= 30009) { if (PMA_WINDOWS) { $suffix = '.dll'; } else { $suffix = '.so'; } if (PHP_INT_VERSION < 40000) { $extension = 'MySQL'; } else { $extension = 'mysql'; } if (!@extension_loaded($extension) && !@get_cfg_var('safe_mode') && @function_exists('dl')) { @dl($extension.$suffix); } if (!@extension_loaded($extension)) { echo $strCantLoadMySQL; exit(); } } // end load mysql extension /** * Displays a MySQL error message in the right frame. * * @param string the error mesage * @param string the sql query that failed * @param boolean whether to show a "modify" link or not * @param boolean whether to show a "back" link or not */ function mysql_die($error_message = '', $the_query = '', $is_modify_link = TRUE, $is_back_link = TRUE) { if (!$error_message) { $error_message = mysql_error(); } if (!$the_query && !empty($GLOBALS['sql_query'])) { $the_query = $GLOBALS['sql_query']; } echo ''. $GLOBALS['strError'] . '' . "\n"; // if the config password is wrong, or the MySQL server does not // respond, do not show the query that would reveal the // username/password if (!empty($the_query) && !strstr($the_query, 'connect')) { $query_base = htmlspecialchars($the_query); $query_base = ereg_replace("((\015\012)|(\015)|(\012)){3,}", "\n\n", $query_base); echo '

' . "\n"; echo ' ' . $GLOBALS['strSQLQuery'] . ' : ' . "\n"; if ($is_modify_link) { echo ' [' . '' . $GLOBALS['strEdit'] . '' . ']' . "\n"; } // end if echo '

' . "\n" . $query_base . "\n" . '
' . "\n"; echo '

' . "\n"; } // end if if (!empty($error_message)) { $error_message = htmlspecialchars($error_message); $error_message = ereg_replace("((\015\012)|(\015)|(\012)){3,}", "\n\n", $error_message); } echo '

' . "\n"; echo ' ' . $GLOBALS['strMySQLSaid'] . '
' . "\n"; echo '

' . "\n" . $error_message . "\n" . '
' . "\n"; echo '

' . "\n"; if ($is_back_link) { $hist = (isset($GLOBALS['btnDrop'])) ? -2 : -1; echo '' . $GLOBALS['strBack'] . ''; } echo "\n"; include('./footer.inc.php3'); exit(); } // end of the 'mysql_die()' function /** * Use mysql_connect() or mysql_pconnect()? */ $connect_func = ($cfgPersistentConnections) ? 'mysql_pconnect' : 'mysql_connect'; $dblist = array(); /** * Gets the valid servers list and parameters */ reset($cfgServers); while (list($key, $val) = each($cfgServers)) { // Don't use servers with no hostname if (empty($val['host'])) { unset($cfgServers[$key]); } } if (empty($server) || !isset($cfgServers[$server]) || !is_array($cfgServers[$server])) { $server = $cfgServerDefault; } /** * If no server is selected, make sure that $cfgServer is empty (so that * nothing will work), and skip server authentication. * We do NOT exit here, but continue on without logging into any server. * This way, the welcome page will still come up (with no server info) and * present a choice of servers in the case that there are multiple servers * and '$cfgServerDefault = 0' is set. */ if ($server == 0) { $cfgServer = array(); } /** * Otherwise, set up $cfgServer and do the usual login stuff. */ else if (isset($cfgServers[$server])) { $cfgServer = $cfgServers[$server]; // Check how the config says to connect to the server $server_port = (empty($cfgServer['port'])) ? '' : ':' . $cfgServer['port']; if (strtolower($cfgServer['connect_type']) == 'tcp') { $cfgServer['socket'] = ''; } $server_socket = (empty($cfgServer['socket']) || PHP_INT_VERSION < 30010) ? '' : ':' . $cfgServer['socket']; // The user can work with only some databases if (isset($cfgServer['only_db']) && !empty($cfgServer['only_db'])) { if (is_array($cfgServer['only_db'])) { $dblist = $cfgServer['only_db']; } else { $dblist[] = $cfgServer['only_db']; } } // Advanced authentication is required if ($cfgServer['adv_auth']) { // Grabs the $PHP_AUTH_USER variable whatever are the values of the // 'register_globals' and the 'variables_order' directives if (empty($PHP_AUTH_USER)) { if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['PHP_AUTH_USER'])) { $PHP_AUTH_USER = $HTTP_SERVER_VARS['PHP_AUTH_USER']; } else if (isset($REMOTE_USER)) { $PHP_AUTH_USER = $REMOTE_USER; } else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['REMOTE_USER'])) { $PHP_AUTH_USER = $HTTP_ENV_VARS['REMOTE_USER']; } else if (@getenv('REMOTE_USER')) { $PHP_AUTH_USER = getenv('REMOTE_USER'); } } // Grabs the $PHP_AUTH_PW variable whatever are the values of the // 'register_globals' and the 'variables_order' directives if (empty($PHP_AUTH_PW)) { if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW'])) { $PHP_AUTH_PW = $HTTP_SERVER_VARS['PHP_AUTH_PW']; } else if (isset($REMOTE_PASSWORD)) { $PHP_AUTH_PW = $REMOTE_PASSWORD; } else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['REMOTE_PASSWORD'])) { $PHP_AUTH_PW = $HTTP_ENV_VARS['REMOTE_PASSWORD']; } else if (@getenv('REMOTE_PASSWORD')) { $PHP_AUTH_PW = getenv('REMOTE_PASSWORD'); } } // Grabs the $old_usr variable whatever are the values of the // 'register_globals' and the 'variables_order' directives if (empty($old_usr) && !empty($HTTP_GET_VARS) && isset($HTTP_GET_VARS['old_usr'])) { $old_usr = $HTTP_GET_VARS['old_usr']; } // First load -> checks if authentication is required if (!isset($old_usr)) { if (empty($PHP_AUTH_USER)) { $do_auth = TRUE; } else { $do_auth = FALSE; } } // Else ensure the username is not the same else { // force user to enter a different username if (isset($PHP_AUTH_USER) && $old_usr == $PHP_AUTH_USER) { $do_auth = TRUE; } else { $do_auth = FALSE; } } // Calls the authentication window or validates user's login if ($do_auth) { auth(); } else { $bkp_track_err = (PHP_INT_VERSION >= 40000) ? @ini_set('track_errors', 1) : ''; $dbh = @$connect_func( $cfgServer['host'] . $server_port . $server_socket, $cfgServer['stduser'], $cfgServer['stdpass'] ); if ($dbh == FALSE) { if (mysql_error()) { $conn_error = mysql_error(); } else if (isset($php_errormsg)) { $conn_error = $php_errormsg; } else { $conn_error = 'Cannot connect: invalid settings.'; } if (PHP_INT_VERSION >= 40000) { @ini_set('track_errors', $bkp_track_err); } $local_query = $connect_func . '(' . $cfgServer['host'] . $server_port . $server_socket . ', ' . $cfgServer['stduser'] . ', ' . $cfgServer['stdpass'] . ')'; mysql_die($conn_error, $local_query, FALSE, FALSE); } else if (PHP_INT_VERSION >= 40000) { @ini_set('track_errors', $bkp_track_err); } $PHP_AUTH_USER = str_replace('\'', '\\\'', $PHP_AUTH_USER); $PHP_AUTH_PW = str_replace('\'', '\\\'', $PHP_AUTH_PW); $auth_query = 'SELECT User, Password, Select_priv ' . 'FROM mysql.user ' . 'WHERE ' . 'User = \'' . $PHP_AUTH_USER . '\' ' . 'AND Password = PASSWORD(\'' . $PHP_AUTH_PW . '\')'; $rs = mysql_query($auth_query, $dbh) or mysql_die('', $auth_query, FALSE, FALSE); // Invalid login -> relog if (@mysql_numrows($rs) <= 0) { auth(); } // Seems to be a valid login... else { $row = mysql_fetch_array($rs); // Correction uva 19991215 // Previous code assumed database "mysql" admin table "db" // column "db" contains literal name of user database, and // works if so. // Mysql usage generally (and uva usage specifically) // allows this column to contain regular expressions (we // have all databases owned by a given // student/faculty/staff beginning with user i.d. and // governed by default by a single set of privileges with // regular expression as key). This breaks previous code. // This maintenance is to fix code to work correctly for // regular expressions. if ($row['Select_priv'] != 'Y') { $local_query = 'SELECT DISTINCT Db FROM mysql.db WHERE Select_priv = \'Y\' AND User = \'' . $PHP_AUTH_USER . '\''; $rs = mysql_query($local_query) or mysql_die('', $local_query, FALSE, FALSE); if (@mysql_numrows($rs) <= 0) { $local_query = 'SELECT Db FROM mysql.tables_priv WHERE Table_priv LIKE \'%Select%\' AND User = \'' . $PHP_AUTH_USER . '\''; $rs = mysql_query($local_query) or mysql_die('', $local_query, FALSE, FALSE); if (@mysql_numrows($rs) <= 0) { auth(); } else { while ($row = mysql_fetch_array($rs)) { $dblist[] = $row['Db']; } } } else { // Will use as associative array of the following 2 // code lines: // the 1st is the only line intact from before // correction, // the 2nd replaces $dblist[] = $row['Db']; $uva_mydbs = array(); // Code following those 2 lines in correction // continues populating $dblist[], as previous code // did. But it is now populated with actual // database names instead of with regular // expressions. while ($row = mysql_fetch_array($rs)) { $uva_mydbs[$row['Db']] = 1; } $uva_alldbs = mysql_list_dbs(); while ($uva_row = mysql_fetch_array($uva_alldbs)) { $uva_db = $uva_row[0]; if (isset($uva_mydbs[$uva_db]) && 1 == $uva_mydbs[$uva_db]) { $dblist[] = $uva_db; $uva_mydbs[$uva_db] = 0; } else { reset($uva_mydbs); while (list($uva_matchpattern, $uva_value) = each($uva_mydbs)) { $uva_regex = ereg_replace('%', '.+', $uva_matchpattern); // Fixed db name matching // 2000-08-28 -- Benjamin Gandon if (ereg('^' . $uva_regex . '$', $uva_db)) { $dblist[] = $uva_db; break; } } // end while } // end if ... else .... } // end while } // end else } // end if } // end else } // Validation achived -> store user's login/password $cfgServer['user'] = $PHP_AUTH_USER; $cfgServer['password'] = $PHP_AUTH_PW; } // end Advanced authentication // Do connect to the user's database $bkp_track_err = (PHP_INT_VERSION >= 40000) ? @ini_set('track_errors', 1) : ''; $link = @$connect_func( $cfgServer['host'] . $server_port . $server_socket, $cfgServer['user'], $cfgServer['password'] ); if ($link == FALSE) { if (mysql_error()) { $conn_error = mysql_error(); } else if (isset($php_errormsg)) { $conn_error = $php_errormsg; } else { $conn_error = 'Cannot connect: invalid settings.'; } if (PHP_INT_VERSION >= 40000) { @ini_set('track_errors', $bkp_track_err); } $local_query = $connect_func . '(' . $cfgServer['host'] . $server_port . $server_socket . ', ' . $cfgServer['user'] . ', ' . $cfgServer['password'] . ')'; mysql_die($conn_error, $local_query, FALSE, FALSE); } else if (PHP_INT_VERSION >= 40000) { @ini_set('track_errors', $bkp_track_err); } } // end server connecting /** * Missing server hostname */ else { echo $strHostEmpty; } /** * Gets constants that defines the PHP, MySQL... releases. * This include must be located physically before any code that needs to * reference the constants, else PHP 3.0.16 won't be happy; and must be * located after we are connected to db to get the MySql version. */ include('./defines.inc.php3'); /* ----------------------- Set of misc functions ----------------------- */ /** * Adds backquotes on both sides of a database, table or field name. * Since MySQL 3.23.6 this allows to use non-alphanumeric characters in * these names. * * @param string the database, table or field name to "backquote" * @param boolean a flag to bypass this function (used by dump functions) * * @return string the "backquoted" database, table or field name if the * current MySQL release is >= 3.23.6, the original one * else */ function backquote($a_name, $do_it = TRUE) { if ($do_it && MYSQL_INT_VERSION >= 32306 && !empty($a_name) && $a_name != '*') { return '`' . $a_name . '`'; } else { return $a_name; } } // end of the 'backquote()' function /** * Add slashes before "'" and "\" characters so a value containing them can * be used in a sql comparison. * * @param string the string to slash * @param boolean whether the string will be used in a 'LIKE' clause * (it then requires two more escaped sequences) or not * * @return string the slashed string */ function sql_addslashes($a_string = '', $is_like = FALSE) { if ($is_like) { $a_string = str_replace('\\', '\\\\\\\\', $a_string); } else { $a_string = str_replace('\\', '\\\\', $a_string); } $a_string = str_replace('\'', '\\\'', $a_string); return $a_string; } // end of the 'sql_addslashes()' function /** * Defines the value depending on the user OS that may be grabbed * from the 'HTTP_USER_AGENT' variable. * * @return string the value to use */ function which_crlf() { $the_crlf = "\n"; // Gets the 'HTTP_USER_AGENT' variable if (!isset($GLOBALS['HTTP_USER_AGENT'])) { if (!empty($GLOBALS['HTTP_SERVER_VARS']) && isset($GLOBALS['HTTP_SERVER_VARS']['HTTP_USER_AGENT'])) { $GLOBALS['HTTP_USER_AGENT'] = $GLOBALS['HTTP_SERVER_VARS']['HTTP_USER_AGENT']; } else { $GLOBALS['HTTP_USER_AGENT'] = @getenv('HTTP_USER_AGENT'); } } // end if // Searches for the word 'win' if (!empty($GLOBALS['HTTP_USER_AGENT']) && ereg('[^(]*\((.*)\)[^)]*', $GLOBALS['HTTP_USER_AGENT'], $regs)) { if (eregi('Win', $regs[1])) { $the_crlf = "\r\n"; } } // end if return $the_crlf; } // end of the 'which_crlf()' function /** * Counts and displays the number of records in a table * * Last revision 13 July 2001: Patch for limiting dump size from * vinay@sanisoft.com & girish@sanisoft.com * * @param string the current database name * @param string the current table name * @param boolean whether to retain or to displays the result * * @return mixed the number of records if retain is required, true else */ function count_records($db, $table, $ret = FALSE) { $result = mysql_query('select count(*) as num from ' . backquote($db) . '.' . backquote($table)); $num = mysql_result($result,0,"num"); if ($ret) { return $num; } else { echo number_format($num, 0, $GLOBALS['number_decimal_separator'], $GLOBALS['number_thousands_separator']); return TRUE; } } // end of the 'count_records()' function /** * Displays a message at the top of the "main" (right) frame * * @param string the message to display */ function show_message($message) { // Reloads the navigation frame via JavaScript if required if (!empty($GLOBALS['reload']) && ($GLOBALS['reload'] == 'true')) { echo "\n"; $reload_url = './left.php3' . '?lang=' . $GLOBALS['lang'] . '&server=' . $GLOBALS['server'] . ((!empty($GLOBALS['db'])) ? '&db=' . urlencode($GLOBALS['db']) : ''); ?>

" and not "
") $new_line = '
' . "\n" . ' '; $query_base = htmlspecialchars($GLOBALS['sql_query']); $query_base = ereg_replace("((\015\012)|(\015)|(\012))+", $new_line, $query_base); if (!isset($GLOBALS['show_query']) || $GLOBALS['show_query'] != 'y') { if (isset($GLOBALS['goto']) && $GLOBALS['goto'] == 'tbl_properties.php3') { $edit_link = '' . $GLOBALS['strEdit'] . ''; } else { $edit_link = '' . $GLOBALS['strEdit'] . ''; } echo ' ' . $GLOBALS['strSQLQuery'] . ' : [' . $edit_link . ']
' . "\n"; } else { echo ' ' . $GLOBALS['strSQLQuery'] . ' :
' . "\n"; } echo ' ' . $query_base; // If a 'LIMIT' clause has been programatically added to the query // displays it if (!empty($GLOBALS['sql_limit_to_append'])) { echo $GLOBALS['sql_limit_to_append']; } // loic1 : this was far to be optimal // $is_append_limit = (isset($GLOBALS['pos']) // && (eregi('^SELECT', $GLOBALS['sql_query']) && !eregi('^SELECT COUNT\((.*\.+)?\*\) FROM ', $GLOBALS['sql_query'])) // && !eregi('LIMIT[ 0-9,]+$', $GLOBALS['sql_query'])); // if ($is_append_limit) { // echo ' LIMIT ' . $GLOBALS['pos'] . ', ' . $GLOBALS['cfgMaxRows']; // } echo "\n"; ?>

' . $GLOBALS['strDocu'] . ']'; } } // end of the 'show_docu()' function /** * Formats $value to byte view * * @param double the value to format * @param integer the sensitiveness * @param integer the number of decimals to retain * * @return array the formatted value and its unit * * @author staybyte * @version 1.1 - 07 July 2001 */ function format_byte_down($value, $limes = 6, $comma = 0) { $dh = pow(10, $comma); $li = pow(10, $limes); $return_value = $value; $unit = $GLOBALS['byteUnits'][0]; if ($value >= $li*1000000) { $value = round($value/(1073741824/$dh))/$dh; $unit = $GLOBALS['byteUnits'][3]; } else if ($value >= $li*1000) { $value = round($value/(1048576/$dh))/$dh; $unit = $GLOBALS['byteUnits'][2]; } else if ($value >= $li) { $value = round($value/(1024/$dh))/$dh; $unit = $GLOBALS['byteUnits'][1]; } if ($unit != $GLOBALS['byteUnits'][0]) { $return_value = number_format($value, $comma, $GLOBALS['number_decimal_separator'], $GLOBALS['number_thousands_separator']); } else { $return_value = number_format($value, 0, $GLOBALS['number_decimal_separator'], $GLOBALS['number_thousands_separator']); } return array($return_value, $unit); } // end of the 'format_byte_down' function /* ----- Functions used to display records returned by a sql query ----- */ /** * Displays a navigation bar to browse among the results of a sql query * * @param integer the offset for the "next" page * @param integer the offset for the "previous" page * @param array the result of the query * * @global string the current language * @global integer the server to use (refers to the number in the * configuration file) * @global string the database name * @global string the table name * @global string the current sql query * @global integer the current position in results * @global string the url to go back in case of errors * @global boolean whether to limit the number of displayed charcaters of * text type fields or not * @global integer the maximum number of rows per page * @global integer the total number of rows returned by the sql query */ function show_table_navigation($pos_next, $pos_prev, $dt_result) { global $lang, $server, $db, $table; global $sql_query, $pos, $goto, $dontlimitchars; global $sessionMaxRows, $SelectNumRows; // $sql_query will be stripslashed in 'sql.php3' if the // 'magic_quotes_gpc' directive is set to 'on' if (get_magic_quotes_gpc()) { $encoded_sql_query = urlencode(addslashes($sql_query)); } else { $encoded_sql_query = urlencode($sql_query); } ?> 0) { ?> = $sessionMaxRows) { ?>
   
   
   
   
1 && isset($pos_next)) { if (isset($SelectNumRows) && $SelectNumRows != $total) { $selectstring = ', ' . $SelectNumRows . ' ' . $GLOBALS['strSelectNumRows']; } else { $selectstring = ''; } $lastShownRec = ($pos_next > $total) ? $total : $pos_next; show_message($GLOBALS['strShowingRecords'] . " $pos - $lastShownRec ($total " . $GLOBALS['strTotal'] . $selectstring . ')'); } else { show_message($GLOBALS['strSQLQuery']); } // Displays the navigation bars $field = mysql_fetch_field($dt_result); if (!isset($table) || strlen(trim($table)) == 0) { $table = $field->table; } mysql_field_seek($dt_result, 0); if (!$is_simple && (!isset($SelectNumRows) || $SelectNumRows > 1)) { show_table_navigation($pos_next, $pos_prev, $dt_result); } else { echo "\n" . '

' . "\n"; } // Displays the results $is_show_processlist = eregi("^[ \n\r]*show[ \n\r]*processlist[ \n\r]*$", $sql_query); ?> ' . "\n"; echo ' ' . "\n"; } if ($is_show_processlist) { echo ' ' . "\n"; } while ($field = mysql_fetch_field($dt_result)) { // Result is more than one row long if (@mysql_num_rows($dt_result) > 1 && !$is_simple) { // Defines the url used to append/modify a sorting order // 1. Checks if an hard coded 'order by' clause exists if (eregi('(.*)( ORDER BY (.*))', $sql_query, $regs1)) { if (eregi('((.*)( ASC| DESC)( |$))(.*)', $regs1[2], $regs2)) { $unsorted_sql_query = trim($regs1[1] . ' ' . $regs2[5]); $sql_order = trim($regs2[1]); } else if (eregi('((.*)) (LIMIT (.*)|PROCEDURE (.*)|FOR UPDATE|LOCK IN SHARE MODE)', $regs1[2], $regs3)) { $unsorted_sql_query = trim($regs1[1] . ' ' . $regs3[3]); $sql_order = trim($regs3[1]) . ' ASC'; } else { $unsorted_sql_query = trim($regs1[1]); $sql_order = trim($regs1[2]) . ' ASC'; } } else { $unsorted_sql_query = $sql_query; } // 2. Checks if the current column is used to sort the result if (empty($sql_order)) { $is_in_sort = FALSE; } else { $is_in_sort = eregi(' (`?)' . str_replace('\\', '\\\\', $field->name) . '(`?)[ ,$]', $sql_order); } // 3. Do define the sorting url if (!$is_in_sort) { // loic1: patch #455484 ("Smart" order) $cfgOrder = strtoupper($GLOBALS['cfgOrder']); if ($cfgOrder == 'SMART') { $cfgOrder = (eregi('time|date', $field->type)) ? 'DESC' : 'ASC'; } $sort_order = ' ORDER BY ' . backquote($field->name) . ' ' . $cfgOrder; $order_img = ''; } else if (substr($sql_order, -3) == 'ASC' && $is_in_sort) { $sort_order = ' ORDER BY ' . backquote($field->name) . ' DESC'; $order_img = ' ASC'; } else if (substr($sql_order, -4) == 'DESC' && $is_in_sort) { $sort_order = ' ORDER BY ' . backquote($field->name) . ' ASC'; $order_img = ' DESC'; } if (eregi('(.*)( LIMIT (.*)| PROCEDURE (.*)| FOR UPDATE| LOCK IN SHARE MODE)', $unsorted_sql_query, $regs3)) { $sorted_sql_query = $regs3[1] . $sort_order . $regs3[2]; } else { $sorted_sql_query = $unsorted_sql_query . $sort_order; } $url_query = 'lang=' . $lang . '&server=' . $server . '&db=' . urlencode($db) . '&table=' . urlencode($table) . '&pos=' . $pos . '&sql_query=' . urlencode($sorted_sql_query); ?> name) . ' '; if (!isset($row[$i])) { $row[$i] = ''; $condition .= 'IS NULL AND'; } else { $condition .= '= \'' . sql_addslashes($row[$i]) . '\' AND'; } if ($primary->numeric == 1) { if ($is_show_processlist) { $Id = $row[$i]; } } if ($primary->primary_key > 0) { $primary_key .= $condition; } $uva_nonprimary_condition .= $condition; } // end for // Correction uva 19991216: prefer primary keys for condition, but // use conjunction of all values if no primary key if ($primary_key) { $uva_condition = $primary_key; } else { $uva_condition = $uva_nonprimary_condition; } $uva_condition = urlencode(ereg_replace(' ?AND$', '', $uva_condition)); $url_query = 'lang=' . $lang . '&server=' . $server . '&db=' . urlencode($db) . '&table=' . urlencode($table) . '&pos=' . $pos; $goto = (!empty($goto) && empty($GLOBALS['QUERY_STRING'])) ? $goto : 'sql.php3'; $edit_url = 'tbl_change.php3' . '?' . $url_query . '&primary_key=' . $uva_condition . '&sql_query=' . urlencode($sql_query) . '&goto=' . urlencode($goto); $goto = 'sql.php3' . '?' . $url_query . '&sql_query=' . urlencode($sql_query) . '&zero_rows=' . urlencode(htmlspecialchars($GLOBALS['strDeleted'])) . '&goto=tbl_properties.php3'; $delete_url = 'sql.php3' . '?' . $url_query . '&sql_query=' . urlencode('DELETE FROM ' . backquote($table) . ' WHERE') . $uva_condition . urlencode(' LIMIT 1') . '&zero_rows=' . urlencode(htmlspecialchars($GLOBALS['strDeleted'])) . '&goto=' . urlencode($goto); if ($GLOBALS['cfgModifyDeleteAtLeft'] && !$is_simple) { ?> numeric == 1) { if ($row[$i] != '') { echo ' ' . "\n"; } else { echo ' ' . "\n"; } } else if ($GLOBALS['cfgShowBlob'] == FALSE && eregi('BLOB', $primary->type)) { // loic1 : mysql_fetch_fields returns BLOB in place of TEXT // fields type, however TEXT fields must be displayed even // if $cfgShowBlob is false -> get the true type of the // fields. $field_flags = mysql_field_flags($dt_result, $i); if (eregi('BINARY', $field_flags)) { echo ' ' . "\n"; } else { if (strlen($row[$i]) > $GLOBALS['cfgLimitChars'] && ($dontlimitchars != 1)) { $row[$i] = substr($row[$i], 0, $GLOBALS['cfgLimitChars']) . '...'; } // loic1 : displays / if ($row[$i] != '') { $row[$i] = ereg_replace("((\015\012)|(\015)|(\012))+", '
', htmlspecialchars($row[$i])); echo ' ' . "\n"; } else { echo ' ' . "\n"; } } } else { // loic1 : displays / if ($row[$i] != '') { $row[$i] = ereg_replace("((\015\012)|(\015)|(\012))+", '
', htmlspecialchars($row[$i])); echo ' ' . "\n"; } else { echo ' ' . "\n"; } } } // end for // Possibility to have the modify/delete button on the left added // Benjamin Gandon -- 2000-08-29 if ($GLOBALS['cfgModifyDeleteAtRight'] && !$is_simple) { ?>
name); ?> name) . "\n"; ?>
' . $row[$i] . ' [BLOB]' . $row[$i] . ' ' . $row[$i] . ' 

1)) { show_table_navigation($pos_next, $pos_prev, $dt_result); } else { echo "\n" . '
' . "\n"; } } // end of the 'display_table()' function /* ------------------- Functions used to build dumps ------------------- */ /** * Uses the 'htmlspecialchars()' php function on databases, tables and fields * name if the dump has to be displayed on screen. * * @param string the string to format */ function html_format($a_string = '') { return (empty($GLOBALS['asfile']) ? htmlspecialchars($a_string) : $a_string); } // end of the 'html_format()' function /** * Returns $table's CREATE definition * * Uses the 'html_format()' function defined in 'tbl_dump.php3' * * @param string the database name * @param string the table name * @param string the end of line sequence * * @return string the CREATE statement on success * * @global boolean whether to add 'drop' statements or not * @global boolean whether to use backquotes to allow the use of special * characters in database, table and fields names or not */ function get_table_def($db, $table, $crlf) { global $drop; global $use_backquotes; $schema_create = ''; if (!empty($drop)) { $schema_create .= 'DROP TABLE IF EXISTS ' . backquote(html_format($table), $use_backquotes) . ';' . $crlf; } // Steve Alberty's patch for complete table dump, // modified by Lem9 to allow older MySQL versions to continue to work if (MYSQL_INT_VERSION >= 32321) { // Whether to quote table and fields names or not if ($use_backquotes) { mysql_query('SET SQL_QUOTE_SHOW_CREATE = 1'); } else { mysql_query('SET SQL_QUOTE_SHOW_CREATE = 0'); } $result = mysql_query('SHOW CREATE TABLE ' . backquote($db) . '.' . backquote($table)); if ($result != FALSE && mysql_num_rows($result) > 0) { $tmpres = mysql_fetch_array($result); $schema_create .= str_replace("\n", $crlf, html_format($tmpres[1])); } return $schema_create; } // end if MySQL >= 3.23.20 // For MySQL < 3.23.20 $schema_create .= 'CREATE TABLE ' . html_format(backquote($table), $use_backquotes) . ' (' . $crlf; $local_query = 'SHOW FIELDS FROM ' . backquote($db) . '.' . backquote($table); $result = mysql_query($local_query) or mysql_die('', $local_query); while ($row = mysql_fetch_array($result)) { $schema_create .= ' ' . html_format(backquote($row['Field'], $use_backquotes)) . ' ' . $row['Type']; if (isset($row['Default']) && $row['Default'] != '') { $schema_create .= ' DEFAULT \'' . html_format(sql_addslashes($row['Default'])) . '\''; } if ($row['Null'] != 'YES') { $schema_create .= ' NOT NULL'; } if ($row['Extra'] != '') { $schema_create .= ' ' . $row['Extra']; } $schema_create .= ',' . $crlf; } // end while $schema_create = ereg_replace(',' . $crlf . '$', '', $schema_create); $local_query = 'SHOW KEYS FROM ' . backquote($db) . '.' . backquote($table); $result = mysql_query($local_query) or mysql_die('', $local_query); while ($row = mysql_fetch_array($result)) { $kname = $row['Key_name']; $comment = (isset($row['Comment'])) ? $row['Comment'] : ''; $sub_part = (isset($row['Sub_part'])) ? $row['Sub_part'] : ''; if ($kname != 'PRIMARY' && $row['Non_unique'] == 0) { $kname = "UNIQUE|$kname"; } if ($comment == 'FULLTEXT') { $kname = 'FULLTEXT|$kname'; } if (!isset($index[$kname])) { $index[$kname] = array(); } if ($sub_part > 1) { $index[$kname][] = html_format(backquote($row['Column_name'], $use_backquotes)) . '(' . $sub_part . ')'; } else { $index[$kname][] = html_format(backquote($row['Column_name'], $use_backquotes)); } } // end while while (list($x, $columns) = @each($index)) { $schema_create .= ',' . $crlf; if ($x == 'PRIMARY') { $schema_create .= ' PRIMARY KEY ('; } else if (substr($x, 0, 6) == 'UNIQUE') { $schema_create .= ' UNIQUE ' . substr($x, 7) . ' ('; } else if (substr($x, 0, 8) == 'FULLTEXT') { $schema_create .= ' FULLTEXT ' . substr($x, 9) . ' ('; } else { $schema_create .= ' KEY ' . $x . ' ('; } $schema_create .= implode($columns, ', ') . ')'; } // end while $schema_create .= $crlf . ')'; // ??? Why bother about get_magic_quotes_gpc() here ??? // if (get_magic_quotes_gpc()) { // return stripslashes($schema_create); // } else { // return $schema_create; // } return $schema_create; } // end of the 'get_table_def()' function /** * php >= 4.0.5 only : get the content of $table as a series of INSERT * statements. * After every row, a custom callback function $handler gets called. * * Last revision 13 July 2001: Patch for limiting dump size from * vinay@sanisoft.com & girish@sanisoft.com * * @param string the current database name * @param string the current table name * @param string the 'limit' clause to use with the sql query * @param string the name of the handler (function) to use at the end * of every row. This handler must accept one parameter * ($sql_insert) * * @return boolean always true * * @global boolean whether to use backquotes to allow the use of special * characters in database, table and fields names or not * * @see get_table_content() * * @author staybyte */ function get_table_content_fast($db, $table, $add_query = '', $handler) { global $use_backquotes; $local_query = 'SELECT * FROM ' . backquote($db) . '.' . backquote($table) . $add_query; $result = mysql_query($local_query) or mysql_die('', $local_query); if ($result != FALSE) { $fields_cnt = mysql_num_fields($result); // Checks whether the field is an integer or not for ($j = 0; $j < $fields_cnt; $j++) { $field_set[$j] = backquote(mysql_field_name($result, $j), $use_backquotes); $type = mysql_field_type($result, $j); if ($type == 'tinyint' || $type == 'smallint' || $type == 'mediumint' || $type == 'int' || $type == 'bigint' ||$type == 'timestamp') { $field_num[$j] = TRUE; } else { $field_num[$j] = FALSE; } } // end for // Sets the scheme if (isset($GLOBALS['showcolumns'])) { $fields = implode(', ', $field_set); $schema_insert = 'INSERT INTO ' . backquote(html_format($table), $use_backquotes) . ' (' . html_format($fields) . ') VALUES ('; } else { $schema_insert = 'INSERT INTO ' . backquote(html_format($table), $use_backquotes) . ' VALUES ('; } $search = array("\x0a","\x0d","\x1a"); //\x08\\x09, not required $replace = array("\\n","\\r","\Z"); $isFirstRow = TRUE; @set_time_limit(1200); // 20 Minutes while ($row = mysql_fetch_row($result)) { for ($j = 0; $j < $fields_cnt; $j++) { if (!isset($row[$j])) { $values[] = 'NULL'; } else if (!empty($row[$j])) { // a number if ($field_num[$j]) { $values[] = $row[$j]; } // a string else { $values[] = "'" . str_replace($search, $replace, sql_addslashes($row[$j])) . "'"; } } else { $values[] = "''"; } // end if } // end for // Extended inserts case if (isset($GLOBALS['extended_ins'])) { if ($isFirstRow) { $insert_line = $schema_insert . implode(',', $values) . ')'; $isFirstRow = FALSE; } else { $insert_line = '(' . implode(',', $values) . ')'; } } // Other inserts case else { $insert_line = $schema_insert . implode(',', $values) . ')'; } unset($values); // Call the handler $handler($insert_line); } // end while // Replace last comma by a semi-column in extended inserts case if (isset($GLOBALS['extended_ins'])) { $GLOBALS['tmp_buffer'] = ereg_replace(',([^,]*)$', ';\\1', $GLOBALS['tmp_buffer']); } } // end if ($result != FALSE) return TRUE; } // end of the 'get_table_content_fast()' function /** * php < 4.0.5 only: get the content of $table as a series of INSERT * statements. * After every row, a custom callback function $handler gets called. * * Last revision 13 July 2001: Patch for limiting dump size from * vinay@sanisoft.com & girish@sanisoft.com * * @param string the current database name * @param string the current table name * @param string the 'limit' clause to use with the sql query * @param string the name of the handler (function) to use at the end * of every row. This handler must accept one parameter * ($sql_insert) * * @return boolean always true * * @global boolean whether to use backquotes to allow the use of special * characters in database, table and fields names or not * * @see get_table_content() */ function get_table_content_old($db, $table, $add_query = '', $handler) { global $use_backquotes; $local_query = 'SELECT * FROM ' . backquote($db) . '.' . backquote($table) . $add_query; $result = mysql_query($local_query) or mysql_die('', $local_query); $i = 0; $isFirstRow = TRUE; while ($row = mysql_fetch_row($result)) { @set_time_limit(60); // HaRa $table_list = '('; for ($j = 0; $j < mysql_num_fields($result); $j++) { $table_list .= backquote(mysql_field_name($result, $j), $use_backquotes) . ', '; } $table_list = substr($table_list, 0, -2); $table_list .= ')'; if (isset($GLOBALS['extended_ins']) && !$isFirstRow) { $schema_insert = '('; } else { if (isset($GLOBALS['showcolumns'])) { $schema_insert = 'INSERT INTO ' . backquote(html_format($table), $use_backquotes) . ' ' . html_format($table_list) . ' VALUES ('; } else { $schema_insert = 'INSERT INTO ' . backquote(html_format($table), $use_backquotes) . ' VALUES ('; } $isFirstRow = FALSE; } for ($j = 0; $j < mysql_num_fields($result); $j++) { if (!isset($row[$j])) { $schema_insert .= ' NULL,'; } else if ($row[$j] != '') { $dummy = ''; $srcstr = $row[$j]; for ($xx = 0; $xx < strlen($srcstr); $xx++) { $yy = strlen($dummy); if ($srcstr[$xx] == "\\") $dummy .= "\\\\"; if ($srcstr[$xx] == "'") $dummy .= "\\'"; if ($srcstr[$xx] == "\"") $dummy .= "\\\""; if ($srcstr[$xx] == "\x00") $dummy .= "\\0"; if ($srcstr[$xx] == "\x0a") $dummy .= "\\n"; if ($srcstr[$xx] == "\x0d") $dummy .= "\\r"; if ($srcstr[$xx] == "\x08") $dummy .= "\\b"; if ($srcstr[$xx] == "\t") $dummy .= "\\t"; if ($srcstr[$xx] == "\x1a") $dummy .= "\\Z"; if (strlen($dummy) == $yy) $dummy .= $srcstr[$xx]; } $schema_insert .= " '" . $dummy . "',"; } else { $schema_insert .= " '',"; } // end if } // end for $schema_insert = ereg_replace(',$', '', $schema_insert); $schema_insert .= ')'; $handler(trim($schema_insert)); ++$i; } // end while // Replace last comma by a semi-column in extended inserts case if ($i > 0 && isset($GLOBALS['extended_ins'])) { $GLOBALS['tmp_buffer'] = ereg_replace(',([^,]*)$', ';\\1', $GLOBALS['tmp_buffer']); } return TRUE; } // end of the 'get_table_content_old()' function /** * Dispatches between the versions of 'get_table_content' to use depending * on the php version * * Last revision 13 July 2001: Patch for limiting dump size from * vinay@sanisoft.com & girish@sanisoft.com * * @param string the current database name * @param string the current table name * @param integer the offset on this table * @param integer the last row to get * @param string the name of the handler (function) to use at the end * of every row. This handler must accept one parameter * ($sql_insert) * * @see get_table_content_fast(), get_table_content_old() * @author staybyte */ function get_table_content($db, $table, $limit_from = 0, $limit_to = 0, $handler) { // Defines the offsets to use if ($limit_from > 0) { $limit_from--; } else { $limit_from = 0; } if ($limit_to > 0 && $limit_from >= 0) { $add_query = " LIMIT $limit_from, $limit_to"; } else { $add_query = ''; } // Call the working function depending on the php version if (PHP_INT_VERSION >= 40005) { get_table_content_fast($db, $table, $add_query, $handler); } else { get_table_content_old($db, $table, $add_query, $handler); } } // end of the 'get_table_content()' function /** * Outputs the content of a table in CSV format * * Last revision 14 July 2001: Patch for limiting dump size from * vinay@sanisoft.com & girish@sanisoft.com * * @param string the database name * @param string the table name * @param integer the offset on this table * @param integer the last row to get * @param string the field separator character * @param string the optionnal "enclosed by" character * @param string the handler (function) to call. It must accept one * parameter ($sql_insert) * * @global string whether to obtain an excel compatible csv format or a * simple csv one * * @return boolean always true */ function get_table_csv($db, $table, $limit_from = 0, $limit_to = 0, $sep, $enc_by, $esc_by, $handler) { global $what; // Handles the "separator" and the optionnal "enclosed by" characters if (empty($sep) || $what == 'excel') { $sep = ';'; } else { if (get_magic_quotes_gpc()) { $sep = stripslashes($sep); } $sep = str_replace('\\t', "\011", $sep); } if (empty($enc_by) || $what == 'excel') { $enc_by = '"'; } else { if (get_magic_quotes_gpc()) { $enc_by = stripslashes($enc_by); } $enc_by = str_replace('"', '"', $enc_by); } if (empty($esc_by) || $what == 'excel') { // double the "enclosed by" character $esc_by = $enc_by; } else { if (get_magic_quotes_gpc()) { $esc_by = stripslashes($esc_by); } } // Defines the offsets to use if ($limit_from > 0) { $limit_from--; } else { $limit_from = 0; } if ($limit_to > 0 && $limit_from >= 0) { $add_query = " LIMIT $limit_from, $limit_to"; } else { $add_query = ''; } // Gets the data from the database $local_query = 'SELECT * FROM ' . backquote($db) . '.' . backquote($table) . $add_query; $result = mysql_query($local_query) or mysql_die('', $local_query); // Format the data $i = 0; while ($row = mysql_fetch_row($result)) { @set_time_limit(60); $schema_insert = ''; $fields_cnt = mysql_num_fields($result); for ($j = 0; $j < $fields_cnt; $j++) { if (!isset($row[$j])) { $schema_insert .= 'NULL'; } else if ($row[$j] != '') { // loic1 : always enclose fields if ($what == 'excel') { $row[$j] = ereg_replace("\015(\012)?", "\012", $row[$j]); } $schema_insert .= $enc_by . str_replace($enc_by, $esc_by . $enc_by, $row[$j]) . $enc_by; } else { $schema_insert .= ''; } if ($j < $fields_cnt-1) { $schema_insert .= $sep; } } // end for $handler(trim($schema_insert)); ++$i; } // end while return TRUE; } // end of the 'get_table_csv()' function /* -------- Functions used to format commands from imported file ------- */ /** * Splits up large sql files into individual queries * * Last revision: 22 August 2001 - loic1 * * @param string the sql commands * @param string the end of command line delimiter * * @return array the splitted sql commands */ function split_sql_file($sql, $delimiter) { $sql = trim($sql); $char = ''; $last_char = ''; $ret = array(); $string_start = ''; $in_string = FALSE; $escaped_backslash = FALSE; for ($i = 0; $i < strlen($sql); ++$i) { $char = $sql[$i]; // if delimiter found, add the parsed part to the returned array if ($char == $delimiter && !$in_string) { $ret[] = substr($sql, 0, $i); $sql = substr($sql, $i + 1); $i = 0; $last_char = ''; } if ($in_string) { // We are in a string, first check for escaped backslashes if ($char == '\\') { if ($last_char != '\\') { $escaped_backslash = FALSE; } else { $escaped_backslash = !$escaped_backslash; } } // then check for not escaped end of strings except for // backquotes than cannot be escaped if (($char == $string_start) && ($char == '`' || !(($last_char == '\\') && !$escaped_backslash))) { $in_string = FALSE; $string_start = ''; } } else { // we are not in a string, check for start of strings if (($char == '"') || ($char == '\'') || ($char == '`')) { $in_string = TRUE; $string_start = $char; } } $last_char = $char; } // end for // add any rest to the returned array if (!empty($sql)) { $ret[] = $sql; } return $ret; } // end of the 'split_sql_file()' function /** * Removes # type remarks from large sql files * * Version 3 20th May 2001 - Last Modified By Pete Kelly * * @param string the sql commands * * @return string the cleaned sql commands */ function remove_remarks($sql) { $i = 0; while ($i < strlen($sql)) { // Patch from Chee Wai // (otherwise, if $i == 0 and $sql[$i] == "#", the original order // in the second part of the AND bit will fail with illegal index) if ($sql[$i] == '#' && ($i == 0 || $sql[$i-1] == "\n")) { $j = 1; while ($sql[$i+$j] != "\n") { $j++; if ($j+$i > strlen($sql)) { break; } } // end while $sql = substr($sql, 0, $i) . substr($sql, $i+$j); } // end if $i++; } // end while return $sql; } // end of the 'remove_remarks()' function /* ------------------------ The bookmark feature ----------------------- */ /** * Defines the bookmark parameters for the current user * * @return array the bookmark parameters for the current user * * @global array the list of settings for the current server * @global integer the id of the current server */ function get_bookmarks_param() { global $cfgServer; global $server; $cfgBookmark = FALSE; $cfgBookmark = ''; // No server selected -> no bookmark table if ($server == 0) { return ''; } $cfgBookmark['user'] = $cfgServer['user']; $cfgBookmark['db'] = $cfgServer['bookmarkdb']; $cfgBookmark['table'] = $cfgServer['bookmarktable']; return $cfgBookmark; } // end of the 'get_bookmarks_param()' function /** * Gets the list of bookmarks defined for the current database * * @param string the current database name * @param array the bookmark parameters for the current user * * @return mixed the bookmarks list if defined, false else */ function list_bookmarks($db, $cfgBookmark) { $query = 'SELECT label, id FROM '. backquote($cfgBookmark['db']) . '.' . backquote($cfgBookmark['table']) . ' WHERE dbase = \'' . sql_addslashes($db) . '\'' . ' AND user = \'' . sql_addslashes($cfgBookmark['user']) . '\''; if (isset($GLOBALS['dbh'])) { $result = mysql_query($query, $GLOBALS['dbh']); } else { $result = mysql_query($query); } // There is some bookmarks -> store them if ($result > 0 && mysql_num_rows($result) > 0) { $flag = 1; while ($row = mysql_fetch_row($result)) { $bookmark_list[$flag . ' - ' . $row[0]] = $row[1]; $flag++; } // end while return $bookmark_list; } // No bookmarks for the current database else { return FALSE; } } // end of the 'list_bookmarks()' function /** * Gets the sql command from a bookmark * * @param string the current database name * @param array the bookmark parameters for the current user * @param integer the id of the bookmark to get * * @return string the sql query */ function query_bookmarks($db, $cfgBookmark, $id) { $query = 'SELECT query FROM ' . backquote($cfgBookmark['db']) . '.' . backquote($cfgBookmark['table']) . ' WHERE dbase = \'' . sql_addslashes($db) . '\'' . ' AND user = \'' . sql_addslashes($cfgBookmark['user']) . '\'' . ' AND id = ' . $id; if (isset($GLOBALS['dbh'])) { $result = mysql_query($query, $GLOBALS['dbh']); } else { $result = mysql_query($query); } $bookmark_query = mysql_result($result, 0, 'query'); return $bookmark_query; } // end of the 'query_bookmarks()' function /** * Adds a bookmark * * @param array the properties of the bookmark to add * @param array the bookmark parameters for the current user */ function add_bookmarks($fields, $cfgBookmark) { $query = 'INSERT INTO ' . backquote($cfgBookmark['db']) . '.' . backquote($cfgBookmark['table']) . ' (id, dbase, user, query, label) VALUES (\'\', \'' . sql_addslashes($fields['dbase']) . '\', \'' . sql_addslashes($fields['user']) . '\', \'' . sql_addslashes(urldecode($fields['query'])) . '\', \'' . sql_addslashes($fields['label']) . '\')'; if (isset($GLOBALS['dbh'])) { $result = mysql_query($query, $GLOBALS['dbh']); } else { $result = mysql_query($query); } } // end of the 'add_bookmarks()' function /** * Deletes a bookmark * * @param string the current database name * @param array the bookmark parameters for the current user * @param integer the id of the bookmark to get */ function delete_bookmarks($db, $cfgBookmark, $id) { $query = 'DELETE FROM ' . backquote($cfgBookmark['db']) . '.' . backquote($cfgBookmark['table']) . ' WHERE user = \'' . sql_addslashes($cfgBookmark['user']) . '\'' . ' AND id = ' . $id; if (isset($GLOBALS['dbh'])) { $result = mysql_query($query, $GLOBALS['dbh']); } else { $result = mysql_query($query); } } // end of the 'delete_bookmarks()' function /* -------------------- End of functions definitions ------------------- */ /** * Bookmark Support */ $cfgBookmark = get_bookmarks_param(); } // $__LIB_INC__ ?>