diff --git a/ChangeLog b/ChangeLog index 8420e8175..5b2060ef9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,11 +11,22 @@ $HeadURL$ - bug #1541147 [js] '#' in database names not correctly handled by queywindow.js - bug #1671403 [parser] using "client" as table name - bug #1672379 [core] Call to undefined function PMA_removeCookie() +- bug [core] undefined variable in libraries/tbl_replace_fields.inc.php +- bug [gui] query window icon did not work, thanks to Jürgen Wind - windkiel . [general] use PMA_getenv('PHP_SELF') - bug #1676033 [core] pow(int,int) causes overflow - bug #1680952 [core] undefined function PMA_getUvaCondition() - bug #1596328 [export] drop support for POSTGRESQL compatibility mode - bug #1609443 [privileges] Grant all priv. on wildcard name (fix message) +- bug #1567317 [sqp] Syntax highlighter: extra spaces +- bug #1239401 [sqp] table dot numeric field name +- bug #1672789 [sqp] Undefined offset: 4 in sqlparser.lib.php #1674 +- bug #1682044 [export] Export file even if file not selected +- bug #1664212 querywindow loses url encoded characters ++ [config] clean cookies on phpMyAdmin upgrade +- bug #1674972 [export] no export with %afm% +- bug #1667887 HTML maxlength +- bug #1679055 #1050 - Table '' already exists 2.10.0.3 (not released yet) ===================== diff --git a/export.php b/export.php index 74eac1cc8..3b2074310 100644 --- a/export.php +++ b/export.php @@ -22,8 +22,39 @@ if (!isset($export_list[$type])) { die('Bad type!'); } +/** + * valid compression methods + */ +$compression_methods = array( + 'zip', + 'gzip', + 'bzip', +); + +/** + * init and variable checking + */ +$compression = false; +$onserver = false; +$save_on_server = false; +$buffer_needed = false; +if (empty($_REQUEST['asfile'])) { + $asfile = false; +} else { + $asfile = true; + if (in_array($_REQUEST['compression'], $compression_methods)) { + $compression = $_REQUEST['compression']; + $buffer_needed = true; + } + if (empty($_REQUEST['onserver'])) { + $onserver = $_REQUEST['onserver']; + // Will we save dump on server? + $save_on_server = ! empty($cfg['SaveDir']) && $onserver; + } +} + // Does export require to be into file? -if (isset($export_list[$type]['force_file']) && ! isset($asfile)) { +if (isset($export_list[$type]['force_file']) && $asfile) { $message = $strExportMustBeFile; $GLOBALS['show_error_header'] = true; $js_to_run = 'functions.js'; @@ -44,7 +75,7 @@ if (isset($export_list[$type]['force_file']) && ! isset($asfile)) { // Generate error url and check for needed variables if ($export_type == 'server') { $err_url = 'server_export.php?' . PMA_generate_common_url(); -} elseif ($export_type == 'database' && isset($db) && strlen($db)) { +} elseif ($export_type == 'database' && strlen($db)) { $err_url = 'db_export.php?' . PMA_generate_common_url($db); // Check if we have something to export if (isset($table_select)) { @@ -52,7 +83,7 @@ if ($export_type == 'server') { } else { $tables = array(); } -} elseif ($export_type == 'table' && isset($db) && strlen($db) && isset($table) && strlen($table)) { +} elseif ($export_type == 'table' && strlen($db) && strlen($table)) { $err_url = 'tbl_export.php?' . PMA_generate_common_url($db, $table); } else { die('Bad parameters!'); @@ -163,22 +194,6 @@ function PMA_exportOutputHandler($line) return TRUE; } // end of the 'PMA_exportOutputHandler()' function -// Will we save dump on server? -$save_on_server = isset($cfg['SaveDir']) && !empty($cfg['SaveDir']) && !empty($onserver); - -// Ensure compressed formats are associated with the download feature -if (empty($asfile)) { - if ($save_on_server) { - $asfile = TRUE; - } elseif (isset($compression) && ($compression == 'zip' | $compression == 'gzip' | $compression == 'bzip')) { - $asfile = TRUE; - } else { - $asfile = FALSE; - } -} else { - $asfile = TRUE; -} - // Defines the default format. For SQL always use \n as MySQL wants this on all platforms. if ($what == 'sql') { $crlf = "\n"; @@ -194,11 +209,8 @@ $output_charset_conversion = $asfile && && isset($charset_of_file) && $charset_of_file != $charset && $type != 'xls'; -// Set whether we will need buffering -$buffer_needed = isset($compression) && ($compression == 'zip' | $compression == 'gzip' | $compression == 'bzip'); - // Use on fly compression? -$onfly_compression = $GLOBALS['cfg']['CompressOnFly'] && isset($compression) && ($compression == 'gzip' | $compression == 'bzip'); +$onfly_compression = $GLOBALS['cfg']['CompressOnFly'] && ($compression == 'gzip' | $compression == 'bzip'); if ($onfly_compression) { $memory_limit = trim(@ini_get('memory_limit')); // 2 MB as default @@ -261,12 +273,12 @@ if ($asfile) { // If dump is going to be compressed, set correct encoding or mime_type and add // compression to extension $content_encoding = ''; - if (isset($compression) && $compression == 'bzip') { + if ($compression == 'bzip') { $filename .= '.bz2'; // browsers don't like this: //$content_encoding = 'x-bzip2'; $mime_type = 'application/x-bzip2'; - } elseif (isset($compression) && $compression == 'gzip') { + } elseif ($compression == 'gzip') { $filename .= '.gz'; // Needed to avoid recompression by server modules like mod_gzip. // It seems necessary to check about zlib.output_compression @@ -275,7 +287,7 @@ if ($asfile) { $content_encoding = 'x-gzip'; $mime_type = 'application/x-gzip'; } - } elseif (isset($compression) && $compression == 'zip') { + } elseif ($compression == 'zip') { $filename .= '.zip'; $mime_type = 'application/zip'; } @@ -564,7 +576,7 @@ if (!empty($asfile)) { // Do the compression // 1. as a gzipped file - if (isset($compression) && $compression == 'zip') { + if ($compression == 'zip') { if (@function_exists('gzcompress')) { $zipfile = new zipfile(); $zipfile -> addFile($dump_buffer, substr($filename, 0, -4)); @@ -572,7 +584,7 @@ if (!empty($asfile)) { } } // 2. as a bzipped file - elseif (isset($compression) && $compression == 'bzip') { + elseif ($compression == 'bzip') { if (@function_exists('bzcompress')) { $dump_buffer = bzcompress($dump_buffer); if ($dump_buffer === -8) { @@ -583,7 +595,7 @@ if (!empty($asfile)) { } } // 3. as a gzipped file - elseif (isset($compression) && $compression == 'gzip') { + elseif ($compression == 'gzip') { if (@function_exists('gzencode')) { // without the optional parameter level because it bug $dump_buffer = gzencode($dump_buffer); diff --git a/libraries/common.lib.php b/libraries/common.lib.php index 16daae8e3..194d710d1 100644 --- a/libraries/common.lib.php +++ b/libraries/common.lib.php @@ -2605,6 +2605,22 @@ if (get_magic_quotes_gpc()) { PMA_arrayWalkRecursive($_REQUEST, 'stripslashes', true); } +/** + * clean cookies on new install or upgrade + * when changing something with increment the cookie version + */ +$pma_cookie_version = 4; +if (isset($_COOKIE) + && (! isset($_COOKIE['pmaCookieVer']) + || $_COOKIE['pmaCookieVer'] < $pma_cookie_version)) { + // delete all cookies + foreach($_COOKIE as $cookie_name => $tmp) { + PMA_removeCookie($cookie_name); + } + $_COOKIE = array(); + PMA_setCookie('pmaCookieVer', $pma_cookie_version); +} + /** * include deprecated grab_globals only if required */ diff --git a/libraries/sqlparser.lib.php b/libraries/sqlparser.lib.php index 5bf99e0ac..8ac96c21d 100644 --- a/libraries/sqlparser.lib.php +++ b/libraries/sqlparser.lib.php @@ -224,6 +224,7 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { $punct_listsep = ','; $punct_level_plus = '('; $punct_level_minus = ')'; + $punct_user = '@'; $digit_floatdecimal = '.'; $digit_hexset = 'x'; $bracket_list = '()[]{}'; @@ -244,11 +245,34 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { $quote_list = '\'"`'; $arraysize = 0; + $previous_was_space = false; + $this_was_space = false; + $previous_was_bracket = false; + $this_was_bracket = false; + $previous_was_punct = false; + $this_was_punct = false; + $previous_was_listsep = false; + $this_was_listsep = false; + $previous_was_quote = false; + $this_was_quote = false; + while ($count2 < $len) { $c = PMA_substr($sql, $count2, 1); $count1 = $count2; + $previous_was_space = $this_was_space; + $this_was_space = false; + $previous_was_bracket = $this_was_bracket; + $this_was_bracket = false; + $previous_was_punct = $this_was_punct; + $this_was_punct = false; + $previous_was_listsep = $this_was_listsep; + $this_was_listsep = false; + $previous_was_quote = $this_was_quote; + $this_was_quote = false; + if (($c == "\n")) { + $this_was_space = true; $count2++; PMA_SQP_arrayAdd($sql_array, 'white_newline', '', $arraysize); continue; @@ -256,6 +280,7 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { // Checks for white space if (PMA_STR_isSpace($c)) { + $this_was_space = true; $count2++; continue; } @@ -337,12 +362,15 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { switch ($quotetype) { case '\'': $type .= 'single'; + $this_was_quote = true; break; case '"': $type .= 'double'; + $this_was_quote = true; break; case '`': $type .= 'backtick'; + $this_was_quote = true; break; default: break; @@ -355,6 +383,7 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { // Checks for brackets if (PMA_STR_strInStr($c, $bracket_list)) { // All bracket tokens are only one item long + $this_was_bracket = true; $count2++; $type_type = ''; if (PMA_STR_strInStr($c, '([{')) { @@ -378,7 +407,17 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { } // Checks for identifier (alpha or numeric) - if (PMA_STR_isSqlIdentifier($c, FALSE) || ($c == '@') || ($c == '.' && PMA_STR_isDigit(PMA_substr($sql, $count2 + 1, 1)))) { + if (PMA_STR_isSqlIdentifier($c, false) + || $c == '@' + || ($c == '.' + && PMA_STR_isDigit(PMA_substr($sql, $count2 + 1, 1)) + && ($previous_was_space || $previous_was_bracket || $previous_was_listsep))) { + + /* DEBUG + echo PMA_substr($sql, $count2); + echo '
'; + */ + $count2 ++; /** @@ -386,10 +425,11 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { * FROM 'user'@'%' or TO 'user'@'%' * in this case, the @ is wrongly marked as alpha_variable */ - - $is_sql_variable = ($c == '@'); - $is_digit = (!$is_sql_variable) && PMA_STR_isDigit($c); - $is_hex_digit = ($is_digit) && ($c == '.') && ($c == '0') && ($count2 < $len) && (PMA_substr($sql, $count2, 1) == 'x'); + $is_identifier = $previous_was_punct; + $is_sql_variable = $c == '@' && ! $previous_was_quote; + $is_user = $c == '@' && $previous_was_quote; + $is_digit = !$is_identifier && !$is_sql_variable && PMA_STR_isDigit($c); + $is_hex_digit = $is_digit && $c == '0' && $count2 < $len && PMA_substr($sql, $count2, 1) == 'x'; $is_float_digit = $c == '.'; $is_float_digit_exponent = FALSE; @@ -455,7 +495,7 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { $str = PMA_substr($sql, $count1, $l); $type = ''; - if ($is_digit) { + if ($is_digit || $is_float_digit || $is_hex_digit) { $type = 'digit'; if ($is_float_digit) { $type .= '_float'; @@ -464,12 +504,12 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { } else { $type .= '_integer'; } + } elseif ($is_user) { + $type = 'punct_user'; + } elseif ($is_sql_variable != FALSE) { + $type = 'alpha_variable'; } else { - if ($is_sql_variable != FALSE) { - $type = 'alpha_variable'; - } else { - $type = 'alpha'; - } + $type = 'alpha'; } // end if... else.... PMA_SQP_arrayAdd($sql_array, $type, $str, $arraysize); @@ -478,9 +518,9 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { // Checks for punct if (PMA_STR_strInStr($c, $allpunct_list)) { - while (($count2 < $len) && PMA_STR_strInStr(PMA_substr($sql, $count2, 1), $allpunct_list)) { + //while (($count2 < $len) && PMA_STR_strInStr(PMA_substr($sql, $count2, 1), $allpunct_list)) { $count2++; - } + //} $l = $count2 - $count1; if ($l == 1) { $punct_data = $c; @@ -498,8 +538,10 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { break; case $punct_qualifier: $t_suffix = '_qualifier'; + $this_was_punct = true; break; case $punct_listsep: + $this_was_listsep = true; $t_suffix = '_listsep'; break; default: @@ -1671,7 +1713,7 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { // ON UPDATE CURRENT_TIMESTAMP if ($upper_data == 'ON') { - if ($arr[$i+1]['type'] == 'alpha_reservedWord') { + if (isset($arr[$i+1]) && $arr[$i+1]['type'] == 'alpha_reservedWord') { $second_upper_data = strtoupper($arr[$i+1]['data']); if ($second_upper_data == 'DELETE') { $clause = 'on_delete'; @@ -2062,6 +2104,7 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { $after .= ' '; } break; + case 'punct_user': case 'punct_qualifier': $before = ''; $after = ''; @@ -2255,11 +2298,7 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { } break; case 'alpha_variable': - // other workaround for a problem similar to the one - // explained below for quote_single - if (!$in_priv_list && $typearr[3] != 'quote_backtick') { - $after = ' '; - } + $after = ' '; break; case 'quote_double': case 'quote_single': @@ -2268,7 +2307,7 @@ if ( ! defined( 'PMA_MINIMUM_COMMON' ) ) { // the @ is incorrectly marked as alpha_variable // in the parser, and here, the '%' gets a blank before, // which is a syntax error - if ($typearr[1] !='alpha_variable') { + if ($typearr[1] != 'punct_user') { $before .= ' '; } if ($infunction && $typearr[3] == 'punct_bracket_close_round') { diff --git a/querywindow.php b/querywindow.php index 8ea282dba..0ff1dd8be 100644 --- a/querywindow.php +++ b/querywindow.php @@ -172,11 +172,11 @@ if ( ! empty( $query_history_latest ) && ! empty( $query_history_latest_db ) ) { 'table' => isset($query_history_latest_table) ? $query_history_latest_table : '', ); - $sql_query = urldecode($query_history_latest); + $sql_query = $query_history_latest; $db = $query_history_latest_db; $table = $query_history_latest_table; } elseif ( ! empty( $query_history_latest ) ) { - $sql_query = urldecode($query_history_latest); + $sql_query = $query_history_latest; } if (isset($sql_query)) { @@ -310,7 +310,7 @@ if ( count( $_sql_history ) > 0 . htmlspecialchars( $query['table'] ) . '\';' .' document.getElementById(\'hiddenqueryform\').submit();' .' return false;">[' . htmlspecialchars( $query['db'] ) . '] ' - . urldecode( $sql ) . '' . "\n"; + . htmlspecialchars($sql) . '' . "\n"; echo '' . "\n"; } diff --git a/tbl_change.php b/tbl_change.php index 62d4d479b..96d334cdc 100644 --- a/tbl_change.php +++ b/tbl_change.php @@ -839,19 +839,14 @@ foreach ($loop_array as $vrowcount => $vrow) { 40) ? 40 : $len); - $maxlength = $len; - } + // field size should be at least 4 and max 40 + $fieldsize = min(max($len, 4), 40); echo "\n"; ?>
tabindex="" id="field__3" /> @@ -908,19 +903,8 @@ foreach ($loop_array as $vrowcount => $vrow) { } // end elseif ( binary or blob) else { - // For char or varchar, respect the maximum length (M); for other - // types (int or float), the length is not a limit on the values that - // can be entered, so let's be generous (20) (we could also use the - // real limits for each numeric type) - // 2004-04-07, it turned out that 20 was not generous enough - // for the maxlength - if ($is_char) { - $fieldsize = (($len > 40) ? 40 : $len); - $maxlength = $len; - } else { - $fieldsize = 20; - $maxlength = 99; - } // end if... else... + // field size should be at least 4 and max 40 + $fieldsize = min(max($len, 4), 40); ?> $vrow) { ?> tabindex="" id="field__3" /> diff --git a/tbl_create.php b/tbl_create.php index df9aa8e20..ebfeae134 100644 --- a/tbl_create.php +++ b/tbl_create.php @@ -194,9 +194,19 @@ if (isset($submit_num_fields)) { } } - require './' . $cfg['DefaultTabTable']; - $abort = true; - exit(); + $message = $strTable . ' ' + . htmlspecialchars(PMA_backquote($db) . '.' . PMA_backquote($table)) + . ' ' . $strHasBeenCreated; + $display_query = $sql_query; + unset($sql_query); + + // do not switch to sql.php - as there is no row to be displayed on a new table + if ($cfg['DefaultTabTable'] === 'sql.php') { + require './tbl_structure.php'; + } else { + require './' . $cfg['DefaultTabTable']; + } + exit; } else { PMA_mysqlDie('', '', '', $err_url, false); // garvin: An error happened while inserting/updating a table definition. diff --git a/tbl_export.php b/tbl_export.php index d4ea66b61..420faf7f8 100644 --- a/tbl_export.php +++ b/tbl_export.php @@ -39,16 +39,21 @@ if (isset($sql_query)) { $sql_query .= ' FROM ' . $analyzed_sql[0]['from_clause']; } - if (isset($primary_key) && is_array($primary_key)) { - $sql_query .= ' WHERE '; - $conj = ''; - foreach ($primary_key AS $i => $key) { - $sql_query .= $conj . '( ' . $key . ' ) '; - $conj = 'OR '; - } - } elseif (!empty($analyzed_sql[0]['where_clause'])) { - $sql_query .= ' WHERE ' . $analyzed_sql[0]['where_clause']; + $wheres = array(); + + if (isset($primary_key) && is_array($primary_key) + && count($primary_key) > 0) { + $wheres[] = '(' . implode(') OR (',$primary_key) . ')'; } + + if (!empty($analyzed_sql[0]['where_clause'])) { + $wheres[] = $analyzed_sql[0]['where_clause']; + } + + if (count($wheres) > 0 ) { + $sql_query .= ' WHERE (' . implode(') AND (', $wheres) . ')'; + } + if (!empty($analyzed_sql[0]['group_by_clause'])) { $sql_query .= ' GROUP BY ' . $analyzed_sql[0]['group_by_clause']; } diff --git a/tbl_row_action.php b/tbl_row_action.php index 9c2b7c36a..f9d9ddd22 100644 --- a/tbl_row_action.php +++ b/tbl_row_action.php @@ -91,7 +91,7 @@ if (!empty($submit_mult)) { $single_table = TRUE; $primary_key = array(); - $sql_query = urldecode($sql_query); + //$sql_query = urldecode($sql_query); // garvin: As we got the fields to be edited from the 'rows_to_delete' checkbox, we use the index of it as the // indicating primary key. Then we built the array which is used for the tbl_change.php script. foreach ($rows_to_delete AS $i_primary_key => $del_query) {