| [ Index ] |
|
Code source de phpMyAdmin 2.10.3 |
1 <?php 2 /** 3 * manipulation of table data like inserting, replacing and updating 4 * vim: expandtab sw=4 ts=4 sts=4: 5 * 6 * usally called as form action from tbl_change.php to insert or update table rows 7 * 8 * @version $Id: tbl_replace.php 10355 2007-05-08 18:16:08Z cybot_tm $ 9 * 10 * @todo 'edit_next' tends to not work as expected if used ... at least there is no order by 11 * it needs the original query and the row number and than replace the LIMIT clause 12 * @uses PMA_checkParameters() 13 * @uses PMA_DBI_select_db() 14 * @uses PMA_DBI_query() 15 * @uses PMA_DBI_fetch_row() 16 * @uses PMA_DBI_get_fields_meta() 17 * @uses PMA_DBI_free_result() 18 * @uses PMA_DBI_try_query() 19 * @uses PMA_DBI_getError() 20 * @uses PMA_DBI_affected_rows() 21 * @uses PMA_DBI_insert_id() 22 * @uses PMA_backquote() 23 * @uses PMA_getUniqueCondition() 24 * @uses PMA_sqlAddslashes() 25 * @uses PMA_securePath() 26 * @uses PMA_sendHeaderLocation() 27 * @uses str_replace() 28 * @uses urlencode() 29 * @uses count() 30 * @uses file_exists() 31 * @uses strlen() 32 * @uses str_replace() 33 * @uses preg_replace() 34 * @uses is_array() 35 * @uses $GLOBALS['db'] 36 * @uses $GLOBALS['table'] 37 * @uses $GLOBALS['goto'] 38 * @uses $GLOBALS['sql_query'] 39 */ 40 41 /** 42 * do not import request variable into global scope 43 * 44 * cannot be used as long as it could happen that the $goto file that is included 45 * at the end of this script is not updated to work without imported request variables 46 * 47 * @todo uncomment this if all possible included files to rely on import request variables 48 if (! defined('PMA_NO_VARIABLES_IMPORT')) { 49 define('PMA_NO_VARIABLES_IMPORT', true); 50 } 51 */ 52 /** 53 * Gets some core libraries 54 */ 55 require_once './libraries/common.lib.php'; 56 57 // Check parameters 58 PMA_checkParameters(array('db', 'table', 'goto')); 59 60 PMA_DBI_select_db($GLOBALS['db']); 61 62 /** 63 * Initializes some variables 64 */ 65 if (isset($_REQUEST['dontlimitchars'])) { 66 $url_params['dontlimitchars'] = $_REQUEST['dontlimitchars']; 67 } 68 if (isset($_REQUEST['pos'])) { 69 $url_params['pos'] = (int) $_REQUEST['pos']; 70 } 71 if (isset($_REQUEST['session_max_rows'])) { 72 $url_params['session_max_rows'] = (int) $_REQUEST['session_max_rows']; 73 } 74 if (isset($_REQUEST['disp_direction'])) { 75 $url_params['disp_direction'] = $_REQUEST['disp_direction']; 76 } 77 if (isset($_REQUEST['repeat_cells'])) { 78 $url_params['repeat_cells'] = (int) $_REQUEST['repeat_cells']; 79 } 80 81 $goto_include = false; 82 if (isset($_REQUEST['after_insert']) 83 && in_array($_REQUEST['after_insert'], array('new_insert', 'same_insert', 'edit_next'))) { 84 $url_params['after_insert'] = $_REQUEST['after_insert']; 85 //$GLOBALS['goto'] = 'tbl_change.php'; 86 $goto_include = 'tbl_change.php'; 87 88 if (isset($_REQUEST['primary_key'])) { 89 if ($_REQUEST['after_insert'] == 'same_insert') { 90 foreach ($_REQUEST['primary_key'] as $pk) { 91 $url_params['primary_key'][] = $pk; 92 } 93 } elseif ($_REQUEST['after_insert'] == 'edit_next') { 94 foreach ($_REQUEST['primary_key'] as $pk) { 95 $local_query = 'SELECT * FROM ' . PMA_backquote($GLOBALS['db']) . '.' . PMA_backquote($GLOBALS['table']) 96 . ' WHERE ' . str_replace('` =', '` >', $pk) 97 . ' LIMIT 1;'; 98 $res = PMA_DBI_query($local_query); 99 $row = PMA_DBI_fetch_row($res); 100 $meta = PMA_DBI_get_fields_meta($res); 101 $url_params['primary_key'][] = PMA_getUniqueCondition($res, count($row), $meta, $row); 102 } 103 } 104 } 105 } elseif (! empty($GLOBALS['goto'])) { 106 if (! preg_match('@^[a-z_]+\.php$@', $GLOBALS['goto'])) { 107 // this should NOT happen 108 //$GLOBALS['goto'] = false; 109 $goto_include = false; 110 } else { 111 $goto_include = $GLOBALS['goto']; 112 } 113 if ($GLOBALS['goto'] == 'db_sql.php' && isset($GLOBALS['table'])) { 114 unset($GLOBALS['table']); 115 } 116 } 117 118 if (! $goto_include) { 119 if (! isset($GLOBALS['table']) || ! strlen($GLOBALS['table'])) { 120 $goto_include = 'db_sql.php'; 121 } else { 122 $goto_include = 'tbl_sql.php'; 123 } 124 } 125 126 // Defines the url to return in case of failure of the query 127 if (isset($_REQUEST['err_url'])) { 128 $err_url = $_REQUEST['err_url']; 129 } else { 130 $err_url = 'tbl_change.php' . PMA_generate_common_url($url_params); 131 } 132 133 // Misc 134 $seen_binary = false; 135 136 /** 137 * Prepares the update/insert of a row 138 */ 139 if (isset($_REQUEST['primary_key'])) { 140 // we were editing something => use primary key 141 $loop_array = (is_array($_REQUEST['primary_key']) ? $_REQUEST['primary_key'] : array($_REQUEST['primary_key'])); 142 $using_key = true; 143 $is_insert = ($_REQUEST['submit_type'] == $GLOBALS['strInsertAsNewRow']); 144 } else { 145 // new row => use indexes 146 $loop_array = array(); 147 foreach ($_REQUEST['fields']['multi_edit'] as $key => $dummy) { 148 $loop_array[] = $key; 149 } 150 $using_key = false; 151 $is_insert = true; 152 } 153 154 $query = array(); 155 $message = ''; 156 $value_sets = array(); 157 $func_no_param = array( 158 'NOW', 159 'CURDATE', 160 'CURTIME', 161 'UTC_DATE', 162 'UTC_TIME', 163 'UTC_TIMESTAMP', 164 'UNIX_TIMESTAMP', 165 'RAND', 166 'USER', 167 'LAST_INSERT_ID', 168 ); 169 170 foreach ($loop_array as $primary_key) { 171 // skip fields to be ignored 172 if (! $using_key && isset($_REQUEST['insert_ignore_' . $primary_key])) { 173 continue; 174 } 175 176 // Defines the SET part of the sql query 177 $query_values = array(); 178 179 // Map multi-edit keys to single-level arrays, dependent on how we got the fields 180 $me_fields = 181 isset($_REQUEST['fields']['multi_edit'][$primary_key]) 182 ? $_REQUEST['fields']['multi_edit'][$primary_key] 183 : array(); 184 $me_fields_prev = 185 isset($_REQUEST['fields_prev']['multi_edit'][$primary_key]) 186 ? $_REQUEST['fields_prev']['multi_edit'][$primary_key] 187 : null; 188 $me_funcs = 189 isset($_REQUEST['funcs']['multi_edit'][$primary_key]) 190 ? $_REQUEST['funcs']['multi_edit'][$primary_key] 191 : null; 192 $me_fields_type = 193 isset($_REQUEST['fields_type']['multi_edit'][$primary_key]) 194 ? $_REQUEST['fields_type']['multi_edit'][$primary_key] 195 : null; 196 $me_fields_null = 197 isset($_REQUEST['fields_null']['multi_edit'][$primary_key]) 198 ? $_REQUEST['fields_null']['multi_edit'][$primary_key] 199 : null; 200 $me_fields_null_prev = 201 isset($_REQUEST['fields_null_prev']['multi_edit'][$primary_key]) 202 ? $_REQUEST['fields_null_prev']['multi_edit'][$primary_key] 203 : null; 204 $me_auto_increment = 205 isset($_REQUEST['auto_increment']['multi_edit'][$primary_key]) 206 ? $_REQUEST['auto_increment']['multi_edit'][$primary_key] 207 : null; 208 209 foreach ($me_fields as $key => $val) { 210 211 require './libraries/tbl_replace_fields.inc.php'; 212 213 if (empty($me_funcs[$key])) { 214 $cur_value = $val; 215 } elseif ('UNIX_TIMESTAMP' === $me_funcs[$key] && $val != "''") { 216 $cur_value = $me_funcs[$key] . '(' . $val . ')'; 217 } elseif (in_array($me_funcs[$key], $func_no_param)) { 218 $cur_value = $me_funcs[$key] . '()'; 219 } else { 220 $cur_value = $me_funcs[$key] . '(' . $val . ')'; 221 } 222 223 // i n s e r t 224 if ($is_insert) { 225 // no need to add column into the valuelist 226 if (strlen($cur_value)) { 227 $query_values[] = $cur_value; 228 // first inserted row so prepare the list of fields 229 if (empty($value_sets)) { 230 $query_fields[] = PMA_backquote($key); 231 } 232 } 233 234 // u p d a t e 235 } elseif (!empty($me_fields_null_prev[$key]) 236 && !isset($me_fields_null[$key])) { 237 // field had the null checkbox before the update 238 // field no longer has the null checkbox 239 $query_values[] = PMA_backquote($key) . ' = ' . $cur_value; 240 } elseif (empty($me_funcs[$key]) 241 && isset($me_fields_prev[$key]) 242 && ("'" . PMA_sqlAddslashes($me_fields_prev[$key]) . "'" == $val)) { 243 // No change for this column and no MySQL function is used -> next column 244 continue; 245 } elseif (! empty($val)) { 246 // avoid setting a field to NULL when it's already NULL 247 // (field had the null checkbox before the update 248 // field still has the null checkbox) 249 if (!(! empty($me_fields_null_prev[$key]) 250 && isset($me_fields_null[$key]))) { 251 $query_values[] = PMA_backquote($key) . ' = ' . $cur_value; 252 } 253 } 254 } // end foreach ($me_fields as $key => $val) 255 256 if (count($query_values) > 0) { 257 if ($is_insert) { 258 $value_sets[] = implode(', ', $query_values); 259 } else { 260 // build update query 261 $query[] = 'UPDATE ' . PMA_backquote($GLOBALS['db']) . '.' . PMA_backquote($GLOBALS['table']) 262 . ' SET ' . implode(', ', $query_values) . ' WHERE ' . $primary_key . ' LIMIT 1'; 263 264 } 265 } 266 } // end foreach ($loop_array as $primary_key) 267 unset($me_fields_prev, $me_funcs, $me_fields_type, $me_fields_null, $me_fields_null_prev, 268 $me_auto_increment, $cur_value, $key, $val, $loop_array, $primary_key, $using_key, 269 $func_no_param); 270 271 272 // Builds the sql query 273 if ($is_insert && count($value_sets) > 0) { 274 $query[] = 'INSERT INTO ' . PMA_backquote($GLOBALS['db']) . '.' . PMA_backquote($GLOBALS['table']) 275 . ' (' . implode(', ', $query_fields) . ') VALUES (' . implode('), (', $value_sets) . ')'; 276 277 unset($query_fields, $value_sets); 278 279 $message = $GLOBALS['strInsertedRows'] . ' '; 280 } elseif (! empty($query)) { 281 $message = $GLOBALS['strAffectedRows'] . ' '; 282 } else { 283 // No change -> move back to the calling script 284 $message = $GLOBALS['strNoModification']; 285 $js_to_run = 'functions.js'; 286 $active_page = $goto_include; 287 require_once './libraries/header.inc.php'; 288 require './' . PMA_securePath($goto_include); 289 exit; 290 } 291 unset($me_fields, $is_insert); 292 293 /** 294 * Executes the sql query and get the result, then move back to the calling 295 * page 296 */ 297 if (! empty($GLOBALS['sql_query'])) { 298 $url_params['sql_query'] = $GLOBALS['sql_query']; 299 $return_to_sql_query = $GLOBALS['sql_query']; 300 } 301 $GLOBALS['sql_query'] = implode('; ', $query) . ';'; 302 $total_affected_rows = 0; 303 $last_message = ''; 304 $warning_message = ''; 305 306 foreach ($query as $single_query) { 307 if ($GLOBALS['cfg']['IgnoreMultiSubmitErrors']) { 308 $result = PMA_DBI_try_query($single_query); 309 } else { 310 $result = PMA_DBI_query($single_query); 311 } 312 313 if (! $result) { 314 $message .= PMA_DBI_getError(); 315 } else { 316 if (@PMA_DBI_affected_rows()) { 317 $total_affected_rows += @PMA_DBI_affected_rows(); 318 } 319 320 $insert_id = PMA_DBI_insert_id(); 321 if ($insert_id != 0) { 322 // insert_id is id of FIRST record inserted in one insert, so if we 323 // inserted multiple rows, we had to increment this 324 325 if ($total_affected_rows > 0) { 326 $insert_id = $insert_id + $total_affected_rows - 1; 327 } 328 $last_message .= '[br]' . $GLOBALS['strInsertedRowId'] . ' ' . $insert_id; 329 } 330 PMA_DBI_free_result($result); 331 } // end if 332 333 foreach (PMA_DBI_get_warnings() as $warning) { 334 $warning_message .= $warning['Level'] . ': #' . $warning['Code'] 335 . ' ' . $warning['Message'] . '[br]'; 336 } 337 338 unset($result); 339 } 340 unset($single_query, $query); 341 342 $message .= $total_affected_rows . $last_message; 343 344 if (! empty($warning_message)) { 345 /** 346 * @todo use a <div class="warning"> in PMA_showMessage() for this part of 347 * the message 348 */ 349 $message .= '[br]' . $warning_message; 350 } 351 unset($warning_message, $total_affected_rows, $last_message); 352 353 if (isset($return_to_sql_query)) { 354 $disp_query = $GLOBALS['sql_query']; 355 $disp_message = $message; 356 unset($message); 357 $GLOBALS['sql_query'] = $return_to_sql_query; 358 } 359 360 // if user asked to "Insert another new row", we need tbl_change.js 361 // otherwise the calendar icon does not work 362 if ($goto_include == 'tbl_change.php') { 363 /** 364 * @todo if we really need to run many different js at header time, 365 * $js_to_run would become an array and header.inc.php would iterate 366 * thru it, instead of the bunch of if/elseif it does now 367 */ 368 $js_to_run = 'tbl_change.js'; 369 } else { 370 $js_to_run = 'functions.js'; 371 } 372 $active_page = $goto_include; 373 require_once './libraries/header.inc.php'; 374 require './' . PMA_securePath($goto_include); 375 exit; 376 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Mon Nov 26 15:18:20 2007 | par Balluche grâce à PHPXref 0.7 |
|
|