Hackfut Security File Manager
Current Path:
/mnt/ceph/services/websiteos/phpmyadmin/phpMyAdmin-5.0.4-all-languages
mnt
/
ceph
/
services
/
websiteos
/
phpmyadmin
/
phpMyAdmin-5.0.4-all-languages
/
📁
..
📄
CONTRIBUTING.md
(2.53 KB)
📄
ChangeLog
(32.24 KB)
📄
LICENSE
(17.67 KB)
📄
README
(1.48 KB)
📄
RELEASE-DATE-5.0.4
(29 B)
📄
ajax.php
(1.96 KB)
📄
browse_foreigners.php
(1.77 KB)
📄
changelog.php
(3.04 KB)
📄
chk_rel.php
(1.16 KB)
📄
composer.json
(3.47 KB)
📄
composer.lock
(170.01 KB)
📄
config.inc.php
(317 B)
📁
config_template
📄
db_central_columns.php
(4.5 KB)
📄
db_datadict.php
(730 B)
📄
db_designer.php
(7.6 KB)
📄
db_events.php
(1.96 KB)
📄
db_export.php
(5 KB)
📄
db_import.php
(1.08 KB)
📄
db_multi_table_query.php
(1.42 KB)
📄
db_operations.php
(9.64 KB)
📄
db_qbe.php
(5.19 KB)
📄
db_routines.php
(2.2 KB)
📄
db_search.php
(2.17 KB)
📄
db_sql.php
(1.18 KB)
📄
db_sql_autocomplete.php
(1.01 KB)
📄
db_sql_format.php
(613 B)
📄
db_structure.php
(2 KB)
📄
db_tracking.php
(3.58 KB)
📄
db_triggers.php
(1.96 KB)
📁
doc
📄
error_report.php
(4.64 KB)
📁
examples
📄
export.php
(16.93 KB)
📄
favicon.ico
(21.96 KB)
📄
gis_data_editor.php
(3.83 KB)
📄
import.php
(24.03 KB)
📄
import_status.php
(3.65 KB)
📄
index.php
(3.01 KB)
📁
js
📁
libraries
📄
license.php
(1021 B)
📄
lint.php
(1.52 KB)
📁
locale
📁
login
📄
logout.php
(437 B)
📄
navigation.php
(2.58 KB)
📄
normalization.php
(4.48 KB)
📄
package.json
(1.42 KB)
📄
phpinfo.php
(633 B)
📄
prefs_forms.php
(3.02 KB)
📄
prefs_manage.php
(7.29 KB)
📄
prefs_twofactor.php
(1.93 KB)
📄
print.css
(1.18 KB)
📄
robots.txt
(26 B)
📄
schema_export.php
(861 B)
📄
server_binlog.php
(733 B)
📄
server_collations.php
(626 B)
📄
server_databases.php
(1.74 KB)
📄
server_engines.php
(797 B)
📄
server_export.php
(1.22 KB)
📄
server_import.php
(833 B)
📄
server_plugins.php
(595 B)
📄
server_privileges.php
(14.8 KB)
📄
server_replication.php
(1.57 KB)
📄
server_sql.php
(1.06 KB)
📄
server_status.php
(1.01 KB)
📄
server_status_advisor.php
(885 B)
📄
server_status_monitor.php
(3.22 KB)
📄
server_status_processes.php
(1.78 KB)
📄
server_status_queries.php
(1.34 KB)
📄
server_status_variables.php
(1.31 KB)
📄
server_user_groups.php
(2.16 KB)
📄
server_variables.php
(1.08 KB)
📄
services.yml
(3.09 KB)
📄
services_controllers.yml
(8.4 KB)
📁
setup
📄
show_config_errors.php
(1.23 KB)
📁
sql
📄
sql.php
(6.73 KB)
📄
tbl_addfield.php
(4.33 KB)
📄
tbl_change.php
(6.86 KB)
📄
tbl_chart.php
(1.13 KB)
📄
tbl_create.php
(3.92 KB)
📄
tbl_export.php
(2.9 KB)
📄
tbl_find_replace.php
(1.29 KB)
📄
tbl_get_field.php
(2.05 KB)
📄
tbl_gis_visualization.php
(1.64 KB)
📄
tbl_import.php
(895 B)
📄
tbl_indexes.php
(1.23 KB)
📄
tbl_operations.php
(15.43 KB)
📄
tbl_recent_favorite.php
(590 B)
📄
tbl_relation.php
(2.81 KB)
📄
tbl_replace.php
(17.51 KB)
📄
tbl_row_action.php
(5.48 KB)
📄
tbl_select.php
(1.29 KB)
📄
tbl_sql.php
(1.23 KB)
📄
tbl_structure.php
(2.31 KB)
📄
tbl_tracking.php
(5.33 KB)
📄
tbl_triggers.php
(265 B)
📄
tbl_zoom_select.php
(1.22 KB)
📁
templates
📁
themes
📄
themes.php
(894 B)
📄
transformation_overview.php
(846 B)
📄
transformation_wrapper.php
(5.26 KB)
📄
url.php
(1.56 KB)
📄
user_password.php
(2.18 KB)
📁
vendor
📄
version_check.php
(1.17 KB)
📄
view_create.php
(7.02 KB)
📄
view_operations.php
(3.45 KB)
📄
yarn.lock
(109.31 KB)
Editing: tbl_replace.php
<?php /* vim: set expandtab sw=4 ts=4 sts=4: */ /** * Manipulation of table data like inserting, replacing and updating * * Usually called as form action from tbl_change.php to insert or update table rows * * @todo 'edit_next' tends to not work as expected if used ... * at least there is no order by it needs the original query * and the row number and than replace the LIMIT clause * * @package PhpMyAdmin */ declare(strict_types=1); use PhpMyAdmin\Core; use PhpMyAdmin\DatabaseInterface; use PhpMyAdmin\File; use PhpMyAdmin\InsertEdit; use PhpMyAdmin\Message; use PhpMyAdmin\Plugins\IOTransformationsPlugin; use PhpMyAdmin\Relation; use PhpMyAdmin\Response; use PhpMyAdmin\Table; use PhpMyAdmin\Transformations; use PhpMyAdmin\Util; if (! defined('ROOT_PATH')) { define('ROOT_PATH', __DIR__ . DIRECTORY_SEPARATOR); } global $containerBuilder, $db, $table, $url_params; require_once ROOT_PATH . 'libraries/common.inc.php'; /** @var Response $response */ $response = $containerBuilder->get(Response::class); /** @var DatabaseInterface $dbi */ $dbi = $containerBuilder->get(DatabaseInterface::class); // Check parameters Util::checkParameters(['db', 'table', 'goto']); $dbi->selectDb($db); /** * Initializes some variables */ $goto_include = false; $header = $response->getHeader(); $scripts = $header->getScripts(); $scripts->addFile('makegrid.js'); // Needed for generation of Inline Edit anchors $scripts->addFile('vendor/stickyfill.min.js'); $scripts->addFile('sql.js'); $scripts->addFile('indexes.js'); $scripts->addFile('gis_data_editor.js'); /** @var Relation $relation */ $relation = $containerBuilder->get('relation'); /** @var Transformations $transformations */ $transformations = $containerBuilder->get('transformations'); /** @var InsertEdit $insertEdit */ $insertEdit = $containerBuilder->get('insert_edit'); // check whether insert row mode, if so include tbl_change.php $insertEdit->isInsertRow(); $after_insert_actions = [ 'new_insert', 'same_insert', 'edit_next', ]; if (isset($_POST['after_insert']) && in_array($_POST['after_insert'], $after_insert_actions) ) { $url_params['after_insert'] = $_POST['after_insert']; if (isset($_POST['where_clause'])) { foreach ($_POST['where_clause'] as $one_where_clause) { if ($_POST['after_insert'] == 'same_insert') { $url_params['where_clause'][] = $one_where_clause; } elseif ($_POST['after_insert'] == 'edit_next') { $insertEdit->setSessionForEditNext($one_where_clause); } } } } //get $goto_include for different cases $goto_include = $insertEdit->getGotoInclude($goto_include); // Defines the url to return in case of failure of the query $err_url = $insertEdit->getErrorUrl($url_params); /** * Prepares the update/insert of a row */ list($loop_array, $using_key, $is_insert, $is_insertignore) = $insertEdit->getParamsForUpdateOrInsert(); $query = []; $value_sets = []; $func_no_param = [ 'CONNECTION_ID', 'CURRENT_USER', 'CURDATE', 'CURTIME', 'CURRENT_DATE', 'CURRENT_TIME', 'DATABASE', 'LAST_INSERT_ID', 'NOW', 'PI', 'RAND', 'SYSDATE', 'UNIX_TIMESTAMP', 'USER', 'UTC_DATE', 'UTC_TIME', 'UTC_TIMESTAMP', 'UUID', 'UUID_SHORT', 'VERSION', ]; $func_optional_param = [ 'RAND', 'UNIX_TIMESTAMP', ]; $gis_from_text_functions = [ 'GeomFromText', 'GeomCollFromText', 'LineFromText', 'MLineFromText', 'PointFromText', 'MPointFromText', 'PolyFromText', 'MPolyFromText', ]; $gis_from_wkb_functions = []; if ($dbi->getVersion() >= 50600) { $gis_from_wkb_functions = [ 'ST_GeomFromText', 'ST_GeomCollFromText', 'ST_LineFromText', 'ST_MLineFromText', 'ST_PointFromText', 'ST_MPointFromText', 'ST_PolyFromText', 'ST_MPolyFromText', ]; } //if some posted fields need to be transformed. $mime_map = $transformations->getMime($db, $table); if ($mime_map === false) { $mime_map = []; } $query_fields = []; $insert_errors = []; $row_skipped = false; $unsaved_values = []; foreach ($loop_array as $rownumber => $where_clause) { // skip fields to be ignored if (! $using_key && isset($_POST['insert_ignore_' . $where_clause])) { continue; } // Defines the SET part of the sql query $query_values = []; // Map multi-edit keys to single-level arrays, dependent on how we got the fields $multi_edit_columns = isset($_POST['fields']['multi_edit'][$rownumber]) ? $_POST['fields']['multi_edit'][$rownumber] : []; $multi_edit_columns_name = isset($_POST['fields_name']['multi_edit'][$rownumber]) ? $_POST['fields_name']['multi_edit'][$rownumber] : []; $multi_edit_columns_prev = isset($_POST['fields_prev']['multi_edit'][$rownumber]) ? $_POST['fields_prev']['multi_edit'][$rownumber] : null; $multi_edit_funcs = isset($_POST['funcs']['multi_edit'][$rownumber]) ? $_POST['funcs']['multi_edit'][$rownumber] : null; $multi_edit_salt = isset($_POST['salt']['multi_edit'][$rownumber]) ? $_POST['salt']['multi_edit'][$rownumber] : null; $multi_edit_columns_type = isset($_POST['fields_type']['multi_edit'][$rownumber]) ? $_POST['fields_type']['multi_edit'][$rownumber] : null; $multi_edit_columns_null = isset($_POST['fields_null']['multi_edit'][$rownumber]) ? $_POST['fields_null']['multi_edit'][$rownumber] : null; $multi_edit_columns_null_prev = isset($_POST['fields_null_prev']['multi_edit'][$rownumber]) ? $_POST['fields_null_prev']['multi_edit'][$rownumber] : null; $multi_edit_auto_increment = isset($_POST['auto_increment']['multi_edit'][$rownumber]) ? $_POST['auto_increment']['multi_edit'][$rownumber] : null; $multi_edit_virtual = isset($_POST['virtual']['multi_edit'][$rownumber]) ? $_POST['virtual']['multi_edit'][$rownumber] : null; // When a select field is nullified, it's not present in $_POST // so initialize it; this way, the foreach($multi_edit_columns) will process it foreach ($multi_edit_columns_name as $key => $val) { if (! isset($multi_edit_columns[$key])) { $multi_edit_columns[$key] = ''; } } // Iterate in the order of $multi_edit_columns_name, // not $multi_edit_columns, to avoid problems // when inserting multiple entries $insert_fail = false; foreach ($multi_edit_columns_name as $key => $column_name) { $current_value = $multi_edit_columns[$key]; // Note: $key is an md5 of the fieldname. The actual fieldname is // available in $multi_edit_columns_name[$key] $file_to_insert = new File(); $file_to_insert->checkTblChangeForm((string) $key, (string) $rownumber); $possibly_uploaded_val = $file_to_insert->getContent(); if ($possibly_uploaded_val !== false) { $current_value = $possibly_uploaded_val; } // Apply Input Transformation if defined if (! empty($mime_map[$column_name]) && ! empty($mime_map[$column_name]['input_transformation']) ) { $filename = 'libraries/classes/Plugins/Transformations/' . $mime_map[$column_name]['input_transformation']; if (is_file($filename)) { $classname = $transformations->getClassName($filename); if (class_exists($classname)) { /** @var IOTransformationsPlugin $transformation_plugin */ $transformation_plugin = new $classname(); $transformation_options = $transformations->getOptions( $mime_map[$column_name]['input_transformation_options'] ); $current_value = $transformation_plugin->applyTransformation( $current_value, $transformation_options ); // check if transformation was successful or not // and accordingly set error messages & insert_fail if (method_exists($transformation_plugin, 'isSuccess') && ! $transformation_plugin->isSuccess() ) { $insert_fail = true; $row_skipped = true; $insert_errors[] = sprintf( __('Row: %1$s, Column: %2$s, Error: %3$s'), $rownumber, $column_name, $transformation_plugin->getError() ); } } } } if ($file_to_insert->isError()) { $insert_errors[] = $file_to_insert->getError(); } // delete $file_to_insert temporary variable $file_to_insert->cleanUp(); $current_value = $insertEdit->getCurrentValueForDifferentTypes( $possibly_uploaded_val, $key, $multi_edit_columns_type, $current_value, $multi_edit_auto_increment, $rownumber, $multi_edit_columns_name, $multi_edit_columns_null, $multi_edit_columns_null_prev, $is_insert, $using_key, $where_clause, $table, $multi_edit_funcs ); $current_value_as_an_array = $insertEdit->getCurrentValueAsAnArrayForMultipleEdit( $multi_edit_funcs, $multi_edit_salt, $gis_from_text_functions, $current_value, $gis_from_wkb_functions, $func_optional_param, $func_no_param, $key ); if (! isset($multi_edit_virtual) || ! isset($multi_edit_virtual[$key])) { list($query_values, $query_fields) = $insertEdit->getQueryValuesForInsertAndUpdateInMultipleEdit( $multi_edit_columns_name, $multi_edit_columns_null, $current_value, $multi_edit_columns_prev, $multi_edit_funcs, $is_insert, $query_values, $query_fields, $current_value_as_an_array, $value_sets, $key, $multi_edit_columns_null_prev ); } if (isset($multi_edit_columns_null[$key])) { $multi_edit_columns[$key] = null; } } //end of foreach // temporarily store rows not inserted // so that they can be populated again. if ($insert_fail) { $unsaved_values[$rownumber] = $multi_edit_columns; } if (! $insert_fail && count($query_values) > 0) { if ($is_insert) { $value_sets[] = implode(', ', $query_values); } else { // build update query $query[] = 'UPDATE ' . Util::backquote($table) . ' SET ' . implode(', ', $query_values) . ' WHERE ' . $where_clause . ($_POST['clause_is_unique'] ? '' : ' LIMIT 1'); } } } // end foreach ($loop_array as $where_clause) unset( $multi_edit_columns_name, $multi_edit_columns_prev, $multi_edit_funcs, $multi_edit_columns_type, $multi_edit_columns_null, $func_no_param, $multi_edit_auto_increment, $current_value_as_an_array, $key, $current_value, $loop_array, $where_clause, $using_key, $multi_edit_columns_null_prev, $insert_fail ); // Builds the sql query if ($is_insert && count($value_sets) > 0) { $query = $insertEdit->buildSqlQuery($is_insertignore, $query_fields, $value_sets); } elseif (empty($query) && ! isset($_POST['preview_sql']) && ! $row_skipped) { // No change -> move back to the calling script // // Note: logic passes here for inline edit $message = Message::success(__('No change')); // Avoid infinite recursion if ($goto_include == 'tbl_replace.php') { $goto_include = 'tbl_change.php'; } $active_page = $goto_include; include ROOT_PATH . Core::securePath($goto_include); exit; } unset($multi_edit_columns, $is_insertignore); // If there is a request for SQL previewing. if (isset($_POST['preview_sql'])) { Core::previewSQL($query); } /** * Executes the sql query and get the result, then move back to the calling * page */ list ($url_params, $total_affected_rows, $last_messages, $warning_messages, $error_messages, $return_to_sql_query) = $insertEdit->executeSqlQuery($url_params, $query); if ($is_insert && (count($value_sets) > 0 || $row_skipped)) { $message = Message::getMessageForInsertedRows( $total_affected_rows ); $unsaved_values = array_values($unsaved_values); } else { $message = Message::getMessageForAffectedRows( $total_affected_rows ); } if ($row_skipped) { $goto_include = 'tbl_change.php'; $message->addMessagesString($insert_errors, '<br>'); $message->isError(true); } $message->addMessages($last_messages, '<br>'); if (! empty($warning_messages)) { $message->addMessagesString($warning_messages, '<br>'); $message->isError(true); } if (! empty($error_messages)) { $message->addMessagesString($error_messages); $message->isError(true); } unset( $error_messages, $warning_messages, $total_affected_rows, $last_messages, $last_message, $row_skipped, $insert_errors ); /** * The following section only applies to grid editing. * However, verifying isAjax() is not enough to ensure we are coming from * grid editing. If we are coming from the Edit or Copy link in Browse mode, * ajax_page_request is present in the POST parameters. */ if ($response->isAjax() && ! isset($_POST['ajax_page_request'])) { /** * If we are in grid editing, we need to process the relational and * transformed fields, if they were edited. After that, output the correct * link/transformed value and exit */ if (isset($_POST['rel_fields_list']) && $_POST['rel_fields_list'] != '') { $map = $relation->getForeigners($db, $table, '', 'both'); $relation_fields = []; parse_str($_POST['rel_fields_list'], $relation_fields); // loop for each relation cell /** @var array $relation_fields */ foreach ($relation_fields as $cell_index => $curr_rel_field) { foreach ($curr_rel_field as $relation_field => $relation_field_value) { $where_comparison = "='" . $relation_field_value . "'"; $dispval = $insertEdit->getDisplayValueForForeignTableColumn( $where_comparison, $map, $relation_field ); $extra_data['relations'][$cell_index] = $insertEdit->getLinkForRelationalDisplayField( $map, $relation_field, $where_comparison, $dispval, $relation_field_value ); } } // end of loop for each relation cell } if (isset($_POST['do_transformations']) && $_POST['do_transformations'] == true ) { $edited_values = []; parse_str($_POST['transform_fields_list'], $edited_values); if (! isset($extra_data)) { $extra_data = []; } $transformation_types = [ "input_transformation", "transformation", ]; foreach ($mime_map as $transformation) { $column_name = $transformation['column_name']; foreach ($transformation_types as $type) { $file = Core::securePath($transformation[$type]); $extra_data = $insertEdit->transformEditedValues( $db, $table, $transformation, $edited_values, $file, $column_name, $extra_data, $type ); } } // end of loop for each $mime_map } // Need to check the inline edited value can be truncated by MySQL // without informing while saving $column_name = $_POST['fields_name']['multi_edit'][0][0]; $insertEdit->verifyWhetherValueCanBeTruncatedAndAppendExtraData( $db, $table, $column_name, $extra_data ); /**Get the total row count of the table*/ $_table = new Table($_POST['table'], $_POST['db']); $extra_data['row_count'] = $_table->countRecords(); $extra_data['sql_query'] = Util::getMessage( $message, $GLOBALS['display_query'] ); $response->setRequestStatus($message->isSuccess()); $response->addJSON('message', $message); $response->addJSON($extra_data); exit; } if (! empty($return_to_sql_query)) { $disp_query = $GLOBALS['sql_query']; $disp_message = $message; unset($message); $GLOBALS['sql_query'] = $return_to_sql_query; } $scripts->addFile('vendor/jquery/additional-methods.js'); $scripts->addFile('table/change.js'); $active_page = $goto_include; /** * If user asked for "and then Insert another new row" we have to remove * WHERE clause information so that tbl_change.php does not go back * to the current record */ if (isset($_POST['after_insert']) && 'new_insert' == $_POST['after_insert']) { unset($_POST['where_clause']); } /** * Load target page. */ require ROOT_PATH . Core::securePath($goto_include); exit;
Upload File
Create Folder