1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
/** |
4
|
|
|
* PHPPgAdmin v6.0.0-beta.50 |
5
|
|
|
*/ |
6
|
|
|
|
7
|
|
|
namespace PHPPgAdmin\Controller; |
8
|
|
|
|
9
|
|
|
/** |
10
|
|
|
* Base controller class. |
11
|
|
|
* |
12
|
|
|
* @package PHPPgAdmin |
13
|
|
|
*/ |
14
|
|
|
class SqleditController extends BaseController |
15
|
|
|
{ |
16
|
|
|
use \PHPPgAdmin\Traits\ServersTrait; |
17
|
|
|
|
18
|
|
|
public $query = ''; |
19
|
|
|
public $subject = ''; |
20
|
|
|
public $start_time; |
21
|
|
|
public $duration; |
22
|
|
|
|
23
|
|
|
/** |
24
|
|
|
* Default method to render the controller according to the action parameter. |
25
|
|
|
*/ |
26
|
|
|
public function render() |
27
|
|
|
{ |
28
|
|
|
switch ($this->action) { |
29
|
|
|
case 'find': |
30
|
|
|
$title = $this->lang['strfind']; |
31
|
|
|
$body_text = $this->doFind(); |
32
|
|
|
|
33
|
|
|
break; |
34
|
|
|
case 'sql': |
35
|
|
|
default: |
36
|
|
|
$title = $this->lang['strsql']; |
37
|
|
|
$body_text = $this->doDefault(); |
38
|
|
|
|
39
|
|
|
break; |
40
|
|
|
} |
41
|
|
|
|
42
|
|
|
$this->setWindowName('sqledit'); |
43
|
|
|
|
44
|
|
|
$this->scripts = '<script type="text/javascript">window.inPopUp=true;</script>'; |
45
|
|
|
|
46
|
|
|
$this->printHeader($title, $this->scripts, true, 'header_sqledit.twig'); |
47
|
|
|
$this->printBody(true, 'sql_edit'); |
48
|
|
|
echo $body_text; |
49
|
|
|
|
50
|
|
|
$this->printFooter(true, 'footer_sqledit.twig'); |
51
|
|
|
} |
52
|
|
|
|
53
|
|
|
/** |
54
|
|
|
* Allow execution of arbitrary SQL statements on a database. |
55
|
|
|
*/ |
56
|
|
|
public function doDefault() |
57
|
|
|
{ |
58
|
|
|
$data = $this->misc->getDatabaseAccessor(); |
59
|
|
|
|
60
|
|
|
if (!isset($_SESSION['sqlquery'])) { |
61
|
|
|
$_SESSION['sqlquery'] = ''; |
62
|
|
|
} |
63
|
|
|
|
64
|
|
|
$this->coalesceArr($_REQUEST, 'search_path', implode(',', $data->getSearchPath())); |
65
|
|
|
$search_path = htmlspecialchars($_REQUEST['search_path']); |
66
|
|
|
$sqlquery = htmlspecialchars($_SESSION['sqlquery']); |
67
|
|
|
|
68
|
|
|
$default_html = $this->printTabs($this->misc->getNavTabs('popup'), 'sql', false); |
69
|
|
|
|
70
|
|
|
$default_html .= '<form action="'.\SUBFOLDER.'/src/views/sql" method="post" enctype="multipart/form-data" class="sqlform" id="sqlform" target="detail">'; |
71
|
|
|
$default_html .= PHP_EOL; |
72
|
|
|
$default_html .= $this->printConnection('sql', false); |
73
|
|
|
|
74
|
|
|
$default_html .= PHP_EOL; |
75
|
|
|
|
76
|
|
|
$default_html .= ' <div class="searchpath">'; |
77
|
|
|
$default_html .= '<label>'; |
78
|
|
|
$default_html .= $this->misc->printHelp($this->lang['strsearchpath'], 'pg.schema.search_path', false); |
79
|
|
|
|
80
|
|
|
$default_html .= ': <input type="text" name="search_path" id="search_path" size="45" value="'.$search_path.'" />'; |
81
|
|
|
$default_html .= '</label>'.PHP_EOL; |
82
|
|
|
|
83
|
|
|
$default_html .= '</div>'.PHP_EOL; |
84
|
|
|
|
85
|
|
|
$default_html .= '<div id="queryedition" style="padding:1%;width:98%;float:left;">'; |
86
|
|
|
$default_html .= PHP_EOL; |
87
|
|
|
$default_html .= '<textarea style="width:98%;" rows="10" cols="50" name="query" id="query" resizable="true">'.$sqlquery.'</textarea>'; |
88
|
|
|
$default_html .= PHP_EOL; |
89
|
|
|
$default_html .= '</div>'.PHP_EOL; |
90
|
|
|
|
91
|
|
|
$default_html .= '<div class="sqledit_bottom_inputs" >'; |
92
|
|
|
|
93
|
|
|
if (ini_get('file_uploads')) { |
94
|
|
|
// Don't show upload option if max size of uploads is zero |
95
|
|
|
$max_size = $this->misc->inisizeToBytes(ini_get('upload_max_filesize')); |
96
|
|
|
if (is_double($max_size) && $max_size > 0) { |
97
|
|
|
$default_html .= '<p class="upload_sql_script">'; |
98
|
|
|
$default_html .= '<input type="hidden" name="MAX_FILE_SIZE" value="'.$max_size.'" />'; |
99
|
|
|
$default_html .= PHP_EOL; |
100
|
|
|
$default_html .= '<label for="script">'.$this->lang['struploadscript'].'</label>'; |
101
|
|
|
$default_html .= ' <input class="btn btn-small" id="script" name="script" type="file" /></p>'; |
102
|
|
|
$default_html .= '</p>'.PHP_EOL; |
103
|
|
|
} |
104
|
|
|
} |
105
|
|
|
|
106
|
|
|
// Check that file uploads are enabled |
107
|
|
|
$checked = (isset($_REQUEST['paginate']) ? ' checked="checked"' : ''); |
108
|
|
|
|
109
|
|
|
$default_html .= '<p><input type="submit" class="btn btn-small" name="execute" accesskey="r" value="'.$this->lang['strexecute'].'" />'; |
110
|
|
|
$default_html .= PHP_EOL; |
111
|
|
|
|
112
|
|
|
$default_html .= '<input type="reset" class="btn btn-small" accesskey="q" value="'.$this->lang['strreset'].'" /></p>'; |
113
|
|
|
$default_html .= PHP_EOL; |
114
|
|
|
|
115
|
|
|
$default_html .= '<p>'; |
116
|
|
|
$default_html .= '<label for="paginate">'; |
117
|
|
|
$default_html .= '<input type="checkbox" id="paginate" name="paginate"'.$checked.' /> '.$this->lang['strpaginate'].' '; |
118
|
|
|
$default_html .= '</label>'.PHP_EOL; |
119
|
|
|
$default_html .= '</p>'.PHP_EOL; |
120
|
|
|
|
121
|
|
|
$default_html .= '</div>'.PHP_EOL; |
122
|
|
|
$default_html .= '</form>'; |
123
|
|
|
$default_html .= PHP_EOL; |
124
|
|
|
|
125
|
|
|
// Default focus |
126
|
|
|
//$this->setFocus('forms[0].query'); |
127
|
|
|
return $default_html; |
128
|
|
|
} |
129
|
|
|
|
130
|
|
|
private function _getFilters() |
131
|
|
|
{ |
132
|
|
|
$filters = [ |
133
|
|
|
'SCHEMA' => ['langkey' => 'strschemas', 'selected' => ''], |
134
|
|
|
'TABLE' => ['langkey' => 'strtables', 'selected' => ''], |
135
|
|
|
'VIEW' => ['langkey' => 'strviews', 'selected' => ''], |
136
|
|
|
'SEQUENCE' => ['langkey' => 'strsequences', 'selected' => ''], |
137
|
|
|
'COLUMN' => ['langkey' => 'strcolumns', 'selected' => ''], |
138
|
|
|
'RULE' => ['langkey' => 'strrules', 'selected' => ''], |
139
|
|
|
'INDEX' => ['langkey' => 'strindexes', 'selected' => ''], |
140
|
|
|
'TRIGGER' => ['langkey' => 'strtriggers', 'selected' => ''], |
141
|
|
|
'CONSTRAINT' => ['langkey' => 'strconstraints', 'selected' => ''], |
142
|
|
|
'FUNCTION' => ['langkey' => 'strfunctions', 'selected' => ''], |
143
|
|
|
'DOMAIN' => ['langkey' => 'strdomains', 'selected' => ''], |
144
|
|
|
]; |
145
|
|
|
|
146
|
|
|
return $filters; |
147
|
|
|
} |
148
|
|
|
|
149
|
|
|
private function _getAdvancedFilters() |
150
|
|
|
{ |
151
|
|
|
$advanced_filters = [ |
152
|
|
|
'AGGREGATE' => ['langkey' => 'straggregates', 'selected' => ''], |
153
|
|
|
'TYPE' => ['langkey' => 'strtypes', 'selected' => ''], |
154
|
|
|
'OPERATOR' => ['langkey' => 'stroperators', 'selected' => ''], |
155
|
|
|
'OPCLASS' => ['langkey' => 'stropclasses', 'selected' => ''], |
156
|
|
|
'CONVERSION' => ['langkey' => 'strconversions', 'selected' => ''], |
157
|
|
|
'LANGUAGE' => ['langkey' => 'strlanguages', 'selected' => ''], |
158
|
|
|
]; |
159
|
|
|
|
160
|
|
|
return $advanced_filters; |
161
|
|
|
} |
162
|
|
|
|
163
|
|
|
/** |
164
|
|
|
* Searches for a named database object. |
165
|
|
|
*/ |
166
|
|
|
public function doFind() |
167
|
|
|
{ |
168
|
|
|
$data = $this->misc->getDatabaseAccessor(); |
169
|
|
|
|
170
|
|
|
$this->coalesceArr($_REQUEST, 'term', ''); |
171
|
|
|
|
172
|
|
|
$this->coalesceArr($_REQUEST, 'filter', ''); |
173
|
|
|
|
174
|
|
|
$default_html = $this->printTabs($this->misc->getNavTabs('popup'), 'find', false); |
175
|
|
|
|
176
|
|
|
$default_html .= '<form action="database" method="post" target="detail">'.PHP_EOL; |
177
|
|
|
$default_html .= $this->printConnection('find', false); |
178
|
|
|
$default_html .= '<p><input class="focusme" name="term" id="term" value="'.htmlspecialchars($_REQUEST['term'])."\" size=\"32\" maxlength=\"{$data->_maxNameLen}\" />".PHP_EOL; |
179
|
|
|
|
180
|
|
|
$filters = $this->_getFilters(); |
181
|
|
|
$advanced_filters = $this->_getAdvancedFilters(); |
182
|
|
|
|
183
|
|
|
if (isset($filters[$_REQUEST['filter']])) { |
184
|
|
|
$filters[$_REQUEST['filter']]['selected'] = ' selected="selected" '; |
185
|
|
|
} |
186
|
|
|
|
187
|
|
|
if (isset($advanced_filters[$_REQUEST['filter']])) { |
188
|
|
|
$advanced_filters[$_REQUEST['filter']]['selected'] = ' selected="selected" '; |
189
|
|
|
} |
190
|
|
|
|
191
|
|
|
// Output list of filters. This is complex due to all the 'has' and 'conf' feature possibilities |
192
|
|
|
$default_html .= "<select id='filter' name=\"filter\">".PHP_EOL; |
193
|
|
|
$default_html .= sprintf('%s<option value=""'.('' == $_REQUEST['filter'] ? ' selected="selected" ' : '').">{$this->lang['strallobjects']}</option>".PHP_EOL, "\t"); |
194
|
|
|
foreach ($filters as $type => $props) { |
195
|
|
|
$default_html .= sprintf('%s<option value="%s" %s >%s</option>'.PHP_EOL, "\t", $type, $props['selected'], $this->lang[$props['langkey']]); |
196
|
|
|
} |
197
|
|
|
|
198
|
|
|
if ($this->conf['show_advanced']) { |
199
|
|
|
foreach ($advanced_filters as $type => $props) { |
200
|
|
|
$default_html .= sprintf('%s<option value="%s" %s >%s</option>'.PHP_EOL, "\t", $type, $props['selected'], $this->lang[$props['langkey']]); |
201
|
|
|
} |
202
|
|
|
} |
203
|
|
|
$default_html .= '</select>'.PHP_EOL; |
204
|
|
|
|
205
|
|
|
$default_html .= "<input type=\"submit\" value=\"{$this->lang['strfind']}\" />".PHP_EOL; |
206
|
|
|
$default_html .= '<input type="hidden" name="action" value="find" /></p>'.PHP_EOL; |
207
|
|
|
$default_html .= '</form>'.PHP_EOL; |
208
|
|
|
|
209
|
|
|
// Default focus |
210
|
|
|
$this->setFocus('forms[0].term'); |
211
|
|
|
|
212
|
|
|
return $default_html; |
213
|
|
|
} |
214
|
|
|
} |
215
|
|
|
|