__('at least one of the words'), '2' => __('all words'), '3' => __('the exact phrase'), '4' => __('as regular expression'), ); if (empty($_REQUEST['search_option']) || ! is_string($_REQUEST['search_option']) || ! array_key_exists($_REQUEST['search_option'], $search_options) ) { $search_option = 1; unset($_REQUEST['submit_search']); } else { $search_option = (int) $_REQUEST['search_option']; $option_str = $search_options[$_REQUEST['search_option']]; } if (empty($_REQUEST['search_str']) || ! is_string($_REQUEST['search_str'])) { unset($_REQUEST['submit_search']); $searched = ''; } else { $searched = htmlspecialchars($_REQUEST['search_str']); // For "as regular expression" (search option 4), we should not treat // this as an expression that contains a LIKE (second parameter of // PMA_sqlAddSlashes()). // // Usage example: If user is seaching for a literal $ in a regexp search, // he should enter \$ as the value. $search_str = PMA_sqlAddSlashes( $_REQUEST['search_str'], ($search_option == 4 ? false : true) ); } $tables_selected = array(); if (empty($_REQUEST['table_select']) || ! is_array($_REQUEST['table_select'])) { unset($_REQUEST['submit_search']); } elseif (! isset($_REQUEST['selectall']) && ! isset($_REQUEST['unselectall'])) { $tables_selected = array_intersect($_REQUEST['table_select'], $tables_names_only); } if (isset($_REQUEST['selectall'])) { $tables_selected = $tables_names_only; } elseif (isset($_REQUEST['unselectall'])) { $tables_selected = array(); } if (empty($_REQUEST['field_str']) || ! is_string($_REQUEST['field_str'])) { unset($field_str); } else { $field_str = PMA_sqlAddSlashes($_REQUEST['field_str'], true); } /** * Displays top links if we are not in an Ajax request */ $sub_part = ''; if ( $GLOBALS['is_ajax_request'] != true) { include 'libraries/db_info.inc.php'; echo '
'; } /** * 1. Main search form has been submitted */ if (isset($_REQUEST['submit_search'])) { /** * Builds the SQL search query * * @param string $table the table name * @param string $field restrict the search to this field * @param string $search_str the string to search * @param integer $search_option type of search * (1 -> 1 word at least, 2 -> all words, * 3 -> exact string, 4 -> regexp) * * @return array 3 SQL querys (for count, display and delete results) * * @todo can we make use of fulltextsearch IN BOOLEAN MODE for this? * PMA_backquote * PMA_DBI_free_result * PMA_DBI_fetch_assoc * $GLOBALS['db'] * explode * count * strlen */ function PMA_getSearchSqls($table, $field, $search_str, $search_option) { // Statement types $sqlstr_select = 'SELECT'; $sqlstr_delete = 'DELETE'; // Fields to select $tblfields = PMA_DBI_get_columns($GLOBALS['db'], $table); // Table to use $sqlstr_from = ' FROM ' . PMA_backquote($GLOBALS['db']) . '.' . PMA_backquote($table); $search_words = (($search_option > 2) ? array($search_str) : explode(' ', $search_str)); $like_or_regex = (($search_option == 4) ? 'REGEXP' : 'LIKE'); $automatic_wildcard = (($search_option < 3) ? '%' : ''); $fieldslikevalues = array(); foreach ($search_words as $search_word) { // Eliminates empty values if (strlen($search_word) === 0) { continue; } $thefieldlikevalue = array(); foreach ($tblfields as $tblfield) { if (! isset($field) || strlen($field) == 0 || $tblfield['Field'] == $field) { // Drizzle has no CONVERT and all text columns are UTF-8 if (PMA_DRIZZLE) { $thefieldlikevalue[] = PMA_backquote($tblfield['Field']) . ' ' . $like_or_regex . ' ' . "'" . $automatic_wildcard . $search_word . $automatic_wildcard . "'"; } else { $thefieldlikevalue[] = 'CONVERT(' . PMA_backquote($tblfield['Field']) . ' USING utf8)' . ' ' . $like_or_regex . ' ' . "'" . $automatic_wildcard . $search_word . $automatic_wildcard . "'"; } } } // end for if (count($thefieldlikevalue) > 0) { $fieldslikevalues[] = implode(' OR ', $thefieldlikevalue); } } // end for $implode_str = ($search_option == 1 ? ' OR ' : ' AND '); if ( empty($fieldslikevalues)) { // this could happen when the "inside field" does not exist // in any selected tables $sqlstr_where = ' WHERE FALSE'; } else { $sqlstr_where = ' WHERE (' . implode(') ' . $implode_str . ' (', $fieldslikevalues) . ')'; } unset($fieldslikevalues); // Builds complete queries $sql['select_fields'] = $sqlstr_select . ' * ' . $sqlstr_from . $sqlstr_where; // here, I think we need to still use the COUNT clause, even for // VIEWs, anyway we have a WHERE clause that should limit results $sql['select_count'] = $sqlstr_select . ' COUNT(*) AS `count`' . $sqlstr_from . $sqlstr_where; $sql['delete'] = $sqlstr_delete . $sqlstr_from . $sqlstr_where; return $sql; } // end of the "PMA_getSearchSqls()" function /** * Displays the results */ $this_url_params = array( 'db' => $GLOBALS['db'], 'goto' => 'db_sql.php', 'pos' => 0, 'is_js_confirmed' => 0, ); // Displays search string echo '
' . "\n" . '' . "\n" . '' . "\n"; $num_search_result_total = 0; $odd_row = true; foreach ($tables_selected as $each_table) { // Gets the SQL statements $newsearchsqls = PMA_getSearchSqls( $each_table, (! empty($field_str) ? $field_str : ''), $search_str, $search_option ); // Executes the "COUNT" statement $res_cnt = PMA_DBI_fetch_value($newsearchsqls['select_count']); $num_search_result_total += $res_cnt; $sql_query .= $newsearchsqls['select_count']; echo '' . '\n"; if ($res_cnt > 0) { $this_url_params['sql_query'] = $newsearchsqls['select_fields']; $browse_result_path = 'sql.php' . PMA_generate_common_url($this_url_params); ?>  ' . "\n" .'' . "\n"; }// end if else $odd_row = ! $odd_row; echo '' . "\n"; } // end for echo '
' . "\n" . sprintf( __('Search results for "%s" %s:'), $searched, $option_str ) . "\n" . '
' . sprintf( _ngettext('%1$s match inside table %2$s', '%1$s matches inside table %2$s', $res_cnt), $res_cnt, htmlspecialchars($each_table) ) . "  
' . "\n"; if (count($tables_selected) > 1) { echo '

' . sprintf( _ngettext('Total: %s match', 'Total: %s matches', $num_search_result_total), $num_search_result_total ) . '

' . "\n"; } } // end 1. /** * If we are in an Ajax request, we need to exit after displaying all the HTML */ if ($GLOBALS['is_ajax_request'] == true) { exit; } else { echo '
';//end searchresults div } /** * 2. Displays the main search form */ ?>
method="post" action="db_search.php" name="db_search">
__('at least one of the words') . PMA_showHint(__('Words are separated by a space character (" ").')), '2' => __('all words') . PMA_showHint(__('Words are separated by a space character (" ").')), '3' => __('the exact phrase'), '4' => __('as regular expression') . ' ' . PMA_showMySQLDocu('Regexp', 'Regexp') ); // 4th parameter set to true to add line breaks // 5th parameter set to false to avoid htmlspecialchars() escaping in the label // since we have some HTML in some labels echo PMA_getRadioFields('search_option', $choices, $search_option, true, false); unset($choices); ?>
' . "\n"; foreach ($tables_names_only as $each_table) { if (in_array($each_table, $tables_selected)) { $is_selected = ' selected="selected"'; } else { $is_selected = ''; } echo ' ' . "\n"; } // end while echo ' ' . "\n"; $alter_select = '' . __('Select All') . '' . ' / ' . '' . __('Unselect All') . ''; ?>