From 5bf66662a9bdd62c5bccab15e607cd95cfb8fcab Mon Sep 17 00:00:00 2001 From: Charles Cabergs Date: Mon, 27 Jul 2020 10:05:23 +0200 Subject: Removed wordpress and phpmyadmin, my server doesn't handle it well and it brings shame on my familly --- srcs/phpmyadmin/libraries/classes/Util.php | 4975 ---------------------------- 1 file changed, 4975 deletions(-) delete mode 100644 srcs/phpmyadmin/libraries/classes/Util.php (limited to 'srcs/phpmyadmin/libraries/classes/Util.php') diff --git a/srcs/phpmyadmin/libraries/classes/Util.php b/srcs/phpmyadmin/libraries/classes/Util.php deleted file mode 100644 index ad7bcdf..0000000 --- a/srcs/phpmyadmin/libraries/classes/Util.php +++ /dev/null @@ -1,4975 +0,0 @@ -'; - if ($include_icon) { - $button .= self::getImage($icon, $alternate); - } - if ($include_icon && $include_text) { - $button .= ' '; - } - if ($include_text) { - $button .= $alternate; - } - $button .= $menu_icon ? '' : ''; - - return $button; - } - - /** - * Returns an HTML IMG tag for a particular image from a theme - * - * The image name should match CSS class defined in icons.css.php - * - * @param string $image The name of the file to get - * @param string $alternate Used to set 'alt' and 'title' attributes - * of the image - * @param array $attributes An associative array of other attributes - * - * @return string an html IMG tag - */ - public static function getImage($image, $alternate = '', array $attributes = []) - { - $alternate = htmlspecialchars($alternate); - - if (isset($attributes['class'])) { - $attributes['class'] = "icon ic_$image " . $attributes['class']; - } else { - $attributes['class'] = "icon ic_$image"; - } - - // set all other attributes - $attr_str = ''; - foreach ($attributes as $key => $value) { - if (! in_array($key, ['alt', 'title'])) { - $attr_str .= " $key=\"$value\""; - } - } - - // override the alt attribute - if (isset($attributes['alt'])) { - $alt = $attributes['alt']; - } else { - $alt = $alternate; - } - - // override the title attribute - if (isset($attributes['title'])) { - $title = $attributes['title']; - } else { - $title = $alternate; - } - - // generate the IMG tag - $template = '%s'; - return sprintf($template, $title, $alt, $attr_str); - } - - /** - * Returns the formatted maximum size for an upload - * - * @param integer $max_upload_size the size - * - * @return string the message - * - * @access public - */ - public static function getFormattedMaximumUploadSize($max_upload_size) - { - // I have to reduce the second parameter (sensitiveness) from 6 to 4 - // to avoid weird results like 512 kKib - list($max_size, $max_unit) = self::formatByteDown($max_upload_size, 4); - return '(' . sprintf(__('Max: %s%s'), $max_size, $max_unit) . ')'; - } - - /** - * Generates a hidden field which should indicate to the browser - * the maximum size for upload - * - * @param integer $max_size the size - * - * @return string the INPUT field - * - * @access public - */ - public static function generateHiddenMaxFileSize($max_size) - { - return ''; - } - - /** - * Add slashes before "_" and "%" characters for using them in MySQL - * database, table and field names. - * Note: This function does not escape backslashes! - * - * @param string $name the string to escape - * - * @return string the escaped string - * - * @access public - */ - public static function escapeMysqlWildcards($name) - { - return strtr($name, ['_' => '\\_', '%' => '\\%']); - } // end of the 'escapeMysqlWildcards()' function - - /** - * removes slashes before "_" and "%" characters - * Note: This function does not unescape backslashes! - * - * @param string $name the string to escape - * - * @return string the escaped string - * - * @access public - */ - public static function unescapeMysqlWildcards($name) - { - return strtr($name, ['\\_' => '_', '\\%' => '%']); - } // end of the 'unescapeMysqlWildcards()' function - - /** - * removes quotes (',",`) from a quoted string - * - * checks if the string is quoted and removes this quotes - * - * @param string $quoted_string string to remove quotes from - * @param string $quote type of quote to remove - * - * @return string unqoted string - */ - public static function unQuote($quoted_string, $quote = null) - { - $quotes = []; - - if ($quote === null) { - $quotes[] = '`'; - $quotes[] = '"'; - $quotes[] = "'"; - } else { - $quotes[] = $quote; - } - - foreach ($quotes as $quote) { - if (mb_substr($quoted_string, 0, 1) === $quote - && mb_substr($quoted_string, -1, 1) === $quote - ) { - $unquoted_string = mb_substr($quoted_string, 1, -1); - // replace escaped quotes - $unquoted_string = str_replace( - $quote . $quote, - $quote, - $unquoted_string - ); - return $unquoted_string; - } - } - - return $quoted_string; - } - - /** - * format sql strings - * - * @param string $sqlQuery raw SQL string - * @param boolean $truncate truncate the query if it is too long - * - * @return string the formatted sql - * - * @global array $cfg the configuration array - * - * @access public - * @todo move into PMA_Sql - */ - public static function formatSql($sqlQuery, $truncate = false) - { - global $cfg; - - if ($truncate - && mb_strlen($sqlQuery) > $cfg['MaxCharactersInDisplayedSQL'] - ) { - $sqlQuery = mb_substr( - $sqlQuery, - 0, - $cfg['MaxCharactersInDisplayedSQL'] - ) . '[...]'; - } - return '
' . "\n"
-            . htmlspecialchars($sqlQuery) . "\n"
-            . '
'; - } // end of the "formatSql()" function - - /** - * Displays a button to copy content to clipboard - * - * @param string $text Text to copy to clipboard - * - * @return string the html link - * - * @access public - */ - public static function showCopyToClipboard($text) - { - $open_link = ' ' . __('Copy') . ''; - return $open_link; - } // end of the 'showCopyToClipboard()' function - - /** - * Displays a link to the documentation as an icon - * - * @param string $link documentation link - * @param string $target optional link target - * @param boolean $bbcode optional flag indicating whether to output bbcode - * - * @return string the html link - * - * @access public - */ - public static function showDocLink($link, $target = 'documentation', $bbcode = false) - { - if ($bbcode) { - return "[a@$link@$target][dochelpicon][/a]"; - } - - return '' - . self::getImage('b_help', __('Documentation')) - . ''; - } // end of the 'showDocLink()' function - - /** - * Get a URL link to the official MySQL documentation - * - * @param string $link contains name of page/anchor that is being linked - * @param string $anchor anchor to page part - * - * @return string the URL link - * - * @access public - */ - public static function getMySQLDocuURL($link, $anchor = '') - { - // Fixup for newly used names: - $link = str_replace('_', '-', mb_strtolower($link)); - - if (empty($link)) { - $link = 'index'; - } - $mysql = '5.5'; - $lang = 'en'; - if (isset($GLOBALS['dbi'])) { - $serverVersion = $GLOBALS['dbi']->getVersion(); - if ($serverVersion >= 50700) { - $mysql = '5.7'; - } elseif ($serverVersion >= 50600) { - $mysql = '5.6'; - } elseif ($serverVersion >= 50500) { - $mysql = '5.5'; - } - } - $url = 'https://dev.mysql.com/doc/refman/' - . $mysql . '/' . $lang . '/' . $link . '.html'; - if (! empty($anchor)) { - $url .= '#' . $anchor; - } - - return Core::linkURL($url); - } - - /** - * Get a link to variable documentation - * - * @param string $name The variable name - * @param boolean $useMariaDB Use only MariaDB documentation - * @param string $text (optional) The text for the link - * @return string link or empty string - */ - public static function linkToVarDocumentation( - string $name, - bool $useMariaDB = false, - string $text = null - ): string { - $html = ''; - try { - $type = KBSearch::MYSQL; - if ($useMariaDB) { - $type = KBSearch::MARIADB; - } - $docLink = KBSearch::getByName($name, $type); - $html = Util::showMySQLDocu( - $name, - false, - $docLink, - $text - ); - } catch (KBException $e) { - unset($e);// phpstan workaround - } - return $html; - } - - /** - * Displays a link to the official MySQL documentation - * - * @param string $link contains name of page/anchor that is being linked - * @param bool $bigIcon whether to use big icon (like in left frame) - * @param string|null $url href attribute - * @param string|null $text text of link - * @param string $anchor anchor to page part - * - * @return string the html link - * - * @access public - */ - public static function showMySQLDocu( - $link, - bool $bigIcon = false, - $url = null, - $text = null, - $anchor = '' - ): string { - if ($url === null) { - $url = self::getMySQLDocuURL($link, $anchor); - } - $openLink = ''; - $closeLink = ''; - $html = ''; - - if ($bigIcon) { - $html = $openLink . - self::getImage('b_sqlhelp', __('Documentation')) - . $closeLink; - } elseif ($text !== null) { - $html = $openLink . $text . $closeLink; - } else { - $html = self::showDocLink($url, 'mysql_doc'); - } - - return $html; - } // end of the 'showMySQLDocu()' function - - /** - * Returns link to documentation. - * - * @param string $page Page in documentation - * @param string $anchor Optional anchor in page - * - * @return string URL - */ - public static function getDocuLink($page, $anchor = '') - { - /* Construct base URL */ - $url = $page . '.html'; - if (! empty($anchor)) { - $url .= '#' . $anchor; - } - - /* Check if we have built local documentation, however - * provide consistent URL for testsuite - */ - if (! defined('TESTSUITE') && @file_exists(ROOT_PATH . 'doc/html/index.html')) { - return 'doc/html/' . $url; - } - - return Core::linkURL('https://docs.phpmyadmin.net/en/latest/' . $url); - } - - /** - * Displays a link to the phpMyAdmin documentation - * - * @param string $page Page in documentation - * @param string $anchor Optional anchor in page - * @param boolean $bbcode Optional flag indicating whether to output bbcode - * - * @return string the html link - * - * @access public - */ - public static function showDocu($page, $anchor = '', $bbcode = false) - { - return self::showDocLink(self::getDocuLink($page, $anchor), 'documentation', $bbcode); - } // end of the 'showDocu()' function - - /** - * Displays a link to the PHP documentation - * - * @param string $target anchor in documentation - * - * @return string the html link - * - * @access public - */ - public static function showPHPDocu($target) - { - $url = Core::getPHPDocLink($target); - - return self::showDocLink($url); - } // end of the 'showPHPDocu()' function - - /** - * Returns HTML code for a tooltip - * - * @param string $message the message for the tooltip - * - * @return string - * - * @access public - */ - public static function showHint($message) - { - if ($GLOBALS['cfg']['ShowHint']) { - $classClause = ' class="pma_hint"'; - } else { - $classClause = ''; - } - return '' - . self::getImage('b_help') - . '' . $message . '' - . ''; - } - - /** - * Displays a MySQL error message in the main panel when $exit is true. - * Returns the error message otherwise. - * - * @param string|bool $server_msg Server's error message. - * @param string $sql_query The SQL query that failed. - * @param bool $is_modify_link Whether to show a "modify" link or not. - * @param string $back_url URL for the "back" link (full path is - * not required). - * @param bool $exit Whether execution should be stopped or - * the error message should be returned. - * - * @return string - * - * @global string $table The current table. - * @global string $db The current database. - * - * @access public - */ - public static function mysqlDie( - $server_msg = '', - $sql_query = '', - $is_modify_link = true, - $back_url = '', - $exit = true - ) { - global $table, $db; - - /** - * Error message to be built. - * @var string $error_msg - */ - $error_msg = ''; - - // Checking for any server errors. - if (empty($server_msg)) { - $server_msg = $GLOBALS['dbi']->getError(); - } - - // Finding the query that failed, if not specified. - if (empty($sql_query) && ! empty($GLOBALS['sql_query'])) { - $sql_query = $GLOBALS['sql_query']; - } - $sql_query = trim($sql_query); - - /** - * The lexer used for analysis. - * @var Lexer $lexer - */ - $lexer = new Lexer($sql_query); - - /** - * The parser used for analysis. - * @var Parser $parser - */ - $parser = new Parser($lexer->list); - - /** - * The errors found by the lexer and the parser. - * @var array $errors - */ - $errors = ParserError::get([$lexer, $parser]); - - if (empty($sql_query)) { - $formatted_sql = ''; - } elseif (count($errors)) { - $formatted_sql = htmlspecialchars($sql_query); - } else { - $formatted_sql = self::formatSql($sql_query, true); - } - - $error_msg .= '

' . __('Error') . '

'; - - // For security reasons, if the MySQL refuses the connection, the query - // is hidden so no details are revealed. - if (! empty($sql_query) && ! mb_strstr($sql_query, 'connect')) { - // Static analysis errors. - if (! empty($errors)) { - $error_msg .= '

' . __('Static analysis:') - . '

'; - $error_msg .= '

' . sprintf( - __('%d errors were found during analysis.'), - count($errors) - ) . '

'; - $error_msg .= '

    '; - $error_msg .= implode( - ParserError::format( - $errors, - '
  1. %2$s (near "%4$s" at position %5$d)
    2. ' - ) - ); - $error_msg .= '

'; - } - - // Display the SQL query and link to MySQL documentation. - $error_msg .= '

' . __('SQL query:') . '' . self::showCopyToClipboard($sql_query) . "\n"; - $formattedSqlToLower = mb_strtolower($formatted_sql); - - // TODO: Show documentation for all statement types. - if (mb_strstr($formattedSqlToLower, 'select')) { - // please show me help to the error on select - $error_msg .= self::showMySQLDocu('SELECT'); - } - - if ($is_modify_link) { - $_url_params = [ - 'sql_query' => $sql_query, - 'show_query' => 1, - ]; - if (strlen($table) > 0) { - $_url_params['db'] = $db; - $_url_params['table'] = $table; - $doedit_goto = ''; - } elseif (strlen($db) > 0) { - $_url_params['db'] = $db; - $doedit_goto = ''; - } else { - $doedit_goto = ''; - } - - $error_msg .= $doedit_goto - . self::getIcon('b_edit', __('Edit')) - . ''; - } - - $error_msg .= '

' . "\n" - . '

' . "\n" - . $formatted_sql . "\n" - . '

' . "\n"; - } - - // Display server's error. - if (! empty($server_msg)) { - $server_msg = preg_replace( - "@((\015\012)|(\015)|(\012)){3,}@", - "\n\n", - $server_msg - ); - - // Adds a link to MySQL documentation. - $error_msg .= '

' . "\n" - . ' ' . __('MySQL said: ') . '' - . self::showMySQLDocu('Error-messages-server') - . "\n" - . '

' . "\n"; - - // The error message will be displayed within a CODE segment. - // To preserve original formatting, but allow word-wrapping, - // a couple of replacements are done. - // All non-single blanks and TAB-characters are replaced with their - // HTML-counterpart - $server_msg = str_replace( - [ - ' ', - "\t", - ], - [ - '  ', - '    ', - ], - $server_msg - ); - - // Replace line breaks - $server_msg = nl2br($server_msg); - - $error_msg .= '' . $server_msg . '
'; - } - - $error_msg .= '
'; - $_SESSION['Import_message']['message'] = $error_msg; - - if (! $exit) { - return $error_msg; - } - - /** - * If this is an AJAX request, there is no "Back" link and - * `Response()` is used to send the response. - */ - $response = Response::getInstance(); - if ($response->isAjax()) { - $response->setRequestStatus(false); - $response->addJSON('message', $error_msg); - exit; - } - - if (! empty($back_url)) { - if (mb_strstr($back_url, '?')) { - $back_url .= '&no_history=true'; - } else { - $back_url .= '?no_history=true'; - } - - $_SESSION['Import_message']['go_back_url'] = $back_url; - - $error_msg .= '
' - . '[ ' . __('Back') . ' ]' - . '
' . "\n\n"; - } - - exit($error_msg); - } - - /** - * Check the correct row count - * - * @param string $db the db name - * @param array $table the table infos - * - * @return int the possibly modified row count - * - */ - private static function _checkRowCount($db, array $table) - { - $rowCount = 0; - - if ($table['Rows'] === null) { - // Do not check exact row count here, - // if row count is invalid possibly the table is defect - // and this would break the navigation panel; - // but we can check row count if this is a view or the - // information_schema database - // since Table::countRecords() returns a limited row count - // in this case. - - // set this because Table::countRecords() can use it - $tbl_is_view = $table['TABLE_TYPE'] == 'VIEW'; - - if ($tbl_is_view || $GLOBALS['dbi']->isSystemSchema($db)) { - $rowCount = $GLOBALS['dbi'] - ->getTable($db, $table['Name']) - ->countRecords(); - } - } - return $rowCount; - } - - /** - * returns array with tables of given db with extended information and grouped - * - * @param string $db name of db - * @param string $tables name of tables - * @param integer $limit_offset list offset - * @param int|bool $limit_count max tables to return - * - * @return array (recursive) grouped table list - */ - public static function getTableList( - $db, - $tables = null, - $limit_offset = 0, - $limit_count = false - ) { - $sep = $GLOBALS['cfg']['NavigationTreeTableSeparator']; - - if ($tables === null) { - $tables = $GLOBALS['dbi']->getTablesFull( - $db, - '', - false, - $limit_offset, - $limit_count - ); - if ($GLOBALS['cfg']['NaturalOrder']) { - uksort($tables, 'strnatcasecmp'); - } - } - - if (count($tables) < 1) { - return $tables; - } - - $default = [ - 'Name' => '', - 'Rows' => 0, - 'Comment' => '', - 'disp_name' => '', - ]; - - $table_groups = []; - - foreach ($tables as $table_name => $table) { - $table['Rows'] = self::_checkRowCount($db, $table); - - // in $group we save the reference to the place in $table_groups - // where to store the table info - if ($GLOBALS['cfg']['NavigationTreeEnableGrouping'] - && $sep && mb_strstr($table_name, $sep) - ) { - $parts = explode($sep, $table_name); - - $group =& $table_groups; - $i = 0; - $group_name_full = ''; - $parts_cnt = count($parts) - 1; - - while (($i < $parts_cnt) - && ($i < $GLOBALS['cfg']['NavigationTreeTableLevel']) - ) { - $group_name = $parts[$i] . $sep; - $group_name_full .= $group_name; - - if (! isset($group[$group_name])) { - $group[$group_name] = []; - $group[$group_name]['is' . $sep . 'group'] = true; - $group[$group_name]['tab' . $sep . 'count'] = 1; - $group[$group_name]['tab' . $sep . 'group'] - = $group_name_full; - } elseif (! isset($group[$group_name]['is' . $sep . 'group'])) { - $table = $group[$group_name]; - $group[$group_name] = []; - $group[$group_name][$group_name] = $table; - $group[$group_name]['is' . $sep . 'group'] = true; - $group[$group_name]['tab' . $sep . 'count'] = 1; - $group[$group_name]['tab' . $sep . 'group'] - = $group_name_full; - } else { - $group[$group_name]['tab' . $sep . 'count']++; - } - - $group =& $group[$group_name]; - $i++; - } - } else { - if (! isset($table_groups[$table_name])) { - $table_groups[$table_name] = []; - } - $group =& $table_groups; - } - - $table['disp_name'] = $table['Name']; - $group[$table_name] = array_merge($default, $table); - } - - return $table_groups; - } - - /* ----------------------- Set of misc functions ----------------------- */ - - /** - * Adds backquotes on both sides of a database, table or field name. - * and escapes backquotes inside the name with another backquote - * - * example: - * - * echo backquote('owner`s db'); // `owner``s db` - * - * - * - * @param mixed $a_name the database, table or field name to "backquote" - * or array of it - * @param boolean $do_it a flag to bypass this function (used by dump - * functions) - * - * @return mixed the "backquoted" database, table or field name - * - * @access public - */ - public static function backquote($a_name, $do_it = true) - { - if (is_array($a_name)) { - foreach ($a_name as &$data) { - $data = self::backquote($data, $do_it); - } - return $a_name; - } - - if (! $do_it) { - if (! (Context::isKeyword($a_name) & Token::FLAG_KEYWORD_RESERVED) - ) { - return $a_name; - } - } - - // '0' is also empty for php :-( - if (strlen((string) $a_name) > 0 && $a_name !== '*') { - return '`' . str_replace('`', '``', (string) $a_name) . '`'; - } - - return $a_name; - } // end of the 'backquote()' function - - /** - * Adds backquotes on both sides of a database, table or field name. - * in compatibility mode - * - * example: - * - * echo backquoteCompat('owner`s db'); // `owner``s db` - * - * - * - * @param mixed $a_name the database, table or field name to - * "backquote" or array of it - * @param string $compatibility string compatibility mode (used by dump - * functions) - * @param boolean $do_it a flag to bypass this function (used by dump - * functions) - * - * @return mixed the "backquoted" database, table or field name - * - * @access public - */ - public static function backquoteCompat( - $a_name, - $compatibility = 'MSSQL', - $do_it = true - ) { - if (is_array($a_name)) { - foreach ($a_name as &$data) { - $data = self::backquoteCompat($data, $compatibility, $do_it); - } - return $a_name; - } - - if (! $do_it) { - if (! Context::isKeyword($a_name)) { - return $a_name; - } - } - - // @todo add more compatibility cases (ORACLE for example) - switch ($compatibility) { - case 'MSSQL': - $quote = '"'; - break; - default: - $quote = "`"; - break; - } - - // '0' is also empty for php :-( - if (strlen((string) $a_name) > 0 && $a_name !== '*') { - return $quote . $a_name . $quote; - } - - return $a_name; - } // end of the 'backquoteCompat()' function - - /** - * Prepare the message and the query - * usually the message is the result of the query executed - * - * @param Message|string $message the message to display - * @param string $sql_query the query to display - * @param string $type the type (level) of the message - * - * @return string - * - * @access public - */ - public static function getMessage( - $message, - $sql_query = null, - $type = 'notice' - ) { - global $cfg; - $template = new Template(); - $retval = ''; - - if (null === $sql_query) { - if (! empty($GLOBALS['display_query'])) { - $sql_query = $GLOBALS['display_query']; - } elseif (! empty($GLOBALS['unparsed_sql'])) { - $sql_query = $GLOBALS['unparsed_sql']; - } elseif (! empty($GLOBALS['sql_query'])) { - $sql_query = $GLOBALS['sql_query']; - } else { - $sql_query = ''; - } - } - - $render_sql = $cfg['ShowSQL'] == true && ! empty($sql_query) && $sql_query !== ';'; - - if (isset($GLOBALS['using_bookmark_message'])) { - $retval .= $GLOBALS['using_bookmark_message']->getDisplay(); - unset($GLOBALS['using_bookmark_message']); - } - - if ($render_sql) { - $retval .= '
' . "\n"; - } - - if ($message instanceof Message) { - if (isset($GLOBALS['special_message'])) { - $message->addText($GLOBALS['special_message']); - unset($GLOBALS['special_message']); - } - $retval .= $message->getDisplay(); - } else { - $retval .= '
'; - $retval .= Sanitize::sanitizeMessage($message); - if (isset($GLOBALS['special_message'])) { - $retval .= Sanitize::sanitizeMessage($GLOBALS['special_message']); - unset($GLOBALS['special_message']); - } - $retval .= '
'; - } - - if ($render_sql) { - $query_too_big = false; - - $queryLength = mb_strlen($sql_query); - if ($queryLength > $cfg['MaxCharactersInDisplayedSQL']) { - // when the query is large (for example an INSERT of binary - // data), the parser chokes; so avoid parsing the query - $query_too_big = true; - $query_base = mb_substr( - $sql_query, - 0, - $cfg['MaxCharactersInDisplayedSQL'] - ) . '[...]'; - } else { - $query_base = $sql_query; - } - - // Html format the query to be displayed - // If we want to show some sql code it is easiest to create it here - /* SQL-Parser-Analyzer */ - - if (! empty($GLOBALS['show_as_php'])) { - $new_line = '\\n"
' . "\n" . '    . "'; - $query_base = htmlspecialchars(addslashes($query_base)); - $query_base = preg_replace( - '/((\015\012)|(\015)|(\012))/', - $new_line, - $query_base - ); - $query_base = '
' . "\n"
-                    . '$sql = "' . $query_base . '";' . "\n"
-                    . '
'; - } elseif ($query_too_big) { - $query_base = '
' . "\n" .
-                    htmlspecialchars($query_base) .
-                    '
'; - } else { - $query_base = self::formatSql($query_base); - } - - // Prepares links that may be displayed to edit/explain the query - // (don't go to default pages, we must go to the page - // where the query box is available) - - // Basic url query part - $url_params = []; - if (! isset($GLOBALS['db'])) { - $GLOBALS['db'] = ''; - } - if (strlen($GLOBALS['db']) > 0) { - $url_params['db'] = $GLOBALS['db']; - if (strlen($GLOBALS['table']) > 0) { - $url_params['table'] = $GLOBALS['table']; - $edit_link = 'tbl_sql.php'; - } else { - $edit_link = 'db_sql.php'; - } - } else { - $edit_link = 'server_sql.php'; - } - - // Want to have the query explained - // but only explain a SELECT (that has not been explained) - /* SQL-Parser-Analyzer */ - $explain_link = ''; - $is_select = preg_match('@^SELECT[[:space:]]+@i', $sql_query); - if (! empty($cfg['SQLQuery']['Explain']) && ! $query_too_big) { - $explain_params = $url_params; - if ($is_select) { - $explain_params['sql_query'] = 'EXPLAIN ' . $sql_query; - $explain_link = ' [ ' - . self::linkOrButton( - 'import.php' . Url::getCommon($explain_params), - __('Explain SQL') - ) . ' ]'; - } elseif (preg_match( - '@^EXPLAIN[[:space:]]+SELECT[[:space:]]+@i', - $sql_query - )) { - $explain_params['sql_query'] - = mb_substr($sql_query, 8); - $explain_link = ' [ ' - . self::linkOrButton( - 'import.php' . Url::getCommon($explain_params), - __('Skip Explain SQL') - ) . ']'; - $url = 'https://mariadb.org/explain_analyzer/analyze/' - . '?client=phpMyAdmin&raw_explain=' - . urlencode(self::_generateRowQueryOutput($sql_query)); - $explain_link .= ' [' - . self::linkOrButton( - htmlspecialchars('url.php?url=' . urlencode($url)), - sprintf(__('Analyze Explain at %s'), 'mariadb.org'), - [], - '_blank' - ) . ' ]'; - } - } //show explain - - $url_params['sql_query'] = $sql_query; - $url_params['show_query'] = 1; - - // even if the query is big and was truncated, offer the chance - // to edit it (unless it's enormous, see linkOrButton() ) - if (! empty($cfg['SQLQuery']['Edit']) - && empty($GLOBALS['show_as_php']) - ) { - $edit_link .= Url::getCommon($url_params); - $edit_link = ' [ ' - . self::linkOrButton($edit_link, __('Edit')) - . ' ]'; - } else { - $edit_link = ''; - } - - // Also we would like to get the SQL formed in some nice - // php-code - if (! empty($cfg['SQLQuery']['ShowAsPHP']) && ! $query_too_big) { - if (! empty($GLOBALS['show_as_php'])) { - $php_link = ' [ ' - . self::linkOrButton( - 'import.php' . Url::getCommon($url_params), - __('Without PHP code') - ) - . ' ]'; - - $php_link .= ' [ ' - . self::linkOrButton( - 'import.php' . Url::getCommon($url_params), - __('Submit query') - ) - . ' ]'; - } else { - $php_params = $url_params; - $php_params['show_as_php'] = 1; - $php_link = ' [ ' - . self::linkOrButton( - 'import.php' . Url::getCommon($php_params), - __('Create PHP code') - ) - . ' ]'; - } - } else { - $php_link = ''; - } //show as php - - // Refresh query - if (! empty($cfg['SQLQuery']['Refresh']) - && ! isset($GLOBALS['show_as_php']) // 'Submit query' does the same - && preg_match('@^(SELECT|SHOW)[[:space:]]+@i', $sql_query) - ) { - $refresh_link = 'sql.php' . Url::getCommon($url_params); - $refresh_link = ' [ ' - . self::linkOrButton($refresh_link, __('Refresh')) . ']'; - } else { - $refresh_link = ''; - } //refresh - - $retval .= '
'; - $retval .= $query_base; - $retval .= '
'; - - $retval .= '
'; - $retval .= '
'; - $retval .= Url::getHiddenInputs($GLOBALS['db'], $GLOBALS['table']); - $retval .= ''; - - // avoid displaying a Profiling checkbox that could - // be checked, which would reexecute an INSERT, for example - if (! empty($refresh_link) && self::profilingSupported()) { - $retval .= ''; - $retval .= $template->render('checkbox', [ - 'html_field_name' => 'profiling', - 'label' => __('Profiling'), - 'checked' => isset($_SESSION['profiling']), - 'onclick' => true, - 'html_field_id' => '', - ]); - } - $retval .= '
'; - - /** - * TODO: Should we have $cfg['SQLQuery']['InlineEdit']? - */ - if (! empty($cfg['SQLQuery']['Edit']) - && ! $query_too_big - && empty($GLOBALS['show_as_php']) - ) { - $inline_edit_link = ' [' - . self::linkOrButton( - '#', - _pgettext('Inline edit query', 'Edit inline'), - ['class' => 'inline_edit_sql'] - ) - . ']'; - } else { - $inline_edit_link = ''; - } - $retval .= $inline_edit_link . $edit_link . $explain_link . $php_link - . $refresh_link; - $retval .= '
'; - - $retval .= '
'; - } - - return $retval; - } // end of the 'getMessage()' function - - /** - * Execute an EXPLAIN query and formats results similar to MySQL command line - * utility. - * - * @param string $sqlQuery EXPLAIN query - * - * @return string query resuls - */ - private static function _generateRowQueryOutput($sqlQuery) - { - $ret = ''; - $result = $GLOBALS['dbi']->query($sqlQuery); - if ($result) { - $devider = '+'; - $columnNames = '|'; - $fieldsMeta = $GLOBALS['dbi']->getFieldsMeta($result); - foreach ($fieldsMeta as $meta) { - $devider .= '---+'; - $columnNames .= ' ' . $meta->name . ' |'; - } - $devider .= "\n"; - - $ret .= $devider . $columnNames . "\n" . $devider; - while ($row = $GLOBALS['dbi']->fetchRow($result)) { - $values = '|'; - foreach ($row as $value) { - if ($value === null) { - $value = 'NULL'; - } - $values .= ' ' . $value . ' |'; - } - $ret .= $values . "\n"; - } - $ret .= $devider; - } - return $ret; - } - - /** - * Verifies if current MySQL server supports profiling - * - * @access public - * - * @return boolean whether profiling is supported - */ - public static function profilingSupported() - { - if (! self::cacheExists('profiling_supported')) { - // 5.0.37 has profiling but for example, 5.1.20 does not - // (avoid a trip to the server for MySQL before 5.0.37) - // and do not set a constant as we might be switching servers - if ($GLOBALS['dbi']->fetchValue("SELECT @@have_profiling") - ) { - self::cacheSet('profiling_supported', true); - } else { - self::cacheSet('profiling_supported', false); - } - } - - return self::cacheGet('profiling_supported'); - } - - /** - * Formats $value to byte view - * - * @param double|int $value the value to format - * @param int $limes the sensitiveness - * @param int $comma the number of decimals to retain - * - * @return array|null the formatted value and its unit - * - * @access public - */ - public static function formatByteDown($value, $limes = 6, $comma = 0) - { - if ($value === null) { - return null; - } - - $byteUnits = [ - /* l10n: shortcuts for Byte */ - __('B'), - /* l10n: shortcuts for Kilobyte */ - __('KiB'), - /* l10n: shortcuts for Megabyte */ - __('MiB'), - /* l10n: shortcuts for Gigabyte */ - __('GiB'), - /* l10n: shortcuts for Terabyte */ - __('TiB'), - /* l10n: shortcuts for Petabyte */ - __('PiB'), - /* l10n: shortcuts for Exabyte */ - __('EiB'), - ]; - - $dh = pow(10, $comma); - $li = pow(10, $limes); - $unit = $byteUnits[0]; - - for ($d = 6, $ex = 15; $d >= 1; $d--, $ex -= 3) { - $unitSize = $li * pow(10, $ex); - if (isset($byteUnits[$d]) && $value >= $unitSize) { - // use 1024.0 to avoid integer overflow on 64-bit machines - $value = round($value / (pow(1024, $d) / $dh)) / $dh; - $unit = $byteUnits[$d]; - break 1; - } // end if - } // end for - - if ($unit != $byteUnits[0]) { - // if the unit is not bytes (as represented in current language) - // reformat with max length of 5 - // 4th parameter=true means do not reformat if value < 1 - $return_value = self::formatNumber($value, 5, $comma, true, false); - } else { - // do not reformat, just handle the locale - $return_value = self::formatNumber($value, 0); - } - - return [ - trim($return_value), - $unit, - ]; - } // end of the 'formatByteDown' function - - - /** - * Formats $value to the given length and appends SI prefixes - * with a $length of 0 no truncation occurs, number is only formatted - * to the current locale - * - * examples: - * - * echo formatNumber(123456789, 6); // 123,457 k - * echo formatNumber(-123456789, 4, 2); // -123.46 M - * echo formatNumber(-0.003, 6); // -3 m - * echo formatNumber(0.003, 3, 3); // 0.003 - * echo formatNumber(0.00003, 3, 2); // 0.03 m - * echo formatNumber(0, 6); // 0 - * - * - * @param double $value the value to format - * @param integer $digits_left number of digits left of the comma - * @param integer $digits_right number of digits right of the comma - * @param boolean $only_down do not reformat numbers below 1 - * @param boolean $noTrailingZero removes trailing zeros right of the comma - * (default: true) - * - * @return string the formatted value and its unit - * - * @access public - */ - public static function formatNumber( - $value, - $digits_left = 3, - $digits_right = 0, - $only_down = false, - $noTrailingZero = true - ) { - if ($value == 0) { - return '0'; - } - - $originalValue = $value; - //number_format is not multibyte safe, str_replace is safe - if ($digits_left === 0) { - $value = number_format( - (float) $value, - $digits_right, - /* l10n: Decimal separator */ - __('.'), - /* l10n: Thousands separator */ - __(',') - ); - if (($originalValue != 0) && (floatval($value) == 0)) { - $value = ' <' . (1 / pow(10, $digits_right)); - } - return $value; - } - - // this units needs no translation, ISO - $units = [ - -8 => 'y', - -7 => 'z', - -6 => 'a', - -5 => 'f', - -4 => 'p', - -3 => 'n', - -2 => 'ยต', - -1 => 'm', - 0 => ' ', - 1 => 'k', - 2 => 'M', - 3 => 'G', - 4 => 'T', - 5 => 'P', - 6 => 'E', - 7 => 'Z', - 8 => 'Y', - ]; - /* l10n: Decimal separator */ - $decimal_sep = __('.'); - /* l10n: Thousands separator */ - $thousands_sep = __(','); - - // check for negative value to retain sign - if ($value < 0) { - $sign = '-'; - $value = abs($value); - } else { - $sign = ''; - } - - $dh = pow(10, $digits_right); - - /* - * This gives us the right SI prefix already, - * but $digits_left parameter not incorporated - */ - $d = floor(log10((float) $value) / 3); - /* - * Lowering the SI prefix by 1 gives us an additional 3 zeros - * So if we have 3,6,9,12.. free digits ($digits_left - $cur_digits) - * to use, then lower the SI prefix - */ - $cur_digits = floor(log10($value / pow(1000, $d)) + 1); - if ($digits_left > $cur_digits) { - $d -= floor(($digits_left - $cur_digits) / 3); - } - - if ($d < 0 && $only_down) { - $d = 0; - } - - $value = round($value / (pow(1000, $d) / $dh)) / $dh; - $unit = $units[$d]; - - // number_format is not multibyte safe, str_replace is safe - $formattedValue = number_format( - $value, - $digits_right, - $decimal_sep, - $thousands_sep - ); - // If we don't want any zeros, remove them now - if ($noTrailingZero && strpos($formattedValue, $decimal_sep) !== false) { - $formattedValue = preg_replace('/' . preg_quote($decimal_sep, '/') . '?0+$/', '', $formattedValue); - } - - if ($originalValue != 0 && floatval($value) == 0) { - return ' <' . number_format( - 1 / pow(10, $digits_right), - $digits_right, - $decimal_sep, - $thousands_sep - ) - . ' ' . $unit; - } - - return $sign . $formattedValue . ' ' . $unit; - } // end of the 'formatNumber' function - - /** - * Returns the number of bytes when a formatted size is given - * - * @param string $formatted_size the size expression (for example 8MB) - * - * @return integer The numerical part of the expression (for example 8) - */ - public static function extractValueFromFormattedSize($formatted_size) - { - $return_value = -1; - - $formatted_size = (string) $formatted_size; - - if (preg_match('/^[0-9]+GB$/', $formatted_size)) { - $return_value = (int) mb_substr( - $formatted_size, - 0, - -2 - ) * pow(1024, 3); - } elseif (preg_match('/^[0-9]+MB$/', $formatted_size)) { - $return_value = (int) mb_substr( - $formatted_size, - 0, - -2 - ) * pow(1024, 2); - } elseif (preg_match('/^[0-9]+K$/', $formatted_size)) { - $return_value = (int) mb_substr( - $formatted_size, - 0, - -1 - ) * pow(1024, 1); - } - return $return_value; - } - - /** - * Writes localised date - * - * @param integer $timestamp the current timestamp - * @param string $format format - * - * @return string the formatted date - * - * @access public - */ - public static function localisedDate($timestamp = -1, $format = '') - { - $month = [ - /* l10n: Short month name */ - __('Jan'), - /* l10n: Short month name */ - __('Feb'), - /* l10n: Short month name */ - __('Mar'), - /* l10n: Short month name */ - __('Apr'), - /* l10n: Short month name */ - _pgettext('Short month name', 'May'), - /* l10n: Short month name */ - __('Jun'), - /* l10n: Short month name */ - __('Jul'), - /* l10n: Short month name */ - __('Aug'), - /* l10n: Short month name */ - __('Sep'), - /* l10n: Short month name */ - __('Oct'), - /* l10n: Short month name */ - __('Nov'), - /* l10n: Short month name */ - __('Dec'), - ]; - $day_of_week = [ - /* l10n: Short week day name for Sunday */ - _pgettext('Short week day name', 'Sun'), - /* l10n: Short week day name for Monday */ - __('Mon'), - /* l10n: Short week day name for Tuesday */ - __('Tue'), - /* l10n: Short week day name for Wednesday */ - __('Wed'), - /* l10n: Short week day name for Thursday */ - __('Thu'), - /* l10n: Short week day name for Friday */ - __('Fri'), - /* l10n: Short week day name for Saturday */ - __('Sat'), - ]; - - if ($format == '') { - /* l10n: See https://www.php.net/manual/en/function.strftime.php */ - $format = __('%B %d, %Y at %I:%M %p'); - } - - if ($timestamp == -1) { - $timestamp = time(); - } - - $date = preg_replace( - '@%[aA]@', - $day_of_week[(int) strftime('%w', (int) $timestamp)], - $format - ); - $date = preg_replace( - '@%[bB]@', - $month[(int) strftime('%m', (int) $timestamp) - 1], - $date - ); - - /* Fill in AM/PM */ - $hours = (int) date('H', (int) $timestamp); - if ($hours >= 12) { - $am_pm = _pgettext('AM/PM indication in time', 'PM'); - } else { - $am_pm = _pgettext('AM/PM indication in time', 'AM'); - } - $date = preg_replace('@%[pP]@', $am_pm, $date); - - $ret = strftime($date, (int) $timestamp); - // Some OSes such as Win8.1 Traditional Chinese version did not produce UTF-8 - // output here. See https://github.com/phpmyadmin/phpmyadmin/issues/10598 - if (mb_detect_encoding($ret, 'UTF-8', true) != 'UTF-8') { - $ret = date('Y-m-d H:i:s', (int) $timestamp); - } - - return $ret; - } // end of the 'localisedDate()' function - - /** - * returns a tab for tabbed navigation. - * If the variables $link and $args ar left empty, an inactive tab is created - * - * @param array $tab array with all options - * @param array $url_params tab specific URL parameters - * - * @return string html code for one tab, a link if valid otherwise a span - * - * @access public - */ - public static function getHtmlTab(array $tab, array $url_params = []) - { - $template = new Template(); - // default values - $defaults = [ - 'text' => '', - 'class' => '', - 'active' => null, - 'link' => '', - 'sep' => '?', - 'attr' => '', - 'args' => '', - 'warning' => '', - 'fragment' => '', - 'id' => '', - ]; - - $tab = array_merge($defaults, $tab); - - // determine additional style-class - if (empty($tab['class'])) { - if (! empty($tab['active']) - || Core::isValid($GLOBALS['active_page'], 'identical', $tab['link']) - ) { - $tab['class'] = 'active'; - } elseif ($tab['active'] === null && empty($GLOBALS['active_page']) - && (basename($GLOBALS['PMA_PHP_SELF']) == $tab['link']) - ) { - $tab['class'] = 'active'; - } - } - - // build the link - if (! empty($tab['link'])) { - // If there are any tab specific URL parameters, merge those with - // the general URL parameters - if (! empty($tab['args']) && is_array($tab['args'])) { - $url_params = array_merge($url_params, $tab['args']); - } - $tab['link'] = htmlentities($tab['link']) . Url::getCommon($url_params); - } - - if (! empty($tab['fragment'])) { - $tab['link'] .= $tab['fragment']; - } - - // display icon - if (isset($tab['icon'])) { - // avoid generating an alt tag, because it only illustrates - // the text that follows and if browser does not display - // images, the text is duplicated - $tab['text'] = self::getIcon( - $tab['icon'], - $tab['text'], - false, - true, - 'TabsMode' - ); - } elseif (empty($tab['text'])) { - // check to not display an empty link-text - $tab['text'] = '?'; - trigger_error( - 'empty linktext in function ' . __FUNCTION__ . '()', - E_USER_NOTICE - ); - } - - //Set the id for the tab, if set in the params - $tabId = (empty($tab['id']) ? null : $tab['id']); - - $item = []; - if (! empty($tab['link'])) { - $item = [ - 'content' => $tab['text'], - 'url' => [ - 'href' => empty($tab['link']) ? null : $tab['link'], - 'id' => $tabId, - 'class' => 'tab' . htmlentities($tab['class']), - ], - ]; - } else { - $item['content'] = '' . $tab['text'] . ''; - } - - $item['class'] = $tab['class'] == 'active' ? 'active' : ''; - - return $template->render('list/item', $item); - } - - /** - * returns html-code for a tab navigation - * - * @param array $tabs one element per tab - * @param array $url_params additional URL parameters - * @param string $menu_id HTML id attribute for the menu container - * @param bool $resizable whether to add a "resizable" class - * - * @return string html-code for tab-navigation - */ - public static function getHtmlTabs( - array $tabs, - array $url_params, - $menu_id, - $resizable = false - ) { - $class = ''; - if ($resizable) { - $class = ' class="resizable-menu"'; - } - - $tab_navigation = '
' - . '' - . '
    '; - - foreach ($tabs as $tab) { - $tab_navigation .= self::getHtmlTab($tab, $url_params); - } - $tab_navigation .= ''; - - $tab_navigation .= - '
    ' - . '
' . "\n" - . '' - . '
' . "\n"; - - return $tab_navigation; - } - - /** - * Displays a link, or a link with code to trigger POST request. - * - * POST is used in following cases: - * - * - URL is too long - * - URL components are over Suhosin limits - * - There is SQL query in the parameters - * - * @param string $url the URL - * @param string $message the link message - * @param mixed $tag_params string: js confirmation; array: additional tag - * params (f.e. style="") - * @param string $target target - * - * @return string the results to be echoed or saved in an array - */ - public static function linkOrButton( - $url, - $message, - $tag_params = [], - $target = '' - ) { - $url_length = strlen($url); - - if (! is_array($tag_params)) { - $tmp = $tag_params; - $tag_params = []; - if (! empty($tmp)) { - $tag_params['onclick'] = 'return Functions.confirmLink(this, \'' - . Sanitize::escapeJsString($tmp) . '\')'; - } - unset($tmp); - } - if (! empty($target)) { - $tag_params['target'] = $target; - if ($target === '_blank' && strncmp($url, 'url.php?', 8) == 0) { - $tag_params['rel'] = 'noopener noreferrer'; - } - } - - // Suhosin: Check that each query parameter is not above maximum - $in_suhosin_limits = true; - if ($url_length <= $GLOBALS['cfg']['LinkLengthLimit']) { - $suhosin_get_MaxValueLength = ini_get('suhosin.get.max_value_length'); - if ($suhosin_get_MaxValueLength) { - $query_parts = self::splitURLQuery($url); - foreach ($query_parts as $query_pair) { - if (strpos($query_pair, '=') === false) { - continue; - } - - list(, $eachval) = explode('=', $query_pair); - if (strlen($eachval) > $suhosin_get_MaxValueLength - ) { - $in_suhosin_limits = false; - break; - } - } - } - } - - $tag_params_strings = []; - if (($url_length > $GLOBALS['cfg']['LinkLengthLimit']) - || ! $in_suhosin_limits - // Has as sql_query without a signature - || ( strpos($url, 'sql_query=') !== false && strpos($url, 'sql_signature=') === false) - || strpos($url, 'view[as]=') !== false - ) { - $parts = explode('?', $url, 2); - /* - * The data-post indicates that client should do POST - * this is handled in js/ajax.js - */ - $tag_params_strings[] = 'data-post="' . (isset($parts[1]) ? $parts[1] : '') . '"'; - $url = $parts[0]; - if (array_key_exists('class', $tag_params) - && strpos($tag_params['class'], 'create_view') !== false - ) { - $url .= '?' . explode('&', $parts[1], 2)[0]; - } - } - - foreach ($tag_params as $par_name => $par_value) { - $tag_params_strings[] = $par_name . '="' . htmlspecialchars($par_value) . '"'; - } - - // no whitespace within an else Safari will make it part of the link - return '' - . $message . ''; - } // end of the 'linkOrButton()' function - - /** - * Splits a URL string by parameter - * - * @param string $url the URL - * - * @return array the parameter/value pairs, for example [0] db=sakila - */ - public static function splitURLQuery($url) - { - // decode encoded url separators - $separator = Url::getArgSeparator(); - // on most places separator is still hard coded ... - if ($separator !== '&') { - // ... so always replace & with $separator - $url = str_replace([htmlentities('&'), '&'], [$separator, $separator], $url); - } - - $url = str_replace(htmlentities($separator), $separator, $url); - // end decode - - $url_parts = parse_url($url); - - if (! empty($url_parts['query'])) { - return explode($separator, $url_parts['query']); - } - - return []; - } - - /** - * Returns a given timespan value in a readable format. - * - * @param int $seconds the timespan - * - * @return string the formatted value - */ - public static function timespanFormat($seconds) - { - $days = floor($seconds / 86400); - if ($days > 0) { - $seconds -= $days * 86400; - } - - $hours = floor($seconds / 3600); - if ($days > 0 || $hours > 0) { - $seconds -= $hours * 3600; - } - - $minutes = floor($seconds / 60); - if ($days > 0 || $hours > 0 || $minutes > 0) { - $seconds -= $minutes * 60; - } - - return sprintf( - __('%s days, %s hours, %s minutes and %s seconds'), - (string) $days, - (string) $hours, - (string) $minutes, - (string) $seconds - ); - } - - /** - * Function added to avoid path disclosures. - * Called by each script that needs parameters, it displays - * an error message and, by default, stops the execution. - * - * @param string[] $params The names of the parameters needed by the calling - * script - * @param boolean $request Check parameters in request - * - * @return void - * - * @access public - */ - public static function checkParameters($params, $request = false) - { - $reported_script_name = basename($GLOBALS['PMA_PHP_SELF']); - $found_error = false; - $error_message = ''; - if ($request) { - $array = $_REQUEST; - } else { - $array = $GLOBALS; - } - - foreach ($params as $param) { - if (! isset($array[$param])) { - $error_message .= $reported_script_name - . ': ' . __('Missing parameter:') . ' ' - . $param - . self::showDocu('faq', 'faqmissingparameters', true) - . '[br]'; - $found_error = true; - } - } - if ($found_error) { - Core::fatalError($error_message); - } - } // end function - - /** - * Function to generate unique condition for specified row. - * - * @param resource $handle current query result - * @param integer $fields_cnt number of fields - * @param stdClass[] $fields_meta meta information about fields - * @param array $row current row - * @param boolean $force_unique generate condition only on pk - * or unique - * @param string|boolean $restrict_to_table restrict the unique condition - * to this table or false if - * none - * @param array|null $analyzed_sql_results the analyzed query - * - * @access public - * - * @return array the calculated condition and whether condition is unique - */ - public static function getUniqueCondition( - $handle, - $fields_cnt, - array $fields_meta, - array $row, - $force_unique = false, - $restrict_to_table = false, - $analyzed_sql_results = null - ) { - $primary_key = ''; - $unique_key = ''; - $nonprimary_condition = ''; - $preferred_condition = ''; - $primary_key_array = []; - $unique_key_array = []; - $nonprimary_condition_array = []; - $condition_array = []; - - for ($i = 0; $i < $fields_cnt; ++$i) { - $con_val = ''; - $field_flags = $GLOBALS['dbi']->fieldFlags($handle, $i); - $meta = $fields_meta[$i]; - - // do not use a column alias in a condition - if (! isset($meta->orgname) || strlen($meta->orgname) === 0) { - $meta->orgname = $meta->name; - - if (! empty($analyzed_sql_results['statement']->expr)) { - foreach ($analyzed_sql_results['statement']->expr as $expr) { - if (empty($expr->alias) || empty($expr->column)) { - continue; - } - if (strcasecmp($meta->name, $expr->alias) == 0) { - $meta->orgname = $expr->column; - break; - } - } - } - } - - // Do not use a table alias in a condition. - // Test case is: - // select * from galerie x WHERE - //(select count(*) from galerie y where y.datum=x.datum)>1 - // - // But orgtable is present only with mysqli extension so the - // fix is only for mysqli. - // Also, do not use the original table name if we are dealing with - // a view because this view might be updatable. - // (The isView() verification should not be costly in most cases - // because there is some caching in the function). - if (isset($meta->orgtable) - && ($meta->table != $meta->orgtable) - && ! $GLOBALS['dbi']->getTable($GLOBALS['db'], $meta->table)->isView() - ) { - $meta->table = $meta->orgtable; - } - - // If this field is not from the table which the unique clause needs - // to be restricted to. - if ($restrict_to_table && $restrict_to_table != $meta->table) { - continue; - } - - // to fix the bug where float fields (primary or not) - // can't be matched because of the imprecision of - // floating comparison, use CONCAT - // (also, the syntax "CONCAT(field) IS NULL" - // that we need on the next "if" will work) - if ($meta->type == 'real') { - $con_key = 'CONCAT(' . self::backquote($meta->table) . '.' - . self::backquote($meta->orgname) . ')'; - } else { - $con_key = self::backquote($meta->table) . '.' - . self::backquote($meta->orgname); - } // end if... else... - $condition = ' ' . $con_key . ' '; - - if (! isset($row[$i]) || $row[$i] === null) { - $con_val = 'IS NULL'; - } else { - // timestamp is numeric on some MySQL 4.1 - // for real we use CONCAT above and it should compare to string - if ($meta->numeric - && ($meta->type != 'timestamp') - && ($meta->type != 'real') - ) { - $con_val = '= ' . $row[$i]; - } elseif ((($meta->type == 'blob') || ($meta->type == 'string')) - && false !== stripos($field_flags, 'BINARY') - && ! empty($row[$i]) - ) { - // hexify only if this is a true not empty BLOB or a BINARY - - // do not waste memory building a too big condition - if (mb_strlen($row[$i]) < 1000) { - // use a CAST if possible, to avoid problems - // if the field contains wildcard characters % or _ - $con_val = '= CAST(0x' . bin2hex($row[$i]) . ' AS BINARY)'; - } elseif ($fields_cnt == 1) { - // when this blob is the only field present - // try settling with length comparison - $condition = ' CHAR_LENGTH(' . $con_key . ') '; - $con_val = ' = ' . mb_strlen($row[$i]); - } else { - // this blob won't be part of the final condition - $con_val = null; - } - } elseif (in_array($meta->type, self::getGISDatatypes()) - && ! empty($row[$i]) - ) { - // do not build a too big condition - if (mb_strlen($row[$i]) < 5000) { - $condition .= '=0x' . bin2hex($row[$i]) . ' AND'; - } else { - $condition = ''; - } - } elseif ($meta->type == 'bit') { - $con_val = "= b'" - . self::printableBitValue((int) $row[$i], (int) $meta->length) . "'"; - } else { - $con_val = '= \'' - . $GLOBALS['dbi']->escapeString($row[$i]) . '\''; - } - } - - if ($con_val != null) { - $condition .= $con_val . ' AND'; - - if ($meta->primary_key > 0) { - $primary_key .= $condition; - $primary_key_array[$con_key] = $con_val; - } elseif ($meta->unique_key > 0) { - $unique_key .= $condition; - $unique_key_array[$con_key] = $con_val; - } - - $nonprimary_condition .= $condition; - $nonprimary_condition_array[$con_key] = $con_val; - } - } // end for - - // Correction University of Virginia 19991216: - // prefer primary or unique keys for condition, - // but use conjunction of all values if no primary key - $clause_is_unique = true; - - if ($primary_key) { - $preferred_condition = $primary_key; - $condition_array = $primary_key_array; - } elseif ($unique_key) { - $preferred_condition = $unique_key; - $condition_array = $unique_key_array; - } elseif (! $force_unique) { - $preferred_condition = $nonprimary_condition; - $condition_array = $nonprimary_condition_array; - $clause_is_unique = false; - } - - $where_clause = trim(preg_replace('|\s?AND$|', '', $preferred_condition)); - return [ - $where_clause, - $clause_is_unique, - $condition_array, - ]; - } // end function - - /** - * Generate the charset query part - * - * @param string $collation Collation - * @param boolean $override (optional) force 'CHARACTER SET' keyword - * - * @return string - */ - public static function getCharsetQueryPart($collation, $override = false) - { - list($charset) = explode('_', $collation); - $keyword = ' CHARSET='; - - if ($override) { - $keyword = ' CHARACTER SET '; - } - return $keyword . $charset - . ($charset == $collation ? '' : ' COLLATE ' . $collation); - } - - /** - * Generate a button or image tag - * - * @param string $button_name name of button element - * @param string $button_class class of button or image element - * @param string $text text to display - * @param string $image image to display - * @param string $value value - * - * @return string html content - * - * @access public - */ - public static function getButtonOrImage( - $button_name, - $button_class, - $text, - $image, - $value = '' - ) { - if ($value == '') { - $value = $text; - } - if ($GLOBALS['cfg']['ActionLinksMode'] == 'text') { - return ' ' . "\n"; - } - return '' . "\n"; - } // end function - - /** - * Generate a pagination selector for browsing resultsets - * - * @param string $name The name for the request parameter - * @param int $rows Number of rows in the pagination set - * @param int $pageNow current page number - * @param int $nbTotalPage number of total pages - * @param int $showAll If the number of pages is lower than this - * variable, no pages will be omitted in pagination - * @param int $sliceStart How many rows at the beginning should always - * be shown? - * @param int $sliceEnd How many rows at the end should always be shown? - * @param int $percent Percentage of calculation page offsets to hop to a - * next page - * @param int $range Near the current page, how many pages should - * be considered "nearby" and displayed as well? - * @param string $prompt The prompt to display (sometimes empty) - * - * @return string - * - * @access public - */ - public static function pageselector( - $name, - $rows, - $pageNow = 1, - $nbTotalPage = 1, - $showAll = 200, - $sliceStart = 5, - $sliceEnd = 5, - $percent = 20, - $range = 10, - $prompt = '' - ) { - $increment = floor($nbTotalPage / $percent); - $pageNowMinusRange = ($pageNow - $range); - $pageNowPlusRange = ($pageNow + $range); - - $gotopage = $prompt . ' '; - - return $gotopage; - } // end function - - - /** - * Calculate page number through position - * @param int $pos position of first item - * @param int $max_count number of items per page - * @return int $page_num - * @access public - */ - public static function getPageFromPosition($pos, $max_count) - { - return (int) floor($pos / $max_count) + 1; - } - - /** - * Prepare navigation for a list - * - * @param int $count number of elements in the list - * @param int $pos current position in the list - * @param array $_url_params url parameters - * @param string $script script name for form target - * @param string $frame target frame - * @param int $max_count maximum number of elements to display from - * the list - * @param string $name the name for the request parameter - * @param string[] $classes additional classes for the container - * - * @return string the html content - * - * @access public - * - * @todo use $pos from $_url_params - */ - public static function getListNavigator( - $count, - $pos, - array $_url_params, - $script, - $frame, - $max_count, - $name = 'pos', - $classes = [] - ) { - - // This is often coming from $cfg['MaxTableList'] and - // people sometimes set it to empty string - $max_count = intval($max_count); - if ($max_count <= 0) { - $max_count = 250; - } - - $class = $frame == 'frame_navigation' ? ' class="ajax"' : ''; - - $list_navigator_html = ''; - - if ($max_count < $count) { - $classes[] = 'pageselector'; - $list_navigator_html .= '
'; - - if ($frame != 'frame_navigation') { - $list_navigator_html .= __('Page number:'); - } - - // Move to the beginning or to the previous page - if ($pos > 0) { - $caption1 = ''; - $caption2 = ''; - if (self::showIcons('TableNavigationLinksMode')) { - $caption1 .= '<< '; - $caption2 .= '< '; - } - if (self::showText('TableNavigationLinksMode')) { - $caption1 .= _pgettext('First page', 'Begin'); - $caption2 .= _pgettext('Previous page', 'Previous'); - } - $title1 = ' title="' . _pgettext('First page', 'Begin') . '"'; - $title2 = ' title="' . _pgettext('Previous page', 'Previous') . '"'; - - $_url_params[$name] = 0; - $list_navigator_html .= '' . $caption1 - . ''; - - $_url_params[$name] = $pos - $max_count; - $list_navigator_html .= ' ' - . $caption2 . ''; - } - - $list_navigator_html .= '
'; - - $list_navigator_html .= Url::getHiddenInputs($_url_params); - $list_navigator_html .= self::pageselector( - $name, - $max_count, - self::getPageFromPosition($pos, $max_count), - ceil($count / $max_count) - ); - $list_navigator_html .= '
'; - - if ($pos + $max_count < $count) { - $caption3 = ''; - $caption4 = ''; - if (self::showText('TableNavigationLinksMode')) { - $caption3 .= _pgettext('Next page', 'Next'); - $caption4 .= _pgettext('Last page', 'End'); - } - if (self::showIcons('TableNavigationLinksMode')) { - $caption3 .= ' >'; - $caption4 .= ' >>'; - } - $title3 = ' title="' . _pgettext('Next page', 'Next') . '"'; - $title4 = ' title="' . _pgettext('Last page', 'End') . '"'; - - $_url_params[$name] = $pos + $max_count; - $list_navigator_html .= '' . $caption3 - . ''; - - $_url_params[$name] = floor($count / $max_count) * $max_count; - if ($_url_params[$name] == $count) { - $_url_params[$name] = $count - $max_count; - } - - $list_navigator_html .= ' ' - . $caption4 . ''; - } - $list_navigator_html .= '
' . "\n"; - } - - return $list_navigator_html; - } - - /** - * replaces %u in given path with current user name - * - * example: - * - * $user_dir = userDir('/var/pma_tmp/%u/'); // '/var/pma_tmp/root/' - * - * - * - * @param string $dir with wildcard for user - * - * @return string per user directory - */ - public static function userDir($dir) - { - // add trailing slash - if (mb_substr($dir, -1) != '/') { - $dir .= '/'; - } - - return str_replace('%u', Core::securePath($GLOBALS['cfg']['Server']['user']), $dir); - } - - /** - * returns html code for db link to default db page - * - * @param string $database database - * - * @return string html link to default db page - */ - public static function getDbLink($database = '') - { - if (strlen((string) $database) === 0) { - if (strlen((string) $GLOBALS['db']) === 0) { - return ''; - } - $database = $GLOBALS['db']; - } else { - $database = self::unescapeMysqlWildcards($database); - } - - return '' . htmlspecialchars($database) . ''; - } - - /** - * Prepare a lightbulb hint explaining a known external bug - * that affects a functionality - * - * @param string $functionality localized message explaining the func. - * @param string $component 'mysql' (eventually, 'php') - * @param string $minimum_version of this component - * @param string $bugref bug reference for this component - * - * @return String - */ - public static function getExternalBug( - $functionality, - $component, - $minimum_version, - $bugref - ) { - $ext_but_html = ''; - if (($component == 'mysql') && ($GLOBALS['dbi']->getVersion() < $minimum_version)) { - $ext_but_html .= self::showHint( - sprintf( - __('The %s functionality is affected by a known bug, see %s'), - $functionality, - Core::linkURL('https://bugs.mysql.com/') . $bugref - ) - ); - } - return $ext_but_html; - } - - /** - * Generates a set of radio HTML fields - * - * @param string $html_field_name the radio HTML field - * @param array $choices the choices values and labels - * @param string $checked_choice the choice to check by default - * @param boolean $line_break whether to add HTML line break after a choice - * @param boolean $escape_label whether to use htmlspecialchars() on label - * @param string $class enclose each choice with a div of this class - * @param string $id_prefix prefix for the id attribute, name will be - * used if this is not supplied - * - * @return string set of html radio fiels - */ - public static function getRadioFields( - $html_field_name, - array $choices, - $checked_choice = '', - $line_break = true, - $escape_label = true, - $class = '', - $id_prefix = '' - ) { - $template = new Template(); - $radio_html = ''; - - foreach ($choices as $choice_value => $choice_label) { - if (! $id_prefix) { - $id_prefix = $html_field_name; - } - $html_field_id = $id_prefix . '_' . $choice_value; - - if ($choice_value == $checked_choice) { - $checked = 1; - } else { - $checked = 0; - } - $radio_html .= $template->render('radio_fields', [ - 'class' => $class, - 'html_field_name' => $html_field_name, - 'html_field_id' => $html_field_id, - 'choice_value' => $choice_value, - 'is_line_break' => $line_break, - 'choice_label' => $choice_label, - 'escape_label' => $escape_label, - 'checked' => $checked, - ]); - } - - return $radio_html; - } - - /** - * Generates and returns an HTML dropdown - * - * @param string $select_name name for the select element - * @param array $choices choices values - * @param string $active_choice the choice to select by default - * @param string $id id of the select element; can be different in - * case the dropdown is present more than once - * on the page - * @param string $class class for the select element - * @param string $placeholder Placeholder for dropdown if nothing else - * is selected - * - * @return string html content - * - * @todo support titles - */ - public static function getDropdown( - $select_name, - array $choices, - $active_choice, - $id, - $class = '', - $placeholder = null - ) { - $template = new Template(); - $resultOptions = []; - $selected = false; - - foreach ($choices as $one_choice_value => $one_choice_label) { - $resultOptions[$one_choice_value]['value'] = $one_choice_value; - $resultOptions[$one_choice_value]['selected'] = false; - - if ($one_choice_value == $active_choice) { - $resultOptions[$one_choice_value]['selected'] = true; - $selected = true; - } - $resultOptions[$one_choice_value]['label'] = $one_choice_label; - } - return $template->render('dropdown', [ - 'select_name' => $select_name, - 'id' => $id, - 'class' => $class, - 'placeholder' => $placeholder, - 'selected' => $selected, - 'result_options' => $resultOptions, - ]); - } - - /** - * Generates a slider effect (jQjuery) - * Takes care of generating the initial
and the link - * controlling the slider; you have to generate the
yourself - * after the sliding section. - * - * @param string $id the id of the
on which to apply the effect - * @param string $message the message to show as a link - * @param string|null $overrideDefault override InitialSlidersState config - * - * @return string html div element - * - */ - public static function getDivForSliderEffect($id = '', $message = '', $overrideDefault = null) - { - $template = new Template(); - return $template->render('div_for_slider_effect', [ - 'id' => $id, - 'initial_sliders_state' => ($overrideDefault != null) ? $overrideDefault : $GLOBALS['cfg']['InitialSlidersState'], - 'message' => $message, - ]); - } - - /** - * Creates an AJAX sliding toggle button - * (or and equivalent form when AJAX is disabled) - * - * @param string $action The URL for the request to be executed - * @param string $select_name The name for the dropdown box - * @param array $options An array of options (see PhpMyAdmin\Rte\Footer) - * @param string $callback A JS snippet to execute when the request is - * successfully processed - * - * @return string HTML code for the toggle button - */ - public static function toggleButton($action, $select_name, array $options, $callback) - { - $template = new Template(); - // Do the logic first - $link = "$action&" . urlencode($select_name) . "="; - $link_on = $link . urlencode($options[1]['value']); - $link_off = $link . urlencode($options[0]['value']); - - if ($options[1]['selected'] == true) { - $state = 'on'; - } elseif ($options[0]['selected'] == true) { - $state = 'off'; - } else { - $state = 'on'; - } - - return $template->render('toggle_button', [ - 'pma_theme_image' => $GLOBALS['pmaThemeImage'], - 'text_dir' => $GLOBALS['text_dir'], - 'link_on' => $link_on, - 'link_off' => $link_off, - 'toggle_on' => $options[1]['label'], - 'toggle_off' => $options[0]['label'], - 'callback' => $callback, - 'state' => $state, - ]); - } - - /** - * Clears cache content which needs to be refreshed on user change. - * - * @return void - */ - public static function clearUserCache() - { - self::cacheUnset('is_superuser'); - self::cacheUnset('is_createuser'); - self::cacheUnset('is_grantuser'); - } - - /** - * Calculates session cache key - * - * @return string - */ - public static function cacheKey() - { - if (isset($GLOBALS['cfg']['Server']['user'])) { - return 'server_' . $GLOBALS['server'] . '_' . $GLOBALS['cfg']['Server']['user']; - } - - return 'server_' . $GLOBALS['server']; - } - - /** - * Verifies if something is cached in the session - * - * @param string $var variable name - * - * @return boolean - */ - public static function cacheExists($var) - { - return isset($_SESSION['cache'][self::cacheKey()][$var]); - } - - /** - * Gets cached information from the session - * - * @param string $var variable name - * @param Closure $callback callback to fetch the value - * - * @return mixed - */ - public static function cacheGet($var, $callback = null) - { - if (self::cacheExists($var)) { - return $_SESSION['cache'][self::cacheKey()][$var]; - } - - if ($callback) { - $val = $callback(); - self::cacheSet($var, $val); - return $val; - } - return null; - } - - /** - * Caches information in the session - * - * @param string $var variable name - * @param mixed $val value - * - * @return void - */ - public static function cacheSet($var, $val = null) - { - $_SESSION['cache'][self::cacheKey()][$var] = $val; - } - - /** - * Removes cached information from the session - * - * @param string $var variable name - * - * @return void - */ - public static function cacheUnset($var) - { - unset($_SESSION['cache'][self::cacheKey()][$var]); - } - - /** - * Converts a bit value to printable format; - * in MySQL a BIT field can be from 1 to 64 bits so we need this - * function because in PHP, decbin() supports only 32 bits - * on 32-bit servers - * - * @param int $value coming from a BIT field - * @param int $length length - * - * @return string the printable value - */ - public static function printableBitValue(int $value, int $length): string - { - // if running on a 64-bit server or the length is safe for decbin() - if (PHP_INT_SIZE == 8 || $length < 33) { - $printable = decbin($value); - } else { - // FIXME: does not work for the leftmost bit of a 64-bit value - $i = 0; - $printable = ''; - while ($value >= pow(2, $i)) { - ++$i; - } - if ($i != 0) { - --$i; - } - - while ($i >= 0) { - if ($value - pow(2, $i) < 0) { - $printable = '0' . $printable; - } else { - $printable = '1' . $printable; - $value -= pow(2, $i); - } - --$i; - } - $printable = strrev($printable); - } - $printable = str_pad($printable, $length, '0', STR_PAD_LEFT); - return $printable; - } - - /** - * Converts a BIT type default value - * for example, b'010' becomes 010 - * - * @param string $bit_default_value value - * - * @return string the converted value - */ - public static function convertBitDefaultValue($bit_default_value) - { - return rtrim(ltrim(htmlspecialchars_decode($bit_default_value, ENT_QUOTES), "b'"), "'"); - } - - /** - * Extracts the various parts from a column spec - * - * @param string $columnspec Column specification - * - * @return array associative array containing type, spec_in_brackets - * and possibly enum_set_values (another array) - */ - public static function extractColumnSpec($columnspec) - { - $first_bracket_pos = mb_strpos($columnspec, '('); - if ($first_bracket_pos) { - $spec_in_brackets = rtrim( - mb_substr( - $columnspec, - $first_bracket_pos + 1, - mb_strrpos($columnspec, ')') - $first_bracket_pos - 1 - ) - ); - // convert to lowercase just to be sure - $type = mb_strtolower( - rtrim(mb_substr($columnspec, 0, $first_bracket_pos)) - ); - } else { - // Split trailing attributes such as unsigned, - // binary, zerofill and get data type name - $type_parts = explode(' ', $columnspec); - $type = mb_strtolower($type_parts[0]); - $spec_in_brackets = ''; - } - - if ('enum' == $type || 'set' == $type) { - // Define our working vars - $enum_set_values = self::parseEnumSetValues($columnspec, false); - $printtype = $type - . '(' . str_replace("','", "', '", $spec_in_brackets) . ')'; - $binary = false; - $unsigned = false; - $zerofill = false; - } else { - $enum_set_values = []; - - /* Create printable type name */ - $printtype = mb_strtolower($columnspec); - - // Strip the "BINARY" attribute, except if we find "BINARY(" because - // this would be a BINARY or VARBINARY column type; - // by the way, a BLOB should not show the BINARY attribute - // because this is not accepted in MySQL syntax. - if (false !== strpos($printtype, "binary") - && ! preg_match('@binary[\(]@', $printtype) - ) { - $printtype = str_replace("binary", '', $printtype); - $binary = true; - } else { - $binary = false; - } - - $printtype = preg_replace( - '@zerofill@', - '', - $printtype, - -1, - $zerofill_cnt - ); - $zerofill = ($zerofill_cnt > 0); - $printtype = preg_replace( - '@unsigned@', - '', - $printtype, - -1, - $unsigned_cnt - ); - $unsigned = ($unsigned_cnt > 0); - $printtype = trim($printtype); - } - - $attribute = ' '; - if ($binary) { - $attribute = 'BINARY'; - } - if ($unsigned) { - $attribute = 'UNSIGNED'; - } - if ($zerofill) { - $attribute = 'UNSIGNED ZEROFILL'; - } - - $can_contain_collation = false; - if (! $binary - && preg_match( - "@^(char|varchar|text|tinytext|mediumtext|longtext|set|enum)@", - $type - ) - ) { - $can_contain_collation = true; - } - - // for the case ENUM('–','“') - $displayed_type = htmlspecialchars($printtype); - if (mb_strlen($printtype) > $GLOBALS['cfg']['LimitChars']) { - $displayed_type = ''; - $displayed_type .= htmlspecialchars( - mb_substr( - $printtype, - 0, - (int) $GLOBALS['cfg']['LimitChars'] - ) . '...' - ); - $displayed_type .= ''; - } - - return [ - 'type' => $type, - 'spec_in_brackets' => $spec_in_brackets, - 'enum_set_values' => $enum_set_values, - 'print_type' => $printtype, - 'binary' => $binary, - 'unsigned' => $unsigned, - 'zerofill' => $zerofill, - 'attribute' => $attribute, - 'can_contain_collation' => $can_contain_collation, - 'displayed_type' => $displayed_type, - ]; - } - - /** - * Verifies if this table's engine supports foreign keys - * - * @param string $engine engine - * - * @return boolean - */ - public static function isForeignKeySupported($engine) - { - $engine = strtoupper((string) $engine); - if (($engine == 'INNODB') || ($engine == 'PBXT')) { - return true; - } elseif ($engine == 'NDBCLUSTER' || $engine == 'NDB') { - $ndbver = strtolower( - $GLOBALS['dbi']->fetchValue("SELECT @@ndb_version_string") - ); - if (substr($ndbver, 0, 4) == 'ndb-') { - $ndbver = substr($ndbver, 4); - } - return version_compare($ndbver, '7.3', '>='); - } - - return false; - } - - /** - * Is Foreign key check enabled? - * - * @return bool - */ - public static function isForeignKeyCheck() - { - if ($GLOBALS['cfg']['DefaultForeignKeyChecks'] === 'enable') { - return true; - } elseif ($GLOBALS['cfg']['DefaultForeignKeyChecks'] === 'disable') { - return false; - } - return ($GLOBALS['dbi']->getVariable('FOREIGN_KEY_CHECKS') == 'ON'); - } - - /** - * Get HTML for Foreign key check checkbox - * - * @return string HTML for checkbox - */ - public static function getFKCheckbox() - { - $template = new Template(); - return $template->render('fk_checkbox', [ - 'checked' => self::isForeignKeyCheck(), - ]); - } - - /** - * Handle foreign key check request - * - * @return bool Default foreign key checks value - */ - public static function handleDisableFKCheckInit() - { - $default_fk_check_value - = $GLOBALS['dbi']->getVariable('FOREIGN_KEY_CHECKS') == 'ON'; - if (isset($_REQUEST['fk_checks'])) { - if (empty($_REQUEST['fk_checks'])) { - // Disable foreign key checks - $GLOBALS['dbi']->setVariable('FOREIGN_KEY_CHECKS', 'OFF'); - } else { - // Enable foreign key checks - $GLOBALS['dbi']->setVariable('FOREIGN_KEY_CHECKS', 'ON'); - } - } // else do nothing, go with default - return $default_fk_check_value; - } - - /** - * Cleanup changes done for foreign key check - * - * @param bool $default_fk_check_value original value for 'FOREIGN_KEY_CHECKS' - * - * @return void - */ - public static function handleDisableFKCheckCleanup($default_fk_check_value) - { - $GLOBALS['dbi']->setVariable( - 'FOREIGN_KEY_CHECKS', - $default_fk_check_value ? 'ON' : 'OFF' - ); - } - - /** - * Converts GIS data to Well Known Text format - * - * @param string $data GIS data - * @param bool $includeSRID Add SRID to the WKT - * - * @return string GIS data in Well Know Text format - */ - public static function asWKT($data, $includeSRID = false) - { - // Convert to WKT format - $hex = bin2hex($data); - $spatialAsText = 'ASTEXT'; - $spatialSrid = 'SRID'; - if ($GLOBALS['dbi']->getVersion() >= 50600) { - $spatialAsText = 'ST_ASTEXT'; - $spatialSrid = 'ST_SRID'; - } - $wktsql = "SELECT $spatialAsText(x'" . $hex . "')"; - if ($includeSRID) { - $wktsql .= ", $spatialSrid(x'" . $hex . "')"; - } - - $wktresult = $GLOBALS['dbi']->tryQuery( - $wktsql - ); - $wktarr = $GLOBALS['dbi']->fetchRow($wktresult, 0); - $wktval = $wktarr[0] ?? null; - - if ($includeSRID) { - $srid = $wktarr[1] ?? null; - $wktval = "'" . $wktval . "'," . $srid; - } - @$GLOBALS['dbi']->freeResult($wktresult); - - return $wktval; - } - - /** - * If the string starts with a \r\n pair (0x0d0a) add an extra \n - * - * @param string $string string - * - * @return string with the chars replaced - */ - public static function duplicateFirstNewline($string) - { - $first_occurence = mb_strpos($string, "\r\n"); - if ($first_occurence === 0) { - $string = "\n" . $string; - } - return $string; - } - - /** - * Get the action word corresponding to a script name - * in order to display it as a title in navigation panel - * - * @param string $target a valid value for $cfg['NavigationTreeDefaultTabTable'], - * $cfg['NavigationTreeDefaultTabTable2'], - * $cfg['DefaultTabTable'] or $cfg['DefaultTabDatabase'] - * - * @return string Title for the $cfg value - */ - public static function getTitleForTarget($target) - { - $mapping = [ - 'structure' => __('Structure'), - 'sql' => __('SQL'), - 'search' => __('Search'), - 'insert' => __('Insert'), - 'browse' => __('Browse'), - 'operations' => __('Operations'), - - // For backward compatiblity - - // Values for $cfg['DefaultTabTable'] - 'tbl_structure.php' => __('Structure'), - 'tbl_sql.php' => __('SQL'), - 'tbl_select.php' => __('Search'), - 'tbl_change.php' => __('Insert'), - 'sql.php' => __('Browse'), - // Values for $cfg['DefaultTabDatabase'] - 'db_structure.php' => __('Structure'), - 'db_sql.php' => __('SQL'), - 'db_search.php' => __('Search'), - 'db_operations.php' => __('Operations'), - ]; - return isset($mapping[$target]) ? $mapping[$target] : false; - } - - /** - * Get the script name corresponding to a plain English config word - * in order to append in links on navigation and main panel - * - * @param string $target a valid value for - * $cfg['NavigationTreeDefaultTabTable'], - * $cfg['NavigationTreeDefaultTabTable2'], - * $cfg['DefaultTabTable'], $cfg['DefaultTabDatabase'] or - * $cfg['DefaultTabServer'] - * @param string $location one out of 'server', 'table', 'database' - * - * @return string script name corresponding to the config word - */ - public static function getScriptNameForOption($target, $location) - { - if ($location == 'server') { - // Values for $cfg['DefaultTabServer'] - switch ($target) { - case 'welcome': - return 'index.php'; - case 'databases': - return 'server_databases.php'; - case 'status': - return 'server_status.php'; - case 'variables': - return 'server_variables.php'; - case 'privileges': - return 'server_privileges.php'; - } - } elseif ($location == 'database') { - // Values for $cfg['DefaultTabDatabase'] - switch ($target) { - case 'structure': - return 'db_structure.php'; - case 'sql': - return 'db_sql.php'; - case 'search': - return 'db_search.php'; - case 'operations': - return 'db_operations.php'; - } - } elseif ($location == 'table') { - // Values for $cfg['DefaultTabTable'], - // $cfg['NavigationTreeDefaultTabTable'] and - // $cfg['NavigationTreeDefaultTabTable2'] - switch ($target) { - case 'structure': - return 'tbl_structure.php'; - case 'sql': - return 'tbl_sql.php'; - case 'search': - return 'tbl_select.php'; - case 'insert': - return 'tbl_change.php'; - case 'browse': - return 'sql.php'; - } - } - - return $target; - } - - /** - * Formats user string, expanding @VARIABLES@, accepting strftime format - * string. - * - * @param string $string Text where to do expansion. - * @param array|string $escape Function to call for escaping variable values. - * Can also be an array of: - * - the escape method name - * - the class that contains the method - * - location of the class (for inclusion) - * @param array $updates Array with overrides for default parameters - * (obtained from GLOBALS). - * - * @return string - */ - public static function expandUserString( - $string, - $escape = null, - array $updates = [] - ) { - /* Content */ - $vars = []; - $vars['http_host'] = Core::getenv('HTTP_HOST'); - $vars['server_name'] = $GLOBALS['cfg']['Server']['host']; - $vars['server_verbose'] = $GLOBALS['cfg']['Server']['verbose']; - - if (empty($GLOBALS['cfg']['Server']['verbose'])) { - $vars['server_verbose_or_name'] = $GLOBALS['cfg']['Server']['host']; - } else { - $vars['server_verbose_or_name'] = $GLOBALS['cfg']['Server']['verbose']; - } - - $vars['database'] = $GLOBALS['db']; - $vars['table'] = $GLOBALS['table']; - $vars['phpmyadmin_version'] = 'phpMyAdmin ' . PMA_VERSION; - - /* Update forced variables */ - foreach ($updates as $key => $val) { - $vars[$key] = $val; - } - - /* Replacement mapping */ - /* - * The __VAR__ ones are for backward compatibility, because user - * might still have it in cookies. - */ - $replace = [ - '@HTTP_HOST@' => $vars['http_host'], - '@SERVER@' => $vars['server_name'], - '__SERVER__' => $vars['server_name'], - '@VERBOSE@' => $vars['server_verbose'], - '@VSERVER@' => $vars['server_verbose_or_name'], - '@DATABASE@' => $vars['database'], - '__DB__' => $vars['database'], - '@TABLE@' => $vars['table'], - '__TABLE__' => $vars['table'], - '@PHPMYADMIN@' => $vars['phpmyadmin_version'], - ]; - - /* Optional escaping */ - if ($escape !== null) { - if (is_array($escape)) { - $escape_class = new $escape[1]; - $escape_method = $escape[0]; - } - foreach ($replace as $key => $val) { - if (is_array($escape)) { - $replace[$key] = $escape_class->$escape_method($val); - } else { - $replace[$key] = ($escape == 'backquote') - ? self::$escape($val) - : $escape($val); - } - } - } - - /* Backward compatibility in 3.5.x */ - if (mb_strpos($string, '@FIELDS@') !== false) { - $string = strtr($string, ['@FIELDS@' => '@COLUMNS@']); - } - - /* Fetch columns list if required */ - if (mb_strpos($string, '@COLUMNS@') !== false) { - $columns_list = $GLOBALS['dbi']->getColumns( - $GLOBALS['db'], - $GLOBALS['table'] - ); - - // sometimes the table no longer exists at this point - if ($columns_list !== null) { - $column_names = []; - foreach ($columns_list as $column) { - if ($escape !== null) { - $column_names[] = self::$escape($column['Field']); - } else { - $column_names[] = $column['Field']; - } - } - $replace['@COLUMNS@'] = implode(',', $column_names); - } else { - $replace['@COLUMNS@'] = '*'; - } - } - - /* Do the replacement */ - return strtr((string) strftime($string), $replace); - } - - /** - * Prepare the form used to browse anywhere on the local server for a file to - * import - * - * @param string $max_upload_size maximum upload size - * - * @return String - */ - public static function getBrowseUploadFileBlock($max_upload_size) - { - $block_html = ''; - - if ($GLOBALS['is_upload'] && ! empty($GLOBALS['cfg']['UploadDir'])) { - $block_html .= '