$whereClauses = null; |
|
$whereClauseArray = []; |
|
$foundUniqueKey = false; |
|
} |
|
|
|
// Copying a row - fetched data will be inserted as a new row, |
|
// therefore the where clause is needless. |
|
if (isset($_POST['default_action']) && $_POST['default_action'] === 'insert') { |
|
$whereClause = $whereClauses = null; |
|
} |
|
|
|
return [ |
|
$insertMode, |
|
$whereClause, |
|
$whereClauseArray, |
|
$whereClauses, |
|
$result, |
|
$rows, |
|
$foundUniqueKey, |
|
$afterInsert ?? null, |
|
]; |
|
} |
|
|
|
/** |
|
* Function to get comments for the table columns |
|
* |
|
* @param string $db current database |
|
* @param string $table current table |
|
* |
|
* @return array comments for columns |
|
*/ |
|
public function getCommentsMap($db, $table): array |
|
{ |
|
if ($GLOBALS['cfg']['ShowPropertyComments']) { |
|
return $this->relation->getComments($db, $table); |
|
} |
|
|
|
return []; |
|
} |
|
|
|
/** |
|
* Function to get html for the gis editor div |
|
*/ |
|
public function getHtmlForGisEditor(): string |
|
{ |
|
return '<div id="gis_editor"></div><div id="popup_background"></div><br>'; |
|
} |
|
|
|
/** |
|
* Function to get html for the ignore option in insert mode |
|
* |
|
* @param int $rowId row id |
|
* @param bool $checked ignore option is checked or not |
|
*/ |
|
public function getHtmlForIgnoreOption($rowId, $checked = true): string |
|
{ |
|
return '<input type="checkbox"' |
|
. ($checked ? ' checked="checked"' : '') |
|
. ' name="insert_ignore_' . $rowId . '"' |
|
. ' id="insert_ignore_' . $rowId . '">' |
|
. '<label for="insert_ignore_' . $rowId . '">' |
|
. __('Ignore') |
|
. '</label><br>' . "\n"; |
|
} |
|
|
|
/** |
|
* Function to get html for the insert edit form header |
|
* |
|
* @param bool $hasBlobField whether has blob field |
|
* @param bool $isUpload whether is upload |
|
*/ |
|
public function getHtmlForInsertEditFormHeader($hasBlobField, $isUpload): string |
|
{ |
|
$template = new Template(); |
|
|
|
return $template->render('table/insert/get_html_for_insert_edit_form_header', [ |
|
'has_blob_field' => $hasBlobField, |
|
'is_upload' => $isUpload, |
|
]); |
|
} |
|
|
|
/** |
|
* Function to get html for each insert/edit column |
|
* |
|
* @param array $column column |
|
* @param int $columnNumber column index in table_columns |
|
* @param array $commentsMap comments map |
|
* @param bool $timestampSeen whether timestamp seen |
|
* @param ResultInterface $currentResult current result |
|
* @param string $chgEvtHandler javascript change event handler |
|
* @param string $jsvkey javascript validation key |
|
* @param string $vkey validation key |
|
* @param bool $insertMode whether insert mode |
|
* @param array $currentRow current row |
|
* @param int $oRows row offset |
|
* @param int $tabindex tab index |
|
* @param int $columnsCnt columns count |
|
* @param bool $isUpload whether upload |
|
* @param array $foreigners foreigners |
|
* @param int $tabindexForValue tab index offset for value |
|
* @param string $table table |
|
* @param string $db database |
|
* @param int $rowId row id |
|
* @param int $biggestMaxFileSize biggest max file size |
|
* @param string $defaultCharEditing default char editing mode which is stored in the config.inc.php script |
|
* @param string $textDir text direction |
|
* @param array $repopulate the data to be repopulated |
|
* @param array $columnMime the mime information of column |
|
* @param string $whereClause the where clause |
|
* |
|
* @return string |
|
*/ |
|
private function getHtmlForInsertEditFormColumn( |
|
array $column, |
|
int $columnNumber, |
|
array $commentsMap, |
|
$timestampSeen, |
|
ResultInterface $currentResult, |
|
$chgEvtHandler, |
|
$jsvkey, |
|
$vkey, |
|
$insertMode, |
|
array $currentRow, |
|
$oRows, |
|
&$tabindex, |
|
$columnsCnt, |
|
$isUpload, |
|
array $foreigners, |
|
$tabindexForValue, |
|
$table, |
|
$db, |
|
$rowId, |
|
$biggestMaxFileSize, |
|
$defaultCharEditing, |
|
$textDir, |
|
array $repopulate, |
|
array $columnMime, |
|
$whereClause |
|
) { |
|
$readOnly = false; |
|
|
|
if (! isset($column['processed'])) { |
|
$column = $this->analyzeTableColumnsArray($column, $commentsMap, $timestampSeen); |
|
} |
|
|
|
$asIs = false; |
|
/** @var string $fieldHashMd5 */ |
|
$fieldHashMd5 = $column['Field_md5']; |
|
if ($repopulate && array_key_exists($fieldHashMd5, $currentRow)) { |
|
$currentRow[$column['Field']] = $repopulate[$fieldHashMd5]; |
|
$asIs = true; |
|
} |
|
|
|
$extractedColumnspec = Util::extractColumnSpec($column['Type']); |
|
|
|
if ($column['len'] === -1) { |
|
$column['len'] = $this->dbi->getFieldsMeta($currentResult)[$columnNumber]->length; |
|
// length is unknown for geometry fields, |
|
// make enough space to edit very simple WKTs |
|
if ($column['len'] === -1) { |
|
$column['len'] = 30; |
|
} |
|
} |
|
|
|
//Call validation when the form submitted... |
|
$onChangeClause = $chgEvtHandler |
|
. "=\"return verificationsAfterFieldChange('" |
|
. Sanitize::escapeJsString($fieldHashMd5) . "', '" |
|
. Sanitize::escapeJsString($jsvkey) . "','" . $column['pma_type'] . "')\""; |
|
|
|
// Use an MD5 as an array index to avoid having special characters |
|
// in the name attribute (see bug #1746964 ) |
|
$columnNameAppendix = $vkey . '[' . $fieldHashMd5 . ']'; |
|
|
|
if ($column['Type'] === 'datetime' && $column['Null'] !== 'YES' && ! isset($column['Default']) && $insertMode) { |
|
$column['Default'] = date('Y-m-d H:i:s', time()); |
|
} |
|
|
|
// Get a list of GIS data types. |
|
$gisDataTypes = Gis::getDataTypes(); |
|
|
|
// Prepares the field value |
|
if ($currentRow) { |
|
// (we are editing) |
|
[ |
|
$realNullValue, |
|
$specialCharsEncoded, |
|
$specialChars, |
|
$data, |
|
$backupField, |
|
] = $this->getSpecialCharsAndBackupFieldForExistingRow( |
|
$currentRow, |
|
$column, |
|
$extractedColumnspec, |
|
$gisDataTypes, |
|
$columnNameAppendix, |
|
$asIs |
|
); |
|
} else { |
|
// (we are inserting) |
|
// display default values |
|
$tmp = $column; |
|
if (isset($repopulate[$fieldHashMd5])) { |
|
$tmp['Default'] = $repopulate[$fieldHashMd5]; |
|
} |
|
|
|
[ |
|
$realNullValue, |
|
$data, |
|
$specialChars, |
|
$backupField, |
|
$specialCharsEncoded, |
|
] = $this->getSpecialCharsAndBackupFieldForInsertingMode($tmp); |
|
unset($tmp); |
|
} |
|
|
|
$idindex = ($oRows * $columnsCnt) + $columnNumber + 1; |
|
$tabindex = $idindex; |
|
|
|
// The function column |
|
// ------------------- |
|
$foreignData = $this->relation->getForeignData($foreigners, $column['Field'], false, '', ''); |
|
$isColumnBinary = $this->isColumnBinary($column, $isUpload); |
|
$functionOptions = ''; |
|
|
|
if ($GLOBALS['cfg']['ShowFunctionFields']) { |
|
$functionOptions = Generator::getFunctionsForField($column, $insertMode, $foreignData); |
|
} |
|
|
|
// nullify code is needed by the js nullify() function to be able to generate calls to nullify() in jQuery |
|
$nullifyCode = $this->getNullifyCodeForNullColumn($column, $foreigners, $foreignData); |
|
|
|
// The value column (depends on type) |
|
// ---------------- |
|
// See bug #1667887 for the reason why we don't use the maxlength |
|
// HTML attribute |
|
|
|
//add data attributes "no of decimals" and "data type" |
|
$noDecimals = 0; |
|
$type = current(explode('(', $column['pma_type'])); |
|
if (preg_match('/\(([^()]+)\)/', $column['pma_type'], $match)) { |
|
$match[0] = trim($match[0], '()'); |
|
$noDecimals = $match[0]; |
|
} |
|
|
|
// Check input transformation of column |
|
$transformedHtml = ''; |
|
if (! empty($columnMime['input_transformation'])) { |
|
$file = $columnMime['input_transformation']; |
|
$includeFile = 'libraries/classes/Plugins/Transformations/' . $file; |
|
if (is_file(ROOT_PATH . $includeFile)) { |
|
$className = $this->transformations->getClassName($includeFile); |
|
if (class_exists($className)) { |
|
$transformationPlugin = new $className(); |
|
$transformationOptions = $this->transformations->getOptions( |
|
$columnMime['input_transformation_options'] |
|
); |
|
$urlParams = [ |
|
'db' => $db, |
|
'table' => $table, |
|
'transform_key' => $column['Field'], |
|
'where_clause_sign' => Core::signSqlQuery($whereClause), |
|
'where_clause' => $whereClause, |
|
]; |
|
$transformationOptions['wrapper_link'] = Url::getCommon($urlParams); |
|
$transformationOptions['wrapper_params'] = $urlParams; |
|
$currentValue = ''; |
|
if (isset($currentRow[$column['Field']])) { |
|
$currentValue = $currentRow[$column['Field']]; |
|
} |
|
|
|
if (method_exists($transformationPlugin, 'getInputHtml')) { |
|
$transformedHtml = $transformationPlugin->getInputHtml( |
|
$column, |
|
$rowId, |
|
$columnNameAppendix, |
|
$transformationOptions, |
|
$currentValue, |
|
$textDir, |
|
$tabindex, |
|
$tabindexForValue, |
|
$idindex |
|
); |
|
} |
|
|
|
if (method_exists($transformationPlugin, 'getScripts')) { |
|
$GLOBALS['plugin_scripts'] = array_merge( |
|
$GLOBALS['plugin_scripts'], |
|
$transformationPlugin->getScripts() |
|
); |
|
} |
|
} |
|
} |
|
} |
|
|
|
$columnValue = ''; |
|
$foreignDropdown = ''; |
|
$dataType = ''; |
|
$textAreaRows = $GLOBALS['cfg']['TextareaRows']; |
|
$textareaCols = $GLOBALS['cfg']['TextareaCols']; |
|
$maxlength = ''; |
|
$enumSelectedValue = ''; |
|
$columnSetValues = []; |
|
$setSelectSize = 0; |
|
$isColumnProtectedBlob = false; |
|
$blobValue = ''; |
|
$blobValueUnit = ''; |
|
$maxUploadSize = 0; |
|
$selectOptionForUpload = ''; |
|
$inputFieldHtml = ''; |
|
if (empty($transformedHtml)) { |
|
if (is_array($foreignData['disp_row'])) { |
|
$foreignDropdown = $this->relation->foreignDropdown( |
|
$foreignData['disp_row'], |
|
$foreignData['foreign_field'], |
|
$foreignData['foreign_display'], |
|
$data, |
|
$GLOBALS['cfg']['ForeignKeyMaxLimit'] |
|
); |
|
} |
|
|
|
$dataType = $this->dbi->types->getTypeClass($column['True_Type']); |
|
|
|
if ($column['is_char']) { |
|
$textAreaRows = max($GLOBALS['cfg']['CharTextareaRows'], 7); |
|
$textareaCols = $GLOBALS['cfg']['CharTextareaCols']; |
|
$maxlength = $extractedColumnspec['spec_in_brackets']; |
|
} elseif ($GLOBALS['cfg']['LongtextDoubleTextarea'] && mb_strstr($column['pma_type'], 'longtext')) { |
|
$textAreaRows = $GLOBALS['cfg']['TextareaRows'] * 2; |
|
$textareaCols = $GLOBALS['cfg']['TextareaCols'] * 2; |
|
} |
|
|
|
if ($column['pma_type'] === 'enum') { |
|
if (! isset($column['values'])) { |
|
$column['values'] = $this->getColumnEnumValues($extractedColumnspec['enum_set_values']); |
|
} |
|
|
|
foreach ($column['values'] as $enumValue) { |
|
if ( |
|
$data == $enumValue['plain'] || ($data == '' |
|
&& (! isset($_POST['where_clause']) || $column['Null'] !== 'YES') |
|
&& isset($column['Default']) && $enumValue['plain'] == $column['Default']) |
|
) { |
|
$enumSelectedValue = $enumValue['plain']; |
|
break; |
|
} |
|
} |
|
} elseif ($column['pma_type'] === 'set') { |
|
[$columnSetValues, $setSelectSize] = $this->getColumnSetValueAndSelectSize( |
|
$column, |
|
$extractedColumnspec['enum_set_values'] |
|
); |
|
} elseif ($column['is_binary'] || $column['is_blob']) { |
|
$isColumnProtectedBlob = ($GLOBALS['cfg']['ProtectBinary'] === 'blob' && $column['is_blob']) |
|
|| ($GLOBALS['cfg']['ProtectBinary'] === 'all') |
|
|| ($GLOBALS['cfg']['ProtectBinary'] === 'noblob' && ! $column['is_blob']); |
|
if ($isColumnProtectedBlob && isset($data)) { |
|
$blobSize = Util::formatByteDown(mb_strlen(stripslashes($data)), 3, 1); |
|
if ($blobSize !== null) { |
|
[$blobValue, $blobValueUnit] = $blobSize; |
|
} |
|
} |
|
|
|
if ($isUpload && $column['is_blob']) { |
|
[$maxUploadSize] = $this->getMaxUploadSize($column['pma_type'], $biggestMaxFileSize); |
|
} |
|
|
|
if (! empty($GLOBALS['cfg']['UploadDir'])) { |
|
$selectOptionForUpload = $this->getSelectOptionForUpload($vkey, $fieldHashMd5); |
|
} |
|
|
|
if ( |
|
! $isColumnProtectedBlob |
|
&& ! ($column['is_blob'] || ($column['len'] > $GLOBALS['cfg']['LimitChars'])) |
|
) { |
|
$inputFieldHtml = $this->getHtmlInput( |
|
$column, |
|
$columnNameAppendix, |
|
$specialChars, |
|
min(max($column['len'], 4), $GLOBALS['cfg']['LimitChars']), |
|
$onChangeClause, |
|
$tabindex, |
|
$tabindexForValue, |
|
$idindex, |
|
'HEX', |
|
$readOnly |
|
); |
|
} |
|
} else { |
|
$columnValue = $this->getValueColumnForOtherDatatypes( |
|
$column, |
|
$defaultCharEditing, |
|
$backupField, |
|
$columnNameAppendix, |
|
$onChangeClause, |
|
$tabindex, |
|
$specialChars, |
|
$tabindexForValue, |
|
$idindex, |
|
$textDir, |
|
$specialCharsEncoded, |
|
$data, |
|
$extractedColumnspec, |
|
$readOnly |
|
); |
|
} |
|
} |
|
|
|
return $this->template->render('table/insert/column_row', [ |
|
'db' => $db, |
|
'table' => $table, |
|
'column' => $column, |
|
'row_id' => $rowId, |
|
'show_field_types_in_data_edit_view' => $GLOBALS['cfg']['ShowFieldTypesInDataEditView'], |
|
'show_function_fields' => $GLOBALS['cfg']['ShowFunctionFields'], |
|
'is_column_binary' => $isColumnBinary, |
|
'function_options' => $functionOptions, |
|
'read_only' => $readOnly, |
|
'nullify_code' => $nullifyCode, |
|
'real_null_value' => $realNullValue, |
|
'id_index' => $idindex, |
|
'type' => $type, |
|
'decimals' => $noDecimals, |
|
'special_chars' => $specialChars, |
|
'transformed_value' => $transformedHtml, |
|
'value' => $columnValue, |
|
'is_value_foreign_link' => $foreignData['foreign_link'] === true, |
|
'backup_field' => $backupField, |
|
'data' => $data, |
|
'gis_data_types' => $gisDataTypes, |
|
'foreign_dropdown' => $foreignDropdown, |
|
'data_type' => $dataType, |
|
'textarea_cols' => $textareaCols, |
|
'textarea_rows' => $textAreaRows, |
|
'text_dir' => $textDir, |
|
'max_length' => $maxlength, |
|
'longtext_double_textarea' => $GLOBALS['cfg']['LongtextDoubleTextarea'], |
|
'enum_selected_value' => $enumSelectedValue, |
|
'set_values' => $columnSetValues, |
|
'set_select_size' => $setSelectSize, |
|
'is_column_protected_blob' => $isColumnProtectedBlob, |
|
'blob_value' => $blobValue, |
|
'blob_value_unit' => $blobValueUnit, |
|
'is_upload' => $isUpload, |
|
'max_upload_size' => $maxUploadSize, |
|
'select_option_for_upload' => $selectOptionForUpload, |
|
'limit_chars' => $GLOBALS['cfg']['LimitChars'], |
|
'input_field_html' => $inputFieldHtml, |
|
]); |
|
} |
|
|
|
private function isColumnBinary(array $column, bool $isUpload): bool |
|
{ |
|
global $cfg; |
|
|
|
if (! $cfg['ShowFunctionFields']) { |
|
return false; |
|
} |
|
|
|
return ($cfg['ProtectBinary'] === 'blob' && $column['is_blob'] && ! $isUpload) |
|
|| ($cfg['ProtectBinary'] === 'all' && $column['is_binary']) |
|
|| ($cfg['ProtectBinary'] === 'noblob' && $column['is_binary']); |
|
} |
|
|
|
/** |
|
* Function to get html for each insert/edit row |
|
* |
|
* @param array $urlParams url parameters |
|
* @param array[] $tableColumns table columns |
|
* @param array $commentsMap comments map |
|
* @param bool $timestampSeen whether timestamp seen |
|
* @param ResultInterface $currentResult current result |
|
* @param string $chgEvtHandler javascript change event handler |
|
* @param string $jsvkey javascript validation key |
|
* @param string $vkey validation key |
|
* @param bool $insertMode whether insert mode |
|
* @param array $currentRow current row |
|
* @param int $oRows row offset |
|
* @param int $tabindex tab index |
|
* @param int $columnsCnt columns count |
|
* @param bool $isUpload whether upload |
|
* @param array $foreigners foreigners |
|
* @param int $tabindexForValue tab index offset for value |
|
* @param string $table table |
|
* @param string $db database |
|
* @param int $rowId row id |
|
* @param int $biggestMaxFileSize biggest max file size |
|
* @param string $textDir text direction |
|
* @param array $repopulate the data to be repopulated |
|
* @param array $whereClauseArray the array of where clauses |
|
* |
|
* @return string |
|
*/ |
|
public function getHtmlForInsertEditRow( |
|
array $urlParams, |
|
array $tableColumns, |
|
array $commentsMap, |
|
$timestampSeen, |
|
ResultInterface $currentResult, |
|
$chgEvtHandler, |
|
$jsvkey, |
|
$vkey, |
|
$insertMode, |
|
array $currentRow, |
|
&$oRows, |
|
&$tabindex, |
|
$columnsCnt, |
|
$isUpload, |
|
array $foreigners, |
|
$tabindexForValue, |
|
$table, |
|
$db, |
|
$rowId, |
|
$biggestMaxFileSize, |
|
$textDir, |
|
array $repopulate, |
|
array $whereClauseArray |
|
) { |
|
$htmlOutput = $this->getHeadAndFootOfInsertRowTable($urlParams) |
|
. '<tbody>'; |
|
|
|
//store the default value for CharEditing |
|
$defaultCharEditing = $GLOBALS['cfg']['CharEditing']; |
|
$mimeMap = $this->transformations->getMime($db, $table); |
|
$whereClause = ''; |
|
if (isset($whereClauseArray[$rowId])) { |
|
$whereClause = $whereClauseArray[$rowId]; |
|
} |
|
|
|
for ($columnNumber = 0; $columnNumber < $columnsCnt; $columnNumber++) { |
|
$tableColumn = $tableColumns[$columnNumber]; |
|
$columnMime = []; |
|
if (isset($mimeMap[$tableColumn['Field']])) { |
|
$columnMime = $mimeMap[$tableColumn['Field']]; |
|
} |
|
|
|
$virtual = [ |
|
'VIRTUAL', |
|
'PERSISTENT', |
|
'VIRTUAL GENERATED', |
|
'STORED GENERATED', |
|
]; |
|
if (in_array($tableColumn['Extra'], $virtual)) { |
|
continue; |
|
} |
|
|
|
$htmlOutput .= $this->getHtmlForInsertEditFormColumn( |
|
$tableColumn, |
|
$columnNumber, |
|
$commentsMap, |
|
$timestampSeen, |
|
$currentResult, |
|
$chgEvtHandler, |
|
$jsvkey, |
|
$vkey, |
|
$insertMode, |
|
$currentRow, |
|
$oRows, |
|
$tabindex, |
|
$columnsCnt, |
|
$isUpload, |
|
$foreigners, |
|
$tabindexForValue, |
|
$table, |
|
$db, |
|
$rowId, |
|
$biggestMaxFileSize, |
|
$defaultCharEditing, |
|
$textDir, |
|
$repopulate, |
|
$columnMime, |
|
$whereClause |
|
); |
|
} |
|
|
|
$oRows++; |
|
|
|
return $htmlOutput . ' </tbody>' |
|
. '</table></div><br>' |
|
. '<div class="clearfloat"></div>'; |
|
} |
|
}
|
|
|