From 04d6d5ca99ebfd1cebb8ce06618fb3811fc1a8aa Mon Sep 17 00:00:00 2001 From: Charles Date: Thu, 9 Jan 2020 10:55:03 +0100 Subject: phpmyadmin working --- srcs/phpmyadmin/libraries/classes/Rte/RteList.php | 518 ++++++++++++++++++++++ 1 file changed, 518 insertions(+) create mode 100644 srcs/phpmyadmin/libraries/classes/Rte/RteList.php (limited to 'srcs/phpmyadmin/libraries/classes/Rte/RteList.php') diff --git a/srcs/phpmyadmin/libraries/classes/Rte/RteList.php b/srcs/phpmyadmin/libraries/classes/Rte/RteList.php new file mode 100644 index 0000000..0e87c6c --- /dev/null +++ b/srcs/phpmyadmin/libraries/classes/Rte/RteList.php @@ -0,0 +1,518 @@ +dbi = $dbi; + $this->words = new Words(); + $this->template = new Template(); + } + + /** + * Creates a list of items containing the relevant + * information and some action links. + * + * @param string $type One of ['routine'|'trigger'|'event'] + * @param array $items An array of items + * + * @return string HTML code of the list of items + */ + public function get($type, array $items) + { + global $table; + + /** + * Conditional classes switch the list on or off + */ + $class1 = 'hide'; + $class2 = ''; + if (! $items) { + $class1 = ''; + $class2 = ' hide'; + } + /** + * Generate output + */ + $retval = "\n"; + $retval .= '
'; + $retval .= Url::getHiddenInputs($GLOBALS['db'], $GLOBALS['table']); + $retval .= "
\n"; + $retval .= " \n"; + $retval .= " " . $this->words->get('title') . "\n"; + $retval .= " " + . Util::showMySQLDocu($this->words->get('docu')) . "\n"; + $retval .= " \n"; + $retval .= "
\n"; + $retval .= " " . $this->words->get('nothing') . "\n"; + $retval .= "
\n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + // th cells with a colspan need corresponding td cells, according to W3C + switch ($type) { + case 'routine': + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; // see comment above + for ($i = 0; $i < 7; $i++) { + $retval .= " \n"; + } + break; + case 'trigger': + $retval .= " \n"; + $retval .= " \n"; + if (empty($table)) { + $retval .= " \n"; + } + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; // see comment above + for ($i = 0; $i < (empty($table) ? 7 : 6); $i++) { + $retval .= " \n"; + } + break; + case 'event': + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; // see comment above + for ($i = 0; $i < 6; $i++) { + $retval .= " \n"; + } + break; + default: + break; + } + $retval .= " \n"; + $retval .= " \n"; + $response = Response::getInstance(); + foreach ($items as $item) { + if ($response->isAjax() && empty($_REQUEST['ajax_page_request'])) { + $rowclass = 'ajaxInsert hide'; + } else { + $rowclass = ''; + } + // Get each row from the correct function + switch ($type) { + case 'routine': + $retval .= $this->getRoutineRow($item, $rowclass); + break; + case 'trigger': + $retval .= $this->getTriggerRow($item, $rowclass); + break; + case 'event': + $retval .= $this->getEventRow($item, $rowclass); + break; + default: + break; + } + } + $retval .= "
" . __('Name') . "" . __('Action') . "" . __('Type') . "" . __('Returns') . "
" . __('Name') . "" . __('Table') . "" . __('Action') . "" . __('Time') . "" . __('Event') . "
" . __('Name') . "" . __('Status') . "" . __('Action') . "" . __('Type') . "
\n"; + + if (count($items)) { + $retval .= '
'; + $retval .= $this->template->render('select_all', [ + 'pma_theme_image' => $GLOBALS['pmaThemeImage'], + 'text_dir' => $GLOBALS['text_dir'], + 'form_name' => 'rteListForm', + ]); + $retval .= Util::getButtonOrImage( + 'submit_mult', + 'mult_submit', + __('Export'), + 'b_export', + 'export' + ); + $retval .= Util::getButtonOrImage( + 'submit_mult', + 'mult_submit', + __('Drop'), + 'b_drop', + 'drop' + ); + $retval .= '
'; + } + + $retval .= "
\n"; + $retval .= "
\n"; + $retval .= "\n"; + + return $retval; + } + + /** + * Creates the contents for a row in the list of routines + * + * @param array $routine An array of routine data + * @param string $rowclass Additional class + * + * @return string HTML code of a row for the list of routines + */ + public function getRoutineRow(array $routine, $rowclass = '') + { + global $url_query, $db, $titles; + + $sql_drop = sprintf( + 'DROP %s IF EXISTS %s', + $routine['type'], + Util::backquote($routine['name']) + ); + $type_link = "item_type={$routine['type']}"; + + $retval = " \n"; + $retval .= " \n"; + $retval .= ' '; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " " + . htmlspecialchars($sql_drop) . "\n"; + $retval .= " \n"; + $retval .= " " + . htmlspecialchars($routine['name']) . "\n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + + // this is for our purpose to decide whether to + // show the edit link or not, so we need the DEFINER for the routine + $where = "ROUTINE_SCHEMA " . Util::getCollateForIS() . "=" + . "'" . $this->dbi->escapeString($db) . "' " + . "AND SPECIFIC_NAME='" . $this->dbi->escapeString($routine['name']) . "'" + . "AND ROUTINE_TYPE='" . $this->dbi->escapeString($routine['type']) . "'"; + $query = "SELECT `DEFINER` FROM INFORMATION_SCHEMA.ROUTINES WHERE $where;"; + $routine_definer = $this->dbi->fetchValue($query); + + $curr_user = $this->dbi->getCurrentUser(); + + // Since editing a procedure involved dropping and recreating, check also for + // CREATE ROUTINE privilege to avoid lost procedures. + if ((Util::currentUserHasPrivilege('CREATE ROUTINE', $db) + && $curr_user == $routine_definer) + || $this->dbi->isSuperuser() + ) { + $retval .= ' ' . $titles['Edit'] . "\n"; + } else { + $retval .= " {$titles['NoEdit']}\n"; + } + $retval .= " \n"; + $retval .= " \n"; + + // There is a problem with Util::currentUserHasPrivilege(): + // it does not detect all kinds of privileges, for example + // a direct privilege on a specific routine. So, at this point, + // we show the Execute link, hoping that the user has the correct rights. + // Also, information_schema might be hiding the ROUTINE_DEFINITION + // but a routine with no input parameters can be nonetheless executed. + + // Check if the routine has any input parameters. If it does, + // we will show a dialog to get values for these parameters, + // otherwise we can execute it directly. + + $definition = $this->dbi->getDefinition( + $db, + $routine['type'], + $routine['name'] + ); + if ($definition !== null) { + $parser = new Parser($definition); + + /** + * @var CreateStatement $stmt + */ + $stmt = $parser->statements[0]; + + $params = Routine::getParameters($stmt); + + if (Util::currentUserHasPrivilege('EXECUTE', $db)) { + $execute_action = 'execute_routine'; + for ($i = 0; $i < $params['num']; $i++) { + if ($routine['type'] == 'PROCEDURE' + && $params['dir'][$i] == 'OUT' + ) { + continue; + } + $execute_action = 'execute_dialog'; + break; + } + $query_part = $execute_action . '=1&item_name=' + . urlencode($routine['name']) . '&' . $type_link; + $retval .= ' ' . $titles['Execute'] . "\n"; + } else { + $retval .= " {$titles['NoExecute']}\n"; + } + } + + $retval .= " \n"; + $retval .= " \n"; + if ((Util::currentUserHasPrivilege('CREATE ROUTINE', $db) + && $curr_user == $routine_definer) + || $this->dbi->isSuperuser() + ) { + $retval .= ' ' . $titles['Export'] . "\n"; + } else { + $retval .= " {$titles['NoExport']}\n"; + } + $retval .= " \n"; + $retval .= " \n"; + $retval .= Util::linkOrButton( + 'sql.php' . $url_query . '&sql_query=' . urlencode($sql_drop) . '&goto=db_routines.php' . urlencode("?db={$db}"), + $titles['Drop'], + ['class' => 'ajax drop_anchor'] + ); + $retval .= " \n"; + $retval .= " \n"; + $retval .= " {$routine['type']}\n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " " + . htmlspecialchars($routine['returns']) . "\n"; + $retval .= " \n"; + $retval .= " \n"; + + return $retval; + } + + /** + * Creates the contents for a row in the list of triggers + * + * @param array $trigger An array of routine data + * @param string $rowclass Additional class + * + * @return string HTML code of a cell for the list of triggers + */ + public function getTriggerRow(array $trigger, $rowclass = '') + { + global $url_query, $db, $table, $titles; + + $retval = " \n"; + $retval .= " \n"; + $retval .= ' '; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " " + . htmlspecialchars($trigger['drop']) . "\n"; + $retval .= " \n"; + $retval .= " " . htmlspecialchars($trigger['name']) . "\n"; + $retval .= " \n"; + $retval .= " \n"; + if (empty($table)) { + $retval .= " \n"; + $retval .= "" + . htmlspecialchars($trigger['table']) . ""; + $retval .= " \n"; + } + $retval .= " \n"; + if (Util::currentUserHasPrivilege('TRIGGER', $db, $table)) { + $retval .= ' ' . $titles['Edit'] . "\n"; + } else { + $retval .= " {$titles['NoEdit']}\n"; + } + $retval .= " \n"; + $retval .= " \n"; + $retval .= ' ' . $titles['Export'] . "\n"; + $retval .= " \n"; + $retval .= " \n"; + if (Util::currentUserHasPrivilege('TRIGGER', $db)) { + $retval .= Util::linkOrButton( + 'sql.php' . $url_query . '&sql_query=' . urlencode($trigger['drop']) . '&goto=db_triggers.php' . urlencode("?db={$db}"), + $titles['Drop'], + ['class' => 'ajax drop_anchor'] + ); + } else { + $retval .= " {$titles['NoDrop']}\n"; + } + $retval .= " \n"; + $retval .= " \n"; + $retval .= " {$trigger['action_timing']}\n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " {$trigger['event_manipulation']}\n"; + $retval .= " \n"; + $retval .= " \n"; + + return $retval; + } + + /** + * Creates the contents for a row in the list of events + * + * @param array $event An array of routine data + * @param string $rowclass Additional class + * + * @return string HTML code of a cell for the list of events + */ + public function getEventRow(array $event, $rowclass = '') + { + global $url_query, $db, $titles; + + $sql_drop = sprintf( + 'DROP EVENT IF EXISTS %s', + Util::backquote($event['name']) + ); + + $retval = " \n"; + $retval .= " \n"; + $retval .= ' '; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " " + . htmlspecialchars($sql_drop) . "\n"; + $retval .= " \n"; + $retval .= " " + . htmlspecialchars($event['name']) . "\n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " \n"; + $retval .= " {$event['status']}\n"; + $retval .= " \n"; + $retval .= " \n"; + if (Util::currentUserHasPrivilege('EVENT', $db)) { + $retval .= ' ' . $titles['Edit'] . "\n"; + } else { + $retval .= " {$titles['NoEdit']}\n"; + } + $retval .= " \n"; + $retval .= " \n"; + $retval .= ' ' . $titles['Export'] . "\n"; + $retval .= " \n"; + $retval .= " \n"; + if (Util::currentUserHasPrivilege('EVENT', $db)) { + $retval .= Util::linkOrButton( + 'sql.php' . $url_query . '&sql_query=' . urlencode($sql_drop) . '&goto=db_events.php' . urlencode("?db={$db}"), + $titles['Drop'], + ['class' => 'ajax drop_anchor'] + ); + } else { + $retval .= " {$titles['NoDrop']}\n"; + } + $retval .= " \n"; + $retval .= " \n"; + $retval .= " {$event['type']}\n"; + $retval .= " \n"; + $retval .= " \n"; + + return $retval; + } +} -- cgit