Extract actions from /table/row-action route

Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>

js/sql.js

@@ -845,12 +845,25 @@ AJAX.registerOnload('sql.js', function () {
     $('body').on('click', 'form[name="resultsForm"].ajax button[name="submit_mult"], form[name="resultsForm"].ajax input[name="submit_mult"]', function (e) {
         e.preventDefault();
         var $button = $(this);
+        var action = $button.val();
         var $form = $button.closest('form');
         var argsep = CommonParams.get('arg_separator');
-        var submitData = $form.serialize() + argsep + 'ajax_request=true' + argsep + 'ajax_page_request=true' + argsep + 'submit_mult=' + $button.val();
+        var submitData = $form.serialize() + argsep + 'ajax_request=true' + argsep + 'ajax_page_request=true' + argsep + 'submit_mult=' + action;
         Functions.ajaxShowMessage();
         AJAX.source = $form;
-        $.post($form.attr('action'), submitData, AJAX.responseHandler);
+
+        var url;
+        if (action === 'edit' || action === 'copy') {
+            url = 'index.php?route=/table/row-action/edit';
+        } else if (action === 'export') {
+            url = 'index.php?route=/table/row-action/export';
+        } else if (action === 'delete') {
+            url = 'index.php?route=/table/row-action/confirm-delete';
+        } else {
+            return;
+        }
+
+        $.post(url, submitData, AJAX.responseHandler);
     });
 
     $(document).on('submit', '#maxRowsForm', function () {

libraries/classes/Controllers/Table/RowActionController.php

@@ -15,7 +15,7 @@
  */
 class RowActionController extends AbstractController
 {
-    public function index(): void
+    public function delete(): void
     {
         global $db, $goto, $pmaThemeImage, $sql_query, $table, $disp_message, $disp_query, $action;
         global $submit_mult, $active_page, $err_url, $original_sql_query, $url_query, $original_url_query;
@@ -25,30 +25,12 @@ public function index(): void
 
         if ($submit_mult === 'delete' || isset($_POST['mult_btn'])) {
             $submit_mult = 'row_delete';
-        } elseif ($submit_mult === 'edit') {
-            $submit_mult = 'row_edit';
-        } elseif ($submit_mult === 'copy') {
-            $submit_mult = 'row_copy';
-        } elseif ($submit_mult === 'export') {
-            $submit_mult = 'row_export';
         }
 
         if (empty($submit_mult)) {
             return;
         }
 
-        if ($submit_mult === 'row_edit' || $submit_mult === 'row_copy') {
-            $this->edit();
-
-            return;
-        }
-
-        if ($submit_mult === 'row_export') {
-            $this->export();
-
-            return;
-        }
-
         if (isset($_POST['goto']) && (! isset($_POST['rows_to_delete']) || ! is_array($_POST['rows_to_delete']))) {
             $this->response->setRequestStatus(false);
             $this->response->addJSON('message', __('No row selected.'));
@@ -63,14 +45,14 @@ public function index(): void
             }
         }
 
-        $goto = $_POST['goto'] ?? $goto ?? null;
+        $goto = $_POST['goto'] ?? $goto ?? '';
         $mult_btn = $_POST['mult_btn'] ?? $mult_btn ?? null;
         $original_sql_query = $_POST['original_sql_query'] ?? $original_sql_query ?? null;
         $query_type = $_POST['query_type'] ?? $query_type ?? null;
         $reload = $_POST['reload'] ?? $reload ?? null;
-        $selected = $_POST['selected'] ?? $selected ?? null;
+        $selected = $_POST['selected'] ?? $selected ?? [];
         $selected_fld = $_POST['selected_fld'] ?? $selected_fld ?? null;
-        $sql_query = $_POST['sql_query'] ?? $sql_query ?? null;
+        $sql_query = $_POST['sql_query'] ?? $sql_query ?? '';
         $submit_mult = $_POST['submit_mult'] ?? $submit_mult ?? null;
         $url_query = $_POST['url_query'] ?? $url_query ?? null;
 
@@ -91,64 +73,7 @@ public function index(): void
             }
         }
 
-        if (! empty($submit_mult) && ! empty($what)) {
-            if (strlen($table) > 0) {
-                Common::table();
-                $url_query .= Url::getCommon([
-                    'goto' => Url::getFromRoute('/table/sql'),
-                    'back' => Url::getFromRoute('/table/sql'),
-                ], '&');
-            }
-
-            $full_query = '';
-
-            foreach ($selected as $selectedValue) {
-                $full_query .= 'DELETE FROM '
-                    . Util::backquote(htmlspecialchars($table))
-                    // Do not append a "LIMIT 1" clause here
-                    // (it's not binlog friendly).
-                    // We don't need the clause because the calling panel permits
-                    // this feature only when there is a unique index.
-                    . ' WHERE ' . htmlspecialchars($selectedValue)
-                    . ';<br>';
-            }
-
-            $_url_params = [
-                'query_type' => $what,
-            ];
-
-            if (mb_strpos(' ' . $action, 'tbl_') === 1 || mb_strpos($action, '?route=/table/') !== false
-                || $what == 'row_delete'
-            ) {
-                $_url_params['db'] = $db;
-                $_url_params['table'] = $table;
-            }
-
-            foreach ($selected as $selectedValue) {
-                if ($what == 'row_delete') {
-                    $_url_params['selected'][] = 'DELETE FROM '
-                        . Util::backquote($table)
-                        . ' WHERE ' . $selectedValue . ' LIMIT 1;';
-                }
-            }
-
-            if ($what == 'row_delete') {
-                $_url_params['original_sql_query'] = $original_sql_query ?? null;
-                if (! empty($originalUrlQuery)) {
-                    $_url_params['original_url_query'] = $original_url_query;
-                }
-            }
-
-            $this->render('mult_submits/other_actions', [
-                'action' => $action,
-                'url_params' => $_url_params,
-                'what' => $what,
-                'full_query' => $full_query,
-                'is_foreign_key_check' => Util::isForeignKeyCheck(),
-            ]);
-
-            exit;
-        } elseif (! empty($mult_btn) && $mult_btn == __('Yes')) {
+        if (! empty($mult_btn) && $mult_btn == __('Yes')) {
             $default_fk_check_value = false;
 
             if ($query_type == 'drop_tbl'
@@ -158,7 +83,7 @@ public function index(): void
                 $default_fk_check_value = Util::handleDisableFKCheckInit();
             }
 
-            $aQuery = null;
+            $aQuery = '';
             $sql_query = '';
             $sql_query_views = null;
             // whether to run query after each pass
@@ -224,6 +149,7 @@ public function index(): void
         }
 
         $active_page = Url::getFromRoute('/sql');
+
         $sql = new Sql();
         $sql->executeQueryAndSendQueryResponse(
             null,
@@ -247,17 +173,68 @@ public function index(): void
         );
     }
 
-    private function edit(): void
+    public function confirmDelete(): void
+    {
+        global $db, $table, $sql_query;
+
+        $selected = $_POST['rows_to_delete'] ?? null;
+
+        if (! isset($selected) || ! is_array($selected)) {
+            $this->response->setRequestStatus(false);
+            $this->response->addJSON('message', __('No row selected.'));
+
+            return;
+        }
+
+        Common::table();
+
+        $rows = [];
+        foreach ($selected as $row) {
+            $rows[] = sprintf('DELETE FROM %s WHERE %s LIMIT 1;', Util::backquote($table), $row);
+        }
+
+        $hiddenInputs = [
+            'db' => $db,
+            'table' => $table,
+            'selected' => $rows,
+            'original_sql_query' => $sql_query,
+            'query_type' => 'row_delete',
+            'fk_checks' => '0',
+        ];
+
+        $this->render('table/row_action/confirm_delete', [
+            'table' => $table,
+            'selected' => $selected,
+            'hidden_inputs' => $hiddenInputs,
+            'is_foreign_key_check' => Util::isForeignKeyCheck(),
+        ]);
+    }
+
+    public function edit(): void
     {
         global $containerBuilder, $submit_mult, $active_page, $where_clause;
 
+        $submit_mult = $_POST['submit_mult'] ?? '';
+
+        if (empty($submit_mult)) {
+            return;
+        }
+
+        if ($submit_mult === 'edit') {
+            $submit_mult = 'row_edit';
+        } elseif ($submit_mult === 'copy') {
+            $submit_mult = 'row_copy';
+        }
+
         if ($submit_mult === 'row_copy') {
             $_POST['default_action'] = 'insert';
         }
 
         if (isset($_POST['goto']) && (! isset($_POST['rows_to_delete']) || ! is_array($_POST['rows_to_delete']))) {
             $this->response->setRequestStatus(false);
             $this->response->addJSON('message', __('No row selected.'));
+
+            return;
         }
 
         // As we got the rows to be edited from the
@@ -278,13 +255,17 @@ private function edit(): void
         $controller->index();
     }
 
-    private function export(): void
+    public function export(): void
     {
-        global $containerBuilder, $active_page, $single_table, $where_clause;
+        global $containerBuilder, $active_page, $single_table, $where_clause, $submit_mult;
+
+        $submit_mult = 'row_export';
 
         if (isset($_POST['goto']) && (! isset($_POST['rows_to_delete']) || ! is_array($_POST['rows_to_delete']))) {
             $this->response->setRequestStatus(false);
             $this->response->addJSON('message', __('No row selected.'));
+
+            return;
         }
 
         // Needed to allow SQL export

libraries/routes.php

@@ -233,7 +233,12 @@
         $routes->addRoute(['GET', 'POST'], '/recent-favorite', [RecentFavoriteController::class, 'index']);
         $routes->addRoute(['GET', 'POST'], '/relation', [RelationController::class, 'index']);
         $routes->addRoute(['GET', 'POST'], '/replace', [ReplaceController::class, 'index']);
-        $routes->addRoute(['GET', 'POST'], '/row-action', [RowActionController::class, 'index']);
+        $routes->addGroup('/row-action', function (RouteCollector $routes) {
+            $routes->post('/confirm-delete', [RowActionController::class, 'confirmDelete']);
+            $routes->post('/delete', [RowActionController::class, 'delete']);
+            $routes->post('/edit', [RowActionController::class, 'edit']);
+            $routes->post('/export', [RowActionController::class, 'export']);
+        });
         $routes->addRoute(['GET', 'POST'], '/search', [TableSearchController::class, 'index']);
         $routes->addRoute(['GET', 'POST'], '/sql', [TableSqlController::class, 'index']);
         $routes->addRoute(['GET', 'POST'], '/structure', [TableStructureController::class, 'index']);

templates/mult_submits/other_actions.twig

@@ -10,7 +10,7 @@
   </fieldset>
 
   <fieldset class="tblFooters">
-    {% if what == 'drop_tbl' or what == 'empty_tbl' or what == 'row_delete' %}
+    {% if what == 'drop_tbl' or what == 'empty_tbl' %}
       <div id="foreignkeychk">
         <input type="hidden" name="fk_checks" value="0">
         <input type="checkbox" name="fk_checks" id="fk_checks" value="1"{{ is_foreign_key_check ? ' checked' }}>

templates/table/row_action/confirm_delete.twig

@@ -0,0 +1,25 @@
+<form action="{{ url('/table/row-action/delete') }}" method="post">
+  {{ get_hidden_inputs(hidden_inputs) }}
+
+  <fieldset class="confirmation">
+    <legend>
+      {% trans 'Do you really want to execute the following query?' %}
+    </legend>
+
+    <ul>
+      {% for row in selected %}
+        <li><code>DELETE FROM {{ backquote(table) }} WHERE {{ row }};</code></li>
+      {% endfor %}
+    </ul>
+  </fieldset>
+
+  <fieldset class="tblFooters">
+    <div id="foreignkeychk">
+      <input type="checkbox" name="fk_checks" id="fk_checks" value="1"{{ is_foreign_key_check ? ' checked' }}>
+      <label for="fk_checks">{% trans 'Enable foreign key checks' %}</label>
+    </div>
+
+    <input id="buttonYes" class="btn btn-secondary" type="submit" name="mult_btn" value="{% trans 'Yes' %}">
+    <input id="buttonNo" class="btn btn-secondary" type="submit" name="mult_btn" value="{% trans 'No' %}">
+  </fieldset>
+</form>