mirror/php-adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2025-08-17 20:01:25 +02:00
Code Issues Releases Wiki Activity

Merge from master

Browse Source
This commit is contained in:
Jakub Vrana
2010-11-12 17:31:18 +01:00
parent d8c7ea9837 af0cacba90
commit 9802869d0a
56 changed files with 1452 additions and 719 deletions
Download Patch File Download Diff File Expand all files Collapse all files

240
adminer/include/adminer.inc.php
View File

@@ -36,7 +36,8 @@ class Adminer {
* @return null
*/
function headers() {
header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox NoScript plugin
header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox 3.6.9
header("X-XSS-Protection: 0"); // prevents introducing XSS in IE8 by removing safe parts of the page
}
/** Print login form
@@ -107,6 +108,14 @@ document.getElementById('username').focus();
echo "\n";
}
/** Get foreign keys for table
* @param string
* @return array same format as foreign_keys()
*/
function foreignKeys($table) {
return foreign_keys($table);
}
/** Find backward keys for table
* @param string
* @param string
@@ -130,7 +139,7 @@ document.getElementById('username').focus();
*/
function selectQuery($query) {
global $jush;
return "<p><a href='" . h(remove_from_uri("page")) . "&amp;page=last' title='" . lang('Page') . ": " . lang('last') . "' onclick='return !ajaxMain(this.href, undefined, event);'>&gt;&gt;</a> <code class='jush-$jush'>" . h(str_replace("\n", " ", $query)) . "</code> <a href='" . h(ME) . "sql=" . urlencode($query) . "'>" . lang('Edit') . "</a>\n";
return "<p><a href='" . h(remove_from_uri("page")) . "&amp;page=last' title='" . lang('Last page') . "' onclick='return !ajaxMain(this.href, undefined, event);'>&gt;&gt;</a> <code class='jush-$jush'>" . h(str_replace("\n", " ", $query)) . "</code> <a href='" . h(ME) . "sql=" . urlencode($query) . "'>" . lang('Edit') . "</a>\n";
}
/** Description of a row in a table
@@ -157,7 +166,7 @@ document.getElementById('username').focus();
* @return string
*/
function selectVal($val, $link, $field) {
$return = ($val != "<i>NULL</i>" && ereg("^char|binary", $field["type"]) ? "<code>$val</code>" : $val);
$return = ($val != "<i>NULL</i>" && ereg("char|binary", $field["type"]) && !ereg("var", $field["type"]) ? "<code>$val</code>" : $val);
if (ereg('blob|bytea|raw|file', $field["type"]) && !is_utf8($val)) {
$return = lang('%d byte(s)', strlen(html_entity_decode($val, ENT_QUOTES)));
}
@@ -429,8 +438,10 @@ document.getElementById('username').focus();
*/
function editInput($table, $field, $attrs, $value) {
if ($field["type"] == "enum") {
return ($field["null"] ? "<label><input type='radio'$attrs value=''" . (isset($value) || isset($_GET["select"]) ? "" : " checked") . "><i>NULL</i></label> " : "")
return (isset($_GET["select"]) ? "<label><input type='radio'$attrs value='-1' checked><i>" . lang('original') . "</i></label> " : "")
. ($field["null"] ? "<label><input type='radio'$attrs value=''" . (isset($value) || isset($_GET["select"]) ? "" : " checked") . "><i>NULL</i></label> " : "")
. "<label><input type='radio'$attrs value='0'" . ($value === 0 ? " checked" : "") . "><i>" . lang('empty') . "</i></label>"
. enum_input("radio", $attrs, $field, $value)
;
}
return "";
@@ -452,7 +463,7 @@ document.getElementById('username').focus();
} elseif (ereg('^([+-]|\\|\\|)$', $function)) {
$return = idf_escape($name) . " $function $return";
} elseif (ereg('^[+-] interval$', $function)) {
$return = idf_escape($name) . " $function " . (preg_match("~^([0-9]+|'[0-9.: -]') [A-Z_]+$~i", $value) ? $value : $return);
$return = idf_escape($name) . " $function " . (preg_match("~^(\\d+|'[0-9.: -]') [A-Z_]+$~i", $value) ? $value : $return);
} elseif (ereg('^(addtime|subtime|concat)$', $function)) {
$return = "$function(" . idf_escape($name) . ", $return)";
} elseif (ereg('^(md5|sha1|password|encrypt|hex)$', $function)) {
@@ -465,11 +476,9 @@ document.getElementById('username').focus();
}
/** Returns export output options
* @param bool generate select (otherwise radio)
* @param string
* @return string
* @return array
*/
function dumpOutput($select, $value = "") {
function dumpOutput() {
$return = array('text' => lang('open'), 'file' => lang('save'));
if (function_exists('gzencode')) {
$return['gz'] = 'gzip';
@@ -478,16 +487,199 @@ document.getElementById('username').focus();
$return['bz2'] = 'bzip2';
}
// ZipArchive requires temporary file, ZIP can be created by gzcompress - see PEAR File_Archive
return html_select("output", $return, $value, $select);
return $return;
}
/** Returns export format options
* @param bool generate select (otherwise radio)
* @param string
* @return string
* @return array
*/
function dumpFormat($select, $value = "") {
return html_select("format", array('sql' => 'SQL', 'csv' => 'CSV,', 'csv;' => 'CSV;'), $value, $select);
function dumpFormat() {
return array('sql' => 'SQL', 'csv' => 'CSV,', 'csv;' => 'CSV;', 'tsv' => 'TSV');
}
/** Export table structure
* @param string
* @param string
* @param bool
* @return null prints data
*/
function dumpTable($table, $style, $is_view = false) {
if ($_POST["format"] != "sql") {
echo "\xef\xbb\xbf"; // UTF-8 byte order mark
if ($style) {
dump_csv(array_keys(fields($table)));
}
} elseif ($style) {
$create = create_sql($table, $_POST["auto_increment"]);
if ($create) {
if ($style == "DROP+CREATE") {
echo "DROP " . ($is_view ? "VIEW" : "TABLE") . " IF EXISTS " . table($table) . ";\n";
}
if ($is_view) {
// remove DEFINER with current user
$create = preg_replace('~^([A-Z =]+) DEFINER=`' . str_replace("@", "`@`", logged_user()) . '`~', '\\1', $create); //! proper escaping of user
}
echo ($style != "CREATE+ALTER" ? $create : ($is_view ? substr_replace($create, " OR REPLACE", 6, 0) : substr_replace($create, " IF NOT EXISTS", 12, 0))) . ";\n\n";
}
if ($style == "CREATE+ALTER" && !$is_view) {
// create procedure which iterates over original columns and adds new and removes old
$query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = " . q($table) . " ORDER BY ORDINAL_POSITION";
echo "DELIMITER ;;
CREATE PROCEDURE adminer_alter (INOUT alter_command text) BEGIN
DECLARE _column_name, _collation_name, after varchar(64) DEFAULT '';
DECLARE _column_type, _column_default text;
DECLARE _is_nullable char(3);
DECLARE _extra varchar(30);
DECLARE _column_comment varchar(255);
DECLARE done, set_after bool DEFAULT 0;
DECLARE add_columns text DEFAULT '";
$fields = array();
$after = "";
foreach (get_rows($query) as $row) {
$default = $row["COLUMN_DEFAULT"];
$row["default"] = (isset($default) ? q($default) : "NULL");
$row["after"] = q($after); //! rgt AFTER lft, lft AFTER id doesn't work
$row["alter"] = escape_string(idf_escape($row["COLUMN_NAME"])
. " $row[COLUMN_TYPE]"
. ($row["COLLATION_NAME"] ? " COLLATE $row[COLLATION_NAME]" : "")
. (isset($default) ? " DEFAULT " . ($default == "CURRENT_TIMESTAMP" ? $default : $row["default"]) : "")
. ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL")
. ($row["EXTRA"] ? " $row[EXTRA]" : "")
. ($row["COLUMN_COMMENT"] ? " COMMENT " . q($row["COLUMN_COMMENT"]) : "")
. ($after ? " AFTER " . idf_escape($after) : " FIRST")
);
echo ", ADD $row[alter]";
$fields[] = $row;
$after = $row["COLUMN_NAME"];
}
echo "';
DECLARE columns CURSOR FOR $query;
DECLARE CONTINUE HANDLER FOR NOT FOUND SET done = 1;
SET @alter_table = '';
OPEN columns;
REPEAT
FETCH columns INTO _column_name, _column_default, _is_nullable, _collation_name, _column_type, _extra, _column_comment;
IF NOT done THEN
SET set_after = 1;
CASE _column_name";
foreach ($fields as $row) {
echo "
WHEN " . q($row["COLUMN_NAME"]) . " THEN
SET add_columns = REPLACE(add_columns, ', ADD $row[alter]', '');
IF NOT (_column_default <=> $row[default]) OR _is_nullable != '$row[IS_NULLABLE]' OR _collation_name != '$row[COLLATION_NAME]' OR _column_type != " . q($row["COLUMN_TYPE"]) . " OR _extra != '$row[EXTRA]' OR _column_comment != " . q($row["COLUMN_COMMENT"]) . " OR after != $row[after] THEN
SET @alter_table = CONCAT(@alter_table, ', MODIFY $row[alter]');
END IF;"; //! don't replace in comment
}
echo "
ELSE
SET @alter_table = CONCAT(@alter_table, ', DROP ', _column_name);
SET set_after = 0;
END CASE;
IF set_after THEN
SET after = _column_name;
END IF;
END IF;
UNTIL done END REPEAT;
CLOSE columns;
IF @alter_table != '' OR add_columns != '' THEN
SET alter_command = CONCAT(alter_command, 'ALTER TABLE " . table($table) . "', SUBSTR(CONCAT(add_columns, @alter_table), 2), ';\\n');
END IF;
END;;
DELIMITER ;
CALL adminer_alter(@adminer_alter);
DROP PROCEDURE adminer_alter;
";
//! indexes
}
}
}
/** Export table data
* @param string
* @param string
* @param string
* @return null prints data
*/
function dumpData($table, $style, $query) {
global $connection, $jush;
$max_packet = ($jush == "sqlite" ? 0 : 1048576); // default, minimum is 1024
if ($style) {
if ($_POST["format"] == "sql" && $style == "TRUNCATE+INSERT") {
echo truncate_sql($table) . ";\n";
}
$fields = fields($table);
$result = $connection->query($query, 1); // 1 - MYSQLI_USE_RESULT //! enum and set as numbers
if ($result) {
$insert = "";
$buffer = "";
while ($row = $result->fetch_assoc()) {
if ($_POST["format"] != "sql") {
dump_csv($row);
} else {
if (!$insert) {
$insert = "INSERT INTO " . table($table) . " (" . implode(", ", array_map('idf_escape', array_keys($row))) . ") VALUES";
}
foreach ($row as $key => $val) {
$row[$key] = (isset($val) ? (ereg('int|float|double|decimal', $fields[$key]["type"]) ? $val : q($val)) : "NULL"); //! columns looking like functions
}
$s = implode(",\t", $row);
if ($style == "INSERT+UPDATE") {
$set = array();
foreach ($row as $key => $val) {
$set[] = idf_escape($key) . " = $val";
}
echo "$insert ($s) ON DUPLICATE KEY UPDATE " . implode(", ", $set) . ";\n";
} else {
$s = ($max_packet ? "\n" : " ") . "($s)";
if (!$buffer) {
$buffer = $insert . $s;
} elseif (strlen($buffer) + 2 + strlen($s) < $max_packet) { // 2 - separator and terminator length
$buffer .= ",$s";
} else {
$buffer .= ";\n";
echo $buffer;
$buffer = $insert . $s;
}
}
}
}
if ($_POST["format"] == "sql" && $style != "INSERT+UPDATE" && $buffer) {
$buffer .= ";\n";
echo $buffer;
}
} elseif ($_POST["format"] == "sql") {
echo "-- " . str_replace("\n", " ", $connection->error) . "\n";
}
}
}
/** Send headers for export
* @param string
* @param bool
* @return string extension
*/
function dumpHeaders($identifier, $multi_table = false) {
$filename = ($identifier != "" ? friendly_url($identifier) : "adminer");
$output = $_POST["output"];
$ext = ($_POST["format"] == "sql" ? "sql" : ($multi_table ? "tar" : "csv")); // multiple CSV packed to TAR
header("Content-Type: " .
($output == "bz2" ? "application/x-bzip" :
($output == "gz" ? "application/x-gzip" :
($ext == "tar" ? "application/x-tar" :
($ext == "sql" || $output != "file" ? "text/plain" : "text/csv") . "; charset=utf-8"
))));
if ($output != "text") {
header("Content-Disposition: attachment; filename=$filename.$ext" . ($output != "file" && !ereg('[^0-9a-z]', $output) ? ".$output" : ""));
}
session_write_close();
if ($_POST["output"] == "bz2") {
ob_start('bzcompress', 1e6);
}
if ($_POST["output"] == "gz") {
ob_start('gzencode', 1e6);
}
return $ext;
}
/** Prints navigation after Adminer title
@@ -524,13 +716,13 @@ document.getElementById('username').focus();
<form action="" method="post">
<p class="logout">
<?php
if (DB == "" || !$missing) {
echo "<a href='" . h(ME) . "sql='>" . bold(lang('SQL command'), isset($_GET["sql"])) . "</a>\n";
if (support("dump")) {
echo "<a href='" . h(ME) . "dump=" . urlencode(isset($_GET["table"]) ? $_GET["table"] : $_GET["select"]) . "'>" . bold(lang('Dump'), isset($_GET["dump"])) . "</a>\n";
}
}
?>
if (DB == "" || !$missing) {
echo "<a href='" . h(ME) . "sql='>" . bold(lang('SQL command'), isset($_GET["sql"])) . "</a>\n";
if (support("dump")) {
echo "<a href='" . h(ME) . "dump=" . urlencode(isset($_GET["table"]) ? $_GET["table"] : $_GET["select"]) . "'>" . bold(lang('Dump'), isset($_GET["dump"])) . "</a>\n";
}
}
?>
<input type="hidden" name="token" value="<?php echo $token; ?>">
<input type="submit" name="logout" value="<?php echo lang('Logout'); ?>">
</p>
@@ -549,6 +741,7 @@ if (DB == "" || !$missing) {
}
}
if ($_GET["ns"] !== "" && !$missing) {
echo '<p><a href="' . h(ME) . 'create=">' . bold(lang('Create new table'), $_GET["create"] === "") . "</a>\n";
$tables = tables_list();
if (!$tables) {
echo "<p class='message'>" . lang('No tables.') . "\n";
@@ -559,13 +752,12 @@ if (DB == "" || !$missing) {
$links[] = preg_quote($table, '/');
}
echo "<script type='text/javascript'>\n";
echo "var jushLinks = { $jush: [ '" . addcslashes(h(ME), "\\'/") . "table=\$&', /\\b(" . implode("|", $links) . ")\\b/g ] };\n";
echo "var jushLinks = { $jush: [ '" . js_escape(ME) . "table=\$&', /\\b(" . implode("|", $links) . ")\\b/g ] };\n";
foreach (array("bac", "bra", "sqlite_quo", "mssql_bra") as $val) {
echo "jushLinks.$val = jushLinks.$jush;\n";
}
echo "</script>\n";
}
echo '<p><a href="' . h(ME) . 'create=">' . bold(lang('Create new table'), $_GET["create"] === "") . "</a>\n";
}
}
echo (isset($_GET["sql"]) ? '<input type="hidden" name="sql" value="">'

14
adminer/include/auth.inc.php
View File

@@ -1,12 +1,6 @@
<?php
$connection = '';
if (!$drivers) {
page_header(lang('No extension'), lang('None of the supported PHP extensions (%s) are available.', implode(", ", $possible_drivers)), null);
page_footer("auth");
exit;
}
$token = $_SESSION["token"];
if (!$_SESSION["token"]) {
$_SESSION["token"] = rand(1, 1e6); // defense against cross-site request forgery
@@ -89,7 +83,13 @@ function auth_error($exception = null) {
page_footer("auth");
}
if (isset($_GET["username"]) && class_exists("Min_DB")) { // doesn't exists with passing wrong driver
if (isset($_GET["username"])) {
if (!class_exists("Min_DB")) {
unset($_SESSION["pwds"][DRIVER]); //! remove also from adminer_permanent
page_header(lang('No extension'), lang('None of the supported PHP extensions (%s) are available.', implode(", ", $possible_drivers)), false);
page_footer("auth");
exit;
}
$connection = connect();
}
if (is_string($connection) || !$adminer->login($_GET["username"], get_session("pwds"))) {

4
adminer/include/bootstrap.inc.php
View File

@@ -39,11 +39,12 @@ if (!defined("SID")) {
// disable magic quotes to be able to use database escaping function
remove_slashes(array(&$_GET, &$_POST, &$_COOKIE));
if (function_exists("set_magic_quotes_runtime")) {
if (function_exists("set_magic_quotes_runtime")) { // removed in PHP 6
set_magic_quotes_runtime(false);
}
@set_time_limit(0); // @ - can be disabled
@ini_set("zend.ze1_compatibility_mode", false); // @ - deprecated
@ini_set("precision", 20); // @ - can be disabled
include "../adminer/include/lang.inc.php";
include "../adminer/lang/$LANG.inc.php";
@@ -70,7 +71,6 @@ include "../adminer/include/xxtea.inc.php";
include "../adminer/include/auth.inc.php";
include "./include/connect.inc.php";
include "./include/editing.inc.php";
include "./include/export.inc.php";
session_cache_limiter(""); // to allow restarting session
if (!ini_bool("session.use_cookies") || @ini_set("session.use_cookies", false) !== false) { // @ - may be disabled

4
adminer/include/connect.inc.php
View File

@@ -23,6 +23,9 @@ function connect_error() {
}
echo "<p>" . lang('%s version: %s through PHP extension %s', $drivers[DRIVER], "<b>$connection->server_info</b>", "<b>$connection->extension</b>") . "\n";
echo "<p>" . lang('Logged as: %s', "<b>" . h(logged_user()) . "</b>") . "\n";
if ($_GET["refresh"]) {
set_session("dbs", null);
}
$databases = get_databases();
if ($databases) {
$scheme = support("scheme");
@@ -40,6 +43,7 @@ function connect_error() {
}
echo "</table>\n";
echo "<p><input type='submit' name='drop' value='" . lang('Drop') . "'" . confirm("formChecked(this, /db/)") . ">\n";
echo "<a href='" . h(ME) . "refresh=1'>" . lang('Refresh') . "</a>\n";
echo "</form>\n";
}
}

4
adminer/include/design.inc.php
View File

@@ -15,7 +15,7 @@ function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
$protocol = ($HTTPS ? "https" : "http");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html lang="<?php echo $LANG; ?>">
<html lang="<?php echo $LANG; ?>" dir="<?php echo lang('ltr'); ?>">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta http-equiv="Content-Script-Type" content="text/javascript">
<meta name="robots" content="noindex">
@@ -26,7 +26,7 @@ function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
<link rel="stylesheet" type="text/css" href="adminer.css">
<?php } ?>
<body onload="bodyLoad('<?php echo (is_object($connection) ? substr($connection->server_info, 0, 3) : ""); ?>', '<?php echo $protocol; ?>');<?php echo (isset($_COOKIE["adminer_version"]) ? "" : " verifyVersion('$protocol');"); ?>">
<body class="<?php echo lang('ltr'); ?>" onload="bodyLoad('<?php echo (is_object($connection) ? substr($connection->server_info, 0, 3) : ""); ?>', '<?php echo $protocol; ?>');<?php echo (isset($_COOKIE["adminer_version"]) ? "" : " verifyVersion('$protocol');"); ?>">
<script type="text/javascript" src="../adminer/static/functions.js"></script>
<script type="text/javascript" src="static/editing.js"></script>

15
adminer/include/editing.inc.php
View File

@@ -333,3 +333,18 @@ function drop_create($drop, $create, $location, $message_drop, $message_alter, $
}
return $dropped;
}
/** Get string to add a file in TAR
* @param string
* @param string
* @return string
*/
function tar_file($filename, $contents) {
$return = pack("a100a8a8a8a12a12", $filename, 644, 0, 0, decoct(strlen($contents)), decoct(time()));
$checksum = 8*32; // space for checksum itself
for ($i=0; $i < strlen($return); $i++) {
$checksum += ord($return{$i});
}
$return .= sprintf("%06o", $checksum) . "\0 ";
return $return . str_repeat("\0", 512 - strlen($return)) . $contents . str_repeat("\0", 511 - (strlen($contents) + 511) % 512);
}

176
adminer/include/export.inc.php
View File

@@ -1,176 +0,0 @@
<?php
function tar_file($filename, $contents) {
$return = pack("a100a8a8a8a12a12", $filename, 644, 0, 0, decoct(strlen($contents)), decoct(time()));
$checksum = 8*32; // space for checksum itself
for ($i=0; $i < strlen($return); $i++) {
$checksum += ord($return{$i});
}
$return .= sprintf("%06o", $checksum) . "\0 ";
return $return . str_repeat("\0", 512 - strlen($return)) . $contents . str_repeat("\0", 511 - (strlen($contents) + 511) % 512);
}
function dump_table($table, $style, $is_view = false) {
if ($_POST["format"] != "sql") {
echo "\xef\xbb\xbf"; // UTF-8 byte order mark
if ($style) {
dump_csv(array_keys(fields($table)));
}
} elseif ($style) {
$create = create_sql($table, $_POST["auto_increment"]);
if ($create) {
if ($style == "DROP+CREATE") {
echo "DROP " . ($is_view ? "VIEW" : "TABLE") . " IF EXISTS " . table($table) . ";\n";
}
if ($is_view) {
// remove DEFINER with current user
$create = preg_replace('~^([A-Z =]+) DEFINER=`' . str_replace("@", "`@`", logged_user()) . '`~', '\\1', $create); //! proper escaping of user
}
echo ($style != "CREATE+ALTER" ? $create : ($is_view ? substr_replace($create, " OR REPLACE", 6, 0) : substr_replace($create, " IF NOT EXISTS", 12, 0))) . ";\n\n";
}
if ($style == "CREATE+ALTER" && !$is_view) {
// create procedure which iterates over original columns and adds new and removes old
$query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = " . q($table) . " ORDER BY ORDINAL_POSITION";
echo "DELIMITER ;;
CREATE PROCEDURE adminer_alter (INOUT alter_command text) BEGIN
DECLARE _column_name, _collation_name, after varchar(64) DEFAULT '';
DECLARE _column_type, _column_default text;
DECLARE _is_nullable char(3);
DECLARE _extra varchar(30);
DECLARE _column_comment varchar(255);
DECLARE done, set_after bool DEFAULT 0;
DECLARE add_columns text DEFAULT '";
$fields = array();
$after = "";
foreach (get_rows($query) as $row) {
$default = $row["COLUMN_DEFAULT"];
$row["default"] = (isset($default) ? q($default) : "NULL");
$row["after"] = q($after); //! rgt AFTER lft, lft AFTER id doesn't work
$row["alter"] = escape_string(idf_escape($row["COLUMN_NAME"])
. " $row[COLUMN_TYPE]"
. ($row["COLLATION_NAME"] ? " COLLATE $row[COLLATION_NAME]" : "")
. (isset($default) ? " DEFAULT " . ($default == "CURRENT_TIMESTAMP" ? $default : $row["default"]) : "")
. ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL")
. ($row["EXTRA"] ? " $row[EXTRA]" : "")
. ($row["COLUMN_COMMENT"] ? " COMMENT " . q($row["COLUMN_COMMENT"]) : "")
. ($after ? " AFTER " . idf_escape($after) : " FIRST")
);
echo ", ADD $row[alter]";
$fields[] = $row;
$after = $row["COLUMN_NAME"];
}
echo "';
DECLARE columns CURSOR FOR $query;
DECLARE CONTINUE HANDLER FOR NOT FOUND SET done = 1;
SET @alter_table = '';
OPEN columns;
REPEAT
FETCH columns INTO _column_name, _column_default, _is_nullable, _collation_name, _column_type, _extra, _column_comment;
IF NOT done THEN
SET set_after = 1;
CASE _column_name";
foreach ($fields as $row) {
echo "
WHEN " . q($row["COLUMN_NAME"]) . " THEN
SET add_columns = REPLACE(add_columns, ', ADD $row[alter]', '');
IF NOT (_column_default <=> $row[default]) OR _is_nullable != '$row[IS_NULLABLE]' OR _collation_name != '$row[COLLATION_NAME]' OR _column_type != " . q($row["COLUMN_TYPE"]) . " OR _extra != '$row[EXTRA]' OR _column_comment != " . q($row["COLUMN_COMMENT"]) . " OR after != $row[after] THEN
SET @alter_table = CONCAT(@alter_table, ', MODIFY $row[alter]');
END IF;"; //! don't replace in comment
}
echo "
ELSE
SET @alter_table = CONCAT(@alter_table, ', DROP ', _column_name);
SET set_after = 0;
END CASE;
IF set_after THEN
SET after = _column_name;
END IF;
END IF;
UNTIL done END REPEAT;
CLOSE columns;
IF @alter_table != '' OR add_columns != '' THEN
SET alter_command = CONCAT(alter_command, 'ALTER TABLE " . table($table) . "', SUBSTR(CONCAT(add_columns, @alter_table), 2), ';\\n');
END IF;
END;;
DELIMITER ;
CALL adminer_alter(@adminer_alter);
DROP PROCEDURE adminer_alter;
";
//! indexes
}
}
}
function dump_data($table, $style, $select = "") {
global $connection, $jush;
$max_packet = ($jush == "sqlite" ? 0 : 1048576); // default, minimum is 1024
if ($style) {
if ($_POST["format"] == "sql" && $style == "TRUNCATE+INSERT") {
echo truncate_sql($table) . ";\n";
}
$fields = fields($table);
$result = $connection->query(($select ? $select : "SELECT * FROM " . table($table)), 1); // 1 - MYSQLI_USE_RESULT //! enum and set as numbers
if ($result) {
$insert = "";
$buffer = "";
while ($row = $result->fetch_assoc()) {
if ($_POST["format"] != "sql") {
dump_csv($row);
} else {
if (!$insert) {
$insert = "INSERT INTO " . table($table) . " (" . implode(", ", array_map('idf_escape', array_keys($row))) . ") VALUES";
}
foreach ($row as $key => $val) {
$row[$key] = (isset($val) ? (ereg('int|float|double|decimal', $fields[$key]["type"]) ? $val : q($val)) : "NULL"); //! columns looking like functions
}
$s = implode(",\t", $row);
if ($style == "INSERT+UPDATE") {
$set = array();
foreach ($row as $key => $val) {
$set[] = idf_escape($key) . " = $val";
}
echo "$insert ($s) ON DUPLICATE KEY UPDATE " . implode(", ", $set) . ";\n";
} else {
$s = ($max_packet ? "\n" : " ") . "($s)";
if (!$buffer) {
$buffer = $insert . $s;
} elseif (strlen($buffer) + 2 + strlen($s) < $max_packet) { // 2 - separator and terminator length
$buffer .= ",$s";
} else {
$buffer .= ";\n";
echo $buffer;
$buffer = $insert . $s;
}
}
}
}
if ($_POST["format"] == "sql" && $style != "INSERT+UPDATE" && $buffer) {
$buffer .= ";\n";
echo $buffer;
}
}
}
}
function dump_headers($identifier, $multi_table = false) {
$filename = ($identifier != "" ? friendly_url($identifier) : "adminer");
$output = $_POST["output"];
$ext = ($_POST["format"] == "sql" ? "sql" : ($multi_table ? "tar" : "csv")); // multiple CSV packed to TAR
header("Content-Type: " .
($output == "bz2" ? "application/x-bzip" :
($output == "gz" ? "application/x-gzip" :
($ext == "tar" ? "application/x-tar" :
($ext == "sql" || $output != "file" ? "text/plain" : "text/csv") . "; charset=utf-8"
))));
if ($output != "text") {
header("Content-Disposition: attachment; filename=$filename.$ext" . ($output != "file" && !ereg('[^0-9a-z]', $output) ? ".$output" : ""));
}
session_write_close();
if ($_POST["output"] == "bz2") {
ob_start('bzcompress', 1e6);
}
if ($_POST["output"] == "gz") {
ob_start('gzencode', 1e6);
}
return $ext;
}

31
adminer/include/functions.inc.php
View File

@@ -143,6 +143,14 @@ function confirm($count = "") {
return " onclick=\"return confirm('" . lang('Are you sure?') . ($count ? " (' + $count + ')" : "") . "');\"";
}
/** Escape string for JavaScript apostrophes
* @param string
* @return string
*/
function js_escape($string) {
return addcslashes($string, "\r\n'\\/"); // slash for <script>
}
/** Get INI boolean value
* @param string
* @return bool
@@ -575,8 +583,9 @@ function hidden_fields_get() {
* @return array array($col => array())
*/
function column_foreign_keys($table) {
global $adminer;
$return = array();
foreach (foreign_keys($table) as $foreign_key) {
foreach ($adminer->foreignKeys($table) as $foreign_key) {
foreach ($foreign_key["source"] as $val) {
$return[$val][] = $foreign_key;
}
@@ -593,11 +602,13 @@ function column_foreign_keys($table) {
*/
function enum_input($type, $attrs, $field, $value) {
preg_match_all("~'((?:[^']|'')*)'~", $field["length"], $matches);
$return = "";
foreach ($matches[1] as $i => $val) {
$val = stripcslashes(str_replace("''", "'", $val));
$checked = (is_int($value) ? $value == $i+1 : (is_array($value) ? in_array($i+1, $value) : $value === $val));
echo " <label><input type='$type'$attrs value='" . ($i+1) . "'" . ($checked ? ' checked' : '') . '>' . h($val) . '</label>';
$return .= " <label><input type='$type'$attrs value='" . ($i+1) . "'" . ($checked ? ' checked' : '') . '>' . h($val) . '</label>';
}
return $return;
}
/** Print edit input field
@@ -613,9 +624,7 @@ function input($field, $value, $function) {
$functions = (isset($_GET["select"]) ? array("orig" => lang('original')) : array()) + $adminer->editFunctions($field);
$attrs = " name='fields[$name]'";
if ($field["type"] == "enum") {
echo nbsp($functions[""]) . "<td>" . ($functions["orig"] ? "<label><input type='radio'$attrs value='-1' checked><i>$functions[orig]</i></label> " : "");
echo $adminer->editInput($_GET["edit"], $field, $attrs, $value);
enum_input("radio", $attrs, $field, $value);
echo nbsp($functions[""]) . "<td>" . $adminer->editInput($_GET["edit"], $field, $attrs, $value);
} else {
$first = 0;
foreach ($functions as $key => $val) {
@@ -624,7 +633,7 @@ function input($field, $value, $function) {
}
$first++;
}
$onchange = ($first ? " onchange=\"var f = this.form['function[" . addcslashes($name, "\r\n'\\") . "]']; if ($first > f.selectedIndex) f.selectedIndex = $first;\"" : "");
$onchange = ($first ? " onchange=\"var f = this.form['function[" . js_escape($name) . "]']; if ($first > f.selectedIndex) f.selectedIndex = $first;\"" : "");
$attrs .= $onchange;
echo (count($functions) > 1 ? html_select("function[$name]", $functions, !isset($function) || in_array($function, $functions) || isset($functions[$function]) ? $function : "") : nbsp(reset($functions))) . '<td>';
$input = $adminer->editInput($_GET["edit"], $field, $attrs, $value); // usage in call is without a table
@@ -643,7 +652,7 @@ function input($field, $value, $function) {
echo "<textarea " . ($jush != "sqlite" || ereg("\n", $value) ? "cols='50' rows='12'" : "cols='30' rows='1' style='height: 1.2em;'") . "$attrs onkeydown='return textareaKeydown(this, event);'>" . h($value) . '</textarea>'; // 1.2em - line-height
} else {
// int(3) is only a display hint
$maxlength = (!ereg('int', $field["type"]) && preg_match('~^([0-9]+)(,([0-9]+))?$~', $field["length"], $match) ? ((ereg("binary", $field["type"]) ? 2 : 1) * $match[1] + ($match[3] ? 1 : 0) + ($match[2] && !$field["unsigned"] ? 1 : 0)) : ($types[$field["type"]] ? $types[$field["type"]] + ($field["unsigned"] ? 0 : 1) : 0));
$maxlength = (!ereg('int', $field["type"]) && preg_match('~^(\\d+)(,(\\d+))?$~', $field["length"], $match) ? ((ereg("binary", $field["type"]) ? 2 : 1) * $match[1] + ($match[3] ? 1 : 0) + ($match[2] && !$field["unsigned"] ? 1 : 0)) : ($types[$field["type"]] ? $types[$field["type"]] + ($field["unsigned"] ? 0 : 1) : 0));
echo "<input value='" . h($value) . "'" . ($maxlength ? " maxlength='$maxlength'" : "") . (ereg('char|binary', $field["type"]) && $maxlength > 20 ? " size='40'" : "") . "$attrs>";
}
}
@@ -665,7 +674,7 @@ function process_input($field) {
if ($value == "") {
return "NULL";
}
return intval($value);
return +$value;
}
if ($field["auto_increment"] && $value == "") {
return null;
@@ -721,11 +730,11 @@ function search_tables() {
*/
function dump_csv($row) {
foreach ($row as $key => $val) {
if (preg_match("~[\"\n,;]~", $val) || $val === "") {
if (preg_match("~[\"\n,;\t]~", $val) || $val === "") {
$row[$key] = '"' . str_replace('"', '""', $val) . '"';
}
}
echo implode(($_POST["format"] == "csv" ? "," : ";"), $row) . "\n";
echo implode(($_POST["format"] == "csv" ? "," : ($_POST["format"] == "tsv" ? "\t" : ";")), $row) . "\n";
}
/** Apply SQL function
@@ -785,7 +794,7 @@ function is_mail($email) {
*/
function is_url($string) {
$domain = '[a-z0-9]([-a-z0-9]{0,61}[a-z0-9])'; // one domain component //! IDN
return (preg_match("~^(https?)://($domain?\\.)+$domain(:[0-9]+)?(/.*)?(\\?.*)?(#.*)?\$~i", $string, $match) ? strtolower($match[1]) : ""); //! restrict path, query and fragment characters
return (preg_match("~^(https?)://($domain?\\.)+$domain(:\\d+)?(/.*)?(\\?.*)?(#.*)?\$~i", $string, $match) ? strtolower($match[1]) : ""); //! restrict path, query and fragment characters
}
/** Print header for hidden fieldset (close by </div></fieldset>)

1
adminer/include/lang.inc.php
View File

@@ -18,6 +18,7 @@ $langs = array(
'zh-tw' => '繁體中文', // http://tzangms.com
'ja' => '日本語', // Hitoshi Ozawa - http://sourceforge.jp/projects/oss-ja-jpn/releases/
'ta' => 'த‌மிழ்', // G. Sampath Kumar, Chennai, India, sampathkumar11@gmail.com
'ar' => 'العربية', // Y.M Amine - Algeria - nbr7@live.fr
);
function lang($idf, $number = null) {

1
adminer/include/pdo.inc.php
View File

@@ -79,5 +79,4 @@ if (extension_loaded('pdo')) {
}
}
$possible_drivers = array();
$drivers = array();

2
adminer/include/version.inc.php
View File

@@ -1,2 +1,2 @@
<?php
$VERSION = "3.0.2-dev";
$VERSION = "3.1.0-dev";