Documentation TYPO3 par Ameos

read_dump.php

00001 <?php
00002 /* $Id: read_dump.php,v 2.4 2003/12/15 18:10:18 lem9 Exp $ */
00003 // vim: expandtab sw=4 ts=4 sts=4:
00004 
00008 require_once('./libraries/read_dump.lib.php');
00009 require_once('./libraries/grab_globals.lib.php');
00010 require_once('./libraries/common.lib.php');
00011 
00012 if (!isset($db)) {
00013     $db = '';
00014 }
00015 
00019 @set_time_limit($cfg['ExecTimeLimit']);
00020 
00021 
00025 if (!isset($goto) || !preg_match('@^(db_details|tbl_properties)(_[a-z]*)?\.php$@i', $goto)) {
00026     $goto = 'db_details.php';
00027 }
00028 $err_url  = $goto
00029           . '?' . PMA_generate_common_url($db)
00030           . (preg_match('@^tbl_properties(_[a-z]*)?\.php$@', $goto) ? '&amp;table=' . urlencode($table) : '');
00031 
00032 
00036 $view_bookmark = 0;
00037 $sql_bookmark  = isset($sql_bookmark) ? $sql_bookmark : '';
00038 $sql_query     = isset($sql_query)    ? $sql_query    : '';
00039 if (!empty($sql_localfile) && !empty($cfg['UploadDir'])) {
00040     if (substr($cfg['UploadDir'], -1) != '/') {
00041         $cfg['UploadDir'] .= '/';
00042     }
00043     $sql_file  = $cfg['UploadDir'] . $sql_localfile;
00044 } else if (empty($sql_file)) {
00045     $sql_file  = 'none';
00046 }
00047 
00051 if (!empty($id_bookmark)) {
00052     require_once('./libraries/bookmark.lib.php');
00053     switch ($action_bookmark) {
00054         case 0: // bookmarked query that have to be run
00055             $sql_query = PMA_queryBookmarks($db, $cfg['Bookmark'], $id_bookmark);
00056             if (isset($bookmark_variable) && !empty($bookmark_variable)) {
00057                 $sql_query = preg_replace('|/\*(.*)\[VARIABLE\](.*)\*/|imsU', '${1}' . PMA_sqlAddslashes($bookmark_variable) . '${2}', $sql_query);
00058             }
00059             break;
00060         case 1: // bookmarked query that have to be displayed
00061             $sql_query = PMA_queryBookmarks($db, $cfg['Bookmark'], $id_bookmark);
00062             $view_bookmark = 1;
00063             break;
00064         case 2: // bookmarked query that have to be deleted
00065             $sql_query = PMA_deleteBookmarks($db, $cfg['Bookmark'], $id_bookmark);
00066             break;
00067     }
00068 } // end if
00069 
00070 
00074 // Gets the query from a file if required
00075 if ($sql_file != 'none') {
00076 // loic1 : fixed a security issue
00077 //    if ((file_exists($sql_file) && is_uploaded_file($sql_file))
00078 //        || file_exists($cfg['UploadDir'] . $sql_localfile)) {
00079     if (file_exists($sql_file)
00080         && ((isset($sql_localfile) && $sql_file == $cfg['UploadDir'] . $sql_localfile) || is_uploaded_file($sql_file))) {
00081         $open_basedir = @ini_get('open_basedir');
00082 
00083         if (!isset($sql_file_compression)) $sql_file_compression = '';
00084 
00085         // If we are on a server with open_basedir, we must move the file
00086         // before opening it. The doc explains how to create the "./tmp"
00087         // directory
00088 
00089         if (!empty($open_basedir)) {
00090 
00091             $tmp_subdir = (PMA_IS_WINDOWS ? '.\\tmp\\' : './tmp/');
00092 
00093             // function is_writeable() is valid on PHP3 and 4
00094             if (!is_writeable($tmp_subdir)) {
00095                 $sql_query = PMA_readFile($sql_file, $sql_file_compression);
00096                 if ($sql_query == FALSE) {
00097                     $message = $strFileCouldNotBeRead;
00098                 }
00099             }
00100             else {
00101                 $sql_file_new = $tmp_subdir . basename($sql_file);
00102                 move_uploaded_file($sql_file, $sql_file_new);
00103                 $sql_query = PMA_readFile($sql_file_new, $sql_file_compression);
00104                 if ($sql_query == FALSE) {
00105                     $message = $strFileCouldNotBeRead;
00106                 }
00107                 unlink($sql_file_new);
00108             }
00109         }
00110         else {
00111             // read from the normal upload dir
00112             $sql_query = PMA_readFile($sql_file, $sql_file_compression);
00113             if ($sql_query == FALSE) {
00114                 $message = $strFileCouldNotBeRead;
00115             }
00116         }
00117 
00118         // Convert the file's charset if necessary
00119         if ($cfg['AllowAnywhereRecoding'] && $allow_recoding
00120             && isset($charset_of_file) && $charset_of_file != $charset) {
00121             $sql_query = PMA_convert_string($charset_of_file, $charset, $sql_query);
00122         }
00123     } // end uploaded file stuff
00124 }
00125 
00126 // Kanji convert SQL textfile 2002/1/4 by Y.Kawada
00127 if (@function_exists('PMA_kanji_str_conv')) {
00128     $sql_tmp   = trim($sql_query);
00129     PMA_change_enc_order();
00130     $sql_query = PMA_kanji_str_conv($sql_tmp, $knjenc, isset($xkana) ? $xkana : '');
00131     PMA_change_enc_order();
00132 } else {
00133     $sql_query = trim($sql_query);
00134 }
00135 
00136 // $sql_query come from the query textarea, if it's a reposted query gets its
00137 // 'true' value
00138 if (!empty($prev_sql_query)) {
00139     $prev_sql_query = urldecode($prev_sql_query);
00140     if ($sql_query == trim(htmlspecialchars($prev_sql_query))) {
00141         $sql_query  = $prev_sql_query;
00142     }
00143 }
00144 
00145 // Drop database is not allowed -> ensure the query can be run
00146 if (!$cfg['AllowUserDropDatabase']
00147     && preg_match('@DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE @i', $sql_query)) {
00148     // Checks if the user is a Superuser
00149     // TODO: set a global variable with this information
00150     // loic1: optimized query
00151     $result = @PMA_mysql_query('USE mysql');
00152     if (PMA_mysql_error()) {
00153         require_once('./header.inc.php');
00154         PMA_mysqlDie($strNoDropDatabases, '', '', $err_url);
00155     }
00156 }
00157 define('PMA_CHK_DROP', 1);
00158 
00162 if (isset($SQLbookmark) && $sql_query != '') {
00163     require_once('./libraries/bookmark.lib.php');
00164     $bfields = array(
00165                  'dbase' => $db,
00166                  'user'  => $cfg['Bookmark']['user'],
00167                  'query' => urlencode($sql_query),
00168                  'label' => $bkm_label
00169     );
00170 
00171     PMA_addBookmarks($bfields, $cfg['Bookmark'], (isset($bkm_all_users) && $bkm_all_users == 'true' ? true : false));
00172 }
00173 
00177 if ($sql_query != '') {
00178     $pieces       = array();
00179     PMA_splitSqlFile($pieces, $sql_query, PMA_MYSQL_INT_VERSION);
00180     $pieces_count = count($pieces);
00181     if ($pieces_count > 1) {
00182         $is_multiple = TRUE;
00183     }
00184 
00185     // Copy of the cleaned sql statement for display purpose only (see near the
00186     // beginning of "db_details.php" & "tbl_properties.php")
00187 
00188     // You can either
00189     // * specify the amount of maximum pieces per query (having max_*_length set to 0!) or
00190     // * specify the amount of maximum chars  per query (having max_*_pieces set to 0!)
00191     // - max_nofile_* is used for any queries submitted via copy&paste in the textarea
00192     // - max_file_*   is used for any file-submitted query
00193     if (!$cfg['VerboseMultiSubmit']) {
00194         // Here be the values if the Verbose-Mode (see config.inc.php) is NOT activated
00195         $max_nofile_length = 500;
00196         $max_nofile_pieces = 0;
00197         // Nijel: Here must be some limit, as extended inserts can be really
00198         //        huge and parsing them eats megabytes of memory
00199         $max_file_length   = 10000;
00200         $max_file_pieces   = 10;
00201     } else {
00202         // Values for verbose-mode
00203         $max_nofile_length = 0;
00204         $max_nofile_pieces = 50;
00205         // Nijel: Here must be some limit, as extended inserts can be really
00206         //        huge and parsing them eats megabytes of memory
00207         $max_file_length   = 50000;
00208         $max_file_pieces   = 50;
00209     }
00210 
00211     if ($sql_file != 'none' &&
00212           (($max_file_pieces != 0 && ($pieces_count > $max_file_pieces))
00213             ||
00214           ($max_file_length != 0 && (strlen($sql_query) > $max_file_length)))) {
00215           // Be nice with bandwidth...
00216         $sql_query_cpy = $sql_query = '';
00217         $save_bandwidth = TRUE;
00218         $save_bandwidth_length = $max_file_length;
00219         $save_bandwidth_pieces = $max_file_pieces;
00220     } else {
00221 
00222         $sql_query_cpy = implode(";\n", $pieces) . ';';
00223          // Be nice with bandwidth... for now, an arbitrary limit of 500,
00224          // could be made configurable but probably not necessary
00225         if (($max_nofile_length != 0 && (strlen($sql_query_cpy) > $max_nofile_length))
00226               || ($max_nofile_pieces != 0 && $pieces_count > $max_nofile_pieces)) {
00227             $sql_query_cpy = $sql_query = '';
00228             $save_bandwidth = TRUE;
00229             $save_bandwidth_length = $max_nofile_length;
00230             $save_bandwidth_pieces = $max_nofile_pieces;
00231         }
00232     }
00233 
00234     // really run the query?
00235     if ($view_bookmark == 0) {
00236         // Only one query to run
00237         if ($pieces_count == 1 && !empty($pieces[0])) {
00238             $sql_query = $pieces[0];
00239             if (preg_match('@^(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@i', $sql_query)) {
00240                 $reload = 1;
00241             }
00242             require('./sql.php');
00243         }
00244 
00245         // Runs multiple queries
00246         else if (PMA_mysql_select_db($db)) {
00247             $mult = TRUE;
00248             $info_msg = '';
00249             $info_count = 0;
00250 
00251             for ($i = 0; $i < $pieces_count; $i++) {
00252                 $a_sql_query = $pieces[$i];
00253                 if ($i == $pieces_count - 1 && preg_match('@^(SELECT|SHOW)@i', $a_sql_query)) {
00254                     $complete_query = $sql_query;
00255                     $display_query = $sql_query;
00256                     $sql_query = $a_sql_query;
00257                     require('./sql.php');
00258                 }
00259 
00260                 $result = PMA_mysql_query($a_sql_query);
00261                 if ($result == FALSE) { // readdump failed
00262                     if (isset($my_die) && $cfg['IgnoreMultiSubmitErrors']) {
00263                         $my_die[] = "\n\n" . $a_sql_query;
00264                     } elseif ($cfg['IgnoreMultiSubmitErrors']) {
00265                         $my_die = array();
00266                         $my_die[] = $a_sql_query;
00267                     } else {
00268                         $my_die = $a_sql_query;
00269                     }
00270 
00271                     if ($cfg['VerboseMultiSubmit']) {
00272                         $info_msg .= $a_sql_query . '; # ' . $strError . "\n";
00273                         $info_count++;
00274                     }
00275 
00276                     if (!$cfg['IgnoreMultiSubmitErrors']) {
00277                         break;
00278                     }
00279                 } else if ($cfg['VerboseMultiSubmit']) {
00280                     $a_num_rows = (int)@mysql_num_rows($result);
00281                     $a_aff_rows = (int)@mysql_affected_rows();
00282                     if ($a_num_rows > 0) {
00283                         $a_rows = $a_num_rows;
00284                         $a_switch = $strRows . ': ';
00285                     } elseif ($a_aff_rows > 0) {
00286                         $a_rows = $a_aff_rows;
00287                         $a_switch = $strAffectedRows;;
00288                     } else {
00289                         $a_rows = '';
00290                         $a_switch = $strEmptyResultSet;
00291                     }
00292 
00293                     $info_msg .= $a_sql_query . "; # " . $a_switch . $a_rows . "\n";
00294                     $info_count++;
00295                 }
00296 
00297                 if (!isset($reload) && preg_match('@^(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@i', $a_sql_query)) {
00298                     $reload = 1;
00299                 }
00300             } // end for
00301 
00302             if ($cfg['VerboseMultiSubmit'] && strlen($info_msg) > 0 &&
00303                   ((!isset($save_bandwidth) || $save_bandwidth == FALSE) ||
00304                   ($save_bandwidth_pieces == 0 && strlen($info_msg) < $save_bandwidth_length) ||
00305                   ($save_bandwidth_length == 0 && $info_count < $save_bandwidth_pieces))) {
00306                 $sql_query = $info_msg;
00307             }
00308 
00309         } // end else if
00310     } // end if (really run the query)
00311     unset($pieces);
00312 } // end if
00313 
00314 
00315 
00319 if (isset($my_die)) {
00320     $js_to_run = 'functions.js';
00321     require_once('./header.inc.php');
00322     if (is_array($my_die)) {
00323         foreach($my_die AS $key => $die_string) {
00324             PMA_mysqlDie('', $die_string, '', $err_url, FALSE);
00325             echo '<hr />';
00326         }
00327     } else {
00328         PMA_mysqlDie('', $my_die, '', $err_url, TRUE);
00329     }
00330 }
00331 
00332 
00336 // Checks for a valid target script
00337 if (isset($table) && $table == '') {
00338     unset($table);
00339 }
00340 if (isset($db) && $db == '') {
00341     unset($db);
00342 }
00343 
00344 $is_db = $is_table = FALSE;
00345 if ($goto == 'tbl_properties.php') {
00346     if (!isset($table)) {
00347         $goto     = 'db_details.php';
00348     } else {
00349         PMA_mysql_select_db($db);
00350         $is_table = @PMA_mysql_query('SHOW TABLES LIKE \'' . PMA_sqlAddslashes($table, TRUE) . '\'');
00351         if (!($is_table && @mysql_numrows($is_table))) {
00352             $goto = 'db_details.php';
00353             unset($table);
00354         }
00355     } // end if... else...
00356 }
00357 if ($goto == 'db_details.php') {
00358     if (isset($table)) {
00359         unset($table);
00360     }
00361     if (!isset($db)) {
00362         $goto     = 'main.php';
00363     } else {
00364         $is_db    = @PMA_mysql_select_db($db);
00365         if (!$is_db) {
00366             $goto = 'main.php';
00367             unset($db);
00368         }
00369     } // end if... else...
00370 }
00371 // Defines the message to be displayed
00372 if (!empty($id_bookmark) && $action_bookmark == 2) {
00373     $message   = $strBookmarkDeleted;
00374 } else if (!isset($sql_query_cpy)) {
00375     if (empty($message)) {
00376         $message   = $strNoQuery;
00377     }
00378 } else if ($sql_query_cpy == '') {
00379     $message   = "$strSuccess&nbsp;:<br />$strTheContent ($pieces_count $strInstructions)&nbsp;";
00380 } else {
00381     $message   = $strSuccess;
00382 }
00383 // Loads to target script
00384 if ($goto == 'db_details.php' || $goto == 'tbl_properties.php') {
00385     $js_to_run = 'functions.js';
00386 }
00387 if ($goto != 'main.php') {
00388     require_once('./header.inc.php');
00389 }
00390 $active_page = $goto;
00391 require('./' . $goto);
00392 ?>


Généré par L'expert TYPO3 avec  doxygen 1.4.6