ensure the query can be run if (!$cfg['AllowUserDropDatabase'] && preg_match('@DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE @i', $sql_query)) { // Checks if the user is a Superuser // TODO: set a global variable with this information // loic1: optimized query $result = @PMA_mysql_query('USE mysql'); if (PMA_mysql_error()) { require_once('./header.inc.php'); PMA_mysqlDie($strNoDropDatabases, '', '', $err_url); } } define('PMA_CHK_DROP', 1); /** * Store a query as a bookmark before executing it? */ if (isset($SQLbookmark) && $sql_query != '') { require_once('./libraries/bookmark.lib.php'); $bfields = array( 'dbase' => $db, 'user' => $cfg['Bookmark']['user'], 'query' => urlencode($sql_query), 'label' => $bkm_label ); PMA_addBookmarks($bfields, $cfg['Bookmark'], (isset($bkm_all_users) && $bkm_all_users == 'true' ? true : false)); } /** * Executes the query */ if ($sql_query != '') { $pieces = array(); PMA_splitSqlFile($pieces, $sql_query, PMA_MYSQL_INT_VERSION); $pieces_count = count($pieces); if ($pieces_count > 1) { $is_multiple = TRUE; } // Copy of the cleaned sql statement for display purpose only (see near the // beginning of "db_details.php" & "tbl_properties.php") // You can either // * specify the amount of maximum pieces per query (having max_*_length set to 0!) or // * specify the amount of maximum chars per query (having max_*_pieces set to 0!) // - max_nofile_* is used for any queries submitted via copy&paste in the textarea // - max_file_* is used for any file-submitted query if (!$cfg['VerboseMultiSubmit']) { // Here be the values if the Verbose-Mode (see config.inc.php) is NOT activated $max_nofile_length = 500; $max_nofile_pieces = 0; // Nijel: Here must be some limit, as extended inserts can be really // huge and parsing them eats megabytes of memory $max_file_length = 10000; $max_file_pieces = 10; } else { // Values for verbose-mode $max_nofile_length = 0; $max_nofile_pieces = 50; // Nijel: Here must be some limit, as extended inserts can be really // huge and parsing them eats megabytes of memory $max_file_length = 50000; $max_file_pieces = 50; } if ($sql_file != 'none' && (($max_file_pieces != 0 && ($pieces_count > $max_file_pieces)) || ($max_file_length != 0 && (strlen($sql_query) > $max_file_length)))) { // Be nice with bandwidth... $sql_query_cpy = $sql_query = ''; $save_bandwidth = TRUE; $save_bandwidth_length = $max_file_length; $save_bandwidth_pieces = $max_file_pieces; } else { $sql_query_cpy = implode(";\n", $pieces) . ';'; // Be nice with bandwidth... for now, an arbitrary limit of 500, // could be made configurable but probably not necessary if (($max_nofile_length != 0 && (strlen($sql_query_cpy) > $max_nofile_length)) || ($max_nofile_pieces != 0 && $pieces_count > $max_nofile_pieces)) { $sql_query_cpy = $sql_query = ''; $save_bandwidth = TRUE; $save_bandwidth_length = $max_nofile_length; $save_bandwidth_pieces = $max_nofile_pieces; } } // really run the query? if ($view_bookmark == 0) { // Only one query to run if ($pieces_count == 1 && !empty($pieces[0])) { $sql_query = $pieces[0]; if (preg_match('@^(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@i', $sql_query)) { $reload = 1; } require('./sql.php'); } // Runs multiple queries else if (PMA_mysql_select_db($db)) { $mult = TRUE; $info_msg = ''; $info_count = 0; for ($i = 0; $i < $pieces_count; $i++) { $a_sql_query = $pieces[$i]; if ($i == $pieces_count - 1 && preg_match('@^(SELECT|SHOW)@i', $a_sql_query)) { $complete_query = $sql_query; $display_query = $sql_query; $sql_query = $a_sql_query; require('./sql.php'); } $result = PMA_mysql_query($a_sql_query); if ($result == FALSE) { // readdump failed if (isset($my_die) && $cfg['IgnoreMultiSubmitErrors']) { $my_die[] = "\n\n" . $a_sql_query; } elseif ($cfg['IgnoreMultiSubmitErrors']) { $my_die = array(); $my_die[] = $a_sql_query; } else { $my_die = $a_sql_query; } if ($cfg['VerboseMultiSubmit']) { $info_msg .= $a_sql_query . '; # ' . $strError . "\n"; $info_count++; } if (!$cfg['IgnoreMultiSubmitErrors']) { break; } } else if ($cfg['VerboseMultiSubmit']) { $a_num_rows = (int)@mysql_num_rows($result); $a_aff_rows = (int)@mysql_affected_rows(); if ($a_num_rows > 0) { $a_rows = $a_num_rows; $a_switch = $strRows . ': '; } elseif ($a_aff_rows > 0) { $a_rows = $a_aff_rows; $a_switch = $strAffectedRows;; } else { $a_rows = ''; $a_switch = $strEmptyResultSet; } $info_msg .= $a_sql_query . "; # " . $a_switch . $a_rows . "\n"; $info_count++; } if (!isset($reload) && preg_match('@^(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)@i', $a_sql_query)) { $reload = 1; } } // end for if ($cfg['VerboseMultiSubmit'] && strlen($info_msg) > 0 && ((!isset($save_bandwidth) || $save_bandwidth == FALSE) || ($save_bandwidth_pieces == 0 && strlen($info_msg) < $save_bandwidth_length) || ($save_bandwidth_length == 0 && $info_count < $save_bandwidth_pieces))) { $sql_query = $info_msg; } } // end else if } // end if (really run the query) unset($pieces); } // end if /** * MySQL error */ if (isset($my_die)) { $js_to_run = 'functions.js'; require_once('./header.inc.php'); if (is_array($my_die)) { foreach($my_die AS $key => $die_string) { PMA_mysqlDie('', $die_string, '', $err_url, FALSE); echo '