首頁 探索 說明
登入
TC
/
TeaBag
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
目錄樹: 18aff34740
分支列表 標籤列表
TeaBag
/
run
/
phpapps
/
phpmyadmin
/
libraries
/
controllers
/
TableSearchController.class.php

TableSearchController.class.php 42 KB
文件歷史 原始文件

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225 
  1. <?php
    2. 

  2. /* vim: set expandtab sw=4 ts=4 sts=4: */
    3. 

  3. /**
    4. 

  4.  * Holds the PMA\Controllers\Table\TableSearchController
    5. 

  5.  *
    6. 

  6.  * @package PMA\Controllers\Table
    7. 

  7.  */
    8. 

  8. 

  9. namespace PMA\Controllers\Table;
    10. 

  10. 

  11. use PMA\Template;
    12. 

  12. use PMA\Controllers\TableController;
    13. 

  13. use PMA_DatabaseInterface;
    14. 

  14. use PMA_Util;
    15. 

  15. 

  16. require_once 'libraries/Template.class.php';
    17. 

  17. require_once 'libraries/mysql_charsets.inc.php';
    18. 

  18. require_once 'libraries/sql.lib.php';
    19. 

  19. require_once 'libraries/bookmark.lib.php';
    20. 

  20. require_once 'libraries/controllers/TableController.class.php';
    21. 

  21. 

  22. /**
    23. 

  23.  * Class TableSearchController
    24. 

  24.  *
    25. 

  25.  * @package PhpMyAdmin
    26. 

  26.  */
    27. 

  27. class TableSearchController extends TableController
    28. 

  28. {
    29. 

  29.     /**
    30. 

  30.      * Normal search or Zoom search
    31. 

  31.      *
    32. 

  32.      * @access private
    33. 

  33.      * @var string
    34. 

  34.      */
    35. 

  35.     private $_searchType;
    36. 

  36.     /**
    37. 

  37.      * Names of columns
    38. 

  38.      *
    39. 

  39.      * @access private
    40. 

  40.      * @var array
    41. 

  41.      */
    42. 

  42.     private $_columnNames;
    43. 

  43.     /**
    44. 

  44.      * Types of columns
    45. 

  45.      *
    46. 

  46.      * @access private
    47. 

  47.      * @var array
    48. 

  48.      */
    49. 

  49.     private $_columnTypes;
    50. 

  50.     /**
    51. 

  51.      * Collations of columns
    52. 

  52.      *
    53. 

  53.      * @access private
    54. 

  54.      * @var array
    55. 

  55.      */
    56. 

  56.     private $_columnCollations;
    57. 

  57.     /**
    58. 

  58.      * Null Flags of columns
    59. 

  59.      *
    60. 

  60.      * @access private
    61. 

  61.      * @var array
    62. 

  62.      */
    63. 

  63.     private $_columnNullFlags;
    64. 

  64.     /**
    65. 

  65.      * Whether a geometry column is present
    66. 

  66.      *
    67. 

  67.      * @access private
    68. 

  68.      * @var boolean
    69. 

  69.      */
    70. 

  70.     private $_geomColumnFlag;
    71. 

  71.     /**
    72. 

  72.      * Foreign Keys
    73. 

  73.      *
    74. 

  74.      * @access private
    75. 

  75.      * @var array
    76. 

  76.      */
    77. 

  77.     private $_foreigners;
    78. 

  78.     /**
    79. 

  79.      * Connection charset
    80. 

  80.      *
    81. 

  81.      * @access private
    82. 

  82.      * @var string
    83. 

  83.      */
    84. 

  84.     private $_connectionCharSet;
    85. 

  85. 

  86.     protected $url_query;
    87. 

  87. 

  88.     /**
    89. 

  89.      * Constructor
    90. 

  90.      *
    91. 

  91.      * @param string $searchType Search type
    92. 

  92.      * @param string $url_query  URL query
    93. 

  93.      */
    94. 

  94.     public function __construct($searchType, $url_query)
    95. 

  95.     {
    96. 

  96.         parent::__construct();
    97. 

  97. 

  98.         $this->url_query = $url_query;
    99. 

  99.         $this->_searchType = $searchType;
    100. 

  100.         $this->_columnNames = array();
    101. 

  101.         $this->_columnNullFlags = array();
    102. 

  102.         $this->_columnTypes = array();
    103. 

  103.         $this->_columnCollations = array();
    104. 

  104.         $this->_geomColumnFlag = false;
    105. 

  105.         $this->_foreigners = array();
    106. 

  106.         // Loads table's information
    107. 

  107.         $this->_loadTableInfo();
    108. 

  108.         $this->_connectionCharSet = $this->dbi->fetchValue(
    109. 

  109.             "SELECT @@character_set_connection"
    110. 

  110.         );
    111. 

  111.     }
    112. 

  112. 

  113.     /**
    114. 

  114.      * Gets all the columns of a table along with their types, collations
    115. 

  115.      * and whether null or not.
    116. 

  116.      *
    117. 

  117.      * @return void
    118. 

  118.      */
    119. 

  119.     private function _loadTableInfo()
    120. 

  120.     {
    121. 

  121.         // Gets the list and number of columns
    122. 

  122.         $columns = $this->dbi->getColumns(
    123. 

  123.             $this->db, $this->table, null, true
    124. 

  124.         );
    125. 

  125.         // Get details about the geometry functions
    126. 

  126.         $geom_types = PMA_Util::getGISDatatypes();
    127. 

  127. 

  128.         foreach ($columns as $row) {
    129. 

  129.             // set column name
    130. 

  130.             $this->_columnNames[] = $row['Field'];
    131. 

  131. 

  132.             $type = $row['Type'];
    133. 

  133.             // check whether table contains geometric columns
    134. 

  134.             if (in_array($type, $geom_types)) {
    135. 

  135.                 $this->_geomColumnFlag = true;
    136. 

  136.             }
    137. 

  137.             // reformat mysql query output
    138. 

  138.             if (strncasecmp($type, 'set', 3) == 0
    139. 

  139.                 || strncasecmp($type, 'enum', 4) == 0
    140. 

  140.             ) {
    141. 

  141.                 $type = str_replace(',', ', ', $type);
    142. 

  142.             } else {
    143. 

  143.                 // strip the "BINARY" attribute, except if we find "BINARY(" because
    144. 

  144.                 // this would be a BINARY or VARBINARY column type
    145. 

  145.                 if (! preg_match('@BINARY[\(]@i', $type)) {
    146. 

  146.                     $type = preg_replace('@BINARY@i', '', $type);
    147. 

  147.                 }
    148. 

  148.                 $type = preg_replace('@ZEROFILL@i', '', $type);
    149. 

  149.                 $type = preg_replace('@UNSIGNED@i', '', $type);
    150. 

  150.                 $type = /*overload*/mb_strtolower($type);
    151. 

  151.             }
    152. 

  152.             if (empty($type)) {
    153. 

  153.                 $type = '&nbsp;';
    154. 

  154.             }
    155. 

  155.             $this->_columnTypes[] = $type;
    156. 

  156.             $this->_columnNullFlags[] = $row['Null'];
    157. 

  157.             $this->_columnCollations[]
    158. 

  158.                 = ! empty($row['Collation']) && $row['Collation'] != 'NULL'
    159. 

  159.                 ? $row['Collation']
    160. 

  160.                 : '';
    161. 

  161.         } // end for
    162. 

  162. 

  163.         // Retrieve foreign keys
    164. 

  164.         $this->_foreigners = PMA_getForeigners($this->db, $this->table);
    165. 

  165.     }
    166. 

  166. 

  167.     /**
    168. 

  168.      * Index action
    169. 

  169.      *
    170. 

  170.      * @return void
    171. 

  171.      */
    172. 

  172.     public function indexAction()
    173. 

  173.     {
    174. 

  174.         switch ($this->_searchType) {
    175. 

  175.         case 'replace':
    176. 

  176.             if (isset($_POST['find'])) {
    177. 

  177.                 $this->findAction();
    178. 

  178. 

  179.                 return;
    180. 

  180.             }
    181. 

  181.             $this->response
    182. 

  182.                 ->getHeader()
    183. 

  183.                 ->getScripts()
    184. 

  184.                 ->addFile('tbl_find_replace.js');
    185. 

  185. 

  186.             // Show secondary level of tabs
    187. 

  187.             $this->response->addHTML(
    188. 

  188.                 Template::get('secondary_tabs')
    189. 

  189.                     ->render(
    190. 

  190.                         array(
    191. 

  191.                             'url_params' => array(
    192. 

  192.                                 'db'    => $this->db,
    193. 

  193.                                 'table' => $this->table,
    194. 

  194.                             ),
    195. 

  195.                             'sub_tabs'   => $this->_getSubTabs(),
    196. 

  196.                         )
    197. 

  197.                     )
    198. 

  198.             );
    199. 

  199. 

  200.             if (isset($_POST['replace'])) {
    201. 

  201.                 $this->replaceAction();
    202. 

  202.             }
    203. 

  203. 

  204.             if (!isset($goto)) {
    205. 

  205.                 $goto = PMA_Util::getScriptNameForOption(
    206. 

  206.                     $GLOBALS['cfg']['DefaultTabTable'], 'table'
    207. 

  207.                 );
    208. 

  208.             }
    209. 

  209.             // Defines the url to return to in case of error in the next sql
    210. 

  210.             // statement
    211. 

  211.             $params = array('db' => $this->db, 'table' => $this->table);
    212. 

  212.             $err_url = $goto . '?' . PMA_URL_getCommon($params);
    213. 

  213.             // Displays the find and replace form
    214. 

  214.             $this->response->addHTML(
    215. 

  215.                 Template::get('table/search/selection_form')
    216. 

  216.                     ->render(
    217. 

  217.                         array(
    218. 

  218.                             'searchType'       => $this->_searchType,
    219. 

  219.                             'db'               => $this->db,
    220. 

  220.                             'table'            => $this->table,
    221. 

  221.                             'goto'             => $goto,
    222. 

  222.                             'self'             => $this,
    223. 

  223.                             'geomColumnFlag'   => $this->_geomColumnFlag,
    224. 

  224.                             'columnNames'      => $this->_columnNames,
    225. 

  225.                             'columnTypes'      => $this->_columnTypes,
    226. 

  226.                             'columnCollations' => $this->_columnCollations,
    227. 

  227.                             'dataLabel'        => null,
    228. 

  228.                         )
    229. 

  229.                     )
    230. 

  230.             );
    231. 

  231.             break;
    232. 

  232. 

  233.         case 'normal':
    234. 

  234.             $this->response->getHeader()
    235. 

  235.                 ->getScripts()
    236. 

  236.                 ->addFiles(
    237. 

  237.                     array(
    238. 

  238.                         'makegrid.js',
    239. 

  239.                         'sql.js',
    240. 

  240.                         'tbl_select.js',
    241. 

  241.                         'tbl_change.js',
    242. 

  242.                         'jquery/jquery-ui-timepicker-addon.js',
    243. 

  243.                         'jquery/jquery.uitablefilter.js',
    244. 

  244.                         'gis_data_editor.js',
    245. 

  245.                     )
    246. 

  246.                 );
    247. 

  247. 

  248.             if (isset($_REQUEST['range_search'])) {
    249. 

  249.                 $this->rangeSearchAction();
    250. 

  250. 

  251.                 return;
    252. 

  252.             }
    253. 

  253. 

  254.             /**
    255. 

  255.              * No selection criteria received -> display the selection form
    256. 

  256.              */
    257. 

  257.             if (!isset($_POST['columnsToDisplay'])
    258. 

  258.                 && !isset($_POST['displayAllColumns'])
    259. 

  259.             ) {
    260. 

  260.                 $this->displaySelectionFormAction();
    261. 

  261.             } else {
    262. 

  262.                 $this->doSelectionAction();
    263. 

  263.             }
    264. 

  264.             break;
    265. 

  265. 

  266.         case 'zoom':
    267. 

  267.             $this->response->getHeader()
    268. 

  268.                 ->getScripts()
    269. 

  269.                 ->addFiles(
    270. 

  270.                     array(
    271. 

  271.                         'makegrid.js',
    272. 

  272.                         'sql.js',
    273. 

  273.                         'jqplot/jquery.jqplot.js',
    274. 

  274.                         'jqplot/plugins/jqplot.canvasTextRenderer.js',
    275. 

  275.                         'jqplot/plugins/jqplot.canvasAxisLabelRenderer.js',
    276. 

  276.                         'jqplot/plugins/jqplot.dateAxisRenderer.js',
    277. 

  277.                         'jqplot/plugins/jqplot.highlighter.js',
    278. 

  278.                         'jqplot/plugins/jqplot.cursor.js',
    279. 

  279.                         'canvg/canvg.js',
    280. 

  280.                         'jquery/jquery-ui-timepicker-addon.js',
    281. 

  281.                         'tbl_zoom_plot_jqplot.js',
    282. 

  282.                         'tbl_change.js',
    283. 

  283.                     )
    284. 

  284.                 );
    285. 

  285. 

  286.             /**
    287. 

  287.              * Handle AJAX request for data row on point select
    288. 

  288.              *
    289. 

  289.              * @var post_params Object containing parameters for the POST request
    290. 

  290.              */
    291. 

  291.             if (isset($_REQUEST['get_data_row'])
    292. 

  292.                 && $_REQUEST['get_data_row'] == true
    293. 

  293.             ) {
    294. 

  294.                 $this->getDataRowAction();
    295. 

  295. 

  296.                 return;
    297. 

  297.             }
    298. 

  298.             /**
    299. 

  299.              * Handle AJAX request for changing field information
    300. 

  300.              * (value,collation,operators,field values) in input form
    301. 

  301.              *
    302. 

  302.              * @var post_params Object containing parameters for the POST request
    303. 

  303.              */
    304. 

  304.             if (isset($_REQUEST['change_tbl_info'])
    305. 

  305.                 && $_REQUEST['change_tbl_info'] == true
    306. 

  306.             ) {
    307. 

  307.                 $this->changeTableInfoAction();
    308. 

  308. 

  309.                 return;
    310. 

  310.             }
    311. 

  311. 

  312.             $this->url_query .= '&amp;goto=tbl_select.php&amp;back=tbl_select.php';
    313. 

  313. 

  314.             // Gets tables information
    315. 

  315.             include_once './libraries/tbl_info.inc.php';
    316. 

  316. 

  317.             if (!isset($goto)) {
    318. 

  318.                 $goto = PMA_Util::getScriptNameForOption(
    319. 

  319.                     $GLOBALS['cfg']['DefaultTabTable'], 'table'
    320. 

  320.                 );
    321. 

  321.             }
    322. 

  322.             // Defines the url to return to in case of error in the next sql
    323. 

  323.             // statement
    324. 

  324.             $err_url = $goto . PMA_URL_getCommon(
    325. 

  325.                 array('db' => $this->db, 'table' => $this->table)
    326. 

  326.             );
    327. 

  327. 

  328.             //Set default datalabel if not selected
    329. 

  329.             if (!isset($_POST['zoom_submit']) || $_POST['dataLabel'] == '') {
    330. 

  330.                 $dataLabel = PMA_getDisplayField($this->db, $this->table);
    331. 

  331.             } else {
    332. 

  332.                 $dataLabel = $_POST['dataLabel'];
    333. 

  333.             }
    334. 

  334. 

  335.             // Displays the zoom search form
    336. 

  336.             $this->response->addHTML(
    337. 

  337.                 Template::get('secondary_tabs')
    338. 

  338.                     ->render(
    339. 

  339.                         array(
    340. 

  340.                             'url_params' => array(
    341. 

  341.                                 'db'    => $this->db,
    342. 

  342.                                 'table' => $this->table,
    343. 

  343.                             ),
    344. 

  344.                             'sub_tabs'   => $this->_getSubTabs(),
    345. 

  345.                         )
    346. 

  346.                     )
    347. 

  347.             );
    348. 

  348.             $this->response->addHTML(
    349. 

  349.                 Template::get('table/search/selection_form')
    350. 

  350.                     ->render(
    351. 

  351.                         array(
    352. 

  352.                             'searchType'       => $this->_searchType,
    353. 

  353.                             'db'               => $this->db,
    354. 

  354.                             'table'            => $this->table,
    355. 

  355.                             'goto'             => $goto,
    356. 

  356.                             'self'             => $this,
    357. 

  357.                             'geomColumnFlag'   => $this->_geomColumnFlag,
    358. 

  358.                             'columnNames'      => $this->_columnNames,
    359. 

  359.                             'columnTypes'      => $this->_columnTypes,
    360. 

  360.                             'columnCollations' => $this->_columnCollations,
    361. 

  361.                             'dataLabel'        => $dataLabel,
    362. 

  362.                         )
    363. 

  363.                     )
    364. 

  364.             );
    365. 

  365. 

  366.             /*
    367. 

  367.              * Handle the input criteria and generate the query result
    368. 

  368.              * Form for displaying query results
    369. 

  369.              */
    370. 

  370.             if (isset($_POST['zoom_submit'])
    371. 

  371.                 && $_POST['criteriaColumnNames'][0] != 'pma_null'
    372. 

  372.                 && $_POST['criteriaColumnNames'][1] != 'pma_null'
    373. 

  373.                 && $_POST['criteriaColumnNames'][0] != $_POST['criteriaColumnNames'][1]
    374. 

  374.             ) {
    375. 

  375.                 $this->zoomSubmitAction($dataLabel, $goto);
    376. 

  376.             }
    377. 

  377.             break;
    378. 

  378.         }
    379. 

  379.     }
    380. 

  380. 

  381.     /**
    382. 

  382.      * Zoom submit action
    383. 

  383.      *
    384. 

  384.      * @param string $dataLabel Data label
    385. 

  385.      * @param string $goto      Goto
    386. 

  386.      *
    387. 

  387.      * @return void
    388. 

  388.      */
    389. 

  389.     public function zoomSubmitAction($dataLabel, $goto)
    390. 

  390.     {
    391. 

  391.         //Query generation part
    392. 

  392.         $sql_query = $this->_buildSqlQuery();
    393. 

  393.         $sql_query .= ' LIMIT ' . $_POST['maxPlotLimit'];
    394. 

  394. 

  395.         //Query execution part
    396. 

  396.         $result = $this->dbi->query(
    397. 

  397.             $sql_query . ";", null, PMA_DatabaseInterface::QUERY_STORE
    398. 

  398.         );
    399. 

  399.         $fields_meta = $this->dbi->getFieldsMeta($result);
    400. 

  400.         $data = array();
    401. 

  401.         while ($row = $this->dbi->fetchAssoc($result)) {
    402. 

  402.             //Need a row with indexes as 0,1,2 for the getUniqueCondition
    403. 

  403.             // hence using a temporary array
    404. 

  404.             $tmpRow = array();
    405. 

  405.             foreach ($row as $val) {
    406. 

  406.                 $tmpRow[] = $val;
    407. 

  407.             }
    408. 

  408.             //Get unique condition on each row (will be needed for row update)
    409. 

  409.             $uniqueCondition = PMA_Util::getUniqueCondition(
    410. 

  410.                 $result, // handle
    411. 

  411.                 count($this->_columnNames), // fields_cnt
    412. 

  412.                 $fields_meta, // fields_meta
    413. 

  413.                 $tmpRow, // row
    414. 

  414.                 true, // force_unique
    415. 

  415.                 false, // restrict_to_table
    416. 

  416.                 null // analyzed_sql_results
    417. 

  417.             );
    418. 

  418.             //Append it to row array as where_clause
    419. 

  419.             $row['where_clause'] = $uniqueCondition[0];
    420. 

  420. 

  421.             $tmpData = array(
    422. 

  422.                 $_POST['criteriaColumnNames'][0] =>
    423. 

  423.                     $row[$_POST['criteriaColumnNames'][0]],
    424. 

  424.                 $_POST['criteriaColumnNames'][1] =>
    425. 

  425.                     $row[$_POST['criteriaColumnNames'][1]],
    426. 

  426.                 'where_clause' => $uniqueCondition[0]
    427. 

  427.             );
    428. 

  428.             $tmpData[$dataLabel] = ($dataLabel) ? $row[$dataLabel] : '';
    429. 

  429.             $data[] = $tmpData;
    430. 

  430.         }
    431. 

  431.         unset($tmpData);
    432. 

  432. 

  433.         //Displays form for point data and scatter plot
    434. 

  434.         $titles = array(
    435. 

  435.             'Browse' => PMA_Util::getIcon(
    436. 

  436.                 'b_browse.png',
    437. 

  437.                 __('Browse foreign values')
    438. 

  438.             )
    439. 

  439.         );
    440. 

  440.         $this->response->addHTML(
    441. 

  441.             Template::get('table/search/zoom_result_form')
    442. 

  442.                 ->render(
    443. 

  443.                     array(
    444. 

  444.                         '_db'              => $this->db,
    445. 

  445.                         '_table'           => $this->table,
    446. 

  446.                         '_columnNames'     => $this->_columnNames,
    447. 

  447.                         '_foreigners'      => $this->_foreigners,
    448. 

  448.                         '_columnNullFlags' => $this->_columnNullFlags,
    449. 

  449.                         '_columnTypes'     => $this->_columnTypes,
    450. 

  450.                         'titles'           => $titles,
    451. 

  451.                         'goto'             => $goto,
    452. 

  452.                         'data'             => $data,
    453. 

  453.                     )
    454. 

  454.                 )
    455. 

  455.         );
    456. 

  456.     }
    457. 

  457. 

  458.     /**
    459. 

  459.      * Change table info action
    460. 

  460.      *
    461. 

  461.      * @return void
    462. 

  462.      */
    463. 

  463.     public function changeTableInfoAction()
    464. 

  464.     {
    465. 

  465.         $field = $_REQUEST['field'];
    466. 

  466.         if ($field == 'pma_null') {
    467. 

  467.             $this->response->addJSON('field_type', '');
    468. 

  468.             $this->response->addJSON('field_collation', '');
    469. 

  469.             $this->response->addJSON('field_operators', '');
    470. 

  470.             $this->response->addJSON('field_value', '');
    471. 

  471.             return;
    472. 

  472.         }
    473. 

  473.         $key = array_search($field, $this->_columnNames);
    474. 

  474.         $properties = $this->getColumnProperties($_REQUEST['it'], $key);
    475. 

  475.         $this->response->addJSON(
    476. 

  476.             'field_type', htmlspecialchars($properties['type'])
    477. 

  477.         );
    478. 

  478.         $this->response->addJSON('field_collation', $properties['collation']);
    479. 

  479.         $this->response->addJSON('field_operators', $properties['func']);
    480. 

  480.         $this->response->addJSON('field_value', $properties['value']);
    481. 

  481.     }
    482. 

  482. 

  483.     /**
    484. 

  484.      * Get data row action
    485. 

  485.      *
    486. 

  486.      * @return void
    487. 

  487.      */
    488. 

  488.     public function getDataRowAction()
    489. 

  489.     {
    490. 

  490.         $extra_data = array();
    491. 

  491.         $row_info_query = 'SELECT * FROM `' . $_REQUEST['db'] . '`.`'
    492. 

  492.             . $_REQUEST['table'] . '` WHERE ' .  $_REQUEST['where_clause'];
    493. 

  493.         $result = $this->dbi->query(
    494. 

  494.             $row_info_query . ";", null, PMA_DatabaseInterface::QUERY_STORE
    495. 

  495.         );
    496. 

  496.         $fields_meta = $this->dbi->getFieldsMeta($result);
    497. 

  497.         while ($row = $this->dbi->fetchAssoc($result)) {
    498. 

  498.             // for bit fields we need to convert them to printable form
    499. 

  499.             $i = 0;
    500. 

  500.             foreach ($row as $col => $val) {
    501. 

  501.                 if ($fields_meta[$i]->type == 'bit') {
    502. 

  502.                     $row[$col] = PMA_Util::printableBitValue(
    503. 

  503.                         $val, $fields_meta[$i]->length
    504. 

  504.                     );
    505. 

  505.                 }
    506. 

  506.                 $i++;
    507. 

  507.             }
    508. 

  508.             $extra_data['row_info'] = $row;
    509. 

  509.         }
    510. 

  510.         $this->response->addJSON($extra_data);
    511. 

  511.     }
    512. 

  512. 

  513.     /**
    514. 

  514.      * Do selection action
    515. 

  515.      *
    516. 

  516.      * @return void
    517. 

  517.      */
    518. 

  518.     public function doSelectionAction()
    519. 

  519.     {
    520. 

  520.         /**
    521. 

  521.          * Selection criteria have been submitted -> do the work
    522. 

  522.          */
    523. 

  523.         $sql_query = $this->_buildSqlQuery();
    524. 

  524. 

  525.         /**
    526. 

  526.          * Add this to ensure following procedures included running correctly.
    527. 

  527.          */
    528. 

  528.         $db = $this->db;
    529. 

  529.         $table = $this->table;
    530. 

  530.         /**
    531. 

  531.          * Parse and analyze the query
    532. 

  532.          */
    533. 

  533.         include_once 'libraries/parse_analyze.inc.php';
    534. 

  534. 

  535.         PMA_executeQueryAndSendQueryResponse(
    536. 

  536.             $analyzed_sql_results, // analyzed_sql_results
    537. 

  537.             false, // is_gotofile
    538. 

  538.             $this->db, // db
    539. 

  539.             $this->table, // table
    540. 

  540.             null, // find_real_end
    541. 

  541.             null, // sql_query_for_bookmark
    542. 

  542.             null, // extra_data
    543. 

  543.             null, // message_to_show
    544. 

  544.             null, // message
    545. 

  545.             null, // sql_data
    546. 

  546.             $GLOBALS['goto'], // goto
    547. 

  547.             $GLOBALS['pmaThemeImage'], // pmaThemeImage
    548. 

  548.             null, // disp_query
    549. 

  549.             null, // disp_message
    550. 

  550.             null, // query_type
    551. 

  551.             $sql_query, // sql_query
    552. 

  552.             null, // selectedTables
    553. 

  553.             null // complete_query
    554. 

  554.         );
    555. 

  555.     }
    556. 

  556. 

  557.     /**
    558. 

  558.      * Display selection form action
    559. 

  559.      *
    560. 

  560.      * @return void
    561. 

  561.      */
    562. 

  562.     public function displaySelectionFormAction()
    563. 

  563.     {
    564. 

  564.         //$err_url   = 'tbl_select.php' . $err_url;
    565. 

  565.         $this->url_query .= '&amp;goto=tbl_select.php&amp;back=tbl_select.php';
    566. 

  566. 

  567.         include_once 'libraries/tbl_info.inc.php';
    568. 

  568.         if (! isset($goto)) {
    569. 

  569.             $goto = PMA_Util::getScriptNameForOption(
    570. 

  570.                 $GLOBALS['cfg']['DefaultTabTable'], 'table'
    571. 

  571.             );
    572. 

  572.         }
    573. 

  573.         // Defines the url to return to in case of error in the next sql statement
    574. 

  574.         $err_url = $goto . PMA_URL_getCommon(
    575. 

  575.             array('db' => $this->db, 'table' => $this->table)
    576. 

  576.         );
    577. 

  577.         // Displays the table search form
    578. 

  578.         $this->response->addHTML(
    579. 

  579.             Template::get('secondary_tabs')
    580. 

  580.                 ->render(
    581. 

  581.                     array(
    582. 

  582.                         'url_params' => array(
    583. 

  583.                             'db'    => $this->db,
    584. 

  584.                             'table' => $this->table,
    585. 

  585.                         ),
    586. 

  586.                         'sub_tabs'   => $this->_getSubTabs(),
    587. 

  587.                     )
    588. 

  588.                 )
    589. 

  589.         );
    590. 

  590.         $this->response->addHTML(
    591. 

  591.             Template::get('table/search/selection_form')
    592. 

  592.                 ->render(
    593. 

  593.                     array(
    594. 

  594.                         'searchType'       => $this->_searchType,
    595. 

  595.                         'db'               => $this->db,
    596. 

  596.                         'table'            => $this->table,
    597. 

  597.                         'goto'             => $goto,
    598. 

  598.                         'self'             => $this,
    599. 

  599.                         'geomColumnFlag'   => $this->_geomColumnFlag,
    600. 

  600.                         'columnNames'      => $this->_columnNames,
    601. 

  601.                         'columnTypes'      => $this->_columnTypes,
    602. 

  602.                         'columnCollations' => $this->_columnCollations,
    603. 

  603.                         'dataLabel'        => null,
    604. 

  604.                     )
    605. 

  605.                 )
    606. 

  606.         );
    607. 

  607.     }
    608. 

  608. 

  609.     /**
    610. 

  610.      * Range search action
    611. 

  611.      *
    612. 

  612.      * @return void
    613. 

  613.      */
    614. 

  614.     public function rangeSearchAction()
    615. 

  615.     {
    616. 

  616.         $min_max = $this->getColumnMinMax($_REQUEST['column']);
    617. 

  617.         $this->response->addJSON('column_data', $min_max);
    618. 

  618.     }
    619. 

  619. 

  620.     /**
    621. 

  621.      * Find action
    622. 

  622.      *
    623. 

  623.      * @return void
    624. 

  624.      */
    625. 

  625.     public function findAction()
    626. 

  626.     {
    627. 

  627.         $preview = $this->getReplacePreview(
    628. 

  628.             $_POST['columnIndex'],
    629. 

  629.             $_POST['find'],
    630. 

  630.             $_POST['replaceWith'],
    631. 

  631.             $_POST['useRegex'],
    632. 

  632.             $this->_connectionCharSet
    633. 

  633.         );
    634. 

  634.         $this->response->addJSON('preview', $preview);
    635. 

  635.     }
    636. 

  636. 

  637.     /**
    638. 

  638.      * Replace action
    639. 

  639.      *
    640. 

  640.      * @return void
    641. 

  641.      */
    642. 

  642.     public function replaceAction()
    643. 

  643.     {
    644. 

  644.         $this->replace(
    645. 

  645.             $_POST['columnIndex'],
    646. 

  646.             $_POST['findString'],
    647. 

  647.             $_POST['replaceWith'],
    648. 

  648.             $_POST['useRegex'],
    649. 

  649.             $this->_connectionCharSet
    650. 

  650.         );
    651. 

  651.         $this->response->addHTML(
    652. 

  652.             PMA_Util::getMessage(
    653. 

  653.                 __('Your SQL query has been executed successfully.'),
    654. 

  654.                 null, 'success'
    655. 

  655.             )
    656. 

  656.         );
    657. 

  657.     }
    658. 

  658. 

  659.     /**
    660. 

  660.      * Returns HTML for previewing strings found and their replacements
    661. 

  661.      *
    662. 

  662.      * @param int     $columnIndex index of the column
    663. 

  663.      * @param string  $find        string to find in the column
    664. 

  664.      * @param string  $replaceWith string to replace with
    665. 

  665.      * @param boolean $useRegex    to use Regex replace or not
    666. 

  666.      * @param string  $charSet     character set of the connection
    667. 

  667.      *
    668. 

  668.      * @return string HTML for previewing strings found and their replacements
    669. 

  669.      */
    670. 

  670.     function getReplacePreview(
    671. 

  671.         $columnIndex, $find, $replaceWith, $useRegex, $charSet
    672. 

  672.     ) {
    673. 

  673.         $column = $this->_columnNames[$columnIndex];
    674. 

  674.         if ($useRegex) {
    675. 

  675.             $result = $this->_getRegexReplaceRows(
    676. 

  676.                 $columnIndex, $find, $replaceWith, $charSet
    677. 

  677.             );
    678. 

  678.         } else {
    679. 

  679.             $sql_query = "SELECT "
    680. 

  680.                 . PMA_Util::backquote($column) . ","
    681. 

  681.                 . " REPLACE("
    682. 

  682.                 . PMA_Util::backquote($column) . ", '" . $find . "', '"
    683. 

  683.                 . $replaceWith
    684. 

  684.                 . "'),"
    685. 

  685.                 . " COUNT(*)"
    686. 

  686.                 . " FROM " . PMA_Util::backquote($this->db)
    687. 

  687.                 . "." . PMA_Util::backquote($this->table)
    688. 

  688.                 . " WHERE " . PMA_Util::backquote($column)
    689. 

  689.                 . " LIKE '%" . $find . "%' COLLATE " . $charSet . "_bin"; // here we
    690. 

  690.             // change the collation of the 2nd operand to a case sensitive
    691. 

  691.             // binary collation to make sure that the comparison
    692. 

  692.             // is case sensitive
    693. 

  693.             $sql_query .= " GROUP BY " . PMA_Util::backquote($column)
    694. 

  694.                 . " ORDER BY " . PMA_Util::backquote($column) . " ASC";
    695. 

  695. 

  696.             $result = $this->dbi->fetchResult($sql_query, 0);
    697. 

  697.         }
    698. 

  698. 

  699.         return Template::get('table/search/replace_preview')->render(
    700. 

  700.             array(
    701. 

  701.                 'db' => $this->db,
    702. 

  702.                 'table' => $this->table,
    703. 

  703.                 'columnIndex' => $columnIndex,
    704. 

  704.                 'find' => $find,
    705. 

  705.                 'replaceWith' => $replaceWith,
    706. 

  706.                 'useRegex' => $useRegex,
    707. 

  707.                 'result' => $result
    708. 

  708.             )
    709. 

  709.         );
    710. 

  710.     }
    711. 

  711. 

  712.     /**
    713. 

  713.      * Finds and returns Regex pattern and their replacements
    714. 

  714.      *
    715. 

  715.      * @param int    $columnIndex index of the column
    716. 

  716.      * @param string $find        string to find in the column
    717. 

  717.      * @param string $replaceWith string to replace with
    718. 

  718.      * @param string $charSet     character set of the connection
    719. 

  719.      *
    720. 

  720.      * @return array Array containing original values, replaced values and count
    721. 

  721.      */
    722. 

  722.     private function _getRegexReplaceRows(
    723. 

  723.         $columnIndex, $find, $replaceWith, $charSet
    724. 

  724.     ) {
    725. 

  725.         $column = $this->_columnNames[$columnIndex];
    726. 

  726.         $sql_query = "SELECT "
    727. 

  727.             . PMA_Util::backquote($column) . ","
    728. 

  728.             . " 1," // to add an extra column that will have replaced value
    729. 

  729.             . " COUNT(*)"
    730. 

  730.             . " FROM " . PMA_Util::backquote($this->db)
    731. 

  731.             . "." . PMA_Util::backquote($this->table)
    732. 

  732.             . " WHERE " . PMA_Util::backquote($column)
    733. 

  733.             . " RLIKE '" . PMA_Util::sqlAddSlashes($find) . "' COLLATE "
    734. 

  734.             . $charSet . "_bin"; // here we
    735. 

  735.         // change the collation of the 2nd operand to a case sensitive
    736. 

  736.         // binary collation to make sure that the comparison is case sensitive
    737. 

  737.         $sql_query .= " GROUP BY " . PMA_Util::backquote($column)
    738. 

  738.             . " ORDER BY " . PMA_Util::backquote($column) . " ASC";
    739. 

  739. 

  740.         $result = $this->dbi->fetchResult($sql_query, 0);
    741. 

  741. 

  742.         if (is_array($result)) {
    743. 

  743.             foreach ($result as $index=>$row) {
    744. 

  744.                 $result[$index][1] = preg_replace(
    745. 

  745.                     "/" . $find . "/",
    746. 

  746.                     $replaceWith,
    747. 

  747.                     $row[0]
    748. 

  748.                 );
    749. 

  749.             }
    750. 

  750.         }
    751. 

  751.         return $result;
    752. 

  752.     }
    753. 

  753. 

  754.     /**
    755. 

  755.      * Replaces a given string in a column with a give replacement
    756. 

  756.      *
    757. 

  757.      * @param int     $columnIndex index of the column
    758. 

  758.      * @param string  $find        string to find in the column
    759. 

  759.      * @param string  $replaceWith string to replace with
    760. 

  760.      * @param boolean $useRegex    to use Regex replace or not
    761. 

  761.      * @param string  $charSet     character set of the connection
    762. 

  762.      *
    763. 

  763.      * @return void
    764. 

  764.      */
    765. 

  765.     public function replace($columnIndex, $find, $replaceWith, $useRegex,
    766. 

  766.         $charSet
    767. 

  767.     ) {
    768. 

  768.         $column = $this->_columnNames[$columnIndex];
    769. 

  769.         if ($useRegex) {
    770. 

  770.             $toReplace = $this->_getRegexReplaceRows(
    771. 

  771.                 $columnIndex, $find, $replaceWith, $charSet
    772. 

  772.             );
    773. 

  773.             $sql_query = "UPDATE " . PMA_Util::backquote($this->table)
    774. 

  774.                 . " SET " . PMA_Util::backquote($column) . " = CASE";
    775. 

  775.             if (is_array($toReplace)) {
    776. 

  776.                 foreach ($toReplace as $row) {
    777. 

  777.                     $sql_query .= "\n WHEN " . PMA_Util::backquote($column)
    778. 

  778.                         . " = '" . PMA_Util::sqlAddSlashes($row[0])
    779. 

  779.                         . "' THEN '" . PMA_Util::sqlAddSlashes($row[1]) . "'";
    780. 

  780.                 }
    781. 

  781.             }
    782. 

  782.             $sql_query .= " END"
    783. 

  783.                 . " WHERE " . PMA_Util::backquote($column)
    784. 

  784.                 . " RLIKE '" . PMA_Util::sqlAddSlashes($find) . "' COLLATE "
    785. 

  785.                 . $charSet . "_bin"; // here we
    786. 

  786.             // change the collation of the 2nd operand to a case sensitive
    787. 

  787.             // binary collation to make sure that the comparison
    788. 

  788.             // is case sensitive
    789. 

  789.         } else {
    790. 

  790.             $sql_query = "UPDATE " . PMA_Util::backquote($this->table)
    791. 

  791.                 . " SET " . PMA_Util::backquote($column) . " ="
    792. 

  792.                 . " REPLACE("
    793. 

  793.                 . PMA_Util::backquote($column) . ", '" . $find . "', '"
    794. 

  794.                 . $replaceWith
    795. 

  795.                 . "')"
    796. 

  796.                 . " WHERE " . PMA_Util::backquote($column)
    797. 

  797.                 . " LIKE '%" . $find . "%' COLLATE " . $charSet . "_bin"; // here we
    798. 

  798.             // change the collation of the 2nd operand to a case sensitive
    799. 

  799.             // binary collation to make sure that the comparison
    800. 

  800.             // is case sensitive
    801. 

  801.         }
    802. 

  802.         $this->dbi->query(
    803. 

  803.             $sql_query, null, PMA_DatabaseInterface::QUERY_STORE
    804. 

  804.         );
    805. 

  805.         $GLOBALS['sql_query'] = $sql_query;
    806. 

  806.     }
    807. 

  807. 

  808.     /**
    809. 

  809.      * Finds minimum and maximum value of a given column.
    810. 

  810.      *
    811. 

  811.      * @param string $column Column name
    812. 

  812.      *
    813. 

  813.      * @return array
    814. 

  814.      */
    815. 

  815.     public function getColumnMinMax($column)
    816. 

  816.     {
    817. 

  817.         $sql_query = 'SELECT MIN(' . PMA_Util::backquote($column) . ') AS `min`, '
    818. 

  818.             . 'MAX(' . PMA_Util::backquote($column) . ') AS `max` '
    819. 

  819.             . 'FROM ' . PMA_Util::backquote($this->db) . '.'
    820. 

  820.             . PMA_Util::backquote($this->table);
    821. 

  821. 

  822.         $result = $this->dbi->fetchSingleRow($sql_query);
    823. 

  823. 

  824.         return $result;
    825. 

  825.     }
    826. 

  826. 

  827.     /**
    828. 

  828.      * Returns an array with necessary configurations to create
    829. 

  829.      * sub-tabs in the table_select page.
    830. 

  830.      *
    831. 

  831.      * @return array Array containing configuration (icon, text, link, id, args)
    832. 

  832.      * of sub-tabs
    833. 

  833.      */
    834. 

  834.     private function _getSubTabs()
    835. 

  835.     {
    836. 

  836.         $subtabs = array();
    837. 

  837.         $subtabs['search']['icon'] = 'b_search.png';
    838. 

  838.         $subtabs['search']['text'] = __('Table search');
    839. 

  839.         $subtabs['search']['link'] = 'tbl_select.php';
    840. 

  840.         $subtabs['search']['id'] = 'tbl_search_id';
    841. 

  841.         $subtabs['search']['args']['pos'] = 0;
    842. 

  842. 

  843.         $subtabs['zoom']['icon'] = 'b_select.png';
    844. 

  844.         $subtabs['zoom']['link'] = 'tbl_zoom_select.php';
    845. 

  845.         $subtabs['zoom']['text'] = __('Zoom search');
    846. 

  846.         $subtabs['zoom']['id'] = 'zoom_search_id';
    847. 

  847. 

  848.         $subtabs['replace']['icon'] = 'b_find_replace.png';
    849. 

  849.         $subtabs['replace']['link'] = 'tbl_find_replace.php';
    850. 

  850.         $subtabs['replace']['text'] = __('Find and replace');
    851. 

  851.         $subtabs['replace']['id'] = 'find_replace_id';
    852. 

  852. 

  853.         return $subtabs;
    854. 

  854.     }
    855. 

  855. 

  856.     /**
    857. 

  857.      * Builds the sql search query from the post parameters
    858. 

  858.      *
    859. 

  859.      * @return string the generated SQL query
    860. 

  860.      */
    861. 

  861.     private function _buildSqlQuery()
    862. 

  862.     {
    863. 

  863.         $sql_query = 'SELECT ';
    864. 

  864. 

  865.         // If only distinct values are needed
    866. 

  866.         $is_distinct = (isset($_POST['distinct'])) ? 'true' : 'false';
    867. 

  867.         if ($is_distinct == 'true') {
    868. 

  868.             $sql_query .= 'DISTINCT ';
    869. 

  869.         }
    870. 

  870. 

  871.         // if all column names were selected to display, we do a 'SELECT *'
    872. 

  872.         // (more efficient and this helps prevent a problem in IE
    873. 

  873.         // if one of the rows is edited and we come back to the Select results)
    874. 

  874.         if (isset($_POST['zoom_submit']) || ! empty($_POST['displayAllColumns'])) {
    875. 

  875.             $sql_query .= '* ';
    876. 

  876.         } else {
    877. 

  877.             $sql_query .= implode(
    878. 

  878.                 ', ',
    879. 

  879.                 PMA_Util::backquote($_POST['columnsToDisplay'])
    880. 

  880.             );
    881. 

  881.         } // end if
    882. 

  882. 

  883.         $sql_query .= ' FROM '
    884. 

  884.             . PMA_Util::backquote($_POST['table']);
    885. 

  885.         $whereClause = $this->_generateWhereClause();
    886. 

  886.         $sql_query .= $whereClause;
    887. 

  887. 

  888.         // if the search results are to be ordered
    889. 

  889.         if (isset($_POST['orderByColumn']) && $_POST['orderByColumn'] != '--nil--') {
    890. 

  890.             $sql_query .= ' ORDER BY '
    891. 

  891.                 . PMA_Util::backquote($_POST['orderByColumn'])
    892. 

  892.                 . ' ' . $_POST['order'];
    893. 

  893.         } // end if
    894. 

  894.         return $sql_query;
    895. 

  895.     }
    896. 

  896. 

  897.     /**
    898. 

  898.      * Provides a column's type, collation, operators list, and criteria value
    899. 

  899.      * to display in table search form
    900. 

  900.      *
    901. 

  901.      * @param integer $search_index Row number in table search form
    902. 

  902.      * @param integer $column_index Column index in ColumnNames array
    903. 

  903.      *
    904. 

  904.      * @return array Array containing column's properties
    905. 

  905.      */
    906. 

  906.     public function getColumnProperties($search_index, $column_index)
    907. 

  907.     {
    908. 

  908.         $selected_operator = (isset($_POST['criteriaColumnOperators'])
    909. 

  909.             ? $_POST['criteriaColumnOperators'][$search_index] : '');
    910. 

  910.         $entered_value = (isset($_POST['criteriaValues'])
    911. 

  911.             ? $_POST['criteriaValues'] : '');
    912. 

  912.         $titles = array(
    913. 

  913.             'Browse' => PMA_Util::getIcon(
    914. 

  914.                 'b_browse.png', __('Browse foreign values')
    915. 

  915.             )
    916. 

  916.         );
    917. 

  917.         //Gets column's type and collation
    918. 

  918.         $type = $this->_columnTypes[$column_index];
    919. 

  919.         $collation = $this->_columnCollations[$column_index];
    920. 

  920.         //Gets column's comparison operators depending on column type
    921. 

  921.         $func = Template::get('table/search/column_comparison_operators')->render(
    922. 

  922.             array(
    923. 

  923.                 'search_index' => $search_index,
    924. 

  924.                 'columnTypes' => $this->_columnTypes,
    925. 

  925.                 'column_index' => $column_index,
    926. 

  926.                 'columnNullFlags' => $this->_columnNullFlags,
    927. 

  927.                 'selected_operator' => $selected_operator
    928. 

  928.             )
    929. 

  929.         );
    930. 

  930.         //Gets link to browse foreign data(if any) and criteria inputbox
    931. 

  931.         $foreignData = PMA_getForeignData(
    932. 

  932.             $this->_foreigners, $this->_columnNames[$column_index], false, '', ''
    933. 

  933.         );
    934. 

  934.         $value = Template::get('table/search/input_box')->render(
    935. 

  935.             array(
    936. 

  936.                 'str' => '',
    937. 

  937.                 'column_type' => (string) $type,
    938. 

  938.                 'column_id' => 'fieldID_',
    939. 

  939.                 'in_zoom_search_edit' => false,
    940. 

  940.                 '_foreigners' => $this->_foreigners,
    941. 

  941.                 'column_name' => $this->_columnNames[$column_index],
    942. 

  942.                 'foreignData' => $foreignData,
    943. 

  943.                 'table' => $this->table,
    944. 

  944.                 'column_index' => $search_index,
    945. 

  945.                 'foreignMaxLimit' => $GLOBALS['cfg']['ForeignKeyMaxLimit'],
    946. 

  946.                 'criteriaValues' => $entered_value,
    947. 

  947.                 'db' => $this->db,
    948. 

  948.                 'titles' => $titles,
    949. 

  949.                 'in_fbs' => true
    950. 

  950.             )
    951. 

  951.         );
    952. 

  952.         return array(
    953. 

  953.             'type' => $type,
    954. 

  954.             'collation' => $collation,
    955. 

  955.             'func' => $func,
    956. 

  956.             'value' => $value
    957. 

  957.         );
    958. 

  958.     }
    959. 

  959. 

  960.     /**
    961. 

  961.      * Generates the where clause for the SQL search query to be executed
    962. 

  962.      *
    963. 

  963.      * @return string the generated where clause
    964. 

  964.      */
    965. 

  965.     private function _generateWhereClause()
    966. 

  966.     {
    967. 

  967.         if (isset($_POST['customWhereClause'])
    968. 

  968.             && trim($_POST['customWhereClause']) != ''
    969. 

  969.         ) {
    970. 

  970.             return ' WHERE ' . $_POST['customWhereClause'];
    971. 

  971.         }
    972. 

  972. 

  973.         // If there are no search criteria set or no unary criteria operators,
    974. 

  974.         // return
    975. 

  975.         if (! isset($_POST['criteriaValues'])
    976. 

  976.             && ! isset($_POST['criteriaColumnOperators'])
    977. 

  977.             && ! isset($_POST['geom_func'])
    978. 

  978.         ) {
    979. 

  979.             return '';
    980. 

  980.         }
    981. 

  981. 

  982.         // else continue to form the where clause from column criteria values
    983. 

  983.         $fullWhereClause = array();
    984. 

  984.         reset($_POST['criteriaColumnOperators']);
    985. 

  985.         while (list($column_index, $operator) = each(
    986. 

  986.             $_POST['criteriaColumnOperators']
    987. 

  987.         )) {
    988. 

  988. 

  989.             $unaryFlag =  $GLOBALS['PMA_Types']->isUnaryOperator($operator);
    990. 

  990.             $tmp_geom_func = isset($_POST['geom_func'][$column_index])
    991. 

  991.                 ? $_POST['geom_func'][$column_index] : null;
    992. 

  992. 

  993.             $whereClause = $this->_getWhereClause(
    994. 

  994.                 $_POST['criteriaValues'][$column_index],
    995. 

  995.                 $_POST['criteriaColumnNames'][$column_index],
    996. 

  996.                 $_POST['criteriaColumnTypes'][$column_index],
    997. 

  997.                 $operator,
    998. 

  998.                 $unaryFlag,
    999. 

  999.                 $tmp_geom_func
    1000. 

  1000.             );
    1001. 

  1001. 

  1002.             if ($whereClause) {
    1003. 

  1003.                 $fullWhereClause[] = $whereClause;
    1004. 

  1004.             }
    1005. 

  1005.         } // end while
    1006. 

  1006. 

  1007.         if (!empty($fullWhereClause)) {
    1008. 

  1008.             return ' WHERE ' . implode(' AND ', $fullWhereClause);
    1009. 

  1009.         }
    1010. 

  1010.         return '';
    1011. 

  1011.     }
    1012. 

  1012. 

  1013.     /**
    1014. 

  1014.      * Return the where clause in case column's type is ENUM.
    1015. 

  1015.      *
    1016. 

  1016.      * @param mixed  $criteriaValues Search criteria input
    1017. 

  1017.      * @param string $func_type      Search function/operator
    1018. 

  1018.      *
    1019. 

  1019.      * @return string part of where clause.
    1020. 

  1020.      */
    1021. 

  1021.     private function _getEnumWhereClause($criteriaValues, $func_type)
    1022. 

  1022.     {
    1023. 

  1023.         if (! is_array($criteriaValues)) {
    1024. 

  1024.             $criteriaValues = explode(',', $criteriaValues);
    1025. 

  1025.         }
    1026. 

  1026.         $enum_selected_count = count($criteriaValues);
    1027. 

  1027.         if ($func_type == '=' && $enum_selected_count > 1) {
    1028. 

  1028.             $func_type    = 'IN';
    1029. 

  1029.             $parens_open  = '(';
    1030. 

  1030.             $parens_close = ')';
    1031. 

  1031. 

  1032.         } elseif ($func_type == '!=' && $enum_selected_count > 1) {
    1033. 

  1033.             $func_type    = 'NOT IN';
    1034. 

  1034.             $parens_open  = '(';
    1035. 

  1035.             $parens_close = ')';
    1036. 

  1036. 

  1037.         } else {
    1038. 

  1038.             $parens_open  = '';
    1039. 

  1039.             $parens_close = '';
    1040. 

  1040.         }
    1041. 

  1041.         $enum_where = '\''
    1042. 

  1042.             . PMA_Util::sqlAddSlashes($criteriaValues[0]) . '\'';
    1043. 

  1043.         for ($e = 1; $e < $enum_selected_count; $e++) {
    1044. 

  1044.             $enum_where .= ', \''
    1045. 

  1045.                 . PMA_Util::sqlAddSlashes($criteriaValues[$e]) . '\'';
    1046. 

  1046.         }
    1047. 

  1047. 

  1048.         return ' ' . $func_type . ' ' . $parens_open
    1049. 

  1049.         . $enum_where . $parens_close;
    1050. 

  1050.     }
    1051. 

  1051. 

  1052.     /**
    1053. 

  1053.      * Return the where clause for a geometrical column.
    1054. 

  1054.      *
    1055. 

  1055.      * @param mixed  $criteriaValues Search criteria input
    1056. 

  1056.      * @param string $names          Name of the column on which search is submitted
    1057. 

  1057.      * @param string $func_type      Search function/operator
    1058. 

  1058.      * @param string $types          Type of the field
    1059. 

  1059.      * @param bool   $geom_func      Whether geometry functions should be applied
    1060. 

  1060.      *
    1061. 

  1061.      * @return string part of where clause.
    1062. 

  1062.      */
    1063. 

  1063.     private function _getGeomWhereClause($criteriaValues, $names,
    1064. 

  1064.         $func_type, $types, $geom_func = null
    1065. 

  1065.     ) {
    1066. 

  1066.         $geom_unary_functions = array(
    1067. 

  1067.             'IsEmpty' => 1,
    1068. 

  1068.             'IsSimple' => 1,
    1069. 

  1069.             'IsRing' => 1,
    1070. 

  1070.             'IsClosed' => 1,
    1071. 

  1071.         );
    1072. 

  1072.         $where = '';
    1073. 

  1073. 

  1074.         // Get details about the geometry functions
    1075. 

  1075.         $geom_funcs = PMA_Util::getGISFunctions($types, true, false);
    1076. 

  1076. 

  1077.         // If the function takes multiple parameters
    1078. 

  1078.         if ($geom_funcs[$geom_func]['params'] > 1) {
    1079. 

  1079.             // create gis data from the criteria input
    1080. 

  1080.             $gis_data = PMA_Util::createGISData($criteriaValues);
    1081. 

  1081.             $where = $geom_func . '(' . PMA_Util::backquote($names)
    1082. 

  1082.                 . ', ' . $gis_data . ')';
    1083. 

  1083.             return $where;
    1084. 

  1084.         }
    1085. 

  1085. 

  1086.         // New output type is the output type of the function being applied
    1087. 

  1087.         $type = $geom_funcs[$geom_func]['type'];
    1088. 

  1088.         $geom_function_applied = $geom_func
    1089. 

  1089.             . '(' . PMA_Util::backquote($names) . ')';
    1090. 

  1090. 

  1091.         // If the where clause is something like 'IsEmpty(`spatial_col_name`)'
    1092. 

  1092.         if (isset($geom_unary_functions[$geom_func])
    1093. 

  1093.             && trim($criteriaValues) == ''
    1094. 

  1094.         ) {
    1095. 

  1095.             $where = $geom_function_applied;
    1096. 

  1096. 

  1097.         } elseif (in_array($type, PMA_Util::getGISDatatypes())
    1098. 

  1098.             && ! empty($criteriaValues)
    1099. 

  1099.         ) {
    1100. 

  1100.             // create gis data from the criteria input
    1101. 

  1101.             $gis_data = PMA_Util::createGISData($criteriaValues);
    1102. 

  1102.             $where = $geom_function_applied . " " . $func_type . " " . $gis_data;
    1103. 

  1103. 

  1104.         } elseif (/*overload*/mb_strlen($criteriaValues) > 0) {
    1105. 

  1105.             $where = $geom_function_applied . " "
    1106. 

  1106.                 . $func_type . " '" . $criteriaValues . "'";
    1107. 

  1107.         }
    1108. 

  1108.         return $where;
    1109. 

  1109.     }
    1110. 

  1110. 

  1111.     /**
    1112. 

  1112.      * Return the where clause for query generation based on the inputs provided.
    1113. 

  1113.      *
    1114. 

  1114.      * @param mixed  $criteriaValues Search criteria input
    1115. 

  1115.      * @param string $names          Name of the column on which search is submitted
    1116. 

  1116.      * @param string $types          Type of the field
    1117. 

  1117.      * @param string $func_type      Search function/operator
    1118. 

  1118.      * @param bool   $unaryFlag      Whether operator unary or not
    1119. 

  1119.      * @param bool   $geom_func      Whether geometry functions should be applied
    1120. 

  1120.      *
    1121. 

  1121.      * @return string generated where clause.
    1122. 

  1122.      */
    1123. 

  1123.     private function _getWhereClause($criteriaValues, $names, $types,
    1124. 

  1124.         $func_type, $unaryFlag, $geom_func = null
    1125. 

  1125.     ) {
    1126. 

  1126.         // If geometry function is set
    1127. 

  1127.         if (! empty($geom_func)) {
    1128. 

  1128.             return $this->_getGeomWhereClause(
    1129. 

  1129.                 $criteriaValues, $names, $func_type, $types, $geom_func
    1130. 

  1130.             );
    1131. 

  1131.         }
    1132. 

  1132. 

  1133.         $backquoted_name = PMA_Util::backquote($names);
    1134. 

  1134.         $where = '';
    1135. 

  1135.         if ($unaryFlag) {
    1136. 

  1136.             $where = $backquoted_name . ' ' . $func_type;
    1137. 

  1137. 

  1138.         } elseif (strncasecmp($types, 'enum', 4) == 0 && ! empty($criteriaValues)) {
    1139. 

  1139.             $where = $backquoted_name;
    1140. 

  1140.             $where .= $this->_getEnumWhereClause($criteriaValues, $func_type);
    1141. 

  1141. 

  1142.         } elseif ($criteriaValues != '') {
    1143. 

  1143.             // For these types we quote the value. Even if it's another type
    1144. 

  1144.             // (like INT), for a LIKE we always quote the value. MySQL converts
    1145. 

  1145.             // strings to numbers and numbers to strings as necessary
    1146. 

  1146.             // during the comparison
    1147. 

  1147.             if (preg_match('@char|binary|blob|text|set|date|time|year@i', $types)
    1148. 

  1148.                 || /*overload*/mb_strpos(' ' . $func_type, 'LIKE')
    1149. 

  1149.             ) {
    1150. 

  1150.                 $quot = '\'';
    1151. 

  1151.             } else {
    1152. 

  1152.                 $quot = '';
    1153. 

  1153.             }
    1154. 

  1154. 

  1155.             // LIKE %...%
    1156. 

  1156.             if ($func_type == 'LIKE %...%') {
    1157. 

  1157.                 $func_type = 'LIKE';
    1158. 

  1158.                 $criteriaValues = '%' . $criteriaValues . '%';
    1159. 

  1159.             }
    1160. 

  1160.             if ($func_type == 'REGEXP ^...$') {
    1161. 

  1161.                 $func_type = 'REGEXP';
    1162. 

  1162.                 $criteriaValues = '^' . $criteriaValues . '$';
    1163. 

  1163.             }
    1164. 

  1164. 

  1165.             if ('IN (...)' != $func_type
    1166. 

  1166.                 && 'NOT IN (...)' != $func_type
    1167. 

  1167.                 && 'BETWEEN' != $func_type
    1168. 

  1168.                 && 'NOT BETWEEN' != $func_type
    1169. 

  1169.             ) {
    1170. 

  1170.                 if ($func_type == 'LIKE %...%' || $func_type == 'LIKE') {
    1171. 

  1171.                     $where = $backquoted_name . ' ' . $func_type . ' ' . $quot
    1172. 

  1172.                         . PMA_Util::sqlAddSlashes($criteriaValues, true) . $quot;
    1173. 

  1173.                 } else {
    1174. 

  1174.                     $where = $backquoted_name . ' ' . $func_type . ' ' . $quot
    1175. 

  1175.                         . PMA_Util::sqlAddSlashes($criteriaValues) . $quot;
    1176. 

  1176.                 }
    1177. 

  1177.                 return $where;
    1178. 

  1178.             }
    1179. 

  1179.             $func_type = str_replace(' (...)', '', $func_type);
    1180. 

  1180. 

  1181.             //Don't explode if this is already an array
    1182. 

  1182.             //(Case for (NOT) IN/BETWEEN.)
    1183. 

  1183.             if (is_array($criteriaValues)) {
    1184. 

  1184.                 $values = $criteriaValues;
    1185. 

  1185.             } else {
    1186. 

  1186.                 $values = explode(',', $criteriaValues);
    1187. 

  1187.             }
    1188. 

  1188.             // quote values one by one
    1189. 

  1189.             $emptyKey = false;
    1190. 

  1190.             foreach ($values as $key => &$value) {
    1191. 

  1191.                 if ('' === $value) {
    1192. 

  1192.                     $emptyKey = $key;
    1193. 

  1193.                     $value = 'NULL';
    1194. 

  1194.                     continue;
    1195. 

  1195.                 }
    1196. 

  1196.                 $value = $quot . PMA_Util::sqlAddSlashes(trim($value))
    1197. 

  1197.                     . $quot;
    1198. 

  1198.             }
    1199. 

  1199. 

  1200.             if ('BETWEEN' == $func_type || 'NOT BETWEEN' == $func_type) {
    1201. 

  1201.                 $where = $backquoted_name . ' ' . $func_type . ' '
    1202. 

  1202.                     . (isset($values[0]) ? $values[0] : '')
    1203. 

  1203.                     . ' AND ' . (isset($values[1]) ? $values[1] : '');
    1204. 

  1204.             } else { //[NOT] IN
    1205. 

  1205.                 if (false !== $emptyKey) {
    1206. 

  1206.                     unset($values[$emptyKey]);
    1207. 

  1207.                 }
    1208. 

  1208.                 $wheres = array();
    1209. 

  1209.                 if (!empty($values)) {
    1210. 

  1210.                     $wheres[] = $backquoted_name . ' ' . $func_type
    1211. 

  1211.                         . ' (' . implode(',', $values) . ')';
    1212. 

  1212.                 }
    1213. 

  1213.                 if (false !== $emptyKey) {
    1214. 

  1214.                     $wheres[] = $backquoted_name . ' IS NULL';
    1215. 

  1215.                 }
    1216. 

  1216.                 $where = implode(' OR ', $wheres);
    1217. 

  1217.                 if (1 < count($wheres)) {
    1218. 

  1218.                     $where = '(' . $where . ')';
    1219. 

  1219.                 }
    1220. 

  1220.             }
    1221. 

  1221.         } // end if
    1222. 

  1222. 

  1223.         return $where;
    1224. 

  1224.     }
    1225. 

  1225. }
    1226.