diff --git a/db_tracking.php b/db_tracking.php index 0c8724d60a77..49e4048025c2 100644 --- a/db_tracking.php +++ b/db_tracking.php @@ -30,6 +30,8 @@ */ require 'libraries/db_common.inc.php'; $url_query .= '&goto=tbl_tracking.php&back=db_tracking.php'; +$url_params['goto'] = 'tbl_tracking.php'; +$url_params['back'] = 'db_tracking.php'; // Get the database structure $sub_part = '_structure'; @@ -46,47 +48,45 @@ $pos ) = Util::getDbInfo($db, isset($sub_part) ? $sub_part : ''); -// Work to do? -// (here, do not use $_REQUEST['db] as it can be crafted) -if (isset($_REQUEST['delete_tracking']) && isset($_REQUEST['table'])) { +if (isset($_POST['delete_tracking']) && isset($_POST['table'])) { - Tracker::deleteTracking($GLOBALS['db'], $_REQUEST['table']); + Tracker::deleteTracking($GLOBALS['db'], $_POST['table']); Message::success( __('Tracking data deleted successfully.') )->display(); -} elseif (isset($_REQUEST['submit_create_version'])) { +} elseif (isset($_POST['submit_create_version'])) { - Tracking::createTrackingForMultipleTables($_REQUEST['selected']); + Tracking::createTrackingForMultipleTables($_POST['selected']); Message::success( sprintf( __( 'Version %1$s was created for selected tables,' . ' tracking is active for them.' ), - htmlspecialchars($_REQUEST['version']) + htmlspecialchars($_POST['version']) ) )->display(); -} elseif (isset($_REQUEST['submit_mult'])) { +} elseif (isset($_POST['submit_mult'])) { - if (! empty($_REQUEST['selected_tbl'])) { - if ($_REQUEST['submit_mult'] == 'delete_tracking') { + if (! empty($_POST['selected_tbl'])) { + if ($_POST['submit_mult'] == 'delete_tracking') { - foreach ($_REQUEST['selected_tbl'] as $table) { + foreach ($_POST['selected_tbl'] as $table) { Tracker::deleteTracking($GLOBALS['db'], $table); } Message::success( __('Tracking data deleted successfully.') )->display(); - } elseif ($_REQUEST['submit_mult'] == 'track') { + } elseif ($_POST['submit_mult'] == 'track') { echo Tracking::getHtmlForDataDefinitionAndManipulationStatements( 'db_tracking.php' . $url_query, 0, $GLOBALS['db'], - $_REQUEST['selected_tbl'] + $_POST['selected_tbl'] ); exit; } @@ -98,7 +98,7 @@ } // Get tracked data about the database -$data = Tracker::getTrackedData($_REQUEST['db'], '', '1'); +$data = Tracker::getTrackedData($GLOBALS['db'], '', '1'); // No tables present and no log exist if ($num_tables == 0 && count($data['ddlog']) == 0) { @@ -118,7 +118,7 @@ $all_tables_query = ' SELECT table_name, MAX(version) as version FROM ' . Util::backquote($cfgRelation['db']) . '.' . Util::backquote($cfgRelation['tracking']) . - ' WHERE db_name = \'' . $GLOBALS['dbi']->escapeString($_REQUEST['db']) . + ' WHERE db_name = \'' . $GLOBALS['dbi']->escapeString($GLOBALS['db']) . '\' ' . ' GROUP BY table_name' . ' ORDER BY table_name ASC'; diff --git a/js/db_tracking.js b/js/db_tracking.js index 36b8ae3e2ed0..ce2febab9c35 100644 --- a/js/db_tracking.js +++ b/js/db_tracking.js @@ -84,10 +84,9 @@ AJAX.registerOnload('db_tracking.js', function () { $anchor.PMA_confirm(question, $anchor.attr('href'), function (url) { PMA_ajaxShowMessage(PMA_messages.strDeletingTrackingData); AJAX.source = $anchor; - var params = { - 'ajax_page_request': true, - 'ajax_request': true - }; + var argSep = PMA_commonParams.get('arg_separator'); + var params = getJSConfirmCommonParam(this, $anchor.getPostData()); + params += argSep + 'ajax_page_request=1'; $.post(url, params, AJAX.responseHandler); }); }); diff --git a/js/tbl_tracking.js b/js/tbl_tracking.js index 9415f37a668a..cd08957302b6 100644 --- a/js/tbl_tracking.js +++ b/js/tbl_tracking.js @@ -80,10 +80,9 @@ AJAX.registerOnload('tbl_tracking.js', function () { $anchor.PMA_confirm(question, $anchor.attr('href'), function (url) { PMA_ajaxShowMessage(); AJAX.source = $anchor; - var params = { - 'ajax_page_request': true, - 'ajax_request': true - }; + var argSep = PMA_commonParams.get('arg_separator'); + var params = getJSConfirmCommonParam(this, $anchor.getPostData()); + params += argSep + 'ajax_page_request=1'; $.post(url, params, AJAX.responseHandler); }); }); @@ -98,10 +97,9 @@ AJAX.registerOnload('tbl_tracking.js', function () { $anchor.PMA_confirm(question, $anchor.attr('href'), function (url) { PMA_ajaxShowMessage(); AJAX.source = $anchor; - var params = { - 'ajax_page_request': true, - 'ajax_request': true - }; + var argSep = PMA_commonParams.get('arg_separator'); + var params = getJSConfirmCommonParam(this, $anchor.getPostData()); + params += argSep + 'ajax_page_request=1'; $.post(url, params, AJAX.responseHandler); }); }); diff --git a/libraries/classes/Tracking.php b/libraries/classes/Tracking.php index f3cbced58bb7..d4ff875d82a7 100644 --- a/libraries/classes/Tracking.php +++ b/libraries/classes/Tracking.php @@ -122,10 +122,10 @@ public static function getListOfVersionsOfTable() $sql_query = " SELECT * FROM " . Util::backquote($cfgRelation['db']) . "." . Util::backquote($cfgRelation['tracking']) . - " WHERE db_name = '" . $GLOBALS['dbi']->escapeString($_REQUEST['db']) . + " WHERE db_name = '" . $GLOBALS['dbi']->escapeString($GLOBALS['db']) . "' " . " AND table_name = '" . - $GLOBALS['dbi']->escapeString($_REQUEST['table']) . "' " . + $GLOBALS['dbi']->escapeString($GLOBALS['table']) . "' " . " ORDER BY version DESC "; return $relation->queryAsControlUser($sql_query); @@ -179,9 +179,6 @@ public static function getHtmlForTableVersionDetails( $tracking_active = false; } } - $delete_link = 'tbl_tracking.php' . $url_query . '&version=' - . htmlspecialchars($version['version']) - . '&submit_delete_version=true'; $checkbox_id = 'selected_versions_' . htmlspecialchars($version['version']); $html .= ''; @@ -198,21 +195,24 @@ public static function getHtmlForTableVersionDetails( $html .= '' . htmlspecialchars($version['date_updated']) . ''; $html .= '' . self::getVersionStatus($version) . ''; $html .= '' . $delete . ''; - $html .= '' . $delete . ''; + $html .= '' . $report . ''; $html .= '  '; - $html .= '' . $structure . ''; $html .= ''; $html .= ''; @@ -308,7 +308,7 @@ public static function getHtmlForSelectableTables( 'db' => $GLOBALS['db'], 'table' => $GLOBALS['table'], 'entries' => $entries, - 'selected_table' => isset($_REQUEST['table']) ? $_REQUEST['table'] : null, + 'selected_table' => isset($_POST['table']) ? $_POST['table'] : null, ]); } @@ -401,11 +401,11 @@ public static function getHtmlForElementsOfTrackingReport( . __('Structure and data') . '' . ''; $str2 = ''; + . htmlspecialchars($_POST['date_from']) . '" size="19" />'; $str3 = ''; + . htmlspecialchars($_POST['date_to']) . '" size="19" />'; $str4 = ''; + . htmlspecialchars($_POST['users']) . '" />'; $str5 = '' . ''; return array($str1, $str2, $str3, $str4, $str5); @@ -438,14 +438,11 @@ public static function getHtmlForTrackingReportExportForm1( ) { $ddlog_count = 0; - $html = '
'; - $html .= Url::getHiddenInputs(); + $html = ''; + $html .= Url::getHiddenInputs($url_params + [ + 'report' => 'true', + 'version' => $_POST['version'], + ]); $html .= sprintf( __('Show %1$s with dates from %2$s to %3$s by user %4$s %5$s'), @@ -489,35 +486,28 @@ public static function getHtmlForTrackingReportExportForm1( public static function getHtmlForTrackingReportExportForm2( array $url_params, $str1, $str2, $str3, $str4, $str5 ) { - $html = ''; - $html .= Url::getHiddenInputs(); + $html = ''; + $html .= Url::getHiddenInputs($url_params + [ + 'report' => 'true', + 'version' => $_POST['version'], + ]); + $html .= sprintf( __('Show %1$s with dates from %2$s to %3$s by user %4$s %5$s'), $str1, $str2, $str3, $str4, $str5 ); $html .= '
'; - $html .= '
'; - $html .= Url::getHiddenInputs(); - $html .= ''; - $html .= ''; - $html .= ''; - $html .= ''; + $html .= ''; + $html .= Url::getHiddenInputs($url_params + [ + 'report' => 'true', + 'version' => $_POST['version'], + 'logtype' => $_POST['logtype'], + 'date_from' => $_POST['date_from'], + 'date_to' => $_POST['date_to'], + 'users' => $_POST['users'], + 'report_export' => 'true', + ]); $str_export1 = ''; - $str_export2 = '' - . ''; + $str_export2 = ''; $html .= "
" . sprintf(__('Export as %s'), $str_export1) . $str_export2 . "
"; @@ -630,9 +619,9 @@ private static function getHtmlForDataStatements( $deleteParam = 'delete_' . $whichLog; $entry['url_params'] = Url::getCommon($urlParams + [ 'report' => 'true', - 'version' => $_REQUEST['version'], + 'version' => $_POST['version'], $deleteParam => ($lineNumber - $offset), - ]); + ], ''); $entry['line_number'] = $lineNumber; $entries[] = $entry; } @@ -662,7 +651,7 @@ public static function getHtmlForSchemaSnapshot($url_query) . ' [' . __('Close') . ']'; $data = Tracker::getTrackedData( - $_REQUEST['db'], $_REQUEST['table'], $_REQUEST['version'] + $_POST['db'], $_POST['table'], $_POST['version'] ); // Get first DROP TABLE/VIEW and CREATE TABLE/VIEW statements @@ -677,7 +666,7 @@ public static function getHtmlForSchemaSnapshot($url_query) $html .= Util::getMessage( sprintf( __('Version %s snapshot (SQL code)'), - htmlspecialchars($_REQUEST['version']) + htmlspecialchars($_POST['version']) ), $drop_create_statements ); @@ -737,7 +726,7 @@ public static function getHtmlForIndexes(array $indexes) public static function deleteTrackingReportRows(array &$data) { $html = ''; - if (isset($_REQUEST['delete_ddlog'])) { + if (isset($_POST['delete_ddlog'])) { // Delete ddlog row data $html .= self::deleteFromTrackingReportLog( $data, @@ -747,7 +736,7 @@ public static function deleteTrackingReportRows(array &$data) ); } - if (isset($_REQUEST['delete_dmlog'])) { + if (isset($_POST['delete_dmlog'])) { // Delete dmlog row data $html .= self::deleteFromTrackingReportLog( $data, @@ -772,16 +761,16 @@ public static function deleteTrackingReportRows(array &$data) public static function deleteFromTrackingReportLog(array &$data, $which_log, $type, $message) { $html = ''; - $delete_id = $_REQUEST['delete_' . $which_log]; + $delete_id = $_POST['delete_' . $which_log]; // Only in case of valid id if ($delete_id == (int)$delete_id) { unset($data[$which_log][$delete_id]); $successfullyDeleted = Tracker::changeTrackingData( - $_REQUEST['db'], - $_REQUEST['table'], - $_REQUEST['version'], + $GLOBALS['db'], + $GLOBALS['table'], + $_POST['version'], $type, $data[$which_log] ); @@ -867,7 +856,7 @@ public static function exportAsFileDownload(array $entries) ini_set('url_rewriter.tags', ''); // Replace all multiple whitespaces by a single space - $table = htmlspecialchars(preg_replace('/\s+/', ' ', $_REQUEST['table'])); + $table = htmlspecialchars(preg_replace('/\s+/', ' ', $_POST['table'])); $dump = "# " . sprintf( __('Tracking report for table `%s`'), $table ) @@ -905,14 +894,14 @@ public static function changeTracking($action) $message = __('Tracking for %1$s was deactivated at version %2$s.'); } $status = Tracker::$method( - $GLOBALS['db'], $GLOBALS['table'], $_REQUEST['version'] + $GLOBALS['db'], $GLOBALS['table'], $_POST['version'] ); if ($status) { $msg = Message::success( sprintf( $message, htmlspecialchars($GLOBALS['db'] . '.' . $GLOBALS['table']), - htmlspecialchars($_REQUEST['version']) + htmlspecialchars($_POST['version']) ) ); $html .= $msg->getDisplay(); @@ -932,43 +921,43 @@ public static function getTrackingSet() // a key is absent from the request if it has been removed from // tracking_default_statements in the config - if (isset($_REQUEST['alter_table']) && $_REQUEST['alter_table'] == true) { + if (isset($_POST['alter_table']) && $_POST['alter_table'] == true) { $tracking_set .= 'ALTER TABLE,'; } - if (isset($_REQUEST['rename_table']) && $_REQUEST['rename_table'] == true) { + if (isset($_POST['rename_table']) && $_POST['rename_table'] == true) { $tracking_set .= 'RENAME TABLE,'; } - if (isset($_REQUEST['create_table']) && $_REQUEST['create_table'] == true) { + if (isset($_POST['create_table']) && $_POST['create_table'] == true) { $tracking_set .= 'CREATE TABLE,'; } - if (isset($_REQUEST['drop_table']) && $_REQUEST['drop_table'] == true) { + if (isset($_POST['drop_table']) && $_POST['drop_table'] == true) { $tracking_set .= 'DROP TABLE,'; } - if (isset($_REQUEST['alter_view']) && $_REQUEST['alter_view'] == true) { + if (isset($_POST['alter_view']) && $_POST['alter_view'] == true) { $tracking_set .= 'ALTER VIEW,'; } - if (isset($_REQUEST['create_view']) && $_REQUEST['create_view'] == true) { + if (isset($_POST['create_view']) && $_POST['create_view'] == true) { $tracking_set .= 'CREATE VIEW,'; } - if (isset($_REQUEST['drop_view']) && $_REQUEST['drop_view'] == true) { + if (isset($_POST['drop_view']) && $_POST['drop_view'] == true) { $tracking_set .= 'DROP VIEW,'; } - if (isset($_REQUEST['create_index']) && $_REQUEST['create_index'] == true) { + if (isset($_POST['create_index']) && $_POST['create_index'] == true) { $tracking_set .= 'CREATE INDEX,'; } - if (isset($_REQUEST['drop_index']) && $_REQUEST['drop_index'] == true) { + if (isset($_POST['drop_index']) && $_POST['drop_index'] == true) { $tracking_set .= 'DROP INDEX,'; } - if (isset($_REQUEST['insert']) && $_REQUEST['insert'] == true) { + if (isset($_POST['insert']) && $_POST['insert'] == true) { $tracking_set .= 'INSERT,'; } - if (isset($_REQUEST['update']) && $_REQUEST['update'] == true) { + if (isset($_POST['update']) && $_POST['update'] == true) { $tracking_set .= 'UPDATE,'; } - if (isset($_REQUEST['delete']) && $_REQUEST['delete'] == true) { + if (isset($_POST['delete']) && $_POST['delete'] == true) { $tracking_set .= 'DELETE,'; } - if (isset($_REQUEST['truncate']) && $_REQUEST['truncate'] == true) { + if (isset($_POST['truncate']) && $_POST['truncate'] == true) { $tracking_set .= 'TRUNCATE,'; } $tracking_set = rtrim($tracking_set, ','); @@ -1018,7 +1007,7 @@ public static function createTrackingVersion() $versionCreated = Tracker::createVersion( $GLOBALS['db'], $GLOBALS['table'], - $_REQUEST['version'], + $_POST['version'], $tracking_set, $GLOBALS['dbi']->getTable($GLOBALS['db'], $GLOBALS['table'])->isView() ); @@ -1026,7 +1015,7 @@ public static function createTrackingVersion() $msg = Message::success( sprintf( __('Version %1$s was created, tracking for %2$s is active.'), - htmlspecialchars($_REQUEST['version']), + htmlspecialchars($_POST['version']), htmlspecialchars($GLOBALS['db'] . '.' . $GLOBALS['table']) ) ); @@ -1051,7 +1040,7 @@ public static function createTrackingForMultipleTables(array $selected) Tracker::createVersion( $GLOBALS['db'], $selected_table, - $_REQUEST['version'], + $_POST['version'], $tracking_set, $GLOBALS['dbi']->getTable($GLOBALS['db'], $selected_table)->isView() ); @@ -1072,8 +1061,8 @@ public static function getEntries(array $data, $filter_ts_from, $filter_ts_to, a { $entries = array(); // Filtering data definition statements - if ($_REQUEST['logtype'] == 'schema' - || $_REQUEST['logtype'] == 'schema_and_data' + if ($_POST['logtype'] == 'schema' + || $_POST['logtype'] == 'schema_and_data' ) { $entries = array_merge( $entries, @@ -1084,8 +1073,8 @@ public static function getEntries(array $data, $filter_ts_from, $filter_ts_to, a } // Filtering data manipulation statements - if ($_REQUEST['logtype'] == 'data' - || $_REQUEST['logtype'] == 'schema_and_data' + if ($_POST['logtype'] == 'data' + || $_POST['logtype'] == 'schema_and_data' ) { $entries = array_merge( $entries, @@ -1227,7 +1216,7 @@ public static function getHtmlForTrackedTables( Util::backquote($cfgRelation['db']) . '.' . Util::backquote($cfgRelation['tracking']) . ' WHERE `db_name` = \'' - . $GLOBALS['dbi']->escapeString($_REQUEST['db']) + . $GLOBALS['dbi']->escapeString($GLOBALS['db']) . '\' AND `table_name` = \'' . $GLOBALS['dbi']->escapeString($tableName) . '\' AND `version` = \'' . $versionNumber . '\''; @@ -1243,7 +1232,6 @@ public static function getHtmlForTrackedTables( return Template::get('database/tracking/tracked_tables')->render([ 'db' => $db, 'versions' => $versions, - 'url_query' => $urlQuery, 'text_dir' => $textDir, 'pma_theme_image' => $pmaThemeImage, ]); diff --git a/tbl_tracking.php b/tbl_tracking.php index 190f11ad2b40..c5218547fe69 100644 --- a/tbl_tracking.php +++ b/tbl_tracking.php @@ -24,10 +24,10 @@ if (Tracker::isActive() && Tracker::isTracked($GLOBALS["db"], $GLOBALS["table"]) - && ! (isset($_REQUEST['toggle_activation']) - && $_REQUEST['toggle_activation'] == 'deactivate_now') - && ! (isset($_REQUEST['report_export']) - && $_REQUEST['export_type'] == 'sqldumpfile') + && ! (isset($_POST['toggle_activation']) + && $_POST['toggle_activation'] == 'deactivate_now') + && ! (isset($_POST['report_export']) + && $_POST['export_type'] == 'sqldumpfile') ) { $msg = Message::notice( sprintf( @@ -43,47 +43,47 @@ $url_params['back'] = 'tbl_tracking.php'; // Init vars for tracking report -if (isset($_REQUEST['report']) || isset($_REQUEST['report_export'])) { +if (isset($_POST['report']) || isset($_POST['report_export'])) { $data = Tracker::getTrackedData( - $_REQUEST['db'], $_REQUEST['table'], $_REQUEST['version'] + $GLOBALS['db'], $GLOBALS['table'], $_POST['version'] ); $selection_schema = false; $selection_data = false; $selection_both = false; - if (! isset($_REQUEST['logtype'])) { - $_REQUEST['logtype'] = 'schema_and_data'; + if (! isset($_POST['logtype'])) { + $_POST['logtype'] = 'schema_and_data'; } - if ($_REQUEST['logtype'] == 'schema') { + if ($_POST['logtype'] == 'schema') { $selection_schema = true; - } elseif ($_REQUEST['logtype'] == 'data') { + } elseif ($_POST['logtype'] == 'data') { $selection_data = true; } else { $selection_both = true; } - if (! isset($_REQUEST['date_from'])) { - $_REQUEST['date_from'] = $data['date_from']; + if (! isset($_POST['date_from'])) { + $_POST['date_from'] = $data['date_from']; } - if (! isset($_REQUEST['date_to'])) { - $_REQUEST['date_to'] = $data['date_to']; + if (! isset($_POST['date_to'])) { + $_POST['date_to'] = $data['date_to']; } - if (! isset($_REQUEST['users'])) { - $_REQUEST['users'] = '*'; + if (! isset($_POST['users'])) { + $_POST['users'] = '*'; } - $filter_ts_from = strtotime($_REQUEST['date_from']); - $filter_ts_to = strtotime($_REQUEST['date_to']); - $filter_users = array_map('trim', explode(',', $_REQUEST['users'])); + $filter_ts_from = strtotime($_POST['date_from']); + $filter_ts_to = strtotime($_POST['date_to']); + $filter_users = array_map('trim', explode(',', $_POST['users'])); } // Prepare export -if (isset($_REQUEST['report_export'])) { +if (isset($_POST['report_export'])) { $entries = Tracking::getEntries($data, $filter_ts_from, $filter_ts_to, $filter_users); } // Export as file download -if (isset($_REQUEST['report_export']) - && $_REQUEST['export_type'] == 'sqldumpfile' +if (isset($_POST['report_export']) + && $_POST['export_type'] == 'sqldumpfile' ) { Tracking::exportAsFileDownload($entries); } @@ -93,10 +93,10 @@ /** * Actions */ -if (isset($_REQUEST['submit_mult'])) { - if (! empty($_REQUEST['selected_versions'])) { - if ($_REQUEST['submit_mult'] == 'delete_version') { - foreach ($_REQUEST['selected_versions'] as $version) { +if (isset($_POST['submit_mult'])) { + if (! empty($_POST['selected_versions'])) { + if ($_POST['submit_mult'] == 'delete_version') { + foreach ($_POST['selected_versions'] as $version) { Tracking::deleteTrackingVersion($version); } $html .= Message::success( @@ -110,45 +110,45 @@ } } -if (isset($_REQUEST['submit_delete_version'])) { - $html .= Tracking::deleteTrackingVersion($_REQUEST['version']); +if (isset($_POST['submit_delete_version'])) { + $html .= Tracking::deleteTrackingVersion($_POST['version']); } // Create tracking version -if (isset($_REQUEST['submit_create_version'])) { +if (isset($_POST['submit_create_version'])) { $html .= Tracking::createTrackingVersion(); } // Deactivate tracking -if (isset($_REQUEST['toggle_activation']) - && $_REQUEST['toggle_activation'] == 'deactivate_now' +if (isset($_POST['toggle_activation']) + && $_POST['toggle_activation'] == 'deactivate_now' ) { $html .= Tracking::changeTracking('deactivate'); } // Activate tracking -if (isset($_REQUEST['toggle_activation']) - && $_REQUEST['toggle_activation'] == 'activate_now' +if (isset($_POST['toggle_activation']) + && $_POST['toggle_activation'] == 'activate_now' ) { $html .= Tracking::changeTracking('activate'); } // Export as SQL execution -if (isset($_REQUEST['report_export']) && $_REQUEST['export_type'] == 'execution') { +if (isset($_POST['report_export']) && $_POST['export_type'] == 'execution') { $sql_result = Tracking::exportAsSqlExecution($entries); $msg = Message::success(__('SQL statements executed.')); $html .= $msg->getDisplay(); } // Export as SQL dump -if (isset($_REQUEST['report_export']) && $_REQUEST['export_type'] == 'sqldump') { +if (isset($_POST['report_export']) && $_POST['export_type'] == 'sqldump') { $html .= Tracking::exportAsSqlDump($entries); } /* * Schema snapshot */ -if (isset($_REQUEST['snapshot'])) { +if (isset($_POST['snapshot'])) { $html .= Tracking::getHtmlForSchemaSnapshot($url_query); } // end of snapshot report @@ -156,20 +156,19 @@ /* * Tracking report */ -if (isset($_REQUEST['report']) - && (isset($_REQUEST['delete_ddlog']) || isset($_REQUEST['delete_dmlog'])) +if (isset($_POST['report']) + && (isset($_POST['delete_ddlog']) || isset($_POST['delete_dmlog'])) ) { $html .= Tracking::deleteTrackingReportRows($data); } -if (isset($_REQUEST['report']) || isset($_REQUEST['report_export'])) { +if (isset($_POST['report']) || isset($_POST['report_export'])) { $html .= Tracking::getHtmlForTrackingReport( $url_query, $data, $url_params, $selection_schema, $selection_data, $selection_both, $filter_ts_to, $filter_ts_from, $filter_users ); } // end of report - /* * List selectable tables */ diff --git a/templates/database/tracking/tracked_tables.twig b/templates/database/tracking/tracked_tables.twig index e88dfaaa579b..9f7a755fc2c4 100644 --- a/templates/database/tracking/tracked_tables.twig +++ b/templates/database/tracking/tracked_tables.twig @@ -43,25 +43,47 @@ {{ version.status_button|raw }} - + {{ Util_getIcon('b_drop', 'Delete tracking'|trans) }} - + {{ Util_getIcon('b_versions', 'Versions'|trans) }} - + {{ Util_getIcon('b_report', 'Tracking report'|trans) }} - + {{ Util_getIcon('b_props', 'Structure snapshot'|trans) }} diff --git a/templates/table/tracking/report_table.twig b/templates/table/tracking/report_table.twig index 525e35cc71b8..fe0052667691 100644 --- a/templates/table/tracking/report_table.twig +++ b/templates/table/tracking/report_table.twig @@ -16,7 +16,7 @@ {{ entry.username }} {{ entry.formated_statement|raw }} - {{ drop_image_or_text|raw }} diff --git a/test/classes/TrackingTest.php b/test/classes/TrackingTest.php index 93603ced1a5d..557cf8b68083 100644 --- a/test/classes/TrackingTest.php +++ b/test/classes/TrackingTest.php @@ -30,9 +30,6 @@ protected function setUp() /** * SET these to avoid undefined index error */ - $_REQUEST['db'] = "db"; - $_REQUEST['table'] = "table"; - $GLOBALS['server'] = 1; $GLOBALS['db'] = "PMA_db"; $GLOBALS['table'] = "PMA_table"; @@ -576,11 +573,11 @@ public function testPMAGetHtmlForSelectableTables() */ public function testPMAGetHtmlForTrackingReportr() { - $_REQUEST['version'] = 10; - $_REQUEST['date_from'] = "date_from"; - $_REQUEST['date_to'] = "date_to"; - $_REQUEST['users'] = "users"; - $_REQUEST['logtype'] = 'logtype'; + $_POST['version'] = 10; + $_POST['date_from'] = "date_from"; + $_POST['date_to'] = "date_to"; + $_POST['users'] = "users"; + $_POST['logtype'] = 'logtype'; $url_query = "select * from PMA"; $data = array( 'tracking'=>'tracking', @@ -622,12 +619,10 @@ public function testPMAGetHtmlForTrackingReportr() $html ); - $version = ''tracking', 'dmlog' => array( @@ -737,7 +732,7 @@ public function testPMAGetHtmlForDataManipulationStatements() */ public function testPMAGetHtmlForDataDefinitionStatements() { - $_REQUEST['version'] = "10"; + $_POST['version'] = "10"; $data = array( 'tracking'=>'tracking', @@ -877,16 +872,16 @@ public function testPMAGetHtmlForIndexes() */ public function testPMAGetTrackingSet() { - $_REQUEST['alter_table'] = false; - $_REQUEST['rename_table'] = true; - $_REQUEST['create_table'] = true; - $_REQUEST['drop_table'] = true; - $_REQUEST['create_index'] = false; - $_REQUEST['drop_index'] = true; - $_REQUEST['insert'] = true; - $_REQUEST['update'] = false; - $_REQUEST['delete'] = true; - $_REQUEST['truncate'] = true; + $_POST['alter_table'] = false; + $_POST['rename_table'] = true; + $_POST['create_table'] = true; + $_POST['drop_table'] = true; + $_POST['create_index'] = false; + $_POST['drop_index'] = true; + $_POST['insert'] = true; + $_POST['update'] = false; + $_POST['delete'] = true; + $_POST['truncate'] = true; $tracking_set = Tracking::getTrackingSet(); $this->assertEquals( @@ -895,16 +890,16 @@ public function testPMAGetTrackingSet() ); //other set to true - $_REQUEST['alter_table'] = true; - $_REQUEST['rename_table'] = false; - $_REQUEST['create_table'] = false; - $_REQUEST['drop_table'] = false; - $_REQUEST['create_index'] = true; - $_REQUEST['drop_index'] = false; - $_REQUEST['insert'] = false; - $_REQUEST['update'] = true; - $_REQUEST['delete'] = false; - $_REQUEST['truncate'] = false; + $_POST['alter_table'] = true; + $_POST['rename_table'] = false; + $_POST['create_table'] = false; + $_POST['drop_table'] = false; + $_POST['create_index'] = true; + $_POST['drop_index'] = false; + $_POST['insert'] = false; + $_POST['update'] = true; + $_POST['delete'] = false; + $_POST['truncate'] = false; $tracking_set = Tracking::getTrackingSet(); $this->assertEquals( @@ -922,7 +917,7 @@ public function testPMAGetTrackingSet() */ public function testPMAGetEntries() { - $_REQUEST['logtype'] = 'schema'; + $_POST['logtype'] = 'schema'; $data = array( 'tracking'=>'tracking', 'ddlog' => array(