mirror of
https://github.com/vrana/adminer.git
synced 2025-08-16 11:34:10 +02:00
Prepare for version 2
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@602 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
jakubvrana
@@ -80,7 +80,7 @@ if (extension_loaded("mysqli")) {
|
||||
// minification compatibility end
|
||||
}
|
||||
|
||||
$mysql = new Min_MySQLi;
|
||||
$dbh = new Min_MySQLi;
|
||||
|
||||
} elseif (extension_loaded("mysql")) {
|
||||
class Min_MySQL {
|
||||
@@ -168,7 +168,7 @@ if (extension_loaded("mysqli")) {
|
||||
}
|
||||
}
|
||||
|
||||
$mysql = new Min_MySQL;
|
||||
$dbh = new Min_MySQL;
|
||||
|
||||
} elseif (extension_loaded("pdo_mysql")) {
|
||||
class Min_PDO_MySQL extends PDO {
|
||||
@@ -255,7 +255,7 @@ if (extension_loaded("mysqli")) {
|
||||
}
|
||||
}
|
||||
|
||||
$mysql = new Min_PDO_MySQL;
|
||||
$dbh = new Min_PDO_MySQL;
|
||||
|
||||
} else {
|
||||
page_header(lang('No MySQL extension'), lang('None of supported PHP extensions (%s) are available.', 'MySQLi, MySQL, PDO_MySQL'), null);
|
||||
|
||||
@@ -66,7 +66,7 @@ $username = &$_SESSION["usernames"][$_GET["server"]];
|
||||
if (!isset($username)) {
|
||||
$username = $_GET["username"];
|
||||
}
|
||||
if (!isset($username) || !$mysql->connect($_GET["server"], $username, $_SESSION["passwords"][$_GET["server"]])) {
|
||||
if (!isset($username) || !$dbh->connect($_GET["server"], $username, $_SESSION["passwords"][$_GET["server"]])) {
|
||||
auth_error();
|
||||
exit;
|
||||
}
|
||||
|
||||
14
call.inc.php
14
call.inc.php
@@ -22,25 +22,25 @@ if (!$error && $_POST) {
|
||||
$val = "''";
|
||||
}
|
||||
if (isset($out[$key])) {
|
||||
$mysql->query("SET @" . idf_escape($field["field"]) . " = " . $val);
|
||||
$dbh->query("SET @" . idf_escape($field["field"]) . " = " . $val);
|
||||
}
|
||||
}
|
||||
$call[] = (isset($out[$key]) ? "@" . idf_escape($field["field"]) : $val);
|
||||
}
|
||||
$result = $mysql->multi_query((isset($_GET["callf"]) ? "SELECT" : "CALL") . " " . idf_escape($_GET["call"]) . "(" . implode(", ", $call) . ")");
|
||||
$result = $dbh->multi_query((isset($_GET["callf"]) ? "SELECT" : "CALL") . " " . idf_escape($_GET["call"]) . "(" . implode(", ", $call) . ")");
|
||||
if (!$result) {
|
||||
echo "<p class='error'>" . htmlspecialchars($mysql->error) . "</p>\n";
|
||||
echo "<p class='error'>" . htmlspecialchars($dbh->error) . "</p>\n";
|
||||
} else {
|
||||
do {
|
||||
$result = $mysql->store_result();
|
||||
$result = $dbh->store_result();
|
||||
if (is_object($result)) {
|
||||
select($result);
|
||||
} else {
|
||||
echo "<p class='message'>" . lang('Routine has been called, %d row(s) affected.', $mysql->affected_rows) . "</p>\n";
|
||||
echo "<p class='message'>" . lang('Routine has been called, %d row(s) affected.', $dbh->affected_rows) . "</p>\n";
|
||||
}
|
||||
} while ($mysql->next_result());
|
||||
} while ($dbh->next_result());
|
||||
if ($out) {
|
||||
select($mysql->query("SELECT " . implode(", ", $out)));
|
||||
select($dbh->query("SELECT " . implode(", ", $out)));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
<?php
|
||||
$mysql->query("SET SQL_QUOTE_SHOW_CREATE=1");
|
||||
if (!(strlen($_GET["db"]) ? $mysql->select_db($_GET["db"]) : isset($_GET["sql"]) || isset($_GET["dump"]) || isset($_GET["database"]) || isset($_GET["processlist"]) || isset($_GET["privileges"]) || isset($_GET["user"]))) {
|
||||
$dbh->query("SET SQL_QUOTE_SHOW_CREATE=1");
|
||||
if (!(strlen($_GET["db"]) ? $dbh->select_db($_GET["db"]) : isset($_GET["sql"]) || isset($_GET["dump"]) || isset($_GET["database"]) || isset($_GET["processlist"]) || isset($_GET["privileges"]) || isset($_GET["user"]))) {
|
||||
if (strlen($_GET["db"])) {
|
||||
unset($_SESSION["databases"][$_GET["server"]]);
|
||||
}
|
||||
@@ -11,10 +11,10 @@ if (!(strlen($_GET["db"]) ? $mysql->select_db($_GET["db"]) : isset($_GET["sql"])
|
||||
echo '<p><a href="' . htmlspecialchars($SELF) . 'database=">' . lang('Create new database') . "</a></p>\n";
|
||||
echo '<p><a href="' . htmlspecialchars($SELF) . 'privileges=">' . lang('Privileges') . "</a></p>\n";
|
||||
echo '<p><a href="' . htmlspecialchars($SELF) . 'processlist=">' . lang('Process list') . "</a></p>\n";
|
||||
echo "<p>" . lang('MySQL version: %s through PHP extension %s', "<b" . ($mysql->server_info < 4.1 ? " class='binary'" : "") . ">$mysql->server_info</b>", "<b>$mysql->extension</b>") . "</p>\n";
|
||||
echo "<p>" . lang('Logged as: %s', "<b>" . htmlspecialchars($mysql->result($mysql->query("SELECT USER()"))) . "</b>") . "</p>\n";
|
||||
echo "<p>" . lang('MySQL version: %s through PHP extension %s', "<b" . ($dbh->server_info < 4.1 ? " class='binary'" : "") . ">$dbh->server_info</b>", "<b>$dbh->extension</b>") . "</p>\n";
|
||||
echo "<p>" . lang('Logged as: %s', "<b>" . htmlspecialchars($dbh->result($dbh->query("SELECT USER()"))) . "</b>") . "</p>\n";
|
||||
}
|
||||
page_footer("db");
|
||||
exit;
|
||||
}
|
||||
$mysql->query("SET CHARACTER SET utf8");
|
||||
$dbh->query("SET CHARACTER SET utf8");
|
||||
|
||||
@@ -31,9 +31,9 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"]
|
||||
$fields[] = (!strlen($_GET["create"]) ? "" : (strlen($field["orig"]) ? "CHANGE " . idf_escape($field["orig"]) . " " : "ADD "))
|
||||
. idf_escape($field["field"]) . process_type($field)
|
||||
. ($field["null"] ? " NULL" : " NOT NULL") // NULL for timestamp
|
||||
. (strlen($_GET["create"]) && strlen($field["orig"]) && isset($orig_fields[$field["orig"]]["default"]) && $field["type"] != "timestamp" ? " DEFAULT '" . $mysql->escape_string($orig_fields[$field["orig"]]["default"]) . "'" : "") //! timestamp
|
||||
. (strlen($_GET["create"]) && strlen($field["orig"]) && isset($orig_fields[$field["orig"]]["default"]) && $field["type"] != "timestamp" ? " DEFAULT '" . $dbh->escape_string($orig_fields[$field["orig"]]["default"]) . "'" : "") //! timestamp
|
||||
. ($key == $_POST["auto_increment_col"] ? " AUTO_INCREMENT$auto_increment_index" : "")
|
||||
. " COMMENT '" . $mysql->escape_string($field["comment"]) . "'"
|
||||
. " COMMENT '" . $dbh->escape_string($field["comment"]) . "'"
|
||||
. (strlen($_GET["create"]) ? " $after" : "")
|
||||
;
|
||||
$after = "AFTER " . idf_escape($field["field"]);
|
||||
@@ -41,10 +41,10 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"]
|
||||
$fields[] = "DROP " . idf_escape($field["orig"]);
|
||||
}
|
||||
}
|
||||
$status = ($_POST["Engine"] ? " ENGINE='" . $mysql->escape_string($_POST["Engine"]) . "'" : "")
|
||||
. ($_POST["Collation"] ? " COLLATE '" . $mysql->escape_string($_POST["Collation"]) . "'" : "")
|
||||
$status = ($_POST["Engine"] ? " ENGINE='" . $dbh->escape_string($_POST["Engine"]) . "'" : "")
|
||||
. ($_POST["Collation"] ? " COLLATE '" . $dbh->escape_string($_POST["Collation"]) . "'" : "")
|
||||
. (strlen($_POST["Auto_increment"]) ? " AUTO_INCREMENT=" . intval($_POST["Auto_increment"]) : "")
|
||||
. " COMMENT='" . $mysql->escape_string($_POST["Comment"]) . "'"
|
||||
. " COMMENT='" . $dbh->escape_string($_POST["Comment"]) . "'"
|
||||
;
|
||||
if (in_array($_POST["partition_by"], $partition_by)) {
|
||||
$partitions = array();
|
||||
@@ -55,7 +55,7 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"]
|
||||
}
|
||||
}
|
||||
$status .= " PARTITION BY $_POST[partition_by]($_POST[partition])" . ($partitions ? " (" . implode(", ", $partitions) . ")" : ($_POST["partitions"] ? " PARTITIONS " . intval($_POST["partitions"]) : ""));
|
||||
} elseif ($mysql->server_info >= 5.1 && strlen($_GET["create"])) {
|
||||
} elseif ($dbh->server_info >= 5.1 && strlen($_GET["create"])) {
|
||||
$status .= " REMOVE PARTITIONING";
|
||||
}
|
||||
$location = $SELF . "table=" . urlencode($_POST["name"]);
|
||||
@@ -69,7 +69,7 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"]
|
||||
page_header((strlen($_GET["create"]) ? lang('Alter table') : lang('Create table')), $error, array("table" => $_GET["create"]), $_GET["create"]);
|
||||
|
||||
$engines = array();
|
||||
$result = $mysql->query("SHOW ENGINES");
|
||||
$result = $dbh->query("SHOW ENGINES");
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
if ($row["Support"] == "YES" || $row["Support"] == "DEFAULT") {
|
||||
$engines[] = $row["Engine"];
|
||||
@@ -88,14 +88,14 @@ if ($_POST) {
|
||||
table_comment($row);
|
||||
$row["name"] = $_GET["create"];
|
||||
$row["fields"] = array_values($orig_fields);
|
||||
if ($mysql->server_info >= 5.1) {
|
||||
$from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = '" . $mysql->escape_string($_GET["db"]) . "' AND TABLE_NAME = '" . $mysql->escape_string($_GET["create"]) . "'";
|
||||
$result = $mysql->query("SELECT PARTITION_METHOD, PARTITION_ORDINAL_POSITION, PARTITION_EXPRESSION $from ORDER BY PARTITION_ORDINAL_POSITION DESC LIMIT 1");
|
||||
if ($dbh->server_info >= 5.1) {
|
||||
$from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = '" . $dbh->escape_string($_GET["db"]) . "' AND TABLE_NAME = '" . $dbh->escape_string($_GET["create"]) . "'";
|
||||
$result = $dbh->query("SELECT PARTITION_METHOD, PARTITION_ORDINAL_POSITION, PARTITION_EXPRESSION $from ORDER BY PARTITION_ORDINAL_POSITION DESC LIMIT 1");
|
||||
list($row["partition_by"], $row["partitions"], $row["partition"]) = $result->fetch_row();
|
||||
$result->free();
|
||||
$row["partition_names"] = array();
|
||||
$row["partition_values"] = array();
|
||||
$result = $mysql->query("SELECT PARTITION_NAME, PARTITION_DESCRIPTION $from AND PARTITION_NAME != '' ORDER BY PARTITION_ORDINAL_POSITION");
|
||||
$result = $dbh->query("SELECT PARTITION_NAME, PARTITION_DESCRIPTION $from AND PARTITION_NAME != '' ORDER BY PARTITION_ORDINAL_POSITION");
|
||||
while ($row1 = $result->fetch_assoc()) {
|
||||
$row["partition_names"][] = $row1["PARTITION_NAME"];
|
||||
$row["partition_values"][] = $row1["PARTITION_DESCRIPTION"];
|
||||
@@ -146,7 +146,7 @@ function column_comments_click(checked) {
|
||||
<?php if (strlen($_GET["create"])) { ?><input type="submit" name="drop" value="<?php echo lang('Drop'); ?>"<?php echo $confirm; ?> /><?php } ?>
|
||||
</p>
|
||||
<?php
|
||||
if ($mysql->server_info >= 5.1) {
|
||||
if ($dbh->server_info >= 5.1) {
|
||||
$partition_table = ereg('RANGE|LIST', $row["partition_by"]);
|
||||
?>
|
||||
<fieldset><legend><?php echo lang('Partition by'); ?></legend>
|
||||
|
||||
@@ -5,8 +5,8 @@ if ($_POST && !$error) {
|
||||
query_redirect("DROP DATABASE " . idf_escape($_GET["db"]), substr(preg_replace('~db=[^&]*&~', '', $SELF), 0, -1), lang('Database has been dropped.'));
|
||||
} elseif ($_GET["db"] !== $_POST["name"]) {
|
||||
unset($_SESSION["databases"][$_GET["server"]]);
|
||||
if (query_redirect("CREATE DATABASE " . idf_escape($_POST["name"]) . ($_POST["collation"] ? " COLLATE '" . $mysql->escape_string($_POST["collation"]) . "'" : ""), $SELF . "db=" . urlencode($_POST["name"]), lang('Database has been created.'), !strlen($_GET["db"]))) {
|
||||
$result = $mysql->query("SHOW TABLES");
|
||||
if (query_redirect("CREATE DATABASE " . idf_escape($_POST["name"]) . ($_POST["collation"] ? " COLLATE '" . $dbh->escape_string($_POST["collation"]) . "'" : ""), $SELF . "db=" . urlencode($_POST["name"]), lang('Database has been created.'), !strlen($_GET["db"]))) {
|
||||
$result = $dbh->query("SHOW TABLES");
|
||||
while ($row = $result->fetch_row()) {
|
||||
if (!queries("RENAME TABLE " . idf_escape($row[0]) . " TO " . idf_escape($_POST["name"]) . "." . idf_escape($row[0]))) {
|
||||
break;
|
||||
@@ -14,7 +14,7 @@ if ($_POST && !$error) {
|
||||
}
|
||||
$result->free();
|
||||
if (!$row) {
|
||||
$mysql->query("DROP DATABASE " . idf_escape($_GET["db"]));
|
||||
$dbh->query("DROP DATABASE " . idf_escape($_GET["db"]));
|
||||
}
|
||||
query_redirect(queries(), preg_replace('~db=[^&]*&~', '', $SELF) . "db=" . urlencode($_POST["name"]), lang('Database has been renamed.'), !$row, false, $row);
|
||||
}
|
||||
@@ -22,7 +22,7 @@ if ($_POST && !$error) {
|
||||
if (!$_POST["collation"]) {
|
||||
redirect(substr($SELF, 0, -1));
|
||||
}
|
||||
query_redirect("ALTER DATABASE " . idf_escape($_POST["name"]) . " COLLATE '" . $mysql->escape_string($_POST["collation"]) . "'", substr($SELF, 0, -1), lang('Database has been altered.'));
|
||||
query_redirect("ALTER DATABASE " . idf_escape($_POST["name"]) . " COLLATE '" . $dbh->escape_string($_POST["collation"]) . "'", substr($SELF, 0, -1), lang('Database has been altered.'));
|
||||
}
|
||||
}
|
||||
page_header(strlen($_GET["db"]) ? lang('Alter database') : lang('Create database'), $error, array(), $_GET["db"]);
|
||||
@@ -35,7 +35,7 @@ if ($_POST) {
|
||||
$collate = $_POST["collation"];
|
||||
} else {
|
||||
if (!strlen($_GET["db"])) {
|
||||
$result = $mysql->query("SHOW GRANTS");
|
||||
$result = $dbh->query("SHOW GRANTS");
|
||||
while ($row = $result->fetch_row()) {
|
||||
if (preg_match('~ ON (`(([^\\\\`]+|``|\\\\.)*)%`\\.\\*)?~', $row[0], $match) && $match[1]) {
|
||||
$name = stripcslashes(idf_unescape($match[2]));
|
||||
@@ -43,8 +43,8 @@ if ($_POST) {
|
||||
}
|
||||
}
|
||||
$result->free();
|
||||
} elseif (($result = $mysql->query("SHOW CREATE DATABASE " . idf_escape($_GET["db"])))) {
|
||||
$create = $mysql->result($result, 1);
|
||||
} elseif (($result = $dbh->query("SHOW CREATE DATABASE " . idf_escape($_GET["db"])))) {
|
||||
$create = $dbh->result($result, 1);
|
||||
if (preg_match('~ COLLATE ([^ ]+)~', $create, $match)) {
|
||||
$collate = $match[1];
|
||||
} elseif (preg_match('~ CHARACTER SET ([^ ]+)~', $create, $match)) {
|
||||
|
||||
@@ -59,7 +59,7 @@ function toggle(id) {
|
||||
}
|
||||
|
||||
function page_footer($missing = false) {
|
||||
global $SELF, $mysql;
|
||||
global $SELF, $dbh;
|
||||
?>
|
||||
</div>
|
||||
|
||||
@@ -92,7 +92,7 @@ function page_footer($missing = false) {
|
||||
</form>
|
||||
<?php
|
||||
if ($missing != "db" && strlen($_GET["db"])) {
|
||||
$result = $mysql->query("SHOW TABLE STATUS");
|
||||
$result = $dbh->query("SHOW TABLE STATUS");
|
||||
if (!$result->num_rows) {
|
||||
echo "<p class='message'>" . lang('No tables.') . "</p>\n";
|
||||
} else {
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
<?php
|
||||
header("Content-Type: application/octet-stream");
|
||||
echo $mysql->result($mysql->query("SELECT " . idf_escape($_GET["field"]) . " FROM " . idf_escape($_GET["download"]) . " WHERE " . implode(" AND ", where($_GET)) . " LIMIT 1"));
|
||||
echo $dbh->result($dbh->query("SELECT " . idf_escape($_GET["field"]) . " FROM " . idf_escape($_GET["download"]) . " WHERE " . implode(" AND ", where($_GET)) . " LIMIT 1"));
|
||||
|
||||
34
dump.inc.php
34
dump.inc.php
@@ -15,37 +15,37 @@ if ($_POST) {
|
||||
$max_packet = 1048576; // default, minimum is 1024
|
||||
echo "SET NAMES utf8;\n";
|
||||
echo "SET foreign_key_checks = 0;\n";
|
||||
echo "SET time_zone = '" . $mysql->escape_string($mysql->result($mysql->query("SELECT @@time_zone"))) . "';\n";
|
||||
echo "SET time_zone = '" . $dbh->escape_string($dbh->result($dbh->query("SELECT @@time_zone"))) . "';\n";
|
||||
echo "\n";
|
||||
}
|
||||
|
||||
foreach ($_POST["databases"] as $db => $style) {
|
||||
$db = bracket_escape($db, "back");
|
||||
if ($mysql->select_db($db)) {
|
||||
if ($_POST["format"] != "csv" && ereg('CREATE', $style) && ($result = $mysql->query("SHOW CREATE DATABASE " . idf_escape($db)))) {
|
||||
if ($dbh->select_db($db)) {
|
||||
if ($_POST["format"] != "csv" && ereg('CREATE', $style) && ($result = $dbh->query("SHOW CREATE DATABASE " . idf_escape($db)))) {
|
||||
if ($style == "DROP, CREATE") {
|
||||
echo "DROP DATABASE IF EXISTS " . idf_escape($db) . ";\n";
|
||||
}
|
||||
$create = $mysql->result($result, 1);
|
||||
$create = $dbh->result($result, 1);
|
||||
echo ($style == "CREATE, ALTER" ? preg_replace('~^CREATE DATABASE ~', '\\0IF NOT EXISTS ', $create) : $create) . ";\n";
|
||||
$result->free();
|
||||
}
|
||||
if ($style && $_POST["format"] != "csv") {
|
||||
echo "USE " . idf_escape($db) . ";\n\n";
|
||||
$out = "";
|
||||
if ($mysql->server_info >= 5) {
|
||||
if ($dbh->server_info >= 5) {
|
||||
foreach (array("FUNCTION", "PROCEDURE") as $routine) {
|
||||
$result = $mysql->query("SHOW $routine STATUS WHERE Db = '" . $mysql->escape_string($db) . "'");
|
||||
$result = $dbh->query("SHOW $routine STATUS WHERE Db = '" . $dbh->escape_string($db) . "'");
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$out .= $mysql->result($mysql->query("SHOW CREATE $routine " . idf_escape($row["Name"])), 2) . ";;\n\n";
|
||||
$out .= $dbh->result($dbh->query("SHOW CREATE $routine " . idf_escape($row["Name"])), 2) . ";;\n\n";
|
||||
}
|
||||
$result->free();
|
||||
}
|
||||
}
|
||||
if ($mysql->server_info >= 5.1) {
|
||||
$result = $mysql->query("SHOW EVENTS");
|
||||
if ($dbh->server_info >= 5.1) {
|
||||
$result = $dbh->query("SHOW EVENTS");
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$out .= $mysql->result($mysql->query("SHOW CREATE EVENT " . idf_escape($row["Name"])), 3) . ";;\n\n";
|
||||
$out .= $dbh->result($dbh->query("SHOW CREATE EVENT " . idf_escape($row["Name"])), 3) . ";;\n\n";
|
||||
}
|
||||
$result->free();
|
||||
}
|
||||
@@ -54,7 +54,7 @@ if ($_POST) {
|
||||
|
||||
if (($style || strlen($_GET["db"])) && (array_filter((array) $_POST["tables"]) || array_filter((array) $_POST["data"]))) {
|
||||
$views = array();
|
||||
$result = $mysql->query("SHOW TABLE STATUS");
|
||||
$result = $dbh->query("SHOW TABLE STATUS");
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$key = (strlen($_GET["db"]) ? bracket_escape($row["Name"]) : 0);
|
||||
if ($_POST["tables"][$key] || $_POST["data"][$key]) {
|
||||
@@ -80,7 +80,7 @@ if ($_POST) {
|
||||
}
|
||||
}
|
||||
|
||||
if ($mysql->server_info >= 5 && $style == "CREATE, ALTER" && $_POST["format"] != "csv") {
|
||||
if ($dbh->server_info >= 5 && $style == "CREATE, ALTER" && $_POST["format"] != "csv") {
|
||||
$query = "SELECT TABLE_NAME, ENGINE, TABLE_COLLATION, TABLE_COMMENT FROM information_schema.TABLES WHERE TABLE_SCHEMA = DATABASE()";
|
||||
?>
|
||||
DELIMITER ;;
|
||||
@@ -95,11 +95,11 @@ CREATE PROCEDURE phpminadmin_drop () BEGIN
|
||||
FETCH tables INTO _table_name, _engine, _table_collation, _table_comment;
|
||||
IF NOT done THEN
|
||||
CASE _table_name<?php
|
||||
$result = $mysql->query($query);
|
||||
$result = $dbh->query($query);
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$comment = $mysql->escape_string($row["ENGINE"] == "InnoDB" ? preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["TABLE_COMMENT"]) : $row["TABLE_COMMENT"]);
|
||||
$comment = $dbh->escape_string($row["ENGINE"] == "InnoDB" ? preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["TABLE_COMMENT"]) : $row["TABLE_COMMENT"]);
|
||||
echo "
|
||||
WHEN '" . $mysql->escape_string($row["TABLE_NAME"]) . "' THEN
|
||||
WHEN '" . $dbh->escape_string($row["TABLE_NAME"]) . "' THEN
|
||||
" . (isset($row["ENGINE"]) ? "IF _engine != '$row[ENGINE]' OR _table_collation != '$row[TABLE_COLLATION]' OR _table_comment != '$comment' THEN
|
||||
ALTER TABLE " . idf_escape($row["TABLE_NAME"]) . " ENGINE=$row[ENGINE] COLLATE=$row[TABLE_COLLATION] COMMENT='$comment';
|
||||
END IF" : "BEGIN END") . ";";
|
||||
@@ -151,7 +151,7 @@ foreach (array('', 'USE', 'DROP, CREATE', 'CREATE', 'CREATE, ALTER') as $val) {
|
||||
}
|
||||
echo "</tr></thead>\n";
|
||||
foreach ((strlen($_GET["db"]) ? array($_GET["db"]) : get_databases()) as $db) {
|
||||
if ($db != "information_schema" || $mysql->server_info < 5) {
|
||||
if ($db != "information_schema" || $dbh->server_info < 5) {
|
||||
echo "<tr" . odd() . "><td>" . htmlspecialchars($db) . "</td>";
|
||||
foreach (array('', 'USE', 'DROP, CREATE', 'CREATE', 'CREATE, ALTER') as $val) {
|
||||
echo '<td><input type="radio" name="databases[' . htmlspecialchars(bracket_escape($db)) . ']"' . ($val == (strlen($_GET["db"]) ? '' : 'CREATE') ? " checked='checked'" : "") . " value='$val' /></td>";
|
||||
@@ -170,7 +170,7 @@ foreach (array('', 'TRUNCATE, INSERT', 'INSERT', 'UPDATE') as $val) {
|
||||
}
|
||||
echo "</tr></thead>\n";
|
||||
$views = "";
|
||||
$result = $mysql->query(strlen($_GET["db"]) ? "SHOW TABLE STATUS" : "SELECT 'Engine'");
|
||||
$result = $dbh->query(strlen($_GET["db"]) ? "SHOW TABLE STATUS" : "SELECT 'Engine'");
|
||||
odd('');
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$print = "<tr" . odd() . "><td>" . htmlspecialchars($row["Name"]) . "</td>";
|
||||
|
||||
@@ -53,7 +53,7 @@ if ($_POST) {
|
||||
}
|
||||
$row = array();
|
||||
if ($select) {
|
||||
$result = $mysql->query("SELECT " . implode(", ", $select) . " FROM " . idf_escape($_GET["edit"]) . " WHERE " . implode(" AND ", $where) . " LIMIT 1");
|
||||
$result = $dbh->query("SELECT " . implode(", ", $select) . " FROM " . idf_escape($_GET["edit"]) . " WHERE " . implode(" AND ", $where) . " LIMIT 1");
|
||||
$row = $result->fetch_assoc();
|
||||
$result->free();
|
||||
}
|
||||
@@ -76,7 +76,7 @@ if ($fields) {
|
||||
if (isset($_GET["default"]) && $field["type"] == "timestamp") {
|
||||
if (!isset($create) && !$_POST) {
|
||||
//! disable sql_mode NO_FIELD_OPTIONS
|
||||
$create = $mysql->result($mysql->query("SHOW CREATE TABLE " . idf_escape($_GET["edit"])), 1);
|
||||
$create = $dbh->result($dbh->query("SHOW CREATE TABLE " . idf_escape($_GET["edit"])), 1);
|
||||
}
|
||||
$checked = ($_POST ? $_POST["on_update"][bracket_escape($name)] : preg_match("~\n\\s*" . preg_quote(idf_escape($name), '~') . " timestamp.* on update CURRENT_TIMESTAMP~i", $create));
|
||||
echo '<label><input type="checkbox" name="on_update[' . htmlspecialchars(bracket_escape($name)) . ']" value="1"' . ($checked ? ' checked="checked"' : '') . ' />' . lang('ON UPDATE CURRENT_TIMESTAMP') . '</label>';
|
||||
|
||||
@@ -55,7 +55,7 @@ function input($name, $field, $value) {
|
||||
}
|
||||
|
||||
function process_input($name, $field) {
|
||||
global $mysql;
|
||||
global $dbh;
|
||||
$idf = bracket_escape($name);
|
||||
$function = $_POST["function"][$idf];
|
||||
$value = $_POST["fields"][$idf];
|
||||
@@ -64,25 +64,25 @@ function process_input($name, $field) {
|
||||
} elseif ($field["type"] == "enum" || $field["auto_increment"] ? !strlen($value) : $function == "NULL") {
|
||||
return "NULL";
|
||||
} elseif ($field["type"] == "enum") {
|
||||
return (isset($_GET["default"]) ? "'" . $mysql->escape_string($value) . "'" : intval($value));
|
||||
return (isset($_GET["default"]) ? "'" . $dbh->escape_string($value) . "'" : intval($value));
|
||||
} elseif ($field["type"] == "set") {
|
||||
return (isset($_GET["default"]) ? "'" . implode(",", array_map(array($mysql, 'escape_string'), (array) $value)) . "'" : array_sum((array) $value));
|
||||
return (isset($_GET["default"]) ? "'" . implode(",", array_map(array($dbh, 'escape_string'), (array) $value)) . "'" : array_sum((array) $value));
|
||||
} elseif (preg_match('~binary|blob~', $field["type"])) {
|
||||
$file = get_file($idf);
|
||||
if (!is_string($file)) {
|
||||
return false; //! report errors
|
||||
}
|
||||
return "_binary'" . (is_string($file) ? $mysql->escape_string($file) : "") . "'";
|
||||
return "_binary'" . (is_string($file) ? $dbh->escape_string($file) : "") . "'";
|
||||
} elseif ($field["type"] == "timestamp" && $value == "CURRENT_TIMESTAMP") {
|
||||
return $value;
|
||||
} elseif (preg_match('~^(now|uuid)$~', $function)) {
|
||||
return "$function()";
|
||||
} elseif (preg_match('~^(\\+|-)$~', $function)) {
|
||||
return idf_escape($name) . " $function '" . $mysql->escape_string($value) . "'";
|
||||
return idf_escape($name) . " $function '" . $dbh->escape_string($value) . "'";
|
||||
} elseif (preg_match('~^(md5|sha1|password)$~', $function)) {
|
||||
return "$function('" . $mysql->escape_string($value) . "')";
|
||||
return "$function('" . $dbh->escape_string($value) . "')";
|
||||
} else {
|
||||
return "'" . $mysql->escape_string($value) . "'";
|
||||
return "'" . $dbh->escape_string($value) . "'";
|
||||
}
|
||||
}
|
||||
|
||||
@@ -96,11 +96,11 @@ function edit_type($key, $field, $collations) {
|
||||
}
|
||||
|
||||
function process_type($field, $collate = "COLLATE") {
|
||||
global $mysql, $enum_length, $unsigned;
|
||||
global $dbh, $enum_length, $unsigned;
|
||||
return " $field[type]"
|
||||
. ($field["length"] && !preg_match('~^date|time$~', $field["type"]) ? "(" . process_length($field["length"]) . ")" : "")
|
||||
. (preg_match('~int|float|double|decimal~', $field["type"]) && in_array($field["unsigned"], $unsigned) ? " $field[unsigned]" : "")
|
||||
. (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " $collate '" . $mysql->escape_string($field["collation"]) . "'" : "")
|
||||
. (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " $collate '" . $dbh->escape_string($field["collation"]) . "'" : "")
|
||||
;
|
||||
}
|
||||
|
||||
@@ -254,11 +254,11 @@ function normalize_enum($match) {
|
||||
}
|
||||
|
||||
function routine($name, $type) {
|
||||
global $mysql, $enum_length, $inout;
|
||||
global $dbh, $enum_length, $inout;
|
||||
$aliases = array("bit" => "tinyint", "bool" => "tinyint", "boolean" => "tinyint", "integer" => "int", "double precision" => "float", "real" => "float", "dec" => "decimal", "numeric" => "decimal", "fixed" => "decimal", "national char" => "char", "national varchar" => "varchar");
|
||||
$type_pattern = "([a-z]+)(?:\\s*\\(((?:[^'\")]*|$enum_length)+)\\))?\\s*(zerofill\\s*)?(unsigned(?:\\s+zerofill)?)?(?:\\s*(?:CHARSET|CHARACTER\\s+SET)\\s*['\"]?([^'\"\\s]+)['\"]?)?";
|
||||
$pattern = "\\s*(" . ($type == "FUNCTION" ? "" : implode("|", $inout)) . ")?\\s*(?:`((?:[^`]+|``)*)`\\s*|\\b(\\S+)\\s+)$type_pattern";
|
||||
$create = $mysql->result($mysql->query("SHOW CREATE $type " . idf_escape($name)), 2);
|
||||
$create = $dbh->result($dbh->query("SHOW CREATE $type " . idf_escape($name)), 2);
|
||||
preg_match("~\\(((?:$pattern\\s*,?)*)\\)" . ($type == "FUNCTION" ? "\\s*RETURNS\\s+$type_pattern" : "") . "\\s*(.*)~is", $create, $match);
|
||||
$fields = array();
|
||||
preg_match_all("~$pattern\\s*,?~is", $match[1], $matches, PREG_SET_ORDER);
|
||||
|
||||
@@ -7,17 +7,17 @@ if ($_POST && !$error) {
|
||||
query_redirect("DROP EVENT " . idf_escape($_GET["event"]), substr($SELF, 0, -1), lang('Event has been dropped.'));
|
||||
} elseif (in_array($_POST["INTERVAL_FIELD"], $intervals) && in_array($_POST["STATUS"], $statuses)) {
|
||||
$schedule = " ON SCHEDULE " . ($_POST["INTERVAL_VALUE"]
|
||||
? "EVERY '" . $mysql->escape_string($_POST["INTERVAL_VALUE"]) . "' $_POST[INTERVAL_FIELD]"
|
||||
. ($_POST["STARTS"] ? " STARTS '" . $mysql->escape_string($_POST["STARTS"]) . "'" : "")
|
||||
. ($_POST["ENDS"] ? " ENDS '" . $mysql->escape_string($_POST["ENDS"]) . "'" : "") //! ALTER EVENT doesn't drop ENDS - MySQL bug #39173
|
||||
: "AT '" . $mysql->escape_string($_POST["STARTS"]) . "'"
|
||||
? "EVERY '" . $dbh->escape_string($_POST["INTERVAL_VALUE"]) . "' $_POST[INTERVAL_FIELD]"
|
||||
. ($_POST["STARTS"] ? " STARTS '" . $dbh->escape_string($_POST["STARTS"]) . "'" : "")
|
||||
. ($_POST["ENDS"] ? " ENDS '" . $dbh->escape_string($_POST["ENDS"]) . "'" : "") //! ALTER EVENT doesn't drop ENDS - MySQL bug #39173
|
||||
: "AT '" . $dbh->escape_string($_POST["STARTS"]) . "'"
|
||||
) . " ON COMPLETION" . ($_POST["ON_COMPLETION"] ? "" : " NOT") . " PRESERVE"
|
||||
;
|
||||
query_redirect((strlen($_GET["event"])
|
||||
? "ALTER EVENT " . idf_escape($_GET["event"]) . $schedule
|
||||
. ($_GET["event"] != $_POST["EVENT_NAME"] ? " RENAME TO " . idf_escape($_POST["EVENT_NAME"]) : "")
|
||||
: "CREATE EVENT " . idf_escape($_POST["EVENT_NAME"]) . $schedule
|
||||
) . " $_POST[STATUS] COMMENT '" . $mysql->escape_string($_POST["EVENT_COMMENT"])
|
||||
) . " $_POST[STATUS] COMMENT '" . $dbh->escape_string($_POST["EVENT_COMMENT"])
|
||||
. "' DO $_POST[EVENT_DEFINITION]"
|
||||
, substr($SELF, 0, -1), (strlen($_GET["event"]) ? lang('Event has been altered.') : lang('Event has been created.')));
|
||||
}
|
||||
@@ -28,7 +28,7 @@ $row = array();
|
||||
if ($_POST) {
|
||||
$row = $_POST;
|
||||
} elseif (strlen($_GET["event"])) {
|
||||
$result = $mysql->query("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = '" . $mysql->escape_string($_GET["db"]) . "' AND EVENT_NAME = '" . $mysql->escape_string($_GET["event"]) . "'");
|
||||
$result = $dbh->query("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = '" . $dbh->escape_string($_GET["db"]) . "' AND EVENT_NAME = '" . $dbh->escape_string($_GET["event"]) . "'");
|
||||
$row = $result->fetch_assoc();
|
||||
$row["STATUS"] = $statuses[$row["STATUS"]];
|
||||
$result->free();
|
||||
|
||||
@@ -9,25 +9,25 @@ function dump_csv($row) {
|
||||
}
|
||||
|
||||
function dump_table($table, $style, $is_view = false) {
|
||||
global $mysql;
|
||||
global $dbh;
|
||||
if ($_POST["format"] == "csv") {
|
||||
echo "\xef\xbb\xbf";
|
||||
if ($style) {
|
||||
dump_csv(array_keys(fields($table)));
|
||||
}
|
||||
} elseif ($style) {
|
||||
$result = $mysql->query("SHOW CREATE TABLE " . idf_escape($table));
|
||||
$result = $dbh->query("SHOW CREATE TABLE " . idf_escape($table));
|
||||
if ($result) {
|
||||
if ($style == "DROP, CREATE") {
|
||||
echo "DROP " . ($is_view ? "VIEW" : "TABLE") . " IF EXISTS " . idf_escape($table) . ";\n";
|
||||
}
|
||||
$create = $mysql->result($result, 1);
|
||||
$create = $dbh->result($result, 1);
|
||||
$result->free();
|
||||
echo ($style != "CREATE, ALTER" ? $create : ($is_view ? substr_replace($create, " OR REPLACE", 6, 0) : substr_replace($create, " IF NOT EXISTS", 12, 0))) . ";\n\n";
|
||||
}
|
||||
if ($mysql->server_info >= 5) {
|
||||
if ($dbh->server_info >= 5) {
|
||||
if ($style == "CREATE, ALTER" && !$is_view) {
|
||||
$query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = '" . $mysql->escape_string($table) . "' ORDER BY ORDINAL_POSITION";
|
||||
$query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = '" . $dbh->escape_string($table) . "' ORDER BY ORDINAL_POSITION";
|
||||
?>
|
||||
DELIMITER ;;
|
||||
CREATE PROCEDURE phpminadmin_alter () BEGIN
|
||||
@@ -39,18 +39,18 @@ CREATE PROCEDURE phpminadmin_alter () BEGIN
|
||||
DECLARE done, set_after bool DEFAULT 0;
|
||||
DECLARE add_columns text DEFAULT '<?php
|
||||
$fields = array();
|
||||
$result = $mysql->query($query);
|
||||
$result = $dbh->query($query);
|
||||
$after = "";
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$row["default"] = (isset($row["COLUMN_DEFAULT"]) ? "'" . $mysql->escape_string($row["COLUMN_DEFAULT"]) . "'" : "NULL");
|
||||
$row["after"] = $mysql->escape_string($after); //! rgt AFTER lft, lft AFTER id doesn't work
|
||||
$row["alter"] = $mysql->escape_string(idf_escape($row["COLUMN_NAME"])
|
||||
$row["default"] = (isset($row["COLUMN_DEFAULT"]) ? "'" . $dbh->escape_string($row["COLUMN_DEFAULT"]) . "'" : "NULL");
|
||||
$row["after"] = $dbh->escape_string($after); //! rgt AFTER lft, lft AFTER id doesn't work
|
||||
$row["alter"] = $dbh->escape_string(idf_escape($row["COLUMN_NAME"])
|
||||
. " $row[COLUMN_TYPE]"
|
||||
. ($row["COLLATION_NAME"] ? " COLLATE $row[COLLATION_NAME]" : "")
|
||||
. (isset($row["COLUMN_DEFAULT"]) ? " DEFAULT $row[default]" : "")
|
||||
. ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL")
|
||||
. ($row["EXTRA"] ? " $row[EXTRA]" : "")
|
||||
. ($row["COLUMN_COMMENT"] ? " COMMENT '" . $mysql->escape_string($row["COLUMN_COMMENT"]) . "'" : "")
|
||||
. ($row["COLUMN_COMMENT"] ? " COMMENT '" . $dbh->escape_string($row["COLUMN_COMMENT"]) . "'" : "")
|
||||
. ($after ? " AFTER " . idf_escape($after) : " FIRST")
|
||||
);
|
||||
echo ", ADD $row[alter]";
|
||||
@@ -70,9 +70,9 @@ $result->free();
|
||||
CASE _column_name<?php
|
||||
foreach ($fields as $row) {
|
||||
echo "
|
||||
WHEN '" . $mysql->escape_string($row["COLUMN_NAME"]) . "' THEN
|
||||
WHEN '" . $dbh->escape_string($row["COLUMN_NAME"]) . "' THEN
|
||||
SET add_columns = REPLACE(add_columns, ', ADD $row[alter]', '');
|
||||
IF NOT (_column_default <=> $row[default]) OR _is_nullable != '$row[IS_NULLABLE]' OR _collation_name != '$row[COLLATION_NAME]' OR _column_type != '$row[COLUMN_TYPE]' OR _extra != '$row[EXTRA]' OR _column_comment != '" . $mysql->escape_string($row["COLUMN_COMMENT"]) . "' OR after != '$row[after]' THEN
|
||||
IF NOT (_column_default <=> $row[default]) OR _is_nullable != '$row[IS_NULLABLE]' OR _collation_name != '$row[COLLATION_NAME]' OR _column_type != '$row[COLUMN_TYPE]' OR _extra != '$row[EXTRA]' OR _column_comment != '" . $dbh->escape_string($row["COLUMN_COMMENT"]) . "' OR after != '$row[after]' THEN
|
||||
SET @alter_table = CONCAT(@alter_table, ', MODIFY $row[alter]');
|
||||
END IF;"; //! don't replace in comment
|
||||
}
|
||||
@@ -103,7 +103,7 @@ DROP PROCEDURE phpminadmin_alter;
|
||||
//! indexes
|
||||
}
|
||||
|
||||
$result = $mysql->query("SHOW TRIGGERS LIKE '" . $mysql->escape_string(addcslashes($table, "%_")) . "'");
|
||||
$result = $dbh->query("SHOW TRIGGERS LIKE '" . $dbh->escape_string(addcslashes($table, "%_")) . "'");
|
||||
if ($result->num_rows) {
|
||||
echo "DELIMITER ;;\n\n";
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
@@ -117,12 +117,12 @@ DROP PROCEDURE phpminadmin_alter;
|
||||
}
|
||||
|
||||
function dump_data($table, $style, $from = "") {
|
||||
global $mysql, $max_packet;
|
||||
global $dbh, $max_packet;
|
||||
if ($style) {
|
||||
if ($_POST["format"] != "csv" && $style == "TRUNCATE, INSERT") {
|
||||
echo "TRUNCATE " . idf_escape($table) . ";\n";
|
||||
}
|
||||
$result = $mysql->query("SELECT * " . ($from ? $from : "FROM " . idf_escape($table))); //! enum and set as numbers, binary as _binary, microtime
|
||||
$result = $dbh->query("SELECT * " . ($from ? $from : "FROM " . idf_escape($table))); //! enum and set as numbers, binary as _binary, microtime
|
||||
if ($result) {
|
||||
$insert = "INSERT INTO " . idf_escape($table) . " VALUES ";
|
||||
$length = 0;
|
||||
@@ -132,13 +132,13 @@ function dump_data($table, $style, $from = "") {
|
||||
} elseif ($style == "UPDATE") {
|
||||
$set = array();
|
||||
foreach ($row as $key => $val) {
|
||||
$row[$key] = (isset($val) ? "'" . $mysql->escape_string($val) . "'" : "NULL");
|
||||
$set[] = idf_escape($key) . " = " . (isset($val) ? "'" . $mysql->escape_string($val) . "'" : "NULL");
|
||||
$row[$key] = (isset($val) ? "'" . $dbh->escape_string($val) . "'" : "NULL");
|
||||
$set[] = idf_escape($key) . " = " . (isset($val) ? "'" . $dbh->escape_string($val) . "'" : "NULL");
|
||||
}
|
||||
echo "INSERT INTO " . idf_escape($table) . " (" . implode(", ", array_map('idf_escape', array_keys($row))) . ") VALUES (" . implode(", ", $row) . ") ON DUPLICATE KEY UPDATE " . implode(", ", $set) . ";\n";
|
||||
} else {
|
||||
foreach ($row as $key => $val) {
|
||||
$row[$key] = (isset($val) ? "'" . $mysql->escape_string($val) . "'" : "NULL");
|
||||
$row[$key] = (isset($val) ? "'" . $dbh->escape_string($val) . "'" : "NULL");
|
||||
}
|
||||
$s = "(" . implode(", ", $row) . ")";
|
||||
if (!$length) {
|
||||
|
||||
@@ -20,7 +20,7 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["change"] && !$_POST["change-
|
||||
page_header(lang('Foreign key'), $error, array("table" => $_GET["foreign"]), $_GET["foreign"]);
|
||||
|
||||
$tables = array();
|
||||
$result = $mysql->query("SHOW TABLE STATUS");
|
||||
$result = $dbh->query("SHOW TABLE STATUS");
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
if ($row["Engine"] == "InnoDB") {
|
||||
$tables[] = $row["Name"];
|
||||
|
||||
@@ -29,9 +29,9 @@ function optionlist($options, $selected = null) {
|
||||
}
|
||||
|
||||
function get_vals($query) {
|
||||
global $mysql;
|
||||
global $dbh;
|
||||
$return = array();
|
||||
$result = $mysql->query($query);
|
||||
$result = $dbh->query($query);
|
||||
if ($result) {
|
||||
while ($row = $result->fetch_row()) {
|
||||
$return[] = $row[0];
|
||||
@@ -51,17 +51,17 @@ function get_databases() {
|
||||
}
|
||||
|
||||
function table_status($table) {
|
||||
global $mysql;
|
||||
$result = $mysql->query("SHOW TABLE STATUS LIKE '" . $mysql->escape_string(addcslashes($table, "%_")) . "'");
|
||||
global $dbh;
|
||||
$result = $dbh->query("SHOW TABLE STATUS LIKE '" . $dbh->escape_string(addcslashes($table, "%_")) . "'");
|
||||
$return = $result->fetch_assoc();
|
||||
$result->free();
|
||||
return $return;
|
||||
}
|
||||
|
||||
function fields($table) {
|
||||
global $mysql;
|
||||
global $dbh;
|
||||
$return = array();
|
||||
$result = $mysql->query("SHOW FULL COLUMNS FROM " . idf_escape($table));
|
||||
$result = $dbh->query("SHOW FULL COLUMNS FROM " . idf_escape($table));
|
||||
if ($result) {
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
preg_match('~^([^( ]+)(?:\\((.+)\\))?( unsigned)?( zerofill)?$~', $row["Type"], $match);
|
||||
@@ -85,9 +85,9 @@ function fields($table) {
|
||||
}
|
||||
|
||||
function indexes($table) {
|
||||
global $mysql;
|
||||
global $dbh;
|
||||
$return = array();
|
||||
$result = $mysql->query("SHOW INDEX FROM " . idf_escape($table));
|
||||
$result = $dbh->query("SHOW INDEX FROM " . idf_escape($table));
|
||||
if ($result) {
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$return[$row["Key_name"]]["type"] = ($row["Key_name"] == "PRIMARY" ? "PRIMARY" : ($row["Index_type"] == "FULLTEXT" ? "FULLTEXT" : ($row["Non_unique"] ? "INDEX" : "UNIQUE")));
|
||||
@@ -100,12 +100,12 @@ function indexes($table) {
|
||||
}
|
||||
|
||||
function foreign_keys($table) {
|
||||
global $mysql, $on_actions;
|
||||
global $dbh, $on_actions;
|
||||
static $pattern = '(?:[^`]+|``)+';
|
||||
$return = array();
|
||||
$result = $mysql->query("SHOW CREATE TABLE " . idf_escape($table));
|
||||
$result = $dbh->query("SHOW CREATE TABLE " . idf_escape($table));
|
||||
if ($result) {
|
||||
$create_table = $mysql->result($result, 1);
|
||||
$create_table = $dbh->result($result, 1);
|
||||
$result->free();
|
||||
preg_match_all("~CONSTRAINT `($pattern)` FOREIGN KEY \\(((?:`$pattern`,? ?)+)\\) REFERENCES `($pattern)`(?:\\.`($pattern)`)? \\(((?:`$pattern`,? ?)+)\\)(?: ON DELETE (" . implode("|", $on_actions) . "))?(?: ON UPDATE (" . implode("|", $on_actions) . "))?~", $create_table, $matches, PREG_SET_ORDER);
|
||||
foreach ($matches as $match) {
|
||||
@@ -125,8 +125,8 @@ function foreign_keys($table) {
|
||||
}
|
||||
|
||||
function view($name) {
|
||||
global $mysql;
|
||||
return array("select" => preg_replace('~^(?:[^`]+|`[^`]*`)* AS ~U', '', $mysql->result($mysql->query("SHOW CREATE VIEW " . idf_escape($name)), 1)));
|
||||
global $dbh;
|
||||
return array("select" => preg_replace('~^(?:[^`]+|`[^`]*`)* AS ~U', '', $dbh->result($dbh->query("SHOW CREATE VIEW " . idf_escape($name)), 1)));
|
||||
}
|
||||
|
||||
function unique_idf($row, $indexes) {
|
||||
@@ -150,11 +150,11 @@ function unique_idf($row, $indexes) {
|
||||
}
|
||||
|
||||
function where($where) {
|
||||
global $mysql;
|
||||
global $dbh;
|
||||
$return = array();
|
||||
foreach ((array) $where["where"] as $key => $val) {
|
||||
$key = bracket_escape($key, "back");
|
||||
$return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]+|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " = BINARY '" . $mysql->escape_string($val) . "'"; //! enum and set, columns looking like functions
|
||||
$return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]+|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " = BINARY '" . $dbh->escape_string($val) . "'"; //! enum and set, columns looking like functions
|
||||
}
|
||||
foreach ((array) $where["null"] as $key) {
|
||||
$key = bracket_escape($key, "back");
|
||||
@@ -169,9 +169,9 @@ function process_length($length) {
|
||||
}
|
||||
|
||||
function collations() {
|
||||
global $mysql;
|
||||
global $dbh;
|
||||
$return = array();
|
||||
$result = $mysql->query("SHOW COLLATION");
|
||||
$result = $dbh->query("SHOW COLLATION");
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
if ($row["Default"] && $return[$row["Charset"]]) {
|
||||
array_unshift($return[$row["Charset"]], $row["Collation"]);
|
||||
@@ -195,14 +195,14 @@ function redirect($location, $message = null) {
|
||||
}
|
||||
|
||||
function query_redirect($query, $location, $message, $redirect = true, $execute = true, $failed = false) {
|
||||
global $mysql, $error, $SELF;
|
||||
global $dbh, $error, $SELF;
|
||||
$id = "sql-" . count($_SESSION["messages"]);
|
||||
$sql = ($query ? " <a href='#$id' onclick=\"return !toggle('$id');\">" . lang('SQL command') . "</a><span id='$id' class='hidden'><br /><code class='jush-sql'>" . htmlspecialchars($query) . '</code> <a href="' . htmlspecialchars($SELF) . 'sql=' . urlencode($query) . '">' . lang('Edit') . '</a></span>' : "");
|
||||
if ($execute) {
|
||||
$failed = !$mysql->query($query);
|
||||
$failed = !$dbh->query($query);
|
||||
}
|
||||
if ($failed) {
|
||||
$error = htmlspecialchars($mysql->error) . $sql;
|
||||
$error = htmlspecialchars($dbh->error) . $sql;
|
||||
return false;
|
||||
}
|
||||
if ($redirect) {
|
||||
@@ -212,13 +212,13 @@ function query_redirect($query, $location, $message, $redirect = true, $execute
|
||||
}
|
||||
|
||||
function queries($query = null) {
|
||||
global $mysql;
|
||||
global $dbh;
|
||||
static $queries = array();
|
||||
if (!isset($query)) {
|
||||
return implode(";\n", $queries);
|
||||
}
|
||||
$queries[] = $query;
|
||||
return $mysql->query($query);
|
||||
return $dbh->query($query);
|
||||
}
|
||||
|
||||
function remove_from_uri($param = "") {
|
||||
|
||||
@@ -174,7 +174,7 @@ if (isset($_GET["download"])) {
|
||||
echo '<p><a href="' . htmlspecialchars($SELF) . 'schema=">' . lang('Database schema') . "</a></p>\n";
|
||||
|
||||
echo "<h3>" . lang('Tables and views') . "</h3>\n";
|
||||
$result = $mysql->query("SHOW TABLE STATUS");
|
||||
$result = $dbh->query("SHOW TABLE STATUS");
|
||||
if (!$result->num_rows) {
|
||||
echo "<p class='message'>" . lang('No tables.') . "</p>\n";
|
||||
} else {
|
||||
@@ -198,10 +198,10 @@ if (isset($_GET["download"])) {
|
||||
}
|
||||
$result->free();
|
||||
|
||||
if ($mysql->server_info >= 5) {
|
||||
if ($dbh->server_info >= 5) {
|
||||
echo '<p><a href="' . htmlspecialchars($SELF) . 'createv=">' . lang('Create view') . "</a></p>\n";
|
||||
echo "<h3>" . lang('Routines') . "</h3>\n";
|
||||
$result = $mysql->query("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = '" . $mysql->escape_string($_GET["db"]) . "'");
|
||||
$result = $dbh->query("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = '" . $dbh->escape_string($_GET["db"]) . "'");
|
||||
if ($result->num_rows) {
|
||||
echo "<table cellspacing='0'>\n";
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
@@ -217,7 +217,7 @@ if (isset($_GET["download"])) {
|
||||
echo '<p><a href="' . htmlspecialchars($SELF) . 'procedure=">' . lang('Create procedure') . '</a> <a href="' . htmlspecialchars($SELF) . 'function=">' . lang('Create function') . "</a></p>\n";
|
||||
}
|
||||
|
||||
if ($mysql->server_info >= 5.1 && ($result = $mysql->query("SHOW EVENTS"))) {
|
||||
if ($dbh->server_info >= 5.1 && ($result = $dbh->query("SHOW EVENTS"))) {
|
||||
echo "<h3>" . lang('Events') . "</h3>\n";
|
||||
if ($result->num_rows) {
|
||||
echo "<table cellspacing='0'>\n";
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
<?php
|
||||
page_header(lang('Privileges'));
|
||||
echo '<p><a href="' . htmlspecialchars($SELF) . 'user=">' . lang('Create user') . "</a></p>";
|
||||
$result = $mysql->query("SELECT User, Host FROM mysql.user ORDER BY Host, User");
|
||||
$result = $dbh->query("SELECT User, Host FROM mysql.user ORDER BY Host, User");
|
||||
if (!$result) {
|
||||
?>
|
||||
<form action=""><p>
|
||||
@@ -12,7 +12,7 @@ if (!$result) {
|
||||
<input type="submit" value="<?php echo lang('Edit'); ?>" />
|
||||
</p></form>
|
||||
<?php
|
||||
$result = $mysql->query("SELECT SUBSTRING_INDEX(CURRENT_USER, '@', 1) AS User, SUBSTRING_INDEX(CURRENT_USER, '@', -1) AS Host");
|
||||
$result = $dbh->query("SELECT SUBSTRING_INDEX(CURRENT_USER, '@', 1) AS User, SUBSTRING_INDEX(CURRENT_USER, '@', -1) AS Host");
|
||||
}
|
||||
echo "<table cellspacing='0'>\n";
|
||||
echo "<thead><tr><th> </th><th>" . lang('Username') . "</th><th>" . lang('Server') . "</th></tr></thead>\n";
|
||||
|
||||
@@ -14,7 +14,7 @@ page_header(lang('Process list'), $error);
|
||||
<form action="" method="post">
|
||||
<table cellspacing="0">
|
||||
<?php
|
||||
$result = $mysql->query("SHOW PROCESSLIST");
|
||||
$result = $dbh->query("SHOW PROCESSLIST");
|
||||
for ($i=0; $row = $result->fetch_assoc(); $i++) {
|
||||
if (!$i) {
|
||||
echo "<thead><tr lang='en'><th> </th><th>" . implode("</th><th>", array_keys($row)) . "</th></tr></thead>\n";
|
||||
|
||||
@@ -14,7 +14,7 @@ $base_left = -1;
|
||||
$schema = array();
|
||||
$referenced = array();
|
||||
$lefts = array();
|
||||
$result = $mysql->query("SHOW TABLE STATUS");
|
||||
$result = $dbh->query("SHOW TABLE STATUS");
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
if (!isset($row["Engine"])) { // view
|
||||
continue;
|
||||
|
||||
@@ -34,17 +34,17 @@ foreach ((array) $_GET["columns"] as $key => $val) {
|
||||
$where = array();
|
||||
foreach ($indexes as $i => $index) {
|
||||
if ($index["type"] == "FULLTEXT" && strlen($_GET["fulltext"][$i])) {
|
||||
$where[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST ('" . $mysql->escape_string($_GET["fulltext"][$i]) . "'" . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
|
||||
$where[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST ('" . $dbh->escape_string($_GET["fulltext"][$i]) . "'" . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
|
||||
}
|
||||
}
|
||||
foreach ((array) $_GET["where"] as $val) {
|
||||
if (strlen("$val[col]$val[val]") && in_array($val["op"], $operators)) {
|
||||
if ($val["op"] == "AGAINST") {
|
||||
$where[] = "MATCH (" . idf_escape($val["col"]) . ") AGAINST ('" . $mysql->escape_string($val["val"]) . "' IN BOOLEAN MODE)";
|
||||
$where[] = "MATCH (" . idf_escape($val["col"]) . ") AGAINST ('" . $dbh->escape_string($val["val"]) . "' IN BOOLEAN MODE)";
|
||||
} elseif (ereg('IN$', $val["op"]) && !strlen($in = process_length($val["val"]))) {
|
||||
$where[] = "0";
|
||||
} else {
|
||||
$cond = " $val[op]" . (ereg('NULL$', $val["op"]) ? "" : (ereg('IN$', $val["op"]) ? " ($in)" : " '" . $mysql->escape_string($val["val"]) . "'")); //! this searches in numeric values too
|
||||
$cond = " $val[op]" . (ereg('NULL$', $val["op"]) ? "" : (ereg('IN$', $val["op"]) ? " ($in)" : " '" . $dbh->escape_string($val["val"]) . "'")); //! this searches in numeric values too
|
||||
if (strlen($val["col"])) {
|
||||
$where[] = idf_escape($val["col"]) . $cond;
|
||||
} else {
|
||||
@@ -102,7 +102,7 @@ if ($_POST && !$error) {
|
||||
// nothing
|
||||
} elseif ($_POST["all"]) {
|
||||
$result = queries($command . ($where ? " WHERE " . implode(" AND ", $where) : ""));
|
||||
$affected = $mysql->affected_rows;
|
||||
$affected = $dbh->affected_rows;
|
||||
} else {
|
||||
foreach ((array) $_POST["check"] as $val) {
|
||||
parse_str($val, $check);
|
||||
@@ -110,7 +110,7 @@ if ($_POST && !$error) {
|
||||
if (!$result) {
|
||||
break;
|
||||
}
|
||||
$affected += $mysql->affected_rows;
|
||||
$affected += $dbh->affected_rows;
|
||||
}
|
||||
}
|
||||
query_redirect(queries(), remove_from_uri("page"), lang('%d item(s) have been affected.', $affected), $result, false, !$result);
|
||||
@@ -127,13 +127,13 @@ if ($_POST && !$error) {
|
||||
$cols = " (" . implode(", ", array_map('idf_escape', $matches2[1])) . ")";
|
||||
} else {
|
||||
foreach ($matches2[1] as $col) {
|
||||
$row[] = (!strlen($col) ? "NULL" : "'" . $mysql->escape_string(str_replace('""', '"', preg_replace('~^".*"$~s', '', $col))) . "'");
|
||||
$row[] = (!strlen($col) ? "NULL" : "'" . $dbh->escape_string(str_replace('""', '"', preg_replace('~^".*"$~s', '', $col))) . "'");
|
||||
}
|
||||
$rows[] = "(" . implode(", ", $row) . ")";
|
||||
}
|
||||
}
|
||||
$result = queries("INSERT INTO " . idf_escape($_GET["select"]) . "$cols VALUES " . implode(", ", $rows));
|
||||
query_redirect(queries(), remove_from_uri("page"), lang('%d row(s) has been imported.', $mysql->affected_rows), $result, false, !$result);
|
||||
query_redirect(queries(), remove_from_uri("page"), lang('%d row(s) has been imported.', $dbh->affected_rows), $result, false, !$result);
|
||||
} else {
|
||||
$error = lang('Unable to upload a file.');
|
||||
}
|
||||
@@ -149,7 +149,7 @@ echo '<a href="' . htmlspecialchars($SELF) . 'table=' . urlencode($_GET['select'
|
||||
echo "</p>\n";
|
||||
|
||||
if (!$columns) {
|
||||
echo "<p class='error'>" . lang('Unable to select the table') . ($fields ? "" : ": " . htmlspecialchars($mysql->error)) . ".</p>\n";
|
||||
echo "<p class='error'>" . lang('Unable to select the table') . ($fields ? "" : ": " . htmlspecialchars($dbh->error)) . ".</p>\n";
|
||||
} else {
|
||||
echo "<form action='' id='form'>\n";
|
||||
?>
|
||||
@@ -255,9 +255,9 @@ for (var i=0; <?php echo $i; ?> > i; i++) {
|
||||
$query = "SELECT " . ($select ? (count($group) < count($select) ? "SQL_CALC_FOUND_ROWS " : "") . implode(", ", $select) : "*") . " $from";
|
||||
echo "<p><code class='jush-sql'>" . htmlspecialchars($query) . "</code> <a href='" . htmlspecialchars($SELF) . "sql=" . urlencode($query) . "'>" . lang('Edit') . "</a></p>\n";
|
||||
|
||||
$result = $mysql->query($query);
|
||||
$result = $dbh->query($query);
|
||||
if (!$result) {
|
||||
echo "<p class='error'>" . htmlspecialchars($mysql->error) . "</p>\n";
|
||||
echo "<p class='error'>" . htmlspecialchars($dbh->error) . "</p>\n";
|
||||
} else {
|
||||
echo "<form action='' method='post' enctype='multipart/form-data'>\n";
|
||||
if (!$result->num_rows) {
|
||||
@@ -315,7 +315,7 @@ for (var i=0; <?php echo $i; ?> > i; i++) {
|
||||
echo "</table>\n";
|
||||
|
||||
echo "<p>";
|
||||
$found_rows = (intval($limit) ? $mysql->result($mysql->query(count($group) < count($select) ? " SELECT FOUND_ROWS()" : "SELECT COUNT(*) FROM " . idf_escape($_GET["select"]) . ($where ? " WHERE " . implode(" AND ", $where) : ""))) : $result->num_rows);
|
||||
$found_rows = (intval($limit) ? $dbh->result($dbh->query(count($group) < count($select) ? " SELECT FOUND_ROWS()" : "SELECT COUNT(*) FROM " . idf_escape($_GET["select"]) . ($where ? " WHERE " . implode(" AND ", $where) : ""))) : $result->num_rows);
|
||||
if (intval($limit) && $found_rows > $limit) {
|
||||
$max_page = floor(($found_rows - 1) / $limit);
|
||||
echo lang('Page') . ":";
|
||||
|
||||
10
sql.inc.php
10
sql.inc.php
@@ -27,23 +27,23 @@ if (!$error && $_POST) {
|
||||
echo "<pre class='jush-sql'>" . htmlspecialchars(substr($query, 0, $match[0][1])) . "</pre>\n";
|
||||
flush();
|
||||
//! don't allow changing of character_set_results, convert encoding of displayed query
|
||||
if (!$mysql->multi_query(substr($query, 0, $match[0][1]))) {
|
||||
echo "<p class='error'>" . lang('Error in query') . ": " . htmlspecialchars($mysql->error) . "</p>\n";
|
||||
if (!$dbh->multi_query(substr($query, 0, $match[0][1]))) {
|
||||
echo "<p class='error'>" . lang('Error in query') . ": " . htmlspecialchars($dbh->error) . "</p>\n";
|
||||
if ($_POST["error_stops"]) {
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
do {
|
||||
$result = $mysql->store_result();
|
||||
$result = $dbh->store_result();
|
||||
if (is_object($result)) {
|
||||
select($result);
|
||||
} else {
|
||||
if (preg_match("~^$space*(CREATE|DROP)$space+(DATABASE|SCHEMA)\\b~isU", $query)) {
|
||||
unset($_SESSION["databases"][$_GET["server"]]);
|
||||
}
|
||||
echo "<p class='message'>" . lang('Query executed OK, %d row(s) affected.', $mysql->affected_rows) . "</p>\n";
|
||||
echo "<p class='message'>" . lang('Query executed OK, %d row(s) affected.', $dbh->affected_rows) . "</p>\n";
|
||||
}
|
||||
} while ($mysql->next_result());
|
||||
} while ($dbh->next_result());
|
||||
}
|
||||
$query = substr($query, $match[0][1] + strlen($match[0][0]));
|
||||
$offset = 0;
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
<?php
|
||||
$result = $mysql->query("SHOW COLUMNS FROM " . idf_escape($_GET["table"]));
|
||||
$result = $dbh->query("SHOW COLUMNS FROM " . idf_escape($_GET["table"]));
|
||||
if (!$result) {
|
||||
$error = htmlspecialchars($mysql->error);
|
||||
$error = htmlspecialchars($dbh->error);
|
||||
}
|
||||
page_header(lang('Table') . ": " . htmlspecialchars($_GET["table"]), $error);
|
||||
|
||||
@@ -61,9 +61,9 @@ if ($result) {
|
||||
}
|
||||
}
|
||||
|
||||
if ($mysql->server_info >= 5) {
|
||||
if ($dbh->server_info >= 5) {
|
||||
echo "<h3>" . lang('Triggers') . "</h3>\n";
|
||||
$result = $mysql->query("SHOW TRIGGERS LIKE '" . $mysql->escape_string(addcslashes($_GET["table"], "%_")) . "'");
|
||||
$result = $dbh->query("SHOW TRIGGERS LIKE '" . $dbh->escape_string(addcslashes($_GET["table"], "%_")) . "'");
|
||||
if ($result->num_rows) {
|
||||
echo "<table cellspacing='0'>\n";
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
|
||||
@@ -19,7 +19,7 @@ $row = array("Trigger" => "$_GET[trigger]_bi");
|
||||
if ($_POST) {
|
||||
$row = $_POST;
|
||||
} elseif (strlen($_GET["name"])) {
|
||||
$result = $mysql->query("SHOW TRIGGERS LIKE '" . $mysql->escape_string(addcslashes($_GET["trigger"], "%_")) . "'");
|
||||
$result = $dbh->query("SHOW TRIGGERS LIKE '" . $dbh->escape_string(addcslashes($_GET["trigger"], "%_")) . "'");
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
if ($row["Trigger"] === $_GET["name"]) {
|
||||
break;
|
||||
|
||||
28
user.inc.php
28
user.inc.php
@@ -1,6 +1,6 @@
|
||||
<?php
|
||||
$privileges = array();
|
||||
$result = $mysql->query("SHOW PRIVILEGES");
|
||||
$result = $dbh->query("SHOW PRIVILEGES");
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
foreach (explode(",", $row["Context"]) as $context) {
|
||||
$privileges[$context][$row["Privilege"]] = $row["Comment"];
|
||||
@@ -35,7 +35,7 @@ if ($_POST) {
|
||||
}
|
||||
$grants = array();
|
||||
$old_pass = "";
|
||||
if (isset($_GET["host"]) && ($result = $mysql->query("SHOW GRANTS FOR '" . $mysql->escape_string($_GET["user"]) . "'@'" . $mysql->escape_string($_GET["host"]) . "'"))) { //! Use information_schema for MySQL 5 - column names in column privileges are not escaped
|
||||
if (isset($_GET["host"]) && ($result = $dbh->query("SHOW GRANTS FOR '" . $dbh->escape_string($_GET["user"]) . "'@'" . $dbh->escape_string($_GET["host"]) . "'"))) { //! Use information_schema for MySQL 5 - column names in column privileges are not escaped
|
||||
while ($row = $result->fetch_row()) {
|
||||
if (preg_match('~GRANT (.*) ON (.*) TO ~', $row[0], $match)) { //! escape the part between ON and TO
|
||||
if ($match[1] == "ALL PRIVILEGES") {
|
||||
@@ -64,14 +64,14 @@ if (isset($_GET["host"]) && ($result = $mysql->query("SHOW GRANTS FOR '" . $mysq
|
||||
}
|
||||
|
||||
if ($_POST && !$error) {
|
||||
$old_user = (isset($_GET["host"]) ? $mysql->escape_string($_GET["user"]) . "'@'" . $mysql->escape_string($_GET["host"]) : "");
|
||||
$new_user = $mysql->escape_string($_POST["user"]) . "'@'" . $mysql->escape_string($_POST["host"]);
|
||||
$pass = $mysql->escape_string($_POST["pass"]);
|
||||
$old_user = (isset($_GET["host"]) ? $dbh->escape_string($_GET["user"]) . "'@'" . $dbh->escape_string($_GET["host"]) : "");
|
||||
$new_user = $dbh->escape_string($_POST["user"]) . "'@'" . $dbh->escape_string($_POST["host"]);
|
||||
$pass = $dbh->escape_string($_POST["pass"]);
|
||||
if ($_POST["drop"]) {
|
||||
query_redirect("DROP USER '$old_user'", $SELF . "privileges=", lang('User has been dropped.'));
|
||||
} elseif ($old_user == $new_user || $mysql->query(($mysql->server_info < 5 ? "GRANT USAGE ON *.* TO" : "CREATE USER") . " '$new_user' IDENTIFIED BY" . ($_POST["hashed"] ? " PASSWORD" : "") . " '$pass'")) {
|
||||
} elseif ($old_user == $new_user || $dbh->query(($dbh->server_info < 5 ? "GRANT USAGE ON *.* TO" : "CREATE USER") . " '$new_user' IDENTIFIED BY" . ($_POST["hashed"] ? " PASSWORD" : "") . " '$pass'")) {
|
||||
if ($old_user == $new_user) {
|
||||
$mysql->query("SET PASSWORD FOR '$new_user' = " . ($_POST["hashed"] ? "'$pass'" : "PASSWORD('$pass')"));
|
||||
$dbh->query("SET PASSWORD FOR '$new_user' = " . ($_POST["hashed"] ? "'$pass'" : "PASSWORD('$pass')"));
|
||||
}
|
||||
$revoke = array();
|
||||
foreach ($new_grants as $object => $grant) {
|
||||
@@ -88,23 +88,23 @@ if ($_POST && !$error) {
|
||||
unset($grants[$object]);
|
||||
}
|
||||
if (preg_match('~^(.+)(\\(.*\\))?$~U', $object, $match) && (
|
||||
($grant && !$mysql->query("GRANT " . implode("$match[2], ", $grant) . "$match[2] ON $match[1] TO '$new_user'")) //! SQL injection
|
||||
|| ($revoke && !$mysql->query("REVOKE " . implode("$match[2], ", $revoke) . "$match[2] ON $match[1] FROM '$new_user'"))
|
||||
($grant && !$dbh->query("GRANT " . implode("$match[2], ", $grant) . "$match[2] ON $match[1] TO '$new_user'")) //! SQL injection
|
||||
|| ($revoke && !$dbh->query("REVOKE " . implode("$match[2], ", $revoke) . "$match[2] ON $match[1] FROM '$new_user'"))
|
||||
)) {
|
||||
$error = htmlspecialchars($mysql->error);
|
||||
$error = htmlspecialchars($dbh->error);
|
||||
if ($old_user != $new_user) {
|
||||
$mysql->query("DROP USER '$new_user'");
|
||||
$dbh->query("DROP USER '$new_user'");
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (!$error) {
|
||||
if (isset($_GET["host"]) && $old_user != $new_user) {
|
||||
$mysql->query("DROP USER '$old_user'");
|
||||
$dbh->query("DROP USER '$old_user'");
|
||||
} elseif (!isset($_GET["grant"])) {
|
||||
foreach ($grants as $object => $revoke) {
|
||||
if (preg_match('~^(.+)(\\(.*\\))?$~U', $object, $match)) {
|
||||
$mysql->query("REVOKE " . implode("$match[2], ", array_keys($revoke)) . "$match[2] ON $match[1] FROM '$new_user'");
|
||||
$dbh->query("REVOKE " . implode("$match[2], ", array_keys($revoke)) . "$match[2] ON $match[1] FROM '$new_user'");
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -112,7 +112,7 @@ if ($_POST && !$error) {
|
||||
}
|
||||
}
|
||||
if (!$error) {
|
||||
$error = htmlspecialchars($mysql->error);
|
||||
$error = htmlspecialchars($dbh->error);
|
||||
}
|
||||
}
|
||||
page_header((isset($_GET["host"]) ? lang('Username') . ": " . htmlspecialchars("$_GET[user]@$_GET[host]") : lang('Create user')), $error, array("privileges" => lang('Privileges')));
|
||||
|
||||
Reference in New Issue
Block a user