From e726fe785d2a521e08263462bbeecbb564494042 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Chapeaux?= Date: Sun, 23 Sep 2001 15:31:50 +0000 Subject: [PATCH] Fixed bug #444352 (Data Missing/POST Error) --- ChangeLog | 6 +- db_create.php3 | 14 ++- db_details.php3 | 29 +++-- db_printview.php3 | 17 ++- db_stats.php3 | 5 +- left.php3 | 2 +- libraries/build_dump.lib.php3 | 29 ++--- libraries/common.lib.php3 | 28 ++--- libraries/display_tbl.lib.php3 | 9 +- main.php3 | 20 ++-- mult_submits.inc.php3 | 4 +- read_dump.php3 | 189 +++++++++++++++++---------------- sql.php3 | 28 +++-- tbl_addfield.php3 | 22 ++-- tbl_alter.php3 | 16 ++- tbl_change.php3 | 26 ++++- tbl_copy.php3 | 26 +++-- tbl_create.php3 | 20 +++- tbl_dump.php3 | 16 ++- tbl_printview.php3 | 18 +++- tbl_properties.php3 | 37 +++++-- tbl_rename.php3 | 16 ++- tbl_replace.php3 | 16 ++- tbl_select.php3 | 12 ++- user_details.php3 | 22 ++-- 25 files changed, 416 insertions(+), 211 deletions(-) diff --git a/ChangeLog b/ChangeLog index 49fe12cb7..88819f1b1 100755 --- a/ChangeLog +++ b/ChangeLog @@ -9,7 +9,11 @@ $Source$ * config.inc.php3; Documentation.html; db_details.php3; tbl_dump.php3; tbl_properties.php3; libraries/functions.php3; libraries/zip.lib.php3: improved the zip dump feature. - * lang/*: added $strZip where it was missing. + * lang/swedish.inc.php3: updated thanks to David Nordenberg. + * lang/*: added $strZip where it was missing and $strNoQuery in all the + translations. + * most of the scripts were updated to fix bug #444352 (Data + Missing/POST Error). 2001-09-23 Armel Fauveau * add zip dump feature diff --git a/db_create.php3 b/db_create.php3 index 663b71f2f..6d07306bc 100755 --- a/db_create.php3 +++ b/db_create.php3 @@ -10,14 +10,22 @@ $js_to_run = 'functions.js'; require('./header.inc.php3'); +/** + * Defines the url to return to in case of error in a sql statement + */ +$err_url = 'main.php3' + . '?lang=' . $lang + . '&server=' . $server; + + /** * Ensures the db name is valid */ if (get_magic_quotes_gpc()) { - $db = stripslashes($db); + $db = stripslashes($db); } if (MYSQL_INT_VERSION < 32306) { - check_reserved_words($db); + check_reserved_words($db, $err_url); } @@ -25,7 +33,7 @@ if (MYSQL_INT_VERSION < 32306) { * Executes the db creation sql query */ $local_query = 'CREATE DATABASE ' . backquote($db); -$result = mysql_query('CREATE DATABASE ' . backquote($db)) or mysql_die('', $local_query, FALSE); +$result = mysql_query('CREATE DATABASE ' . backquote($db)) or mysql_die('', $local_query, FALSE, $err_url); /** diff --git a/db_details.php3 b/db_details.php3 index bad8d0199..3edd25729 100755 --- a/db_details.php3 +++ b/db_details.php3 @@ -3,12 +3,29 @@ /** - * Gets some core libraries, ensures the database exists (else move to the - * "parent" script) and diplays headers + * Gets some core libraries */ require('./libraries/grab_globals.lib.php3'); require('./libraries/common.lib.php3'); require('./libraries/bookmark.lib.php3'); + + +/** + * Defines the urls to return to in case of error in a sql statement + */ +$err_url_0 = 'main.php3' + . '?lang=' . $lang + . '&server=' . $server; +$err_url = 'db_details.php3' + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db); + + +/** + * Ensures the database exists (else move to the "parent" script) and diplays + * headers + */ // Not a valid db name -> back to the welcome page if (!empty($db)) { $is_db = @mysql_select_db($db); @@ -57,7 +74,7 @@ if (MYSQL_INT_VERSION >= 32303) { // Special speedup for newer MySQL Versions (in 4.0 format changed) if ($cfgSkipLockedTables == TRUE && MYSQL_INT_VERSION >= 32330) { $local_query = 'SHOW OPEN TABLES FROM ' . backquote($db); - $result = mysql_query($query) or mysql_die('', $local_query); + $result = mysql_query($query) or mysql_die('', $local_query, '', $err_url_0); // Blending out tables in use if ($result != FALSE && mysql_num_rows($result) > 0) { while ($tmp = mysql_fetch_array($result)) { @@ -70,12 +87,12 @@ if (MYSQL_INT_VERSION >= 32303) { if (isset($sot_cache)) { $local_query = 'SHOW TABLES FROM ' . backquote($db); - $result = mysql_query($query) or mysql_die('', $local_query); + $result = mysql_query($query) or mysql_die('', $local_query, '', $err_url_0); if ($result != FALSE && mysql_num_rows($result) > 0) { while ($tmp = mysql_fetch_array($result)) { if (!isset($sot_cache[$tmp[0]])) { $local_query = 'SHOW TABLE STATUS FROM ' . backquote($db) . ' LIKE \'' . addslashes($tmp[0]) . '\''; - $sts_result = mysql_query($local_query) or mysql_die('', $local_query); + $sts_result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url_0); $sts_tmp = mysql_fetch_array($sts_result); $tables[] = $sts_tmp; } else { // table in use @@ -90,7 +107,7 @@ if (MYSQL_INT_VERSION >= 32303) { } if (!isset($sot_ready)) { $local_query = 'SHOW TABLE STATUS FROM ' . backquote($db); - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url_0); if ($result != FALSE && mysql_num_rows($result) > 0) { while ($sts_tmp = mysql_fetch_array($result)) { $tables[] = $sts_tmp; diff --git a/db_printview.php3 b/db_printview.php3 index 11051c333..6cec04323 100755 --- a/db_printview.php3 +++ b/db_printview.php3 @@ -9,6 +9,15 @@ require('./libraries/grab_globals.lib.php3'); require('./header.inc.php3'); +/** + * Defines the url to return to in case of error in a sql statement + */ +$err_url = 'db_details.php3' + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db); + + /** * Gets the list of the table in the current db and informations about these * tables if possible @@ -18,7 +27,7 @@ if (MYSQL_INT_VERSION >= 32303) { // Special speedup for newer MySQL Versions (in 4.0 format changed) if ($cfgSkipLockedTables == TRUE && MYSQL_INT_VERSION >= 32330) { $local_query = 'SHOW OPEN TABLES FROM ' . backquote($db); - $result = mysql_query($query) or mysql_die('', $local_query); + $result = mysql_query($query) or mysql_die('', $local_query, '', $err_url); // Blending out tables in use if ($result != FALSE && mysql_num_rows($result) > 0) { while ($tmp = mysql_fetch_array($result)) { @@ -31,12 +40,12 @@ if (MYSQL_INT_VERSION >= 32303) { if (isset($sot_cache)) { $local_query = 'SHOW TABLES FROM ' . backquote($db); - $result = mysql_query($query) or mysql_die('', $local_query); + $result = mysql_query($query) or mysql_die('', $local_query, '', $err_url); if ($result != FALSE && mysql_num_rows($result) > 0) { while ($tmp = mysql_fetch_array($result)) { if (!isset($sot_cache[$tmp[0]])) { $local_query = 'SHOW TABLE STATUS FROM ' . backquote($db) . ' LIKE \'' . addslashes($tmp[0]) . '\''; - $sts_result = mysql_query($local_query) or mysql_die('', $local_query); + $sts_result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); $sts_tmp = mysql_fetch_array($sts_result); $tables[] = $sts_tmp; } else { // table in use @@ -51,7 +60,7 @@ if (MYSQL_INT_VERSION >= 32303) { } if (!isset($sot_ready)) { $local_query = 'SHOW TABLE STATUS FROM ' . backquote($db); - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); if ($result != FALSE && mysql_num_rows($result) > 0) { while ($sts_tmp = mysql_fetch_array($result)) { $tables[] = $sts_tmp; diff --git a/db_stats.php3 b/db_stats.php3 index c4068ac51..6fc8d2384 100644 --- a/db_stats.php3 +++ b/db_stats.php3 @@ -13,6 +13,9 @@ require('./header.inc.php3'); */ if ((!empty($submit_mult) && isset($selected_db)) || isset($btnDrop)) { + $err_url = 'db_stats.php3' + . '?lang=' . $lang + . '&server=' . $server; $action = 'db_stats.php3'; $show_query = 'y'; include('./mult_submits.inc.php3'); @@ -66,7 +69,7 @@ function pmaDbCmp($a, $b) if ($server > 0) { // Get the valid databases list $num_dbs = count($dblist); - $dbs = @mysql_list_dbs() or mysql_die('', 'mysql_list_dbs()'); + $dbs = @mysql_list_dbs() or mysql_die('', 'mysql_list_dbs()', '', 'main.php3?lang' . $lang . '&server=' . $server); while ($a_db = mysql_fetch_object($dbs)) { if (!$num_dbs) { $dblist[] = $a_db->Database; diff --git a/left.php3 b/left.php3 index 13009dd1a..b5786753b 100755 --- a/left.php3 +++ b/left.php3 @@ -36,7 +36,7 @@ if ($server > 0) { } // end if // 2. no $cfgServers[n]['only_db'] else { - $dbs = mysql_list_dbs() or mysql_die('', 'mysql_list_dbs()', FALSE, FALSE); + $dbs = mysql_list_dbs() or mysql_die('', 'mysql_list_dbs()', FALSE, ''); $num_dbs = @mysql_num_rows($dbs); $real_num_dbs = 0; for ($i = 0; $i < $num_dbs; $i++) { diff --git a/libraries/build_dump.lib.php3 b/libraries/build_dump.lib.php3 index dfcd3e8bd..4eca18577 100644 --- a/libraries/build_dump.lib.php3 +++ b/libraries/build_dump.lib.php3 @@ -35,6 +35,7 @@ if (!defined('__LIB_BUILD_DUMP__')){ * @param string the database name * @param string the table name * @param string the end of line sequence + * @param string the url to go back in case of error * * @return string the CREATE statement on success * @@ -46,7 +47,7 @@ if (!defined('__LIB_BUILD_DUMP__')){ * * @access public */ - function get_table_def($db, $table, $crlf) + function get_table_def($db, $table, $crlf, $error_url) { global $drop; global $use_backquotes; @@ -78,7 +79,7 @@ if (!defined('__LIB_BUILD_DUMP__')){ $schema_create .= 'CREATE TABLE ' . html_format(backquote($table), $use_backquotes) . ' (' . $crlf; $local_query = 'SHOW FIELDS FROM ' . backquote($db) . '.' . backquote($table); - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $error_url); while ($row = mysql_fetch_array($result)) { $schema_create .= ' ' . html_format(backquote($row['Field'], $use_backquotes)) . ' ' . $row['Type']; if (isset($row['Default']) && $row['Default'] != '') { @@ -96,7 +97,7 @@ if (!defined('__LIB_BUILD_DUMP__')){ $schema_create = ereg_replace(',' . $crlf . '$', '', $schema_create); $local_query = 'SHOW KEYS FROM ' . backquote($db) . '.' . backquote($table); - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $error_url); while ($row = mysql_fetch_array($result)) { $kname = $row['Key_name']; @@ -154,6 +155,7 @@ if (!defined('__LIB_BUILD_DUMP__')){ * @param string the name of the handler (function) to use at the end * of every row. This handler must accept one parameter * ($sql_insert) + * @param string the url to go back in case of error * * @return boolean always true * @@ -166,12 +168,12 @@ if (!defined('__LIB_BUILD_DUMP__')){ * * @author staybyte */ - function get_table_content_fast($db, $table, $add_query = '', $handler) + function get_table_content_fast($db, $table, $add_query = '', $handler, $error_url) { global $use_backquotes; $local_query = 'SELECT * FROM ' . backquote($db) . '.' . backquote($table) . $add_query; - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $error_url); if ($result != FALSE) { $fields_cnt = mysql_num_fields($result); @@ -265,6 +267,7 @@ if (!defined('__LIB_BUILD_DUMP__')){ * @param string the name of the handler (function) to use at the end * of every row. This handler must accept one parameter * ($sql_insert) + * @param string the url to go back in case of error * * @return boolean always true * @@ -275,12 +278,12 @@ if (!defined('__LIB_BUILD_DUMP__')){ * * @see get_table_content() */ - function get_table_content_old($db, $table, $add_query = '', $handler) + function get_table_content_old($db, $table, $add_query = '', $handler, $error_url) { global $use_backquotes; $local_query = 'SELECT * FROM ' . backquote($db) . '.' . backquote($table) . $add_query; - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $error_url); $i = 0; $isFirstRow = TRUE; $fields_cnt = mysql_num_fields($result); @@ -363,6 +366,7 @@ if (!defined('__LIB_BUILD_DUMP__')){ * @param string the name of the handler (function) to use at the end * of every row. This handler must accept one parameter * ($sql_insert) + * @param string the url to go back in case of error * * @access public * @@ -370,7 +374,7 @@ if (!defined('__LIB_BUILD_DUMP__')){ * * @author staybyte */ - function get_table_content($db, $table, $limit_from = 0, $limit_to = 0, $handler) + function get_table_content($db, $table, $limit_from = 0, $limit_to = 0, $handler, $error_url) { // Defines the offsets to use if ($limit_from > 0) { @@ -386,9 +390,9 @@ if (!defined('__LIB_BUILD_DUMP__')){ // Call the working function depending on the php version if (PHP_INT_VERSION >= 40005) { - get_table_content_fast($db, $table, $add_query, $handler); + get_table_content_fast($db, $table, $add_query, $handler, $error_url); } else { - get_table_content_old($db, $table, $add_query, $handler); + get_table_content_old($db, $table, $add_query, $handler, $error_url); } } // end of the 'get_table_content()' function @@ -407,6 +411,7 @@ if (!defined('__LIB_BUILD_DUMP__')){ * @param string the optionnal "enclosed by" character * @param string the handler (function) to call. It must accept one * parameter ($sql_insert) + * @param string the url to go back in case of error * * @global string whether to obtain an excel compatible csv format or a * simple csv one @@ -415,7 +420,7 @@ if (!defined('__LIB_BUILD_DUMP__')){ * * @access public */ - function get_table_csv($db, $table, $limit_from = 0, $limit_to = 0, $sep, $enc_by, $esc_by, $handler) + function get_table_csv($db, $table, $limit_from = 0, $limit_to = 0, $sep, $enc_by, $esc_by, $handler, $error_url) { global $what; @@ -461,7 +466,7 @@ if (!defined('__LIB_BUILD_DUMP__')){ // Gets the data from the database $local_query = 'SELECT * FROM ' . backquote($db) . '.' . backquote($table) . $add_query; - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $error_url); $fields_cnt = mysql_num_fields($result); // Format the data diff --git a/libraries/common.lib.php3 b/libraries/common.lib.php3 index efa87c08b..ab5b6b479 100644 --- a/libraries/common.lib.php3 +++ b/libraries/common.lib.php3 @@ -154,12 +154,12 @@ if (!defined('__LIB_COMMON__')){ * @param string the error mesage * @param string the sql query that failed * @param boolean whether to show a "modify" link or not - * @param boolean whether to show a "back" link or not + * @param string the "back" link url (full path is not required) * * @access public */ function mysql_die($error_message = '', $the_query = '', - $is_modify_link = TRUE, $is_back_link = TRUE) + $is_modify_link = TRUE, $back_url = '') { if (!$error_message) { $error_message = mysql_error(); @@ -193,9 +193,8 @@ if (!defined('__LIB_COMMON__')){ echo ' ' . $GLOBALS['strMySQLSaid'] . '
' . "\n"; echo '
' . "\n" . $error_message . "\n" . '
' . "\n"; echo '

' . "\n"; - if ($is_back_link) { - $hist = (isset($GLOBALS['btnDrop'])) ? -2 : -1; - echo '' . $GLOBALS['strBack'] . ''; + if (!empty($back_url)) { + echo '' . $GLOBALS['strBack'] . ''; } echo "\n"; @@ -208,7 +207,7 @@ if (!defined('__LIB_COMMON__')){ * Use mysql_connect() or mysql_pconnect()? */ $connect_func = ($cfgPersistentConnections) ? 'mysql_pconnect' : 'mysql_connect'; - $dblist = array(); + $dblist = array(); /** @@ -368,7 +367,7 @@ if (!defined('__LIB_COMMON__')){ . $cfgServer['host'] . $server_port . $server_socket . ', ' . $cfgServer['stduser'] . ', ' . $cfgServer['stdpass'] . ')'; - mysql_die($conn_error, $local_query, FALSE, FALSE); + mysql_die($conn_error, $local_query, FALSE); } else if (PHP_INT_VERSION >= 40000) { @ini_set('track_errors', $bkp_track_err); } @@ -380,7 +379,7 @@ if (!defined('__LIB_COMMON__')){ . 'WHERE ' . 'User = \'' . $PHP_AUTH_USER . '\' ' . 'AND Password = PASSWORD(\'' . $PHP_AUTH_PW . '\')'; - $rs = mysql_query($auth_query, $dbh) or mysql_die('', $auth_query, FALSE, FALSE); + $rs = mysql_query($auth_query, $dbh) or mysql_die('', $auth_query, FALSE); // Invalid login -> relog if (@mysql_numrows($rs) <= 0) { @@ -405,10 +404,10 @@ if (!defined('__LIB_COMMON__')){ if ($row['Select_priv'] != 'Y') { // lem9: User can be blank (anonymous user) $local_query = 'SELECT DISTINCT Db FROM mysql.db WHERE Select_priv = \'Y\' AND (User = \'' . $PHP_AUTH_USER . '\' OR User = \'\')'; - $rs = mysql_query($local_query) or mysql_die('', $local_query, FALSE, FALSE); + $rs = mysql_query($local_query) or mysql_die('', $local_query, FALSE); if (@mysql_numrows($rs) <= 0) { $local_query = 'SELECT DISTINCT Db FROM mysql.tables_priv WHERE Table_priv LIKE \'%Select%\' AND User = \'' . $PHP_AUTH_USER . '\''; - $rs = mysql_query($local_query) or mysql_die('', $local_query, FALSE, FALSE); + $rs = mysql_query($local_query) or mysql_die('', $local_query, FALSE); if (@mysql_numrows($rs) <= 0) { auth(); } else { @@ -485,7 +484,7 @@ if (!defined('__LIB_COMMON__')){ . $cfgServer['host'] . $server_port . $server_socket . ', ' . $cfgServer['user'] . ', ' . $cfgServer['password'] . ')'; - mysql_die($conn_error, $local_query, FALSE, FALSE); + mysql_die($conn_error, $local_query, FALSE); } else if (PHP_INT_VERSION >= 40000) { @ini_set('track_errors', $bkp_track_err); } @@ -759,6 +758,8 @@ window.parent.frames['nav'].location.replace(''); } else if ($edit_target != '') { $edit_link = '' . $GLOBALS['strEdit'] . ''; } + } + if (!empty($edit_target)) { echo ' ' . $GLOBALS['strSQLQuery'] . ' : [' . $edit_link . ']
' . "\n"; } else { echo ' ' . $GLOBALS['strSQLQuery'] . ' :
' . "\n"; @@ -848,6 +849,7 @@ window.parent.frames['nav'].location.replace(''); * releases < 3.23.6) * * @param string the name to check + * @param string the url to go back in case of error * * @return boolean true if the name is valid (no return else) * @@ -855,7 +857,7 @@ window.parent.frames['nav'].location.replace(''); * * @author Dell'Aiera Pol; Olivier Blin */ - function check_reserved_words($the_name) + function check_reserved_words($the_name, $error_url) { // The name contains caracters <> a-z, A-Z and "_" -> not a reserved // word @@ -876,7 +878,7 @@ window.parent.frames['nav'].location.replace(''); $word_cnt = count($word_list); for ($i = 0; $i < $word_cnt; $i++) { if (strtolower($the_name) == $word_list[$i]) { - mysql_die(sprintf($GLOBALS['strInvalidName'], $the_name), '', FALSE, TRUE); + mysql_die(sprintf($GLOBALS['strInvalidName'], $the_name), '', FALSE, $error_url); } // end if } // end for } // end if diff --git a/libraries/display_tbl.lib.php3 b/libraries/display_tbl.lib.php3 index 87fa81919..4362ec8a7 100644 --- a/libraries/display_tbl.lib.php3 +++ b/libraries/display_tbl.lib.php3 @@ -42,6 +42,8 @@ if (!defined('__LIB_DISPLAY_TBL__')){ * @global integer the total number of rows returned by the sql query * without any programmatically appended "LIMIT" clause * @global array the properties of the fields returned by the query + * @global string the url to return to in case of error in a sql + * statement * * @access private * @@ -51,6 +53,7 @@ if (!defined('__LIB_DISPLAY_TBL__')){ { global $db, $table; global $unlim_num_rows, $fields_meta; + global $err_url; // 1. Initializes the $do_display array $do_display = array(); @@ -138,11 +141,11 @@ if (!defined('__LIB_DISPLAY_TBL__')){ else if (($do_display['nav_bar'] == '1' || $do_display['sort_lnk'] == '1') && (!empty($db) && !empty($table))) { $local_query = 'SELECT COUNT(*) AS total FROM ' . backquote($db) . '.' . backquote($table); - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); $the_total = mysql_result($result, 0, 'total'); mysql_free_result($result); } - + // 4. If navigation bar or sorting fields names urls should be // displayed but there is only one row, change these settings to // false @@ -420,7 +423,7 @@ if (!defined('__LIB_DISPLAY_TBL__')){ if ($is_display['sort_lnk'] == '1') { $is_join = eregi('(.*)[[:space:]]+FROM[[:space:]]+.*[[:space:]]+JOIN', $sql_query, $select_stt); } else { - $is_join = FALSE; + $is_join = FALSE; } for ($i = 0; $i < $fields_cnt; $i++) { diff --git a/main.php3 b/main.php3 index 29f978dfb..00483875a 100755 --- a/main.php3 +++ b/main.php3 @@ -45,7 +45,7 @@ echo "\n"; // Don't display server info if $server == 0 (no server selected) if ($server > 0) { $local_query = 'SELECT VERSION() as version, USER() as user'; - $res = mysql_query($local_query) or mysql_die('', $local_query, FALSE, FALSE); + $res = mysql_query($local_query) or mysql_die('', $local_query, FALSE, ''); echo '

MySQL ' . mysql_result($res, 0, 'version') . ' ' . $strRunning . ' ' . $cfgServer['host']; if (!empty($cfgServer['port'])) { echo ':' . $cfgServer['port']; @@ -61,7 +61,7 @@ if ($server > 0) { * Reload mysql (flush privileges) */ if (($server > 0) && isset($mode) && ($mode == 'reload')) { - $result = mysql_query('FLUSH PRIVILEGES') or mysql_die('', 'FLUSH PRIVILEGES', FALSE); + $result = mysql_query('FLUSH PRIVILEGES') or mysql_die('', 'FLUSH PRIVILEGES', FALSE, 'main.php3?lang=' . $lang . '&server=' . $server); echo '

'; if ($result != 0) { echo $strMySQLReloaded; @@ -178,7 +178,7 @@ if ($server > 0 . $cfgServer['host'] . $server_port . $server_socket . ', ' . $cfgServer['stduser'] . ', ' . $cfgServer['stdpass'] . ')'; - mysql_die($conn_error, $local_query, FALSE, FALSE); + mysql_die($conn_error, $local_query, FALSE, ''); } else if (PHP_INT_VERSION >= 40000) { @ini_set('track_errors', $bkp_track_err); } @@ -218,7 +218,7 @@ if ($server > 0 . $cfgServer['host'] . $server_port . $server_socket . ', ' . $cfgServer['user'] . ', ' . $cfgServer['password'] . ')'; - mysql_die($conn_error, $local_query, FALSE, FALSE); + mysql_die($conn_error, $local_query, FALSE, ''); } else if (PHP_INT_VERSION >= 40000) { @ini_set('track_errors', $bkp_track_err); } @@ -265,7 +265,7 @@ if ($server > 0 item - +   @@ -273,7 +273,7 @@ if ($server > 0 item - +   @@ -286,7 +286,7 @@ if ($server > 0 item - +   @@ -367,7 +367,7 @@ if ($server > 0 item - +   @@ -376,7 +376,7 @@ if ($server > 0 item - +   @@ -385,7 +385,7 @@ if ($server > 0 item - +   diff --git a/mult_submits.inc.php3 b/mult_submits.inc.php3 index 996afc902..79ecc462f 100644 --- a/mult_submits.inc.php3 +++ b/mult_submits.inc.php3 @@ -141,13 +141,13 @@ else if ((get_magic_quotes_gpc() && stripslashes($btnDrop) == $strYes) if ($query_type != 'drop_db') { mysql_select_db($db); } - $result = @mysql_query($a_query) or mysql_die('', $a_query, FALSE); + $result = @mysql_query($a_query) or mysql_die('', $a_query, FALSE, $err_url); } // end if } // end for if ($query_type == 'drop_tbl' || $query_type == 'drop_fld') { mysql_select_db($db); - $result = @mysql_query($sql_query) or mysql_die('', '', FALSE); + $result = @mysql_query($sql_query) or mysql_die('', '', FALSE, $err_url); } show_message($strSuccess); diff --git a/read_dump.php3 b/read_dump.php3 index c93f3c8ed..11795c231 100644 --- a/read_dump.php3 +++ b/read_dump.php3 @@ -8,7 +8,6 @@ * Last revision: September 11, 2001 - loic1 * * @param string the sql commands - * @param string the end of command line delimiter * @param integer the MySQL release number (because certains php3 versions * can't get the value of a constant from within a function) * @@ -16,7 +15,7 @@ * * @access public */ -function split_sql_file($sql, $delimiter, $release) +function split_sql_file($sql, $release) { $sql = trim($sql); $sql_len = strlen($sql); @@ -24,7 +23,6 @@ function split_sql_file($sql, $delimiter, $release) $ret = array(); $string_start = ''; $in_string = FALSE; - $in_comment = FALSE; for ($i = 0; $i < $sql_len; ++$i) { $char = $sql[$i]; @@ -32,59 +30,51 @@ function split_sql_file($sql, $delimiter, $release) // We are in a string, check for not escaped end of strings except for // backquotes than cannot be escaped if ($in_string) { - while (1) { - $i = strpos($sql, $string_start, $i); + for (;;) { + $i = strpos($sql, $string_start, $i); // No end of string found -> add the current substring to the // returned array if (!$i) { $ret[] = $sql; return $ret; } - // It's trully the end of the string -> move to the next - // character - else if (($string_start == '`') - || (($i > 1 && $sql[$i-1] . $sql[$i-2] != '\\\\') - || ($sql[0] != '\\'))) { + // Backquotes or no backslashes before (double) quote(s): it's + // trully the end of the string -> exit the loop + else if ($string_start == '`' || $sql[$i-1] != '\\') { $string_start = ''; $in_string = FALSE; break; - } // end if... elseif - } // end while - } // end if ($in_string) + } + // Backslashes before (double) quote(s) end of string... + else { + // ... first checks for escaped backslashes + $j = 2; + $escaped_backslash = FALSE; + while ($i-$j > 0 && $sql[$i-$j] == '\\') { + $escaped_backslash = !$escaped_backslash; + $j++; + } + // ... if escaped backslashes: it's trully the end of the + // string -> exit the loop + if ($escaped_backslash) { + $string_start = ''; + $in_string = FALSE; + break; + } + // ... else loop + else { + $i++; + } + } // end if...elseif...else + } // end for + } // end if (in string) - // We are in a comment, add the parsed part to the returned array and - // move to the next end of line - else if ($in_comment) { - // comment starting position in string depends on the comment type - $ret_end = (($sql[$i-1] == '#') ? $i-1 : $i-3); - if (ereg('[^[:space:]]+', substr($sql, 0, $ret_end))) { - $ret[] = substr($sql, 0, $ret_end); - } - // if no "\n" exits in the remaining string, checks for "\r" (Mac - // eol style) - $eol_to_find = (strpos($sql, "\012", $i)) ? "\012" : "\015"; - $sql = strstr($sql, $eol_to_find); - if ($sql == '' || empty($sql[1])) { - // The submited statement(s) end(s) by a comment -> stop - // parsing - return $ret; - } else { - $sql = ltrim(substr($sql, 1)); - $sql_len = strlen($sql); - if ($sql_len) { - $i = -1; - $in_comment = FALSE; - } else { - // The submited statement(s) end(s) here - return $ret; - } // end if...else - } // end if...else - } // end if ($in_comment) - - // If delimiter found, add the parsed part to the returned array - else if ($char == $delimiter) { + // We are not in a string, first check for delimiter... + else if ($char == ';') { + // if delimiter found, add the parsed part to the + // returned array $ret[] = substr($sql, 0, $i); - $sql = ltrim(substr($sql, min($i + 2, $sql_len))); + $sql = ltrim(substr($sql, min($i + 1, $sql_len))); $sql_len = strlen($sql); if ($sql_len) { $i = -1; @@ -92,32 +82,45 @@ function split_sql_file($sql, $delimiter, $release) // The submited statement(s) end(s) here return $ret; } - } // end if ($char == $delimiter) + } // end else if (is delimiter) - // We are neither in a string nor in a comment, and nor the current - // character is a delimiter... - else { - // ... first check for start of strings... - if (($char == '"') || ($char == '\'') || ($char == '`')) { - $in_string = TRUE; - $string_start = $char; - } - // ... then check for start of a comment... - else if ($char == '#' - || ($char == ' ' && $i > 1 && $sql[$i-2] . $sql[$i-1] == '--')) { - $in_comment = TRUE; - } - // ... and finally disactivate the "/*!...*/" syntax if - // MySQL < 3.22.07 - else if ($release < 32270 - && ($char == '!' && $i > 1 && $sql[$i-2] . $sql[$i-1] == '/*')) { - $sql[$i] = ' '; - } - } // end else + // ... then check for start of a string,... + else if (($char == '"') || ($char == '\'') || ($char == '`')) { + $in_string = TRUE; + $string_start = $char; + } // end else if (is start of string) + + // ... for start of a comment (and remove this comment if found)... + else if ($char == '#' + || ($char == ' ' && $i > 1 && $sql[$i-2] . $sql[$i-1] == '--')) { + // starting position of the comment depends on the comment type + $start_of_comment = (($sql[$i] == '#') ? $i : $i-2); + // if no "\n" exits in the remaining string, checks for "\r" + // (Mac eol style) + $end_of_comment = (strpos(' ' . $sql, "\012", $i+2)) + ? strpos(' ' . $sql, "\012", $i+2) + : strpos(' ' . $sql, "\015", $i+2); + if (!$end_of_comment) { + // no eol found after '#', so we are at end of dump -> stop + // parsing + return $ret; + } else { + $sql = substr($sql, 0, $start_of_comment) + . ltrim(substr($sql, $end_of_comment)); + $sql_len = strlen($sql); + $i--; + } // end if...else + } // end else if (is comment) + + // ... and finally disactivate the "/*!...*/" syntax if MySQL < 3.22.07 + else if ($release < 32270 + && ($char == '!' && $i > 1 && $sql[$i-2] . $sql[$i-1] == '/*')) { + $sql[$i] = ' '; + } // end else if } // end for // add any rest to the returned array - if (!empty($sql)) { + if (!empty($sql) && ereg('[^[:space:]]+', $sql)) { $ret[] = $sql; } return $ret; @@ -138,6 +141,20 @@ require('./libraries/grab_globals.lib.php3'); require('./libraries/common.lib.php3'); +/** + * Defines the url to return to in case of error in a sql statement + */ +if (!isset($goto) + || ($goto != 'db_details.php3' && $goto != 'tbl_properties.php3')) { + $goto = 'db_details.php3'; +} +$err_url = $goto + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db) + . (($goto == 'tbl_properties.php3') ? '&table=' . urlencode($table) : ''); + + /** * Set up default values for some variables and */ @@ -172,8 +189,6 @@ if (!empty($id_bookmark)) { */ // Gets the query from a file if required if ($sql_file != 'none') { -// loic1: php < 4.05 for windows seems not to list the regexp test -// if (ereg('^php[0-9A-Za-z_.-]+$', basename($sql_file))) { if (file_exists($sql_file)) { $sql_query = fread(fopen($sql_file, 'r'), filesize($sql_file)); if (get_magic_quotes_runtime() == 1) { @@ -203,7 +218,7 @@ if (!$cfgAllowUserDropDatabase $result = @mysql_query('USE mysql'); if (mysql_error()) { include('./header.inc.php3'); - mysql_die($strNoDropDatabases); + mysql_die($strNoDropDatabases, '', '', $err_url); } } define('PMA_CHK_DROP', 1); @@ -213,7 +228,7 @@ define('PMA_CHK_DROP', 1); * Executes the query */ if ($sql_query != '') { - $pieces = split_sql_file($sql_query, ';', MYSQL_INT_VERSION); + $pieces = split_sql_file($sql_query, MYSQL_INT_VERSION); $pieces_count = count($pieces); // Copy of the cleaned sql statement for display purpose only (see near the @@ -226,13 +241,11 @@ if ($sql_query != '') { // Only one query to run if ($pieces_count == 1 && !empty($pieces[0]) && $view_bookmark == 0) { - // loic1: remove non alphabetic characters from the beginning of the - // query - // $sql_query = trim($pieces[0]); - $sql_query = eregi_replace('^[^a-aA-Z]', '', $pieces[0]); // sql.php3 will stripslash the query if get_magic_quotes_gpc if (get_magic_quotes_gpc() == 1) { - $sql_query = addslashes($sql_query); + $sql_query = addslashes($pieces[0]); + } else { + $sql_query = $pieces[0]; } if (eregi('^(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)', $sql_query)) { $reload = 1; @@ -244,13 +257,11 @@ if ($sql_query != '') { // Runs multiple queries else if (mysql_select_db($db)) { for ($i = 0; $i < $pieces_count; $i++) { - $a_sql_query = trim($pieces[$i]); - if (!empty($a_sql_query) && $a_sql_query[0] != '#') { - $result = mysql_query($a_sql_query); - if ($result == FALSE) { // readdump failed - $my_die = $a_sql_query; - break; - } + $a_sql_query = $pieces[$i]; + $result = mysql_query($a_sql_query); + if ($result == FALSE) { // readdump failed + $my_die = $a_sql_query; + break; } if (!isset($reload) && eregi('^(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)', $a_sql_query)) { $reload = 1; @@ -267,17 +278,15 @@ if ($sql_query != '') { $js_to_run = 'functions.js'; require('./header.inc.php3'); if (isset($my_die)) { - mysql_die('', $my_die); + mysql_die('', $my_die, '', $err_url); } // Be nice with bandwidth... -if ($sql_query_cpy == '') { +if (!empty($sql_query_cpy)) { $message = "$strSuccess :
$strTheContent ($pieces_count $strInstructions) "; -} else { +} else if (!empty($sql_query_cpy)) { $message = $strSuccess; -} -if (!isset($goto) - || ($goto != 'db_details.php3' && $goto != 'tbl_properties.php3')) { - $goto = 'db_details.php3'; +} else { + $message = $strNoQuery; } require('./' . $goto); ?> diff --git a/sql.php3 b/sql.php3 index 34b8f9e70..10fc2f8d3 100755 --- a/sql.php3 +++ b/sql.php3 @@ -9,6 +9,21 @@ require('./libraries/grab_globals.lib.php3'); require('./libraries/common.lib.php3'); +/** + * Defines the url to return to in case of error in a sql statement + */ +if (empty($goto)) { + $goto = (empty($table)) ? 'db_details.php3' : 'tbl_properties.php3'; +} +if (!isset($err_url)) { + $err_url = $goto + . '?lang=' . $lang + . '&server=' . $server + . (isset($db) ? '&db=' . urlencode($db) : '') + . (($goto != 'db_details.php3' && isset($table)) ? '&table=' . urlencode($table) : ''); +} + + /** * Check rights in case of DROP DATABASE * @@ -25,7 +40,7 @@ if (!defined('PMA_CHK_DROP') $result = @mysql_query('USE mysql'); if (mysql_error()) { include('./header.inc.php3'); - mysql_die($strNoDropDatabases); + mysql_die($strNoDropDatabases, '', '', $err_url); } // end if } // end if @@ -56,9 +71,7 @@ if (isset($btnDrop) || isset($navig)) { /** * Sets or modifies the $goto variable if required */ -if (empty($goto)) { - $goto = (empty($table)) ? 'db_details.php3' : 'tbl_properties.php3'; -} else if ($goto == 'sql.php3') { +if ($goto == 'sql.php3') { $goto = 'sql.php3' . '?lang=' . $lang . '&server=' . $server @@ -120,7 +133,7 @@ if ($do_confirm) { - + @@ -141,7 +154,6 @@ else { } else if (get_magic_quotes_gpc()) { $sql_query = stripslashes($sql_query); } - // Defines some variables // loic1: A table have to be created -> left frame should be reloaded if ((!isset($reload) || $reload == 0) @@ -214,7 +226,7 @@ else { if (mysql_error()) { $error = mysql_error(); include('./header.inc.php3'); - mysql_die($error, $full_sql_query); + mysql_die($error, $full_sql_query, '', $err_url); } // Gets the number of rows affected/returned @@ -299,7 +311,7 @@ else { include('./header.inc.php3'); include('./libraries/bookmark.lib.php3'); - // Gets the list of fields properties + // Gets the list of fields properties while ($field = mysql_fetch_field($result)) { $fields_meta[] = $field; } diff --git a/tbl_addfield.php3 b/tbl_addfield.php3 index f44f04d78..1328bb167 100755 --- a/tbl_addfield.php3 +++ b/tbl_addfield.php3 @@ -12,6 +12,16 @@ if (isset($submit)) { require('./header.inc.php3'); +/** + * Defines the url to return to in case of error in a sql statement + */ +$err_url = 'tbl_properties.php3' + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db) + . '&table=' . urlencode($table); + + /** * The form used to define the field to add has been submitted */ @@ -25,7 +35,7 @@ if (isset($submit)) { $field_name[$i] = stripslashes($field_name[$i]); } if (MYSQL_INT_VERSION < 32306) { - check_reserved_words($field_name[$i]); + check_reserved_words($field_name[$i], $err_url); } $query .= backquote($field_name[$i]) . ' ' . $field_type[$i]; @@ -92,7 +102,7 @@ if (isset($submit)) { $query = ereg_replace(', ADD $', '', $query); $sql_query = 'ALTER TABLE ' . backquote($db) . '.' . backquote($table) . ' ADD ' . $query; - $result = mysql_query($sql_query) or mysql_die(); + $result = mysql_query($sql_query) or mysql_die('', '', '', $err_url); $sql_query_cpy = $sql_query . ';'; // Builds the primary keys statements and updates the table @@ -106,7 +116,7 @@ if (isset($submit)) { $primary = ereg_replace(', $', '', $primary); if (!empty($primary)) { $sql_query = 'ALTER TABLE ' . backquote($db) . '.' . backquote($table) . ' ADD PRIMARY KEY (' . $primary . ')'; - $result = mysql_query($sql_query) or mysql_die(); + $result = mysql_query($sql_query) or mysql_die('', '', '', $err_url); $sql_query_cpy .= "\n" . $sql_query . ';'; } } // end if @@ -122,7 +132,7 @@ if (isset($submit)) { $index = ereg_replace(', $', '', $index); if (!empty($index)) { $sql_query = 'ALTER TABLE ' . backquote($db) . '.' . backquote($table) . ' ADD INDEX (' . $index . ')'; - $result = mysql_query($sql_query) or mysql_die(); + $result = mysql_query($sql_query) or mysql_die('', '', '', $err_url); $sql_query_cpy .= "\n" . $sql_query . ';'; } } // end if @@ -138,7 +148,7 @@ if (isset($submit)) { $unique = ereg_replace(', $', '', $unique); if (!empty($unique)) { $sql_query = 'ALTER TABLE ' . backquote($db) . '.' . backquote($table) . ' ADD UNIQUE (' . $unique . ')'; - $result = mysql_query($sql_query) or mysql_die(); + $result = mysql_query($sql_query) or mysql_die('', '', '', $err_url); $sql_query_cpy .= "\n" . $sql_query . ';'; } } // end if @@ -155,7 +165,7 @@ if (isset($submit)) { $fulltext = ereg_replace(', $', '', $fulltext); if (!empty($fulltext)) { $sql_query = 'ALTER TABLE ' . backquote($db) . '.' . backquote($table) . ' ADD FULLTEXT (' . $fulltext . ')'; - $result = mysql_query($sql_query) or mysql_die(); + $result = mysql_query($sql_query) or mysql_die('', '', '', $err_url); $sql_query_cpy .= "\n" . $sql_query . ';'; } } // end if diff --git a/tbl_alter.php3 b/tbl_alter.php3 index 4a590fccd..75da9f54a 100755 --- a/tbl_alter.php3 +++ b/tbl_alter.php3 @@ -14,6 +14,16 @@ if (!isset($submit_mult)) { } +/** + * Defines the url to return to in case of error in a sql statement + */ +$err_url = 'tbl_properties.php3' + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db) + . '&table=' . urlencode($table); + + /** * Modifications have been submitted -> updates the table */ @@ -27,7 +37,7 @@ if (isset($submit)) { } if (MYSQL_INT_VERSION < 32306) { - check_reserved_words($field_name[$i]); + check_reserved_words($field_name[$i], $err_url); } // Some fields have been urlencoded or double quotes have been translated @@ -75,7 +85,7 @@ if (isset($submit)) { // Optimization fix - 2 May 2001 - Robbat2 $sql_query = 'ALTER TABLE ' . backquote($db) . '.' . backquote($table) . ' CHANGE ' . $query; - $result = mysql_query($sql_query) or mysql_die(); + $result = mysql_query($sql_query) or mysql_die('', '', '', $err_url); $message = $strTable . ' ' . htmlspecialchars($table) . ' ' . $strHasBeenAltered; $btnDrop = 'Fake'; include('./tbl_properties.php3'); @@ -102,7 +112,7 @@ else { $field = sql_addslashes($selected[$i], TRUE); } $local_query = 'SHOW FIELDS FROM ' . backquote($db) . '.' . backquote($table) . " LIKE '$field'"; - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); $fields_meta[] = mysql_fetch_array($result); mysql_free_result($result); } diff --git a/tbl_change.php3 b/tbl_change.php3 index 184d9d8df..4de5e8884 100755 --- a/tbl_change.php3 +++ b/tbl_change.php3 @@ -17,6 +17,23 @@ if (get_magic_quotes_gpc()) { } +/** + * Defines the url to return to in case of error in a sql statement + */ +if (!isset($goto)) { + $goto = 'db_details.php3'; +} +if ($goto != 'db_details.php3' && $goto != 'tbl_properties.php3') { + $err_url = $goto; +} else { + $err_url = $goto + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db) + . (($goto == 'tbl_properties.php3') ? '&table=' . urlencode($table) : ''); +} + + /** * Get the list of the fields of the current table */ @@ -24,13 +41,13 @@ mysql_select_db($db); $table_def = mysql_query('SHOW FIELDS FROM ' . backquote($table)); if (isset($primary_key)) { $local_query = 'SELECT * FROM ' . backquote($table) . ' WHERE ' . $primary_key; - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); $row = mysql_fetch_array($result); } else { $local_query = 'SELECT * FROM ' . backquote($table) . ' LIMIT 1'; - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); unset($row); } @@ -42,13 +59,14 @@ else

- + - + + diff --git a/tbl_copy.php3 b/tbl_copy.php3 index ea79caa4d..688797e70 100755 --- a/tbl_copy.php3 +++ b/tbl_copy.php3 @@ -18,7 +18,7 @@ function my_handler($sql_insert = '') global $sql_insert_data; $sql_insert = eregi_replace('INSERT INTO (`?)' . $table . '(`?)', 'INSERT INTO ' . $target, $sql_insert); - $result = mysql_query($sql_insert) or mysql_die('', $sql_insert); + $result = mysql_query($sql_insert) or mysql_die('', $sql_insert, '', $GLOBALS['err_url']); $sql_insert_data .= $sql_insert . ';' . "\n"; } // end of the 'my_handler' function @@ -32,6 +32,16 @@ $js_to_run = 'functions.js'; require('./header.inc.php3'); +/** + * Defines the url to return to in case of error in a sql statement + */ +$err_url = 'tbl_properties.php3' + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db) + . '&table=' . urlencode($table); + + /** * Selects the database to work with */ @@ -54,8 +64,8 @@ if (isset($new_name) && trim($new_name) != '') { $new_name = stripslashes($new_name); } if (MYSQL_INT_VERSION < 32306) { - check_reserved_words($db); - check_reserved_words($table); + check_reserved_words($db, $err_url); + check_reserved_words($table, $err_url); } $source = backquote($db) . '.' . backquote($table); @@ -63,9 +73,9 @@ if (isset($new_name) && trim($new_name) != '') { include('./libraries/build_dump.lib.php3'); - $sql_structure = get_table_def($db, $table, "\n"); + $sql_structure = get_table_def($db, $table, "\n", $err_url); $sql_structure = eregi_replace('^CREATE TABLE (`?)' . $table . '(`?)', 'CREATE TABLE ' . $target, $sql_structure); - $result = mysql_query($sql_structure) or mysql_die('', $sql_structure); + $result = mysql_query($sql_structure) or mysql_die('', $sql_structure, '', $err_url); if (isset($sql_query)) { $sql_query .= "\n" . $sql_structure . ';'; } else { @@ -77,11 +87,11 @@ if (isset($new_name) && trim($new_name) != '') { // speedup copy table - staybyte - 22. Juni 2001 if (MYSQL_INT_VERSION >= 32300) { $sql_insert_data = 'INSERT INTO ' . $target . ' SELECT * FROM ' . backquote($table); - $result = mysql_query($sql_insert_data) or mysql_die('', $sql_insert_data); + $result = mysql_query($sql_insert_data) or mysql_die('', $sql_insert_data, '', $err_url); } // end MySQL >= 3.23 else { $sql_insert_data = ''; - get_table_content($db, $table, 0, 0, 'my_handler'); + get_table_content($db, $table, 0, 0, 'my_handler', $err_url); } // end MySQL < 3.23 $sql_query .= "\n\n" . $sql_insert_data; } @@ -95,7 +105,7 @@ if (isset($new_name) && trim($new_name) != '') { * No new name for the table! */ else { - mysql_die($strTableEmpty); + mysql_die($strTableEmpty, '', '', $err_url); } diff --git a/tbl_create.php3 b/tbl_create.php3 index 2c90e21ee..fe1f73fe2 100755 --- a/tbl_create.php3 +++ b/tbl_create.php3 @@ -12,6 +12,16 @@ if (isset($submit)) { require('./header.inc.php3'); +/** + * Defines the url to return to in case of error in a sql statement + */ +$err_url = 'tbl_properties.php3' + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db) + . '&table=' . urlencode($table); + + /** * Selects the database to work with */ @@ -34,7 +44,7 @@ if (isset($submit)) { $field_name[$i] = stripslashes($field_name[$i]); } if (MYSQL_INT_VERSION < 32306) { - check_reserved_words($field_name[$i]); + check_reserved_words($field_name[$i], $err_url); } $query = backquote($field_name[$i]) . ' ' . $field_type[$i]; if ($field_length[$i] != '') { @@ -180,7 +190,7 @@ if (isset($submit)) { } // Executes the query - $result = mysql_query($sql_query) or mysql_die(); + $result = mysql_query($sql_query) or mysql_die('', '', '', $err_url); $sql_query = $query_cpy . ';'; unset($query_cpy); $message = $strTable . ' ' . htmlspecialchars($table) . ' ' . $strHasBeenCreated; @@ -198,11 +208,11 @@ else { } // No table name if (!isset($table) || trim($table) == '') { - mysql_die($strTableEmpty); + mysql_die($strTableEmpty, '', '', $err_url); } // No valid number of fields else if (empty($num_fields) || !is_int($num_fields)) { - mysql_die($strFieldsEmpty); + mysql_die($strFieldsEmpty, '', '', $err_url); } // Table name and number of fields are valid -> show the form else { @@ -211,7 +221,7 @@ else { $table = stripslashes($table); } if (MYSQL_INT_VERSION < 32306) { - check_reserved_words($table); + check_reserved_words($table, $err_url); } $action = 'tbl_create.php3'; diff --git a/tbl_dump.php3 b/tbl_dump.php3 index af7929977..81bf91b45 100755 --- a/tbl_dump.php3 +++ b/tbl_dump.php3 @@ -66,6 +66,16 @@ require('./libraries/build_dump.lib.php3'); require('./libraries/zip.lib.php3'); +/** + * Defines the url to return to in case of error in a sql statement + */ +$err_url = 'tbl_properties.php3' + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db) + . (isset($table) ? '&table=' . urlencode($table) : ''); + + /** * Increase time limit for script execution and initializes some variables */ @@ -196,7 +206,7 @@ else { . $crlf . '#' . $crlf . '# ' . $strTableStructure . ' ' . $formatted_table_name . $crlf . '#' . $crlf . $crlf - . get_table_def($db, $table, $crlf) . ';' . $crlf; + . get_table_def($db, $table, $crlf, $err_url) . ';' . $crlf; } // At least data if (($what == 'data') || ($what == 'dataonly')) { @@ -207,7 +217,7 @@ else { if (!isset($limit_from) || !isset($limit_to)) { $limit_from = $limit_to = 0; } - get_table_content($db, $table, $limit_from, $limit_to, 'my_handler'); + get_table_content($db, $table, $limit_from, $limit_to, 'my_handler', $err_url); $dump_buffer .= $tmp_buffer; } // end if $i++; @@ -235,7 +245,7 @@ else { } // end if $tmp_buffer = ''; - get_table_csv($db, $table, $limit_from, $limit_to, $separator, $enclosed, $escaped, 'my_csvhandler'); + get_table_csv($db, $table, $limit_from, $limit_to, $separator, $enclosed, $escaped, 'my_csvhandler', $err_url); $dump_buffer .= $tmp_buffer; } // end 'csv case } // end building the dump diff --git a/tbl_printview.php3 b/tbl_printview.php3 index 42b2f8629..a7b6265ad 100755 --- a/tbl_printview.php3 +++ b/tbl_printview.php3 @@ -9,6 +9,16 @@ require('./libraries/grab_globals.lib.php3'); require('./header.inc.php3'); +/** + * Defines the url to return to in case of error in a sql statement + */ +$err_url = 'tbl_properties.php3' + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db) + . '&table=' . urlencode($table); + + /** * Selects the database */ @@ -21,13 +31,13 @@ mysql_select_db($db); // The 'show table' statement works correct since 3.23.03 if (MYSQL_INT_VERSION >= 32303) { $local_query = 'SHOW TABLE STATUS LIKE \'' . sql_addslashes($table, TRUE) . '\''; - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); $showtable = mysql_fetch_array($result); $num_rows = (isset($showtable['Rows']) ? $showtable['Rows'] : 0); $show_comment = (isset($showtable['Comment']) ? $showtable['Comment'] : ''); } else { $local_query = 'SELECT COUNT(*) AS count FROM ' . backquote($table); - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); $showtable = array(); $num_rows = mysql_result($result, 0, 'count'); $show_comment = ''; @@ -39,7 +49,7 @@ mysql_free_result($result); * Gets table keys and retains them */ $local_query = 'SHOW KEYS FROM ' . backquote($table); -$result = mysql_query($local_query) or mysql_die('', $local_query); +$result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); $primary = ''; $prev_key = ''; $prev_seq = 0; @@ -71,7 +81,7 @@ mysql_free_result($result); * Gets fields properties */ $local_query = 'SHOW FIELDS FROM ' . backquote($table); -$result = mysql_query($local_query) or mysql_die('', $local_query); +$result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); $fields_cnt = mysql_num_rows($result); diff --git a/tbl_properties.php3 b/tbl_properties.php3 index ca758bdc1..b6672db60 100755 --- a/tbl_properties.php3 +++ b/tbl_properties.php3 @@ -3,12 +3,31 @@ /** - * Gets some core libraries, ensures the database and the table exist (else - * move to the "parent" script) and diplays headers + * Gets some core libraries */ require('./libraries/grab_globals.lib.php3'); require('./libraries/common.lib.php3'); require('./libraries/bookmark.lib.php3'); + + +/** + * Defines the urls to return to in case of error in a sql statement + */ +$err_url_0 = 'db_details.php3' + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db); +$err_url = 'tbl_properties.php3' + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db) + . '&table=' . urlencode($table); + + +/** + * Ensures the database and the table exist (else move to the "parent" script) + * and diplays headers + */ // Not a valid db name -> back to the welcome page if (!empty($db)) { $is_db = @mysql_select_db($db); @@ -86,17 +105,17 @@ if (isset($submitcomment)) { } if (empty($prev_comment) || urldecode($prev_comment) != $comment) { $local_query = 'ALTER TABLE ' . backquote($table) . ' COMMENT = \'' . sql_addslashes($comment) . '\''; - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); } } if (isset($submittype)) { $local_query = 'ALTER TABLE ' . backquote($table) . ' TYPE = ' . $tbl_type; - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); } if (isset($submitorderby) && !empty($order_field)) { $order_field = backquote(urldecode($order_field)); $local_query = 'ALTER TABLE ' . backquote($table) . 'ORDER BY ' . $order_field; - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url); } @@ -107,14 +126,14 @@ if (isset($submitorderby) && !empty($order_field)) { // The 'show table' statement works correct since 3.23.03 if (MYSQL_INT_VERSION >= 32303) { $local_query = 'SHOW TABLE STATUS LIKE \'' . sql_addslashes($table, TRUE) . '\''; - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url_0); $showtable = mysql_fetch_array($result); $tbl_type = strtoupper($showtable['Type']); $num_rows = (isset($showtable['Rows']) ? $showtable['Rows'] : 0); $show_comment = (isset($showtable['Comment']) ? $showtable['Comment'] : ''); } else { $local_query = 'SELECT COUNT(*) AS count FROM ' . backquote($table); - $result = mysql_query($local_query) or mysql_die('', $local_query); + $result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url_0); $showtable = array(); $num_rows = mysql_result($result, 0, 'count'); $show_comment = ''; @@ -171,7 +190,7 @@ if (!empty($show_comment)) { // 2. Gets table keys and retains them $local_query = 'SHOW KEYS FROM ' . backquote($table); -$result = mysql_query($local_query) or mysql_die('', $local_query); +$result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url_0); $primary = ''; $prev_key = ''; $prev_seq = 0; @@ -201,7 +220,7 @@ mysql_free_result($result); // 3. Get fields $local_query = 'SHOW FIELDS FROM ' . backquote($table); -$result = mysql_query($local_query) or mysql_die('', $local_query); +$result = mysql_query($local_query) or mysql_die('', $local_query, '', $err_url_0); $fields_cnt = mysql_num_rows($result); diff --git a/tbl_rename.php3 b/tbl_rename.php3 index 45077fff3..4a22b50d2 100755 --- a/tbl_rename.php3 +++ b/tbl_rename.php3 @@ -10,6 +10,16 @@ $js_to_run = 'functions.js'; require('./libraries/common.lib.php3'); +/** + * Defines the url to return to in case of error in a sql statement + */ +$err_url = 'tbl_properties.php3' + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db) + . '&table=' . urlencode($table); + + /** * A new name has been submitted -> do the work */ @@ -20,13 +30,13 @@ if (isset($new_name) && trim($new_name) != '') { $new_name = stripslashes($new_name); } if (MYSQL_INT_VERSION < 32306) { - check_reserved_words($new_name); + check_reserved_words($new_name, $err_url); } include('./header.inc.php3'); mysql_select_db($db); $sql_query = 'ALTER TABLE ' . backquote($old_name) . ' RENAME ' . backquote($new_name); - $result = mysql_query($sql_query) or mysql_die(); + $result = mysql_query($sql_query) or mysql_die('', '', '', $err_url); $message = sprintf($strRenameTableOK, $old_name, $table); $reload = 1; } @@ -37,7 +47,7 @@ if (isset($new_name) && trim($new_name) != '') { */ else { include('./header.inc.php3'); - mysql_die($strTableEmpty); + mysql_die($strTableEmpty, '', '', $err_url); } diff --git a/tbl_replace.php3 b/tbl_replace.php3 index 9762c0a01..e09943d47 100755 --- a/tbl_replace.php3 +++ b/tbl_replace.php3 @@ -25,6 +25,12 @@ if ($goto == 'sql.php3') { . '&pos=' . $pos . '&sql_query=' . urlencode($sql_query); } +// Defines the url to return in case of failure of the query +if (isset($url_err)) { + $url_err = urldecode($url_err); +} else { + $url_err = $goto; +} // Resets tables defined in the configuration file reset($fields); reset($funcs); @@ -102,11 +108,11 @@ if (isset($primary_key) && ($submit_type != $strInsertAsNewRow)) { } // end while // Builds the sql upate query - $valuelist = ereg_replace(', $', '', $valuelist); + $valuelist = ereg_replace(', $', '', $valuelist); if (!empty($valuelist)) { - $query = 'UPDATE ' . backquote($table) . ' SET ' . $valuelist . ' WHERE' . $primary_key - . ((MYSQL_INT_VERSION >= 32300) ? ' LIMIT 1' : ''); - $message = $strAffectedRows . ' '; + $query = 'UPDATE ' . backquote($table) . ' SET ' . $valuelist . ' WHERE' . $primary_key + . ((MYSQL_INT_VERSION >= 32300) ? ' LIMIT 1' : ''); + $message = $strAffectedRows . ' '; } // No change -> move back to the calling script else { @@ -199,7 +205,7 @@ $result = mysql_query($query); if (!$result) { $error = mysql_error(); include('./header.inc.php3'); - mysql_die($error); + mysql_die($error, '', '', $url_err); } else { if (@mysql_affected_rows()) { $message .= @mysql_affected_rows(); diff --git a/tbl_select.php3 b/tbl_select.php3 index 5114f150c..8dfceccf7 100755 --- a/tbl_select.php3 +++ b/tbl_select.php3 @@ -9,6 +9,16 @@ require('./libraries/grab_globals.lib.php3'); require('./libraries/common.lib.php3'); +/** + * Defines the url to return to in case of error in a sql statement + */ +$err_url = $goto + . '?lang=' . $lang + . '&server=' . $server + . '&db=' . urlencode($db) + . '&table=' . urlencode($table); + + /** * Not selection yet required -> displays the selection form */ @@ -16,7 +26,7 @@ if (!isset($param) || $param[0] == '') { include('./header.inc.php3'); $result = @mysql_list_fields($db, $table); if (!$result) { - mysql_die('', 'mysql_list_fields(' . $db . ', ' . $table . ')'); + mysql_die('', 'mysql_list_fields(' . $db . ', ' . $table . ')', '', $err_url); } else { // Gets the list and number of fields diff --git a/user_details.php3 b/user_details.php3 index 8ddd31596..ca63c062f 100644 --- a/user_details.php3 +++ b/user_details.php3 @@ -9,6 +9,16 @@ require('./libraries/grab_globals.lib.php3'); require('./libraries/common.lib.php3'); +/** + * Defines the url to return to in case of error in a sql statement + */ +$err_url = 'user_details.php3' + . '?lang=' . $lang + . '&server=' . $server + . '&db=mysql' + . '&table=user'; + + /** * Displays the table of grants for an user * @@ -707,7 +717,7 @@ function check_rights() { $result = @mysql_query('USE mysql'); if (mysql_error()) { - mysql_die($GLOBALS['strNoRights'], '', FALSE, FALSE); + mysql_die($GLOBALS['strNoRights'], '', FALSE, ''); } return true; @@ -1054,7 +1064,7 @@ else if (isset($submit_addUser)) { $sql_query = 'INSERT INTO mysql.user ' . 'SET host = \'' . sql_addslashes($host) . '\', user = \'' . sql_addslashes($pma_user) . '\', password = ' . (empty($pma_pw) ? '\'\'' : 'PASSWORD(\'' . sql_addslashes($pma_pw) . '\')') . ', ' . $sql_query; - $result = @mysql_query($sql_query) or mysql_die('', '', FALSE); + $result = @mysql_query($sql_query) or mysql_die('', '', FALSE, $err_url); unset($host); unset($pma_user); show_message($strAddUserMessage . '
' . $strRememberReload); @@ -1126,7 +1136,7 @@ else if (isset($submit_updProfile)) { // Updates profile $sql_query = 'UPDATE user SET ' . $sql_query . $common_where; $sql_query_cpy = $sql_query; - $result = @mysql_query($sql_query) or mysql_die('', '', FALSE); + $result = @mysql_query($sql_query) or mysql_die('', '', FALSE, $err_url . '&host=' . urlencode($host) . '&pma_user=' . urlencode($pma_user) . '&edit=1'); // Updates grants if (isset($new_server) || isset($new_user)) { @@ -1189,7 +1199,7 @@ else if (isset($submit_chgPriv)) { $sql_query = 'UPDATE user SET ' . $sql_query . ' WHERE host = \'' . sql_addslashes($host) . '\' AND user = \'' . sql_addslashes($pma_user) . '\''; - $result = @mysql_query($sql_query) or mysql_die('', '', FALSE); + $result = @mysql_query($sql_query) or mysql_die('', '', FALSE, $err_url . '&host=' . urlencode($host) . '&pma_user=' . urlencode($pma_user) . '&edit=1'); show_message(sprintf($strUpdatePrivMessage, '' . $pma_user . '@' . $host . '') . '
' . $strRememberReload); } @@ -1237,7 +1247,7 @@ else if (isset($grants) && $grants) { $sql_query .= ' TO ' . '\'' . sql_addslashes($pma_user) . '\'' . '@' . '\'' . sql_addslashes($host) . '\''; $sql_query = 'GRANT ' . $sql_query; - $result = @mysql_query($sql_query) or mysql_die('', '', FALSE); + $result = @mysql_query($sql_query) or mysql_die('', '', FALSE, $err_url . '&host=' . urlencode($host) . '&pma_user=' . urlencode($pma_user) . '&grants=1'); show_message($strAddPrivMessage); } // end if } @@ -1281,7 +1291,7 @@ else { if (!isset($pma_user)) { $pma_user = FALSE; } - table_users($host, $pma_user) or mysql_die($strNoUsersFound, '', FALSE, FALSE); + table_users($host, $pma_user) or mysql_die($strNoUsersFound, '', FALSE, ''); normal_operations(); }