%PDF- %PDF-
Direktori : /var/www/projetos/admin.iigd.com.br/libraries/classes/ |
Current File : /var/www/projetos/admin.iigd.com.br/libraries/classes/Import.php |
<?php declare(strict_types=1); namespace PhpMyAdmin; use PhpMyAdmin\SqlParser\Parser; use PhpMyAdmin\SqlParser\Statements\DeleteStatement; use PhpMyAdmin\SqlParser\Statements\InsertStatement; use PhpMyAdmin\SqlParser\Statements\ReplaceStatement; use PhpMyAdmin\SqlParser\Statements\UpdateStatement; use PhpMyAdmin\SqlParser\Utils\Query; use function __; use function abs; use function count; use function explode; use function function_exists; use function htmlspecialchars; use function implode; use function is_array; use function is_numeric; use function max; use function mb_chr; use function mb_ord; use function mb_stripos; use function mb_strlen; use function mb_strpos; use function mb_strtoupper; use function mb_substr; use function mb_substr_count; use function preg_match; use function preg_replace; use function sprintf; use function str_contains; use function str_starts_with; use function strcmp; use function strlen; use function strpos; use function substr; use function time; use function trim; /** * Library that provides common import functions that are used by import plugins */ class Import { /* MySQL type defs */ public const NONE = 0; public const VARCHAR = 1; public const INT = 2; public const DECIMAL = 3; public const BIGINT = 4; public const GEOMETRY = 5; /* Decimal size defs */ public const M = 0; public const D = 1; public const FULL = 2; /* Table array defs */ public const TBL_NAME = 0; public const COL_NAMES = 1; public const ROWS = 2; /* Analysis array defs */ public const TYPES = 0; public const SIZES = 1; public const FORMATTEDSQL = 2; public function __construct() { global $dbi; $GLOBALS['cfg']['Server']['DisableIS'] = false; $checkUserPrivileges = new CheckUserPrivileges($dbi); $checkUserPrivileges->getPrivileges(); } /** * Checks whether timeout is getting close */ public function checkTimeout(): bool { global $timestamp, $maximum_time, $timeout_passed; if ($maximum_time == 0) { return false; } if ($timeout_passed) { return true; /* 5 in next row might be too much */ } if (time() - $timestamp > $maximum_time - 5) { $timeout_passed = true; return true; } return false; } /** * Runs query inside import buffer. This is needed to allow displaying * of last SELECT, SHOW or HANDLER results and similar nice stuff. * * @param string $sql query to run * @param string $full query to display, this might be commented * @param array $sqlData SQL parse data storage */ public function executeQuery(string $sql, string $full, array &$sqlData): void { global $sql_query, $my_die, $error, $reload, $result, $msg, $cfg, $sql_query_disabled, $db, $dbi; $result = $dbi->tryQuery($sql); // USE query changes the database, son need to track // while running multiple queries $isUseQuery = mb_stripos($sql, 'use ') !== false; $msg = '# '; if ($result === false) { // execution failed if (! isset($my_die)) { $my_die = []; } $my_die[] = [ 'sql' => $full, 'error' => $dbi->getError(), ]; $msg .= __('Error'); if (! $cfg['IgnoreMultiSubmitErrors']) { $error = true; return; } } else { $aNumRows = (int) $result->numRows(); $aAffectedRows = (int) @$dbi->affectedRows(); if ($aNumRows > 0) { $msg .= __('Rows') . ': ' . $aNumRows; } elseif ($aAffectedRows > 0) { $message = Message::getMessageForAffectedRows($aAffectedRows); $msg .= $message->getMessage(); } else { $msg .= __('MySQL returned an empty result set (i.e. zero rows).'); } if (($aNumRows > 0) || $isUseQuery) { $sqlData['valid_sql'][] = $sql; if (! isset($sqlData['valid_queries'])) { $sqlData['valid_queries'] = 0; } $sqlData['valid_queries']++; } } if (! $sql_query_disabled) { $sql_query .= $msg . "\n"; } // If a 'USE <db>' SQL-clause was found and the query // succeeded, set our current $db to the new one if ($result != false) { [$db, $reload] = $this->lookForUse($sql, $db, $reload); } $pattern = '@^[\s]*(DROP|CREATE)[\s]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@im'; if ($result == false || ! preg_match($pattern, $sql)) { return; } $reload = true; } /** * Runs query inside import buffer. This is needed to allow displaying * of last SELECT, SHOW or HANDLER results and similar nice stuff. * * @param string $sql query to run * @param string $full query to display, this might be commented * @param array $sqlData SQL parse data storage */ public function runQuery( string $sql = '', string $full = '', array &$sqlData = [] ): void { global $import_run_buffer, $go_sql, $complete_query, $display_query, $sql_query, $msg, $skip_queries, $executed_queries, $max_sql_len, $read_multiply, $sql_query_disabled, $run_query; $read_multiply = 1; if (! isset($import_run_buffer)) { // Do we have something to push into buffer? $import_run_buffer = $this->runQueryPost($import_run_buffer, $sql, $full); return; } // Should we skip something? if ($skip_queries > 0) { $skip_queries--; // Do we have something to push into buffer? $import_run_buffer = $this->runQueryPost($import_run_buffer, $sql, $full); return; } if (! empty($import_run_buffer['sql']) && trim($import_run_buffer['sql']) != '') { $max_sql_len = max( $max_sql_len, mb_strlen($import_run_buffer['sql']) ); if (! $sql_query_disabled) { $sql_query .= $import_run_buffer['full']; } $executed_queries++; if ($run_query && $executed_queries < 50) { $go_sql = true; if (! $sql_query_disabled) { $complete_query = $sql_query; $display_query = $sql_query; } else { $complete_query = ''; $display_query = ''; } $sql_query = $import_run_buffer['sql']; $sqlData['valid_sql'][] = $import_run_buffer['sql']; $sqlData['valid_full'][] = $import_run_buffer['full']; if (! isset($sqlData['valid_queries'])) { $sqlData['valid_queries'] = 0; } $sqlData['valid_queries']++; } elseif ($run_query) { /* Handle rollback from go_sql */ if ($go_sql && isset($sqlData['valid_full'])) { $queries = $sqlData['valid_sql']; $fulls = $sqlData['valid_full']; $count = $sqlData['valid_queries']; $go_sql = false; $sqlData['valid_sql'] = []; $sqlData['valid_queries'] = 0; unset($sqlData['valid_full']); for ($i = 0; $i < $count; $i++) { $this->executeQuery($queries[$i], $fulls[$i], $sqlData); } } $this->executeQuery($import_run_buffer['sql'], $import_run_buffer['full'], $sqlData); } } elseif (! empty($import_run_buffer['full'])) { if ($go_sql) { $complete_query .= $import_run_buffer['full']; $display_query .= $import_run_buffer['full']; } elseif (! $sql_query_disabled) { $sql_query .= $import_run_buffer['full']; } } // check length of query unless we decided to pass it to /sql // (if $run_query is false, we are just displaying so show // the complete query in the textarea) if (! $go_sql && $run_query && ! empty($sql_query)) { if (mb_strlen($sql_query) > 50000 || $executed_queries > 50 || $max_sql_len > 1000) { $sql_query = ''; $sql_query_disabled = true; } } // Do we have something to push into buffer? $import_run_buffer = $this->runQueryPost($import_run_buffer, $sql, $full); // In case of ROLLBACK, notify the user. if (! isset($_POST['rollback_query'])) { return; } $msg .= __('[ROLLBACK occurred.]'); } /** * Return import run buffer * * @param array $importRunBuffer Buffer of queries for import * @param string $sql SQL query * @param string $full Query to display * * @return array Buffer of queries for import */ public function runQueryPost( ?array $importRunBuffer, string $sql, string $full ): ?array { if (! empty($sql) || ! empty($full)) { return [ 'sql' => $sql . ';', 'full' => $full . ';', ]; } unset($GLOBALS['import_run_buffer']); return $importRunBuffer; } /** * Looks for the presence of USE to possibly change current db * * @param string $buffer buffer to examine * @param string $db current db * @param bool $reload reload * * @return array (current or new db, whether to reload) */ public function lookForUse(?string $buffer, ?string $db, ?bool $reload): array { if (preg_match('@^[\s]*USE[[:space:]]+([\S]+)@i', (string) $buffer, $match)) { $db = trim($match[1]); $db = trim($db, ';'); // for example, USE abc; // $db must not contain the escape characters generated by backquote() // ( used in buildSql() as: backquote($db_name), and then called // in runQuery() which in turn calls lookForUse() ) $db = Util::unQuote($db); $reload = true; } return [ $db, $reload, ]; } /** * Returns next part of imported file/buffer * * @param int $size size of buffer to read (this is maximal size function will return) * * @return string|bool part of file/buffer */ public function getNextChunk(?File $importHandle = null, int $size = 32768) { global $charset_conversion, $charset_of_file, $read_multiply; // Add some progression while reading large amount of data if ($read_multiply <= 8) { $size *= $read_multiply; } else { $size *= 8; } $read_multiply++; // We can not read too much if ($size > $GLOBALS['read_limit']) { $size = $GLOBALS['read_limit']; } if ($this->checkTimeout()) { return false; } if ($GLOBALS['finished']) { return true; } if ($GLOBALS['import_file'] === 'none') { // Well this is not yet supported and tested, // but should return content of textarea if (mb_strlen($GLOBALS['import_text']) < $size) { $GLOBALS['finished'] = true; return $GLOBALS['import_text']; } $r = mb_substr($GLOBALS['import_text'], 0, $size); $GLOBALS['offset'] += $size; $GLOBALS['import_text'] = mb_substr($GLOBALS['import_text'], $size); return $r; } if ($importHandle === null) { return false; } $result = $importHandle->read($size); $GLOBALS['finished'] = $importHandle->eof(); $GLOBALS['offset'] += $size; if ($charset_conversion) { return Encoding::convertString($charset_of_file, 'utf-8', $result); } /** * Skip possible byte order marks (I do not think we need more * charsets, but feel free to add more, you can use wikipedia for * reference: <https://en.wikipedia.org/wiki/Byte_Order_Mark>) * * @todo BOM could be used for charset autodetection */ if ($GLOBALS['offset'] == $size) { $result = $this->skipByteOrderMarksFromContents($result); } return $result; } /** * Skip possible byte order marks (I do not think we need more * charsets, but feel free to add more, you can use wikipedia for * reference: <https://en.wikipedia.org/wiki/Byte_Order_Mark>) * * @param string $contents The contents to strip BOM * * @todo BOM could be used for charset autodetection */ public function skipByteOrderMarksFromContents(string $contents): string { // Do not use mb_ functions they are sensible to mb_internal_encoding() // UTF-8 if (str_starts_with($contents, "\xEF\xBB\xBF")) { return substr($contents, 3); // UTF-16 BE, LE } if (str_starts_with($contents, "\xFE\xFF") || str_starts_with($contents, "\xFF\xFE")) { return substr($contents, 2); } return $contents; } /** * Returns the "Excel" column name (i.e. 1 = "A", 26 = "Z", 27 = "AA", etc.) * * This functions uses recursion to build the Excel column name. * * The column number (1-26) is converted to the responding * ASCII character (A-Z) and returned. * * If the column number is bigger than 26 (= num of letters in alphabet), * an extra character needs to be added. To find this extra character, * the number is divided by 26 and this value is passed to another instance * of the same function (hence recursion). In that new instance the number is * evaluated again, and if it is still bigger than 26, it is divided again * and passed to another instance of the same function. This continues until * the number is smaller than 26. Then the last called function returns * the corresponding ASCII character to the function that called it. * Each time a called function ends an extra character is added to the column name. * When the first function is reached, the last character is added and the complete * column name is returned. * * @param int $num the column number * * @return string The column's "Excel" name */ public function getColumnAlphaName(int $num): string { $capitalA = 65; // ASCII value for capital "A" $colName = ''; if ($num > 26) { $div = (int) ($num / 26); $remain = $num % 26; // subtract 1 of divided value in case the modulus is 0, // this is necessary because A-Z has no 'zero' if ($remain == 0) { $div--; } // recursive function call $colName = $this->getColumnAlphaName($div); // use modulus as new column number $num = $remain; } if ($num == 0) { // use 'Z' if column number is 0, // this is necessary because A-Z has no 'zero' $colName .= mb_chr($capitalA + 26 - 1); } else { // convert column number to ASCII character $colName .= mb_chr($capitalA + $num - 1); } return $colName; } /** * Returns the column number based on the Excel name. * So "A" = 1, "Z" = 26, "AA" = 27, etc. * * Basically this is a base26 (A-Z) to base10 (0-9) conversion. * It iterates through all characters in the column name and * calculates the corresponding value, based on character value * (A = 1, ..., Z = 26) and position in the string. * * @param string $name column name(i.e. "A", or "BC", etc.) * * @return int The column number */ public function getColumnNumberFromName(string $name): int { if (empty($name)) { return 0; } $name = mb_strtoupper($name); $numChars = mb_strlen($name); $columnNumber = 0; for ($i = 0; $i < $numChars; ++$i) { // read string from back to front $charPos = $numChars - 1 - $i; // convert capital character to ASCII value // and subtract 64 to get corresponding decimal value // ASCII value of "A" is 65, "B" is 66, etc. // Decimal equivalent of "A" is 1, "B" is 2, etc. $number = (int) (mb_ord($name[$charPos]) - 64); // base26 to base10 conversion : multiply each number // with corresponding value of the position, in this case // $i=0 : 1; $i=1 : 26; $i=2 : 676; ... $columnNumber += $number * 26 ** $i; } return (int) $columnNumber; } /** * Obtains the precision (total # of digits) from a size of type decimal * * @param string $lastCumulativeSize Size of type decimal * * @return int Precision of the given decimal size notation */ public function getDecimalPrecision(string $lastCumulativeSize): int { return (int) substr( $lastCumulativeSize, 0, (int) strpos($lastCumulativeSize, ',') ); } /** * Obtains the scale (# of digits to the right of the decimal point) * from a size of type decimal * * @param string $lastCumulativeSize Size of type decimal * * @return int Scale of the given decimal size notation */ public function getDecimalScale(string $lastCumulativeSize): int { return (int) substr( $lastCumulativeSize, strpos($lastCumulativeSize, ',') + 1, strlen($lastCumulativeSize) - strpos($lastCumulativeSize, ',') ); } /** * Obtains the decimal size of a given cell * * @param string $cell cell content * * @return array Contains the precision, scale, and full size * representation of the given decimal cell */ public function getDecimalSize(string $cell): array { $currSize = mb_strlen($cell); $decPos = mb_strpos($cell, '.'); $decPrecision = $currSize - 1 - $decPos; $m = $currSize - 1; $d = $decPrecision; return [ $m, $d, $m . ',' . $d, ]; } /** * Obtains the size of the given cell * * @param string|int $lastCumulativeSize Last cumulative column size * @param int|null $lastCumulativeType Last cumulative column type (NONE or VARCHAR or DECIMAL or INT or BIGINT) * @param int $currentCellType Type of the current cell (NONE or VARCHAR or DECIMAL or INT or BIGINT) * @param string $cell The current cell * * @return string|int Size of the given cell in the type-appropriate format * * @todo Handle the error cases more elegantly */ public function detectSize( $lastCumulativeSize, ?int $lastCumulativeType, int $currentCellType, string $cell ) { $currSize = mb_strlen($cell); /** * If the cell is NULL, don't treat it as a varchar */ if (! strcmp('NULL', $cell)) { return $lastCumulativeSize; } if ($currentCellType == self::VARCHAR) { /** * What to do if the current cell is of type VARCHAR */ /** * The last cumulative type was VARCHAR */ if ($lastCumulativeType == self::VARCHAR) { if ($currSize >= $lastCumulativeSize) { return $currSize; } return $lastCumulativeSize; } if ($lastCumulativeType == self::DECIMAL) { /** * The last cumulative type was DECIMAL */ $oldM = $this->getDecimalPrecision($lastCumulativeSize); if ($currSize >= $oldM) { return $currSize; } return $oldM; } if ($lastCumulativeType == self::BIGINT || $lastCumulativeType == self::INT) { /** * The last cumulative type was BIGINT or INT */ if ($currSize >= $lastCumulativeSize) { return $currSize; } return $lastCumulativeSize; } if (! isset($lastCumulativeType) || $lastCumulativeType == self::NONE) { /** * This is the first row to be analyzed */ return $currSize; } /** * An error has DEFINITELY occurred */ /** * TODO: Handle this MUCH more elegantly */ return -1; } if ($currentCellType == self::DECIMAL) { /** * What to do if the current cell is of type DECIMAL */ /** * The last cumulative type was VARCHAR */ if ($lastCumulativeType == self::VARCHAR) { /* Convert $last_cumulative_size from varchar to decimal format */ $size = $this->getDecimalSize($cell); if ($size[self::M] >= $lastCumulativeSize) { return $size[self::M]; } return $lastCumulativeSize; } if ($lastCumulativeType == self::DECIMAL) { /** * The last cumulative type was DECIMAL */ $size = $this->getDecimalSize($cell); $oldM = $this->getDecimalPrecision($lastCumulativeSize); $oldD = $this->getDecimalScale($lastCumulativeSize); /* New val if M or D is greater than current largest */ if ($size[self::M] > $oldM || $size[self::D] > $oldD) { /* Take the largest of both types */ return (string) (($size[self::M] > $oldM ? $size[self::M] : $oldM) . ',' . ($size[self::D] > $oldD ? $size[self::D] : $oldD)); } return $lastCumulativeSize; } if ($lastCumulativeType == self::BIGINT || $lastCumulativeType == self::INT) { /** * The last cumulative type was BIGINT or INT */ /* Convert $last_cumulative_size from int to decimal format */ $size = $this->getDecimalSize($cell); if ($size[self::M] >= $lastCumulativeSize) { return $size[self::FULL]; } return $lastCumulativeSize . ',' . $size[self::D]; } if (! isset($lastCumulativeType) || $lastCumulativeType == self::NONE) { /** * This is the first row to be analyzed */ /* First row of the column */ $size = $this->getDecimalSize($cell); return $size[self::FULL]; } /** * An error has DEFINITELY occurred */ /** * TODO: Handle this MUCH more elegantly */ return -1; } if ($currentCellType == self::BIGINT || $currentCellType == self::INT) { /** * What to do if the current cell is of type BIGINT or INT */ /** * The last cumulative type was VARCHAR */ if ($lastCumulativeType == self::VARCHAR) { if ($currSize >= $lastCumulativeSize) { return $currSize; } return $lastCumulativeSize; } if ($lastCumulativeType == self::DECIMAL) { /** * The last cumulative type was DECIMAL */ $oldM = $this->getDecimalPrecision($lastCumulativeSize); $oldD = $this->getDecimalScale($lastCumulativeSize); $oldInt = $oldM - $oldD; $newInt = mb_strlen((string) $cell); /* See which has the larger integer length */ if ($oldInt >= $newInt) { /* Use old decimal size */ return $lastCumulativeSize; } /* Use $newInt + $oldD as new M */ return ($newInt + $oldD) . ',' . $oldD; } if ($lastCumulativeType == self::BIGINT || $lastCumulativeType == self::INT) { /** * The last cumulative type was BIGINT or INT */ if ($currSize >= $lastCumulativeSize) { return $currSize; } return $lastCumulativeSize; } if (! isset($lastCumulativeType) || $lastCumulativeType == self::NONE) { /** * This is the first row to be analyzed */ return $currSize; } /** * An error has DEFINITELY occurred */ /** * TODO: Handle this MUCH more elegantly */ return -1; } /** * An error has DEFINITELY occurred */ /** * TODO: Handle this MUCH more elegantly */ return -1; } /** * Determines what MySQL type a cell is * * @param int $lastCumulativeType Last cumulative column type * (VARCHAR or INT or BIGINT or DECIMAL or NONE) * @param string|null $cell String representation of the cell for which * a best-fit type is to be determined * * @return int The MySQL type representation * (VARCHAR or INT or BIGINT or DECIMAL or NONE) */ public function detectType(?int $lastCumulativeType, ?string $cell): int { /** * If numeric, determine if decimal, int or bigint * Else, we call it varchar for simplicity */ if (! strcmp('NULL', (string) $cell)) { if ($lastCumulativeType === null || $lastCumulativeType == self::NONE) { return self::NONE; } return $lastCumulativeType; } if (! is_numeric($cell)) { return self::VARCHAR; } if ( $cell == (string) (float) $cell && str_contains((string) $cell, '.') && mb_substr_count((string) $cell, '.') === 1 ) { return self::DECIMAL; } if (abs((int) $cell) > 2147483647) { return self::BIGINT; } if ($cell !== (string) (int) $cell) { return self::VARCHAR; } return self::INT; } /** * Determines if the column types are int, decimal, or string * * @link https://wiki.phpmyadmin.net/pma/Import * * @param array $table array(string $table_name, array $col_names, array $rows) * * @return array|bool array(array $types, array $sizes) * * @todo Handle the error case more elegantly */ public function analyzeTable(array &$table) { /* Get number of rows in table */ $numRows = count($table[self::ROWS]); /* Get number of columns */ $numCols = count($table[self::COL_NAMES]); /* Current type for each column */ $types = []; $sizes = []; /* Initialize $sizes to all 0's */ for ($i = 0; $i < $numCols; ++$i) { $sizes[$i] = 0; } /* Initialize $types to NONE */ for ($i = 0; $i < $numCols; ++$i) { $types[$i] = self::NONE; } /* If the passed array is not of the correct form, do not process it */ if ( is_array($table[self::TBL_NAME]) || ! is_array($table[self::COL_NAMES]) || ! is_array($table[self::ROWS]) ) { /** * TODO: Handle this better */ return false; } /* Analyze each column */ for ($i = 0; $i < $numCols; ++$i) { /* Analyze the column in each row */ for ($j = 0; $j < $numRows; ++$j) { $cellValue = $table[self::ROWS][$j][$i]; /* Determine type of the current cell */ $currType = $this->detectType($types[$i], $cellValue === null ? null : (string) $cellValue); /* Determine size of the current cell */ $sizes[$i] = $this->detectSize($sizes[$i], $types[$i], $currType, (string) $cellValue); /** * If a type for this column has already been declared, * only alter it if it was a number and a varchar was found */ if ($currType == self::NONE) { continue; } if ($currType == self::VARCHAR) { $types[$i] = self::VARCHAR; } elseif ($currType == self::DECIMAL) { if ($types[$i] != self::VARCHAR) { $types[$i] = self::DECIMAL; } } elseif ($currType == self::BIGINT) { if ($types[$i] != self::VARCHAR && $types[$i] != self::DECIMAL) { $types[$i] = self::BIGINT; } } elseif ($currType == self::INT) { if ($types[$i] != self::VARCHAR && $types[$i] != self::DECIMAL && $types[$i] != self::BIGINT) { $types[$i] = self::INT; } } } } /* Check to ensure that all types are valid */ $len = count($types); for ($n = 0; $n < $len; ++$n) { if (strcmp((string) self::NONE, (string) $types[$n])) { continue; } $types[$n] = self::VARCHAR; $sizes[$n] = '10'; } return [ $types, $sizes, ]; } /** * Builds and executes SQL statements to create the database and tables * as necessary, as well as insert all the data. * * @link https://wiki.phpmyadmin.net/pma/Import * * @param string $dbName Name of the database * @param array $tables Array of tables for the specified database * @param array|null $analyses Analyses of the tables * @param array|null $additionalSql Additional SQL statements to be executed * @param array|null $options Associative array of options * @param array $sqlData 2-element array with sql data */ public function buildSql( string $dbName, array &$tables, ?array &$analyses = null, ?array &$additionalSql = null, ?array $options = null, array &$sqlData = [] ): void { global $import_notice, $dbi; /* Needed to quell the beast that is Message */ $import_notice = null; /* Take care of the options */ $collation = $options['db_collation'] ?? 'utf8_general_ci'; $charset = $options['db_charset'] ?? 'utf8'; $createDb = $options['create_db'] ?? true; /** * Create SQL code to handle the database * * @var array<int,string> $sql */ $sql = []; if ($createDb) { $sql[] = 'CREATE DATABASE IF NOT EXISTS ' . Util::backquote($dbName) . ' DEFAULT CHARACTER SET ' . $charset . ' COLLATE ' . $collation . ';'; } /** * The calling plug-in should include this statement, * if necessary, in the $additional_sql parameter * * $sql[] = "USE " . backquote($db_name); */ /* Execute the SQL statements create above */ $sqlLength = count($sql); for ($i = 0; $i < $sqlLength; ++$i) { $this->runQuery($sql[$i], $sql[$i], $sqlData); } /* No longer needed */ unset($sql); /* Run the $additional_sql statements supplied by the caller plug-in */ if ($additionalSql != null) { /* Clean the SQL first */ $additionalSqlLength = count($additionalSql); /** * Only match tables for now, because CREATE IF NOT EXISTS * syntax is lacking or nonexisting for views, triggers, * functions, and procedures. * * See: https://bugs.mysql.com/bug.php?id=15287 * * To the best of my knowledge this is still an issue. * * $pattern = 'CREATE (TABLE|VIEW|TRIGGER|FUNCTION|PROCEDURE)'; */ $pattern = '/CREATE [^`]*(TABLE)/'; $replacement = 'CREATE \\1 IF NOT EXISTS'; /* Change CREATE statements to CREATE IF NOT EXISTS to support * inserting into existing structures */ for ($i = 0; $i < $additionalSqlLength; ++$i) { $additionalSql[$i] = preg_replace($pattern, $replacement, $additionalSql[$i]); /* Execute the resulting statements */ $this->runQuery($additionalSql[$i], $additionalSql[$i], $sqlData); } } if ($analyses != null) { $typeArray = [ self::NONE => 'NULL', self::VARCHAR => 'varchar', self::INT => 'int', self::DECIMAL => 'decimal', self::BIGINT => 'bigint', self::GEOMETRY => 'geometry', ]; /* TODO: Do more checking here to make sure they really are matched */ if (count($tables) != count($analyses)) { exit; } /* Create SQL code to create the tables */ $numTables = count($tables); for ($i = 0; $i < $numTables; ++$i) { $numCols = count($tables[$i][self::COL_NAMES]); $tempSQLStr = 'CREATE TABLE IF NOT EXISTS ' . Util::backquote($dbName) . '.' . Util::backquote($tables[$i][self::TBL_NAME]) . ' ('; for ($j = 0; $j < $numCols; ++$j) { $size = $analyses[$i][self::SIZES][$j]; if ((int) $size == 0) { $size = 10; } $tempSQLStr .= Util::backquote($tables[$i][self::COL_NAMES][$j]) . ' ' . $typeArray[$analyses[$i][self::TYPES][$j]]; if ($analyses[$i][self::TYPES][$j] != self::GEOMETRY) { $tempSQLStr .= '(' . $size . ')'; } if ($j == count($tables[$i][self::COL_NAMES]) - 1) { continue; } $tempSQLStr .= ', '; } $tempSQLStr .= ') DEFAULT CHARACTER SET ' . $charset . ' COLLATE ' . $collation . ';'; /** * Each SQL statement is executed immediately * after it is formed so that we don't have * to store them in a (possibly large) buffer */ $this->runQuery($tempSQLStr, $tempSQLStr, $sqlData); } } /** * Create the SQL statements to insert all the data * * Only one insert query is formed for each table */ $tempSQLStr = ''; $colCount = 0; $numTables = count($tables); for ($i = 0; $i < $numTables; ++$i) { $numCols = count($tables[$i][self::COL_NAMES]); $numRows = count($tables[$i][self::ROWS]); $tempSQLStr = 'INSERT INTO ' . Util::backquote($dbName) . '.' . Util::backquote($tables[$i][self::TBL_NAME]) . ' ('; for ($m = 0; $m < $numCols; ++$m) { $tempSQLStr .= Util::backquote($tables[$i][self::COL_NAMES][$m]); if ($m == $numCols - 1) { continue; } $tempSQLStr .= ', '; } $tempSQLStr .= ') VALUES '; for ($j = 0; $j < $numRows; ++$j) { $tempSQLStr .= '('; for ($k = 0; $k < $numCols; ++$k) { // If fully formatted SQL, no need to enclose // with apostrophes, add slashes etc. if ( $analyses != null && isset($analyses[$i][self::FORMATTEDSQL][$colCount]) && $analyses[$i][self::FORMATTEDSQL][$colCount] == true ) { $tempSQLStr .= (string) $tables[$i][self::ROWS][$j][$k]; } else { if ($analyses != null) { $isVarchar = ($analyses[$i][self::TYPES][$colCount] === self::VARCHAR); } else { $isVarchar = ! is_numeric($tables[$i][self::ROWS][$j][$k]); } /* Don't put quotes around NULL fields */ if (! strcmp((string) $tables[$i][self::ROWS][$j][$k], 'NULL')) { $isVarchar = false; } $tempSQLStr .= $isVarchar ? "'" : ''; $tempSQLStr .= $dbi->escapeString((string) $tables[$i][self::ROWS][$j][$k]); $tempSQLStr .= $isVarchar ? "'" : ''; } if ($k != $numCols - 1) { $tempSQLStr .= ', '; } if ($colCount == $numCols - 1) { $colCount = 0; } else { $colCount++; } /* Delete the cell after we are done with it */ unset($tables[$i][self::ROWS][$j][$k]); } $tempSQLStr .= ')'; if ($j != $numRows - 1) { $tempSQLStr .= ",\n "; } $colCount = 0; /* Delete the row after we are done with it */ unset($tables[$i][self::ROWS][$j]); } $tempSQLStr .= ';'; /** * Each SQL statement is executed immediately * after it is formed so that we don't have * to store them in a (possibly large) buffer */ $this->runQuery($tempSQLStr, $tempSQLStr, $sqlData); } /* No longer needed */ unset($tempSQLStr); /** * A work in progress */ /** * Add the viewable structures from $additional_sql * to $tables so they are also displayed */ $viewPattern = '@VIEW `[^`]+`\.`([^`]+)@'; $tablePattern = '@CREATE TABLE IF NOT EXISTS `([^`]+)`@'; /* Check a third pattern to make sure its not a "USE `db_name`;" statement */ $regs = []; $inTables = false; $additionalSqlLength = $additionalSql === null ? 0 : count($additionalSql); for ($i = 0; $i < $additionalSqlLength; ++$i) { preg_match($viewPattern, $additionalSql[$i], $regs); if (count($regs) === 0) { preg_match($tablePattern, $additionalSql[$i], $regs); } if (count($regs)) { for ($n = 0; $n < $numTables; ++$n) { if (! strcmp($regs[1], $tables[$n][self::TBL_NAME])) { $inTables = true; break; } } if (! $inTables) { $tables[] = [self::TBL_NAME => $regs[1]]; } } /* Reset the array */ $regs = []; $inTables = false; } $params = ['db' => $dbName]; $dbUrl = Url::getFromRoute('/database/structure', $params); $dbOperationsUrl = Url::getFromRoute('/database/operations', $params); $message = '<br><br>'; $message .= '<strong>' . __( 'The following structures have either been created or altered. Here you can:' ) . '</strong><br>'; $message .= '<ul><li>' . __("View a structure's contents by clicking on its name.") . '</li>'; $message .= '<li>' . __('Change any of its settings by clicking the corresponding "Options" link.') . '</li>'; $message .= '<li>' . __('Edit structure by following the "Structure" link.') . '</li>'; $message .= sprintf( '<br><li><a href="%s" title="%s">%s</a> (<a href="%s" title="%s">' . __('Options') . '</a>)</li>', $dbUrl, sprintf( __('Go to database: %s'), htmlspecialchars(Util::backquote($dbName)) ), htmlspecialchars($dbName), $dbOperationsUrl, sprintf( __('Edit settings for %s'), htmlspecialchars(Util::backquote($dbName)) ) ); $message .= '<ul>'; unset($params); foreach ($tables as $table) { $params = [ 'db' => $dbName, 'table' => (string) $table[self::TBL_NAME], ]; $tblUrl = Url::getFromRoute('/sql', $params); $tblStructUrl = Url::getFromRoute('/table/structure', $params); $tblOpsUrl = Url::getFromRoute('/table/operations', $params); unset($params); $tableObj = new Table($table[self::TBL_NAME], $dbName); if (! $tableObj->isView()) { $message .= sprintf( '<li><a href="%s" title="%s">%s</a> (<a href="%s" title="%s">' . __( 'Structure' ) . '</a>) (<a href="%s" title="%s">' . __('Options') . '</a>)</li>', $tblUrl, sprintf( __('Go to table: %s'), htmlspecialchars( Util::backquote($table[self::TBL_NAME]) ) ), htmlspecialchars($table[self::TBL_NAME]), $tblStructUrl, sprintf( __('Structure of %s'), htmlspecialchars( Util::backquote($table[self::TBL_NAME]) ) ), $tblOpsUrl, sprintf( __('Edit settings for %s'), htmlspecialchars( Util::backquote($table[self::TBL_NAME]) ) ) ); } else { $message .= sprintf( '<li><a href="%s" title="%s">%s</a></li>', $tblUrl, sprintf( __('Go to view: %s'), htmlspecialchars( Util::backquote($table[self::TBL_NAME]) ) ), htmlspecialchars($table[self::TBL_NAME]) ); } } $message .= '</ul></ul>'; $import_notice = $message; } /** * Handles request for ROLLBACK. * * @param string $sqlQuery SQL query(s) */ public function handleRollbackRequest(string $sqlQuery): void { global $dbi; $sqlDelimiter = $_POST['sql_delimiter']; $queries = explode($sqlDelimiter, $sqlQuery); $error = false; $errorMsg = __( 'Only INSERT, UPDATE, DELETE and REPLACE ' . 'SQL queries containing transactional engine tables can be rolled back.' ); foreach ($queries as $sqlQuery) { if (empty($sqlQuery)) { continue; } // Check each query for ROLLBACK support. if ($this->checkIfRollbackPossible($sqlQuery)) { continue; } $globalError = $dbi->getError(); if ($globalError) { $error = $globalError; } else { $error = $errorMsg; } break; } if ($error) { unset($_POST['rollback_query']); $response = ResponseRenderer::getInstance(); $message = Message::rawError($error); $response->addJSON('message', $message); exit; } // If everything fine, START a transaction. $dbi->query('START TRANSACTION'); } /** * Checks if ROLLBACK is possible for a SQL query or not. * * @param string $sqlQuery SQL query */ public function checkIfRollbackPossible(string $sqlQuery): bool { $parser = new Parser($sqlQuery); if (empty($parser->statements[0])) { return true; } $statement = $parser->statements[0]; // Check if query is supported. if ( ! (($statement instanceof InsertStatement) || ($statement instanceof UpdateStatement) || ($statement instanceof DeleteStatement) || ($statement instanceof ReplaceStatement)) ) { return false; } // Get table_references from the query. $tables = Query::getTables($statement); // Check if each table is 'InnoDB'. foreach ($tables as $table) { if (! $this->isTableTransactional($table)) { return false; } } return true; } /** * Checks if a table is 'InnoDB' or not. * * @param string $table Table details */ public function isTableTransactional(string $table): bool { global $dbi; $table = explode('.', $table); if (count($table) === 2) { $db = Util::unQuote($table[0]); $table = Util::unQuote($table[1]); } else { $db = $GLOBALS['db']; $table = Util::unQuote($table[0]); } // Query to check if table exists. $checkTableQuery = 'SELECT * FROM ' . Util::backquote($db) . '.' . Util::backquote($table) . ' ' . 'LIMIT 1'; $result = $dbi->tryQuery($checkTableQuery); if (! $result) { return false; } // List of Transactional Engines. $transactionalEngines = [ 'INNODB', 'FALCON', 'NDB', 'INFINIDB', 'TOKUDB', 'XTRADB', 'SEQUENCE', 'BDB', ]; // Query to check if table is 'Transactional'. $checkQuery = 'SELECT `ENGINE` FROM `information_schema`.`tables` ' . 'WHERE `table_name` = "' . $dbi->escapeString($table) . '" ' . 'AND `table_schema` = "' . $dbi->escapeString($db) . '" ' . 'AND UPPER(`engine`) IN ("' . implode('", "', $transactionalEngines) . '")'; $result = $dbi->tryQuery($checkQuery); return $result && $result->numRows() == 1; } /** @return string[] */ public static function getCompressions(): array { global $cfg; $compressions = []; if ($cfg['GZipDump'] && function_exists('gzopen')) { $compressions[] = 'gzip'; } if ($cfg['BZipDump'] && function_exists('bzopen')) { $compressions[] = 'bzip2'; } if ($cfg['ZipDump'] && function_exists('zip_open')) { $compressions[] = 'zip'; } return $compressions; } /** * @param array $importList List of plugin instances. * * @return false|string */ public static function getLocalFiles(array $importList) { $fileListing = new FileListing(); $extensions = ''; foreach ($importList as $importPlugin) { if (! empty($extensions)) { $extensions .= '|'; } $extensions .= $importPlugin->getProperties()->getExtension(); } $matcher = '@\.(' . $extensions . ')(\.(' . $fileListing->supportedDecompressions() . '))?$@'; $active = isset($GLOBALS['timeout_passed'], $GLOBALS['local_import_file']) && $GLOBALS['timeout_passed'] ? $GLOBALS['local_import_file'] : ''; return $fileListing->getFileSelectOptions( Util::userDir((string) ($GLOBALS['cfg']['UploadDir'] ?? '')), $matcher, $active ); } }