aboutsummaryrefslogtreecommitdiff
path: root/srcs/phpmyadmin/libraries/classes/Sql.php
diff options
context:
space:
mode:
Diffstat (limited to 'srcs/phpmyadmin/libraries/classes/Sql.php')
-rw-r--r--srcs/phpmyadmin/libraries/classes/Sql.php2328
1 files changed, 2328 insertions, 0 deletions
diff --git a/srcs/phpmyadmin/libraries/classes/Sql.php b/srcs/phpmyadmin/libraries/classes/Sql.php
new file mode 100644
index 0000000..fb4b07f
--- /dev/null
+++ b/srcs/phpmyadmin/libraries/classes/Sql.php
@@ -0,0 +1,2328 @@
+<?php
+/* vim: set expandtab sw=4 ts=4 sts=4: */
+/**
+ * Set of functions for the SQL executor
+ *
+ * @package PhpMyAdmin
+ */
+declare(strict_types=1);
+
+namespace PhpMyAdmin;
+
+use PhpMyAdmin\Bookmark;
+use PhpMyAdmin\Core;
+use PhpMyAdmin\DatabaseInterface;
+use PhpMyAdmin\Display\Results as DisplayResults;
+use PhpMyAdmin\Index;
+use PhpMyAdmin\Message;
+use PhpMyAdmin\Operations;
+use PhpMyAdmin\ParseAnalyze;
+use PhpMyAdmin\Relation;
+use PhpMyAdmin\RelationCleanup;
+use PhpMyAdmin\Response;
+use PhpMyAdmin\SqlParser\Statements\AlterStatement;
+use PhpMyAdmin\SqlParser\Statements\DropStatement;
+use PhpMyAdmin\SqlParser\Statements\SelectStatement;
+use PhpMyAdmin\SqlParser\Utils\Query;
+use PhpMyAdmin\Table;
+use PhpMyAdmin\Transformations;
+use PhpMyAdmin\Url;
+use PhpMyAdmin\Util;
+
+/**
+ * Set of functions for the SQL executor
+ *
+ * @package PhpMyAdmin
+ */
+class Sql
+{
+ /**
+ * @var Relation
+ */
+ private $relation;
+
+ /**
+ * @var RelationCleanup
+ */
+ private $relationCleanup;
+
+ /**
+ * @var Transformations
+ */
+ private $transformations;
+
+ /**
+ * @var Operations
+ */
+ private $operations;
+
+ /**
+ * @var Template
+ */
+ private $template;
+
+ /**
+ * Constructor
+ */
+ public function __construct()
+ {
+ $this->relation = new Relation($GLOBALS['dbi']);
+ $this->relationCleanup = new RelationCleanup($GLOBALS['dbi'], $this->relation);
+ $this->operations = new Operations($GLOBALS['dbi'], $this->relation);
+ $this->transformations = new Transformations();
+ $this->template = new Template();
+ }
+
+ /**
+ * Parses and analyzes the given SQL query.
+ *
+ * @param string $sql_query SQL query
+ * @param string $db DB name
+ *
+ * @return mixed
+ */
+ public function parseAndAnalyze($sql_query, $db = null)
+ {
+ if ($db === null && isset($GLOBALS['db']) && strlen($GLOBALS['db'])) {
+ $db = $GLOBALS['db'];
+ }
+ list($analyzed_sql_results,,) = ParseAnalyze::sqlQuery($sql_query, $db);
+ return $analyzed_sql_results;
+ }
+
+ /**
+ * Handle remembered sorting order, only for single table query
+ *
+ * @param string $db database name
+ * @param string $table table name
+ * @param array $analyzed_sql_results the analyzed query results
+ * @param string $full_sql_query SQL query
+ *
+ * @return void
+ */
+ private function handleSortOrder(
+ $db,
+ $table,
+ array &$analyzed_sql_results,
+ &$full_sql_query
+ ) {
+ $pmatable = new Table($table, $db);
+
+ if (empty($analyzed_sql_results['order'])) {
+ // Retrieving the name of the column we should sort after.
+ $sortCol = $pmatable->getUiProp(Table::PROP_SORTED_COLUMN);
+ if (empty($sortCol)) {
+ return;
+ }
+
+ // Remove the name of the table from the retrieved field name.
+ $sortCol = str_replace(
+ Util::backquote($table) . '.',
+ '',
+ $sortCol
+ );
+
+ // Create the new query.
+ $full_sql_query = Query::replaceClause(
+ $analyzed_sql_results['statement'],
+ $analyzed_sql_results['parser']->list,
+ 'ORDER BY ' . $sortCol
+ );
+
+ // TODO: Avoid reparsing the query.
+ $analyzed_sql_results = Query::getAll($full_sql_query);
+ } else {
+ // Store the remembered table into session.
+ $pmatable->setUiProp(
+ Table::PROP_SORTED_COLUMN,
+ Query::getClause(
+ $analyzed_sql_results['statement'],
+ $analyzed_sql_results['parser']->list,
+ 'ORDER BY'
+ )
+ );
+ }
+ }
+
+ /**
+ * Append limit clause to SQL query
+ *
+ * @param array $analyzed_sql_results the analyzed query results
+ *
+ * @return string limit clause appended SQL query
+ */
+ private function getSqlWithLimitClause(array &$analyzed_sql_results)
+ {
+ return Query::replaceClause(
+ $analyzed_sql_results['statement'],
+ $analyzed_sql_results['parser']->list,
+ 'LIMIT ' . $_SESSION['tmpval']['pos'] . ', '
+ . $_SESSION['tmpval']['max_rows']
+ );
+ }
+
+ /**
+ * Verify whether the result set has columns from just one table
+ *
+ * @param array $fields_meta meta fields
+ *
+ * @return boolean whether the result set has columns from just one table
+ */
+ private function resultSetHasJustOneTable(array $fields_meta)
+ {
+ $just_one_table = true;
+ $prev_table = '';
+ foreach ($fields_meta as $one_field_meta) {
+ if ($one_field_meta->table != ''
+ && $prev_table != ''
+ && $one_field_meta->table != $prev_table
+ ) {
+ $just_one_table = false;
+ }
+ if ($one_field_meta->table != '') {
+ $prev_table = $one_field_meta->table;
+ }
+ }
+ return $just_one_table && $prev_table != '';
+ }
+
+ /**
+ * Verify whether the result set contains all the columns
+ * of at least one unique key
+ *
+ * @param string $db database name
+ * @param string $table table name
+ * @param array $fields_meta meta fields
+ *
+ * @return boolean whether the result set contains a unique key
+ */
+ private function resultSetContainsUniqueKey($db, $table, array $fields_meta)
+ {
+ $columns = $GLOBALS['dbi']->getColumns($db, $table);
+ $resultSetColumnNames = [];
+ foreach ($fields_meta as $oneMeta) {
+ $resultSetColumnNames[] = $oneMeta->name;
+ }
+ foreach (Index::getFromTable($table, $db) as $index) {
+ if ($index->isUnique()) {
+ $indexColumns = $index->getColumns();
+ $numberFound = 0;
+ foreach ($indexColumns as $indexColumnName => $dummy) {
+ if (in_array($indexColumnName, $resultSetColumnNames)) {
+ $numberFound++;
+ } elseif (! in_array($indexColumnName, $columns)) {
+ $numberFound++;
+ } elseif (strpos($columns[$indexColumnName]['Extra'], 'INVISIBLE') !== false) {
+ $numberFound++;
+ }
+ }
+ if ($numberFound == count($indexColumns)) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ /**
+ * Get the HTML for relational column dropdown
+ * During grid edit, if we have a relational field, returns the html for the
+ * dropdown
+ *
+ * @param string $db current database
+ * @param string $table current table
+ * @param string $column current column
+ * @param string $curr_value current selected value
+ *
+ * @return string html for the dropdown
+ */
+ private function getHtmlForRelationalColumnDropdown($db, $table, $column, $curr_value)
+ {
+ $foreigners = $this->relation->getForeigners($db, $table, $column);
+
+ $foreignData = $this->relation->getForeignData(
+ $foreigners,
+ $column,
+ false,
+ '',
+ ''
+ );
+
+ if ($foreignData['disp_row'] == null) {
+ //Handle the case when number of values
+ //is more than $cfg['ForeignKeyMaxLimit']
+ $_url_params = [
+ 'db' => $db,
+ 'table' => $table,
+ 'field' => $column,
+ ];
+
+ $dropdown = $this->template->render('sql/relational_column_dropdown', [
+ 'current_value' => $_POST['curr_value'],
+ 'params' => $_url_params,
+ ]);
+ } else {
+ $dropdown = $this->relation->foreignDropdown(
+ $foreignData['disp_row'],
+ $foreignData['foreign_field'],
+ $foreignData['foreign_display'],
+ $curr_value,
+ $GLOBALS['cfg']['ForeignKeyMaxLimit']
+ );
+ $dropdown = '<select>' . $dropdown . '</select>';
+ }
+
+ return $dropdown;
+ }
+
+ /**
+ * Get the HTML for the profiling table and accompanying chart if profiling is set.
+ * Otherwise returns null
+ *
+ * @param string|null $urlQuery url query
+ * @param string $database current database
+ * @param array $profilingResults array containing the profiling info
+ *
+ * @return string html for the profiling table and chart
+ */
+ private function getHtmlForProfilingChart($urlQuery, $database, $profilingResults): string
+ {
+ if (! empty($profilingResults)) {
+ $urlQuery = isset($urlQuery) ? $urlQuery : Url::getCommon(['db' => $database]);
+
+ list(
+ $detailedTable,
+ $chartJson,
+ $profilingStats
+ ) = $this->analyzeAndGetTableHtmlForProfilingResults($profilingResults);
+
+ return $this->template->render('sql/profiling_chart', [
+ 'url_query' => $urlQuery,
+ 'detailed_table' => $detailedTable,
+ 'states' => $profilingStats['states'],
+ 'total_time' => $profilingStats['total_time'],
+ 'chart_json' => $chartJson,
+ ]);
+ }
+ return '';
+ }
+
+ /**
+ * Function to get HTML for detailed profiling results table, profiling stats, and
+ * $chart_json for displaying the chart.
+ *
+ * @param array $profiling_results profiling results
+ *
+ * @return mixed
+ */
+ private function analyzeAndGetTableHtmlForProfilingResults(
+ $profiling_results
+ ) {
+ $profiling_stats = [
+ 'total_time' => 0,
+ 'states' => [],
+ ];
+ $chart_json = [];
+ $i = 1;
+ $table = '';
+ foreach ($profiling_results as $one_result) {
+ if (! isset($profiling_stats['states'][ucwords($one_result['Status'])])) {
+ $profiling_stats['states'][ucwords($one_result['Status'])] = [
+ 'total_time' => $one_result['Duration'],
+ 'calls' => 1,
+ ];
+ }
+ $profiling_stats['total_time'] += $one_result['Duration'];
+
+ $table .= $this->template->render('sql/detailed_table', [
+ 'index' => $i++,
+ 'status' => $one_result['Status'],
+ 'duration' => $one_result['Duration'],
+ ]);
+
+ if (isset($chart_json[ucwords($one_result['Status'])])) {
+ $chart_json[ucwords($one_result['Status'])]
+ += $one_result['Duration'];
+ } else {
+ $chart_json[ucwords($one_result['Status'])]
+ = $one_result['Duration'];
+ }
+ }
+ return [
+ $table,
+ $chart_json,
+ $profiling_stats,
+ ];
+ }
+
+ /**
+ * Get the HTML for the enum column dropdown
+ * During grid edit, if we have a enum field, returns the html for the
+ * dropdown
+ *
+ * @param string $db current database
+ * @param string $table current table
+ * @param string $column current column
+ * @param string $curr_value currently selected value
+ *
+ * @return string html for the dropdown
+ */
+ private function getHtmlForEnumColumnDropdown($db, $table, $column, $curr_value)
+ {
+ $values = $this->getValuesForColumn($db, $table, $column);
+ return $this->template->render('sql/enum_column_dropdown', [
+ 'values' => $values,
+ 'selected_values' => [$curr_value],
+ ]);
+ }
+
+ /**
+ * Get value of a column for a specific row (marked by $where_clause)
+ *
+ * @param string $db current database
+ * @param string $table current table
+ * @param string $column current column
+ * @param string $where_clause where clause to select a particular row
+ *
+ * @return string with value
+ */
+ private function getFullValuesForSetColumn($db, $table, $column, $where_clause)
+ {
+ $result = $GLOBALS['dbi']->fetchSingleRow(
+ "SELECT `$column` FROM `$db`.`$table` WHERE $where_clause"
+ );
+
+ return $result[$column];
+ }
+
+ /**
+ * Get the HTML for the set column dropdown
+ * During grid edit, if we have a set field, returns the html for the
+ * dropdown
+ *
+ * @param string $db current database
+ * @param string $table current table
+ * @param string $column current column
+ * @param string $curr_value currently selected value
+ *
+ * @return string html for the set column
+ */
+ private function getHtmlForSetColumn($db, $table, $column, $curr_value): string
+ {
+ $values = $this->getValuesForColumn($db, $table, $column);
+
+ $full_values = isset($_POST['get_full_values']) ? $_POST['get_full_values'] : false;
+ $where_clause = isset($_POST['where_clause']) ? $_POST['where_clause'] : null;
+
+ // If the $curr_value was truncated, we should
+ // fetch the correct full values from the table
+ if ($full_values && ! empty($where_clause)) {
+ $curr_value = $this->getFullValuesForSetColumn(
+ $db,
+ $table,
+ $column,
+ $where_clause
+ );
+ }
+
+ //converts characters of $curr_value to HTML entities
+ $converted_curr_value = htmlentities(
+ $curr_value,
+ ENT_COMPAT,
+ "UTF-8"
+ );
+
+ $selected_values = explode(',', $converted_curr_value);
+ $select_size = (count($values) > 10) ? 10 : count($values);
+
+ return $this->template->render('sql/set_column', [
+ 'size' => $select_size,
+ 'values' => $values,
+ 'selected_values' => $selected_values,
+ ]);
+ }
+
+ /**
+ * Get all the values for a enum column or set column in a table
+ *
+ * @param string $db current database
+ * @param string $table current table
+ * @param string $column current column
+ *
+ * @return array array containing the value list for the column
+ */
+ private function getValuesForColumn($db, $table, $column)
+ {
+ $field_info_query = $GLOBALS['dbi']->getColumnsSql($db, $table, $column);
+
+ $field_info_result = $GLOBALS['dbi']->fetchResult(
+ $field_info_query,
+ null,
+ null,
+ DatabaseInterface::CONNECT_USER,
+ DatabaseInterface::QUERY_STORE
+ );
+
+ return Util::parseEnumSetValues($field_info_result[0]['Type']);
+ }
+
+ /**
+ * Function to get html for bookmark support if bookmarks are enabled. Else will
+ * return null
+ *
+ * @param array $displayParts the parts to display
+ * @param array $cfgBookmark configuration setting for bookmarking
+ * @param string $sql_query sql query
+ * @param string $db current database
+ * @param string $table current table
+ * @param string|null $complete_query complete query
+ * @param string $bkm_user bookmarking user
+ *
+ * @return string
+ */
+ public function getHtmlForBookmark(
+ array $displayParts,
+ array $cfgBookmark,
+ $sql_query,
+ $db,
+ $table,
+ ?string $complete_query,
+ $bkm_user
+ ): string {
+ if ($displayParts['bkm_form'] == '1'
+ && (! empty($cfgBookmark) && empty($_GET['id_bookmark']))
+ && ! empty($sql_query)
+ ) {
+ return $this->template->render('sql/bookmark', [
+ 'db' => $db,
+ 'goto' => 'sql.php' . Url::getCommon([
+ 'db' => $db,
+ 'table' => $table,
+ 'sql_query' => $sql_query,
+ 'id_bookmark' => 1,
+ ]),
+ 'user' => $bkm_user,
+ 'sql_query' => isset($complete_query) ? $complete_query : $sql_query,
+ ]);
+ }
+ return '';
+ }
+
+ /**
+ * Function to check whether to remember the sorting order or not
+ *
+ * @param array $analyzed_sql_results the analyzed query and other variables set
+ * after analyzing the query
+ *
+ * @return boolean
+ */
+ private function isRememberSortingOrder(array $analyzed_sql_results)
+ {
+ return $GLOBALS['cfg']['RememberSorting']
+ && ! ($analyzed_sql_results['is_count']
+ || $analyzed_sql_results['is_export']
+ || $analyzed_sql_results['is_func']
+ || $analyzed_sql_results['is_analyse'])
+ && $analyzed_sql_results['select_from']
+ && isset($analyzed_sql_results['select_expr'])
+ && isset($analyzed_sql_results['select_tables'])
+ && (empty($analyzed_sql_results['select_expr'])
+ || ((count($analyzed_sql_results['select_expr']) === 1)
+ && ($analyzed_sql_results['select_expr'][0] == '*')))
+ && count($analyzed_sql_results['select_tables']) === 1;
+ }
+
+ /**
+ * Function to check whether the LIMIT clause should be appended or not
+ *
+ * @param array $analyzed_sql_results the analyzed query and other variables set
+ * after analyzing the query
+ *
+ * @return boolean
+ */
+ private function isAppendLimitClause(array $analyzed_sql_results)
+ {
+ // Assigning LIMIT clause to an syntactically-wrong query
+ // is not needed. Also we would want to show the true query
+ // and the true error message to the query executor
+
+ return (isset($analyzed_sql_results['parser'])
+ && count($analyzed_sql_results['parser']->errors) === 0)
+ && ($_SESSION['tmpval']['max_rows'] != 'all')
+ && ! ($analyzed_sql_results['is_export']
+ || $analyzed_sql_results['is_analyse'])
+ && ($analyzed_sql_results['select_from']
+ || $analyzed_sql_results['is_subquery'])
+ && empty($analyzed_sql_results['limit']);
+ }
+
+ /**
+ * Function to check whether this query is for just browsing
+ *
+ * @param array $analyzed_sql_results the analyzed query and other variables set
+ * after analyzing the query
+ * @param boolean|null $find_real_end whether the real end should be found
+ *
+ * @return boolean
+ */
+ public function isJustBrowsing(array $analyzed_sql_results, ?bool $find_real_end): bool
+ {
+ return ! $analyzed_sql_results['is_group']
+ && ! $analyzed_sql_results['is_func']
+ && empty($analyzed_sql_results['union'])
+ && empty($analyzed_sql_results['distinct'])
+ && $analyzed_sql_results['select_from']
+ && (count($analyzed_sql_results['select_tables']) === 1)
+ && (empty($analyzed_sql_results['statement']->where)
+ || (count($analyzed_sql_results['statement']->where) === 1
+ && $analyzed_sql_results['statement']->where[0]->expr === '1'))
+ && empty($analyzed_sql_results['group'])
+ && ! isset($find_real_end)
+ && ! $analyzed_sql_results['is_subquery']
+ && ! $analyzed_sql_results['join']
+ && empty($analyzed_sql_results['having']);
+ }
+
+ /**
+ * Function to check whether the related transformation information should be deleted
+ *
+ * @param array $analyzed_sql_results the analyzed query and other variables set
+ * after analyzing the query
+ *
+ * @return boolean
+ */
+ private function isDeleteTransformationInfo(array $analyzed_sql_results)
+ {
+ return ! empty($analyzed_sql_results['querytype'])
+ && (($analyzed_sql_results['querytype'] == 'ALTER')
+ || ($analyzed_sql_results['querytype'] == 'DROP'));
+ }
+
+ /**
+ * Function to check whether the user has rights to drop the database
+ *
+ * @param array $analyzed_sql_results the analyzed query and other variables set
+ * after analyzing the query
+ * @param boolean $allowUserDropDatabase whether the user is allowed to drop db
+ * @param boolean $is_superuser whether this user is a superuser
+ *
+ * @return boolean
+ */
+ public function hasNoRightsToDropDatabase(
+ array $analyzed_sql_results,
+ $allowUserDropDatabase,
+ $is_superuser
+ ) {
+ return ! $allowUserDropDatabase
+ && isset($analyzed_sql_results['drop_database'])
+ && $analyzed_sql_results['drop_database']
+ && ! $is_superuser;
+ }
+
+ /**
+ * Function to set a column property
+ *
+ * @param Table $pmatable Table instance
+ * @param string $request_index col_order|col_visib
+ *
+ * @return boolean
+ */
+ private function setColumnProperty($pmatable, $request_index)
+ {
+ $property_value = array_map('intval', explode(',', $_POST[$request_index]));
+ switch ($request_index) {
+ case 'col_order':
+ $property_to_set = Table::PROP_COLUMN_ORDER;
+ break;
+ case 'col_visib':
+ $property_to_set = Table::PROP_COLUMN_VISIB;
+ break;
+ default:
+ $property_to_set = '';
+ }
+ $retval = $pmatable->setUiProp(
+ $property_to_set,
+ $property_value,
+ isset($_POST['table_create_time']) ? $_POST['table_create_time'] : null
+ );
+ if (gettype($retval) != 'boolean') {
+ $response = Response::getInstance();
+ $response->setRequestStatus(false);
+ $response->addJSON('message', $retval->getString());
+ exit;
+ }
+
+ return $retval;
+ }
+
+ /**
+ * Function to check the request for setting the column order or visibility
+ *
+ * @param string $table the current table
+ * @param string $db the current database
+ *
+ * @return void
+ */
+ public function setColumnOrderOrVisibility($table, $db)
+ {
+ $pmatable = new Table($table, $db);
+ $retval = false;
+
+ // set column order
+ if (isset($_POST['col_order'])) {
+ $retval = $this->setColumnProperty($pmatable, 'col_order');
+ }
+
+ // set column visibility
+ if ($retval === true && isset($_POST['col_visib'])) {
+ $retval = $this->setColumnProperty($pmatable, 'col_visib');
+ }
+
+ $response = Response::getInstance();
+ $response->setRequestStatus($retval === true);
+ exit;
+ }
+
+ /**
+ * Function to add a bookmark
+ *
+ * @param string $goto goto page URL
+ *
+ * @return void
+ */
+ public function addBookmark($goto)
+ {
+ $bookmark = Bookmark::createBookmark(
+ $GLOBALS['dbi'],
+ $GLOBALS['cfg']['Server']['user'],
+ $_POST['bkm_fields'],
+ (isset($_POST['bkm_all_users'])
+ && $_POST['bkm_all_users'] == 'true' ? true : false
+ )
+ );
+ $result = $bookmark->save();
+ $response = Response::getInstance();
+ if ($response->isAjax()) {
+ if ($result) {
+ $msg = Message::success(__('Bookmark %s has been created.'));
+ $msg->addParam($_POST['bkm_fields']['bkm_label']);
+ $response->addJSON('message', $msg);
+ } else {
+ $msg = Message::error(__('Bookmark not created!'));
+ $response->setRequestStatus(false);
+ $response->addJSON('message', $msg);
+ }
+ exit;
+ } else {
+ // go back to sql.php to redisplay query; do not use &amp; in this case:
+ /**
+ * @todo In which scenario does this happen?
+ */
+ Core::sendHeaderLocation(
+ './' . $goto
+ . '&label=' . $_POST['bkm_fields']['bkm_label']
+ );
+ }
+ }
+
+ /**
+ * Function to find the real end of rows
+ *
+ * @param string $db the current database
+ * @param string $table the current table
+ *
+ * @return mixed the number of rows if "retain" param is true, otherwise true
+ */
+ public function findRealEndOfRows($db, $table)
+ {
+ $unlim_num_rows = $GLOBALS['dbi']->getTable($db, $table)->countRecords(true);
+ $_SESSION['tmpval']['pos'] = $this->getStartPosToDisplayRow($unlim_num_rows);
+
+ return $unlim_num_rows;
+ }
+
+ /**
+ * Function to get values for the relational columns
+ *
+ * @param string $db the current database
+ * @param string $table the current table
+ *
+ * @return void
+ */
+ public function getRelationalValues($db, $table)
+ {
+ $column = $_POST['column'];
+ if ($_SESSION['tmpval']['relational_display'] == 'D'
+ && isset($_POST['relation_key_or_display_column'])
+ && $_POST['relation_key_or_display_column']
+ ) {
+ $curr_value = $_POST['relation_key_or_display_column'];
+ } else {
+ $curr_value = $_POST['curr_value'];
+ }
+ $dropdown = $this->getHtmlForRelationalColumnDropdown(
+ $db,
+ $table,
+ $column,
+ $curr_value
+ );
+ $response = Response::getInstance();
+ $response->addJSON('dropdown', $dropdown);
+ exit;
+ }
+
+ /**
+ * Function to get values for Enum or Set Columns
+ *
+ * @param string $db the current database
+ * @param string $table the current table
+ * @param string $columnType whether enum or set
+ *
+ * @return void
+ */
+ public function getEnumOrSetValues($db, $table, $columnType)
+ {
+ $column = $_POST['column'];
+ $curr_value = $_POST['curr_value'];
+ $response = Response::getInstance();
+ if ($columnType == "enum") {
+ $dropdown = $this->getHtmlForEnumColumnDropdown(
+ $db,
+ $table,
+ $column,
+ $curr_value
+ );
+ $response->addJSON('dropdown', $dropdown);
+ } else {
+ $select = $this->getHtmlForSetColumn(
+ $db,
+ $table,
+ $column,
+ $curr_value
+ );
+ $response->addJSON('select', $select);
+ }
+ exit;
+ }
+
+ /**
+ * Function to get the default sql query for browsing page
+ *
+ * @param string $db the current database
+ * @param string $table the current table
+ *
+ * @return string the default $sql_query for browse page
+ */
+ public function getDefaultSqlQueryForBrowse($db, $table)
+ {
+ $bookmark = Bookmark::get(
+ $GLOBALS['dbi'],
+ $GLOBALS['cfg']['Server']['user'],
+ $db,
+ $table,
+ 'label',
+ false,
+ true
+ );
+
+ if (! empty($bookmark) && ! empty($bookmark->getQuery())) {
+ $GLOBALS['using_bookmark_message'] = Message::notice(
+ __('Using bookmark "%s" as default browse query.')
+ );
+ $GLOBALS['using_bookmark_message']->addParam($table);
+ $GLOBALS['using_bookmark_message']->addHtml(
+ Util::showDocu('faq', 'faq6-22')
+ );
+ $sql_query = $bookmark->getQuery();
+ } else {
+ $defaultOrderByClause = '';
+
+ if (isset($GLOBALS['cfg']['TablePrimaryKeyOrder'])
+ && ($GLOBALS['cfg']['TablePrimaryKeyOrder'] !== 'NONE')
+ ) {
+ $primaryKey = null;
+ $primary = Index::getPrimary($table, $db);
+
+ if ($primary !== false) {
+ $primarycols = $primary->getColumns();
+
+ foreach ($primarycols as $col) {
+ $primaryKey = $col->getName();
+ break;
+ }
+
+ if ($primaryKey != null) {
+ $defaultOrderByClause = ' ORDER BY '
+ . Util::backquote($table) . '.'
+ . Util::backquote($primaryKey) . ' '
+ . $GLOBALS['cfg']['TablePrimaryKeyOrder'];
+ }
+ }
+ }
+
+ $sql_query = 'SELECT * FROM ' . Util::backquote($table)
+ . $defaultOrderByClause;
+ }
+
+ return $sql_query;
+ }
+
+ /**
+ * Responds an error when an error happens when executing the query
+ *
+ * @param boolean $is_gotofile whether goto file or not
+ * @param string $error error after executing the query
+ * @param string $full_sql_query full sql query
+ *
+ * @return void
+ */
+ private function handleQueryExecuteError($is_gotofile, $error, $full_sql_query)
+ {
+ if ($is_gotofile) {
+ $message = Message::rawError($error);
+ $response = Response::getInstance();
+ $response->setRequestStatus(false);
+ $response->addJSON('message', $message);
+ } else {
+ Util::mysqlDie($error, $full_sql_query, '', '');
+ }
+ exit;
+ }
+
+ /**
+ * Function to store the query as a bookmark
+ *
+ * @param string $db the current database
+ * @param string $bkm_user the bookmarking user
+ * @param string $sql_query_for_bookmark the query to be stored in bookmark
+ * @param string $bkm_label bookmark label
+ * @param boolean|null $bkm_replace whether to replace existing bookmarks
+ *
+ * @return void
+ */
+ public function storeTheQueryAsBookmark(
+ $db,
+ $bkm_user,
+ $sql_query_for_bookmark,
+ $bkm_label,
+ ?bool $bkm_replace
+ ) {
+ $bfields = [
+ 'bkm_database' => $db,
+ 'bkm_user' => $bkm_user,
+ 'bkm_sql_query' => $sql_query_for_bookmark,
+ 'bkm_label' => $bkm_label,
+ ];
+
+ // Should we replace bookmark?
+ if (isset($bkm_replace)) {
+ $bookmarks = Bookmark::getList(
+ $GLOBALS['dbi'],
+ $GLOBALS['cfg']['Server']['user'],
+ $db
+ );
+ foreach ($bookmarks as $bookmark) {
+ if ($bookmark->getLabel() == $bkm_label) {
+ $bookmark->delete();
+ }
+ }
+ }
+
+ $bookmark = Bookmark::createBookmark(
+ $GLOBALS['dbi'],
+ $GLOBALS['cfg']['Server']['user'],
+ $bfields,
+ isset($_POST['bkm_all_users'])
+ );
+ $bookmark->save();
+ }
+
+ /**
+ * Executes the SQL query and measures its execution time
+ *
+ * @param string $full_sql_query the full sql query
+ *
+ * @return array ($result, $querytime)
+ */
+ private function executeQueryAndMeasureTime($full_sql_query)
+ {
+ // close session in case the query takes too long
+ session_write_close();
+
+ // Measure query time.
+ $querytime_before = array_sum(explode(' ', microtime()));
+
+ $result = @$GLOBALS['dbi']->tryQuery(
+ $full_sql_query,
+ DatabaseInterface::CONNECT_USER,
+ DatabaseInterface::QUERY_STORE
+ );
+ $querytime_after = array_sum(explode(' ', microtime()));
+
+ // reopen session
+ session_start();
+
+ return [
+ $result,
+ $querytime_after - $querytime_before,
+ ];
+ }
+
+ /**
+ * Function to get the affected or changed number of rows after executing a query
+ *
+ * @param boolean $is_affected whether the query affected a table
+ * @param mixed $result results of executing the query
+ *
+ * @return int number of rows affected or changed
+ */
+ private function getNumberOfRowsAffectedOrChanged($is_affected, $result)
+ {
+ if (! $is_affected) {
+ $num_rows = $result ? @$GLOBALS['dbi']->numRows($result) : 0;
+ } else {
+ $num_rows = @$GLOBALS['dbi']->affectedRows();
+ }
+
+ return $num_rows;
+ }
+
+ /**
+ * Checks if the current database has changed
+ * This could happen if the user sends a query like "USE `database`;"
+ *
+ * @param string $db the database in the query
+ *
+ * @return bool whether to reload the navigation(1) or not(0)
+ */
+ private function hasCurrentDbChanged($db): bool
+ {
+ if (strlen($db) > 0) {
+ $current_db = $GLOBALS['dbi']->fetchValue('SELECT DATABASE()');
+ // $current_db is false, except when a USE statement was sent
+ return ($current_db != false) && ($db !== $current_db);
+ }
+
+ return false;
+ }
+
+ /**
+ * If a table, database or column gets dropped, clean comments.
+ *
+ * @param string $db current database
+ * @param string $table current table
+ * @param string|null $column current column
+ * @param bool $purge whether purge set or not
+ *
+ * @return void
+ */
+ private function cleanupRelations($db, $table, ?string $column, $purge)
+ {
+ if (! empty($purge) && strlen($db) > 0) {
+ if (strlen($table) > 0) {
+ if (isset($column) && strlen($column) > 0) {
+ $this->relationCleanup->column($db, $table, $column);
+ } else {
+ $this->relationCleanup->table($db, $table);
+ }
+ } else {
+ $this->relationCleanup->database($db);
+ }
+ }
+ }
+
+ /**
+ * Function to count the total number of rows for the same 'SELECT' query without
+ * the 'LIMIT' clause that may have been programatically added
+ *
+ * @param int $num_rows number of rows affected/changed by the query
+ * @param bool $justBrowsing whether just browsing or not
+ * @param string $db the current database
+ * @param string $table the current table
+ * @param array $analyzed_sql_results the analyzed query and other variables set
+ * after analyzing the query
+ *
+ * @return int unlimited number of rows
+ */
+ private function countQueryResults(
+ $num_rows,
+ $justBrowsing,
+ $db,
+ $table,
+ array $analyzed_sql_results
+ ) {
+
+ /* Shortcut for not analyzed/empty query */
+ if (empty($analyzed_sql_results)) {
+ return 0;
+ }
+
+ if (! $this->isAppendLimitClause($analyzed_sql_results)) {
+ // if we did not append a limit, set this to get a correct
+ // "Showing rows..." message
+ // $_SESSION['tmpval']['max_rows'] = 'all';
+ $unlim_num_rows = $num_rows;
+ } elseif ($this->isAppendLimitClause($analyzed_sql_results) && $_SESSION['tmpval']['max_rows'] > $num_rows) {
+ // When user has not defined a limit in query and total rows in
+ // result are less than max_rows to display, there is no need
+ // to count total rows for that query again
+ $unlim_num_rows = $_SESSION['tmpval']['pos'] + $num_rows;
+ } elseif ($analyzed_sql_results['querytype'] == 'SELECT'
+ || $analyzed_sql_results['is_subquery']
+ ) {
+ // c o u n t q u e r y
+
+ // If we are "just browsing", there is only one table (and no join),
+ // and no WHERE clause (or just 'WHERE 1 '),
+ // we do a quick count (which uses MaxExactCount) because
+ // SQL_CALC_FOUND_ROWS is not quick on large InnoDB tables
+
+ // However, do not count again if we did it previously
+ // due to $find_real_end == true
+ if ($justBrowsing) {
+ // Get row count (is approximate for InnoDB)
+ $unlim_num_rows = $GLOBALS['dbi']->getTable($db, $table)->countRecords();
+ /**
+ * @todo Can we know at this point that this is InnoDB,
+ * (in this case there would be no need for getting
+ * an exact count)?
+ */
+ if ($unlim_num_rows < $GLOBALS['cfg']['MaxExactCount']) {
+ // Get the exact count if approximate count
+ // is less than MaxExactCount
+ /**
+ * @todo In countRecords(), MaxExactCount is also verified,
+ * so can we avoid checking it twice?
+ */
+ $unlim_num_rows = $GLOBALS['dbi']->getTable($db, $table)
+ ->countRecords(true);
+ }
+ } else {
+ // The SQL_CALC_FOUND_ROWS option of the SELECT statement is used.
+
+ // For UNION statements, only a SQL_CALC_FOUND_ROWS is required
+ // after the first SELECT.
+
+ $count_query = Query::replaceClause(
+ $analyzed_sql_results['statement'],
+ $analyzed_sql_results['parser']->list,
+ 'SELECT SQL_CALC_FOUND_ROWS',
+ null,
+ true
+ );
+
+ // Another LIMIT clause is added to avoid long delays.
+ // A complete result will be returned anyway, but the LIMIT would
+ // stop the query as soon as the result that is required has been
+ // computed.
+
+ if (empty($analyzed_sql_results['union'])) {
+ $count_query .= ' LIMIT 1';
+ }
+
+ // Running the count query.
+ $GLOBALS['dbi']->tryQuery($count_query);
+
+ $unlim_num_rows = $GLOBALS['dbi']->fetchValue('SELECT FOUND_ROWS()');
+ } // end else "just browsing"
+ } else {// not $is_select
+ $unlim_num_rows = 0;
+ }
+
+ return $unlim_num_rows;
+ }
+
+ /**
+ * Function to handle all aspects relating to executing the query
+ *
+ * @param array $analyzed_sql_results analyzed sql results
+ * @param string $full_sql_query full sql query
+ * @param boolean $is_gotofile whether to go to a file
+ * @param string $db current database
+ * @param string $table current table
+ * @param boolean|null $find_real_end whether to find the real end
+ * @param string $sql_query_for_bookmark sql query to be stored as bookmark
+ * @param array $extra_data extra data
+ *
+ * @return mixed
+ */
+ private function executeTheQuery(
+ array $analyzed_sql_results,
+ $full_sql_query,
+ $is_gotofile,
+ $db,
+ $table,
+ ?bool $find_real_end,
+ $sql_query_for_bookmark,
+ $extra_data
+ ) {
+ $response = Response::getInstance();
+ $response->getHeader()->getMenu()->setTable($table);
+
+ // Only if we ask to see the php code
+ if (isset($GLOBALS['show_as_php'])) {
+ $result = null;
+ $num_rows = 0;
+ $unlim_num_rows = 0;
+ } else { // If we don't ask to see the php code
+ if (isset($_SESSION['profiling'])
+ && Util::profilingSupported()
+ ) {
+ $GLOBALS['dbi']->query('SET PROFILING=1;');
+ }
+
+ list(
+ $result,
+ $GLOBALS['querytime']
+ ) = $this->executeQueryAndMeasureTime($full_sql_query);
+
+ // Displays an error message if required and stop parsing the script
+ $error = $GLOBALS['dbi']->getError();
+ if ($error && $GLOBALS['cfg']['IgnoreMultiSubmitErrors']) {
+ $extra_data['error'] = $error;
+ } elseif ($error) {
+ $this->handleQueryExecuteError($is_gotofile, $error, $full_sql_query);
+ }
+
+ // If there are no errors and bookmarklabel was given,
+ // store the query as a bookmark
+ if (! empty($_POST['bkm_label']) && ! empty($sql_query_for_bookmark)) {
+ $cfgBookmark = Bookmark::getParams($GLOBALS['cfg']['Server']['user']);
+ $this->storeTheQueryAsBookmark(
+ $db,
+ $cfgBookmark['user'],
+ $sql_query_for_bookmark,
+ $_POST['bkm_label'],
+ isset($_POST['bkm_replace']) ? $_POST['bkm_replace'] : null
+ );
+ } // end store bookmarks
+
+ // Gets the number of rows affected/returned
+ // (This must be done immediately after the query because
+ // mysql_affected_rows() reports about the last query done)
+ $num_rows = $this->getNumberOfRowsAffectedOrChanged(
+ $analyzed_sql_results['is_affected'],
+ $result
+ );
+
+ // Grabs the profiling results
+ if (isset($_SESSION['profiling'])
+ && Util::profilingSupported()
+ ) {
+ $profiling_results = $GLOBALS['dbi']->fetchResult('SHOW PROFILE;');
+ }
+
+ $justBrowsing = $this->isJustBrowsing(
+ $analyzed_sql_results,
+ isset($find_real_end) ? $find_real_end : null
+ );
+
+ $unlim_num_rows = $this->countQueryResults(
+ $num_rows,
+ $justBrowsing,
+ $db,
+ $table,
+ $analyzed_sql_results
+ );
+
+ $this->cleanupRelations(
+ isset($db) ? $db : '',
+ isset($table) ? $table : '',
+ isset($_POST['dropped_column']) ? $_POST['dropped_column'] : null,
+ isset($_POST['purge']) ? $_POST['purge'] : null
+ );
+
+ if (isset($_POST['dropped_column'])
+ && strlen($db) > 0
+ && strlen($table) > 0
+ ) {
+ // to refresh the list of indexes (Ajax mode)
+ $extra_data['indexes_list'] = Index::getHtmlForIndexes(
+ $table,
+ $db
+ );
+ }
+ }
+
+ return [
+ $result,
+ $num_rows,
+ $unlim_num_rows,
+ isset($profiling_results) ? $profiling_results : null,
+ $extra_data,
+ ];
+ }
+ /**
+ * Delete related transformation information
+ *
+ * @param string $db current database
+ * @param string $table current table
+ * @param array $analyzed_sql_results analyzed sql results
+ *
+ * @return void
+ */
+ private function deleteTransformationInfo($db, $table, array $analyzed_sql_results)
+ {
+ if (! isset($analyzed_sql_results['statement'])) {
+ return;
+ }
+ $statement = $analyzed_sql_results['statement'];
+ if ($statement instanceof AlterStatement) {
+ if (! empty($statement->altered[0])
+ && $statement->altered[0]->options->has('DROP')
+ ) {
+ if (! empty($statement->altered[0]->field->column)) {
+ $this->transformations->clear(
+ $db,
+ $table,
+ $statement->altered[0]->field->column
+ );
+ }
+ }
+ } elseif ($statement instanceof DropStatement) {
+ $this->transformations->clear($db, $table);
+ }
+ }
+
+ /**
+ * Function to get the message for the no rows returned case
+ *
+ * @param string $message_to_show message to show
+ * @param array $analyzed_sql_results analyzed sql results
+ * @param int $num_rows number of rows
+ *
+ * @return Message
+ */
+ private function getMessageForNoRowsReturned(
+ $message_to_show,
+ array $analyzed_sql_results,
+ $num_rows
+ ) {
+ if ($analyzed_sql_results['querytype'] == 'DELETE"') {
+ $message = Message::getMessageForDeletedRows($num_rows);
+ } elseif ($analyzed_sql_results['is_insert']) {
+ if ($analyzed_sql_results['querytype'] == 'REPLACE') {
+ // For REPLACE we get DELETED + INSERTED row count,
+ // so we have to call it affected
+ $message = Message::getMessageForAffectedRows($num_rows);
+ } else {
+ $message = Message::getMessageForInsertedRows($num_rows);
+ }
+ $insert_id = $GLOBALS['dbi']->insertId();
+ if ($insert_id != 0) {
+ // insert_id is id of FIRST record inserted in one insert,
+ // so if we inserted multiple rows, we had to increment this
+ $message->addText('[br]');
+ // need to use a temporary because the Message class
+ // currently supports adding parameters only to the first
+ // message
+ $_inserted = Message::notice(__('Inserted row id: %1$d'));
+ $_inserted->addParam($insert_id + $num_rows - 1);
+ $message->addMessage($_inserted);
+ }
+ } elseif ($analyzed_sql_results['is_affected']) {
+ $message = Message::getMessageForAffectedRows($num_rows);
+
+ // Ok, here is an explanation for the !$is_select.
+ // The form generated by PhpMyAdmin\SqlQueryForm
+ // and db_sql.php has many submit buttons
+ // on the same form, and some confusion arises from the
+ // fact that $message_to_show is sent for every case.
+ // The $message_to_show containing a success message and sent with
+ // the form should not have priority over errors
+ } elseif (! empty($message_to_show)
+ && $analyzed_sql_results['querytype'] != 'SELECT'
+ ) {
+ $message = Message::rawSuccess(htmlspecialchars($message_to_show));
+ } elseif (! empty($GLOBALS['show_as_php'])) {
+ $message = Message::success(__('Showing as PHP code'));
+ } elseif (isset($GLOBALS['show_as_php'])) {
+ /* User disable showing as PHP, query is only displayed */
+ $message = Message::notice(__('Showing SQL query'));
+ } else {
+ $message = Message::success(
+ __('MySQL returned an empty result set (i.e. zero rows).')
+ );
+ }
+
+ if (isset($GLOBALS['querytime'])) {
+ $_querytime = Message::notice(
+ '(' . __('Query took %01.4f seconds.') . ')'
+ );
+ $_querytime->addParam($GLOBALS['querytime']);
+ $message->addMessage($_querytime);
+ }
+
+ // In case of ROLLBACK, notify the user.
+ if (isset($_POST['rollback_query'])) {
+ $message->addText(__('[ROLLBACK occurred.]'));
+ }
+
+ return $message;
+ }
+
+ /**
+ * Function to respond back when the query returns zero rows
+ * This method is called
+ * 1-> When browsing an empty table
+ * 2-> When executing a query on a non empty table which returns zero results
+ * 3-> When executing a query on an empty table
+ * 4-> When executing an INSERT, UPDATE, DELETE query from the SQL tab
+ * 5-> When deleting a row from BROWSE tab
+ * 6-> When searching using the SEARCH tab which returns zero results
+ * 7-> When changing the structure of the table except change operation
+ *
+ * @param array $analyzed_sql_results analyzed sql results
+ * @param string $db current database
+ * @param string $table current table
+ * @param string|null $message_to_show message to show
+ * @param int $num_rows number of rows
+ * @param DisplayResults $displayResultsObject DisplayResult instance
+ * @param array|null $extra_data extra data
+ * @param string $pmaThemeImage uri of the theme image
+ * @param array|null $profiling_results profiling results
+ * @param object $result executed query results
+ * @param string $sql_query sql query
+ * @param string|null $complete_query complete sql query
+ *
+ * @return string html
+ */
+ private function getQueryResponseForNoResultsReturned(
+ array $analyzed_sql_results,
+ $db,
+ $table,
+ ?string $message_to_show,
+ $num_rows,
+ $displayResultsObject,
+ ?array $extra_data,
+ $pmaThemeImage,
+ ?array $profiling_results,
+ $result,
+ $sql_query,
+ ?string $complete_query
+ ) {
+ global $url_query;
+ if ($this->isDeleteTransformationInfo($analyzed_sql_results)) {
+ $this->deleteTransformationInfo($db, $table, $analyzed_sql_results);
+ }
+
+ if (isset($extra_data['error'])) {
+ $message = Message::rawError($extra_data['error']);
+ } else {
+ $message = $this->getMessageForNoRowsReturned(
+ isset($message_to_show) ? $message_to_show : null,
+ $analyzed_sql_results,
+ $num_rows
+ );
+ }
+
+ $html_output = '';
+ $html_message = Util::getMessage(
+ $message,
+ $GLOBALS['sql_query'],
+ 'success'
+ );
+ $html_output .= $html_message;
+ if (! isset($GLOBALS['show_as_php'])) {
+ if (! empty($GLOBALS['reload'])) {
+ $extra_data['reload'] = 1;
+ $extra_data['db'] = $GLOBALS['db'];
+ }
+
+ // For ajax requests add message and sql_query as JSON
+ if (empty($_REQUEST['ajax_page_request'])) {
+ $extra_data['message'] = $message;
+ if ($GLOBALS['cfg']['ShowSQL']) {
+ $extra_data['sql_query'] = $html_message;
+ }
+ }
+
+ $response = Response::getInstance();
+ $response->addJSON(isset($extra_data) ? $extra_data : []);
+
+ if (! empty($analyzed_sql_results['is_select']) &&
+ ! isset($extra_data['error'])) {
+ $url_query = isset($url_query) ? $url_query : null;
+
+ $displayParts = [
+ 'edit_lnk' => null,
+ 'del_lnk' => null,
+ 'sort_lnk' => '1',
+ 'nav_bar' => '0',
+ 'bkm_form' => '1',
+ 'text_btn' => '1',
+ 'pview_lnk' => '1',
+ ];
+
+ $html_output .= $this->getHtmlForSqlQueryResultsTable(
+ $displayResultsObject,
+ $pmaThemeImage,
+ $url_query,
+ $displayParts,
+ false,
+ 0,
+ $num_rows,
+ true,
+ $result,
+ $analyzed_sql_results,
+ true
+ );
+
+ if (is_array($profiling_results)) {
+ $header = $response->getHeader();
+ $scripts = $header->getScripts();
+ $scripts->addFile('sql.js');
+ $html_output .= $this->getHtmlForProfilingChart(
+ $url_query,
+ $db,
+ $profiling_results
+ );
+ }
+
+ $html_output .= $displayResultsObject->getCreateViewQueryResultOp(
+ $analyzed_sql_results
+ );
+
+ $cfgBookmark = Bookmark::getParams($GLOBALS['cfg']['Server']['user']);
+ if ($cfgBookmark) {
+ $html_output .= $this->getHtmlForBookmark(
+ $displayParts,
+ $cfgBookmark,
+ $sql_query,
+ $db,
+ $table,
+ isset($complete_query) ? $complete_query : $sql_query,
+ $cfgBookmark['user']
+ );
+ }
+ }
+ }
+
+ return $html_output;
+ }
+
+ /**
+ * Function to send response for ajax grid edit
+ *
+ * @param object $result result of the executed query
+ *
+ * @return void
+ */
+ private function sendResponseForGridEdit($result)
+ {
+ $row = $GLOBALS['dbi']->fetchRow($result);
+ $field_flags = $GLOBALS['dbi']->fieldFlags($result, 0);
+ if (false !== stripos($field_flags, DisplayResults::BINARY_FIELD)) {
+ $row[0] = bin2hex($row[0]);
+ }
+ $response = Response::getInstance();
+ $response->addJSON('value', $row[0]);
+ exit;
+ }
+
+ /**
+ * Returns a message for successful creation of a bookmark or null if a bookmark
+ * was not created
+ *
+ * @return string
+ */
+ private function getBookmarkCreatedMessage(): string
+ {
+ $output = '';
+ if (isset($_GET['label'])) {
+ $message = Message::success(
+ __('Bookmark %s has been created.')
+ );
+ $message->addParam($_GET['label']);
+ $output = $message->getDisplay();
+ }
+
+ return $output;
+ }
+
+ /**
+ * Function to get html for the sql query results table
+ *
+ * @param DisplayResults $displayResultsObject instance of DisplayResult
+ * @param string $pmaThemeImage theme image uri
+ * @param string $url_query url query
+ * @param array $displayParts the parts to display
+ * @param bool $editable whether the result table is
+ * editable or not
+ * @param int $unlim_num_rows unlimited number of rows
+ * @param int $num_rows number of rows
+ * @param bool $showtable whether to show table or not
+ * @param object|null $result result of the executed query
+ * @param array $analyzed_sql_results analyzed sql results
+ * @param bool $is_limited_display Show only limited operations or not
+ *
+ * @return string
+ */
+ private function getHtmlForSqlQueryResultsTable(
+ $displayResultsObject,
+ $pmaThemeImage,
+ $url_query,
+ array $displayParts,
+ $editable,
+ $unlim_num_rows,
+ $num_rows,
+ $showtable,
+ $result,
+ array $analyzed_sql_results,
+ $is_limited_display = false
+ ) {
+ $printview = isset($_POST['printview']) && $_POST['printview'] == '1' ? '1' : null;
+ $table_html = '';
+ $browse_dist = ! empty($_POST['is_browse_distinct']);
+
+ if ($analyzed_sql_results['is_procedure']) {
+ do {
+ if (! isset($result)) {
+ $result = $GLOBALS['dbi']->storeResult();
+ }
+ $num_rows = $GLOBALS['dbi']->numRows($result);
+
+ if ($result !== false && $num_rows > 0) {
+ $fields_meta = $GLOBALS['dbi']->getFieldsMeta($result);
+ if (! is_array($fields_meta)) {
+ $fields_cnt = 0;
+ } else {
+ $fields_cnt = count($fields_meta);
+ }
+
+ $displayResultsObject->setProperties(
+ $num_rows,
+ $fields_meta,
+ $analyzed_sql_results['is_count'],
+ $analyzed_sql_results['is_export'],
+ $analyzed_sql_results['is_func'],
+ $analyzed_sql_results['is_analyse'],
+ $num_rows,
+ $fields_cnt,
+ $GLOBALS['querytime'],
+ $pmaThemeImage,
+ $GLOBALS['text_dir'],
+ $analyzed_sql_results['is_maint'],
+ $analyzed_sql_results['is_explain'],
+ $analyzed_sql_results['is_show'],
+ $showtable,
+ $printview,
+ $url_query,
+ $editable,
+ $browse_dist
+ );
+
+ $displayParts = [
+ 'edit_lnk' => $displayResultsObject::NO_EDIT_OR_DELETE,
+ 'del_lnk' => $displayResultsObject::NO_EDIT_OR_DELETE,
+ 'sort_lnk' => '1',
+ 'nav_bar' => '1',
+ 'bkm_form' => '1',
+ 'text_btn' => '1',
+ 'pview_lnk' => '1',
+ ];
+
+ $table_html .= $displayResultsObject->getTable(
+ $result,
+ $displayParts,
+ $analyzed_sql_results,
+ $is_limited_display
+ );
+ }
+
+ $GLOBALS['dbi']->freeResult($result);
+ } while ($GLOBALS['dbi']->moreResults() && $GLOBALS['dbi']->nextResult());
+ } else {
+ $fields_meta = [];
+ if (isset($result) && ! is_bool($result)) {
+ $fields_meta = $GLOBALS['dbi']->getFieldsMeta($result);
+ }
+ $fields_cnt = count($fields_meta);
+ $_SESSION['is_multi_query'] = false;
+ $displayResultsObject->setProperties(
+ $unlim_num_rows,
+ $fields_meta,
+ $analyzed_sql_results['is_count'],
+ $analyzed_sql_results['is_export'],
+ $analyzed_sql_results['is_func'],
+ $analyzed_sql_results['is_analyse'],
+ $num_rows,
+ $fields_cnt,
+ $GLOBALS['querytime'],
+ $pmaThemeImage,
+ $GLOBALS['text_dir'],
+ $analyzed_sql_results['is_maint'],
+ $analyzed_sql_results['is_explain'],
+ $analyzed_sql_results['is_show'],
+ $showtable,
+ $printview,
+ $url_query,
+ $editable,
+ $browse_dist
+ );
+
+ if (! is_bool($result)) {
+ $table_html .= $displayResultsObject->getTable(
+ $result,
+ $displayParts,
+ $analyzed_sql_results,
+ $is_limited_display
+ );
+ }
+ $GLOBALS['dbi']->freeResult($result);
+ }
+
+ return $table_html;
+ }
+
+ /**
+ * Function to get html for the previous query if there is such. If not will return
+ * null
+ *
+ * @param string|null $displayQuery display query
+ * @param bool $showSql whether to show sql
+ * @param array $sqlData sql data
+ * @param Message|string $displayMessage display message
+ *
+ * @return string
+ */
+ private function getHtmlForPreviousUpdateQuery(
+ ?string $displayQuery,
+ bool $showSql,
+ $sqlData,
+ $displayMessage
+ ): string {
+ $output = '';
+ if (isset($displayQuery) && ($showSql === true) && empty($sqlData)) {
+ $output = Util::getMessage(
+ $displayMessage,
+ $displayQuery,
+ 'success'
+ );
+ }
+
+ return $output;
+ }
+
+ /**
+ * To get the message if a column index is missing. If not will return null
+ *
+ * @param string $table current table
+ * @param string $database current database
+ * @param boolean $editable whether the results table can be editable or not
+ * @param boolean $hasUniqueKey whether there is a unique key
+ *
+ * @return string
+ */
+ private function getMessageIfMissingColumnIndex($table, $database, $editable, $hasUniqueKey): string
+ {
+ $output = '';
+ if (! empty($table) && ($GLOBALS['dbi']->isSystemSchema($database) || ! $editable)) {
+ $output = Message::notice(
+ sprintf(
+ __(
+ 'Current selection does not contain a unique column.'
+ . ' Grid edit, checkbox, Edit, Copy and Delete features'
+ . ' are not available. %s'
+ ),
+ Util::showDocu(
+ 'config',
+ 'cfg_RowActionLinksWithoutUnique'
+ )
+ )
+ )->getDisplay();
+ } elseif (! empty($table) && ! $hasUniqueKey) {
+ $output = Message::notice(
+ sprintf(
+ __(
+ 'Current selection does not contain a unique column.'
+ . ' Grid edit, Edit, Copy and Delete features may result in'
+ . ' undesired behavior. %s'
+ ),
+ Util::showDocu(
+ 'config',
+ 'cfg_RowActionLinksWithoutUnique'
+ )
+ )
+ )->getDisplay();
+ }
+
+ return $output;
+ }
+
+ /**
+ * Function to get html to display problems in indexes
+ *
+ * @param string|null $queryType query type
+ * @param array|null $selectedTables array of table names selected from the
+ * database structure page, for an action
+ * like check table, optimize table,
+ * analyze table or repair table
+ * @param string $database current database
+ *
+ * @return string
+ */
+ private function getHtmlForIndexesProblems(?string $queryType, ?array $selectedTables, string $database): string
+ {
+ // BEGIN INDEX CHECK See if indexes should be checked.
+ $output = '';
+ if (isset($queryType)
+ && $queryType == 'check_tbl'
+ && isset($selectedTables)
+ && is_array($selectedTables)
+ ) {
+ foreach ($selectedTables as $table) {
+ $check = Index::findDuplicates($table, $database);
+ if (! empty($check)) {
+ $output .= sprintf(
+ __('Problems with indexes of table `%s`'),
+ $table
+ );
+ $output .= $check;
+ }
+ }
+ }
+
+ return $output;
+ }
+
+ /**
+ * Function to display results when the executed query returns non empty results
+ *
+ * @param object|null $result executed query results
+ * @param array $analyzed_sql_results analysed sql results
+ * @param string $db current database
+ * @param string $table current table
+ * @param string|null $message message to show
+ * @param array|null $sql_data sql data
+ * @param DisplayResults $displayResultsObject Instance of DisplayResults
+ * @param string $pmaThemeImage uri of the theme image
+ * @param int $unlim_num_rows unlimited number of rows
+ * @param int $num_rows number of rows
+ * @param string|null $disp_query display query
+ * @param Message|string|null $disp_message display message
+ * @param array|null $profiling_results profiling results
+ * @param string|null $query_type query type
+ * @param array|null $selectedTables array of table names selected
+ * from the database structure page, for
+ * an action like check table,
+ * optimize table, analyze table or
+ * repair table
+ * @param string $sql_query sql query
+ * @param string|null $complete_query complete sql query
+ *
+ * @return string html
+ */
+ private function getQueryResponseForResultsReturned(
+ $result,
+ array $analyzed_sql_results,
+ $db,
+ $table,
+ ?string $message,
+ ?array $sql_data,
+ $displayResultsObject,
+ $pmaThemeImage,
+ $unlim_num_rows,
+ $num_rows,
+ ?string $disp_query,
+ $disp_message,
+ ?array $profiling_results,
+ ?string $query_type,
+ $selectedTables,
+ $sql_query,
+ ?string $complete_query
+ ) {
+ global $showtable, $url_query;
+ // If we are retrieving the full value of a truncated field or the original
+ // value of a transformed field, show it here
+ if (isset($_POST['grid_edit']) && $_POST['grid_edit'] == true) {
+ $this->sendResponseForGridEdit($result);
+ // script has exited at this point
+ }
+
+ // Gets the list of fields properties
+ if (isset($result) && $result) {
+ $fields_meta = $GLOBALS['dbi']->getFieldsMeta($result);
+ } else {
+ $fields_meta = [];
+ }
+
+ // Should be initialized these parameters before parsing
+ $showtable = isset($showtable) ? $showtable : null;
+ $url_query = isset($url_query) ? $url_query : null;
+
+ $response = Response::getInstance();
+ $header = $response->getHeader();
+ $scripts = $header->getScripts();
+
+ $just_one_table = $this->resultSetHasJustOneTable($fields_meta);
+
+ // hide edit and delete links:
+ // - for information_schema
+ // - if the result set does not contain all the columns of a unique key
+ // (unless this is an updatable view)
+ // - if the SELECT query contains a join or a subquery
+
+ $updatableView = false;
+
+ $statement = isset($analyzed_sql_results['statement']) ? $analyzed_sql_results['statement'] : null;
+ if ($statement instanceof SelectStatement) {
+ if (! empty($statement->expr)) {
+ if ($statement->expr[0]->expr === '*') {
+ $_table = new Table($table, $db);
+ $updatableView = $_table->isUpdatableView();
+ }
+ }
+
+ if ($analyzed_sql_results['join']
+ || $analyzed_sql_results['is_subquery']
+ || count($analyzed_sql_results['select_tables']) !== 1
+ ) {
+ $just_one_table = false;
+ }
+ }
+
+ $has_unique = $this->resultSetContainsUniqueKey(
+ $db,
+ $table,
+ $fields_meta
+ );
+
+ $editable = ($has_unique
+ || $GLOBALS['cfg']['RowActionLinksWithoutUnique']
+ || $updatableView)
+ && $just_one_table;
+
+ $_SESSION['tmpval']['possible_as_geometry'] = $editable;
+
+ $displayParts = [
+ 'edit_lnk' => $displayResultsObject::UPDATE_ROW,
+ 'del_lnk' => $displayResultsObject::DELETE_ROW,
+ 'sort_lnk' => '1',
+ 'nav_bar' => '1',
+ 'bkm_form' => '1',
+ 'text_btn' => '0',
+ 'pview_lnk' => '1',
+ ];
+
+ if ($GLOBALS['dbi']->isSystemSchema($db) || ! $editable) {
+ $displayParts = [
+ 'edit_lnk' => $displayResultsObject::NO_EDIT_OR_DELETE,
+ 'del_lnk' => $displayResultsObject::NO_EDIT_OR_DELETE,
+ 'sort_lnk' => '1',
+ 'nav_bar' => '1',
+ 'bkm_form' => '1',
+ 'text_btn' => '1',
+ 'pview_lnk' => '1',
+ ];
+ }
+ if (isset($_POST['printview']) && $_POST['printview'] == '1') {
+ $displayParts = [
+ 'edit_lnk' => $displayResultsObject::NO_EDIT_OR_DELETE,
+ 'del_lnk' => $displayResultsObject::NO_EDIT_OR_DELETE,
+ 'sort_lnk' => '0',
+ 'nav_bar' => '0',
+ 'bkm_form' => '0',
+ 'text_btn' => '0',
+ 'pview_lnk' => '0',
+ ];
+ }
+
+ $tableMaintenanceHtml = '';
+ if (isset($_POST['table_maintenance'])) {
+ $scripts->addFile('makegrid.js');
+ $scripts->addFile('sql.js');
+ if (isset($message)) {
+ $message = Message::success($message);
+ $tableMaintenanceHtml = Util::getMessage(
+ $message,
+ $GLOBALS['sql_query'],
+ 'success'
+ );
+ }
+ $tableMaintenanceHtml .= $this->getHtmlForSqlQueryResultsTable(
+ $displayResultsObject,
+ $pmaThemeImage,
+ $url_query,
+ $displayParts,
+ false,
+ $unlim_num_rows,
+ $num_rows,
+ $showtable,
+ $result,
+ $analyzed_sql_results
+ );
+ if (empty($sql_data) || ($sql_data['valid_queries'] = 1)) {
+ $response->addHTML($tableMaintenanceHtml);
+ exit;
+ }
+ }
+
+ if (! isset($_POST['printview']) || $_POST['printview'] != '1') {
+ $scripts->addFile('makegrid.js');
+ $scripts->addFile('sql.js');
+ unset($GLOBALS['message']);
+ //we don't need to buffer the output in getMessage here.
+ //set a global variable and check against it in the function
+ $GLOBALS['buffer_message'] = false;
+ }
+
+ $previousUpdateQueryHtml = $this->getHtmlForPreviousUpdateQuery(
+ isset($disp_query) ? $disp_query : null,
+ (bool) $GLOBALS['cfg']['ShowSQL'],
+ isset($sql_data) ? $sql_data : null,
+ isset($disp_message) ? $disp_message : null
+ );
+
+ $profilingChartHtml = $this->getHtmlForProfilingChart(
+ $url_query,
+ $db,
+ isset($profiling_results) ? $profiling_results : []
+ );
+
+ $missingUniqueColumnMessage = $this->getMessageIfMissingColumnIndex(
+ $table,
+ $db,
+ $editable,
+ $has_unique
+ );
+
+ $bookmarkCreatedMessage = $this->getBookmarkCreatedMessage();
+
+ $tableHtml = $this->getHtmlForSqlQueryResultsTable(
+ $displayResultsObject,
+ $pmaThemeImage,
+ $url_query,
+ $displayParts,
+ $editable,
+ $unlim_num_rows,
+ $num_rows,
+ $showtable,
+ $result,
+ $analyzed_sql_results
+ );
+
+ $indexesProblemsHtml = $this->getHtmlForIndexesProblems(
+ isset($query_type) ? $query_type : null,
+ isset($selectedTables) ? $selectedTables : null,
+ $db
+ );
+
+ $cfgBookmark = Bookmark::getParams($GLOBALS['cfg']['Server']['user']);
+ $bookmarkSupportHtml = '';
+ if ($cfgBookmark) {
+ $bookmarkSupportHtml = $this->getHtmlForBookmark(
+ $displayParts,
+ $cfgBookmark,
+ $sql_query,
+ $db,
+ $table,
+ isset($complete_query) ? $complete_query : $sql_query,
+ $cfgBookmark['user']
+ );
+ }
+
+ return $this->template->render('sql/sql_query_results', [
+ 'table_maintenance' => $tableMaintenanceHtml,
+ 'previous_update_query' => $previousUpdateQueryHtml,
+ 'profiling_chart' => $profilingChartHtml,
+ 'missing_unique_column_message' => $missingUniqueColumnMessage,
+ 'bookmark_created_message' => $bookmarkCreatedMessage,
+ 'table' => $tableHtml,
+ 'indexes_problems' => $indexesProblemsHtml,
+ 'bookmark_support' => $bookmarkSupportHtml,
+ ]);
+ }
+
+ /**
+ * Function to execute the query and send the response
+ *
+ * @param array $analyzed_sql_results analysed sql results
+ * @param bool $is_gotofile whether goto file or not
+ * @param string $db current database
+ * @param string $table current table
+ * @param bool|null $find_real_end whether to find real end or not
+ * @param string $sql_query_for_bookmark the sql query to be stored as bookmark
+ * @param array|null $extra_data extra data
+ * @param string $message_to_show message to show
+ * @param string $message message
+ * @param array|null $sql_data sql data
+ * @param string $goto goto page url
+ * @param string $pmaThemeImage uri of the PMA theme image
+ * @param string $disp_query display query
+ * @param Message|string $disp_message display message
+ * @param string $query_type query type
+ * @param string $sql_query sql query
+ * @param array|null $selectedTables array of table names selected from the
+ * database structure page, for an action
+ * like check table, optimize table,
+ * analyze table or repair table
+ * @param string $complete_query complete query
+ *
+ * @return void
+ */
+ public function executeQueryAndSendQueryResponse(
+ $analyzed_sql_results,
+ $is_gotofile,
+ $db,
+ $table,
+ $find_real_end,
+ $sql_query_for_bookmark,
+ $extra_data,
+ $message_to_show,
+ $message,
+ $sql_data,
+ $goto,
+ $pmaThemeImage,
+ $disp_query,
+ $disp_message,
+ $query_type,
+ $sql_query,
+ $selectedTables,
+ $complete_query
+ ) {
+ if ($analyzed_sql_results == null) {
+ // Parse and analyze the query
+ list(
+ $analyzed_sql_results,
+ $db,
+ $table_from_sql
+ ) = ParseAnalyze::sqlQuery($sql_query, $db);
+ // @todo: possibly refactor
+ extract($analyzed_sql_results);
+
+ if ($table != $table_from_sql && ! empty($table_from_sql)) {
+ $table = $table_from_sql;
+ }
+ }
+
+ $html_output = $this->executeQueryAndGetQueryResponse(
+ $analyzed_sql_results, // analyzed_sql_results
+ $is_gotofile, // is_gotofile
+ $db, // db
+ $table, // table
+ $find_real_end, // find_real_end
+ $sql_query_for_bookmark, // sql_query_for_bookmark
+ $extra_data, // extra_data
+ $message_to_show, // message_to_show
+ $message, // message
+ $sql_data, // sql_data
+ $goto, // goto
+ $pmaThemeImage, // pmaThemeImage
+ $disp_query, // disp_query
+ $disp_message, // disp_message
+ $query_type, // query_type
+ $sql_query, // sql_query
+ $selectedTables, // selectedTables
+ $complete_query // complete_query
+ );
+
+ $response = Response::getInstance();
+ $response->addHTML($html_output);
+ }
+
+ /**
+ * Function to execute the query and send the response
+ *
+ * @param array $analyzed_sql_results analysed sql results
+ * @param bool $is_gotofile whether goto file or not
+ * @param string $db current database
+ * @param string $table current table
+ * @param bool|null $find_real_end whether to find real end or not
+ * @param string|null $sql_query_for_bookmark the sql query to be stored as bookmark
+ * @param array|null $extra_data extra data
+ * @param string|null $message_to_show message to show
+ * @param Message|string|null $message message
+ * @param array|null $sql_data sql data
+ * @param string $goto goto page url
+ * @param string $pmaThemeImage uri of the PMA theme image
+ * @param string|null $disp_query display query
+ * @param Message|string|null $disp_message display message
+ * @param string|null $query_type query type
+ * @param string $sql_query sql query
+ * @param array|null $selectedTables array of table names selected from the
+ * database structure page, for an action
+ * like check table, optimize table,
+ * analyze table or repair table
+ * @param string|null $complete_query complete query
+ *
+ * @return string html
+ */
+ public function executeQueryAndGetQueryResponse(
+ array $analyzed_sql_results,
+ $is_gotofile,
+ $db,
+ $table,
+ $find_real_end,
+ ?string $sql_query_for_bookmark,
+ $extra_data,
+ ?string $message_to_show,
+ $message,
+ $sql_data,
+ $goto,
+ $pmaThemeImage,
+ ?string $disp_query,
+ $disp_message,
+ ?string $query_type,
+ $sql_query,
+ $selectedTables,
+ ?string $complete_query
+ ) {
+ // Handle disable/enable foreign key checks
+ $default_fk_check = Util::handleDisableFKCheckInit();
+
+ // Handle remembered sorting order, only for single table query.
+ // Handling is not required when it's a union query
+ // (the parser never sets the 'union' key to 0).
+ // Handling is also not required if we came from the "Sort by key"
+ // drop-down.
+ if (! empty($analyzed_sql_results)
+ && $this->isRememberSortingOrder($analyzed_sql_results)
+ && empty($analyzed_sql_results['union'])
+ && ! isset($_POST['sort_by_key'])
+ ) {
+ if (! isset($_SESSION['sql_from_query_box'])) {
+ $this->handleSortOrder($db, $table, $analyzed_sql_results, $sql_query);
+ } else {
+ unset($_SESSION['sql_from_query_box']);
+ }
+ }
+
+ $displayResultsObject = new DisplayResults(
+ $GLOBALS['db'],
+ $GLOBALS['table'],
+ $GLOBALS['server'],
+ $goto,
+ $sql_query
+ );
+ $displayResultsObject->setConfigParamsForDisplayTable();
+
+ // assign default full_sql_query
+ $full_sql_query = $sql_query;
+
+ // Do append a "LIMIT" clause?
+ if ($this->isAppendLimitClause($analyzed_sql_results)) {
+ $full_sql_query = $this->getSqlWithLimitClause($analyzed_sql_results);
+ }
+
+ $GLOBALS['reload'] = $this->hasCurrentDbChanged($db);
+ $GLOBALS['dbi']->selectDb($db);
+
+ list(
+ $result,
+ $num_rows,
+ $unlim_num_rows,
+ $profiling_results,
+ $extra_data
+ ) = $this->executeTheQuery(
+ $analyzed_sql_results,
+ $full_sql_query,
+ $is_gotofile,
+ $db,
+ $table,
+ isset($find_real_end) ? $find_real_end : null,
+ isset($sql_query_for_bookmark) ? $sql_query_for_bookmark : null,
+ isset($extra_data) ? $extra_data : null
+ );
+
+ if ($GLOBALS['dbi']->moreResults()) {
+ $GLOBALS['dbi']->nextResult();
+ }
+
+ $warning_messages = $this->operations->getWarningMessagesArray();
+
+ // No rows returned -> move back to the calling page
+ if ((0 == $num_rows && 0 == $unlim_num_rows)
+ || $analyzed_sql_results['is_affected']
+ ) {
+ $html_output = $this->getQueryResponseForNoResultsReturned(
+ $analyzed_sql_results,
+ $db,
+ $table,
+ isset($message_to_show) ? $message_to_show : null,
+ $num_rows,
+ $displayResultsObject,
+ $extra_data,
+ $pmaThemeImage,
+ $profiling_results,
+ isset($result) ? $result : null,
+ $sql_query,
+ isset($complete_query) ? $complete_query : null
+ );
+ } else {
+ // At least one row is returned -> displays a table with results
+ $html_output = $this->getQueryResponseForResultsReturned(
+ isset($result) ? $result : null,
+ $analyzed_sql_results,
+ $db,
+ $table,
+ isset($message) ? $message : null,
+ isset($sql_data) ? $sql_data : null,
+ $displayResultsObject,
+ $pmaThemeImage,
+ $unlim_num_rows,
+ $num_rows,
+ isset($disp_query) ? $disp_query : null,
+ isset($disp_message) ? $disp_message : null,
+ $profiling_results,
+ isset($query_type) ? $query_type : null,
+ isset($selectedTables) ? $selectedTables : null,
+ $sql_query,
+ isset($complete_query) ? $complete_query : null
+ );
+ }
+
+ // Handle disable/enable foreign key checks
+ Util::handleDisableFKCheckCleanup($default_fk_check);
+
+ foreach ($warning_messages as $warning) {
+ $message = Message::notice(Message::sanitize($warning));
+ $html_output .= $message->getDisplay();
+ }
+
+ return $html_output;
+ }
+
+ /**
+ * Function to define pos to display a row
+ *
+ * @param int $number_of_line Number of the line to display
+ * @param int $max_rows Number of rows by page
+ *
+ * @return int Start position to display the line
+ */
+ private function getStartPosToDisplayRow($number_of_line, $max_rows = null)
+ {
+ if (null === $max_rows) {
+ $max_rows = $_SESSION['tmpval']['max_rows'];
+ }
+
+ return @((ceil($number_of_line / $max_rows) - 1) * $max_rows);
+ }
+
+ /**
+ * Function to calculate new pos if pos is higher than number of rows
+ * of displayed table
+ *
+ * @param string $db Database name
+ * @param string $table Table name
+ * @param int|null $pos Initial position
+ *
+ * @return int Number of pos to display last page
+ */
+ public function calculatePosForLastPage($db, $table, $pos)
+ {
+ if (null === $pos) {
+ $pos = $_SESSION['tmpval']['pos'];
+ }
+
+ $_table = new Table($table, $db);
+ $unlim_num_rows = $_table->countRecords(true);
+ //If position is higher than number of rows
+ if ($unlim_num_rows <= $pos && 0 != $pos) {
+ $pos = $this->getStartPosToDisplayRow($unlim_num_rows);
+ }
+
+ return $pos;
+ }
+}
generated by cgit (git 2.34.1) at 2026-05-16 04:05:49 +0000