nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

improved js validation tests (and reduced server charge)

Browse Source
This commit is contained in:
Loïc Chapeaux
2001-08-07 17:54:48 +00:00
parent ca2e2f534e
commit a681a9b6ce
3 changed files with 111 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
db_details.php3
View File

@@ -296,6 +296,13 @@ if (isset($show_query)) {
}
?>
<!-- DATABASE WORK -->
<script type="text/javascript" language="javascript">
<!--
var errorMsg0 = '<?php echo(str_replace('\'', '\\\'', $strFormEmpty)); ?>';
var errorMsg1 = '<?php echo(str_replace('\'', '\\\'', $strNotNumber)); ?>';
var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $strNotValidNumber)); ?>';
//-->
</script>
<script src="functions.js" type="text/javascript" language="javascript"></script>
<ul>
@@ -312,7 +319,8 @@ if ($num_tables > 0) {
<!-- Query box, sql file loader and bookmark support -->
<li>
<form method="post" action="db_readdump.php3" enctype="multipart/form-data">
<form method="post" action="db_readdump.php3" enctype="multipart/form-data"
onsubmit="return emptySqlQuery(this)">
<input type="hidden" name="server" value="<?php echo $server; ?>" />
<input type="hidden" name="lang" value="<?php echo $lang; ?>" />
<input type="hidden" name="pos" value="0" />
@@ -481,7 +489,8 @@ if ($num_tables > 0) {
<!-- Create a new table -->
<li>
<form method="post" action="tbl_create.php3">
<form method="post" action="tbl_create.php3"
onsubmit="return (emptyFormElements(this, 'table') && checkFormElementInRange(this, 'num_fields', 1, 1000))">
<input type="hidden" name="server" value="<?php echo $server; ?>" />
<input type="hidden" name="lang" value="<?php echo $lang; ?>" />
<input type="hidden" name="db" value="<?php echo $db; ?>" />

84
functions.js
View File

@@ -1,13 +1,93 @@
/* $Id$ */
/**
* Displays an error message if the user submitted the sql query form with no
* sql query
*
* @param object the form
*
* @return boolean always false
*/
function emptySqlQuery(theForm)
{
var sqlQuery1 = theForm.elements['sql_query'];
var isRegExp = (typeof(sqlQuery1.value.replace) != 'undefined');
// The replace function (js1.2) isn't supported -> basic tests
if (!isRegExp) {
var isEmpty = (sqlQuery1.value == '') ? 1 : 0;
if (isEmpty && typeof(theForm.elements['sql_file']) != 'undefined') {
isEmpty = (theForm.elements['sql_file'].value == '') ? 1 : 0;
}
if (isEmpty && typeof(theForm.elements['id_bookmark']) != 'undefined') {
isEmpty = (theForm.elements['id_bookmark'].value == '') ? 1 : 0;
}
}
// js1.2+ -> validation with regular expressions
else {
var isEmpty = (sqlQuery1.value.replace(/\s/g, '') == '') ? 1 : 0;
if (isEmpty && typeof(theForm.elements['sql_file']) != 'undefined') {
isEmpty = (theForm.elements['sql_file'].value.replace(/\s/g, '') == '') ? 1 : 0;
}
if (isEmpty && typeof(theForm.elements['id_bookmark']) != 'undefined') {
isEmpty = (theForm.elements['id_bookmark'].value == '') ? 1 : 0;
}
if (isEmpty) {
theForm.reset();
}
}
if (isEmpty) {
sqlQuery1.select();
alert(errorMsg0);
sqlQuery1.focus();
return false;
}
return true;
} // end of the 'emptySqlQuery()' function
/**
* Displays an error message if an element of a form hasn't been completed and
* should be
*
* @param object the form
* @param string the name of the form field to put the focus on
*
* @return boolean whether the form field is empty or not
*/
function emptyFormElements(theForm, theFieldName)
{
var theField = theForm.elements[theFieldName];
// Whether the replace function (js1.2) is supported or not
var isRegExp = (typeof(theField.value.replace) != 'undefined');
if (!isRegExp) {
var isEmpty = (theField.value == '') ? 1 : 0;
} else {
var isEmpty = (theField.value.replace(/\s/g, '') == '') ? 1 : 0;
}
if (isEmpty) {
theForm.reset();
theField.select();
alert(errorMsg0);
theField.focus();
return false;
}
return true;
} // end of the 'emptyFormElements()' function
/**
* Ensures a value submitted in a form is numeric and is in a range
*
* @param object the form
* @param string the name of the form field to check
* @param integer the minimum authorized value + 1
* @param integer the maximum authorized value + 1
* @param integer the minimum authorized value
* @param integer the maximum authorized value
*
* @return boolean whether a valid number has been submitted or not
*/

26
tbl_properties.php3
View File

@@ -469,6 +469,13 @@ echo "\n";
*/
?>
<!-- TABLE WORK -->
<script type="text/javascript" language="javascript">
<!--
var errorMsg0 = '<?php echo(str_replace('\'', '\\\'', $strFormEmpty)); ?>';
var errorMsg1 = '<?php echo(str_replace('\'', '\\\'', $strNotNumber)); ?>';
var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $strNotValidNumber)); ?>';
//-->
</script>
<script src="functions.js" type="text/javascript" language="javascript"></script>
<ul>
@@ -480,7 +487,8 @@ echo "\n";
<!-- Query box and bookmark support -->
<li>
<form method="post" action="db_readdump.php3">
<form method="post" action="db_readdump.php3"
onsubmit="return emptySqlQuery(this)">
<input type="hidden" name="server" value="<?php echo $server; ?>" />
<input type="hidden" name="lang" value="<?php echo $lang; ?>" />
<input type="hidden" name="pos" value="0" />
@@ -534,7 +542,8 @@ if ($cfgBookmark['db'] && $cfgBookmark['table']) {
<!-- Add some new fields -->
<li>
<form method="post" action="tbl_addfield.php3">
<form method="post" action="tbl_addfield.php3"
onsubmit="return checkFormElementInRange(this, 'num_fields', 1, 99)">
<input type="hidden" name="server" value="<?php echo $server; ?>" />
<input type="hidden" name="lang" value="<?php echo $lang; ?>" />
<input type="hidden" name="db" value="<?php echo $db; ?>" />
@@ -634,10 +643,8 @@ echo "\n";
<?php
// gzip and bzip2 encode features
if (PMA_INT_VERSION >= 40004) {
$is_gzip = (isset($cfgGZipDump)
&& $cfgGZipDump && @function_exists('gzencode'));
$is_bzip = (isset($cfgBZipDump)
&& $cfgBZipDump && @function_exists('bzcompress'));
$is_gzip = (isset($cfgGZipDump) && $cfgGZipDump && @function_exists('gzencode'));
$is_bzip = (isset($cfgBZipDump) && $cfgBZipDump && @function_exists('bzcompress'));
if ($is_gzip || $is_bzip) {
echo "\n" . ' (' . "\n";
if ($is_gzip) {
@@ -681,7 +688,8 @@ echo "\n";
<table border="0" cellspacing="0" cellpadding="0" style="vertical-align: top">
<tr>
<td valign="top">
<form method="post" action="tbl_rename.php3">
<form method="post" action="tbl_rename.php3"
onsubmit="return emptyFormElements(this, 'new_name')">
<input type="hidden" name="server" value="<?php echo $server; ?>" />
<input type="hidden" name="lang" value="<?php echo $lang; ?>" />
<input type="hidden" name="db" value="<?php echo $db; ?>" />
@@ -708,7 +716,8 @@ echo "\n";
</td>
<td width="25">&nbsp;</td>
<td valign="top">
<form method="post" action="tbl_copy.php3">
<form method="post" action="tbl_copy.php3"
onsubmit="return emptyFormElements(this, 'new_name')">
<input type="hidden" name="server" value="<?php echo $server; ?>" />
<input type="hidden" name="lang" value="<?php echo $lang; ?>" />
<input type="hidden" name="db" value="<?php echo $db; ?>" />
@@ -902,6 +911,7 @@ else { // MySQL < 3.23
} // end MySQL < 3.23
?>
<!-- Deletes the table -->
<li>
<a href="sql.php3?<?php echo $url_query; ?>&goto=db_details.php3&reload=true&sql_query=<?php echo urlencode('DROP TABLE ' . backquote($table)); ?>&zero_rows=<?php echo urlencode($strTable . ' ' . htmlspecialchars($table) . ' ' . $strHasBeenDropped); ?>">
<?php echo $strDrop . ' ' . htmlspecialchars($table); ?></a>