1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
|
<?php
/**
* PHPPgAdmin v6.0.0-RC5
*/
namespace PHPPgAdmin\Database\Traits;
/**
* Common trait for tables manipulation.
*/
trait RowTrait
{
/**
* Returns a recordset of all columns in a table.
*
* @param string $table The name of a table
* @param array $key The associative array holding the key to retrieve
*
* @return \PHPPgAdmin\ADORecordSet A recordset
*/
public function browseRow($table, $key)
{
$f_schema = $this->_schema;
$this->fieldClean($f_schema);
$this->fieldClean($table);
$sql = "SELECT * FROM \"{$f_schema}\".\"{$table}\"";
if (is_array($key) && sizeof($key) > 0) {
$sql .= ' WHERE true';
foreach ($key as $k => $v) {
$this->fieldClean($k);
$this->clean($v);
$sql .= " AND \"{$k}\"='{$v}'";
}
}
return $this->selectSet($sql);
}
/**
* Get the fields for uniquely identifying a row in a table.
*
* @param string $table The table for which to retrieve the identifier
*
* @return array|array<integer,string>|int An array mapping attribute number to attribute name, empty for no identifiers
*/
public function getRowIdentifier($table)
{
$oldtable = $table;
$c_schema = $this->_schema;
$this->clean($c_schema);
$this->clean($table);
$status = $this->beginTransaction();
if ($status != 0) {
return -1;
}
// Get the first primary or unique index (sorting primary keys first) that
// is NOT a partial index.
$sql = "
SELECT indrelid, indkey
FROM pg_catalog.pg_index
WHERE indisunique AND indrelid=(
SELECT oid FROM pg_catalog.pg_class
WHERE relname='{$table}' AND relnamespace=(
SELECT oid FROM pg_catalog.pg_namespace
WHERE nspname='{$c_schema}'
)
) AND indpred IS NULL AND indexprs IS NULL
ORDER BY indisprimary DESC LIMIT 1";
$rs = $this->selectSet($sql);
// If none, check for an OID column. Even though OIDs can be duplicated, the edit and delete row
// functions check that they're only modiying a single row. Otherwise, return empty array.
if ($rs->recordCount() == 0) {
// Check for OID column
$temp = [];
if ($this->hasObjectID($table)) {
$temp = ['oid'];
}
$this->endTransaction();
return $temp;
} // Otherwise find the names of the keys
$attnames = $this->getAttributeNames($oldtable, explode(' ', $rs->fields['indkey']));
if (!is_array($attnames)) {
$this->rollbackTransaction();
return -1;
}
$this->endTransaction();
return $attnames;
}
/**
* Adds a new row to a table.
*
* @param string $table The table in which to insert
* @param array $fields Array of given field in values
* @param array $values Array of new values for the row
* @param array $nulls An array mapping column => something if it is to be null
* @param array $format An array of the data type (VALUE or EXPRESSION)
* @param array $types An array of field types
*
* @return int 0 if operation was successful
*/
public function insertRow($table, $fields, $values, $nulls, $format, $types)
{
if (!is_array($fields) || !is_array($values) || !is_array($nulls)
|| !is_array($format) || !is_array($types)
|| (count($fields) != count($values))
) {
return -1;
}
// Build clause
if (count($values) > 0) {
// Escape all field names
$fields = array_map(['\PHPPgAdmin\Database\Postgres', 'fieldClean'], $fields);
$f_schema = $this->_schema;
$this->fieldClean($table);
$this->fieldClean($f_schema);
$sql = '';
foreach ($values as $i => $value) {
// Handle NULL values
if (isset($nulls[$i])) {
$sql .= ',NULL';
} else {
$sql .= ','.$this->formatValue($types[$i], $format[$i], $value);
}
}
$sql = "INSERT INTO \"{$f_schema}\".\"{$table}\" (\"".implode('","', $fields).'")
VALUES ('.substr($sql, 1).')';
return $this->execute($sql);
}
return -1;
}
/**
* Formats a value or expression for sql purposes.
*
* @param string $type The type of the field
* @param mixed $format VALUE or EXPRESSION
* @param mixed $value The actual value entered in the field. Can be NULL
*
* @return mixed The suitably quoted and escaped value
*/
public function formatValue($type, $format, $value)
{
switch ($type) {
case 'bool':
case 'boolean':
if ($value == 't') {
return 'TRUE';
}
if ($value == 'f') {
return 'FALSE';
}
if ($value == '') {
return 'NULL';
}
return $value;
break;
default:
// Checking variable fields is difficult as there might be a size
// attribute...
if (strpos($type, 'time') === 0) {
// Assume it's one of the time types...
if ($value == '') {
return "''";
}
if (strcasecmp($value, 'CURRENT_TIMESTAMP') == 0
|| strcasecmp($value, 'CURRENT_TIME') == 0
|| strcasecmp($value, 'CURRENT_DATE') == 0
|| strcasecmp($value, 'LOCALTIME') == 0
|| strcasecmp($value, 'LOCALTIMESTAMP') == 0) {
return $value;
}
if ($format == 'EXPRESSION') {
return $value;
}
$this->clean($value);
return "'{$value}'";
}
if ($format == 'VALUE') {
$this->clean($value);
return "'{$value}'";
}
return $value;
}
}
// View functions
/**
* Updates a row in a table.
*
* @param string $table The table in which to update
* @param array $vars An array mapping new values for the row
* @param array $nulls An array mapping column => something if it is to be null
* @param array $format An array of the data type (VALUE or EXPRESSION)
* @param array $types An array of field types
* @param array $keyarr An array mapping column => value to update
*
* @return bool|int 0 success
*/
public function editRow($table, $vars, $nulls, $format, $types, $keyarr)
{
if (!is_array($vars) || !is_array($nulls) || !is_array($format) || !is_array($types)) {
return -1;
}
$f_schema = $this->_schema;
$this->fieldClean($f_schema);
$this->fieldClean($table);
$sql = '';
// Build clause
if (sizeof($vars) > 0) {
foreach ($vars as $key => $value) {
$this->fieldClean($key);
// Handle NULL values
if (isset($nulls[$key])) {
$tmp = 'NULL';
} else {
$tmp = $this->formatValue($types[$key], $format[$key], $value);
}
if (strlen($sql) > 0) {
$sql .= ", \"{$key}\"={$tmp}";
} else {
$sql = "UPDATE \"{$f_schema}\".\"{$table}\" SET \"{$key}\"={$tmp}";
}
}
$first = true;
foreach ($keyarr as $k => $v) {
$this->fieldClean($k);
$this->clean($v);
if ($first) {
$sql .= " WHERE \"{$k}\"='{$v}'";
$first = false;
} else {
$sql .= " AND \"{$k}\"='{$v}'";
}
}
}
// Begin transaction. We do this so that we can ensure only one row is
// edited
$status = $this->beginTransaction();
if ($status != 0) {
$this->rollbackTransaction();
return -1;
}
$status = $this->execute($sql);
if ($status != 0) {
// update failed
$this->rollbackTransaction();
return -1;
}
if ($this->conn->Affected_Rows() != 1) {
// more than one row could be updated
$this->rollbackTransaction();
return -2;
}
// End transaction
return $this->endTransaction();
}
/**
* Delete a row from a table.
*
* @param string $table The table from which to delete
* @param array $key An array mapping column => value to delete
* @param string $schema the schema of the table
*
* @return bool|int 0 success
*/
public function deleteRow($table, $key, $schema = '')
{
if (!is_array($key)) {
return -1;
}
// Begin transaction. We do this so that we can ensure only one row is
// deleted
$status = $this->beginTransaction();
if ($status != 0) {
$this->rollbackTransaction();
return -1;
}
if ($schema === '') {
$schema = $this->_schema;
}
$status = $this->delete($table, $key, $schema);
if ($status != 0 || $this->conn->Affected_Rows() != 1) {
$this->rollbackTransaction();
return -2;
}
// End transaction
return $this->endTransaction();
}
abstract public function fieldClean(&$str);
abstract public function beginTransaction();
abstract public function rollbackTransaction();
abstract public function endTransaction();
abstract public function execute($sql);
abstract public function setComment($obj_type, $obj_name, $table, $comment, $basetype = null);
abstract public function selectSet($sql);
abstract public function clean(&$str);
abstract public function phpBool($parameter);
abstract public function hasCreateTableLikeWithConstraints();
abstract public function hasCreateTableLikeWithIndexes();
abstract public function hasTablespaces();
abstract public function delete($table, $conditions, $schema = '');
abstract public function fieldArrayClean(&$arr);
abstract public function hasCreateFieldWithConstraints();
abstract public function getAttributeNames($table, $atts);
abstract public function hasObjectID($table);
}
|
