From 22a3efe4ed0b287ec6431fc1147d65a07b8ad7e9 Mon Sep 17 00:00:00 2001
From: Jakub Vrana <jakub@vrana.cz>
Date: Sun, 16 Mar 2025 23:54:25 +0100
Subject: [PATCH] Code style: avoid excesive mixing of PHP and HTML

---
 adminer/create.inc.php            | 51 +++++++++-------------
 adminer/include/design.inc.php    | 23 ++++------
 adminer/include/editing.inc.php   | 72 +++++++++++++++----------------
 adminer/include/functions.inc.php | 12 +-----
 adminer/include/html.inc.php      |  4 +-
 adminer/include/lang.inc.php      |  4 +-
 adminer/sql.inc.php               |  4 +-
 phpcs.xml                         | 10 ++++-
 plugins/drivers/mongo.php         |  4 +-
 9 files changed, 81 insertions(+), 103 deletions(-)

diff --git a/adminer/create.inc.php b/adminer/create.inc.php
index 8a3c8f63..e02452d6 100644
--- a/adminer/create.inc.php
+++ b/adminer/create.inc.php
@@ -180,31 +180,26 @@ foreach ($engines as $engine) {
 
 <form action="" method="post" id="form">
 <p>
-<?php if (support("columns") || $TABLE == "") { ?>
-<?php echo lang('Table name'); ?>: <input name="name"<?php echo ($TABLE == "" && !$_POST ? " autofocus" : ""); ?> data-maxlength="64" value="<?php echo h($row["name"]); ?>" autocapitalize="off">
-<?php echo ($engines ? html_select("Engine", array("" => "(" . lang('engine') . ")") + $engines, $row["Engine"]) . on_help("getTarget(event).value", 1) . script("qsl('select').onchange = helpClose;") : ""); ?>
- <?php
+<?php
+if (support("columns") || $TABLE == "") {
+	echo lang('Table name') . "<input name='name'" . ($TABLE == "" && !$_POST ? " autofocus" : "") . " data-maxlength='64' value='" . h($row["name"]) . "' autocapitalize='off'>\n";
+	echo ($engines ? html_select("Engine", array("" => "(" . lang('engine') . ")") + $engines, $row["Engine"]) . on_help("getTarget(event).value", 1) . script("qsl('select').onchange = helpClose;") . "\n" : "");
 	if ($collations) {
 		echo "<datalist id='collations'>" . optionlist($collations) . "</datalist>";
 		echo (preg_match("~sqlite|mssql~", JUSH) ? "" : "<input list='collations' name='Collation' value='" . h($row["Collation"]) . "' placeholder='(" . lang('collation') . ")'>");
 	}
-	?>
- <input type="submit" value="<?php echo lang('Save'); ?>">
-<?php } ?>
+	echo "<input type='submit' value='<?php echo lang('Save'); ?>'>\n";
+}
 
-<?php if (support("columns")) { ?>
-<div class="scrollable">
-<table id="edit-fields" class="nowrap">
-<?php
+if (support("columns")) {
+	echo "<div class='scrollable'>\n";
+	echo "<table id='edit-fields' class='nowrap'>\n";
 	edit_fields($row["fields"], $collations, "TABLE", $foreign_keys);
-	?>
-</table>
-<?php echo script("editFields();"); ?>
-</div>
-<p>
-<?php echo lang('Auto Increment'); ?>: <input type="number" name="Auto_increment" class="size" value="<?php echo h($row["Auto_increment"]); ?>">
-<?php echo checkbox("defaults", 1, ($_POST ? $_POST["defaults"] : get_setting("defaults")), lang('Default values'), "columnShow(this.checked, 5)", "jsonly"); ?>
-<?php
+	echo "</table>\n";
+	echo script("editFields();");
+	echo "</div>\n<p>\n";
+	echo lang('Auto Increment') . "<input type='number' name='Auto_increment' class='size' value='" . h($row["Auto_increment"]) . "'>\n";
+	echo checkbox("defaults", 1, ($_POST ? $_POST["defaults"] : get_setting("defaults")), lang('Default values'), "columnShow(this.checked, 5)", "jsonly");
 	$comments = ($_POST ? $_POST["comments"] : get_setting("comments"));
 	echo (support("comment")
 		? checkbox("comments", 1, $comments, lang('Comment'), "editingCommentsClick(this, true);", "jsonly")
@@ -226,24 +221,18 @@ foreach ($engines as $engine) {
 if (support("partitioning")) {
 	$partition_table = preg_match('~RANGE|LIST~', $row["partition_by"]);
 	print_fieldset("partition", lang('Partition by'), $row["partition_by"]);
-	?>
-<p>
-<?php echo html_select("partition_by", array("" => "") + $partition_by, $row["partition_by"]) . on_help("getTarget(event).value.replace(/./, 'PARTITION BY \$&')", 1) . script("qsl('select').onchange = partitionByChange;"); ?>
-(<input name="partition" value="<?php echo h($row["partition"]); ?>">)
-<?php echo lang('Partitions'); ?>: <input type="number" name="partitions" class="size<?php echo ($partition_table || !$row["partition_by"] ? " hidden" : ""); ?>" value="<?php echo h($row["partitions"]); ?>">
-<table id="partition-table"<?php echo ($partition_table ? "" : " class='hidden'"); ?>>
-<thead><tr><th><?php echo lang('Partition name'); ?><th><?php echo lang('Values'); ?></thead>
-<?php
+	echo "<p>" . html_select("partition_by", array("" => "") + $partition_by, $row["partition_by"]) . on_help("getTarget(event).value.replace(/./, 'PARTITION BY \$&')", 1) . script("qsl('select').onchange = partitionByChange;");
+	echo "(<input name='partition' value='" . h($row["partition"]) . "'>)\n";
+	echo lang('Partitions') . ": <input type='number' name='partitions' class='size" . ($partition_table || !$row["partition_by"] ? " hidden" : "") . "' value='" . h($row["partitions"]) . "'>\n";
+	echo "<table id='partition-table'" . ($partition_table ? "" : " class='hidden'") . ">\n";
+	echo "<thead><tr><th>" . lang('Partition name') . "<th>" . lang('Values') . "</thead>\n";
 	foreach ($row["partition_names"] as $key => $val) {
 		echo '<tr>';
 		echo '<td><input name="partition_names[]" value="' . h($val) . '" autocapitalize="off">';
 		echo ($key == count($row["partition_names"]) - 1 ? script("qsl('input').oninput = partitionNameChange;") : '');
 		echo '<td><input name="partition_values[]" value="' . h($row["partition_values"][$key]) . '">';
 	}
-	?>
-</table>
-</div></fieldset>
-<?php
+	echo "</table>\n</div></fieldset>\n";
 }
 ?>
 <input type="hidden" name="token" value="<?php echo $token; ?>">
diff --git a/adminer/include/design.inc.php b/adminer/include/design.inc.php
index 38c621c5..1754608f 100644
--- a/adminer/include/design.inc.php
+++ b/adminer/include/design.inc.php
@@ -66,21 +66,16 @@ fQIDAQAB
 			$_COOKIE["adminer_version"] = $version["version"]; // doesn't need to send to the browser
 		}
 	}
-	?>
-<script<?php echo nonce(); ?>>
-mixin(document.body, {onkeydown: bodyKeydown, onclick: bodyClick<?php
-	echo (isset($_COOKIE["adminer_version"]) ? "" : ", onload: partial(verifyVersion, '$VERSION', '" . js_escape(ME) . "', '" . get_token() . "')"); // $token may be empty in auth.inc.php
-	?>});
+	echo script("mixin(document.body, {onkeydown: bodyKeydown, onclick: bodyClick"
+		. (isset($_COOKIE["adminer_version"]) ? "" : ", onload: partial(verifyVersion, '$VERSION', '" . js_escape(ME) . "', '" . get_token() . "')") // $token may be empty in auth.inc.php
+		. "});
 document.body.className = document.body.className.replace(/ nojs/, ' js');
-var offlineMessage = '<?php echo js_escape(lang('You are offline.')); ?>';
-var thousandsSeparator = '<?php echo js_escape(lang(',')); ?>';
-</script>
-
-<div id="help" class="jush-<?php echo JUSH; ?> jsonly hidden"></div>
-<?php echo script("mixin(qs('#help'), {onmouseover: function () { helpOpen = 1; }, onmouseout: helpMouseout});"); ?>
-
-<div id="content">
-<?php
+var offlineMessage = '" . js_escape(lang('You are offline.')) . "';
+var thousandsSeparator = '" . js_escape(lang(',')) . "';")
+	;
+	echo "<div id='help' class='jush-" . JUSH . " jsonly hidden'></div>\n";
+	echo script("mixin(qs('#help'), {onmouseover: function () { helpOpen = 1; }, onmouseout: helpMouseout});");
+	echo "<div id='content'>\n";
 	if ($breadcrumb !== null) {
 		$link = substr(preg_replace('~\b(username|db|ns)=[^&]*&~', '', ME), 0, -1);
 		echo '<p id="breadcrumb"><a href="' . h($link ?: ".") . '">' . $drivers[DRIVER] . '</a> » ';
diff --git a/adminer/include/editing.inc.php b/adminer/include/editing.inc.php
index 953bd320..998787a5 100644
--- a/adminer/include/editing.inc.php
+++ b/adminer/include/editing.inc.php
@@ -185,7 +185,7 @@ function json_row($key, $val = null) {
 function edit_type($key, $field, $collations, $foreign_keys = array(), $extra_types = array()) {
 	global $driver;
 	$type = $field["type"];
-	?><td><select name="<?php echo h($key); ?>[type]" class="type" aria-labelledby="label-type"><?php
+	echo "<td><select name='" . h($key) . "[type]' class='type' aria-labelledby='label-type'>";
 	if ($type && !array_key_exists($type, $driver->types()) && !isset($foreign_keys[$type]) && !in_array($type, $extra_types)) {
 		$extra_types[] = $type;
 	}
@@ -194,12 +194,11 @@ function edit_type($key, $field, $collations, $foreign_keys = array(), $extra_ty
 		$structured_types[lang('Foreign keys')] = $foreign_keys;
 	}
 	echo optionlist(array_merge($extra_types, $structured_types), $type);
-	?></select><td><input
-	name="<?php echo h($key); ?>[length]"
-	value="<?php echo h($field["length"]); ?>"
-	size="3"
-	<?php echo (!$field["length"] && preg_match('~var(char|binary)$~', $type) ? " class='required'" : ""); //! type="number" with enabled JavaScript ?>
-	aria-labelledby="label-length"><td class="options"><?php
+	echo "</select><td>";
+	echo "<input name='" . h($key) . "[length]' value='" . h($field["length"]) . "' size='3'"
+		. (!$field["length"] && preg_match('~var(char|binary)$~', $type) ? " class='required'" : "") //! type="number" with enabled JavaScript
+		. " aria-labelledby='label-length'>";
+	echo "<td class='options'>";
 	echo ($collations
 		? "<input list='collations' name='" . h($key) . "[collation]'" . (preg_match('~(char|text|enum|set)$~', $type) ? "" : " class='hidden'") . " value='" . h($field["collation"]) . "' placeholder='(" . lang('collation') . ")'>"
 		: ''
@@ -333,46 +332,43 @@ function edit_fields($fields, $collations, $type = "TABLE", $foreign_keys = arra
 <th id="label-name"><?php echo ($type == "TABLE" ? lang('Column name') : lang('Parameter name')); ?>
 <td id="label-type"><?php echo lang('Type'); ?><textarea id="enum-edit" rows="4" cols="12" wrap="off" style="display: none;"></textarea><?php echo script("qs('#enum-edit').onblur = editingLengthBlur;"); ?>
 <td id="label-length"><?php echo lang('Length'); ?>
-<td><?php echo lang('Options'); /* no label required, options have their own label */ ?>
-<?php if ($type == "TABLE") { ?>
-<td id="label-null">NULL
-<td><input type="radio" name="auto_increment_col" value=""><abbr id="label-ai" title="<?php echo lang('Auto Increment'); ?>">AI</abbr><?php echo doc_link(array(
-	'sql' => "example-auto-increment.html",
-	'mariadb' => "auto_increment/",
-	'sqlite' => "autoinc.html",
-	'pgsql' => "datatype-numeric.html#DATATYPE-SERIAL",
-	'mssql' => "t-sql/statements/create-table-transact-sql-identity-property",
-)); ?>
-<td id="label-default"<?php echo $default_class; ?>><?php echo lang('Default value'); ?>
-<?php echo (support("comment") ? "<td id='label-comment'$comment_class>" . lang('Comment') : ""); ?>
-<?php } ?>
-<td><?php echo "<input type='image' class='icon' name='add[" . (support("move_col") ? 0 : count($fields)) . "]' src='../adminer/static/plus.gif' alt='+' title='" . lang('Add next') . "'>" . script("row_count = " . count($fields) . ";"); ?>
-</thead>
-<tbody>
-<?php
+<td><?php
+	echo lang('Options'); // no label required, options have their own label
+	if ($type == "TABLE") {
+		echo "<td id='label-null'>NULL\n";
+		echo "<td><input type='radio' name='auto_increment_col' value=''><abbr id='label-ai' title='" . lang('Auto Increment') . "'>AI</abbr>";
+		echo doc_link(array(
+			'sql' => "example-auto-increment.html",
+			'mariadb' => "auto_increment/",
+			'sqlite' => "autoinc.html",
+			'pgsql' => "datatype-numeric.html#DATATYPE-SERIAL",
+			'mssql' => "t-sql/statements/create-table-transact-sql-identity-property",
+		));
+		echo "<td id='label-default'$default_class>" . lang('Default value');
+		echo (support("comment") ? "<td id='label-comment'$comment_class>" . lang('Comment') : "");
+	}
+	echo "<td><input type='image' class='icon' name='add[" . (support("move_col") ? 0 : count($fields)) . "]' src='../adminer/static/plus.gif' alt='+' title='" . lang('Add next') . "'>" . script("row_count = " . count($fields) . ";");
+	echo "</thead>\n<tbody>\n";
 	echo script("mixin(qsl('tbody'), {onclick: editingClick, onkeydown: editingKeydown, oninput: editingInput});");
 	foreach ($fields as $i => $field) {
 		$i++;
 		$orig = $field[($_POST ? "orig" : "field")];
 		$display = (isset($_POST["add"][$i-1]) || (isset($field["field"]) && !$_POST["drop_col"][$i])) && (support("drop_col") || $orig == "");
-		?>
-<tr<?php echo ($display ? "" : " style='display: none;'"); ?>>
-<?php echo ($type == "PROCEDURE" ? "<td>" . html_select("fields[$i][inout]", explode("|", $driver->inout), $field["inout"]) : "") . "<th>"; ?>
-<?php if ($display) { ?>
-<input name="fields[<?php echo $i; ?>][field]" value="<?php echo h($field["field"]); ?>" data-maxlength="64" autocapitalize="off" aria-labelledby="label-name">
-<?php } ?>
-<input type="hidden" name="fields[<?php echo $i; ?>][orig]" value="<?php echo h($orig); ?>"><?php edit_type("fields[$i]", $field, $collations, $foreign_keys); ?>
-<?php
+		echo "<tr" . ($display ? "" : " style='display: none;'") . ">\n";
+		echo ($type == "PROCEDURE" ? "<td>" . html_select("fields[$i][inout]", explode("|", $driver->inout), $field["inout"]) : "") . "<th>";
+		if ($display) {
+			echo "<input name='fields[$][field]' value='" . h($field["field"]) . "' data-maxlength='64' autocapitalize='off' aria-labelledby='label-name'>\n";
+		}
+		echo "<input type='hidden' name='fields[$i][orig]' value='" . h($orig) . "'>";
+		edit_type("fields[$i]", $field, $collations, $foreign_keys);
 		if ($type == "TABLE") {
-			?>
-<td><?php echo checkbox("fields[$i][null]", 1, $field["null"], "", "", "block", "label-null"); ?>
-<td><label class="block"><input type="radio" name="auto_increment_col" value="<?php echo $i; ?>"<?php echo ($field["auto_increment"] ? " checked" : ""); ?> aria-labelledby="label-ai"></label><td<?php echo $default_class; ?>><?php
-			echo ($driver->generated
+			echo "<td>" . checkbox("fields[$i][null]", 1, $field["null"], "", "", "block", "label-null");
+			echo "<td><label class='block'><input type='radio' name='auto_increment_col' value='$i'" . ($field["auto_increment"] ? " checked" : "") . " aria-labelledby='label-ai'></label>";
+			echo "<td$default_class>" . ($driver->generated
 				? html_select("fields[$i][generated]", array_merge(array("", "DEFAULT"), $driver->generated), $field["generated"]) . " "
 				: checkbox("fields[$i][generated]", 1, $field["generated"], "", "", "", "label-default")
 			);
-			?>
-<input name="fields[<?php echo $i; ?>][default]" value="<?php echo h($field["default"]); ?>" aria-labelledby="label-default"><?php
+			echo "<input name='fields[$i][default]' value='" . h($field["default"]) . "' aria-labelledby='label-default'>";
 			echo (support("comment") ? "<td$comment_class><input name='fields[$i][comment]' value='" . h($field["comment"]) . "' data-maxlength='" . (min_version(5.5) ? 1024 : 255) . "' aria-labelledby='label-comment'>" : "");
 		}
 		echo "<td>";
diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php
index 18152ab0..109c60cd 100644
--- a/adminer/include/functions.inc.php
+++ b/adminer/include/functions.inc.php
@@ -299,8 +299,7 @@ function where($where, $fields = array()) {
 			. (JUSH == "sql" && $field_type == "json" ? " = CAST(" . q($val) . " AS JSON)"
 				: (JUSH == "sql" && is_numeric($val) && preg_match('~\.~', $val) ? " LIKE " . q($val) // LIKE because of floats but slow with ints
 				: (JUSH == "mssql" && strpos($field_type, "datetime") === false ? " LIKE " . q(preg_replace('~[_%[]~', '[\0]', $val)) // LIKE because of text but it does not work with datetime
-				: " = " . unconvert_field($fields[$key], q($val))
-			)))
+				: " = " . unconvert_field($fields[$key], q($val)))))
 		; //! enum and set
 		if (JUSH == "sql" && preg_match('~char|text~', $field_type) && preg_match("~[^ -@]~", $val)) { // not just [a-z] to catch non-ASCII characters
 			$return[] = "$column = " . q($val) . " COLLATE " . charset($connection) . "_bin";
@@ -961,14 +960,7 @@ function slow_query($query) {
 	$connection2 = null;
 	if (!$slow_query && support("kill") && is_object($connection2 = connect($adminer->credentials())) && ($db == "" || $connection2->select_db($db))) {
 		$kill = $connection2->result(connection_id()); // MySQL and MySQLi can use thread_id but it's not in PDO_MySQL
-		?>
-<script<?php echo nonce(); ?>>
-var timeout = setTimeout(function () {
-	ajax('<?php echo js_escape(ME); ?>script=kill', function () {
-	}, 'kill=<?php echo $kill; ?>&token=<?php echo $token; ?>');
-}, <?php echo 1000 * $timeout; ?>);
-</script>
-<?php
+		echo script("var timeout = setTimeout(function () { ajax('" . js_escape(ME) . "script=kill', function () {}, 'kill=$kill&token=$token'); }, 1000 * $timeout);");
 	}
 	ob_flush();
 	flush();
diff --git a/adminer/include/html.inc.php b/adminer/include/html.inc.php
index ef085eb2..58927e56 100644
--- a/adminer/include/html.inc.php
+++ b/adminer/include/html.inc.php
@@ -427,9 +427,7 @@ function edit_form($table, $fields, $row, $update) {
 		echo "<p class='error'>" . lang('No rows.') . "\n";
 		return;
 	}
-	?>
-<form action="" method="post" enctype="multipart/form-data" id="form">
-<?php
+	echo "<form action='' method='post' enctype='multipart/form-data' id='form'>\n";
 	if (!$fields) {
 		echo "<p class='error'>" . lang('You have no privileges to update this table.') . "\n";
 	} else {
diff --git a/adminer/include/lang.inc.php b/adminer/include/lang.inc.php
index accff558..a7376386 100644
--- a/adminer/include/lang.inc.php
+++ b/adminer/include/lang.inc.php
@@ -77,8 +77,8 @@ function lang($idf, $number = null) {
 			: ($LANG == 'lt' ? ($number % 10 == 1 && $number % 100 != 11 ? 0 : ($number % 10 > 1 && $number / 10 % 10 != 1 ? 1 : 2)) // different forms for 1, 12-19, other
 			: ($LANG == 'lv' ? ($number % 10 == 1 && $number % 100 != 11 ? 0 : ($number ? 1 : 2)) // different forms for 1 except 11, other, 0
 			: (in_array($LANG, array('bs', 'ru', 'sr', 'uk')) ? ($number % 10 == 1 && $number % 100 != 11 ? 0 : ($number % 10 > 1 && $number % 10 < 5 && $number / 10 % 10 != 1 ? 1 : 2)) // different forms for 1 except 11, 2-4 except 12-14, other
-			: 1 // different forms for 1, other
-		)))))))); // http://www.gnu.org/software/gettext/manual/html_node/Plural-forms.html
+			: 1)))))))) // different forms for 1, other
+		; // http://www.gnu.org/software/gettext/manual/html_node/Plural-forms.html
 		$translation = $translation[$pos];
 	}
 	$args = func_get_args();
diff --git a/adminer/sql.inc.php b/adminer/sql.inc.php
index c36b29a5..d2f401f3 100644
--- a/adminer/sql.inc.php
+++ b/adminer/sql.inc.php
@@ -90,8 +90,8 @@ if (!$error && $_POST) {
 						$pattern = ($found == '/*' ? '\*/'
 							: ($found == '[' ? ']'
 							: (preg_match('~^-- |^#~', $found) ? "\n"
-							: preg_quote($found) . ($c_style_escapes ? "|\\\\." : "")
-						)));
+							: preg_quote($found) . ($c_style_escapes ? "|\\\\." : "")))
+						);
 
 						while (preg_match("($pattern|\$)s", $query, $match, PREG_OFFSET_CAPTURE, $offset)) {
 							$s = $match[0][0];
diff --git a/phpcs.xml b/phpcs.xml
index bc76b8a1..76288eee 100644
--- a/phpcs.xml
+++ b/phpcs.xml
@@ -32,11 +32,19 @@
 		<exclude name="PSR12.Classes.ClassInstantiation.MissingParentheses"/>
 		<exclude name="Squiz.Scope.MethodScope.Missing"/>
 
-		<!-- TODO: Ignore only in <?php if () { ?><?php } ?> -->
+		<!-- False positives. -->
 		<exclude name="Generic.WhiteSpace.ScopeIndent.Incorrect"/>
 		<exclude name="Generic.WhiteSpace.ScopeIndent.IncorrectExact"/>
 	</rule>
 
+	<rule ref="Generic.WhiteSpace.ScopeIndent">
+		<properties>
+			<property name="ignoreIndentationTokens" type="array">
+				<element value="T_OPEN_TAG"/>
+			</property>
+		</properties>
+	</rule>
+
 	<rule ref="PSR1.Methods.CamelCapsMethodName.NotCamelCaps">
 		<exclude-pattern>adminer/drivers/</exclude-pattern>
 		<exclude-pattern>adminer/include/pdo.inc.php</exclude-pattern>
diff --git a/plugins/drivers/mongo.php b/plugins/drivers/mongo.php
index a8ef94a2..ac7912fd 100644
--- a/plugins/drivers/mongo.php
+++ b/plugins/drivers/mongo.php
@@ -73,8 +73,8 @@ if (isset($_GET["mongo"])) {
 							(is_a($val, 'MongoDB\BSON\Binary') ? $val->getData() : //! allow downloading
 							(is_a($val, 'MongoDB\BSON\Regex') ? "$val" :
 							(is_object($val) || is_array($val) ? json_encode($val, 256) : // 256 = JSON_UNESCAPED_UNICODE
-							$val // MongoMinKey, MongoMaxKey
-						)))));
+							$val))))) // MongoMinKey, MongoMaxKey
+						;
 					}
 					$this->rows[] = $row;
 					foreach ($row as $key => $val) {