Update website
This commit is contained in:
parent
4413528994
commit
1d90fbf296
6865 changed files with 1091082 additions and 0 deletions
|
|
@ -0,0 +1,67 @@
|
|||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace PhpMyAdmin\Controllers\Sql;
|
||||
|
||||
use PhpMyAdmin\CheckUserPrivileges;
|
||||
use PhpMyAdmin\Controllers\AbstractController;
|
||||
use PhpMyAdmin\DatabaseInterface;
|
||||
use PhpMyAdmin\Message;
|
||||
use PhpMyAdmin\ResponseRenderer;
|
||||
use PhpMyAdmin\Sql;
|
||||
use PhpMyAdmin\Template;
|
||||
|
||||
final class ColumnPreferencesController extends AbstractController
|
||||
{
|
||||
/** @var Sql */
|
||||
private $sql;
|
||||
|
||||
/** @var CheckUserPrivileges */
|
||||
private $checkUserPrivileges;
|
||||
|
||||
/** @var DatabaseInterface */
|
||||
private $dbi;
|
||||
|
||||
public function __construct(
|
||||
ResponseRenderer $response,
|
||||
Template $template,
|
||||
Sql $sql,
|
||||
CheckUserPrivileges $checkUserPrivileges,
|
||||
DatabaseInterface $dbi
|
||||
) {
|
||||
parent::__construct($response, $template);
|
||||
$this->sql = $sql;
|
||||
$this->checkUserPrivileges = $checkUserPrivileges;
|
||||
$this->dbi = $dbi;
|
||||
}
|
||||
|
||||
public function __invoke(): void
|
||||
{
|
||||
global $db, $table;
|
||||
|
||||
$this->checkUserPrivileges->getPrivileges();
|
||||
|
||||
$tableObject = $this->dbi->getTable($db, $table);
|
||||
$status = false;
|
||||
|
||||
// set column order
|
||||
if (isset($_POST['col_order'])) {
|
||||
$status = $this->sql->setColumnProperty($tableObject, 'col_order');
|
||||
}
|
||||
|
||||
// set column visibility
|
||||
if ($status === true && isset($_POST['col_visib'])) {
|
||||
$status = $this->sql->setColumnProperty($tableObject, 'col_visib');
|
||||
}
|
||||
|
||||
if ($status instanceof Message) {
|
||||
$this->response->setRequestStatus(false);
|
||||
$this->response->addJSON('message', $status->getString());
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
$this->response->setRequestStatus($status === true);
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,32 @@
|
|||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace PhpMyAdmin\Controllers\Sql;
|
||||
|
||||
use PhpMyAdmin\CheckUserPrivileges;
|
||||
use PhpMyAdmin\Controllers\AbstractController;
|
||||
use PhpMyAdmin\ResponseRenderer;
|
||||
use PhpMyAdmin\Template;
|
||||
use PhpMyAdmin\Utils\ForeignKey;
|
||||
|
||||
final class DefaultForeignKeyCheckValueController extends AbstractController
|
||||
{
|
||||
/** @var CheckUserPrivileges */
|
||||
private $checkUserPrivileges;
|
||||
|
||||
public function __construct(
|
||||
ResponseRenderer $response,
|
||||
Template $template,
|
||||
CheckUserPrivileges $checkUserPrivileges
|
||||
) {
|
||||
parent::__construct($response, $template);
|
||||
$this->checkUserPrivileges = $checkUserPrivileges;
|
||||
}
|
||||
|
||||
public function __invoke(): void
|
||||
{
|
||||
$this->checkUserPrivileges->getPrivileges();
|
||||
$this->response->addJSON('default_fk_check_value', ForeignKey::isCheckEnabled());
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,67 @@
|
|||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace PhpMyAdmin\Controllers\Sql;
|
||||
|
||||
use PhpMyAdmin\CheckUserPrivileges;
|
||||
use PhpMyAdmin\Controllers\AbstractController;
|
||||
use PhpMyAdmin\ResponseRenderer;
|
||||
use PhpMyAdmin\Sql;
|
||||
use PhpMyAdmin\Template;
|
||||
|
||||
use function __;
|
||||
use function htmlentities;
|
||||
|
||||
use const ENT_COMPAT;
|
||||
|
||||
final class EnumValuesController extends AbstractController
|
||||
{
|
||||
/** @var Sql */
|
||||
private $sql;
|
||||
|
||||
/** @var CheckUserPrivileges */
|
||||
private $checkUserPrivileges;
|
||||
|
||||
public function __construct(
|
||||
ResponseRenderer $response,
|
||||
Template $template,
|
||||
Sql $sql,
|
||||
CheckUserPrivileges $checkUserPrivileges
|
||||
) {
|
||||
parent::__construct($response, $template);
|
||||
$this->sql = $sql;
|
||||
$this->checkUserPrivileges = $checkUserPrivileges;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get possible values for enum fields during grid edit.
|
||||
*/
|
||||
public function __invoke(): void
|
||||
{
|
||||
global $db, $table;
|
||||
|
||||
$this->checkUserPrivileges->getPrivileges();
|
||||
|
||||
$column = $_POST['column'];
|
||||
$curr_value = $_POST['curr_value'];
|
||||
$values = $this->sql->getValuesForColumn($db, $table, $column);
|
||||
|
||||
if ($values === null) {
|
||||
$this->response->addJSON('message', __('Error in processing request'));
|
||||
$this->response->setRequestStatus(false);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
// Converts characters of $curr_value to HTML entities.
|
||||
$convertedCurrentValue = htmlentities($curr_value, ENT_COMPAT, 'UTF-8');
|
||||
|
||||
$dropdown = $this->template->render('sql/enum_column_dropdown', [
|
||||
'values' => $values,
|
||||
'selected_values' => [$convertedCurrentValue],
|
||||
]);
|
||||
|
||||
$this->response->addJSON('dropdown', $dropdown);
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,57 @@
|
|||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace PhpMyAdmin\Controllers\Sql;
|
||||
|
||||
use PhpMyAdmin\CheckUserPrivileges;
|
||||
use PhpMyAdmin\Controllers\AbstractController;
|
||||
use PhpMyAdmin\ResponseRenderer;
|
||||
use PhpMyAdmin\Sql;
|
||||
use PhpMyAdmin\Template;
|
||||
|
||||
final class RelationalValuesController extends AbstractController
|
||||
{
|
||||
/** @var Sql */
|
||||
private $sql;
|
||||
|
||||
/** @var CheckUserPrivileges */
|
||||
private $checkUserPrivileges;
|
||||
|
||||
public function __construct(
|
||||
ResponseRenderer $response,
|
||||
Template $template,
|
||||
Sql $sql,
|
||||
CheckUserPrivileges $checkUserPrivileges
|
||||
) {
|
||||
parent::__construct($response, $template);
|
||||
$this->sql = $sql;
|
||||
$this->checkUserPrivileges = $checkUserPrivileges;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get values for the relational columns
|
||||
*
|
||||
* During grid edit, if we have a relational field, show the dropdown for it.
|
||||
*/
|
||||
public function __invoke(): void
|
||||
{
|
||||
global $db, $table;
|
||||
|
||||
$this->checkUserPrivileges->getPrivileges();
|
||||
|
||||
$column = $_POST['column'];
|
||||
if (
|
||||
$_SESSION['tmpval']['relational_display'] === 'D'
|
||||
&& isset($_POST['relation_key_or_display_column'])
|
||||
&& $_POST['relation_key_or_display_column']
|
||||
) {
|
||||
$curr_value = $_POST['relation_key_or_display_column'];
|
||||
} else {
|
||||
$curr_value = $_POST['curr_value'];
|
||||
}
|
||||
|
||||
$dropdown = $this->sql->getHtmlForRelationalColumnDropdown($db, $table, $column, $curr_value);
|
||||
$this->response->addJSON('dropdown', $dropdown);
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,75 @@
|
|||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace PhpMyAdmin\Controllers\Sql;
|
||||
|
||||
use PhpMyAdmin\CheckUserPrivileges;
|
||||
use PhpMyAdmin\Controllers\AbstractController;
|
||||
use PhpMyAdmin\ResponseRenderer;
|
||||
use PhpMyAdmin\Sql;
|
||||
use PhpMyAdmin\Template;
|
||||
|
||||
use function __;
|
||||
use function htmlentities;
|
||||
|
||||
use const ENT_COMPAT;
|
||||
|
||||
final class SetValuesController extends AbstractController
|
||||
{
|
||||
/** @var Sql */
|
||||
private $sql;
|
||||
|
||||
/** @var CheckUserPrivileges */
|
||||
private $checkUserPrivileges;
|
||||
|
||||
public function __construct(
|
||||
ResponseRenderer $response,
|
||||
Template $template,
|
||||
Sql $sql,
|
||||
CheckUserPrivileges $checkUserPrivileges
|
||||
) {
|
||||
parent::__construct($response, $template);
|
||||
$this->sql = $sql;
|
||||
$this->checkUserPrivileges = $checkUserPrivileges;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get possible values for SET fields during grid edit.
|
||||
*/
|
||||
public function __invoke(): void
|
||||
{
|
||||
global $db, $table;
|
||||
|
||||
$this->checkUserPrivileges->getPrivileges();
|
||||
|
||||
$column = $_POST['column'];
|
||||
$currentValue = $_POST['curr_value'];
|
||||
$fullValues = $_POST['get_full_values'] ?? false;
|
||||
$whereClause = $_POST['where_clause'] ?? null;
|
||||
|
||||
$values = $this->sql->getValuesForColumn($db, $table, $column);
|
||||
|
||||
if ($values === null) {
|
||||
$this->response->addJSON('message', __('Error in processing request'));
|
||||
$this->response->setRequestStatus(false);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
// If the $currentValue was truncated, we should fetch the correct full values from the table.
|
||||
if ($fullValues && ! empty($whereClause)) {
|
||||
$currentValue = $this->sql->getFullValuesForSetColumn($db, $table, $column, $whereClause);
|
||||
}
|
||||
|
||||
// Converts characters of $currentValue to HTML entities.
|
||||
$convertedCurrentValue = htmlentities($currentValue, ENT_COMPAT, 'UTF-8');
|
||||
|
||||
$select = $this->template->render('sql/set_column', [
|
||||
'values' => $values,
|
||||
'current_values' => $convertedCurrentValue,
|
||||
]);
|
||||
|
||||
$this->response->addJSON('select', $select);
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,246 @@
|
|||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace PhpMyAdmin\Controllers\Sql;
|
||||
|
||||
use PhpMyAdmin\Bookmark;
|
||||
use PhpMyAdmin\CheckUserPrivileges;
|
||||
use PhpMyAdmin\Config\PageSettings;
|
||||
use PhpMyAdmin\Controllers\AbstractController;
|
||||
use PhpMyAdmin\Core;
|
||||
use PhpMyAdmin\DatabaseInterface;
|
||||
use PhpMyAdmin\Html\Generator;
|
||||
use PhpMyAdmin\Message;
|
||||
use PhpMyAdmin\ParseAnalyze;
|
||||
use PhpMyAdmin\ResponseRenderer;
|
||||
use PhpMyAdmin\Sql;
|
||||
use PhpMyAdmin\Template;
|
||||
use PhpMyAdmin\Url;
|
||||
use PhpMyAdmin\Util;
|
||||
|
||||
use function __;
|
||||
use function mb_strpos;
|
||||
use function str_contains;
|
||||
use function strlen;
|
||||
use function urlencode;
|
||||
|
||||
class SqlController extends AbstractController
|
||||
{
|
||||
/** @var Sql */
|
||||
private $sql;
|
||||
|
||||
/** @var CheckUserPrivileges */
|
||||
private $checkUserPrivileges;
|
||||
|
||||
/** @var DatabaseInterface */
|
||||
private $dbi;
|
||||
|
||||
public function __construct(
|
||||
ResponseRenderer $response,
|
||||
Template $template,
|
||||
Sql $sql,
|
||||
CheckUserPrivileges $checkUserPrivileges,
|
||||
DatabaseInterface $dbi
|
||||
) {
|
||||
parent::__construct($response, $template);
|
||||
$this->sql = $sql;
|
||||
$this->checkUserPrivileges = $checkUserPrivileges;
|
||||
$this->dbi = $dbi;
|
||||
}
|
||||
|
||||
public function __invoke(): void
|
||||
{
|
||||
global $cfg, $db, $display_query, $sql_query, $table;
|
||||
global $ajax_reload, $goto, $errorUrl, $find_real_end, $unlim_num_rows, $import_text, $disp_query;
|
||||
global $extra_data, $message_to_show, $sql_data, $disp_message, $complete_query;
|
||||
global $is_gotofile, $back, $table_from_sql;
|
||||
|
||||
$this->checkUserPrivileges->getPrivileges();
|
||||
|
||||
$pageSettings = new PageSettings('Browse');
|
||||
$this->response->addHTML($pageSettings->getErrorHTML());
|
||||
$this->response->addHTML($pageSettings->getHTML());
|
||||
|
||||
$this->addScriptFiles([
|
||||
'vendor/jquery/jquery.uitablefilter.js',
|
||||
'table/change.js',
|
||||
'indexes.js',
|
||||
'gis_data_editor.js',
|
||||
'multi_column_sort.js',
|
||||
]);
|
||||
|
||||
/**
|
||||
* Set ajax_reload in the response if it was already set
|
||||
*/
|
||||
if (isset($ajax_reload) && $ajax_reload['reload'] === true) {
|
||||
$this->response->addJSON('ajax_reload', $ajax_reload);
|
||||
}
|
||||
|
||||
/**
|
||||
* Defines the url to return to in case of error in a sql statement
|
||||
*/
|
||||
$is_gotofile = true;
|
||||
if (empty($goto)) {
|
||||
if (empty($table)) {
|
||||
$goto = Util::getScriptNameForOption($cfg['DefaultTabDatabase'], 'database');
|
||||
} else {
|
||||
$goto = Util::getScriptNameForOption($cfg['DefaultTabTable'], 'table');
|
||||
}
|
||||
}
|
||||
|
||||
if (! isset($errorUrl)) {
|
||||
$errorUrl = ! empty($back) ? $back : $goto;
|
||||
$errorUrl .= Url::getCommon(
|
||||
['db' => $GLOBALS['db']],
|
||||
! str_contains($errorUrl, '?') ? '?' : '&'
|
||||
);
|
||||
if (
|
||||
(mb_strpos(' ' . $errorUrl, 'db_') !== 1 || ! str_contains($errorUrl, '?route=/database/'))
|
||||
&& strlen($table) > 0
|
||||
) {
|
||||
$errorUrl .= '&table=' . urlencode($table);
|
||||
}
|
||||
}
|
||||
|
||||
// Coming from a bookmark dialog
|
||||
if (isset($_POST['bkm_fields']['bkm_sql_query'])) {
|
||||
$sql_query = $_POST['bkm_fields']['bkm_sql_query'];
|
||||
} elseif (isset($_POST['sql_query'])) {
|
||||
$sql_query = $_POST['sql_query'];
|
||||
} elseif (isset($_GET['sql_query'], $_GET['sql_signature'])) {
|
||||
if (Core::checkSqlQuerySignature($_GET['sql_query'], $_GET['sql_signature'])) {
|
||||
$sql_query = $_GET['sql_query'];
|
||||
}
|
||||
}
|
||||
|
||||
// This one is just to fill $db
|
||||
if (isset($_POST['bkm_fields']['bkm_database'])) {
|
||||
$db = $_POST['bkm_fields']['bkm_database'];
|
||||
}
|
||||
|
||||
// Default to browse if no query set and we have table
|
||||
// (needed for browsing from DefaultTabTable)
|
||||
if (empty($sql_query) && strlen($table) > 0 && strlen($db) > 0) {
|
||||
$sql_query = $this->sql->getDefaultSqlQueryForBrowse($db, $table);
|
||||
|
||||
// set $goto to what will be displayed if query returns 0 rows
|
||||
$goto = '';
|
||||
} else {
|
||||
// Now we can check the parameters
|
||||
Util::checkParameters(['sql_query']);
|
||||
}
|
||||
|
||||
/**
|
||||
* Parse and analyze the query
|
||||
*/
|
||||
[
|
||||
$analyzed_sql_results,
|
||||
$db,
|
||||
$table_from_sql,
|
||||
] = ParseAnalyze::sqlQuery($sql_query, $db);
|
||||
|
||||
if ($table != $table_from_sql && ! empty($table_from_sql)) {
|
||||
$table = $table_from_sql;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check rights in case of DROP DATABASE
|
||||
*
|
||||
* This test may be bypassed if $is_js_confirmed = 1 (already checked with js)
|
||||
* but since a malicious user may pass this variable by url/form, we don't take
|
||||
* into account this case.
|
||||
*/
|
||||
if (
|
||||
$this->sql->hasNoRightsToDropDatabase(
|
||||
$analyzed_sql_results,
|
||||
$cfg['AllowUserDropDatabase'],
|
||||
$this->dbi->isSuperUser()
|
||||
)
|
||||
) {
|
||||
Generator::mysqlDie(
|
||||
__('"DROP DATABASE" statements are disabled.'),
|
||||
'',
|
||||
false,
|
||||
$errorUrl
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Need to find the real end of rows?
|
||||
*/
|
||||
if (isset($find_real_end) && $find_real_end) {
|
||||
$unlim_num_rows = $this->sql->findRealEndOfRows($db, $table);
|
||||
}
|
||||
|
||||
/**
|
||||
* Bookmark add
|
||||
*/
|
||||
if (isset($_POST['store_bkm'])) {
|
||||
$this->addBookmark($goto);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets or modifies the $goto variable if required
|
||||
*/
|
||||
if ($goto === Url::getFromRoute('/sql')) {
|
||||
$is_gotofile = false;
|
||||
$goto = Url::getFromRoute('/sql', [
|
||||
'db' => $db,
|
||||
'table' => $table,
|
||||
'sql_query' => $sql_query,
|
||||
]);
|
||||
}
|
||||
|
||||
$this->response->addHTML($this->sql->executeQueryAndSendQueryResponse(
|
||||
$analyzed_sql_results,
|
||||
$is_gotofile,
|
||||
$db,
|
||||
$table,
|
||||
$find_real_end ?? null,
|
||||
$import_text ?? null,
|
||||
$extra_data ?? null,
|
||||
$message_to_show ?? null,
|
||||
$sql_data ?? null,
|
||||
$goto,
|
||||
isset($disp_query) ? $display_query : null,
|
||||
$disp_message ?? null,
|
||||
$sql_query,
|
||||
$complete_query ?? null
|
||||
));
|
||||
}
|
||||
|
||||
private function addBookmark(string $goto): void
|
||||
{
|
||||
$bookmark = Bookmark::createBookmark(
|
||||
$this->dbi,
|
||||
$_POST['bkm_fields'],
|
||||
isset($_POST['bkm_all_users']) && $_POST['bkm_all_users'] === 'true'
|
||||
);
|
||||
|
||||
$result = null;
|
||||
if ($bookmark instanceof Bookmark) {
|
||||
$result = $bookmark->save();
|
||||
}
|
||||
|
||||
if (! $this->response->isAjax()) {
|
||||
Core::sendHeaderLocation('./' . $goto . '&label=' . $_POST['bkm_fields']['bkm_label']);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
if ($result) {
|
||||
$msg = Message::success(__('Bookmark %s has been created.'));
|
||||
$msg->addParam($_POST['bkm_fields']['bkm_label']);
|
||||
$this->response->addJSON('message', $msg);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
$msg = Message::error(__('Bookmark not created!'));
|
||||
$this->response->setRequestStatus(false);
|
||||
$this->response->addJSON('message', $msg);
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue