Permalink
Browse files

Substitute table name to $TABLE

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@1047 7c3ca157-0c34-0410-bff1-cbf682f78f5c
  • Loading branch information...
1 parent e43156e commit 79d1902812172914e98083e144d7bbe5d3038029 jakubvrana committed Aug 29, 2009
View
@@ -1,7 +1,8 @@
<?php
-page_header(lang('Call') . ": " . h($_GET["call"]), $error);
+$PROCEDURE = $_GET["call"];
+page_header(lang('Call') . ": " . h($PROCEDURE), $error);
-$routine = routine($_GET["call"], (isset($_GET["callf"]) ? "FUNCTION" : "PROCEDURE"));
+$routine = routine($PROCEDURE, (isset($_GET["callf"]) ? "FUNCTION" : "PROCEDURE"));
$in = array();
$out = array();
foreach ($routine["fields"] as $i => $field) {
@@ -27,7 +28,7 @@
}
$call[] = (isset($out[$key]) ? "@" . idf_escape($field["field"]) : $val);
}
- $result = $dbh->multi_query((isset($_GET["callf"]) ? "SELECT" : "CALL") . " " . idf_escape($_GET["call"]) . "(" . implode(", ", $call) . ")");
+ $result = $dbh->multi_query((isset($_GET["callf"]) ? "SELECT" : "CALL") . " " . idf_escape($PROCEDURE) . "(" . implode(", ", $call) . ")");
if (!$result) {
echo "<p class='error'>" . h($dbh->error) . "\n";
} else {
View
@@ -1,21 +1,22 @@
<?php
+$TABLE = $_GET["create"];
$partition_by = array('HASH', 'LINEAR HASH', 'KEY', 'LINEAR KEY', 'RANGE', 'LIST');
-$referencable_primary = referencable_primary($_GET["create"]);
+$referencable_primary = referencable_primary($TABLE);
$foreign_keys = array();
foreach ($referencable_primary as $table_name => $field) {
$foreign_keys[idf_escape($table_name) . "." . idf_escape($field["field"])] = $table_name;
}
-if (strlen($_GET["create"])) {
- $orig_fields = fields($_GET["create"]);
+if (strlen($TABLE)) {
+ $orig_fields = fields($TABLE);
}
if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"] && !$_POST["up"] && !$_POST["down"]) {
$auto_increment_index = " PRIMARY KEY";
// don't overwrite primary key by auto_increment
- if (strlen($_GET["create"]) && strlen($_POST["fields"][$_POST["auto_increment_col"]]["orig"])) {
- foreach (indexes($_GET["create"]) as $index) {
+ if (strlen($TABLE) && strlen($_POST["fields"][$_POST["auto_increment_col"]]["orig"])) {
+ foreach (indexes($TABLE) as $index) {
foreach ($index["columns"] as $column) {
if ($column === $_POST["fields"][$_POST["auto_increment_col"]]["orig"]) {
$auto_increment_index = "";
@@ -33,17 +34,17 @@
foreach ($_POST["fields"] as $key => $field) {
$type_field = (isset($types[$field["type"]]) ? $field : $referencable_primary[$foreign_keys[$field["type"]]]);
if (strlen($field["field"]) && $type_field) {
- $fields[] = "\n" . (strlen($_GET["create"]) ? (strlen($field["orig"]) ? "CHANGE " . idf_escape($field["orig"]) . " " : "ADD ") : " ")
+ $fields[] = "\n" . (strlen($TABLE) ? (strlen($field["orig"]) ? "CHANGE " . idf_escape($field["orig"]) . " " : "ADD ") : " ")
. idf_escape($field["field"]) . process_type($type_field)
. ($field["null"] ? " NULL" : " NOT NULL") // NULL for timestamp
. (!$field["has_default"] || $field["auto_increment"] || ereg('text|blob', $field["type"]) ? "" : " DEFAULT " . ($field["type"] == "timestamp" && eregi("^CURRENT_TIMESTAMP( on update CURRENT_TIMESTAMP)?$", $field["default"]) ? $field["default"] : $dbh->quote($field["default"])))
. ($key == $_POST["auto_increment_col"] ? " AUTO_INCREMENT$auto_increment_index" : "")
. " COMMENT " . $dbh->quote($field["comment"])
- . (strlen($_GET["create"]) ? " $after" : "")
+ . (strlen($TABLE) ? " $after" : "")
;
$after = "AFTER " . idf_escape($field["field"]);
if (!isset($types[$field["type"]])) {
- $fields[] = (strlen($_GET["create"]) ? " ADD" : "") . " FOREIGN KEY (" . idf_escape($field["field"]) . ") REFERENCES " . idf_escape($foreign_keys[$field["type"]]) . " (" . idf_escape($type_field["field"]) . ")";
+ $fields[] = (strlen($TABLE) ? " ADD" : "") . " FOREIGN KEY (" . idf_escape($field["field"]) . ") REFERENCES " . idf_escape($foreign_keys[$field["type"]]) . " (" . idf_escape($type_field["field"]) . ")";
}
} elseif (strlen($field["orig"])) {
$fields[] = "\nDROP " . idf_escape($field["orig"]);
@@ -66,20 +67,20 @@
? " (" . implode(",", $partitions) . "\n)"
: ($_POST["partitions"] ? " PARTITIONS " . intval($_POST["partitions"]) : "")
);
- } elseif ($dbh->server_info >= 5.1 && strlen($_GET["create"])) {
+ } elseif ($dbh->server_info >= 5.1 && strlen($TABLE)) {
$status .= "\nREMOVE PARTITIONING";
}
$location = ME . "table=" . urlencode($_POST["name"]);
- if (strlen($_GET["create"])) {
- query_redirect("ALTER TABLE " . idf_escape($_GET["create"]) . implode(",", $fields) . ",\nRENAME TO " . idf_escape($_POST["name"]) . ",\n$status", $location, lang('Table has been altered.'));
+ if (strlen($TABLE)) {
+ query_redirect("ALTER TABLE " . idf_escape($TABLE) . implode(",", $fields) . ",\nRENAME TO " . idf_escape($_POST["name"]) . ",\n$status", $location, lang('Table has been altered.'));
} else {
$path = preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"]);
setcookie("adminer_engine", $_POST["Engine"], gmmktime(0, 0, 0, gmdate("n") + 1), $path);
query_redirect("CREATE TABLE " . idf_escape($_POST["name"]) . " (" . implode(",", $fields) . "\n) $status", $location, lang('Table has been created.'));
}
}
-page_header((strlen($_GET["create"]) ? lang('Alter table') : lang('Create table')), $error, array("table" => $_GET["create"]), $_GET["create"]);
+page_header((strlen($TABLE) ? lang('Alter table') : lang('Create table')), $error, array("table" => $TABLE), $TABLE);
$engines = array();
$result = $dbh->query("SHOW ENGINES");
@@ -100,9 +101,9 @@
$row["fields"][$row["auto_increment_col"]]["auto_increment"] = true;
}
process_fields($row["fields"]);
-} elseif (strlen($_GET["create"])) {
- $row = table_status($_GET["create"]);
- $row["name"] = $_GET["create"];
+} elseif (strlen($TABLE)) {
+ $row = table_status($TABLE);
+ $row["name"] = $TABLE;
$row["fields"] = array();
foreach ($orig_fields as $field) {
$field["has_default"] = isset($field["default"]);
@@ -112,7 +113,7 @@
$row["fields"][] = $field;
}
if ($dbh->server_info >= 5.1) {
- $from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = " . $dbh->quote(DB) . " AND TABLE_NAME = " . $dbh->quote($_GET["create"]);
+ $from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = " . $dbh->quote(DB) . " AND TABLE_NAME = " . $dbh->quote($TABLE);
$result = $dbh->query("SELECT PARTITION_METHOD, PARTITION_ORDINAL_POSITION, PARTITION_EXPRESSION $from ORDER BY PARTITION_ORDINAL_POSITION DESC LIMIT 1");
list($row["partition_by"], $row["partitions"], $row["partition"]) = $result->fetch_row();
$row["partition_names"] = array();
View
@@ -1,5 +1,6 @@
<?php
+$TABLE = $_GET["download"];
header("Content-Type: application/octet-stream");
-header("Content-Disposition: attachment; filename=" . friendly_url("$_GET[download]-" . implode("_", $_GET["where"])) . "." . friendly_url($_GET["field"]));
-echo $dbh->result($dbh->query("SELECT " . idf_escape($_GET["field"]) . " FROM " . idf_escape($_GET["download"]) . " WHERE " . where($_GET) . " LIMIT 1"));
+header("Content-Disposition: attachment; filename=" . friendly_url("$TABLE-" . implode("_", $_GET["where"])) . "." . friendly_url($_GET["field"]));
+echo $dbh->result($dbh->query("SELECT " . idf_escape($_GET["field"]) . " FROM " . idf_escape($TABLE) . " WHERE " . where($_GET) . " LIMIT 1"));
exit; // don't output footer
View
@@ -1,4 +1,5 @@
<?php
+$TABLE = $_GET["dump"];
function tar_file($filename, $contents) {
$return = pack("a100a8a8a8a12a12", $filename, 644, 0, 0, decoct(strlen($contents)), decoct(time()));
$checksum = 8*32; // space for checksum itself
@@ -25,7 +26,7 @@ function dump_triggers($table, $style) {
}
if ($_POST) {
- $ext = dump_headers((strlen($_GET["dump"]) ? $_GET["dump"] : DB), (!strlen(DB) || count((array) $_POST["tables"] + (array) $_POST["data"]) > 1));
+ $ext = dump_headers((strlen($TABLE) ? $TABLE : DB), (!strlen(DB) || count((array) $_POST["tables"] + (array) $_POST["data"]) > 1));
if ($_POST["format"] == "sql") {
dump("SET NAMES utf8;
SET foreign_key_checks = 0;
@@ -176,14 +177,14 @@ function dump_triggers($table, $style) {
<table cellspacing="0">
<?php
if (strlen(DB)) {
- $checked = (strlen($_GET["dump"]) ? "" : " checked");
+ $checked = (strlen($TABLE) ? "" : " checked");
echo "<thead><tr>";
echo "<th style='text-align: left;'><label><input type='checkbox' id='check-tables'$checked onclick='form_check(this, /^tables\\[/);'>" . lang('Tables') . "</label>";
echo "<th style='text-align: right;'><label>" . lang('Data') . "<input type='checkbox' id='check-data'$checked onclick='form_check(this, /^data\\[/);'></label>";
echo "</thead>\n";
$views = "";
foreach (table_status() as $row) {
- $checked = (strlen($_GET["dump"]) && $row["Name"] != $_GET["dump"] ? '' : " checked");
+ $checked = (strlen($TABLE) && $row["Name"] != $TABLE ? '' : " checked");
$print = "<tr><td><label><input type='checkbox' name='tables[]' value='" . h($row["Name"]) . "'$checked onclick=\"form_uncheck('check-tables');\">" . h($row["Name"]) . "</label>";
if (!$row["Engine"]) {
$views .= "$print\n";
View
@@ -1,7 +1,8 @@
<?php
+$TABLE = $_GET["edit"];
$where = (isset($_GET["select"]) ? (count($_POST["check"]) == 1 ? where_check($_POST["check"][0]) : "") : where($_GET));
$update = (isset($_GET["select"]) ? $_POST["edit"] : $where);
-$fields = fields($_GET["edit"]);
+$fields = fields($TABLE);
foreach ($fields as $name => $field) {
if (!isset($field["privileges"][$update ? "update" : "insert"]) || !strlen($adminer->fieldName($field))) {
unset($fields[$name]);
@@ -10,7 +11,7 @@
if ($_POST && !$error && !isset($_GET["select"])) {
$location = $_SERVER["REQUEST_URI"]; // continue edit or insert
if (!$_POST["insert"]) {
- $location = ME . "select=" . urlencode($_GET["edit"]);
+ $location = ME . "select=" . urlencode($TABLE);
$i = 0; // append &set converted to &where
foreach ((array) $_GET["set"] as $key => $val) {
if ($val == $_POST["fields"][$key]) {
@@ -29,17 +30,17 @@
redirect($location);
}
if ($update) {
- query_redirect("UPDATE " . idf_escape($_GET["edit"]) . " SET" . implode(",", $set) . "\nWHERE $where\nLIMIT 1", $location, lang('Item has been updated.'));
+ query_redirect("UPDATE " . idf_escape($TABLE) . " SET" . implode(",", $set) . "\nWHERE $where\nLIMIT 1", $location, lang('Item has been updated.'));
} else {
- query_redirect("INSERT INTO " . idf_escape($_GET["edit"]) . " SET" . implode(",", $set), $location, lang('Item has been inserted.'));
+ query_redirect("INSERT INTO " . idf_escape($TABLE) . " SET" . implode(",", $set), $location, lang('Item has been inserted.'));
}
}
-$table_name = $adminer->tableName(table_status($_GET["edit"]));
+$table_name = $adminer->tableName(table_status($TABLE));
page_header(
($update ? lang('Edit') : lang('Insert')),
$error,
- array("select" => array($_GET["edit"], $table_name)),
+ array("select" => array($TABLE, $table_name)),
$table_name
);
@@ -55,7 +56,7 @@
}
$row = array();
if ($select) {
- $result = $dbh->query("SELECT " . implode(", ", $select) . " FROM " . idf_escape($_GET["edit"]) . " WHERE $where " . (isset($_GET["select"]) ? "HAVING COUNT(*) = 1" : "LIMIT 1"));
+ $result = $dbh->query("SELECT " . implode(", ", $select) . " FROM " . idf_escape($TABLE) . " WHERE $where " . (isset($_GET["select"]) ? "HAVING COUNT(*) = 1" : "LIMIT 1"));
$row = $result->fetch_assoc();
}
}
View
@@ -1,10 +1,11 @@
<?php
+$EVENT = $_GET["event"];
$intervals = array("YEAR", "QUARTER", "MONTH", "DAY", "HOUR", "MINUTE", "WEEK", "SECOND", "YEAR_MONTH", "DAY_HOUR", "DAY_MINUTE", "DAY_SECOND", "HOUR_MINUTE", "HOUR_SECOND", "MINUTE_SECOND");
$statuses = array("ENABLED" => "ENABLE", "DISABLED" => "DISABLE", "SLAVESIDE_DISABLED" => "DISABLE ON SLAVE");
if ($_POST && !$error) {
if ($_POST["drop"]) {
- query_redirect("DROP EVENT " . idf_escape($_GET["event"]), substr(ME, 0, -1), lang('Event has been dropped.'));
+ query_redirect("DROP EVENT " . idf_escape($EVENT), substr(ME, 0, -1), lang('Event has been dropped.'));
} elseif (in_array($_POST["INTERVAL_FIELD"], $intervals) && isset($statuses[$_POST["STATUS"]])) {
$schedule = "\nON SCHEDULE " . ($_POST["INTERVAL_VALUE"]
? "EVERY " . $dbh->quote($_POST["INTERVAL_VALUE"]) . " $_POST[INTERVAL_FIELD]"
@@ -13,23 +14,23 @@
: "AT " . $dbh->quote($_POST["STARTS"])
) . " ON COMPLETION" . ($_POST["ON_COMPLETION"] ? "" : " NOT") . " PRESERVE"
;
- query_redirect((strlen($_GET["event"])
- ? "ALTER EVENT " . idf_escape($_GET["event"]) . $schedule
- . ($_GET["event"] != $_POST["EVENT_NAME"] ? "\nRENAME TO " . idf_escape($_POST["EVENT_NAME"]) : "")
+ query_redirect((strlen($EVENT)
+ ? "ALTER EVENT " . idf_escape($EVENT) . $schedule
+ . ($EVENT != $_POST["EVENT_NAME"] ? "\nRENAME TO " . idf_escape($_POST["EVENT_NAME"]) : "")
: "CREATE EVENT " . idf_escape($_POST["EVENT_NAME"]) . $schedule
) . "\n" . $statuses[$_POST["STATUS"]] . " COMMENT " . $dbh->quote($_POST["EVENT_COMMENT"])
. " DO\n$_POST[EVENT_DEFINITION]"
- , substr(ME, 0, -1), (strlen($_GET["event"]) ? lang('Event has been altered.') : lang('Event has been created.')));
+ , substr(ME, 0, -1), (strlen($EVENT) ? lang('Event has been altered.') : lang('Event has been created.')));
}
}
-page_header((strlen($_GET["event"]) ? lang('Alter event') . ": " . h($_GET["event"]) : lang('Create event')), $error);
+page_header((strlen($EVENT) ? lang('Alter event') . ": " . h($EVENT) : lang('Create event')), $error);
$row = array();
if ($_POST) {
$row = $_POST;
-} elseif (strlen($_GET["event"])) {
- $result = $dbh->query("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = " . $dbh->quote(DB) . " AND EVENT_NAME = " . $dbh->quote($_GET["event"]));
+} elseif (strlen($EVENT)) {
+ $result = $dbh->query("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = " . $dbh->quote(DB) . " AND EVENT_NAME = " . $dbh->quote($EVENT));
$row = $result->fetch_assoc();
}
?>
@@ -48,5 +49,5 @@
<p>
<input type="hidden" name="token" value="<?php echo $token; ?>">
<input type="submit" value="<?php echo lang('Save'); ?>">
-<?php if (strlen($_GET["event"])) { ?><input type="submit" name="drop" value="<?php echo lang('Drop'); ?>"<?php echo $confirm; ?>><?php } ?>
+<?php if (strlen($EVENT)) { ?><input type="submit" name="drop" value="<?php echo lang('Drop'); ?>"<?php echo $confirm; ?>><?php } ?>
</form>
View
@@ -1,27 +1,28 @@
<?php
+$TABLE = $_GET["foreign"];
if ($_POST && !$error && !$_POST["add"] && !$_POST["change"] && !$_POST["change-js"]) {
if ($_POST["drop"]) {
- query_redirect("ALTER TABLE " . idf_escape($_GET["foreign"]) . "\nDROP FOREIGN KEY " . idf_escape($_GET["name"]), ME . "table=" . urlencode($_GET["foreign"]), lang('Foreign key has been dropped.'));
+ query_redirect("ALTER TABLE " . idf_escape($TABLE) . "\nDROP FOREIGN KEY " . idf_escape($_GET["name"]), ME . "table=" . urlencode($TABLE), lang('Foreign key has been dropped.'));
} else {
$source = array_filter($_POST["source"], 'strlen');
ksort($source); // enforce input order
$target = array();
foreach ($source as $key => $val) {
$target[$key] = $_POST["target"][$key];
}
- query_redirect("ALTER TABLE " . idf_escape($_GET["foreign"])
+ query_redirect("ALTER TABLE " . idf_escape($TABLE)
. (strlen($_GET["name"]) ? "\nDROP FOREIGN KEY " . idf_escape($_GET["name"]) . "," : "")
. "\nADD FOREIGN KEY (" . implode(", ", array_map('idf_escape', $source)) . ") REFERENCES " . idf_escape($_POST["table"]) . " (" . implode(", ", array_map('idf_escape', $target)) . ")"
. (in_array($_POST["on_delete"], $on_actions) ? " ON DELETE $_POST[on_delete]" : "")
. (in_array($_POST["on_update"], $on_actions) ? " ON UPDATE $_POST[on_update]" : "")
- , ME . "table=" . urlencode($_GET["foreign"]), (strlen($_GET["name"]) ? lang('Foreign key has been altered.') : lang('Foreign key has been created.')));
+ , ME . "table=" . urlencode($TABLE), (strlen($_GET["name"]) ? lang('Foreign key has been altered.') : lang('Foreign key has been created.')));
$error = lang('Source and target columns must have the same data type, there must be an index on the target columns and referenced data must exist.') . "<br>$error"; //! no partitioning
}
}
-page_header(lang('Foreign key'), $error, array("table" => $_GET["foreign"]), $_GET["foreign"]);
+page_header(lang('Foreign key'), $error, array("table" => $TABLE), $TABLE);
-$row = array("table" => $_GET["foreign"], "source" => array(""));
+$row = array("table" => $TABLE, "source" => array(""));
if ($_POST) {
$row = $_POST;
ksort($row["source"]);
@@ -31,13 +32,13 @@
$row["target"] = array();
}
} elseif (strlen($_GET["name"])) {
- $foreign_keys = foreign_keys($_GET["foreign"]);
+ $foreign_keys = foreign_keys($TABLE);
$row = $foreign_keys[$_GET["name"]];
$row["source"][] = "";
}
-$source = get_vals("SHOW COLUMNS FROM " . idf_escape($_GET["foreign"])); //! no text and blob
-$target = ($_GET["foreign"] === $row["table"] ? $source : get_vals("SHOW COLUMNS FROM " . idf_escape($row["table"])));
+$source = get_vals("SHOW COLUMNS FROM " . idf_escape($TABLE)); //! no text and blob
+$target = ($TABLE === $row["table"] ? $source : get_vals("SHOW COLUMNS FROM " . idf_escape($row["table"])));
?>
<form action="" method="post">
View
@@ -1,6 +1,7 @@
<?php
+$TABLE = $_GET["indexes"];
$index_types = array("PRIMARY", "UNIQUE", "INDEX", "FULLTEXT");
-$indexes = indexes($_GET["indexes"]);
+$indexes = indexes($TABLE);
if ($_POST && !$error && !$_POST["add"]) {
$alter = array();
foreach ($_POST["indexes"] as $index) {
@@ -34,14 +35,14 @@
$alter[] = "\nDROP INDEX " . idf_escape($name);
}
if (!$alter) {
- redirect(ME . "table=" . urlencode($_GET["indexes"]));
+ redirect(ME . "table=" . urlencode($TABLE));
}
- query_redirect("ALTER TABLE " . idf_escape($_GET["indexes"]) . implode(",", $alter), ME . "table=" . urlencode($_GET["indexes"]), lang('Indexes have been altered.'));
+ query_redirect("ALTER TABLE " . idf_escape($TABLE) . implode(",", $alter), ME . "table=" . urlencode($TABLE), lang('Indexes have been altered.'));
}
-page_header(lang('Indexes'), $error, array("table" => $_GET["indexes"]), $_GET["indexes"]);
+page_header(lang('Indexes'), $error, array("table" => $TABLE), $TABLE);
-$fields = array_keys(fields($_GET["indexes"]));
+$fields = array_keys(fields($TABLE));
$row = array("indexes" => $indexes);
if ($_POST) {
$row = $_POST;
Oops, something went wrong.

0 comments on commit 79d1902

Please sign in to comment.