nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

documentation;

Browse Source 
minor tweaks;
PMA_getMIME(), PMA_setMIME() now checks itself for $cfgRelation;
This commit is contained in:
Sebastian Mendel
2007-03-26 12:48:11 +00:00
parent b2ded6b4dd
commit dadcb42f7e
1 changed files with 194 additions and 141 deletions
Download Patch File Download Diff File Expand all files Collapse all files

309
libraries/transformations.lib.php
View File

@@ -7,66 +7,105 @@
*/
/**
* returns array of options from string with options separated by comma, removes quotes
*
* <code>
* PMA_transformation_getOptions("'option ,, quoted',abd,'2,3',");
* // array {
* // 'option ,, quoted',
* // 'abc',
* // '2,3',
* // '',
* // }
* </code>
*
* @uses preg_split()
* @uses array_shift()
* @uses trim()
* @uses rtrim()
* @uses ltrim()
* @uses strlen()
* @uses substr()
* @uses stripslashes()
* @param string $option_string comma separated options
* @return array options
*/
function PMA_transformation_getOptions($string) {
$transform_options = array();
/* Parse options */
for ($nextToken = strtok($string, ','); $nextToken !== false; $nextToken = strtok(',')) {
$trimmed = trim($nextToken);
if ($trimmed{0} == '\'' && $trimmed{strlen($trimmed) - 1} == '\'') {
$transform_options[] = substr($trimmed, 1, -1);
} else {
if ($trimmed{0} == '\'') {
$trimmed= ltrim($nextToken);
while ($nextToken !== false) {
$nextToken = strtok(',');
$trimmed .= $nextToken;
$rtrimmed = rtrim($trimmed);
if ($rtrimmed{strlen($rtrimmed) - 1} == '\'') break;
}
$transform_options[] = substr($rtrimmed, 1, -1);
} else {
$transform_options[] = $nextToken;
}
}
}
// strip possible slashes to behave like documentation says
function PMA_transformation_getOptions($option_string)
{
$result = array();
foreach ($transform_options as $val) {
$result[] = stripslashes($val);
if (! $transform_options = preg_split('/,/', $option_string)) {
return $result;
}
while (($option = array_shift($transform_options)) !== null) {
$trimmed = trim($option);
if (strlen($trimmed) > 1
&& $trimmed[0] == "'"
&& $trimmed[strlen($trimmed) - 1] == "'") {
// '...'
$option = substr($trimmed, 1, -1);
} elseif (isset($trimmed[0]) && $trimmed[0] == "'") {
// '...,
$trimmed = ltrim($option);
while (($option = array_shift($transform_options)) !== null) {
// ...,
$trimmed .= ',' . $option;
$rtrimmed = rtrim($trimmed);
if ($rtrimmed[strlen($rtrimmed) - 1] == "'") {
// ,...'
break;
}
}
$option = substr($rtrimmed, 1, -1);
}
$result[] = stripslashes($option);
}
return $result;
}
/**
* Gets all available MIME-types
*
* @return array array[mimetype], array[transformation]
*
* @access public
*
* @author Garvin Hicking <me@supergarv.de>
* @uses opendir()
* @uses readdir()
* @uses closedir()
* @uses sort()
* @uses preg_match()
* @uses explode()
* @uses str_replace()
* @staticvar array mimetypes
* @return array array[mimetype], array[transformation]
*/
function PMA_getAvailableMIMEtypes() {
$handle = opendir('./libraries/transformations');
function PMA_getAvailableMIMEtypes()
{
static $stack = null;
if (null !== $stack) {
return $stack;
}
$stack = array();
$filestack = array();
while (($file = readdir($handle)) != false) {
$filestack[$file] = $file;
$handle = opendir('./libraries/transformations');
if (! $handle) {
return $stack;
}
while ($file = readdir($handle)) {
$filestack[] = $file;
}
closedir($handle);
sort($filestack);
if (is_array($filestack)) {
@ksort($filestack);
foreach ($filestack AS $key => $file) {
if (preg_match('|^.*__.*\.inc\.php$|', trim($file))) {
foreach ($filestack as $file) {
if (preg_match('|^.*__.*\.inc\.php$|', $file)) {
// File contains transformation functions.
$base = explode('__', str_replace('.inc.php', '', $file));
$mimetype = str_replace('_', '/', $base[0]);
@@ -75,7 +114,7 @@ function PMA_getAvailableMIMEtypes() {
$stack['transformation'][] = $mimetype . ': ' . $base[1];
$stack['transformation_file'][] = $file;
} elseif (preg_match('|^.*\.inc\.php$|', trim($file))) {
} elseif (preg_match('|^.*\.inc\.php$|', $file)) {
// File is a plain mimetype, no functions.
$base = str_replace('.inc.php', '', $file);
@@ -85,8 +124,6 @@ function PMA_getAvailableMIMEtypes() {
$stack['empty_mimetype'][$mimetype] = $mimetype;
}
}
}
}
return $stack;
@@ -95,90 +132,103 @@ function PMA_getAvailableMIMEtypes() {
/**
* Gets the mimetypes for all rows of a table
*
* @param string the name of the db to check for
* @param string the name of the table to check for
* @param string whether to include only results having a mimetype set
*
* @return array [field_name][field_key] = field_value
*
* @global array the list of relations settings
*
* @uses $GLOBALS['controllink']
* @uses PMA_getRelationsParam()
* @uses PMA_backquote()
* @uses PMA_sqlAddslashes()
* @uses PMA_DBI_fetch_result()
* @author Mike Beck <mikebeck@users.sourceforge.net>
* @author Garvin Hicking <me@supergarv.de>
* @access public
*
* @author Mike Beck <mikebeck@users.sourceforge.net> / Garvin Hicking <me@supergarv.de>
* @param string $db the name of the db to check for
* @param string $table the name of the table to check for
* @param string $strict whether to include only results having a mimetype set
* @return array [field_name][field_key] = field_value
*/
function PMA_getMIME($db, $table, $strict = false) {
global $cfgRelation;
function PMA_getMIME($db, $table, $strict = false)
{
$cfgRelation = PMA_getRelationsParam();
$com_qry = 'SELECT column_name, mimetype, transformation, transformation_options FROM ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($cfgRelation['column_info'])
. ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
. ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\''
. ' AND (mimetype != \'\'' . (!$strict ? ' OR transformation != \'\' OR transformation_options != \'\'' : '') . ')';
$com_rs = PMA_query_as_cu($com_qry);
while ($row = @PMA_DBI_fetch_assoc($com_rs)) {
$col = $row['column_name'];
$mime[$col]['mimetype'] = $row['mimetype'];
$mime[$col]['transformation'] = $row['transformation'];
$mime[$col]['transformation_options'] = $row['transformation_options'];
} // end while
PMA_DBI_free_result($com_rs);
unset($com_rs);
if (isset($mime) && is_array($mime)) {
return $mime;
} else {
return FALSE;
if (! $cfgRelation['commwork']) {
return false;
}
} // end of the 'PMA_getMIME()' function
$com_qry = '
SELECT `column_name`,
`mimetype`,
`transformation`,
`transformation_options`
FROM ' . PMA_backquote($cfgRelation['db']) . '.' . PMA_backquote($cfgRelation['column_info']) . '
WHERE `db_name` = \'' . PMA_sqlAddslashes($db) . '\'
AND `table_name` = \'' . PMA_sqlAddslashes($table) . '\'
AND ( `mimetype` != \'\'' . (!$strict ? '
OR `transformation` != \'\'
OR `transformation_options` != \'\'' : '') . ')';
return PMA_DBI_fetch_result($com_qry, 'column_name', null, $GLOBALS['controllink']);
} // end of the 'PMA_getMIME()' function
/**
* Set a single mimetype to a certain value.
*
* @param string the name of the db
* @param string the name of the table
* @param string the name of the column
* @param string the mimetype of the column
* @param string the transformation of the column
* @param string the transformation options of the column
* @param string (optional) force delete, will erase any existing comments for this column
*
* @return boolean true, if comment-query was made.
*
* @global array the list of relations settings
*
* @access public
*/
function PMA_setMIME($db, $table, $key, $mimetype, $transformation, $transformation_options, $forcedelete = false) {
global $cfgRelation;
* Set a single mimetype to a certain value.
*
* @uses PMA_DBI_QUERY_STORE
* @uses PMA_getRelationsParam()
* @uses PMA_backquote()
* @uses PMA_sqlAddslashes()
* @uses PMA_query_as_cu()
* @uses PMA_DBI_num_rows()
* @uses PMA_DBI_fetch_assoc()
* @uses PMA_DBI_free_result()
* @uses strlen()
* @access public
* @param string $db the name of the db
* @param string $table the name of the table
* @param string $key the name of the column
* @param string $mimetype the mimetype of the column
* @param string $transformation the transformation of the column
* @param string $transformation_options the transformation options of the column
* @param string $forcedelete force delete, will erase any existing comments for this column
* @return boolean true, if comment-query was made.
*/
function PMA_setMIME($db, $table, $key, $mimetype, $transformation,
$transformation_options, $forcedelete = false)
{
$cfgRelation = PMA_getRelationsParam();
$test_qry = 'SELECT mimetype, ' . PMA_backquote('comment') . ' FROM ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($cfgRelation['column_info'])
. ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
. ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\''
. ' AND column_name = \'' . PMA_sqlAddslashes($key) . '\'';
$test_rs = PMA_query_as_cu($test_qry, TRUE, PMA_DBI_QUERY_STORE);
if (! $cfgRelation['commwork']) {
return false;
}
$test_qry = '
SELECT `mimetype`,
`comment`
FROM ' . PMA_backquote($cfgRelation['db']) . '.' . PMA_backquote($cfgRelation['column_info']) . '
WHERE `db_name` = \'' . PMA_sqlAddslashes($db) . '\'
AND `table_name` = \'' . PMA_sqlAddslashes($table) . '\'
AND `column_name` = \'' . PMA_sqlAddslashes($key) . '\'';
$test_rs = PMA_query_as_cu($test_qry, true, PMA_DBI_QUERY_STORE);
if ($test_rs && PMA_DBI_num_rows($test_rs) > 0) {
$row = @PMA_DBI_fetch_assoc($test_rs);
PMA_DBI_free_result($test_rs);
unset($test_rs);
if (!$forcedelete && (strlen($mimetype) > 0 || strlen($transformation) > 0 || strlen($transformation_options) > 0 || strlen($row['comment']) > 0)) {
$upd_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($cfgRelation['column_info'])
. ' SET mimetype = \'' . PMA_sqlAddslashes($mimetype) . '\','
. ' transformation = \'' . PMA_sqlAddslashes($transformation) . '\','
. ' transformation_options = \'' . PMA_sqlAddslashes($transformation_options) . '\''
. ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
. ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\''
. ' AND column_name = \'' . PMA_sqlAddslashes($key) . '\'';
if (! $forcedelete
&& (strlen($mimetype) || strlen($transformation)
|| strlen($transformation_options) || strlen($row['comment']))) {
$upd_query = '
UPDATE ' . PMA_backquote($cfgRelation['db']) . '.' . PMA_backquote($cfgRelation['column_info']) . '
SET `mimetype` = \'' . PMA_sqlAddslashes($mimetype) . '\',
`transformation` = \'' . PMA_sqlAddslashes($transformation) . '\',
`transformation_options` = \'' . PMA_sqlAddslashes($transformation_options) . '\'';
} else {
$upd_query = 'DELETE FROM ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($cfgRelation['column_info'])
. ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
. ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\''
. ' AND column_name = \'' . PMA_sqlAddslashes($key) . '\'';
$upd_query = 'DELETE FROM ' . PMA_backquote($cfgRelation['db']) . '.' . PMA_backquote($cfgRelation['column_info']);
}
} elseif (strlen($mimetype) > 0 || strlen($transformation) > 0 || strlen($transformation_options) > 0) {
$upd_query = 'INSERT INTO ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($cfgRelation['column_info'])
$upd_query .= '
WHERE `db_name` = \'' . PMA_sqlAddslashes($db) . '\'
AND `table_name` = \'' . PMA_sqlAddslashes($table) . '\'
AND `column_name` = \'' . PMA_sqlAddslashes($key) . '\'';
} elseif (strlen($mimetype) || strlen($transformation)
|| strlen($transformation_options)) {
$upd_query = 'INSERT INTO ' . PMA_backquote($cfgRelation['db']) . '.' . PMA_backquote($cfgRelation['column_info'])
. ' (db_name, table_name, column_name, mimetype, transformation, transformation_options) '
. ' VALUES('
. '\'' . PMA_sqlAddslashes($db) . '\','
@@ -190,32 +240,35 @@ function PMA_setMIME($db, $table, $key, $mimetype, $transformation, $transformat
}
if (isset($upd_query)){
$upd_rs = PMA_query_as_cu($upd_query);
PMA_DBI_free_result($upd_rs);
unset($upd_rs);
return true;
return PMA_query_as_cu($upd_query);
} else {
return false;
}
} // end of 'PMA_setMIME()' function
/**
* Returns the real filename of a configured transformation
*
* @param string the current filename
*
* @return string the new filename
*
* @access public
*/
function PMA_sanitizeTransformationFile(&$filename) {
// garvin: for security, never allow to break out from transformations directory
* Returns the real filename of a configured transformation
*
* in fact: it just replaces old php3 with php extension
*
* garvin: for security, never allow to break out from transformations directory
*
* @uses PMA_securePath()
* @uses preg_replace()
* @uses strlen()
* @uses file_exists()
* @access public
* @param string $filename the current filename
* @return string the new filename
*/
function PMA_sanitizeTransformationFile(&$filename)
{
$include_file = PMA_securePath($filename);
// This value can also contain a 'php3' value, in which case we map this filename to our new 'php' variant
$testfile = preg_replace('@\.inc\.php3$@', '.inc.php', $include_file);
if ($include_file{strlen($include_file)-1} == '3' && file_exists('./libraries/transformations/' . $testfile)) {
if ($include_file{strlen($include_file)-1} == '3'
&& file_exists('./libraries/transformations/' . $testfile)) {
$include_file = $testfile;
$filename = $testfile; // Corrects the referenced variable for further actions on the filename;
}