Permalink
Browse files

Fix Mysql access driver

  • Loading branch information...
1 parent c9c0ca3 commit 697cc7ee67474922092b00a59e5acd0d21ffe388 @cdujeu cdujeu committed Sep 30, 2016
@@ -137,7 +137,9 @@ public function switchAction(ServerRequestInterface $requestInterface, ResponseI
case "edit_record";
$isNew = false;
- if(isSet($record_is_new) && $record_is_new == "true") $isNew = true;
+ if(isSet($httpVars['record_is_new']) && $httpVars['record_is_new'] == "true") {
+ $isNew = true;
+ }
$tableName = $httpVars["table_name"];
$pkName = $httpVars["pk_name"];
$arrValues = array();
@@ -147,16 +149,19 @@ public function switchAction(ServerRequestInterface $requestInterface, ResponseI
$arrValues[$newKey] = $value;
}
}
+ $autoKey = $this->findTableAutoIncrementKey($ctx, $tableName);
if ($isNew) {
- $string = "";
+ $values = [];
$index = 0;
foreach ($arrValues as $k=>$v) {
- // CHECK IF AUTO KEY!!!
- $string .= "'".addslashes($v)."'";
- if($index < count($arrValues)-1) $string.=",";
+ if($autoKey !== false && $k === $autoKey){
+ $values[] = 'NULL';
+ }else{
+ $values []= "'".addslashes($v)."'";
+ }
$index++;
}
- $query = "INSERT INTO $tableName VALUES ($string)";
+ $query = "INSERT INTO `$tableName` VALUES (".implode(",", $values).")";
} else {
$string = "";
$index = 0;
@@ -170,7 +175,7 @@ public function switchAction(ServerRequestInterface $requestInterface, ResponseI
$index++;
}
if(!isSet($pkValue)) throw new PydioException("Cannot find PK Value");
- $query = "UPDATE $tableName SET $string WHERE $pkName='$pkValue'";
+ $query = "UPDATE `$tableName` SET $string WHERE $pkName='$pkValue'";
}
$this->execQuery($ctx, $query);
$logMessage = $query;
@@ -183,6 +188,7 @@ public function switchAction(ServerRequestInterface $requestInterface, ResponseI
//------------------------------------
case "edit_table":
if (isSet($httpVars["current_table"])) {
+ $current_table = InputFilter::sanitize($httpVars["current_table"], InputFilter::SANITIZE_ALPHANUM);
if (isSet($httpVars["delete_column"])) {
$query = "ALTER TABLE ".$httpVars["current_table"]." DROP COLUMN ".$httpVars["delete_column"];
$this->execQuery($ctx, $query);
@@ -192,7 +198,7 @@ public function switchAction(ServerRequestInterface $requestInterface, ResponseI
}
if (isSet($httpVars["add_column"])) {
$defString = $this->makeColumnDef($httpVars, "add_field_");
- $query = "ALTER TABLE ".$httpVars["current_table"]." ADD COLUMN ($defString)";
+ $query = "ALTER TABLE `".$current_table."` ADD COLUMN ($defString)";
if (isSet($httpVars["add_field_pk"]) && $httpVars["add_field_pk"]=="1") {
$query.= ", ADD PRIMARY KEY (".$httpVars["add_field_name"].")";
}
@@ -232,7 +238,8 @@ public function switchAction(ServerRequestInterface $requestInterface, ResponseI
$reload_file_list = true;
}
$logMessage = $qMessage;
- } else if (isSet($new_table)) {
+ } else if (isSet($httpVars["new_table"])) {
+ $new_table = InputFilter::sanitize($httpVars["new_table"], InputFilter::SANITIZE_ALPHANUM);
$fieldsDef = array();
$pks = array();
$indexes = array();
@@ -261,6 +268,7 @@ public function switchAction(ServerRequestInterface $requestInterface, ResponseI
$reload_file_list = true;
$reload_current_node = true;
}
+
break;
//------------------------------------
@@ -594,6 +602,25 @@ public function listTables(ContextInterface $ctx)
}
/**
+ * Find autoincrement key
+ * @param ContextInterface $ctx
+ * @param $tablename
+ * @return bool
+ * @throws PydioException
+ */
+ public function findTableAutoIncrementKey(ContextInterface $ctx, $tablename){
+
+ $result = $this->execQuery($ctx, "SELECT * from `$tablename` LIMIT 0,1");
+ $fields = mysqli_fetch_fields($result);
+ foreach($fields as $field){
+ if($field->flags & MYSQLI_AUTO_INCREMENT_FLAG){
+ return $field->name;
+ }
+ }
+ return false;
+ }
+
+ /**
* @param ContextInterface $ctx
* @param $query
* @param $tablename
@@ -673,7 +700,7 @@ public function showRecords(ContextInterface $ctx, $query, $tablename, $currentP
}
// MAKE ROWS RESULT
- for ($s=0; $s < $rpp; $s++) {
+ for ($s=0; $s < min($rpp, mysqli_num_rows($result)); $s++) {
$row=mysqli_fetch_array($result);
if (!isset($pk)) {
$pk=' ';
@@ -45,7 +45,7 @@
<html><![CDATA[
<div style="padding:10px;">
<big style="font-weight: bold; font-size: 14px; color:#79f;display: block; text-align:center; padding-bottom:20px;">#{text}</big>
- <div><b>#{files_string}</b> : #{count}</div>
+ <div>#{files_string} : #{count}</div>
</div>
]]></html>
</infoPanel>
@@ -50,8 +50,8 @@
<serverCallback methodName="switchAction"></serverCallback>
</processing>
</action>
- <action name="mkdir">
- <gui text="sql.1" title="sql.1" src="sql_images/actions/ICON_SIZE/table_new.png" accessKey="folder_access_key" hasAccessKey="false">
+ <action name="mktable">
+ <gui text="sql.1" title="sql.1" iconClass="mdi mdi-folder-plus" accessKey="folder_access_key" hasAccessKey="false">
<context selection="false" dir="true" recycle="hidden" actionBar="true" contextMenu="true" infoPanel="false" actionBarGroup="put" inZip="false"/>
</gui>
<rightsContext noUser="true" userLogged="only" read="true" write="true" adminOnly=""/>
@@ -70,10 +70,10 @@
</processing>
</action>
<action name="mkfile">
- <gui text="273" title="274" src="sql_images/actions/ICON_SIZE/table_record_new.png" accessKey="file_access_key" hasAccessKey="false">
+ <gui text="273" title="274" iconClass="mdi mdi-file" accessKey="file_access_key" hasAccessKey="false">
<context selection="false" dir="true" recycle="hidden"
actionBar="true" contextMenu="true" infoPanel="false"
- actionBarGroup="change" inZip="false" root="false">
+ actionBarGroup="put" inZip="false" root="false">
</context></gui>
<rightsContext noUser="true" userLogged="only" read="true" write="true" adminOnly=""></rightsContext>
<processing>
@@ -97,7 +97,7 @@
<gui text="269" title="270" src="sql_images/actions/ICON_SIZE/table_edit.png" accessKey="edit_access_key" hasAccessKey="false">
<context selection="false" dir="true" recycle="hidden"
actionBar="true" contextMenu="true" infoPanel="true"
- actionBarGroup="put" inZip="false" root="false">
+ actionBarGroup="change_main" inZip="false" root="false">
</context>
<selectionContext dir="true" file="true" recycle="false" unique="true" allowedMimes="pk" behaviour="hidden"></selectionContext></gui>
<rightsContext noUser="true" userLogged="only" read="true" write="true" adminOnly=""></rightsContext>
@@ -235,10 +235,10 @@
</processing>
</action>
<action name="delete_table">
- <gui text="271" title="272" src="sql_images/actions/ICON_SIZE/table_delete.png" accessKey="delete_access_key" hasAccessKey="false" specialAccessKey="delete">
+ <gui text="271" title="272" src="sql_images/actions/ICON_SIZE/table_delete.png" iconClass="icon-trash" accessKey="delete_access_key" hasAccessKey="false" specialAccessKey="delete">
<context selection="true" dir="true" recycle="false"
actionBar="true" contextMenu="true" infoPanel="false"
- actionBarGroup="put" inZip="false">
+ actionBarGroup="change_main" inZip="false">
</context>
<selectionContext dir="true" file="false" recycle="false" unique="false" allowedMimes="*" behaviour="hidden"></selectionContext></gui>
<rightsContext noUser="true" userLogged="only" read="true" write="true" adminOnly=""></rightsContext>
@@ -198,7 +198,7 @@ Class.create("SQLEditor", {
addTable.select('td[new="false"]')[0].setStyle({width:'40px'});
var addRow = addTable.select('tbody tr')[0];
var addButton = new Element('input', {type:'button', value:'Add', className:'dialogButton'});
- var submitDiv = new Element('div', {className:'dialogButtons'}).insert(addButton);
+ var submitDiv = new Element('div', {className:''}).insert(addButton);
var submitRow = new Element('tr').insert(new Element('td', {colspan:"9"}).insert(submitDiv));
addRow.insert({after:submitRow});
addButton.observe('click', function(e){

0 comments on commit 697cc7e

Please sign in to comment.