Server IP : 85.214.239.14 / Your IP : 18.117.101.250 Web Server : Apache/2.4.62 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /var/www/wordpress/phpMyAdmin/libraries/classes/ |
Upload File : |
<?php /* vim: set expandtab sw=4 ts=4 sts=4: */ /** * Saved searches managing * * @package PhpMyAdmin */ declare(strict_types=1); namespace PhpMyAdmin; /** * Saved searches managing * * @package PhpMyAdmin */ class SavedSearches { /** * Global configuration * @var array */ private $_config = null; /** * Id * @var int|null */ private $_id = null; /** * Username * @var string */ private $_username = null; /** * DB name * @var string */ private $_dbname = null; /** * Saved search name * @var string */ private $_searchName = null; /** * Criterias * @var array */ private $_criterias = null; /** * @var Relation */ private $relation; /** * Public constructor * * @param array $config Global configuration * @param Relation $relation Relation instance */ public function __construct(array $config, Relation $relation) { $this->setConfig($config); $this->relation = $relation; } /** * Setter of id * * @param int|null $searchId Id of search * * @return static */ public function setId($searchId) { $searchId = (int) $searchId; if (empty($searchId)) { $searchId = null; } $this->_id = $searchId; return $this; } /** * Getter of id * * @return int|null */ public function getId() { return $this->_id; } /** * Setter of searchName * * @param string $searchName Saved search name * * @return static */ public function setSearchName($searchName) { $this->_searchName = $searchName; return $this; } /** * Getter of searchName * * @return string */ public function getSearchName() { return $this->_searchName; } /** * Setter of config * * @param array $config Global configuration * * @return static */ public function setConfig(array $config) { $this->_config = $config; return $this; } /** * Getter of config * * @return array */ public function getConfig() { return $this->_config; } /** * Setter for criterias * * @param array|string $criterias Criterias of saved searches * @param bool $json Criterias are in JSON format * * @return static */ public function setCriterias($criterias, $json = false) { if (true === $json && is_string($criterias)) { $this->_criterias = json_decode($criterias, true); return $this; } $aListFieldsToGet = [ 'criteriaColumn', 'criteriaSort', 'criteriaShow', 'criteria', 'criteriaAndOrRow', 'criteriaAndOrColumn', 'rows', 'TableList', ]; $data = []; $data['criteriaColumnCount'] = count($criterias['criteriaColumn']); foreach ($aListFieldsToGet as $field) { if (isset($criterias[$field])) { $data[$field] = $criterias[$field]; } } /* Limit amount of rows */ if (! isset($data['rows'])) { $data['rows'] = 0; } else { $data['rows'] = min( max(0, intval($data['rows'])), 100 ); } for ($i = 0; $i <= $data['rows']; $i++) { $data['Or' . $i] = $criterias['Or' . $i]; } $this->_criterias = $data; return $this; } /** * Getter for criterias * * @return array */ public function getCriterias() { return $this->_criterias; } /** * Setter for username * * @param string $username Username * * @return static */ public function setUsername($username) { $this->_username = $username; return $this; } /** * Getter for username * * @return string */ public function getUsername() { return $this->_username; } /** * Setter for DB name * * @param string $dbname DB name * * @return static */ public function setDbname($dbname) { $this->_dbname = $dbname; return $this; } /** * Getter for DB name * * @return string */ public function getDbname() { return $this->_dbname; } /** * Save the search * * @return boolean */ public function save() { if (null == $this->getSearchName()) { $message = Message::error( __('Please provide a name for this bookmarked search.') ); $response = Response::getInstance(); $response->setRequestStatus($message->isSuccess()); $response->addJSON('fieldWithError', 'searchName'); $response->addJSON('message', $message); exit; } if (null == $this->getUsername() || null == $this->getDbname() || null == $this->getSearchName() || null == $this->getCriterias() ) { $message = Message::error( __('Missing information to save the bookmarked search.') ); $response = Response::getInstance(); $response->setRequestStatus($message->isSuccess()); $response->addJSON('message', $message); exit; } $savedSearchesTbl = Util::backquote($this->_config['cfgRelation']['db']) . "." . Util::backquote($this->_config['cfgRelation']['savedsearches']); //If it's an insert. if (null === $this->getId()) { $wheres = [ "search_name = '" . $GLOBALS['dbi']->escapeString($this->getSearchName()) . "'", ]; $existingSearches = $this->getList($wheres); if (! empty($existingSearches)) { $message = Message::error( __('An entry with this name already exists.') ); $response = Response::getInstance(); $response->setRequestStatus($message->isSuccess()); $response->addJSON('fieldWithError', 'searchName'); $response->addJSON('message', $message); exit; } $sqlQuery = "INSERT INTO " . $savedSearchesTbl . "(`username`, `db_name`, `search_name`, `search_data`)" . " VALUES (" . "'" . $GLOBALS['dbi']->escapeString($this->getUsername()) . "'," . "'" . $GLOBALS['dbi']->escapeString($this->getDbname()) . "'," . "'" . $GLOBALS['dbi']->escapeString($this->getSearchName()) . "'," . "'" . $GLOBALS['dbi']->escapeString(json_encode($this->getCriterias())) . "')"; $result = (bool) $this->relation->queryAsControlUser($sqlQuery); if (! $result) { return false; } $this->setId($GLOBALS['dbi']->insertId()); return true; } //Else, it's an update. $wheres = [ "id != " . $this->getId(), "search_name = '" . $GLOBALS['dbi']->escapeString($this->getSearchName()) . "'", ]; $existingSearches = $this->getList($wheres); if (! empty($existingSearches)) { $message = Message::error( __('An entry with this name already exists.') ); $response = Response::getInstance(); $response->setRequestStatus($message->isSuccess()); $response->addJSON('fieldWithError', 'searchName'); $response->addJSON('message', $message); exit; } $sqlQuery = "UPDATE " . $savedSearchesTbl . "SET `search_name` = '" . $GLOBALS['dbi']->escapeString($this->getSearchName()) . "', " . "`search_data` = '" . $GLOBALS['dbi']->escapeString(json_encode($this->getCriterias())) . "' " . "WHERE id = " . $this->getId(); return (bool) $this->relation->queryAsControlUser($sqlQuery); } /** * Delete the search * * @return boolean */ public function delete() { if (null == $this->getId()) { $message = Message::error( __('Missing information to delete the search.') ); $response = Response::getInstance(); $response->setRequestStatus($message->isSuccess()); $response->addJSON('fieldWithError', 'searchId'); $response->addJSON('message', $message); exit; } $savedSearchesTbl = Util::backquote($this->_config['cfgRelation']['db']) . "." . Util::backquote($this->_config['cfgRelation']['savedsearches']); $sqlQuery = "DELETE FROM " . $savedSearchesTbl . "WHERE id = '" . $GLOBALS['dbi']->escapeString($this->getId()) . "'"; return (bool) $this->relation->queryAsControlUser($sqlQuery); } /** * Load the current search from an id. * * @return bool Success */ public function load() { if (null == $this->getId()) { $message = Message::error( __('Missing information to load the search.') ); $response = Response::getInstance(); $response->setRequestStatus($message->isSuccess()); $response->addJSON('fieldWithError', 'searchId'); $response->addJSON('message', $message); exit; } $savedSearchesTbl = Util::backquote($this->_config['cfgRelation']['db']) . "." . Util::backquote($this->_config['cfgRelation']['savedsearches']); $sqlQuery = "SELECT id, search_name, search_data " . "FROM " . $savedSearchesTbl . " " . "WHERE id = '" . $GLOBALS['dbi']->escapeString($this->getId()) . "' "; $resList = $this->relation->queryAsControlUser($sqlQuery); if (false === ($oneResult = $GLOBALS['dbi']->fetchArray($resList))) { $message = Message::error(__('Error while loading the search.')); $response = Response::getInstance(); $response->setRequestStatus($message->isSuccess()); $response->addJSON('fieldWithError', 'searchId'); $response->addJSON('message', $message); exit; } $this->setSearchName($oneResult['search_name']) ->setCriterias($oneResult['search_data'], true); return true; } /** * Get the list of saved searches of a user on a DB * * @param string[] $wheres List of filters * * @return array List of saved searches or empty array on failure */ public function getList(array $wheres = []) { if (null == $this->getUsername() || null == $this->getDbname() ) { return []; } $savedSearchesTbl = Util::backquote($this->_config['cfgRelation']['db']) . "." . Util::backquote($this->_config['cfgRelation']['savedsearches']); $sqlQuery = "SELECT id, search_name " . "FROM " . $savedSearchesTbl . " " . "WHERE " . "username = '" . $GLOBALS['dbi']->escapeString($this->getUsername()) . "' " . "AND db_name = '" . $GLOBALS['dbi']->escapeString($this->getDbname()) . "' "; foreach ($wheres as $where) { $sqlQuery .= "AND " . $where . " "; } $sqlQuery .= "order by search_name ASC "; $resList = $this->relation->queryAsControlUser($sqlQuery); $list = []; while ($oneResult = $GLOBALS['dbi']->fetchArray($resList)) { $list[$oneResult['id']] = $oneResult['search_name']; } return $list; } }