[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_4_3_1-8281-gd84d51c
Piotr Przybylski
crackpl at users.sourceforge.net
Thu Jul 14 00:07:19 CEST 2011
The branch, master has been updated
via d84d51c77552bd166c03dcb6a1623f93952ad058 (commit)
via 667cf67954c44facf978660f5fa7b9ed5c2b1b89 (commit)
via 09e74a94150d84ba0014f7455446383311c6d190 (commit)
from f57faf6b58702ad09e6c333fd927778fb6af1e41 (commit)
- Log -----------------------------------------------------------------
commit d84d51c77552bd166c03dcb6a1623f93952ad058
Author: Piotr Przybylski <piotrprz at gmail.com>
Date: Thu Jul 14 00:05:58 2011 +0200
Fix XML export so it actually can export table structure
More escaping fixes
commit 667cf67954c44facf978660f5fa7b9ed5c2b1b89
Author: Piotr Przybylski <piotrprz at gmail.com>
Date: Wed Jul 13 23:42:29 2011 +0200
Better escaping in XML export
Note: it's still incorrect
commit 09e74a94150d84ba0014f7455446383311c6d190
Author: Piotr Przybylski <piotrprz at gmail.com>
Date: Wed Jul 13 23:40:58 2011 +0200
Improve readability of XML export code
-----------------------------------------------------------------------
Summary of changes:
libraries/export/xml.php | 42 ++++++++++++++++++++----------------------
1 files changed, 20 insertions(+), 22 deletions(-)
diff --git a/libraries/export/xml.php b/libraries/export/xml.php
index 2665051..85bab5f 100644
--- a/libraries/export/xml.php
+++ b/libraries/export/xml.php
@@ -71,13 +71,14 @@ function PMA_exportFooter() {
function PMA_exportHeader() {
global $crlf;
global $cfg;
- global $what;
global $db;
global $table;
global $tables;
- $export_struct = isset($GLOBALS[$what . '_export_struc']) ? true : false;
- $export_data = isset($GLOBALS[$what . '_export_contents']) ? true : false;
+ $export_struct = isset($GLOBALS['xml_export_functions']) || isset($GLOBALS['xml_export_procedures'])
+ || isset($GLOBALS['xml_export_tables']) || isset($GLOBALS['xml_export_triggers'])
+ || isset($GLOBALS['xml_export_views']);
+ $export_data = isset($GLOBALS['xml_export_contents']) ? true : false;
if ($GLOBALS['output_charset_conversion']) {
$charset = $GLOBALS['charset_of_file'];
@@ -112,7 +113,7 @@ function PMA_exportHeader() {
$head .= ' - Structure schemas' . $crlf;
$head .= ' -->' . $crlf;
$head .= ' <pma:structure_schemas>' . $crlf;
- $head .= ' <pma:database name="' . $db . '" collation="' . $db_collation . '" charset="' . $db_charset . '">' . $crlf;
+ $head .= ' <pma:database name="' . htmlspecialchars($db) . '" collation="' . $db_collation . '" charset="' . $db_charset . '">' . $crlf;
if (count($tables) == 0) {
$tables[] = $table;
@@ -131,23 +132,23 @@ function PMA_exportHeader() {
$type = 'table';
}
- if ($is_view && ! isset($GLOBALS[$what . '_export_views'])) {
+ if ($is_view && ! isset($GLOBALS['xml_export_views'])) {
continue;
}
- if (! $is_view && ! isset($GLOBALS[$what . '_export_tables'])) {
+ if (! $is_view && ! isset($GLOBALS['xml_export_tables'])) {
continue;
}
$head .= ' <pma:' . $type . ' name="' . $table . '">' . $crlf;
- $tbl = " " . $tbl;
+ $tbl = " " . htmlspecialchars($tbl);
$tbl = str_replace("\n", "\n ", $tbl);
$head .= $tbl . ';' . $crlf;
$head .= ' </pma:' . $type . '>' . $crlf;
- if (isset($GLOBALS[$what . '_export_triggers']) && $GLOBALS[$what . '_export_triggers']) {
+ if (isset($GLOBALS['xml_export_triggers']) && $GLOBALS['xml_export_triggers']) {
// Export triggers
$triggers = PMA_DBI_get_triggers($db, $table);
if ($triggers) {
@@ -157,7 +158,7 @@ function PMA_exportHeader() {
// Do some formatting
$code = substr(rtrim($code), 0, -3);
- $code = " " . $code;
+ $code = " " . htmlspecialchars($code);
$code = str_replace("\n", "\n ", $code);
$head .= $code . $crlf;
@@ -170,7 +171,7 @@ function PMA_exportHeader() {
}
}
- if (isset($GLOBALS[$what . '_export_functions']) && $GLOBALS[$what . '_export_functions']) {
+ if (isset($GLOBALS['xml_export_functions']) && $GLOBALS['xml_export_functions']) {
// Export functions
$functions = PMA_DBI_get_procedures_or_functions($db, 'FUNCTION');
if ($functions) {
@@ -180,7 +181,7 @@ function PMA_exportHeader() {
// Do some formatting
$sql = PMA_DBI_get_definition($db, 'FUNCTION', $function);
$sql = rtrim($sql);
- $sql = " " . $sql;
+ $sql = " " . htmlspecialchars($sql);
$sql = str_replace("\n", "\n ", $sql);
$head .= $sql . $crlf;
@@ -193,7 +194,7 @@ function PMA_exportHeader() {
}
}
- if (isset($GLOBALS[$what . '_export_procedures']) && $GLOBALS[$what . '_export_procedures']) {
+ if (isset($GLOBALS['xml_export_procedures']) && $GLOBALS['xml_export_procedures']) {
// Export procedures
$procedures = PMA_DBI_get_procedures_or_functions($db, 'PROCEDURE');
if ($procedures) {
@@ -203,7 +204,7 @@ function PMA_exportHeader() {
// Do some formatting
$sql = PMA_DBI_get_definition($db, 'PROCEDURE', $procedure);
$sql = rtrim($sql);
- $sql = " " . $sql;
+ $sql = " " . htmlspecialchars($sql);
$sql = str_replace("\n", "\n ", $sql);
$head .= $sql . $crlf;
@@ -239,13 +240,12 @@ function PMA_exportHeader() {
*/
function PMA_exportDBHeader($db) {
global $crlf;
- global $what;
- if (isset($GLOBALS[$what . '_export_contents']) && $GLOBALS[$what . '_export_contents']) {
+ if (isset($GLOBALS['xml_export_contents']) && $GLOBALS['xml_export_contents']) {
$head = ' <!--' . $crlf
. ' - ' . __('Database') . ': ' . (isset($GLOBALS['use_backquotes']) ? PMA_backquote($db) : '\'' . $db . '\''). $crlf
. ' -->' . $crlf
- . ' <database name="' . $db . '">' . $crlf;
+ . ' <database name="' . htmlspecialchars($db) . '">' . $crlf;
return PMA_exportOutputHandler($head);
}
@@ -265,9 +265,8 @@ function PMA_exportDBHeader($db) {
*/
function PMA_exportDBFooter($db) {
global $crlf;
- global $what;
- if (isset($GLOBALS[$what . '_export_contents']) && $GLOBALS[$what . '_export_contents']) {
+ if (isset($GLOBALS['xml_export_contents']) && $GLOBALS['xml_export_contents']) {
return PMA_exportOutputHandler(' </database>' . $crlf);
}
else
@@ -301,12 +300,11 @@ function PMA_exportDBCreate($db) {
* @access public
*/
function PMA_exportData($db, $table, $crlf, $error_url, $sql_query) {
- global $what;
-
- if (isset($GLOBALS[$what . '_export_contents']) && $GLOBALS[$what . '_export_contents']) {
+ if (isset($GLOBALS['xml_export_contents']) && $GLOBALS['xml_export_contents']) {
$result = PMA_DBI_query($sql_query, null, PMA_DBI_QUERY_UNBUFFERED);
$columns_cnt = PMA_DBI_num_fields($result);
+ $columns = array();
for ($i = 0; $i < $columns_cnt; $i++) {
$columns[$i] = stripslashes(str_replace(' ', '_', PMA_DBI_field_name($result, $i)));
}
@@ -324,7 +322,7 @@ function PMA_exportData($db, $table, $crlf, $error_url, $sql_query) {
if (!isset($record[$i]) || is_null($record[$i])) {
$record[$i] = 'NULL';
}
- $buffer .= ' <column name="' . $columns[$i] . '">' . htmlspecialchars((string)$record[$i])
+ $buffer .= ' <column name="' . htmlspecialchars($columns[$i]) . '">' . htmlspecialchars((string)$record[$i])
. '</column>' . $crlf;
}
$buffer .= ' </table>' . $crlf;
hooks/post-receive
--
phpMyAdmin
More information about the Git
mailing list