· 6 years ago · Nov 08, 2019, 07:34 AM
1<?php
2/*
3 PHP Mini MySQL Admin
4 (c) 2004-2017 Oleg Savchuk <osalabs@gmail.com> http://osalabs.com
5
6 Light standalone PHP script for quick and easy access MySQL databases.
7 http://phpminiadmin.sourceforge.net
8
9 Dual licensed: GPL v2 and MIT, see texts at http://opensource.org/licenses/
10*/
11
12$ACCESS_PWD=''; #!!!IMPORTANT!!! this is script access password, SET IT if you want to protect you DB from public access
13
14#DEFAULT db connection settings
15# --- WARNING! --- if you set defaults - it's recommended to set $ACCESS_PWD to protect your db!
16$DBDEF=array(
17'user'=>"",#required
18'pwd'=>"", #required
19'db'=>"", #optional, default DB
20'host'=>"",#optional
21'port'=>"",#optional
22'chset'=>"utf8",#optional, default charset
23);
24$IS_COUNT=false; #set to true if you want to see Total records when pagination occurs (SLOWS down all select queries!)
25$DUMP_FILE=dirname(__FILE__).'/pmadump'; #path to file without extension used for server-side exports (timestamp, .sql/.csv/.gz extension added) or imports(.sql)
26file_exists($f=dirname(__FILE__) . '/phpminiconfig.php')&&require($f); // Read from config (easier to update)
27if (function_exists('date_default_timezone_set')) date_default_timezone_set('UTC');#required by PHP 5.1+
28
29//constants
30$VERSION='1.9.170730';
31$MAX_ROWS_PER_PAGE=50; #max number of rows in select per one page
32$D="\r\n"; #default delimiter for export
33$BOM=chr(239).chr(187).chr(191);
34$SHOW_D="SHOW DATABASES";
35$SHOW_T="SHOW TABLE STATUS";
36$DB=array(); #working copy for DB settings
37
38$self=$_SERVER['PHP_SELF'];
39
40session_set_cookie_params(0, null, null, false, true);
41session_start();
42if (!isset($_SESSION['XSS'])) $_SESSION['XSS']=get_rand_str(16);
43$xurl='XSS='.$_SESSION['XSS'];
44
45ini_set('display_errors',0); #turn on to debug db or script issues
46error_reporting(E_ALL ^ E_NOTICE);
47
48//strip quotes if they set
49if (get_magic_quotes_gpc()){
50 $_COOKIE=array_map('killmq',$_COOKIE);
51 $_REQUEST=array_map('killmq',$_REQUEST);
52}
53
54if ($_REQUEST['login']){
55 if ($_REQUEST['pwd']!=$ACCESS_PWD){
56 $err_msg="Invalid password. Try again";
57 }else{
58 $_SESSION['is_logged']=true;
59 loadcfg();
60 }
61}
62
63if ($_REQUEST['logoff']){
64 check_xss();
65 $_SESSION = array();
66 savecfg();
67 session_destroy();
68 $url=$self;
69 if (!$ACCESS_PWD) $url='/';
70 header("location: $url");
71 exit;
72}
73
74if (!$_SESSION['is_logged']){
75 if (!$ACCESS_PWD) {
76 $_SESSION['is_logged']=true;
77 loadcfg();
78 }else{
79 print_login();
80 exit;
81 }
82}
83
84if ($_REQUEST['savecfg']){
85 check_xss();
86 savecfg();
87}
88
89loadsess();
90
91if ($_REQUEST['showcfg']){
92 print_cfg();
93 exit;
94}
95
96//get initial values
97$SQLq=trim(b64d($_REQUEST['q']));
98$page=$_REQUEST['p']+0;
99if ($_REQUEST['refresh'] && $DB['db'] && preg_match('/^show/',$SQLq) ) $SQLq=$SHOW_T;
100
101if (db_connect('nodie')){
102 $time_start=microtime_float();
103
104 if ($_REQUEST['pi']){
105 ob_start();phpinfo();$html=ob_get_clean();preg_match("/<body[^>]*>(.*?)<\/body>/is",$html,$m);
106 $sqldr='<div class="pi">'.$m[1].'</div>';
107 }else{
108 if ($DB['db']){
109 if ($_REQUEST['shex']){
110 print_export();
111 }elseif ($_REQUEST['doex']){
112 check_xss();do_export();
113 }elseif ($_REQUEST['shim']){
114 print_import();
115 }elseif ($_REQUEST['doim']){
116 check_xss();do_import();
117 }elseif ($_REQUEST['dosht']){
118 check_xss();do_sht();
119 }elseif (!$_REQUEST['refresh'] || preg_match('/^select|show|explain|desc/i',$SQLq) ){
120 if ($SQLq)check_xss();
121 do_sql($SQLq);#perform non-select SQL only if not refresh (to avoid dangerous delete/drop)
122 }
123 }else{
124 if ( $_REQUEST['refresh'] ){
125 check_xss();do_sql($SHOW_D);
126 }elseif ($_REQUEST['crdb']){
127 check_xss();do_sql('CREATE DATABASE `'.$_REQUEST['new_db'].'`');do_sql($SHOW_D);
128 }elseif ( preg_match('/^(?:show\s+(?:databases|status|variables|process)|create\s+database|grant\s+)/i',$SQLq) ){
129 check_xss();do_sql($SQLq);
130 }else{
131 $err_msg="Select Database first";
132 if (!$SQLq) do_sql($SHOW_D);
133 }
134 }
135 }
136 $time_all=ceil((microtime_float()-$time_start)*10000)/10000;
137
138 print_screen();
139}else{
140 print_cfg();
141}
142
143function do_sql($q){
144 global $dbh,$last_sth,$last_sql,$reccount,$out_message,$SQLq,$SHOW_T;
145 $SQLq=$q;
146
147 if (!do_multi_sql($q)){
148 $out_message="Error: ".mysqli_error($dbh);
149 }else{
150 if ($last_sth && $last_sql){
151 $SQLq=$last_sql;
152 if (preg_match("/^select|show|explain|desc/i",$last_sql)) {
153 if ($q!=$last_sql) $out_message="Results of the last select displayed:";
154 display_select($last_sth,$last_sql);
155 } else {
156 $reccount=mysqli_affected_rows($dbh);
157 $out_message="Done.";
158 if (preg_match("/^insert|replace/i",$last_sql)) $out_message.=" Last inserted id=".get_identity();
159 if (preg_match("/^drop|truncate/i",$last_sql)) do_sql($SHOW_T);
160 }
161 }
162 }
163}
164
165function display_select($sth,$q){
166 global $dbh,$DB,$sqldr,$reccount,$is_sht,$xurl,$is_sm;
167 $rc=array("o","e");
168 $dbn=ue($DB['db']);
169 $sqldr='';
170
171 $is_shd=(preg_match('/^show\s+databases/i',$q));
172 $is_sht=(preg_match('/^show\s+tables|^SHOW\s+TABLE\s+STATUS/',$q));
173 $is_show_crt=(preg_match('/^show\s+create\s+table/i',$q));
174
175 if ($sth===FALSE or $sth===TRUE) return;#check if $sth is not a mysql resource
176
177 $reccount=mysqli_num_rows($sth);
178 $fields_num=mysqli_field_count($dbh);
179
180 $w='';
181 if ($is_sm) $w='sm ';
182 if ($is_sht || $is_shd) {$w='wa';
183 $url='?'.$xurl."&db=$dbn";
184 $sqldr.="<div class='dot'>
185 MySQL Server:
186 · <a href='$url&q=".b64u("show variables")."'>Show Configuration Variables</a>
187 · <a href='$url&q=".b64u("show status")."'>Show Statistics</a>
188 · <a href='$url&q=".b64u("show processlist")."'>Show Processlist</a> ";
189 if ($is_shd) $sqldr.="· <label>Create new database: <input type='text' name='new_db' placeholder='type db name here'></label> <input type='submit' name='crdb' value='Create'>";
190 $sqldr.="<br>";
191 if ($is_sht) $sqldr.="Database: · <a href='$url&q=".b64u("show table status")."'>Show Table Status</a>";
192 $sqldr.="</div>";
193 }
194 if ($is_sht){
195 $abtn="<div><input type='submit' value='Export' onclick=\"sht('exp')\">
196 <input type='submit' value='Drop' onclick=\"if(ays()){sht('drop')}else{return false}\">
197 <input type='submit' value='Truncate' onclick=\"if(ays()){sht('trunc')}else{return false}\">
198 <input type='submit' value='Optimize' onclick=\"sht('opt')\">
199 <b>selected tables</b></div>";
200 $sqldr.=$abtn."<input type='hidden' name='dosht' value=''>";
201 }
202
203 $sqldr.="<div><table id='res' class='res $w'>";
204 $headers="<tr class='h'>";
205 if ($is_sht) $headers.="<td><input type='checkbox' name='cball' value='' onclick='chkall(this)'></td>";
206 for($i=0;$i<$fields_num;$i++){
207 if ($is_sht && $i>0) break;
208 $meta=mysqli_fetch_field($sth);
209 $headers.="<th><div>".hs($meta->name)."</div></th>";
210 }
211 if ($is_shd) $headers.="<th>show create database</th><th>show table status</th><th>show triggers</th>";
212 if ($is_sht) $headers.="<th>engine</th><th>~rows</th><th>data size</th><th>index size</th><th>show create table</th><th>explain</th><th>indexes</th><th>export</th><th>drop</th><th>truncate</th><th>optimize</th><th>repair</th><th>comment</th>";
213 $headers.="</tr>\n";
214 $sqldr.=$headers;
215 $swapper=false;
216 while($row=mysqli_fetch_row($sth)){
217 $sqldr.="<tr class='".$rc[$swp=!$swp]."' onclick='tc(this)'>";
218 $v=$row[0];
219 if ($is_sht){
220 $vq='`'.$v.'`';
221 $url='?'.$xurl."&db=$dbn&t=".b64u($v);
222 $sqldr.="<td><input type='checkbox' name='cb[]' value=\"".hs($vq)."\"></td>"
223 ."<td><a href=\"$url&q=".b64u("select * from $vq")."\">".hs($v)."</a></td>"
224 ."<td>".hs($row[1])."</td>"
225 ."<td align='right'>".hs($row[4])."</td>"
226 ."<td align='right'>".hs($row[6])."</td>"
227 ."<td align='right'>".hs($row[8])."</td>"
228 ."<td>·<a href=\"$url&q=".b64u("show create table $vq")."\">sct</a></td>"
229 ."<td>·<a href=\"$url&q=".b64u("explain $vq")."\">exp</a></td>"
230 ."<td>·<a href=\"$url&q=".b64u("show index from $vq")."\">ind</a></td>"
231 ."<td>·<a href=\"$url&shex=1&rt=".hs(ue($vq))."\">export</a></td>"
232 ."<td>·<a href=\"$url&q=".b64u("drop table $vq")."\" onclick='return ays()'>dr</a></td>"
233 ."<td>·<a href=\"$url&q=".b64u("truncate table $vq")."\" onclick='return ays()'>tr</a></td>"
234 ."<td>·<a href=\"$url&q=".b64u("optimize table $vq")."\" onclick='return ays()'>opt</a></td>"
235 ."<td>·<a href=\"$url&q=".b64u("repair table $vq")."\" onclick='return ays()'>rpr</a></td>"
236 ."<td>".hs($row[$fields_num-1])."</td>";
237 }elseif ($is_shd){
238 $url='?'.$xurl."&db=".ue($v);
239 $sqldr.="<td><a href=\"$url&q=".b64u("SHOW TABLE STATUS")."\">".hs($v)."</a></td>"
240 ."<td><a href=\"$url&q=".b64u("show create database `$v`")."\">scd</a></td>"
241 ."<td><a href=\"$url&q=".b64u("show table status")."\">status</a></td>"
242 ."<td><a href=\"$url&q=".b64u("show triggers")."\">trig</a></td>";
243 }else{
244 for($i=0;$i<$fields_num;$i++){
245 $v=$row[$i];
246 if (is_null($v)) $v="<i>NULL</i>";
247 elseif (preg_match('/[\x00-\x09\x0B\x0C\x0E-\x1F]+/',$v)){#all chars <32, except \n\r(0D0A)
248 $vl=strlen($v);$pf='';
249 if ($vl>16 && $fields_num>1){#show full dump if just one field
250 $v=substr($v, 0, 16);$pf='...';
251 }
252 $v='BINARY: '.chunk_split(strtoupper(bin2hex($v)),2,' ').$pf;
253 }else $v=hs($v);
254 if ($is_show_crt) $v="<pre>$v</pre>";
255 $sqldr.="<td><div>$v".(!strlen($v)?"<br>":'')."</div></td>";
256 }
257 }
258 $sqldr.="</tr>\n";
259 }
260 $sqldr.="</table></div>\n".$abtn;
261}
262
263function print_header(){
264 global $err_msg,$VERSION,$DB,$dbh,$self,$is_sht,$xurl,$SHOW_T;
265 $dbn=$DB['db'];
266?>
267<!DOCTYPE html>
268<html>
269<head><title>phpMiniAdmin</title>
270<meta charset="utf-8">
271<style type="text/css">
272*{box-sizing:border-box;}
273body{font-family:Arial,sans-serif;font-size:80%;padding:0;margin:0}
274div{padding:3px}
275pre{font-size:125%}
276textarea{width:100%}
277.nav{text-align:center}
278.ft{text-align:right;margin-top:20px;font-size:smaller}
279.inv{background-color:#069;color:#FFF}
280.inv a{color:#FFF}
281table{border-collapse:collapse}
282table.res{width:100%}
283table.wa{width:auto}
284table.res th,table.res td{padding:2px;border:1px solid #fff;vertical-align:top}
285table.sm th,table.sm td{max-width:30em}
286table.sm th>div,table.sm td>div{max-height:3.5em;overflow:hidden}
287table.sm th.lg,table.sm td.lg{max-width:inherit}
288table.sm th.lg>div,table.sm td.lg>div{max-height:inherit;overflow:inherit}
289table.restr{vertical-align:top}
290tr.e{background-color:#CCC}
291tr.o{background-color:#EEE}
292tr.e:hover, tr.o:hover{background-color:#FF9}
293tr.h{background-color:#99C}
294tr.s{background-color:#FF9}
295.err{color:#F33;font-weight:bold;text-align:center}
296.frm{width:400px;border:1px solid #999;background-color:#eee;text-align:left}
297.frm label .l{width:100px;float:left}
298.dot{border-bottom:1px dotted #000}
299.ajax{text-decoration:none;border-bottom: 1px dashed}
300.qnav{width:30px}
301.sbtn{width:100px}
302.clear{clear:both;height:0;display:block}
303.pi a{text-decoration:none}
304.pi hr{display:none}
305.pi img{float:right}
306.pi .center{text-align:center}
307.pi table{margin:0 auto}
308.pi table td, .pi table th{border:1px solid #000000;text-align:left;vertical-align:baseline}
309.pi table .e{background-color:#ccccff;font-weight:bold}
310.pi table .v{background-color:#cccccc}
311</style>
312
313<script type="text/javascript">
314var LSK='pma_',LSKX=LSK+'max',LSKM=LSK+'min',qcur=0,LSMAX=32;
315
316function $(i){return document.getElementById(i)}
317function frefresh(){
318 var F=document.DF;
319 F.method='get';
320 F.refresh.value="1";
321 F.GoSQL.click();
322}
323function go(p,sql){
324 var F=document.DF;
325 F.p.value=p;
326 if(sql)F.q.value=sql;
327 F.GoSQL.click();
328}
329function ays(){
330 return confirm('Are you sure to continue?');
331}
332function chksql(){
333 var F=document.DF,v=F.qraw.value;
334 if(/^\s*(?:delete|drop|truncate|alter)/.test(v)) if(!ays())return false;
335 if(lschk(1)){
336 var lsm=lsmax()+1,ls=localStorage;
337 ls[LSK+lsm]=v;
338 ls[LSKX]=lsm;
339 //keep just last LSMAX queries in log
340 if(!ls[LSKM])ls[LSKM]=1;
341 var lsmin=parseInt(ls[LSKM]);
342 if((lsm-lsmin+1)>LSMAX){
343 lsclean(lsmin,lsm-LSMAX);
344 }
345 }
346 return true;
347}
348function tc(tr){
349 if (tr.className=='s'){
350 tr.className=tr.classNameX;
351 }else{
352 tr.classNameX=tr.className;
353 tr.className='s';
354 }
355}
356function lschk(skip){
357 if (!localStorage || !skip && !localStorage[LSKX]) return false;
358 return true;
359}
360function lsmax(){
361 var ls=localStorage;
362 if(!lschk() || !ls[LSKX])return 0;
363 return parseInt(ls[LSKX]);
364}
365function lsclean(from,to){
366 ls=localStorage;
367 for(var i=from;i<=to;i++){
368 delete ls[LSK+i];ls[LSKM]=i+1;
369 }
370}
371function q_prev(){
372 var ls=localStorage;
373 if(!lschk())return;
374 qcur--;
375 var x=parseInt(ls[LSKM]);
376 if(qcur<x)qcur=x;
377 $('qraw').value=ls[LSK+qcur];
378}
379function q_next(){
380 var ls=localStorage;
381 if(!lschk())return;
382 qcur++;
383 var x=parseInt(ls[LSKX]);
384 if(qcur>x)qcur=x;
385 $('qraw').value=ls[LSK+qcur];
386}
387function after_load(){
388 var F=document.DF;
389 var p=F['v[pwd]'];
390 if (p) p.focus();
391 qcur=lsmax();
392
393 F.addEventListener('submit',function(e){
394 if(!F.qraw)return;
395 if(!chksql()){e.preventDefault();return}
396 $('q').value=btoa(encodeURIComponent($('qraw').value).replace(/%([0-9A-F]{2})/g,function(m,p){return String.fromCharCode('0x'+p)}));
397 });
398 var res=$('res');
399 if(res)res.addEventListener('dblclick',function(e){
400 if(!$('is_sm').checked)return;
401 var el=e.target;
402 if(el.tagName!='TD')el=el.parentNode;
403 if(el.tagName!='TD')return;
404 if(el.className.match(/\b\lg\b/))el.className=el.className.replace(/\blg\b/,' ');
405 else el.className+=' lg';
406 });
407}
408function logoff(){
409 if(lschk()){
410 var ls=localStorage;
411 var from=parseInt(ls[LSKM]),to=parseInt(ls[LSKX]);
412 for(var i=from;i<=to;i++){
413 delete ls[LSK+i];
414 }
415 delete ls[LSKM];delete ls[LSKX];
416 }
417}
418function cfg_toggle(){
419 var e=$('cfg-adv');
420 e.style.display=e.style.display=='none'?'':'none';
421}
422function qtpl(s){
423 $('qraw').value=s.replace(/%T/g,'`<?php echo $_REQUEST['t']?b64d($_REQUEST['t']):'tablename'?>`');
424}
425function smview(){
426 if($('is_sm').checked){$('res').className+=' sm'}else{$('res').className = $('res').className.replace(/\bsm\b/,' ')}
427}
428<?php if($is_sht){?>
429function chkall(cab){
430 var e=document.DF.elements;
431 if (e!=null){
432 var cl=e.length;
433 for (i=0;i<cl;i++){var m=e[i];if(m.checked!=null && m.type=="checkbox"){m.checked=cab.checked}}
434 }
435}
436function sht(f){
437 document.DF.dosht.value=f;
438}
439<?php }?>
440</script>
441
442</head>
443<body onload="after_load()">
444<form method="post" name="DF" id="DF" action="<?php eo($self)?>" enctype="multipart/form-data">
445<input type="hidden" name="XSS" value="<?php eo($_SESSION['XSS'])?>">
446<input type="hidden" name="refresh" value="">
447<input type="hidden" name="p" value="">
448
449<div class="inv">
450<a href="http://phpminiadmin.sourceforge.net/" target="_blank"><b>phpMiniAdmin <?php eo($VERSION)?></b></a>
451<?php if ($_SESSION['is_logged'] && $dbh){ ?>
452 | <a href="?<?php eo($xurl.'&q='.b64u("show databases"))?>">Databases</a>: <select name="db" onChange="frefresh()"><option value='*'> - select/refresh -</option><option value=''> - show all -</option>
453<?php echo get_db_select($dbn)?></select>
454<?php if($dbn){ $z=" · <a href='".hs($self."?$xurl&db=".ue($dbn)); ?>
455<?php echo $z.'&q='.b64u($SHOW_T)?>'>show tables</a>
456<?php echo $z?>&shex=1'>export</a>
457<?php echo $z?>&shim=1'>import</a>
458<?php } ?>
459 | <a href="?showcfg=1">Settings</a>
460<?php } ?>
461<?php if ($_SESSION['is_logged']){?> | <a href="?<?php eo($xurl)?>&logoff=1" onclick="logoff()">Logoff</a> <?php }?>
462 | <a href="?pi=1">phpinfo</a>
463</div>
464
465<div class="err"><?php eo($err_msg)?></div>
466
467<?php
468}
469
470function print_screen(){
471 global $out_message, $SQLq, $err_msg, $reccount, $time_all, $sqldr, $page, $MAX_ROWS_PER_PAGE, $is_limited_sql, $last_count, $is_sm;
472
473 $nav='';
474 if ($is_limited_sql && ($page || $reccount>=$MAX_ROWS_PER_PAGE) ){
475 $nav="<div class='nav'>".get_nav($page, 10000, $MAX_ROWS_PER_PAGE, "javascript:go(%p%)")."</div>";
476 }
477
478 print_header();
479?>
480
481<div class="dot" style="padding:3px 20px">
482<label for="qraw">SQL-query (or multiple queries separated by ";"):</label> <button type="button" class="qnav" onclick="q_prev()"><</button><button type="button" class="qnav" onclick="q_next()">></button><br>
483<textarea id="qraw" cols="70" rows="10"><?php eo($SQLq)?></textarea><br>
484<input type="hidden" name="q" id="q" value="<?php b64e($SQLq);?>">
485<input type="submit" name="GoSQL" value="Go" class="sbtn">
486<input type="button" name="Clear" value=" Clear " onclick="$('qraw').value='';" style="width:100px">
487<?php if(!empty($_REQUEST['db'])){ ?>
488<div style="float:right">
489<input type="button" value="Select" class="sbtn" onclick="qtpl('SELECT *\nFROM %T\nWHERE 1')">
490<input type="button" value="Insert" class="sbtn" onclick="qtpl('INSERT INTO %T (`column`, `column`)\nVALUES (\'value\', \'value\')')">
491<input type="button" value="Update" class="sbtn" onclick="qtpl('UPDATE %T\nSET `column`=\'value\'\nWHERE 1=0')">
492<input type="button" value="Delete" class="sbtn" onclick="qtpl('DELETE FROM %T\nWHERE 1=0')">
493</div><br class="clear">
494<?php } ?>
495</div>
496<div class="dot">
497<div style="float:right;padding:0 15px"><label><input type="checkbox" name="is_sm" value="1" id="is_sm" onclick="smview()" <?php eo($is_sm?'checked':'')?>> compact view</label></div>
498Records: <b><?php eo($reccount); if(!is_null($last_count) && $reccount<$last_count){eo(' out of '.$last_count);}?></b> in <b><?php eo($time_all)?></b> sec<br>
499<b><?php eo($out_message)?></b>
500</div>
501<?php echo $nav.$sqldr.$nav; ?>
502<?php
503 print_footer();
504}
505
506function print_footer(){
507?>
508</form>
509<div class="ft">© 2004-2017 <a href="http://osalabs.com" target="_blank">Oleg Savchuk</a></div>
510</body></html>
511<?php
512}
513
514function print_login(){
515 print_header();
516?>
517<center>
518<h3>Access protected by password</h3>
519<div style="width:400px;border:1px solid #999999;background-color:#eeeeee">
520<label>Password: <input type="password" name="pwd" value=""></label>
521<input type="hidden" name="login" value="1">
522<input type="submit" value=" Login ">
523</div>
524</center>
525<?php
526 print_footer();
527}
528
529
530function print_cfg(){
531 global $DB,$err_msg,$self;
532 print_header();
533?>
534<center>
535<h3>DB Connection Settings</h3>
536<div class="frm">
537<label><div class="l">DB user name:</div><input type="text" name="v[user]" value="<?php eo($DB['user'])?>"></label><br>
538<label><div class="l">Password:</div><input type="password" name="v[pwd]" value=""></label><br>
539<div style="text-align:right"><a href="#" class="ajax" onclick="cfg_toggle()">advanced settings</a></div>
540<div id="cfg-adv" style="display:none;">
541<label><div class="l">DB name:</div><input type="text" name="v[db]" value="<?php eo($DB['db'])?>"></label><br>
542<label><div class="l">MySQL host:</div><input type="text" name="v[host]" value="<?php eo($DB['host'])?>"></label> <label>port: <input type="text" name="v[port]" value="<?php eo($DB['port'])?>" size="4"></label><br>
543<label><div class="l">Charset:</div><select name="v[chset]"><option value="">- default -</option><?php echo chset_select($DB['chset'])?></select></label><br>
544<br><label for ="rmb"><input type="checkbox" name="rmb" id="rmb" value="1" checked> Remember in cookies for 30 days or until Logoff</label>
545</div>
546<center>
547<input type="hidden" name="savecfg" value="1">
548<input type="submit" value=" Apply "><input type="button" value=" Cancel " onclick="window.location='<?php eo($self)?>'">
549</center>
550</div>
551</center>
552<?php
553 print_footer();
554}
555
556
557//* utilities
558function db_connect($nodie=0){
559 global $dbh,$DB,$err_msg;
560
561 if ($DB['port']) {
562 $dbh=mysqli_connect($DB['host'],$DB['user'],$DB['pwd'],'',(int)$DB['port']);
563 } else {
564 $dbh=mysqli_connect($DB['host'],$DB['user'],$DB['pwd']);
565 }
566 if (!$dbh) {
567 $err_msg='Cannot connect to the database because: '.mysqli_connect_error();
568 if (!$nodie) die($err_msg);
569 }
570
571 if ($dbh && $DB['db']) {
572 $res=mysqli_select_db($dbh, $DB['db']);
573 if (!$res) {
574 $err_msg='Cannot select db because: '.mysqli_error($dbh);
575 if (!$nodie) die($err_msg);
576 }else{
577 if ($DB['chset']) db_query("SET NAMES ".$DB['chset']);
578 }
579 }
580
581 return $dbh;
582}
583
584function db_checkconnect($dbh1=NULL, $skiperr=0){
585 global $dbh;
586 if (!$dbh1) $dbh1=&$dbh;
587 if (!$dbh1 or !mysqli_ping($dbh1)) {
588 db_connect($skiperr);
589 $dbh1=&$dbh;
590 }
591 return $dbh1;
592}
593
594function db_disconnect(){
595 global $dbh;
596 mysqli_close($dbh);
597}
598
599function dbq($s){
600 global $dbh;
601 if (is_null($s)) return "NULL";
602 return "'".mysqli_real_escape_string($dbh,$s)."'";
603}
604
605function db_query($sql, $dbh1=NULL, $skiperr=0, $resmod=MYSQLI_STORE_RESULT){
606 $dbh1=db_checkconnect($dbh1, $skiperr);
607 $sth=mysqli_query($dbh1, $sql, $resmod);
608 if (!$sth && $skiperr) return;
609 if (!$sth) die("Error in DB operation:<br>\n".mysqli_error($dbh1)."<br>\n$sql");
610 return $sth;
611}
612
613function db_array($sql, $dbh1=NULL, $skiperr=0, $isnum=0){#array of rows
614 $sth=db_query($sql, $dbh1, $skiperr, MYSQLI_USE_RESULT);
615 if (!$sth) return;
616 $res=array();
617 if ($isnum){
618 while($row=mysqli_fetch_row($sth)) $res[]=$row;
619 }else{
620 while($row=mysqli_fetch_assoc($sth)) $res[]=$row;
621 }
622 mysqli_free_result($sth);
623 return $res;
624}
625
626function db_row($sql){
627 $sth=db_query($sql);
628 return mysqli_fetch_assoc($sth);
629}
630
631function db_value($sql,$dbh1=NULL,$skiperr=0){
632 $sth=db_query($sql,$dbh1,$skiperr);
633 if (!$sth) return;
634 $row=mysqli_fetch_row($sth);
635 return $row[0];
636}
637
638function get_identity($dbh1=NULL){
639 $dbh1=db_checkconnect($dbh1);
640 return mysqli_insert_id($dbh1);
641}
642
643function get_db_select($sel=''){
644 global $DB,$SHOW_D;
645 if (is_array($_SESSION['sql_sd']) && $_REQUEST['db']!='*'){//check cache
646 $arr=$_SESSION['sql_sd'];
647 }else{
648 $arr=db_array($SHOW_D,NULL,1);
649 if (!is_array($arr)){
650 $arr=array( 0 => array('Database' => $DB['db']) );
651 }
652 $_SESSION['sql_sd']=$arr;
653 }
654 return @sel($arr,'Database',$sel);
655}
656
657function chset_select($sel=''){
658 global $DBDEF;
659 $result='';
660 if ($_SESSION['sql_chset']){
661 $arr=$_SESSION['sql_chset'];
662 }else{
663 $arr=db_array("show character set",NULL,1);
664 if (!is_array($arr)) $arr=array(array('Charset'=>$DBDEF['chset']));
665 $_SESSION['sql_chset']=$arr;
666 }
667
668 return @sel($arr,'Charset',$sel);
669}
670
671function sel($arr,$n,$sel=''){
672 foreach($arr as $a){
673# echo $a[0];
674 $b=$a[$n];
675 $res.="<option value='".hs($b)."' ".($sel && $sel==$b?'selected':'').">".hs($b)."</option>";
676 }
677 return $res;
678}
679
680function microtime_float(){
681 list($usec,$sec)=explode(" ",microtime());
682 return ((float)$usec+(float)$sec);
683}
684
685/* page nav
686 $pg=int($_[0]); #current page
687 $all=int($_[1]); #total number of items
688 $PP=$_[2]; #number if items Per Page
689 $ptpl=$_[3]; #page url /ukr/dollar/notes.php?page= for notes.php
690 $show_all=$_[5]; #print Totals?
691*/
692function get_nav($pg, $all, $PP, $ptpl, $show_all=''){
693 $n=' ';
694 $sep=" $n|$n\n";
695 if (!$PP) $PP=10;
696 $allp=floor($all/$PP+0.999999);
697
698 $pname='';
699 $res='';
700 $w=array('Less','More','Back','Next','First','Total');
701
702 $sp=$pg-2;
703 if($sp<0) $sp=0;
704 if($allp-$sp<5 && $allp>=5) $sp=$allp-5;
705
706 $res="";
707
708 if($sp>0){
709 $pname=pen($sp-1,$ptpl);
710 $res.="<a href='$pname'>$w[0]</a>";
711 $res.=$sep;
712 }
713 for($p_p=$sp;$p_p<$allp && $p_p<$sp+5;$p_p++){
714 $first_s=$p_p*$PP+1;
715 $last_s=($p_p+1)*$PP;
716 $pname=pen($p_p,$ptpl);
717 if($last_s>$all){
718 $last_s=$all;
719 }
720 if($p_p==$pg){
721 $res.="<b>$first_s..$last_s</b>";
722 }else{
723 $res.="<a href='$pname'>$first_s..$last_s</a>";
724 }
725 if($p_p+1<$allp) $res.=$sep;
726 }
727 if($sp+5<$allp){
728 $pname=pen($sp+5,$ptpl);
729 $res.="<a href='$pname'>$w[1]</a>";
730 }
731 $res.=" <br>\n";
732
733 if($pg>0){
734 $pname=pen($pg-1,$ptpl);
735 $res.="<a href='$pname'>$w[2]</a> $n|$n ";
736 $pname=pen(0,$ptpl);
737 $res.="<a href='$pname'>$w[4]</a>";
738 }
739 if($pg>0 && $pg+1<$allp) $res.=$sep;
740 if($pg+1<$allp){
741 $pname=pen($pg+1,$ptpl);
742 $res.="<a href='$pname'>$w[3]</a>";
743 }
744 if ($show_all) $res.=" <b>($w[5] - $all)</b> ";
745
746 return $res;
747}
748
749function pen($p,$np=''){
750 return str_replace('%p%',$p, $np);
751}
752
753function killmq($value){
754 return is_array($value)?array_map('killmq',$value):stripslashes($value);
755}
756
757function savecfg(){
758 $v=$_REQUEST['v'];
759 $_SESSION['DB']=$v;
760 unset($_SESSION['sql_sd']);
761
762 if ($_REQUEST['rmb']){
763 $tm=time()+60*60*24*30;
764 newcookie("conn[db]", $v['db'],$tm);
765 newcookie("conn[user]",$v['user'],$tm);
766 newcookie("conn[pwd]", $v['pwd'],$tm);
767 newcookie("conn[host]",$v['host'],$tm);
768 newcookie("conn[port]",$v['port'],$tm);
769 newcookie("conn[chset]",$v['chset'],$tm);
770 }else{
771 newcookie("conn[db]", FALSE,-1);
772 newcookie("conn[user]",FALSE,-1);
773 newcookie("conn[pwd]", FALSE,-1);
774 newcookie("conn[host]",FALSE,-1);
775 newcookie("conn[port]",FALSE,-1);
776 newcookie("conn[chset]",FALSE,-1);
777 }
778}
779
780// Allow httponly cookies, or the password is stored plain text in a cookie
781function newcookie($n,$v,$e){$x;return setcookie($n,$v,$e,$x,$x,!!$x,!$x);}
782
783//during login only - from cookies or use defaults;
784function loadcfg(){
785 global $DBDEF;
786
787 if( isset($_COOKIE['conn']) ){
788 $_SESSION['DB']=$_COOKIE['conn'];
789 }else{
790 $_SESSION['DB']=$DBDEF;
791 }
792 if (!strlen($_SESSION['DB']['chset'])) $_SESSION['DB']['chset']=$DBDEF['chset'];#don't allow empty charset
793}
794
795//each time - from session to $DB_*
796function loadsess(){
797 global $DB, $is_sm;
798
799 $DB=$_SESSION['DB'];
800
801 $rdb=$_REQUEST['db'];
802 if ($rdb=='*') $rdb='';
803 if ($rdb) {
804 $DB['db']=$rdb;
805 }
806 if($_REQUEST['GoSQL']) $_SESSION['is_sm']=$_REQUEST['is_sm']+0;
807 $is_sm=$_SESSION['is_sm']+0;
808}
809
810function print_export(){
811 global $self,$xurl,$DB,$DUMP_FILE;
812 $t=$_REQUEST['rt'];
813 $l=($t)?"Table $t":"whole DB";
814 print_header();
815?>
816<center>
817<h3>Export <?php eo($l)?></h3>
818<div class="frm">
819<input type="checkbox" name="s" value="1" checked> Structure<br>
820<input type="checkbox" name="d" value="1" checked> Data<br><br>
821<div><label><input type="radio" name="et" value="" checked> .sql</label> </div>
822<div>
823<?php if ($t && !strpos($t,',')){?>
824 <label><input type="radio" name="et" value="csv"> .csv (Excel style, data only and for one table only)</label>
825<?php }else{?>
826<label> ( ) .csv</label> <small>(to export as csv - go to 'show tables' and export just ONE table)</small>
827<?php }?>
828</div>
829<br>
830<div><label><input type="checkbox" name="sp" value="1"> import has super privileges</label></div>
831<div><label><input type="checkbox" name="gz" value="1"> compress as .gz</label></div>
832<br>
833<input type="hidden" name="doex" value="1">
834<input type="hidden" name="rt" value="<?php eo($t)?>">
835<input type="submit" value=" Download ">
836<input type="submit" name="srv" value=" Dump on Server ">
837<input type="button" value=" Cancel " onclick="window.location='<?php eo($self.'?'.$xurl.'&db='.ue($DB['db']))?>'">
838<p><small>"Dump on Server" exports to file:<br><?php eo(export_fname($DUMP_FILE).'.sql')?></small></p>
839</div>
840</center>
841<?php
842 print_footer();
843 exit;
844}
845
846function export_fname($f,$ist=false){
847 $t=$ist?date('Y-m-d-His'):'YYYY-MM-DD-HHMMSS';
848 return $f.$t;
849}
850
851function do_export(){
852 global $DB,$VERSION,$D,$BOM,$ex_isgz,$ex_issrv,$dbh,$out_message;
853 $rt=str_replace('`','',$_REQUEST['rt']);
854 $t=explode(",",$rt);
855 $th=array_flip($t);
856 $ct=count($t);
857 $z=db_row("show variables like 'max_allowed_packet'");
858 $MAXI=floor($z['Value']*0.8);
859 if(!$MAXI)$MAXI=838860;
860 $aext='';$ctp='';
861
862 $ex_super=($_REQUEST['sp'])?1:0;
863 $ex_isgz=($_REQUEST['gz'])?1:0;
864 if ($ex_isgz) {
865 $aext='.gz';$ctp='application/x-gzip';
866 }
867 $ex_issrv=($_REQUEST['srv'])?1:0;
868
869 if ($ct==1&&$_REQUEST['et']=='csv'){
870 ex_start('.csv');
871 ex_hdr($ctp?$ctp:'text/csv',"$t[0].csv$aext");
872 if ($DB['chset']=='utf8') ex_w($BOM);
873
874 $sth=db_query("select * from `$t[0]`",NULL,0,MYSQLI_USE_RESULT);
875 $fn=mysqli_field_count($dbh);
876 for($i=0;$i<$fn;$i++){
877 $m=mysqli_fetch_field($sth);
878 ex_w(qstr($m->name).(($i<$fn-1)?",":""));
879 }
880 ex_w($D);
881 while($row=mysqli_fetch_row($sth)) ex_w(to_csv_row($row));
882 mysqli_free_result($sth);
883 }else{
884 ex_start('.sql');
885 ex_hdr($ctp?$ctp:'text/plain',"$DB[db]".(($ct==1&&$t[0])?".$t[0]":(($ct>1)?'.'.$ct.'tables':'')).".sql$aext");
886 ex_w("-- phpMiniAdmin dump $VERSION$D-- Datetime: ".date('Y-m-d H:i:s')."$D-- Host: $DB[host]$D-- Database: $DB[db]$D$D");
887 if ($DB['chset']) ex_w("/*!40030 SET NAMES $DB[chset] */;$D");
888 $ex_super && ex_w("/*!40030 SET GLOBAL max_allowed_packet=16777216 */;$D$D");
889 ex_w("/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;$D$D");
890
891 $sth=db_query("show full tables from `$DB[db]`");
892 while($row=mysqli_fetch_row($sth)){
893 if (!$rt||array_key_exists($row[0],$th)) do_export_table($row[0],$row[1],$MAXI);
894 }
895
896 ex_w("/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;$D$D");
897 ex_w("$D-- phpMiniAdmin dump end$D");
898 }
899 ex_end();
900 if (!$ex_issrv) exit;
901 $out_message='Export done successfully';
902}
903
904function do_export_table($t='',$tt='',$MAXI=838860){
905 global $D,$ex_issrv;
906 @set_time_limit(600);
907
908 if($_REQUEST['s']){
909 $sth=db_query("show create table `$t`");
910 $row=mysqli_fetch_row($sth);
911 $ct=preg_replace("/\n\r|\r\n|\n|\r/",$D,$row[1]);
912 ex_w("DROP TABLE IF EXISTS `$t`;$D$ct;$D$D");
913 }
914
915 if ($_REQUEST['d']&&$tt!='VIEW'){//no dump for views
916 $exsql='';
917 ex_w("/*!40000 ALTER TABLE `$t` DISABLE KEYS */;$D");
918 $sth=db_query("select * from `$t`",NULL,0,MYSQLI_USE_RESULT);
919 while($row=mysqli_fetch_row($sth)){
920 $values='';
921 foreach($row as $v) $values.=(($values)?',':'').dbq($v);
922 $exsql.=(($exsql)?',':'')."(".$values.")";
923 if (strlen($exsql)>$MAXI) {
924 ex_w("INSERT INTO `$t` VALUES $exsql;$D");$exsql='';
925 }
926 }
927 mysqli_free_result($sth);
928 if ($exsql) ex_w("INSERT INTO `$t` VALUES $exsql;$D");
929 ex_w("/*!40000 ALTER TABLE `$t` ENABLE KEYS */;$D$D");
930 }
931 if (!$ex_issrv) flush();
932}
933
934function ex_hdr($ct,$fn){
935 global $ex_issrv;
936 if ($ex_issrv) return;
937 header("Content-type: $ct");
938 header("Content-Disposition: attachment; filename=\"$fn\"");
939}
940function ex_start($ext){
941 global $ex_isgz,$ex_gz,$ex_tmpf,$ex_issrv,$ex_f,$DUMP_FILE;
942 if ($ex_isgz){
943 $ex_tmpf=($ex_issrv?export_fname($DUMP_FILE,true).$ext:tmp_name()).'.gz';
944 if (!($ex_gz=gzopen($ex_tmpf,'wb9'))) die("Error trying to create gz tmp file");
945 }else{
946 if ($ex_issrv) {
947 if (!($ex_f=fopen(export_fname($DUMP_FILE,true).$ext,'wb'))) die("Error trying to create dump file");
948 }
949 }
950}
951function ex_w($s){
952 global $ex_isgz,$ex_gz,$ex_issrv,$ex_f;
953 if ($ex_isgz){
954 gzwrite($ex_gz,$s,strlen($s));
955 }else{
956 if ($ex_issrv){
957 fwrite($ex_f,$s);
958 }else{
959 echo $s;
960 }
961 }
962}
963function ex_end(){
964 global $ex_isgz,$ex_gz,$ex_tmpf,$ex_issrv,$ex_f;
965 if ($ex_isgz){
966 gzclose($ex_gz);
967 if (!$ex_issrv){
968 readfile($ex_tmpf);
969 unlink($ex_tmpf);
970 }
971 }else{
972 if ($ex_issrv) fclose($ex_f);
973 }
974}
975
976function print_import(){
977 global $self,$xurl,$DB,$DUMP_FILE;
978 print_header();
979?>
980<center>
981<h3>Import DB</h3>
982<div class="frm">
983<div><label><input type="radio" name="it" value="" checked> import by uploading <b>.sql</b> or <b>.gz</b> file:</label>
984 <input type="file" name="file1" value="" size=40><br>
985</div>
986<div><label><input type="radio" name="it" value="sql"> import from file on server:<br>
987 <?php eo($DUMP_FILE.'.sql')?></label></div>
988<div><label><input type="radio" name="it" value="gz"> import from file on server:<br>
989 <?php eo($DUMP_FILE.'.sql.gz')?></label></div>
990<input type="hidden" name="doim" value="1">
991<input type="submit" value=" Import " onclick="return ays()"><input type="button" value=" Cancel " onclick="window.location='<?php eo($self.'?'.$xurl.'&db='.ue($DB['db']))?>'">
992</div>
993<br><br><br>
994<!--
995<h3>Import one Table from CSV</h3>
996<div class="frm">
997.csv file (Excel style): <input type="file" name="file2" value="" size=40><br>
998<input type="checkbox" name="r1" value="1" checked> first row contain field names<br>
999<small>(note: for success, field names should be exactly the same as in DB)</small><br>
1000Character set of the file: <select name="chset"><?php echo chset_select('utf8')?></select>
1001<br><br>
1002Import into:<br>
1003<input type="radio" name="tt" value="1" checked="checked"> existing table:
1004 <select name="t">
1005 <option value=''>- select -</option>
1006 <?php echo sel(db_array('show tables',NULL,0,1), 0, ''); ?>
1007</select>
1008<div style="margin-left:20px">
1009 <input type="checkbox" name="ttr" value="1"> replace existing DB data<br>
1010 <input type="checkbox" name="tti" value="1"> ignore duplicate rows
1011</div>
1012<input type="radio" name="tt" value="2"> create new table with name <input type="text" name="tn" value="" size="20">
1013<br><br>
1014<input type="hidden" name="doimcsv" value="1">
1015<input type="submit" value=" Upload and Import " onclick="return ays()"><input type="button" value=" Cancel " onclick="window.location='<?php eo($self)?>'">
1016</div>
1017-->
1018</center>
1019<?php
1020 print_footer();
1021 exit;
1022}
1023
1024function do_import(){
1025 global $err_msg,$out_message,$dbh,$SHOW_T,$DUMP_FILE;
1026 $err_msg='';
1027 $it=$_REQUEST['it'];
1028
1029 if (!$it){
1030 $F=$_FILES['file1'];
1031 if ($F && $F['name']){
1032 $filename=$F['tmp_name'];
1033 $pi=pathinfo($F['name']);
1034 $ext=$pi['extension'];
1035 }
1036 }else{
1037 $ext=($it=='gz'?'sql.gz':'sql');
1038 $filename=$DUMP_FILE.'.'.$ext;
1039 }
1040
1041 if ($filename && file_exists($filename)){
1042 if ($ext!='sql'){//if not sql - assume .gz and extract
1043 $tmpf=tmp_name();
1044 if (($gz=gzopen($filename,'rb')) && ($tf=fopen($tmpf,'wb'))){
1045 while(!gzeof($gz)){
1046 if (fwrite($tf,gzread($gz,8192),8192)===FALSE){$err_msg='Error during gz file extraction to tmp file';break;}
1047 }//extract to tmp file
1048 gzclose($gz);fclose($tf);$filename=$tmpf;
1049 }else{$err_msg='Error opening gz file';}
1050 }
1051 if (!$err_msg){
1052 if (!do_multi_sql('', $filename)){
1053 $err_msg='Import Error: '.mysqli_error($dbh);
1054 }else{
1055 $out_message='Import done successfully';
1056 do_sql($SHOW_T);
1057 return;
1058 }}
1059
1060 }else{
1061 $err_msg="Error: Please select file first";
1062 }
1063 print_import();
1064 exit;
1065}
1066
1067// multiple SQL statements splitter
1068function do_multi_sql($insql,$fname=''){
1069 @set_time_limit(600);
1070
1071 $sql='';
1072 $ochar='';
1073 $is_cmt='';
1074 $GLOBALS['insql_done']=0;
1075 while ($str=get_next_chunk($insql,$fname)){
1076 $opos=-strlen($ochar);
1077 $cur_pos=0;
1078 $i=strlen($str);
1079 while ($i--){
1080 if ($ochar){
1081 list($clchar, $clpos)=get_close_char($str, $opos+strlen($ochar), $ochar);
1082 if ( $clchar ) {
1083 if ($ochar=='--' || $ochar=='#' || $is_cmt ){
1084 $sql.=substr($str, $cur_pos, $opos-$cur_pos );
1085 }else{
1086 $sql.=substr($str, $cur_pos, $clpos+strlen($clchar)-$cur_pos );
1087 }
1088 $cur_pos=$clpos+strlen($clchar);
1089 $ochar='';
1090 $opos=0;
1091 }else{
1092 $sql.=substr($str, $cur_pos);
1093 break;
1094 }
1095 }else{
1096 list($ochar, $opos)=get_open_char($str, $cur_pos);
1097 if ($ochar==';'){
1098 $sql.=substr($str, $cur_pos, $opos-$cur_pos+1);
1099 if (!do_one_sql($sql)) return 0;
1100 $sql='';
1101 $cur_pos=$opos+strlen($ochar);
1102 $ochar='';
1103 $opos=0;
1104 }elseif(!$ochar) {
1105 $sql.=substr($str, $cur_pos);
1106 break;
1107 }else{
1108 $is_cmt=0;if ($ochar=='/*' && substr($str, $opos, 3)!='/*!') $is_cmt=1;
1109 }
1110 }
1111 }
1112 }
1113
1114 if ($sql){
1115 if (!do_one_sql($sql)) return 0;
1116 $sql='';
1117 }
1118 return 1;
1119}
1120
1121//read from insql var or file
1122function get_next_chunk($insql, $fname){
1123 global $LFILE, $insql_done;
1124 if ($insql) {
1125 if ($insql_done){
1126 return '';
1127 }else{
1128 $insql_done=1;
1129 return $insql;
1130 }
1131 }
1132 if (!$fname) return '';
1133 if (!$LFILE){
1134 $LFILE=fopen($fname,"r+b") or die("Can't open [$fname] file $!");
1135 }
1136 return fread($LFILE, 64*1024);
1137}
1138
1139function get_open_char($str, $pos){
1140 if ( preg_match("/(\/\*|^--|(?<=\s)--|#|'|\"|;)/", $str, $m, PREG_OFFSET_CAPTURE, $pos) ) {
1141 $ochar=$m[1][0];
1142 $opos=$m[1][1];
1143 }
1144 return array($ochar, $opos);
1145}
1146
1147#RECURSIVE!
1148function get_close_char($str, $pos, $ochar){
1149 $aCLOSE=array(
1150 '\'' => '(?<!\\\\)\'|(\\\\+)\'',
1151 '"' => '(?<!\\\\)"',
1152 '/*' => '\*\/',
1153 '#' => '[\r\n]+',
1154 '--' => '[\r\n]+',
1155 );
1156 if ( $aCLOSE[$ochar] && preg_match("/(".$aCLOSE[$ochar].")/", $str, $m, PREG_OFFSET_CAPTURE, $pos ) ) {
1157 $clchar=$m[1][0];
1158 $clpos=$m[1][1];
1159 $sl=strlen($m[2][0]);
1160 if ($ochar=="'" && $sl){
1161 if ($sl % 2){ #don't count as CLOSE char if number of slashes before ' ODD
1162 list($clchar, $clpos)=get_close_char($str, $clpos+strlen($clchar), $ochar);
1163 }else{
1164 $clpos+=strlen($clchar)-1;$clchar="'";#correction
1165 }
1166 }
1167 }
1168 return array($clchar, $clpos);
1169}
1170
1171function do_one_sql($sql){
1172 global $last_sth,$last_sql,$MAX_ROWS_PER_PAGE,$page,$is_limited_sql,$last_count,$IS_COUNT;
1173 $sql=trim($sql);
1174 $sql=preg_replace("/;$/","",$sql);
1175 if ($sql){
1176 $last_sql=$sql;$is_limited_sql=0;
1177 $last_count=NULL;
1178 if (preg_match("/^select/i",$sql) && !preg_match("/limit +\d+/i", $sql)){
1179 if ($IS_COUNT){
1180 #get total count
1181 $sql1='select count(*) from ('.$sql.') ___count_table';
1182 $last_count=db_value($sql1,NULL,'noerr');
1183 }
1184 $offset=$page*$MAX_ROWS_PER_PAGE;
1185 $sql.=" LIMIT $offset,$MAX_ROWS_PER_PAGE";
1186 $is_limited_sql=1;
1187 }
1188 $last_sth=db_query($sql,0,'noerr');
1189 return $last_sth;
1190 }
1191 return 1;
1192}
1193
1194function do_sht(){
1195 global $SHOW_T;
1196 $cb=$_REQUEST['cb'];
1197 if (!is_array($cb)) $cb=array();
1198 $sql='';
1199 switch ($_REQUEST['dosht']){
1200 case 'exp':$_REQUEST['t']=join(",",$cb);print_export();exit;
1201 case 'drop':$sq='DROP TABLE';break;
1202 case 'trunc':$sq='TRUNCATE TABLE';break;
1203 case 'opt':$sq='OPTIMIZE TABLE';break;
1204 }
1205 if ($sq){
1206 foreach($cb as $v){
1207 $sql.=$sq." $v;\n";
1208 }
1209 }
1210 if ($sql) do_sql($sql);
1211 do_sql($SHOW_T);
1212}
1213
1214function to_csv_row($adata){
1215 global $D;
1216 $r='';
1217 foreach ($adata as $a){
1218 $r.=(($r)?",":"").qstr($a);
1219 }
1220 return $r.$D;
1221}
1222function qstr($s){
1223 $s=nl2br($s);
1224 $s=str_replace('"','""',$s);
1225 return '"'.$s.'"';
1226}
1227
1228function get_rand_str($len){
1229 $result='';
1230 $chars=preg_split('//','ABCDEFabcdef0123456789');
1231 for($i=0;$i<$len;$i++) $result.=$chars[rand(0,count($chars)-1)];
1232 return $result;
1233}
1234
1235function check_xss(){
1236 global $self;
1237 if ($_SESSION['XSS']!=trim($_REQUEST['XSS'])){
1238 unset($_SESSION['XSS']);
1239 header("location: $self");
1240 exit;
1241 }
1242}
1243
1244function rw($s){#for debug
1245 echo hs(var_dump($s))."<br>\n";
1246}
1247
1248function tmp_name() {
1249 if ( function_exists('sys_get_temp_dir')) return tempnam(sys_get_temp_dir(),'pma');
1250
1251 if( !($temp=getenv('TMP')) )
1252 if( !($temp=getenv('TEMP')) )
1253 if( !($temp=getenv('TMPDIR')) ) {
1254 $temp=tempnam(__FILE__,'');
1255 if (file_exists($temp)) {
1256 unlink($temp);
1257 $temp=dirname($temp);
1258 }
1259 }
1260 return $temp ? tempnam($temp,'pma') : null;
1261}
1262
1263function hs($s){
1264 return htmlspecialchars($s, ENT_COMPAT|ENT_HTML401,'UTF-8');
1265}
1266function eo($s){//echo+escape
1267 echo hs($s);
1268}
1269function ue($s){
1270 return urlencode($s);
1271}
1272
1273function b64e($s){
1274 return base64_encode($s);
1275}
1276function b64u($s){
1277 return ue(base64_encode($s));
1278}
1279function b64d($s){
1280 return base64_decode($s);
1281}
1282?>