From 170abe1fc3ede84f1d5e785c5602938e92449071 Mon Sep 17 00:00:00 2001
From: Armel Fauveau <armel.fauveau@globalis-ms.com>
Date: Tue, 31 Jul 2001 21:03:47 +0000
Subject: [PATCH] Bookmark Support now advanced auth

---
 ChangeLog       |   3 ++
 config.inc.php3 |   1 +
 lib.inc.php3    | 132 ++++++++++++++++++++++++++++--------------------
 sql.php3        |  25 +++++----
 4 files changed, 94 insertions(+), 67 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index e7472751c..d206f3424 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ phpMyAdmin - Changelog
 $Id$ 
 $Source$
 
+2001-07-31  Armel Fauveau <armel.fauveau@globalis-ms.com>
+	* bookmark support now advanced auth
+
 2001-07-31  Marc Delisle  <lem9@users.sourceforge.net>
         * tbl_change.php3: extra characters were being inserted into blobs
 	* db_details.php3: bad link, thanks Steve!
diff --git a/config.inc.php3 b/config.inc.php3
index abbbaff41..13a1b7eb2 100755
--- a/config.inc.php3
+++ b/config.inc.php3
@@ -14,6 +14,7 @@
  * CREATE TABLE bookmark (
  *  id int(11) DEFAULT '0' NOT NULL auto_increment,
  *  dbase varchar(255) NOT NULL,
+ *  user varchar(255) NOT NULL,
  *  label varchar(255) NOT NULL,
  *  query text NOT NULL,
  *  PRIMARY KEY (id)
diff --git a/lib.inc.php3 b/lib.inc.php3
index af0ad6b75..ca3b4bcea 100755
--- a/lib.inc.php3
+++ b/lib.inc.php3
@@ -1539,52 +1539,28 @@ var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $GLOBALS['strNotValidNumbe
     /**
      * Defines the bookmark parameters for the current user
      *
-     * @return  array    the bookmark parameters for the current user
-     *
-     * @global  array    the list of servers settings defined in the
-     *                   configuration file
      * @global  array    the list of settings for the current server
      * @global  integer  the id of the current server
+     *
+     * @return  array    the bookmark parameters for the current user
      */
     function get_bookmarks_param()
     {
-        global $cfgServers;
-        global $cfgServer;
+     	global $cfgServer;
         global $server;
+    	
+        $cfgBookmark=false;
+        $cfgBookmark="";
+    
+    	// No server selected -> no bookmark table
 
-        $cfgBookmark = FALSE;
-        $cfgBookmark = '';
-
-        // No server selected -> no bookmark table
         if ($server == 0) {
             return '';
-        }
-    
-        // Defines the hostname, database and table to use for bookmarks 
-        $i = 1;
-        while ($i <= sizeof($cfgServers)) {
-            // Advanced authentification mode
-            if ($cfgServer['adv_auth']) {
-                if (($cfgServers[$i]['host'] == $cfgServer['host'] || $cfgServers[$i]['host'] == '')
-                    && $cfgServers[$i]['adv_auth'] == TRUE && $cfgServers[$i]['stduser'] == $cfgServer['user'] && $cfgServers[$i]['stdpass'] == $cfgServer['password']) {
-                    $cfgBookmark['db']    = $cfgServers[$i]['bookmarkdb'];
-                    $cfgBookmark['table'] = $cfgServers[$i]['bookmarktable'];
-                    break;
-                }
-            } // end advanced authentification
-
-            // No authentification
-            else {
-                if (($cfgServers[$i]['host'] == $cfgServer['host'] || $cfgServers[$i]['host'] == '')
-                    && $cfgServers[$i]['adv_auth'] == FALSE && $cfgServers[$i]['user'] == $cfgServer['user'] && $cfgServers[$i]['password'] == $cfgServer['password']) {
-                    $cfgBookmark['db']    = $cfgServers[$i]['bookmarkdb'];
-                    $cfgBookmark['table'] = $cfgServers[$i]['bookmarktable'];
-                    break;
-                }
-            } // end no authentification
-
-            $i++;
-        } // end while
+    	}
+        
+    	$cfgBookmark['user']=$cfgServer['user'];
+        $cfgBookmark['db']=$cfgServer['bookmarkdb'];
+    	$cfgBookmark['table']=$cfgServer['bookmarktable'];
 
         return $cfgBookmark;
     } // end of the 'get_bookmarks_param()' function
@@ -1595,27 +1571,37 @@ var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $GLOBALS['strNotValidNumbe
      *
      * @param   string   the current database name
      * @param   array    the bookmark parameters for the current user
+     * @global	link     a MySQL link identifier
      *
      * @return  array    the bookmarks list
      */
     function list_bookmarks($db, $cfgBookmark)
     {
-        $query  = 'SELECT label, id FROM '. backquote($cfgBookmark['db']) . '.' . backquote($cfgBookmark['table'])
-                . ' WHERE dbase = \'' . str_replace('\'', '\\\'', $db) . '\'';
-        $result = mysql_query($query);
-
+    	global $dbh;
+    	
+        $query ='SELECT label, id FROM '.backquote($cfgBookmark['db']).'.'.backquote($cfgBookmark['table'])
+               .' WHERE dbase=\'' . str_replace('\'', '\\\'', $db) . '\''.' AND user=\''.backquote($cfgBookmark['user']).'\'';
+                       
+        if(isset($dbh))
+            $result=mysql_query($query,$dbh);
+        else
+            $result=mysql_query($query);
+        
         // There is some bookmarks -> store them
-        if ($result > 0 && mysql_num_rows($result) > 0) {
+        if($result>0 && mysql_num_rows($result)>0)
+        {
             $flag = 1;
-            while ($row = mysql_fetch_row($result)) {
-                $bookmark_list[$flag . ' - ' . $row[0]] = $row[1];
+            while($row = mysql_fetch_row($result))
+            {
+                $bookmark_list["$flag - ".$row[0]] = $row[1];
                 $flag++;
-            } // end while
-            return $bookmark_list;
+            }
+            
+            return	$bookmark_list;
         }
         // No bookmarks for the current database
         else {
-            return FALSE;
+        	return false;
         }
     } // end of the 'list_bookmarks()' function
 
@@ -1626,19 +1612,47 @@ var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $GLOBALS['strNotValidNumbe
      * @param   string   the current database name
      * @param   array    the bookmark parameters for the current user
      * @param   integer  the id of the bookmark to get
+     * @global	link     a MySQL link identifier
      *
      * @return  string   the sql query
      */
     function query_bookmarks($db, $cfgBookmark, $id)
     {
-        $query          = 'SELECT query FROM ' . backquote($cfgBookmark['db']) . '.' . backquote($cfgBookmark['table'])
-                        . ' WHERE dbase = \'' . str_replace('\'', '\\\'', $db) . '\' AND id = ' . $id;
-        $result         = mysql_query($query);
-        $bookmark_query = mysql_result($result, 0, 'query');
+        global $dbh;
+        
+        $query ='SELECT query FROM '.backquote($cfgBookmark['db']).'.'.backquote($cfgBookmark['table'])
+	       .' WHERE dbase=\'' . str_replace('\'', '\\\'', $db) . '\''.' AND id = ' . $id .' AND user=\''.backquote($cfgBookmark['user']).'\'';
 
-        return $bookmark_query;
+        if(isset($dbh))
+	    	$result=mysql_query($query,$dbh);
+	else
+	        $result=mysql_query($query);
+	$bookmark_query=mysql_result($result,0,"query");
+    	return $bookmark_query;
     } // end of the 'query_bookmarks()' function
+    
+    /**
+     * Add a bookmark
+     *
+     * @param   string   the current database name
+     * @param   array    the bookmark parameters for the current user
+     * @param   integer  the id of the bookmark to get
+     * @global	link     a MySQL link identifier
+     *
+     * @return  string   the sql query
+     */
+    function add_bookmarks($fields, $cfgBookmark)
+    {
+     	global $dbh;
+     	
+     	$query ='INSERT INTO '.backquote($cfgBookmark['db']).'.'.backquote($cfgBookmark['table'])
+	       .' (id, dbase, user, query, label) VALUES (\'\',\''.backquote($fields['dbase']).'\',\''.backquote($fields['user']).'\',\''.backquote($fields['query']).'\',\''.backquote($fields['label']).'\')';
 
+       	if(isset($dbh))
+    		$result=mysql_query($query,$dbh);
+    	else
+    		$result=mysql_query($query);
+    } // end of the 'add_bookmarks()' function    
 
     /**
      * Deletes a bookmark
@@ -1646,14 +1660,21 @@ var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $GLOBALS['strNotValidNumbe
      * @param   string   the current database name
      * @param   array    the bookmark parameters for the current user
      * @param   integer  the id of the bookmark to get
+     * @global	link     a MySQL link identifier
      *
      * @return  string   the sql query
      */
     function delete_bookmarks($db, $cfgBookmark, $id)
     {
-        $query  = 'DELETE FROM ' . backquote($cfgBookmark['db']) . '.' . backquote($cfgBookmark['table'])
-                . ' WHERE id = ' . $id;
-        $result = mysql_query($query);
+    	global $dbh;
+    	
+    	$query ='DELETE FROM '.backquote($cfgBookmark['db']).'.'.backquote($cfgBookmark['table'])
+    	       .' WHERE id = ' . $id .' AND user=\''.backquote($cfgBookmark['user']).'\'';
+
+        if(isset($dbh))
+        	$result=mysql_query($query,$dbh);
+        else
+        	$result=mysql_query($query);
     } // end of the 'delete_bookmarks()' function
 
 
@@ -1666,7 +1687,6 @@ var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $GLOBALS['strNotValidNumbe
      */
     $cfgBookmark = get_bookmarks_param();
 
-
 } // $__LIB_INC__
 
 ?>
diff --git a/sql.php3 b/sql.php3
index 4940f122f..e89ebd8bc 100755
--- a/sql.php3
+++ b/sql.php3
@@ -8,6 +8,13 @@
 require('./grab_globals.inc.php3');
 require('./lib.inc.php3');
 
+/**
+ * Bookmark Add
+ */
+if(isset($bookmarkthis)) {
+	add_bookmarks($fields, $cfgBookmark);
+	Header("Location: $goto");
+}
 
 /**
  * Gets the true sql query
@@ -203,12 +210,13 @@ else {
             if ($cfgBookmark['db'] && $cfgBookmark['table'] && empty($id_bookmark)) {
                 echo "\n";
                 echo '<!-- Bookmark the query -->' . "\n";
-                echo '<form method="post" action="tbl_replace.php3">' . "\n";
+                echo '<form method="post" action="sql.php3">' . "\n";
                 if ($display != 'bkmOnly') {
                     echo '    <i>' . $strOr . '</i>' . "\n";
                 }
                 echo '    <br /><br />' . "\n";
                 echo '    ' . $strBookmarkLabel . '&nbsp;:' . "\n";
+               
                 $goto = 'sql.php3'
                       . '?lang=' . $lang
                       . '&server=' . urlencode($server)
@@ -218,17 +226,12 @@ else {
                       . '&sql_query=' . urlencode($full_sql_query)
                       . '&id_bookmark=1';
                 ?>
-    <input type="hidden" name="server" value="<?php echo $server; ?>" />
-    <input type="hidden" name="lang" value="<?php echo $lang; ?>" />
-    <input type="hidden" name="db" value="<?php echo $cfgBookmark['db']; ?>" />
-    <input type="hidden" name="table" value="<?php echo $cfgBookmark['table']; ?>" />
     <input type="hidden" name="goto" value="<?php echo $goto; ?>" />
-    <input type="hidden" name="pos" value="<?php echo isset($pos) ? $pos : 0; ?>" />
-    <input type="hidden" name="funcs[id]" value="NULL" />
-    <input type="hidden" name="fields[dbase]" value="<?php echo $db; ?>" />
-    <input type="hidden" name="fields[query]" value="<?php echo isset($sql_query) ? urlencode($full_sql_query) : ''; ?>" />
-    <input type="text" name="fields[label]" value="" />
-    <input type="hidden" name="sql_query" value="" />
+    <input type="hidden" name="bookmarkthis" value="true" />
+    <input type="hidden" name="fields[dbase]" value="<?php echo $db;?>" />
+    <input type="hidden" name="fields[user]" value="<?php echo $cfgBookmark['user'];?>" />
+    <input type="hidden" name="fields[query]" value="<?php echo isset($sql_query) ? $sql_query : "";?>" />
+    <input type="text"   name="fields[label]" value="">
     <input type="submit" name="store_bkm" value="<?php echo $strBookmarkThis; ?>" />
 </form>
                 <?php