nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* Fixed some bugs with the bookmark feature

Browse Source 
* and some coding inconcistencies
This commit is contained in:
Loïc Chapeaux
2001-08-03 14:01:02 +00:00
parent 5fb3f14321
commit f1242cf79d
3 changed files with 142 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
db_readdump.php3
View File

@@ -55,7 +55,7 @@ if ($sql_file != 'none') {
} }
} }
} }
else if (get_magic_quotes_gpc() == 1) { else if (empty($id_bookmark) && get_magic_quotes_gpc() == 1) {
$sql_query = stripslashes($sql_query); $sql_query = stripslashes($sql_query);
} }
$sql_query = trim($sql_query); $sql_query = trim($sql_query);
@@ -97,9 +97,9 @@ if ($sql_query != '') {
$a_sql_query = trim($pieces[$i]); $a_sql_query = trim($pieces[$i]);
if (!empty($a_sql_query) && $a_sql_query[0] != '#') { if (!empty($a_sql_query) && $a_sql_query[0] != '#') {
$result = mysql_query($a_sql_query); $result = mysql_query($a_sql_query);
if ($result==false) { // readdump failed if ($result == FALSE) { // readdump failed
$my_die=$a_sql_query; $my_die = $a_sql_query;
break; break;
} }
} }
if (!isset($reload) && eregi('^(DROP|CREATE) +(TABLE|DATABASE) (.+)', $a_sql_query)) { if (!isset($reload) && eregi('^(DROP|CREATE) +(TABLE|DATABASE) (.+)', $a_sql_query)) {
@@ -116,7 +116,9 @@ if ($sql_query != '') {
// Copy the original query back for display purposes // Copy the original query back for display purposes
$sql_query = $sql_query_cpy; $sql_query = $sql_query_cpy;
include('./header.inc.php3'); include('./header.inc.php3');
if (isset($my_die)) mysql_die('', $my_die); if (isset($my_die)) {
mysql_die('', $my_die);
}
$message = $strSuccess; $message = $strSuccess;
require('./db_details.php3'); require('./db_details.php3');
?> ?>

266
lib.inc.php3
View File

@@ -2,11 +2,11 @@
/* $Id$ */ /* $Id$ */
if (!defined('__LIB_INC__')){ if (!defined('__LIB_INC__')){
define('__LIB_INC__', 1); define('__LIB_INC__', 1);
/* Order of sections for lib.inc.php3 /**
* Order of sections for lib.inc.php3:
* *
* in PHP3, functions and constants must be physically defined * in PHP3, functions and constants must be physically defined
* before they are referenced * before they are referenced
@@ -14,33 +14,37 @@ if (!defined('__LIB_INC__')){
* some functions need the constants of defines.inc.php3 * some functions need the constants of defines.inc.php3
* *
* the include of defines.inc.php3 must be after the connection to db * the include of defines.inc.php3 must be after the connection to db
* *
* the auth() function must be before the connection to db * the auth() function must be before the connection to db
* *
* the mysql_die() function must be before the connection to db but after
* mysql extension has been loaded
*
* ... so the required order is: * ... so the required order is:
* *
* - definition of auth() * - definition of auth()
* - parsing of the configuration file * - parsing of the configuration file
* - load of mysql extension (if necessary) * - load of mysql extension (if necessary)
* - definition of mysql_die()
* - db connection * - db connection
* - defines.inc.php3 * - defines.inc.php3
* - other functions, respecting dependencies * - other functions, respecting dependencies
*/ */
/* avoid undefined variables in PHP3
*
*/
if (!isset($use_backquotes)) { /**
$use_backquotes=0; * Avoids undefined variables in PHP3
} */
if (!isset($pos)) { if (!isset($use_backquotes)) {
$pos=0; $use_backquotes = 0;
} }
if (!isset($cfgProtectBlob)) { if (!isset($pos)) {
$cfgProtectBlob=FALSE; $pos = 0;
} }
/* ---------------------- Advanced authentification -------------------- */ if (!isset($cfgProtectBlob)) {
$cfgProtectBlob = FALSE;
}
/** /**
* Advanced authentication work * Advanced authentication work
@@ -72,6 +76,7 @@ if (!defined('__LIB_INC__')){
exit(); exit();
} // end of the 'auth()' function } // end of the 'auth()' function
/** /**
* Parses the configuration file * Parses the configuration file
*/ */
@@ -111,6 +116,40 @@ if (!defined('__LIB_INC__')){
} // end load mysql extension } // end load mysql extension
/**
* Displays a MySQL error message in the right frame.
*
* @param string the error mesage
* @param string the sql query that failed
*/
function mysql_die($error_message = '', $the_query = '')
{
global $sql_query;
if (empty($error_message)) {
$error_message = mysql_error();
}
if (empty($the_query)) {
$the_query = $GLOBALS['sql_query'];
}
echo '<b>'. $GLOBALS['strError'] . '</b>' . "\n";
echo '<p>' . "\n";
if (!empty($the_query)) {
$edit_link = '<a href="db_details.php3?lang=' . $GLOBALS['lang'] . '&server=' . urlencode($GLOBALS['server']) . '&db=' . urlencode($GLOBALS['db']) . '&sql_query=' . urlencode($the_query) . '&show_query=y">' . $GLOBALS['strEdit'] . '</a>';
echo ' ' . $GLOBALS['strSQLQuery'] . '&nbsp;:&nbsp;[' . $edit_link . ']<pre>' . htmlspecialchars($the_query) . '</pre>' . "\n";
}
echo '</p>' . "\n";
echo '<p>' . "\n";
echo ' ' . $GLOBALS['strMySQLSaid'] . '&nbsp;' . htmlspecialchars($error_message) . "\n";
echo '</p>' . "\n";
echo '<a href="javascript:history.go(-1)">' . $GLOBALS['strBack'] . '</a>';
include('./footer.inc.php3');
exit();
} // end of the 'mysql_die()' function
/** /**
* Use mysql_connect() or mysql_pconnect()? * Use mysql_connect() or mysql_pconnect()?
*/ */
@@ -157,7 +196,7 @@ if (!defined('__LIB_INC__')){
$dblist[] = $cfgServer['only_db']; $dblist[] = $cfgServer['only_db'];
} }
// Advanced authentification is required // Advanced authentication is required
if ($cfgServer['adv_auth']) { if ($cfgServer['adv_auth']) {
// Grabs the $PHP_AUTH_USER variable whatever are the values of the // Grabs the $PHP_AUTH_USER variable whatever are the values of the
// 'register_globals' and the 'variables_order' directives // 'register_globals' and the 'variables_order' directives
@@ -197,7 +236,7 @@ if (!defined('__LIB_INC__')){
$old_usr = $HTTP_GET_VARS['old_usr']; $old_usr = $HTTP_GET_VARS['old_usr'];
} }
// First load -> checks if authentification is required // First load -> checks if authentication is required
if (!isset($old_usr)) { if (!isset($old_usr)) {
if (empty($PHP_AUTH_USER)) { if (empty($PHP_AUTH_USER)) {
$do_auth = TRUE; $do_auth = TRUE;
@@ -215,7 +254,7 @@ if (!defined('__LIB_INC__')){
} }
} }
// Calls the authentification window or validates user's login // Calls the authentication window or validates user's login
if ($do_auth) { if ($do_auth) {
auth(); auth();
} else { } else {
@@ -305,7 +344,7 @@ if (!defined('__LIB_INC__')){
// Validation achived -> store user's login/password // Validation achived -> store user's login/password
$cfgServer['user'] = $PHP_AUTH_USER; $cfgServer['user'] = $PHP_AUTH_USER;
$cfgServer['password'] = $PHP_AUTH_PW; $cfgServer['password'] = $PHP_AUTH_PW;
} // end Advanced authentification } // end Advanced authentication
// Do connect to the user's database // Do connect to the user's database
if (empty($cfgServer['port'])) { if (empty($cfgServer['port'])) {
@@ -322,6 +361,7 @@ if (!defined('__LIB_INC__')){
echo $strHostEmpty; echo $strHostEmpty;
} }
/** /**
* Gets constants that defines the PHP, MySQL... releases. * Gets constants that defines the PHP, MySQL... releases.
* This include must be located physically before any code that * This include must be located physically before any code that
@@ -438,40 +478,6 @@ if (!defined('__LIB_INC__')){
} // end of the 'count_records()' function } // end of the 'count_records()' function
/**
* Displays a MySQL error message in the right frame.
*
* @param string the error mesage
* @param string the sql query that failed
*/
function mysql_die($error_message = '', $the_query = '')
{
global $sql_query;
if (empty($error_message)) {
$error_message = mysql_error();
}
if (empty($the_query)) {
$the_query = $GLOBALS['sql_query'];
}
echo '<b>'. $GLOBALS['strError'] . '</b>' . "\n";
echo '<p>' . "\n";
if (!empty($the_query)) {
$edit_link = '<a href="db_details.php3?lang=' . $GLOBALS['lang'] . '&server=' . urlencode($GLOBALS['server']) . '&db=' . urlencode($GLOBALS['db']) . '&sql_query=' . urlencode($the_query) . '&show_query=y">' . $GLOBALS['strEdit'] . '</a>';
echo ' ' . $GLOBALS['strSQLQuery'] . '&nbsp;:&nbsp;[' . $edit_link . ']<pre>' . htmlspecialchars($the_query) . '</pre>' . "\n";
}
echo '</p>' . "\n";
echo '<p>' . "\n";
echo ' ' . $GLOBALS['strMySQLSaid'] . '&nbsp;' . htmlspecialchars($error_message) . "\n";
echo '</p>' . "\n";
echo '<a href="javascript:history.go(-1)">' . $GLOBALS['strBack'] . '</a>';
include('./footer.inc.php3');
exit();
} // end of the 'mysql_die()' function
/** /**
* Displays a message at the top of the "main" (right) frame * Displays a message at the top of the "main" (right) frame
* *
@@ -1454,7 +1460,7 @@ var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $GLOBALS['strNotValidNumbe
* Last revision: 2nd August 2001 - Benjamin Gandon * Last revision: 2nd August 2001 - Benjamin Gandon
* *
* @param string the sql commands * @param string the sql commands
* @param char the end of command line delimiter * @param string the end of command line delimiter
* *
* @return array the splitted sql commands * @return array the splitted sql commands
*/ */
@@ -1472,7 +1478,7 @@ var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $GLOBALS['strNotValidNumbe
$char = $sql[$i]; $char = $sql[$i];
// if delimiter found, add the parsed part to the returned array // if delimiter found, add the parsed part to the returned array
if (($char == $delimiter) && !$in_string) { if ($char == $delimiter && !$in_string) {
$ret[] = substr($sql, 0, $i); $ret[] = substr($sql, 0, $i);
$sql = substr($sql, $i + 1); $sql = substr($sql, $i + 1);
$i = 0; $i = 0;
@@ -1480,7 +1486,7 @@ var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $GLOBALS['strNotValidNumbe
} }
if ($in_string) { if ($in_string) {
// we are in a string, first check for escaped backslashes // We are in a string, first check for escaped backslashes
if ($char == '\\') { if ($char == '\\') {
if ($last_char != '\\') { if ($last_char != '\\') {
$escaped_backslash = FALSE; $escaped_backslash = FALSE;
@@ -1553,28 +1559,27 @@ var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $GLOBALS['strNotValidNumbe
/** /**
* Defines the bookmark parameters for the current user * Defines the bookmark parameters for the current user
* *
* @return array the bookmark parameters for the current user
*
* @global array the list of settings for the current server * @global array the list of settings for the current server
* @global integer the id of the current server * @global integer the id of the current server
*
* @return array the bookmark parameters for the current user
*/ */
function get_bookmarks_param() function get_bookmarks_param()
{ {
global $cfgServer; global $cfgServer;
global $server; global $server;
$cfgBookmark=false;
$cfgBookmark="";
// No server selected -> no bookmark table
$cfgBookmark = FALSE;
$cfgBookmark = '';
// No server selected -> no bookmark table
if ($server == 0) { if ($server == 0) {
return ''; return '';
} }
$cfgBookmark['user']=$cfgServer['user']; $cfgBookmark['user'] = $cfgServer['user'];
$cfgBookmark['db']=$cfgServer['bookmarkdb']; $cfgBookmark['db'] = $cfgServer['bookmarkdb'];
$cfgBookmark['table']=$cfgServer['bookmarktable']; $cfgBookmark['table'] = $cfgServer['bookmarktable'];
return $cfgBookmark; return $cfgBookmark;
} // end of the 'get_bookmarks_param()' function } // end of the 'get_bookmarks_param()' function
@@ -1585,38 +1590,32 @@ var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $GLOBALS['strNotValidNumbe
* *
* @param string the current database name * @param string the current database name
* @param array the bookmark parameters for the current user * @param array the bookmark parameters for the current user
* @global link a MySQL link identifier
* *
* @return array the bookmarks list * @return mixed the bookmarks list if defined, false else
*/ */
function list_bookmarks($db, $cfgBookmark) function list_bookmarks($db, $cfgBookmark)
{ {
global $dbh; $query = 'SELECT label, id FROM '. backquote($cfgBookmark['db']) . '.' . backquote($cfgBookmark['table'])
. ' WHERE dbase = \'' . sql_addslashes($db) . '\''
$query ='SELECT label, id FROM '.backquote($cfgBookmark['db']).'.'.backquote($cfgBookmark['table']) . ' AND user = \'' . sql_addslashes($cfgBookmark['user']) . '\'';
.' WHERE dbase=\'' . str_replace('\'', '\\\'', $db) . '\'' if (isset($GLOBALS['dbh'])) {
.' AND user = \'' . str_replace('\'', '\\\'', $cfgBookmark['user']) . '\''; $result = mysql_query($query, $GLOBALS['dbh']);
} else {
$result = mysql_query($query);
}
if(isset($dbh))
$result=mysql_query($query,$dbh);
else
$result=mysql_query($query);
// There is some bookmarks -> store them // There is some bookmarks -> store them
if($result>0 && mysql_num_rows($result)>0) if ($result > 0 && mysql_num_rows($result) > 0) {
{
$flag = 1; $flag = 1;
while($row = mysql_fetch_row($result)) while ($row = mysql_fetch_row($result)) {
{ $bookmark_list[$flag . ' - ' . $row[0]] = $row[1];
$bookmark_list["$flag - ".$row[0]] = $row[1];
$flag++; $flag++;
} } // end while
return $bookmark_list;
return $bookmark_list;
} }
// No bookmarks for the current database // No bookmarks for the current database
else { else {
return false; return FALSE;
} }
} // end of the 'list_bookmarks()' function } // end of the 'list_bookmarks()' function
@@ -1627,58 +1626,43 @@ var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $GLOBALS['strNotValidNumbe
* @param string the current database name * @param string the current database name
* @param array the bookmark parameters for the current user * @param array the bookmark parameters for the current user
* @param integer the id of the bookmark to get * @param integer the id of the bookmark to get
* @global link a MySQL link identifier
* *
* @return string the sql query * @return string the sql query
*/ */
function query_bookmarks($db, $cfgBookmark, $id) function query_bookmarks($db, $cfgBookmark, $id)
{ {
global $dbh; $query = 'SELECT query FROM ' . backquote($cfgBookmark['db']) . '.' . backquote($cfgBookmark['table'])
. ' WHERE dbase = \'' . sql_addslashes($db) . '\''
$query ='SELECT query FROM '.backquote($cfgBookmark['db']).'.'.backquote($cfgBookmark['table']) . ' AND user = \'' . sql_addslashes($cfgBookmark['user']) . '\''
.' WHERE dbase=\'' . str_replace('\'', '\\\'', $db) . '\'' . ' AND id = ' . $id;
.' AND user = \'' . str_replace('\'', '\\\'', $cfgBookmark['user']) . '\'' if (isset($GLOBALS['dbh'])) {
.' AND id = '.$id; $result = mysql_query($query, $GLOBALS['dbh']);
} else {
if(isset($dbh)) $result = mysql_query($query);
$result=mysql_query($query,$dbh); }
else $bookmark_query = mysql_result($result, 0, 'query');
$result=mysql_query($query);
$bookmark_query=mysql_result($result,0,"query");
$bookmark_query=urldecode($bookmark_query);
$bookmark_query=str_replace('\'', '\\\'', $bookmark_query);
return $bookmark_query; return $bookmark_query;
} // end of the 'query_bookmarks()' function } // end of the 'query_bookmarks()' function
/** /**
* Add a bookmark * Adds a bookmark
* *
* @param string the current database name * @param array the properties of the bookmark to add
* @param array the bookmark parameters for the current user * @param array the bookmark parameters for the current user
* @param integer the id of the bookmark to get
* @global link a MySQL link identifier
*
* @return string the sql query
*/ */
function add_bookmarks($fields, $cfgBookmark) function add_bookmarks($fields, $cfgBookmark)
{ {
global $dbh; $query = 'INSERT INTO ' . backquote($cfgBookmark['db']) . '.' . backquote($cfgBookmark['table'])
. ' (id, dbase, user, query, label) VALUES (\'\', \'' . sql_addslashes($fields['dbase']) . '\', \'' . sql_addslashes($fields['user']) . '\', \'' . sql_addslashes(urldecode($fields['query'])) . '\', \'' . sql_addslashes($fields['label']) . '\')';
$query ='INSERT INTO '.backquote($cfgBookmark['db']).'.'.backquote($cfgBookmark['table']) if (isset($GLOBALS['dbh'])) {
.' (id, dbase, user, query, label) VALUES (' $result = mysql_query($query, $GLOBALS['dbh']);
.' \'\',' } else {
.' \''.str_replace('\'', '\\\'', $fields['dbase']).'\',' $result = mysql_query($query);
.' \''.str_replace('\'', '\\\'', $fields['user']).'\',' }
.' \''.str_replace('\'', '\\\'', $fields['query']).'\',' } // end of the 'add_bookmarks()' function
.' \''.str_replace('\'', '\\\'', $fields['label']).'\' )';
if(isset($dbh))
$result=mysql_query($query,$dbh);
else
$result=mysql_query($query);
} // end of the 'add_bookmarks()' function
/** /**
* Deletes a bookmark * Deletes a bookmark
@@ -1686,29 +1670,23 @@ var errorMsg2 = '<?php echo(str_replace('\'', '\\\'', $GLOBALS['strNotValidNumbe
* @param string the current database name * @param string the current database name
* @param array the bookmark parameters for the current user * @param array the bookmark parameters for the current user
* @param integer the id of the bookmark to get * @param integer the id of the bookmark to get
* @global link a MySQL link identifier
*
* @return string the sql query
*/ */
function delete_bookmarks($db, $cfgBookmark, $id) function delete_bookmarks($db, $cfgBookmark, $id)
{ {
global $dbh; $query = 'DELETE FROM ' . backquote($cfgBookmark['db']) . '.' . backquote($cfgBookmark['table'])
. ' WHERE user = \'' . sql_addslashes($cfgBookmark['user']) . '\''
$query ='DELETE FROM '.backquote($cfgBookmark['db']).'.'.backquote($cfgBookmark['table']) . ' AND id = ' . $id;
.' WHERE user = \'' . str_replace('\'', '\\\'', $cfgBookmark['user']) . '\'' if (isset($GLOBALS['dbh'])) {
.' AND id = '.$id; $result = mysql_query($query, $GLOBALS['dbh']);
} else {
if(isset($dbh)) $result = mysql_query($query);
$result=mysql_query($query,$dbh); }
else
$result=mysql_query($query);
} // end of the 'delete_bookmarks()' function } // end of the 'delete_bookmarks()' function
/* -------------------- End of functions definitions ------------------- */ /* -------------------- End of functions definitions ------------------- */
/** /**
* Bookmark Support * Bookmark Support
*/ */

23
sql.php3
View File

@@ -8,14 +8,19 @@
require('./grab_globals.inc.php3'); require('./grab_globals.inc.php3');
require('./lib.inc.php3'); require('./lib.inc.php3');
/** /**
* Bookmark Add * Bookmark add
*/ */
if(isset($bookmarkthis)) { if (isset($store_bkm)) {
add_bookmarks($fields, $cfgBookmark); if (get_magic_quotes_gpc()) {
Header("Location: $goto"); $fields['label'] = stripslashes($fields['label']);
}
add_bookmarks($fields, $cfgBookmark);
header('Location: ' . $goto);
} }
/** /**
* Gets the true sql query * Gets the true sql query
*/ */
@@ -216,7 +221,6 @@ else {
} }
echo ' <br /><br />' . "\n"; echo ' <br /><br />' . "\n";
echo ' ' . $strBookmarkLabel . '&nbsp;:' . "\n"; echo ' ' . $strBookmarkLabel . '&nbsp;:' . "\n";
$goto = 'sql.php3' $goto = 'sql.php3'
. '?lang=' . $lang . '?lang=' . $lang
. '&server=' . urlencode($server) . '&server=' . urlencode($server)
@@ -227,11 +231,10 @@ else {
. '&id_bookmark=1'; . '&id_bookmark=1';
?> ?>
<input type="hidden" name="goto" value="<?php echo $goto; ?>" /> <input type="hidden" name="goto" value="<?php echo $goto; ?>" />
<input type="hidden" name="bookmarkthis" value="true" /> <input type="hidden" name="fields[dbase]" value="<?php echo $db; ?>" />
<input type="hidden" name="fields[dbase]" value="<?php echo $db;?>" /> <input type="hidden" name="fields[user]" value="<?php echo $cfgBookmark['user']; ?>" />
<input type="hidden" name="fields[user]" value="<?php echo $cfgBookmark['user'];?>" /> <input type="hidden" name="fields[query]" value="<?php echo isset($sql_query) ? urlencode($full_sql_query) : ''; ?>" />
<input type="hidden" name="fields[query]" value="<?php echo isset($sql_query) ? urlencode($sql_query) : "";?>" /> <input type="text" name="fields[label]" value="" />
<input type="text" name="fields[label]" value="">
<input type="submit" name="store_bkm" value="<?php echo $strBookmarkThis; ?>" /> <input type="submit" name="store_bkm" value="<?php echo $strBookmarkThis; ?>" />
</form> </form>
<?php <?php