Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Octocat-spinner-32-eaf2f5

Cannot retrieve contributors at this time

file 122 lines (117 sloc) 4.659 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121
<?php
$TABLE = $_GET["edit"];
$where = (isset($_GET["select"]) ? (count($_POST["check"]) == 1 ? where_check($_POST["check"][0]) : "") : where($_GET));
$update = (isset($_GET["select"]) ? $_POST["edit"] : $where);
$fields = fields($TABLE);
foreach ($fields as $name => $field) {
if (!isset($field["privileges"][$update ? "update" : "insert"]) || $adminer->fieldName($field) == "") {
unset($fields[$name]);
}
}
if ($_POST && !$error && !isset($_GET["select"])) {
$location = $_POST["referer"];
if ($_POST["insert"]) { // continue edit or insert
$location = ($update ? null : $_SERVER["REQUEST_URI"]);
} elseif (!ereg('^.+&select=.+$', $location)) {
$location = ME . "select=" . urlencode($TABLE);
}
if (isset($_POST["delete"])) {
query_redirect("DELETE" . limit1("FROM " . table($TABLE), " WHERE $where"), $location, lang('Item has been deleted.'));
} else {
$set = array();
foreach ($fields as $name => $field) {
$val = process_input($field);
if ($val !== false && $val !== null) {
$set[idf_escape($name)] = ($update ? "\n" . idf_escape($name) . " = $val" : $val);
}
}
if ($update) {
if (!$set) {
redirect($location);
}
query_redirect("UPDATE" . limit1(table($TABLE) . " SET" . implode(",", $set), "\nWHERE $where"), $location, lang('Item has been updated.'));
} else {
$result = insert_into($TABLE, $set);
$last_id = ($result ? last_id() : 0);
queries_redirect($location, lang('Item%s has been inserted.', ($last_id ? " $last_id" : "")), $result); //! link
}
}
}

$table_name = $adminer->tableName(table_status($TABLE));
page_header(
($update ? lang('Edit') : lang('Insert')),
$error,
array("select" => array($TABLE, $table_name)),
$table_name //! two calls of h()
);

$row = null;
if ($_POST["save"]) {
$row = (array) $_POST["fields"];
} elseif ($where) {
$select = array();
foreach ($fields as $name => $field) {
if (isset($field["privileges"]["select"])) {
$as = convert_field($field);
if ($_POST["clone"] && $field["auto_increment"]) {
$as = "''";
}
if ($jush == "sql" && ereg("enum|set", $field["type"])) {
$as = "1*" . idf_escape($name);
}
$select[] = ($as ? "$as AS " : "") . idf_escape($name);
}
}
$row = array();
if ($select) {
$rows = get_rows("SELECT" . limit(implode(", ", $select) . " FROM " . table($TABLE), " WHERE $where", (isset($_GET["select"]) ? 2 : 1)));
$row = (isset($_GET["select"]) && count($rows) != 1 ? null : reset($rows));
}
}

if ($row === false) {
echo "<p class='error'>" . lang('No rows.') . "\n";
}
?>

<form action="" method="post" enctype="multipart/form-data" id="form">
<?php
if ($fields) {
echo "<table cellspacing='0' onkeydown='return editingKeydown(event);'>\n";
foreach ($fields as $name => $field) {
echo "<tr><th>" . $adminer->fieldName($field);
$default = $_GET["set"][bracket_escape($name)];
$value = ($row !== null
? ($row[$name] != "" && $jush == "sql" && ereg("enum|set", $field["type"]) ? (is_array($row[$name]) ? array_sum($row[$name]) : +$row[$name]) : $row[$name])
: (!$update && $field["auto_increment"] ? "" : (isset($_GET["select"]) ? false : ($default !== null ? $default : $field["default"])))
);
if (!$_POST["save"] && is_string($value)) {
$value = $adminer->editVal($value, $field);
}
$function = ($_POST["save"] ? (string) $_POST["function"][$name] : ($update && $field["on_update"] == "CURRENT_TIMESTAMP" ? "now" : ($value === false ? null : ($value !== null ? '' : 'NULL'))));
if ($field["type"] == "timestamp" && $value == "CURRENT_TIMESTAMP") {
$value = "";
$function = "now";
}
input($field, $value, $function);
echo "\n";
}
echo "</table>\n";
}
?>
<p>
<?php
if ($fields) {
echo "<input type='submit' value='" . lang('Save') . "'>\n";
if (!isset($_GET["select"])) {
echo "<input type='submit' name='insert' value='" . ($update ? lang('Save and continue edit') : lang('Save and insert next')) . "' title='Ctrl+Shift+Enter'>\n";
}
}
echo ($update ? "<input type='submit' name='delete' value='" . lang('Delete') . "' onclick=\"return confirm('" . lang('Are you sure?') . "');\">\n"
: ($_POST || !$fields ? "" : "<script type='text/javascript'>document.getElementById('form').getElementsByTagName('td')[1].firstChild.focus();</script>\n")
);
if (isset($_GET["select"])) {
hidden_fields(array("check" => (array) $_POST["check"], "clone" => $_POST["clone"], "all" => $_POST["all"]));
}
?>
<input type="hidden" name="referer" value="<?php echo h(isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]); ?>">
<input type="hidden" name="save" value="1">
<input type="hidden" name="token" value="<?php echo $token; ?>">
</form>
Something went wrong with that request. Please try again.