forked from eriknyk/phppgadmin
-
Notifications
You must be signed in to change notification settings - Fork 5
/
sqledit.php
155 lines (125 loc) · 7.01 KB
/
sqledit.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
<?php
/**
* Alternative SQL editing window
*
* $Id: sqledit.php,v 1.40 2008/01/10 19:37:07 xzilla Exp $
*/
// Include application functions
include_once('./libraries/lib.inc.php');
$action = (isset($_REQUEST['action'])) ? $_REQUEST['action'] : '';
if (!isset($msg)) $msg = '';
/**
* Private function to display server and list of databases
*/
function _printConnection() {
global $data, $action, $misc;
// The javascript action on the select box reloads the
// popup whenever the server or database is changed.
// This ensures that the correct page encoding is used.
$onchange = "onchange=\"location.href='sqledit.php?action=" .
urlencode($action) . "&server=' + encodeURI(server.options[server.selectedIndex].value) + '&database=' + encodeURI(database.options[database.selectedIndex].value) + ";
// The exact URL to reload to is different between SQL and Find mode, however.
if ($action == 'find') {
$onchange .= "'&term=' + encodeURI(term.value) + '&filter=' + encodeURI(filter.value) + '&'\"";
} else {
$onchange .= "'&query=' + encodeURI(query.value) + '&search_path=' + encodeURI(search_path.value) + (paginate.checked ? '&paginate=on' : '') + '&'\"";
}
$misc->printConnection($onchange);
}
/**
* Searches for a named database object
*/
function doFind() {
global $data, $misc;
global $lang, $conf;
if (!isset($_REQUEST['term'])) $_REQUEST['term'] = '';
if (!isset($_REQUEST['filter'])) $_REQUEST['filter'] = '';
$misc->printHeader($lang['strfind']);
// Bring to the front always
echo "<body onload=\"window.focus();\">\n";
$misc->printTabs($misc->getNavTabs('popup'), 'find');
echo "<form action=\"database.php\" method=\"post\" target=\"detail\">\n";
_printConnection();
echo "<p><input name=\"term\" value=\"", htmlspecialchars($_REQUEST['term']),
"\" size=\"32\" maxlength=\"{$data->_maxNameLen}\" />\n";
// Output list of filters. This is complex due to all the 'has' and 'conf' feature possibilities
echo "<select name=\"filter\">\n";
echo "\t<option value=\"\"", ($_REQUEST['filter'] == '') ? ' selected="selected"' : '', ">{$lang['strallobjects']}</option>\n";
echo "\t<option value=\"SCHEMA\"", ($_REQUEST['filter'] == 'SCHEMA') ? ' selected="selected"' : '', ">{$lang['strschemas']}</option>\n";
echo "\t<option value=\"TABLE\"", ($_REQUEST['filter'] == 'TABLE') ? ' selected="selected"' : '', ">{$lang['strtables']}</option>\n";
echo "\t<option value=\"VIEW\"", ($_REQUEST['filter'] == 'VIEW') ? ' selected="selected"' : '', ">{$lang['strviews']}</option>\n";
echo "\t<option value=\"SEQUENCE\"", ($_REQUEST['filter'] == 'SEQUENCE') ? ' selected="selected"' : '', ">{$lang['strsequences']}</option>\n";
echo "\t<option value=\"COLUMN\"", ($_REQUEST['filter'] == 'COLUMN') ? ' selected="selected"' : '', ">{$lang['strcolumns']}</option>\n";
echo "\t<option value=\"RULE\"", ($_REQUEST['filter'] == 'RULE') ? ' selected="selected"' : '', ">{$lang['strrules']}</option>\n";
echo "\t<option value=\"INDEX\"", ($_REQUEST['filter'] == 'INDEX') ? ' selected="selected"' : '', ">{$lang['strindexes']}</option>\n";
echo "\t<option value=\"TRIGGER\"", ($_REQUEST['filter'] == 'TRIGGER') ? ' selected="selected"' : '', ">{$lang['strtriggers']}</option>\n";
echo "\t<option value=\"CONSTRAINT\"", ($_REQUEST['filter'] == 'CONSTRAINT') ? ' selected="selected"' : '', ">{$lang['strconstraints']}</option>\n";
echo "\t<option value=\"FUNCTION\"", ($_REQUEST['filter'] == 'FUNCTION') ? ' selected="selected"' : '', ">{$lang['strfunctions']}</option>\n";
echo "\t<option value=\"DOMAIN\"", ($_REQUEST['filter'] == 'DOMAIN') ? ' selected="selected"' : '', ">{$lang['strdomains']}</option>\n";
if ($conf['show_advanced']) {
echo "\t<option value=\"AGGREGATE\"", ($_REQUEST['filter'] == 'AGGREGATE') ? ' selected="selected"' : '', ">{$lang['straggregates']}</option>\n";
echo "\t<option value=\"TYPE\"", ($_REQUEST['filter'] == 'TYPE') ? ' selected="selected"' : '', ">{$lang['strtypes']}</option>\n";
echo "\t<option value=\"OPERATOR\"", ($_REQUEST['filter'] == 'OPERATOR') ? ' selected="selected"' : '', ">{$lang['stroperators']}</option>\n";
echo "\t<option value=\"OPCLASS\"", ($_REQUEST['filter'] == 'OPCLASS') ? ' selected="selected"' : '', ">{$lang['stropclasses']}</option>\n";
echo "\t<option value=\"CONVERSION\"", ($_REQUEST['filter'] == 'CONVERSION') ? ' selected="selected"' : '', ">{$lang['strconversions']}</option>\n";
echo "\t<option value=\"LANGUAGE\"", ($_REQUEST['filter'] == 'LANGUAGE') ? ' selected="selected"' : '', ">{$lang['strlanguages']}</option>\n";
}
echo "</select>\n";
echo "<input type=\"submit\" value=\"{$lang['strfind']}\" />\n";
echo "<input type=\"hidden\" name=\"action\" value=\"find\" /></p>\n";
echo "</form>\n";
// Default focus
$misc->setFocus('forms[0].term');
}
/**
* Allow execution of arbitrary SQL statements on a database
*/
function doDefault() {
global $data, $misc;
global $lang;
if (!isset($_SESSION['sqlquery'])) $_SESSION['sqlquery'] = '';
$misc->printHeader($lang['strsql']);
// Bring to the front always
echo "<body onload=\"window.focus();\">\n";
$misc->printTabs($misc->getNavTabs('popup'), 'sql');
echo "<form action=\"sql.php\" method=\"post\" enctype=\"multipart/form-data\" target=\"detail\">\n";
_printConnection();
echo "\n";
if (!isset($_REQUEST['search_path']))
$_REQUEST['search_path'] = implode(',',$data->getSearchPath());
echo "<p><label>";
$misc->printHelp($lang['strsearchpath'], 'pg.schema.search_path');
echo ": <input type=\"text\" name=\"search_path\" size=\"50\" value=\"",
htmlspecialchars($_REQUEST['search_path']), "\" /></label></p>\n";
echo "<textarea style=\"width:98%;\" rows=\"10\" cols=\"50\" name=\"query\">",
htmlspecialchars($_SESSION['sqlquery']), "</textarea>\n";
// Check that file uploads are enabled
if (ini_get('file_uploads')) {
// Don't show upload option if max size of uploads is zero
$max_size = $misc->inisizeToBytes(ini_get('upload_max_filesize'));
if (is_double($max_size) && $max_size > 0) {
echo "<p><input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"{$max_size}\" />\n";
echo "<label for=\"script\">{$lang['struploadscript']}</label> <input id=\"script\" name=\"script\" type=\"file\" /></p>\n";
}
}
$paginate = !isset($_REQUEST['paginate']) || $_REQUEST['paginate'] == 'on';
echo "<p><label for=\"paginate\"><input type=\"checkbox\" id=\"paginate\" name=\"paginate\"", ($paginate ? ' checked="checked"' : ''), " /> {$lang['strpaginate']}</label></p>\n";
echo "<p><input type=\"submit\" name=\"execute\" accesskey=\"r\" value=\"{$lang['strexecute']}\" />\n";
echo "<input type=\"reset\" accesskey=\"q\" value=\"{$lang['strreset']}\" /></p>\n";
echo "</form>\n";
// Default focus
$misc->setFocus('forms[0].query');
}
switch ($action) {
case 'find':
doFind();
break;
case 'sql':
default:
doDefault();
break;
}
// Set the name of the window
$misc->setWindowName('sqledit');
$misc->printFooter();
?>