diff --git a/ChangeLog b/ChangeLog index 0c547ae2d881..19ba60846846 100644 --- a/ChangeLog +++ b/ChangeLog @@ -54,6 +54,10 @@ VerboseMultiSubmit, ReplaceHelpImg - bug #3548491 [interface] Inline query editor doesn't work from search results - bug #3547825 [edit] BLOB download no longer works - bug #3541966 [config] Error in generated configuration arrray +- bug #3553551 [GUI] Invalid HTML code in multi submits confirmation form + +3.5.2.1 (2012-08-03) +- [security] Fixed local path disclosure vulnerability, see PMASA-2012-3 3.5.2.0 (2012-07-07) - bug #3521416 [interface] JS error when editing index @@ -163,11 +167,11 @@ VerboseMultiSubmit, ReplaceHelpImg + patch #3303195 [interface] Checkbox to have SQL input remain - patch #3472899 [export] Fixed CSV escape for the export - patch #3475424 [import] Fixed CSV escape for the import -- bug #3482734 [interface] No warning on syntax error in search form +- bug #3482734 [interface] No warning on syntax error in search form - bug #3423717 [core] Improved detection of SSL connection + FULLTEXT support for InnoDB, starting with MySQL 5.6.4 - bug #3497151 [interface] Duplicate inline query edit box -- bug #3504567 [mime] Description of the transformation missing in the tooltip +- bug #3504567 [mime] Description of the transformation missing in the tooltip 3.4.11.0 (2012-04-14) - bug #3486970 [import] Exception on XML import diff --git a/changelog.php b/changelog.php index 1467ee05768a..2a44ea640fe6 100644 --- a/changelog.php +++ b/changelog.php @@ -11,6 +11,8 @@ */ require 'libraries/common.inc.php'; +$response = PMA_Response::getInstance()->disable(); + $filename = CHANGELOG_FILE; /** diff --git a/db_operations.php b/db_operations.php index 4b54c2c364d2..97561b1601d3 100644 --- a/db_operations.php +++ b/db_operations.php @@ -73,7 +73,6 @@ "sql", 'libraries/plugins/export/', array( - 'export_type' => $export_type, 'single_table' => isset($single_table) ) ); diff --git a/js/functions.js b/js/functions.js index b6195c13bf92..e7877e0db2fd 100644 --- a/js/functions.js +++ b/js/functions.js @@ -2598,33 +2598,37 @@ $(function() { $(this).dialog('close'); }; $.get($(this).attr('href'), {'ajax_request': true}, function(data) { - $('
') - .dialog({ - title: PMA_messages['strChangePassword'], - width: 600, - close: function(ev, ui) { - $(this).remove(); - }, - buttons : button_options, - modal: true - }) - .append(data.message); - // for this dialog, we remove the fieldset wrapping due to double headings - $("fieldset#fieldset_change_password") - .find("legend").remove().end() - .find("table.noclick").unwrap().addClass("some-margin") - .find("input#text_pma_pw").focus(); - displayPasswordGenerateButton(); - $('#fieldset_change_password_footer').hide(); - PMA_ajaxRemoveMessage($msgbox); - $('#change_password_form').bind('submit', function (e) { - e.preventDefault(); - $(this) - .closest('.ui-dialog') - .find('.ui-dialog-buttonpane .ui-button') - .first() - .click(); - }); + if (data.success) { + $('') + .dialog({ + title: PMA_messages['strChangePassword'], + width: 600, + close: function(ev, ui) { + $(this).remove(); + }, + buttons : button_options, + modal: true + }) + .append(data.message); + // for this dialog, we remove the fieldset wrapping due to double headings + $("fieldset#fieldset_change_password") + .find("legend").remove().end() + .find("table.noclick").unwrap().addClass("some-margin") + .find("input#text_pma_pw").focus(); + displayPasswordGenerateButton(); + $('#fieldset_change_password_footer').hide(); + PMA_ajaxRemoveMessage($msgbox); + $('#change_password_form').bind('submit', function (e) { + e.preventDefault(); + $(this) + .closest('.ui-dialog') + .find('.ui-dialog-buttonpane .ui-button') + .first() + .click(); + }); + } else { + PMA_ajaxShowMessage(data.error, false); + } }); // end $.get() }); // end handler for change password anchor }); // end $() for Change Password diff --git a/js/tbl_change.js b/js/tbl_change.js index 2b017154e16e..2ebead15ea42 100644 --- a/js/tbl_change.js +++ b/js/tbl_change.js @@ -286,10 +286,9 @@ $(function() { $('select[name="submit_type"]').bind('change', function (e) { var $table = $('table.insertRowTable'); var auto_increment_column = $table.find('input[name^="auto_increment"]').attr('name'); - var prev_value_field = $table.find('input[name="' + auto_increment_column.replace('auto_increment', 'fields_prev') + '"]'); - var value_field = $table.find('input[name="' + auto_increment_column.replace('auto_increment', 'fields') + '"]'); - if (auto_increment_column) { + var prev_value_field = $table.find('input[name="' + auto_increment_column.replace('auto_increment', 'fields_prev') + '"]'); + var value_field = $table.find('input[name="' + auto_increment_column.replace('auto_increment', 'fields') + '"]'); var previous_value = $(prev_value_field).val(); if (previous_value !== undefined) { if ($(this).val() == 'insert' || $(this).val() == 'insertignore' || $(this).val() == 'showinsert' ) { @@ -299,7 +298,6 @@ $(function() { } } } - }); diff --git a/libraries/CommonFunctions.class.php b/libraries/CommonFunctions.class.php index de5a172d4281..6ffa5095907b 100644 --- a/libraries/CommonFunctions.class.php +++ b/libraries/CommonFunctions.class.php @@ -2302,7 +2302,9 @@ public function getUniqueCondition( $con_key = $this->backquote($meta->table) . '.' . $this->backquote($meta->orgname); } // end if... else... - $condition = ' ' . $con_key . ' '; + $condition = ($fields_cnt == 1) + ? ' CHAR_LENGTH(' . $con_key . ') ' + : ' ' . $con_key . ' '; if (! isset($row[$i]) || is_null($row[$i])) { $con_val = 'IS NULL'; @@ -2330,7 +2332,9 @@ public function getUniqueCondition( $con_val = '= CAST(0x' . bin2hex($row[$i]) . ' AS BINARY)'; } else { // this blob won't be part of the final condition - $con_val = null; + $con_val = ($fields_cnt == 1) + ? ' = '. strlen($row[$i]) + : null; } } elseif (in_array($meta->type, $this->getGISDatatypes()) diff --git a/libraries/DisplayResults.class.php b/libraries/DisplayResults.class.php index 3a528efbcb96..d67237f1a563 100644 --- a/libraries/DisplayResults.class.php +++ b/libraries/DisplayResults.class.php @@ -66,6 +66,9 @@ class PMA_DisplayResults const TABLE_TYPE_INNO_DB = 'InnoDB'; const ALL_ROWS = 'all'; const QUERY_TYPE_SELECT = 'SELECT'; + + const ROUTINE_PROCEDURE = 'procedure'; + const ROUTINE_FUNCTION = 'function'; // Declare global fields @@ -2685,7 +2688,9 @@ private function _getRowValues( $fields_meta = $this->__get('_fields_meta'); $highlight_columns = $this->__get('_highlight_columns'); $mime_map = $this->__get('_mime_map'); - + + $row_info = $this->_getRowInfoForSpecialLinks($row, $col_order); + for ($j = 0; $j < $this->__get('_fields_cnt'); ++$j) { // assign $i with appropriate column order @@ -2784,7 +2789,8 @@ private function _getRowValues( $vertical_display = $this->__get('_vertical_display'); // Check whether the field needs to display with syntax highlighting - if ($this->_isNeedToSytaxHighliight($meta->name) + + if ($this->_isNeedToSytaxHighlight($meta->name) && (trim($row[$i]) != '') ) { @@ -2806,9 +2812,32 @@ private function _getRowValues( '_', '/', $this->sytax_highlighting_column_info[strtolower($this->__get('_db'))][strtolower($this->__get('_table'))][strtolower($meta->name)][2] ); + + } + + // Check for the predefined fields need to show as link in schemas + include_once 'libraries/special_schema_links.lib.php'; + + if (isset($GLOBALS['special_schema_links']) + && ($this->_isFieldNeedToLink(strtolower($meta->name))) + ) { + + $linking_url = $this->_getSpecialLinkUrl($row[$i], $row_info, strtolower($meta->name)); + include_once "libraries/plugins/transformations/Text_Plain_Link.class.php"; + $transformation_plugin = new Text_Plain_Link(null); - } + $transform_options = array( + 0 => $linking_url, + 2 => true + ); + $meta->mimetype = str_replace( + '_', '/', + 'Text/Plain' + ); + + } + if ($meta->numeric == 1) { // n u m e r i c @@ -3007,14 +3036,108 @@ private function _gatherLinksForLaterOutputs( * * @return boolean */ - private function _isNeedToSytaxHighliight($field) { + private function _isNeedToSytaxHighlight($field) { if (! empty($this->sytax_highlighting_column_info[strtolower($this->__get('_db'))][strtolower($this->__get('_table'))][strtolower($field)])) { return true; } return false; } - + + /** + * Check whether the field needs to be link + * + * @param string $field field to check + * + * @return boolean + */ + private function _isFieldNeedToLink($field) { + if (! empty($GLOBALS['special_schema_links'][strtolower($this->__get('_db'))][strtolower($this->__get('_table'))][$field])) { + return true; + } + return false; + } + + + /** + * Get link for display special schema links + * + * @param string $column_value column value + * @param array $row_info information about row + * @param string $field_name column name + * + * @return string generated link + */ + private function _getSpecialLinkUrl($column_value, $row_info, $field_name) + { + + $linking_url_params = array(); + $link_relations = $GLOBALS['special_schema_links'][strtolower($this->__get('_db'))][strtolower($this->__get('_table'))][$field_name]; + + if (! is_array($link_relations['link_param'])) { + $linking_url_params[$link_relations['link_param']] = $column_value; + } else { + // Consider only the case of creating link for column field + // sql query need to be pass as url param + $sql = 'SELECT `'.$column_value.'` FROM `'. $row_info[$link_relations['link_param'][1]] .'`.`'. $row_info[$link_relations['link_param'][2]] .'`'; + $linking_url_params[$link_relations['link_param'][0]] = $sql; + } + + + if (! empty($link_relations['link_dependancy_params'])) { + + foreach ($link_relations['link_dependancy_params'] as $new_param) { + + // If param_info is an array, set the key and value + // from that array + if (is_array($new_param['param_info'])) { + $linking_url_params[$new_param['param_info'][0]] = $new_param['param_info'][1]; + } else { + $linking_url_params[$new_param['param_info']] = $row_info[strtolower($new_param['column_name'])]; + + // Special case 1 - when executing routines, according + // to the type of the routine, url param changes + if (!empty($row_info['routine_type'])){ + if (strtolower($row_info['routine_type']) == self::ROUTINE_PROCEDURE) { + $linking_url_params['execute_routine'] = 1; + } else if (strtolower($row_info['routine_type']) == self::ROUTINE_FUNCTION) { + $linking_url_params['execute_dialog'] = 1; + } + } + } + + } + } + + return $link_relations['default_page'] . PMA_generate_common_url($linking_url_params); + + } + + + /** + * Prepare row information for display special links + * + * @param array $row current row data + * @param array $col_order the column order + * + * @return array $row_info associative array with column nama -> value + */ + private function _getRowInfoForSpecialLinks($row, $col_order) + { + + $row_info = array(); + $fields_meta = $this->__get('_fields_meta'); + + for ($n = 0; $n < $this->__get('_fields_cnt'); ++$n) { + $m = $col_order ? $col_order[$n] : $n; + $row_info[strtolower($fields_meta[$m]->name)] = $row[$m]; + } + + return $row_info; + + } + + /** * Get url sql query without conditions to shorten URLs * @@ -3520,7 +3643,8 @@ private function _getDataCellForBlobColumns( // replacements will be made if ((PMA_strlen($column) > $GLOBALS['cfg']['LimitChars']) && ($_SESSION['tmp_user_values']['display_text'] == self::DISPLAY_PARTIAL_TEXT) - && ! $this->_isNeedToSytaxHighliight(strtolower($meta->name)) + && ! $this->_isNeedToSytaxHighlight(strtolower($meta->name)) + ) { $column = PMA_substr($column, 0, $GLOBALS['cfg']['LimitChars']) . '...'; diff --git a/libraries/Footer.class.php b/libraries/Footer.class.php index 143c903db9c2..2cb309053f02 100644 --- a/libraries/Footer.class.php +++ b/libraries/Footer.class.php @@ -326,7 +326,8 @@ public function getDisplay() $retval .= ob_get_contents(); ob_end_clean(); } - } else if (! $this->_isAjax) { + } + if (! $this->_isAjax) { $retval .= "