You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
433 lines
11 KiB
433 lines
11 KiB
<?php |
|
/** |
|
* Saved searches managing |
|
*/ |
|
|
|
declare(strict_types=1); |
|
|
|
namespace PhpMyAdmin; |
|
|
|
use PhpMyAdmin\ConfigStorage\Features\SavedQueryByExampleSearchesFeature; |
|
|
|
use function __; |
|
use function count; |
|
use function intval; |
|
use function is_string; |
|
use function json_decode; |
|
use function json_encode; |
|
use function max; |
|
use function min; |
|
|
|
/** |
|
* Saved searches managing |
|
*/ |
|
class SavedSearches |
|
{ |
|
/** |
|
* Id |
|
* |
|
* @var int|null |
|
*/ |
|
private $id = null; |
|
|
|
/** |
|
* Username |
|
* |
|
* @var string |
|
*/ |
|
private $username = null; |
|
|
|
/** |
|
* DB name |
|
* |
|
* @var string |
|
*/ |
|
private $dbname = null; |
|
|
|
/** |
|
* Saved search name |
|
* |
|
* @var string |
|
*/ |
|
private $searchName = null; |
|
|
|
/** |
|
* Criterias |
|
* |
|
* @var array |
|
*/ |
|
private $criterias = null; |
|
|
|
/** |
|
* Setter of id |
|
* |
|
* @param int|null $searchId Id of search |
|
* |
|
* @return static |
|
*/ |
|
public function setId($searchId) |
|
{ |
|
$searchId = (int) $searchId; |
|
if (empty($searchId)) { |
|
$searchId = null; |
|
} |
|
|
|
$this->id = $searchId; |
|
|
|
return $this; |
|
} |
|
|
|
/** |
|
* Getter of id |
|
* |
|
* @return int|null |
|
*/ |
|
public function getId() |
|
{ |
|
return $this->id; |
|
} |
|
|
|
/** |
|
* Setter of searchName |
|
* |
|
* @param string $searchName Saved search name |
|
* |
|
* @return static |
|
*/ |
|
public function setSearchName($searchName) |
|
{ |
|
$this->searchName = $searchName; |
|
|
|
return $this; |
|
} |
|
|
|
/** |
|
* Getter of searchName |
|
* |
|
* @return string |
|
*/ |
|
public function getSearchName() |
|
{ |
|
return $this->searchName; |
|
} |
|
|
|
/** |
|
* Setter for criterias |
|
* |
|
* @param array|string $criterias Criterias of saved searches |
|
* @param bool $json Criterias are in JSON format |
|
* |
|
* @return static |
|
*/ |
|
public function setCriterias($criterias, $json = false) |
|
{ |
|
if ($json === true && is_string($criterias)) { |
|
$this->criterias = json_decode($criterias, true); |
|
|
|
return $this; |
|
} |
|
|
|
$aListFieldsToGet = [ |
|
'criteriaColumn', |
|
'criteriaSort', |
|
'criteriaShow', |
|
'criteria', |
|
'criteriaAndOrRow', |
|
'criteriaAndOrColumn', |
|
'rows', |
|
'TableList', |
|
]; |
|
|
|
$data = []; |
|
|
|
$data['criteriaColumnCount'] = count($criterias['criteriaColumn']); |
|
|
|
foreach ($aListFieldsToGet as $field) { |
|
if (! isset($criterias[$field])) { |
|
continue; |
|
} |
|
|
|
$data[$field] = $criterias[$field]; |
|
} |
|
|
|
/* Limit amount of rows */ |
|
if (! isset($data['rows'])) { |
|
$data['rows'] = 0; |
|
} else { |
|
$data['rows'] = min( |
|
max(0, intval($data['rows'])), |
|
100 |
|
); |
|
} |
|
|
|
for ($i = 0; $i <= $data['rows']; $i++) { |
|
$data['Or' . $i] = $criterias['Or' . $i]; |
|
} |
|
|
|
$this->criterias = $data; |
|
|
|
return $this; |
|
} |
|
|
|
/** |
|
* Getter for criterias |
|
* |
|
* @return array |
|
*/ |
|
public function getCriterias() |
|
{ |
|
return $this->criterias; |
|
} |
|
|
|
/** |
|
* Setter for username |
|
* |
|
* @param string $username Username |
|
* |
|
* @return static |
|
*/ |
|
public function setUsername($username) |
|
{ |
|
$this->username = $username; |
|
|
|
return $this; |
|
} |
|
|
|
/** |
|
* Getter for username |
|
* |
|
* @return string |
|
*/ |
|
public function getUsername() |
|
{ |
|
return $this->username; |
|
} |
|
|
|
/** |
|
* Setter for DB name |
|
* |
|
* @param string $dbname DB name |
|
* |
|
* @return static |
|
*/ |
|
public function setDbname($dbname) |
|
{ |
|
$this->dbname = $dbname; |
|
|
|
return $this; |
|
} |
|
|
|
/** |
|
* Getter for DB name |
|
* |
|
* @return string |
|
*/ |
|
public function getDbname() |
|
{ |
|
return $this->dbname; |
|
} |
|
|
|
/** |
|
* Save the search |
|
*/ |
|
public function save(SavedQueryByExampleSearchesFeature $savedQueryByExampleSearchesFeature): bool |
|
{ |
|
global $dbi; |
|
|
|
if ($this->getSearchName() == null) { |
|
$message = Message::error( |
|
__('Please provide a name for this bookmarked search.') |
|
); |
|
$response = ResponseRenderer::getInstance(); |
|
$response->setRequestStatus($message->isSuccess()); |
|
$response->addJSON('fieldWithError', 'searchName'); |
|
$response->addJSON('message', $message); |
|
exit; |
|
} |
|
|
|
if ( |
|
$this->getUsername() == null |
|
|| $this->getDbname() == null |
|
|| $this->getSearchName() == null |
|
|| $this->getCriterias() == null |
|
) { |
|
$message = Message::error( |
|
__('Missing information to save the bookmarked search.') |
|
); |
|
$response = ResponseRenderer::getInstance(); |
|
$response->setRequestStatus($message->isSuccess()); |
|
$response->addJSON('message', $message); |
|
exit; |
|
} |
|
|
|
$savedSearchesTbl = Util::backquote($savedQueryByExampleSearchesFeature->database) . '.' |
|
. Util::backquote($savedQueryByExampleSearchesFeature->savedSearches); |
|
|
|
//If it's an insert. |
|
if ($this->getId() === null) { |
|
$wheres = [ |
|
"search_name = '" . $dbi->escapeString($this->getSearchName()) |
|
. "'", |
|
]; |
|
$existingSearches = $this->getList($savedQueryByExampleSearchesFeature, $wheres); |
|
|
|
if (! empty($existingSearches)) { |
|
$message = Message::error( |
|
__('An entry with this name already exists.') |
|
); |
|
$response = ResponseRenderer::getInstance(); |
|
$response->setRequestStatus($message->isSuccess()); |
|
$response->addJSON('fieldWithError', 'searchName'); |
|
$response->addJSON('message', $message); |
|
exit; |
|
} |
|
|
|
$sqlQuery = 'INSERT INTO ' . $savedSearchesTbl |
|
. '(`username`, `db_name`, `search_name`, `search_data`)' |
|
. ' VALUES (' |
|
. "'" . $dbi->escapeString($this->getUsername()) . "'," |
|
. "'" . $dbi->escapeString($this->getDbname()) . "'," |
|
. "'" . $dbi->escapeString($this->getSearchName()) . "'," |
|
. "'" . $dbi->escapeString(json_encode($this->getCriterias())) |
|
. "')"; |
|
|
|
$dbi->queryAsControlUser($sqlQuery); |
|
|
|
$this->setId($dbi->insertId()); |
|
|
|
return true; |
|
} |
|
|
|
//Else, it's an update. |
|
$wheres = [ |
|
'id != ' . $this->getId(), |
|
"search_name = '" . $dbi->escapeString($this->getSearchName()) . "'", |
|
]; |
|
$existingSearches = $this->getList($savedQueryByExampleSearchesFeature, $wheres); |
|
|
|
if (! empty($existingSearches)) { |
|
$message = Message::error( |
|
__('An entry with this name already exists.') |
|
); |
|
$response = ResponseRenderer::getInstance(); |
|
$response->setRequestStatus($message->isSuccess()); |
|
$response->addJSON('fieldWithError', 'searchName'); |
|
$response->addJSON('message', $message); |
|
exit; |
|
} |
|
|
|
$sqlQuery = 'UPDATE ' . $savedSearchesTbl |
|
. "SET `search_name` = '" |
|
. $dbi->escapeString($this->getSearchName()) . "', " |
|
. "`search_data` = '" |
|
. $dbi->escapeString(json_encode($this->getCriterias())) . "' " |
|
. 'WHERE id = ' . $this->getId(); |
|
|
|
return (bool) $dbi->queryAsControlUser($sqlQuery); |
|
} |
|
|
|
/** |
|
* Delete the search |
|
*/ |
|
public function delete(SavedQueryByExampleSearchesFeature $savedQueryByExampleSearchesFeature): bool |
|
{ |
|
global $dbi; |
|
|
|
if ($this->getId() == null) { |
|
$message = Message::error( |
|
__('Missing information to delete the search.') |
|
); |
|
$response = ResponseRenderer::getInstance(); |
|
$response->setRequestStatus($message->isSuccess()); |
|
$response->addJSON('fieldWithError', 'searchId'); |
|
$response->addJSON('message', $message); |
|
exit; |
|
} |
|
|
|
$savedSearchesTbl = Util::backquote($savedQueryByExampleSearchesFeature->database) . '.' |
|
. Util::backquote($savedQueryByExampleSearchesFeature->savedSearches); |
|
|
|
$sqlQuery = 'DELETE FROM ' . $savedSearchesTbl |
|
. "WHERE id = '" . $dbi->escapeString((string) $this->getId()) . "'"; |
|
|
|
return (bool) $dbi->queryAsControlUser($sqlQuery); |
|
} |
|
|
|
/** |
|
* Load the current search from an id. |
|
*/ |
|
public function load(SavedQueryByExampleSearchesFeature $savedQueryByExampleSearchesFeature): bool |
|
{ |
|
global $dbi; |
|
|
|
if ($this->getId() == null) { |
|
$message = Message::error( |
|
__('Missing information to load the search.') |
|
); |
|
$response = ResponseRenderer::getInstance(); |
|
$response->setRequestStatus($message->isSuccess()); |
|
$response->addJSON('fieldWithError', 'searchId'); |
|
$response->addJSON('message', $message); |
|
exit; |
|
} |
|
|
|
$savedSearchesTbl = Util::backquote($savedQueryByExampleSearchesFeature->database) |
|
. '.' |
|
. Util::backquote($savedQueryByExampleSearchesFeature->savedSearches); |
|
$sqlQuery = 'SELECT id, search_name, search_data ' |
|
. 'FROM ' . $savedSearchesTbl . ' ' |
|
. "WHERE id = '" . $dbi->escapeString((string) $this->getId()) . "' "; |
|
|
|
$resList = $dbi->queryAsControlUser($sqlQuery); |
|
$oneResult = $resList->fetchAssoc(); |
|
|
|
if ($oneResult === []) { |
|
$message = Message::error(__('Error while loading the search.')); |
|
$response = ResponseRenderer::getInstance(); |
|
$response->setRequestStatus($message->isSuccess()); |
|
$response->addJSON('fieldWithError', 'searchId'); |
|
$response->addJSON('message', $message); |
|
exit; |
|
} |
|
|
|
$this->setSearchName($oneResult['search_name']) |
|
->setCriterias($oneResult['search_data'], true); |
|
|
|
return true; |
|
} |
|
|
|
/** |
|
* Get the list of saved searches of a user on a DB |
|
* |
|
* @param string[] $wheres List of filters |
|
* |
|
* @return array List of saved searches or empty array on failure |
|
*/ |
|
public function getList(SavedQueryByExampleSearchesFeature $savedQueryByExampleSearchesFeature, array $wheres = []) |
|
{ |
|
global $dbi; |
|
|
|
if ($this->getUsername() == null || $this->getDbname() == null) { |
|
return []; |
|
} |
|
|
|
$savedSearchesTbl = Util::backquote($savedQueryByExampleSearchesFeature->database) |
|
. '.' |
|
. Util::backquote($savedQueryByExampleSearchesFeature->savedSearches); |
|
$sqlQuery = 'SELECT id, search_name ' |
|
. 'FROM ' . $savedSearchesTbl . ' ' |
|
. 'WHERE ' |
|
. "username = '" . $dbi->escapeString($this->getUsername()) . "' " |
|
. "AND db_name = '" . $dbi->escapeString($this->getDbname()) . "' "; |
|
|
|
foreach ($wheres as $where) { |
|
$sqlQuery .= 'AND ' . $where . ' '; |
|
} |
|
|
|
$sqlQuery .= 'order by search_name ASC '; |
|
|
|
$resList = $dbi->queryAsControlUser($sqlQuery); |
|
|
|
return $resList->fetchAllKeyPair(); |
|
} |
|
}
|
|
|