Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

changes in phpMiniAdmin 1.8.120510

- fixed: Undefined offset in get_rand_str
- fixed: automatic relogin on XSS error
- added: page navigator at the bottom
- added: row counts, table sizes on the table list
- added: MIT license
- added: query history via browser's localStorage
- added: if database empty - show databases
- added: after import - show tables
- changed: moved from html 4.01 to html 5
- changed: simplified settings form
  • Loading branch information...
commit 4cf7eeceae657841a6391ada7b24096770129c57 1 parent b4b6189
@osalabs authored
Showing with 210 additions and 110 deletions.
  1. +13 −0 README
  2. +197 −110 phpminiadmin.php
View
13 README
@@ -1,3 +1,16 @@
+changes in phpMiniAdmin 1.8.120510
+
+- fixed: Undefined offset in get_rand_str
+- fixed: automatic relogin on XSS error
+- added: page navigator at the bottom
+- added: row counts, table sizes on the table list
+- added: MIT license
+- added: query history via browser's localStorage
+- added: if database empty - show databases
+- added: after import - show tables
+- changed: moved from html 4.01 to html 5
+- changed: simplified settings form
+
changes in phpMiniAdmin 1.7.111025
- fixed: unable to relogin on XSS error
View
307 phpminiadmin.php
@@ -1,16 +1,18 @@
<?php
/*
PHP Mini MySQL Admin
- (c) 2004-2011 Oleg Savchuk <osalabs@gmail.com> http://osalabs.com
+ (c) 2004-2012 Oleg Savchuk <osalabs@gmail.com> http://osalabs.com
- Light standalone PHP script for easy access MySQL databases.
+ Light standalone PHP script for quick and easy access MySQL databases.
http://phpminiadmin.sourceforge.net
+
+ Dual licensed: GPL v2 and MIT, see texts at http://opensource.org/licenses/
*/
$ACCESS_PWD=''; #!!!IMPORTANT!!! this is script access password, SET IT if you want to protect you DB from public access
#DEFAULT db connection settings
- # --- WARNING! --- if you set defaults - always recommended to set $ACCESS_PWD to protect your db!
+ # --- WARNING! --- if you set defaults - it's recommended to set $ACCESS_PWD to protect your db!
$DBDEF=array(
'user'=>"",#required
'pwd'=>"", #required
@@ -22,10 +24,11 @@
date_default_timezone_set('UTC');#required by PHP 5.1+
//constants
- $VERSION='1.7.111025';
+ $VERSION='1.8.120510';
$MAX_ROWS_PER_PAGE=50; #max number of rows in select per one page
$D="\r\n"; #default delimiter for export
$BOM=chr(239).chr(187).chr(191);
+ $SHOW_T="SHOW TABLE STATUS";
$DB=array(); #working copy for DB settings
$self=$_SERVER['PHP_SELF'];
@@ -88,11 +91,11 @@
//get initial values
$SQLq=trim($_REQUEST['q']);
$page=$_REQUEST['p']+0;
- if ($_REQUEST['refresh'] && $DB['db'] && preg_match('/^show/',$SQLq) ) $SQLq="show tables";
+ if ($_REQUEST['refresh'] && $DB['db'] && preg_match('/^show/',$SQLq) ) $SQLq=$SHOW_T;
if (db_connect('nodie')){
$time_start=microtime_float();
-
+
if ($_REQUEST['phpinfo']){
ob_start();phpinfo();$sqldr='<div style="font-size:130%">'.ob_get_clean().'</div>';
}else{
@@ -117,21 +120,22 @@
check_xss();do_sql($SQLq);
}else{
$err_msg="Select Database first";
+ if (!$SQLq) do_sql("show databases");
}
}
}
$time_all=ceil((microtime_float()-$time_start)*10000)/10000;
-
+
print_screen();
}else{
print_cfg();
}
function do_sql($q){
- global $dbh,$last_sth,$last_sql,$reccount,$out_message,$SQLq;
+ global $dbh,$last_sth,$last_sql,$reccount,$out_message,$SQLq,$SHOW_T;
$SQLq=$q;
- if (!do_multi_sql($q,'',1)){
+ if (!do_multi_sql($q)){
$out_message="Error: ".mysql_error($dbh);
}else{
if ($last_sth && $last_sql){
@@ -143,7 +147,7 @@ function do_sql($q){
$reccount=mysql_affected_rows($dbh);
$out_message="Done.";
if (preg_match("/^insert|replace/i",$last_sql)) $out_message.=" Last inserted id=".get_identity();
- if (preg_match("/^drop|truncate/i",$last_sql)) do_sql("show tables");
+ if (preg_match("/^drop|truncate/i",$last_sql)) do_sql($SHOW_T);
}
}
}
@@ -156,22 +160,24 @@ function display_select($sth,$q){
$sqldr='';
$is_shd=(preg_match('/^show\s+databases/i',$q));
- $is_sht=(preg_match('/^show\s+tables/i',$q));
+ $is_sht=(preg_match('/^show\s+tables|^SHOW\s+TABLE\s+STATUS/',$q));
$is_show_crt=(preg_match('/^show\s+create\s+table/i',$q));
+ if ($sth===FALSE or $sth===TRUE) return;#check if $sth is not a mysql resource
+
$reccount=mysql_num_rows($sth);
$fields_num=mysql_num_fields($sth);
-
- $w="width='100%' ";
- if ($is_sht || $is_shd) {$w='';
+
+ $w='';
+ if ($is_sht || $is_shd) {$w='wa';
$url='?'.$xurl."&db=$dbn";
$sqldr.="<div class='dot'>
&nbsp;MySQL Server:
&nbsp;&#183;<a href='$url&q=show+variables'>Show Configuration Variables</a>
&nbsp;&#183;<a href='$url&q=show+status'>Show Statistics</a>
&nbsp;&#183;<a href='$url&q=show+processlist'>Show Processlist</a>
-<br/>";
- if ($is_sht) $sqldr.="&nbsp;Database:&nbsp;&#183;<a href='$url&q=show+table+status'>Show status</a>";
+<br>";
+ if ($is_sht) $sqldr.="&nbsp;Database:&nbsp;&#183;<a href='$url&q=show+table+status'>Show Table Status</a>";
$sqldr.="</div>";
}
if ($is_sht){
@@ -183,15 +189,16 @@ function display_select($sth,$q){
$sqldr.=$abtn."<input type='hidden' name='dosht' value=''>";
}
- $sqldr.="<table border='0' cellpadding='1' cellspacing='1' $w class='res'>";
+ $sqldr.="<table class='res $w'>";
$headers="<tr class='h'>";
if ($is_sht) $headers.="<td><input type='checkbox' name='cball' value='' onclick='chkall(this)'></td>";
for($i=0;$i<$fields_num;$i++){
+ if ($is_sht && $i>0) break;
$meta=mysql_fetch_field($sth,$i);
$headers.="<th>".$meta->name."</th>";
}
if ($is_shd) $headers.="<th>show create database</th><th>show table status</th><th>show triggers</th>";
- if ($is_sht) $headers.="<th>show create table</th><th>explain</th><th>indexes</th><th>export</th><th>drop</th><th>truncate</th><th>optimize</th><th>repair</th>";
+ if ($is_sht) $headers.="<th>engine</th><th>~rows</th><th>data size</th><th>index size</th><th>show create table</th><th>explain</th><th>indexes</th><th>export</th><th>drop</th><th>truncate</th><th>optimize</th><th>repair</th>";
$headers.="</tr>\n";
$sqldr.=$headers;
$swapper=false;
@@ -199,11 +206,16 @@ function display_select($sth,$q){
$sqldr.="<tr class='".$rc[$swp=!$swp]."' onmouseover='tmv(this)' onmouseout='tmo(this)' onclick='tc(this)'>";
for($i=0;$i<$fields_num;$i++){
$v=$row[$i];$more='';
- if ($is_sht && $i==0 && $v){
+ if ($is_sht && $v){
+ if ($i>0) break;
$vq='`'.$v.'`';
$url='?'.$xurl."&db=$dbn";
$v="<input type='checkbox' name='cb[]' value=\"$vq\"></td>"
."<td><a href=\"$url&q=select+*+from+$vq\">$v</a></td>"
+ ."<td>".$row[1]."</td>"
+ ."<td align='right'>".$row[4]."</td>"
+ ."<td align='right'>".$row[6]."</td>"
+ ."<td align='right'>".$row[8]."</td>"
."<td>&#183;<a href=\"$url&q=show+create+table+$vq\">sct</a></td>"
."<td>&#183;<a href=\"$url&q=explain+$vq\">exp</a></td>"
."<td>&#183;<a href=\"$url&q=show+index+from+$vq\">ind</a></td>"
@@ -214,7 +226,7 @@ function display_select($sth,$q){
."<td>&#183;<a href=\"$url&q=repair+table+$vq\" onclick='return ays()'>rpr</a>";
}elseif ($is_shd && $i==0 && $v){
$url='?'.$xurl."&db=$v";
- $v="<a href=\"$url&q=show+tables\">$v</a></td>"
+ $v="<a href=\"$url&q=SHOW+TABLE+STATUS\">$v</a></td>"
."<td><a href=\"$url&q=show+create+database+`$v`\">sct</a></td>"
."<td><a href=\"$url&q=show+table+status\">status</a></td>"
."<td><a href=\"$url&q=show+triggers\">trig</a></td>"
@@ -224,7 +236,7 @@ function display_select($sth,$q){
$v=htmlspecialchars($v);
}
if ($is_show_crt) $v="<pre>$v</pre>";
- $sqldr.="<td>$v".(!strlen($v)?"<br />":'')."</td>";
+ $sqldr.="<td>$v".(!strlen($v)?"<br>":'')."</td>";
}
$sqldr.="</tr>\n";
}
@@ -233,32 +245,41 @@ function display_select($sth,$q){
}
function print_header(){
- global $err_msg,$VERSION,$DB,$dbh,$self,$is_sht,$xurl;
+ global $err_msg,$VERSION,$DB,$dbh,$self,$is_sht,$xurl,$SHOW_T;
$dbn=$DB['db'];
?>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!DOCTYPE html>
<html>
<head><title>phpMiniAdmin</title>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta charset="utf-8">
<style type="text/css">
body{font-family:Arial,sans-serif;font-size:80%;padding:0;margin:0}
th,td{padding:0;margin:0}
div{padding:3px}
pre{font-size:125%}
+.nav{text-align:center}
+.ft{text-align:right;margin-top:20px;font-size:smaller}
.inv{background-color:#069;color:#FFF}
.inv a{color:#FFF}
-table.res th, table.res td{padding:2px}
-table.res tr{vertical-align:top}
+table.res{width:100%;border-collapse:collapse;}
+table.wa{width:auto}
+table.res th,table.res td{padding:2px;border:1px solid #fff}
+table.restr{vertical-align:top}
tr.e{background-color:#CCC}
tr.o{background-color:#EEE}
tr.h{background-color:#99C}
tr.s{background-color:#FF9}
.err{color:#F33;font-weight:bold;text-align:center}
.frm{width:400px;border:1px solid #999;background-color:#eee;text-align:left}
+.frm label.l{width:100px;float:left}
.dot{border-bottom:1px dotted #000}
+.ajax{text-decoration: none;border-bottom: 1px dashed;}
+.qnav{width:30px}
</style>
<script type="text/javascript">
+var LSK='pma_',LSKX=LSK+'max',LSKM=LSK+'min',qcur=0,LSMAX=32;
+
function $(i){return document.getElementById(i)}
function frefresh(){
var F=document.DF;
@@ -276,8 +297,20 @@ function ays(){
return confirm('Are you sure to continue?');
}
function chksql(){
- var F=document.DF;
- if(/^\s*(?:delete|drop|truncate|alter)/.test(F.q.value)) return ays();
+ var F=document.DF,v=F.q.value;
+ if(/^\s*(?:delete|drop|truncate|alter)/.test(v)) if(!ays())return false;
+ if(lschk(1)){
+ var lsm=lsmax()+1,ls=localStorage;
+ ls[LSK+lsm]=v;
+ ls[LSKX]=lsm;
+ //keep just last LSMAX queries in log
+ if(!ls[LSKM])ls[LSKM]=1;
+ var lsmin=parseInt(ls[LSKM]);
+ if((lsm-lsmin+1)>LSMAX){
+ lsclean(lsmin,lsm-LSMAX);
+ }
+ }
+ return true;
}
function tmv(tr){
tr.sc=tr.className;
@@ -290,13 +323,59 @@ function tc(tr){
tr.className='s';
tr.sc='s';
}
+function lschk(skip){
+ if (!localStorage || !skip && !localStorage[LSKX]) return false;
+ return true;
+}
+function lsmax(){
+ var ls=localStorage;
+ if(!lschk() || !ls[LSKX])return 0;
+ return parseInt(ls[LSKX]);
+}
+function lsclean(from,to){
+ ls=localStorage;
+ for(var i=from;i<=to;i++){
+ delete ls[LSK+i];ls[LSKM]=i+1;
+ }
+}
+function q_prev(){
+ var ls=localStorage;
+ if(!lschk())return;
+ qcur--;
+ var x=parseInt(ls[LSKM]);
+ if(qcur<x)qcur=x;
+ $('q').value=ls[LSK+qcur];
+}
+function q_next(){
+ var ls=localStorage;
+ if(!lschk())return;
+ qcur++;
+ var x=parseInt(ls[LSKX]);
+ if(qcur>x)qcur=x;
+ $('q').value=ls[LSK+qcur];
+}
function after_load(){
+ qcur=lsmax();
+}
+function logoff(){
+ if(lschk()){
+ var ls=localStorage;
+ var from=parseInt(ls[LSKM]),to=parseInt(ls[LSKX]);
+ for(var i=from;i<=to;i++){
+ delete ls[LSK+i];
+ }
+ delete ls[LSKM];delete ls[LSKX];
+ }
+}
+function cfg_toggle(){
+ var e=$('cfg-adv');
+ e.style.display=e.style.display=='none'?'':'none';
}
<?php if($is_sht){?>
function chkall(cab){
var e=document.DF.elements;
if (e!=null){
- var cl=e.length;
+ var cl=e.length;
for (i=0;i<cl;i++){var m=e[i];if(m.checked!=null && m.type=="checkbox"){m.checked=cab.checked}}
}
}
@@ -316,17 +395,15 @@ function sht(f){
<div class="inv">
<a href="http://phpminiadmin.sourceforge.net/" target="_blank"><b>phpMiniAdmin <?php echo $VERSION?></b></a>
<?php if ($_SESSION['is_logged'] && $dbh){ ?>
- |
-<a href="?<?php echo $xurl?>&q=show+databases">Databases</a>: <select name="db" onChange="frefresh()"><option value='*'> - select/refresh -</option><option value=''> - show all -</option><?php echo get_db_select($dbn)?></select>
-<?php if($dbn){ $z=" &#183;<a href='$self?$xurl&db=$dbn"; ?>
-<?php echo $z?>&q=show+tables'>show tables</a>
-<?php echo $z?>&q=show+table+status'>status</a>
+ | <a href="?<?php echo $xurl?>&q=show+databases">Databases</a>: <select name="db" onChange="frefresh()"><option value='*'> - select/refresh -</option><option value=''> - show all -</option><?php echo get_db_select($dbn)?></select>
+<?php if($dbn){ $z=" &#183; <a href='$self?$xurl&db=$dbn"; ?>
+<?php echo $z.'&q='.urlencode($SHOW_T)?>'>show tables</a>
<?php echo $z?>&shex=1'>export</a>
<?php echo $z?>&shim=1'>import</a>
<?php } ?>
- | <a href="?showcfg=1">Settings</a>
+ | <a href="?showcfg=1">Settings</a>
<?php } ?>
-<?php if ($GLOBALS['ACCESS_PWD']){?> | <a href="?<?php echo $xurl?>&logoff=1">Logoff</a> <?php }?>
+<?php if ($GLOBALS['ACCESS_PWD']){?> | <a href="?<?php echo $xurl?>&logoff=1" onclick="logoff()">Logoff</a> <?php }?>
| <a href="?phpinfo=1">phpinfo</a>
</div>
@@ -338,29 +415,27 @@ function sht(f){
function print_screen(){
global $out_message, $SQLq, $err_msg, $reccount, $time_all, $sqldr, $page, $MAX_ROWS_PER_PAGE, $is_limited_sql;
- print_header();
+ $nav='';
+ if ($is_limited_sql && ($page || $reccount>=$MAX_ROWS_PER_PAGE) ){
+ $nav="<div class='nav'>".get_nav($page, 10000, $MAX_ROWS_PER_PAGE, "javascript:go(%p%)")."</div>";
+ }
+ print_header();
?>
<div class="dot" style="padding:0 0 5px 20px">
-SQL-query (or multiple queries separated by ";"):<br />
-<textarea name="q" cols="70" rows="10" style="width:98%"><?php echo $SQLq?></textarea><br/>
-<input type=submit name="GoSQL" value="Go" onclick="return chksql()" style="width:100px">&nbsp;&nbsp;
-<input type=button name="Clear" value=" Clear " onClick="document.DF.q.value=''" style="width:100px">
+SQL-query (or multiple queries separated by ";"):&nbsp;<button type="button" class="qnav" onclick="q_prev()">&lt;</button><button type="button" class="qnav" onclick="q_next()">&gt;</button><br>
+<textarea id="q" name="q" cols="70" rows="10" style="width:98%"><?php echo $SQLq?></textarea><br>
+<input type="submit" name="GoSQL" value="Go" onclick="return chksql()" style="width:100px">&nbsp;&nbsp;
+<input type="button" name="Clear" value=" Clear " onclick="document.DF.q.value=''" style="width:100px">
</div>
<div class="dot" style="padding:5px 0 5px 20px">
-Records: <b><?php echo $reccount?></b> in <b><?php echo $time_all?></b> sec<br />
+Records: <b><?php echo $reccount?></b> in <b><?php echo $time_all?></b> sec<br>
<b><?php echo $out_message?></b>
</div>
<div class="sqldr">
-<?php
- if ($is_limited_sql && ($page || $reccount>=$MAX_ROWS_PER_PAGE) ){
- echo "<center>".make_List_Navigation($page, 10000, $MAX_ROWS_PER_PAGE, "javascript:go(%p%)")."</center>";
- }
-#$reccount
-
- echo $sqldr?>
+<?php echo $nav.$sqldr.$nav; ?>
</div>
<?php
print_footer();
@@ -369,11 +444,8 @@ function print_screen(){
function print_footer(){
?>
</form>
-<br/>
-<br/>
-
-<div align="right">
-<small>&copy; 2004-2011 <a href="http://osalabs.com" target="_blank">Oleg Savchuk</a></small>
+<div class="ft">
+&copy; 2004-2012 <a href="http://osalabs.com" target="_blank">Oleg Savchuk</a>
</div>
</body></html>
<?php
@@ -402,14 +474,19 @@ function print_cfg(){
<center>
<h3>DB Connection Settings</h3>
<div class="frm">
-User name: <input type="text" name="v[user]" value="<?php echo $DB['user']?>"><br />
-Password: <input type="password" name="v[pwd]" value=""><br />
-MySQL host: <input type="text" name="v[host]" value="<?php echo $DB['host']?>"> port: <input type="text" name="v[port]" value="<?php echo $DB['port']?>" size="4"><br />
-DB name: <input type="text" name="v[db]" value="<?php echo $DB['db']?>"><br />
-Charset: <select name="v[chset]"><option value="">- default -</option><?php echo chset_select($DB['chset'])?></select><br />
-<input type="checkbox" name="rmb" value="1" checked> Remember in cookies for 30 days
+<label class="l">DB user name:</label><input type="text" name="v[user]" value="<?php echo $DB['user']?>"><br>
+<label class="l">Password:</label><input type="password" name="v[pwd]" value=""><br>
+<div style="text-align:right"><a href="#" class="ajax" onclick="cfg_toggle()">advanced settings</a></div>
+<div id="cfg-adv" style="display:none;">
+<label class="l">DB name:</label><input type="text" name="v[db]" value="<?php echo $DB['db']?>"><br>
+<label class="l">MySQL host:</label><input type="text" name="v[host]" value="<?php echo $DB['host']?>"> port: <input type="text" name="v[port]" value="<?php echo $DB['port']?>" size="4"><br>
+<label class="l">Charset:</label><select name="v[chset]"><option value="">- default -</option><?php echo chset_select($DB['chset'])?></select><br>
+<br><input type="checkbox" name="rmb" value="1" checked> Remember in cookies for 30 days
+</div>
+<center>
<input type="hidden" name="savecfg" value="1">
<input type="submit" value=" Apply "><input type="button" value=" Cancel " onclick="window.location='<?php echo $self?>'">
+</center>
</div>
</center>
<?php
@@ -465,7 +542,7 @@ function db_query($sql, $dbh1=NULL, $skiperr=0){
$dbh1=db_checkconnect($dbh1, $skiperr);
$sth=@mysql_query($sql, $dbh1);
if (!$sth && $skiperr) return;
- catch_db_err($dbh1, $sth, $sql);
+ if (!$sth) die("Error in DB operation:<br>\n".mysql_error($dbh1)."<br>\n$sql");
return $sth;
}
@@ -481,8 +558,15 @@ function db_array($sql, $dbh1=NULL, $skiperr=0, $isnum=0){#array of rows
return $res;
}
-function catch_db_err($dbh, $sth, $sql=""){
- if (!$sth) die("Error in DB operation:<br/>\n".mysql_error($dbh)."<br/>\n$sql");
+function db_row($sql){
+ $sth=db_query($sql);
+ return mysql_fetch_assoc($sth);
+}
+
+function db_value($sql){
+ $sth=db_query($sql);
+ $row=mysql_fetch_row($sth);
+ return $row[0];
}
function get_identity($dbh1=NULL){
@@ -528,17 +612,18 @@ function sel($arr,$n,$sel=''){
}
function microtime_float(){
- list($usec,$sec)=explode(" ",microtime());
- return ((float)$usec+(float)$sec);
-}
-
-############################
-# $pg=int($_[0]); #current page
-# $all=int($_[1]); #total number of items
-# $PP=$_[2]; #number if items Per Page
-# $ptpl=$_[3]; #page url /ukr/dollar/notes.php?page= for notes.php
-# $show_all=$_[5]; #print Totals?
-function make_List_Navigation($pg, $all, $PP, $ptpl, $show_all=''){
+ list($usec,$sec)=explode(" ",microtime());
+ return ((float)$usec+(float)$sec);
+}
+
+/* page nav
+ $pg=int($_[0]); #current page
+ $all=int($_[1]); #total number of items
+ $PP=$_[2]; #number if items Per Page
+ $ptpl=$_[3]; #page url /ukr/dollar/notes.php?page= for notes.php
+ $show_all=$_[5]; #print Totals?
+*/
+function get_nav($pg, $all, $PP, $ptpl, $show_all=''){
$n='&nbsp;';
$sep=" $n|$n\n";
if (!$PP) $PP=10;
@@ -556,7 +641,7 @@ function make_List_Navigation($pg, $all, $PP, $ptpl, $show_all=''){
if($sp>0){
$pname=pen($sp-1,$ptpl);
- $res.="<a href='$pname'>$w[0]</a>";
+ $res.="<a href='$pname'>$w[0]</a>";
$res.=$sep;
}
for($p_p=$sp;$p_p<$allp && $p_p<$sp+5;$p_p++){
@@ -565,31 +650,31 @@ function make_List_Navigation($pg, $all, $PP, $ptpl, $show_all=''){
$pname=pen($p_p,$ptpl);
if($last_s>$all){
$last_s=$all;
- }
+ }
if($p_p==$pg){
$res.="<b>$first_s..$last_s</b>";
}else{
$res.="<a href='$pname'>$first_s..$last_s</a>";
- }
+ }
if($p_p+1<$allp) $res.=$sep;
}
if($sp+5<$allp){
$pname=pen($sp+5,$ptpl);
- $res.="<a href='$pname'>$w[1]</a>";
+ $res.="<a href='$pname'>$w[1]</a>";
}
- $res.=" <br/>\n";
+ $res.=" <br>\n";
if($pg>0){
$pname=pen($pg-1,$ptpl);
$res.="<a href='$pname'>$w[2]</a> $n|$n ";
$pname=pen(0,$ptpl);
- $res.="<a href='$pname'>$w[4]</a>";
+ $res.="<a href='$pname'>$w[4]</a>";
}
if($pg>0 && $pg+1<$allp) $res.=$sep;
if($pg+1<$allp){
$pname=pen($pg+1,$ptpl);
- $res.="<a href='$pname'>$w[3]</a>";
- }
+ $res.="<a href='$pname'>$w[3]</a>";
+ }
if ($show_all) $res.=" <b>($w[5] - $all)</b> ";
return $res;
@@ -661,17 +746,19 @@ function print_export(){
<center>
<h3>Export <?php echo $l?></h3>
<div class="frm">
-<input type="checkbox" name="s" value="1" checked> Structure<br />
-<input type="checkbox" name="d" value="1" checked> Data<br /><br />
-<label><input type="radio" name="et" value="" checked> .sql</label><br />
+<input type="checkbox" name="s" value="1" checked> Structure<br>
+<input type="checkbox" name="d" value="1" checked> Data<br><br>
+<div><label><input type="radio" name="et" value="" checked> .sql</label>&nbsp;</div>
+<div>
<?php if ($t && !strpos($t,',')){?>
<label><input type="radio" name="et" value="csv"> .csv (Excel style, data only and for one table only)</label>
<?php }else{?>
-&nbsp;( ) .csv <small>(to export as csv - go to 'show tables' and export just ONE table)</small>
+<label>&nbsp;( ) .csv</label> <small>(to export as csv - go to 'show tables' and export just ONE table)</small>
<?php }?>
-<br /><br />
-<label><input type="checkbox" name="gz" value="1"> compress as .gz</label><br />
-<br />
+</div>
+<br>
+<div><label><input type="checkbox" name="gz" value="1"> compress as .gz</label></div>
+<br>
<input type="hidden" name="doex" value="1">
<input type="hidden" name="t" value="<?php echo $t?>">
<input type="submit" value=" Download "><input type="button" value=" Cancel " onclick="window.location='<?php echo $self.'?'.$xurl.'&db='.$DB['db']?>'">
@@ -688,8 +775,8 @@ function do_export(){
$t=explode(",",$rt);
$th=array_flip($t);
$ct=count($t);
- $z=db_array("show variables like 'max_allowed_packet'");
- $MAXI=floor($z[0]['Value']*0.8);
+ $z=db_row("show variables like 'max_allowed_packet'");
+ $MAXI=floor($z['Value']*0.8);
if(!$MAXI)$MAXI=838860;
$aext='';$ctp='';
@@ -792,31 +879,31 @@ function print_import(){
<center>
<h3>Import DB</h3>
<div class="frm">
-<b>.sql</b> or <b>.gz</b> file: <input type="file" name="file1" value="" size=40><br />
+<b>.sql</b> or <b>.gz</b> file: <input type="file" name="file1" value="" size=40><br>
<input type="hidden" name="doim" value="1">
<input type="submit" value=" Upload and Import " onclick="return ays()"><input type="button" value=" Cancel " onclick="window.location='<?php echo $self.'?'.$xurl.'&db='.$DB['db']?>'">
</div>
-<br /><br /><br />
+<br><br><br>
<!--
<h3>Import one Table from CSV</h3>
<div class="frm">
-.csv file (Excel style): <input type="file" name="file2" value="" size=40><br />
-<input type="checkbox" name="r1" value="1" checked> first row contain field names<br/>
-<small>(note: for success, field names should be exactly the same as in DB)</small><br />
+.csv file (Excel style): <input type="file" name="file2" value="" size=40><br>
+<input type="checkbox" name="r1" value="1" checked> first row contain field names<br>
+<small>(note: for success, field names should be exactly the same as in DB)</small><br>
Character set of the file: <select name="chset"><?php echo chset_select('utf8')?></select>
-<br/><br/>
-Import into:<br/>
+<br><br>
+Import into:<br>
<input type="radio" name="tt" value="1" checked="checked"> existing table:
<select name="t">
<option value=''>- select -</option>
<?php echo sel(db_array('show tables',NULL,0,1), 0, ''); ?>
</select>
<div style="margin-left:20px">
- <input type="checkbox" name="ttr" value="1"> replace existing DB data<br />
+ <input type="checkbox" name="ttr" value="1"> replace existing DB data<br>
<input type="checkbox" name="tti" value="1"> ignore duplicate rows
</div>
<input type="radio" name="tt" value="2"> create new table with name <input type="text" name="tn" value="" size="20">
-<br /><br />
+<br><br>
<input type="hidden" name="doimcsv" value="1">
<input type="submit" value=" Upload and Import " onclick="return ays()"><input type="button" value=" Cancel " onclick="window.location='<?php echo $self?>'">
</div>
@@ -828,7 +915,7 @@ function print_import(){
}
function do_import(){
- global $err_msg,$out_message,$dbh;
+ global $err_msg,$out_message,$dbh,$SHOW_T;
$err_msg='';
$F=$_FILES['file1'];
@@ -849,7 +936,7 @@ function do_import(){
$err_msg='Import Error: '.mysql_error($dbh);
}else{
$out_message='Import done successfully';
- do_sql('show tables');
+ do_sql($SHOW_T);
return;
}}
}else{
@@ -860,14 +947,14 @@ function do_import(){
}
// multiple SQL statements splitter
-function do_multi_sql($insql, $fname){
+function do_multi_sql($insql,$fname=''){
set_time_limit(600);
$sql='';
$ochar='';
$is_cmt='';
$GLOBALS['insql_done']=0;
- while ( $str=get_next_chunk($insql, $fname) ){
+ while ($str=get_next_chunk($insql,$fname)){
$opos=-strlen($ochar);
$cur_pos=0;
$i=strlen($str);
@@ -910,7 +997,6 @@ function do_multi_sql($insql, $fname){
if (!do_one_sql($sql)) return 0;
$sql='';
}
-
return 1;
}
@@ -982,6 +1068,7 @@ function do_one_sql($sql){
}
function do_sht(){
+ global $SHOW_T;
$cb=$_REQUEST['cb'];
if (!is_array($cb)) $cb=array();
switch ($_REQUEST['dosht']){
@@ -997,7 +1084,7 @@ function do_sht(){
}
if ($sql) do_sql($sql);
}
- do_sql('show tables');
+ do_sql($SHOW_T);
}
function to_csv_row($adata){
@@ -1016,16 +1103,16 @@ function qstr($s){
function get_rand_str($len){
$result='';
- $chars=array("A","B","C","D","E","F","a","b","c","d","e","f",0,1,2,3,4,5,6,7,8,9);
- for($i=0;$i<$len;$i++) $result.=$chars[rand(0,count($chars))-1];
+ $chars=preg_split('//','ABCDEFabcdef0123456789');
+ for($i=0;$i<$len;$i++) $result.=$chars[rand(0,count($chars)-1)];
return $result;
}
function check_xss(){
global $self;
if ($_SESSION['XSS']!=trim($_REQUEST['XSS'])){
- echo "XSS error. <a href='$self?XSS=".$_SESSION['XSS']."'>relogin to ppm</a>";
- exit;
+ header("location: $self");
+ exit;
}
}
Please sign in to comment.
Something went wrong with that request. Please try again.