diff --git a/db_search.php b/db_search.php index b51ab8339..c26374336 100644 --- a/db_search.php +++ b/db_search.php @@ -1,34 +1,121 @@ + * searchs the entire database + * + * @todo make use of UNION when searching multiple tables + * @todo display executed query, optional? + * @uses $cfg['UseDbSearch'] + * @uses $GLOBALS['db'] + * @uses $GLOBALS['strAccessDenied'] + * @uses $GLOBALS['strSearchOption1'] + * @uses $GLOBALS['strSearchOption2'] + * @uses $GLOBALS['strSearchOption3'] + * @uses $GLOBALS['strSearchOption4'] + * @uses $GLOBALS['strSearchResultsFor'] + * @uses $GLOBALS['strNumSearchResultsInTable'] + * @uses $GLOBALS['strBrowse'] + * @uses $GLOBALS['strDelete'] + * @uses $GLOBALS['strNumSearchResultsTotal'] + * @uses $GLOBALS['strSearchFormTitle'] + * @uses $GLOBALS['strSearchNeedle'] + * @uses $GLOBALS['strSearchType'] + * @uses $GLOBALS['strSplitWordsWithSpace'] + * @uses $GLOBALS['strSearchInTables'] + * @uses $GLOBALS['strUnselectAll'] + * @uses $GLOBALS['strSelectAll'] + * @uses PMA_DBI_get_tables() + * @uses PMA_sqlAddslashes() + * @uses PMA_getSearchSqls() + * @uses PMA_DBI_fetch_value() + * @uses PMA_linkOrButton() + * @uses PMA_generate_common_url() + * @uses PMA_generate_common_hidden_inputs() + * @uses PMA_showMySQLDocu() + * @uses $_REQUEST['search_str'] + * @uses $_REQUEST['submit_search'] + * @uses $_REQUEST['search_option'] + * @uses $_REQUEST['table_select'] + * @uses $_REQUEST['unselectall'] + * @uses $_REQUEST['selectall'] + * @uses is_string() + * @uses htmlspecialchars() + * @uses array_key_exists() + * @uses is_array() + * @uses array_intersect() + * @uses sprintf() + * @uses in_array() + * @version $Id$ + * @author Thomas Chaumeny */ -require_once('./libraries/common.lib.php'); +/** + * + */ +require_once './libraries/common.lib.php'; /** * Gets some core libraries and send headers */ -require('./libraries/db_common.inc.php'); -// If config variable $cfg['Usedbsearch'] is on FALSE : exit. -if (!$cfg['UseDbSearch']) { - PMA_mysqlDie($strAccessDenied, '', FALSE, $err_url); +require './libraries/db_common.inc.php'; + +/** + * init + */ +// If config variable $GLOBALS['cfg']['Usedbsearch'] is on false : exit. +if (! $GLOBALS['cfg']['UseDbSearch']) { + PMA_mysqlDie($GLOBALS['strAccessDenied'], '', false, $err_url); } // end if $url_query .= '&goto=db_search.php'; $url_params['goto'] = 'db_search.php'; /** - * Get the list of tables from the current database + * @global array list of tables from the current database */ -$tables = PMA_DBI_get_tables($GLOBALS['db']); -$num_tables = count( $tables ); +$tables = PMA_DBI_get_tables($GLOBALS['db']); + +$search_options = array( + '1' => $GLOBALS['strSearchOption1'], + '2' => $GLOBALS['strSearchOption2'], + '3' => $GLOBALS['strSearchOption3'], + '4' => $GLOBALS['strSearchOption4'], +); + +if (empty($_REQUEST['search_str']) || ! is_string($_REQUEST['search_str'])) { + unset($_REQUEST['submit_search']); + $searched = ''; +} else { + $searched = htmlspecialchars($_REQUEST['search_str']); + $search_str = PMA_sqlAddslashes($_REQUEST['search_str'], true); +} + +if (empty($_REQUEST['search_option']) || ! is_string($_REQUEST['search_option']) + || ! array_key_exists($_REQUEST['search_option'], $search_options)) { + $search_option = 1; + unset($_REQUEST['submit_search']); +} else { + $search_option = (int) $_REQUEST['search_option']; + $option_str = $search_options[$_REQUEST['search_option']]; +} + +$tables_selected = array(); +if (empty($_REQUEST['table_select']) || ! is_array($_REQUEST['table_select'])) { + unset($_REQUEST['submit_search']); +} elseif (! isset($_REQUEST['selectall']) && ! isset($_REQUEST['unselectall'])) { + $tables_selected = array_intersect($_REQUEST['table_select'], $tables); +} + +if (isset($_REQUEST['selectall'])) { + $tables_selected = $tables; +} elseif (isset($_REQUEST['unselectall'])) { + $tables_selected = array(); +} /** * Displays top links */ $sub_part = ''; -require('./libraries/db_links.inc.php'); +require './libraries/db_links.inc.php'; /** @@ -39,6 +126,16 @@ if (isset($_REQUEST['submit_search'])) { /** * Builds the SQL search query * + * @todo can we make use of fulltextsearch IN BOOLEAN MODE for this? + * @uses PMA_DBI_query + * PMA_MYSQL_INT_VERSION + * PMA_backquote + * PMA_DBI_free_result + * PMA_DBI_fetch_assoc + * $GLOBALS['db'] + * explode + * count + * strlen * @param string the table name * @param string the string to search * @param integer type of search (1 -> 1 word at least, 2 -> all words, @@ -47,6 +144,7 @@ if (isset($_REQUEST['submit_search'])) { * @return array 3 SQL querys (for count, display and delete results) * * @global string the url to return to in case of errors + * @global string charset connection */ function PMA_getSearchSqls($table, $search_str, $search_option) { @@ -67,58 +165,58 @@ if (isset($_REQUEST['submit_search'])) { } // while PMA_DBI_free_result($res); unset($current, $res); - $tblfields_cnt = count($tblfields); // Table to use $sqlstr_from = ' FROM ' . PMA_backquote($GLOBALS['db']) . '.' . PMA_backquote($table); - // Beginning of WHERE clause - $sqlstr_where = ' WHERE'; - $search_words = (($search_option > 2) ? array($search_str) : explode(' ', $search_str)); $search_wds_cnt = count($search_words); $like_or_regex = (($search_option == 4) ? 'REGEXP' : 'LIKE'); $automatic_wildcard = (($search_option <3) ? '%' : ''); - for ($i = 0; $i < $search_wds_cnt; $i++) { + $fieldslikevalues = array(); + foreach ($search_words as $search_word) { // Eliminates empty values // In MySQL 4.1, if a field has no collation we get NULL in Charset // but in MySQL 5.0.x we get '' - if (!empty($search_words[$i])) { - for ($j = 0; $j < $tblfields_cnt; $j++) { - if (PMA_MYSQL_INT_VERSION >= 40100 && $tblfields[$j]['Charset'] != $charset_connection && $tblfields[$j]['Charset'] != 'NULL' && $tblfields[$j]['Charset'] != '') { - $prefix = 'CONVERT(_utf8 '; - $suffix = ' USING ' . $tblfields[$j]['Charset'] . ') COLLATE ' . $tblfields[$j]['Collation']; - } else { - $prefix = $suffix = ''; - } - $thefieldlikevalue[] = $tblfields[$j]['Field'] - . ' ' . $like_or_regex . ' ' - . $prefix - . '\'' - . $automatic_wildcard - . $search_words[$i] - . $automatic_wildcard . '\'' - . $suffix; - } // end for + if (strlen($search_words) === 0) { + continue; + } - $fieldslikevalues[] = ($search_wds_cnt > 1) - ? '(' . implode(' OR ', $thefieldlikevalue) . ')' - : implode(' OR ', $thefieldlikevalue); - unset($thefieldlikevalue); - } // end if + $thefieldlikevalue = array(); + foreach ($tblfields as $tblfield) { + if (PMA_MYSQL_INT_VERSION >= 40100 + && $tblfield['Charset'] != $charset_connection + && $tblfield['Charset'] != 'NULL' + && $tblfield['Charset'] != '') { + $prefix = 'CONVERT(_utf8 '; + $suffix = ' USING ' . $tblfield['Charset'] . ') COLLATE ' . $tblfield['Collation']; + } else { + $prefix = $suffix = ''; + } + $thefieldlikevalue[] = $tblfield['Field'] + . ' ' . $like_or_regex . ' ' + . $prefix + . "'" + . $automatic_wildcard + . $search_word + . $automatic_wildcard . "'" + . $suffix; + } // end for + + $fieldslikevalues[] = implode(' OR ', $thefieldlikevalue); } // end for $implode_str = ($search_option == 1 ? ' OR ' : ' AND '); - $sqlstr_where .= ' ' . implode($implode_str, $fieldslikevalues); + $sqlstr_where = ' WHERE (' . implode(') ' . $implode_str . ' (', $fieldslikevalues) . ')'; unset($fieldslikevalues); // Builds complete queries $sql['select_fields'] = $sqlstr_select . ' * ' . $sqlstr_from . $sqlstr_where; // here, I think we need to still use the COUNT clause, even for // VIEWs, anyway we have a WHERE clause that should limit results - $sql['select_count'] = $sqlstr_select . ' COUNT(*) AS count' . $sqlstr_from . $sqlstr_where; + $sql['select_count'] = $sqlstr_select . ' COUNT(*) AS `count`' . $sqlstr_from . $sqlstr_where; $sql['delete'] = $sqlstr_delete . $sqlstr_from . $sqlstr_where; return $sql; @@ -128,147 +226,112 @@ if (isset($_REQUEST['submit_search'])) { /** * Displays the results */ - if (!empty($_REQUEST['search_str']) && !empty($_REQUEST['search_option'])) { + $this_url_params = array( + 'db' => $GLOBALS['db'], + 'goto' => 'db_sql.php', + 'pos' => 0, + 'is_js_confirmed' => 0, + ); - $original_search_str = $_REQUEST['search_str']; - $search_str = PMA_sqlAddslashes($_REQUEST['search_str'], TRUE); + // Displays search string + echo '
' . "\n" + .'' . "\n" + .'' . "\n"; - // Get the true string to display as option's comment - switch ($_REQUEST['search_option']) { - case 1: - $option_str = ' (' . $strSearchOption1 . ')'; - $search_option = 1; - break; - case 2: - $option_str = ' (' . $strSearchOption2 . ')'; - $search_option = 2; - break; - case 3: - $option_str = ' (' . $strSearchOption3 . ')'; - $search_option = 3; - break; - case 4: - $option_str = ' (' . $strSearchOption4 . ')'; - $search_option = 4; - break; - } // end switch + $num_search_result_total = 0; + $odd_row = true; - $this_url_params = array( - 'db' => $GLOBALS['db'], - 'goto' => 'db_sql.php', - 'pos' => 0, - 'is_js_confirmed' => 0, - ); + foreach ($tables_selected as $each_table) { + // Gets the SQL statements + $newsearchsqls = PMA_getSearchSqls($each_table, + $search_str, $search_option); - // Displays search string - echo '
' . "\n" - .'
' . "\n" + .sprintf($GLOBALS['strSearchResultsFor'], + $searched, $option_str) . "\n" + .'
' . "\n" - .'' . "\n"; + // Executes the "COUNT" statement + $res_cnt = PMA_DBI_fetch_value($newsearchsqls['select_count']); + $num_search_result_total += $res_cnt; - $num_search_result_total = 0; - $odd_row = true; + $sql_query .= $newsearchsqls['select_count']; - foreach ( $_REQUEST['table_select'] as $each_table ) { - // Gets the SQL statements - $newsearchsqls = PMA_getSearchSqls($each_table, - $search_str, $search_option); + echo '' + .'\n"; - // Executes the "COUNT" statement - $res_cnt = PMA_DBI_fetch_value($newsearchsqls['select_count']); - $num_search_result_total += $res_cnt; + if ($res_cnt > 0) { + $this_url_params['sql_query'] = $newsearchsqls['select_fields']; + echo '\n"; - echo '' - .'\n"; + $this_url_params['sql_query'] = $newsearchsqls['delete']; + echo '\n"; - if ($res_cnt > 0) { - $this_url_params['sql_query'] = $newsearchsqls['select_fields']; - echo '\n"; + } else { + echo '' . "\n" + .'' . "\n"; + }// end if else + $odd_row = ! $odd_row; + echo '' . "\n"; + } // end for - $this_url_params['sql_query'] = $newsearchsqls['delete']; - echo '\n"; - - } else { - echo '' . "\n" - .'' . "\n"; - }// end if else - $odd_row = ! $odd_row; - echo '' . "\n"; - } // end for - - echo '
' . "\n" - .sprintf($strSearchResultsFor, - htmlspecialchars($original_search_str), $option_str) . "\n" - .'
' . sprintf($GLOBALS['strNumSearchResultsInTable'], $res_cnt, + htmlspecialchars($each_table)) . "' . PMA_linkOrButton( + 'sql.php' . PMA_generate_common_url($this_url_params), + $GLOBALS['strBrowse'], '') . "
' . sprintf($strNumSearchResultsInTable, $res_cnt, - htmlspecialchars($each_table)) . "' . PMA_linkOrButton( + 'sql.php' . PMA_generate_common_url($this_url_params), + $GLOBALS['strDelete'], $newsearchsqls['delete']) . "' . PMA_linkOrButton( - 'sql.php' . PMA_generate_common_url($this_url_params), - $strBrowse, '') . "  
' . PMA_linkOrButton( - 'sql.php' . PMA_generate_common_url($this_url_params), - $strDelete, $newsearchsqls['delete']) . "  
' . "\n"; - - if ( count($_REQUEST['table_select']) > 1 ) { - echo '

' . sprintf($strNumSearchResultsTotal, - $num_search_result_total) . '

' . "\n"; - } - } // end if (!empty($search_str) && !empty($search_option)) + echo '' . "\n"; + if (count($tables_selected) > 1) { + echo '

' . sprintf($GLOBALS['strNumSearchResultsTotal'], + $num_search_result_total) . '

' . "\n"; + } } // end 1. /** * 2. Displays the main search form */ -echo "\n"; -$searched = (isset($original_search_str)) - ? htmlspecialchars($original_search_str) - : ''; -if (empty($search_option)) { - $search_option = 1; -} ?>
- + - + + + 1 + +
- /> 1
+ 1
/> 1
+ 1
/>
+
/> + +

- 1
- ' . "\n"; -foreach ( $tables as $each_table ) { - if ( isset($_REQUEST['unselectall'])) { - $is_selected = ''; - } elseif ( ! isset($_REQUEST['table_select']) - || in_array($each_table, $_REQUEST['table_select']) - || isset($_REQUEST['selectall']) ) { +echo ' ' . "\n"; -$strDoSelectAll = '' . $strSelectAll . '' - . ' / ' - . '' . $strUnselectAll . ''; +$alter_select = + '' . $GLOBALS['strSelectAll'] . '' + . ' / ' + . '' . $GLOBALS['strUnselectAll'] . ''; ?>
-
-
-