[Phpmyadmin-git] [SCM] phpMyAdmin branch, QA_3_4, updated. RELEASE_3_4_3_1-29-g2cc22c8
Piotr Przybylski
crackpl at users.sourceforge.net
Thu Jul 14 23:48:48 CEST 2011
The branch, QA_3_4 has been updated
via 2cc22c8aba33ad12b3d98905d6dfc29f7c878837 (commit)
via 70083ad58346ff7190bcd8e56b63ab92f6abfa40 (commit)
via 65d962d39703b412dc482be47e092f97933eb8e0 (commit)
via 6d0f28b425dc9f975543301c4b194dd6fbdd494d (commit)
from ed88c4a7b68c8efd764a364d1a9579aa762ebdaa (commit)
- Log -----------------------------------------------------------------
commit 2cc22c8aba33ad12b3d98905d6dfc29f7c878837
Author: Piotr Przybylski <piotrprz at gmail.com>
Date: Thu Jul 14 21:28:41 2011 +0200
Fix CodeGen export
commit 70083ad58346ff7190bcd8e56b63ab92f6abfa40
Author: Piotr Przybylski <piotrprz at gmail.com>
Date: Thu Jul 14 00:05:58 2011 +0200
Fix XML export so it actually can export table structure
More escaping fixes
commit 65d962d39703b412dc482be47e092f97933eb8e0
Author: Piotr Przybylski <piotrprz at gmail.com>
Date: Wed Jul 13 23:42:29 2011 +0200
Better escaping in XML export
Note: it's still incorrect
commit 6d0f28b425dc9f975543301c4b194dd6fbdd494d
Author: Piotr Przybylski <piotrprz at gmail.com>
Date: Wed Jul 13 23:40:58 2011 +0200
Improve readability of XML export code
-----------------------------------------------------------------------
Summary of changes:
libraries/export/codegen.php | 76 +++++++++++++++++++++++++++---------------
libraries/export/xml.php | 43 +++++++++++------------
2 files changed, 70 insertions(+), 49 deletions(-)
diff --git a/libraries/export/codegen.php b/libraries/export/codegen.php
index 8e36f40..7160122 100644
--- a/libraries/export/codegen.php
+++ b/libraries/export/codegen.php
@@ -138,12 +138,12 @@ function PMA_exportDBCreate($db)
*/
function PMA_exportData($db, $table, $crlf, $error_url, $sql_query)
{
- global $CG_FORMATS, $CG_HANDLERS;
- $format = cgGetOption("format");
- $index = array_search($format, $CG_FORMATS);
- if ($index >= 0)
- return PMA_exportOutputHandler($CG_HANDLERS[$index]($db, $table, $crlf));
- return PMA_exportOutputHandler(sprintf("%s is not supported.", $format));
+ global $CG_FORMATS, $CG_HANDLERS;
+ $format = cgGetOption("format");
+ if (isset($CG_FORMATS[$format])) {
+ return PMA_exportOutputHandler($CG_HANDLERS[$format]($db, $table, $crlf));
+ }
+ return PMA_exportOutputHandler(sprintf("%s is not supported.", $format));
}
/**
@@ -209,28 +209,50 @@ class TableProperty
function getIndexName()
{
if (strlen($this->key)>0)
- return "index=\"" . $this->name . "\"";
+ return "index=\"" . htmlspecialchars($this->name, ENT_COMPAT, 'UTF-8') . "\"";
return "";
}
function isPK()
{
return $this->key=="PRI";
}
- function format($pattern)
+ function formatCs($text)
+ {
+ $text=str_replace("#name#", cgMakeIdentifier($this->name, false), $text);
+ return $this->format($text);
+ }
+ function formatXml($text)
+ {
+ $text=str_replace("#name#", htmlspecialchars($this->name, ENT_COMPAT, 'UTF-8'), $text);
+ $text=str_replace("#indexName#", $this->getIndexName(), $text);
+ return $this->format($text);
+ }
+ function format($text)
{
- $text=$pattern;
- $text=str_replace("#name#", $this->name, $text);
+ $text=str_replace("#ucfirstName#", cgMakeIdentifier($this->name), $text);
+ $text=str_replace("#dotNetPrimitiveType#", $this->getDotNetPrimitiveType(), $text);
+ $text=str_replace("#dotNetObjectType#", $this->getDotNetObjectType(), $text);
$text=str_replace("#type#", $this->getPureType(), $text);
$text=str_replace("#notNull#", $this->isNotNull(), $text);
$text=str_replace("#unique#", $this->isUnique(), $text);
- $text=str_replace("#ucfirstName#", ucfirst($this->name), $text);
- $text=str_replace("#dotNetPrimitiveType#", $this->getDotNetPrimitiveType(), $text);
- $text=str_replace("#dotNetObjectType#", $this->getDotNetObjectType(), $text);
- $text=str_replace("#indexName#", $this->getIndexName(), $text);
return $text;
}
}
+ function cgMakeIdentifier($str, $ucfirst = true)
+ {
+ // remove unsafe characters
+ $str = preg_replace('/[^\p{L}\p{Nl}_]/u', '', $str);
+ // make sure first character is a letter or _
+ if (!preg_match('/^\pL/u', $str)) {
+ $str = '_' . $str;
+ }
+ if ($ucfirst) {
+ $str = ucfirst($str);
+ }
+ return $str;
+ }
+
function handleNHibernateCSBody($db, $table, $crlf)
{
$lines=array();
@@ -244,31 +266,31 @@ class TableProperty
$lines[] = "using System.Collections;";
$lines[] = "using System.Collections.Generic;";
$lines[] = "using System.Text;";
- $lines[] = "namespace ".ucfirst($db);
+ $lines[] = "namespace ".cgMakeIdentifier($db);
$lines[] = "{";
- $lines[] = " #region ".ucfirst($table);
- $lines[] = " public class ".ucfirst($table);
+ $lines[] = " #region ".cgMakeIdentifier($table);
+ $lines[] = " public class ".cgMakeIdentifier($table);
$lines[] = " {";
$lines[] = " #region Member Variables";
foreach ($tableProperties as $tablePropertie)
- $lines[] = $tablePropertie->format(" protected #dotNetPrimitiveType# _#name#;");
+ $lines[] = $tablePropertie->formatCs(" protected #dotNetPrimitiveType# _#name#;");
$lines[] = " #endregion";
$lines[] = " #region Constructors";
- $lines[] = " public ".ucfirst($table)."() { }";
+ $lines[] = " public ".cgMakeIdentifier($table)."() { }";
$temp = array();
foreach ($tableProperties as $tablePropertie)
if (! $tablePropertie->isPK())
- $temp[] = $tablePropertie->format("#dotNetPrimitiveType# #name#");
- $lines[] = " public ".ucfirst($table)."(".implode(", ", $temp).")";
+ $temp[] = $tablePropertie->formatCs("#dotNetPrimitiveType# #name#");
+ $lines[] = " public ".cgMakeIdentifier($table)."(".implode(", ", $temp).")";
$lines[] = " {";
foreach ($tableProperties as $tablePropertie)
if (! $tablePropertie->isPK())
- $lines[] = $tablePropertie->format(" this._#name#=#name#;");
+ $lines[] = $tablePropertie->formatCs(" this._#name#=#name#;");
$lines[] = " }";
$lines[] = " #endregion";
$lines[] = " #region Public Properties";
foreach ($tableProperties as $tablePropertie)
- $lines[] = $tablePropertie->format(" public virtual #dotNetPrimitiveType# _#ucfirstName#\n {\n get {return _#name#;}\n set {_#name#=value;}\n }");
+ $lines[] = $tablePropertie->formatCs(" public virtual #dotNetPrimitiveType# #ucfirstName#\n {\n get {return _#name#;}\n set {_#name#=value;}\n }");
$lines[] = " #endregion";
$lines[] = " }";
$lines[] = " #endregion";
@@ -282,8 +304,8 @@ class TableProperty
{
$lines=array();
$lines[] = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>";
- $lines[] = "<hibernate-mapping xmlns=\"urn:nhibernate-mapping-2.2\" namespace=\"".ucfirst($db)."\" assembly=\"".ucfirst($db)."\">";
- $lines[] = " <class name=\"".ucfirst($table)."\" table=\"".$table."\">";
+ $lines[] = "<hibernate-mapping xmlns=\"urn:nhibernate-mapping-2.2\" namespace=\"".cgMakeIdentifier($db)."\" assembly=\"".cgMakeIdentifier($db)."\">";
+ $lines[] = " <class name=\"".cgMakeIdentifier($table)."\" table=\"".cgMakeIdentifier($table)."\">";
$result = PMA_DBI_query(sprintf("DESC %s.%s", PMA_backquote($db), PMA_backquote($table)));
if ($result)
{
@@ -293,9 +315,9 @@ class TableProperty
foreach ($tableProperties as $tablePropertie)
{
if ($tablePropertie->isPK())
- $lines[] = $tablePropertie->format(" <id name=\"#ucfirstName#\" type=\"#dotNetObjectType#\" unsaved-value=\"0\">\n <column name=\"#name#\" sql-type=\"#type#\" not-null=\"#notNull#\" unique=\"#unique#\" index=\"PRIMARY\"/>\n <generator class=\"native\" />\n </id>");
+ $lines[] = $tablePropertie->formatXml(" <id name=\"#ucfirstName#\" type=\"#dotNetObjectType#\" unsaved-value=\"0\">\n <column name=\"#name#\" sql-type=\"#type#\" not-null=\"#notNull#\" unique=\"#unique#\" index=\"PRIMARY\"/>\n <generator class=\"native\" />\n </id>");
else
- $lines[] = $tablePropertie->format(" <property name=\"#ucfirstName#\" type=\"#dotNetObjectType#\">\n <column name=\"#name#\" sql-type=\"#type#\" not-null=\"#notNull#\" #indexName#/>\n </property>");
+ $lines[] = $tablePropertie->formatXml(" <property name=\"#ucfirstName#\" type=\"#dotNetObjectType#\">\n <column name=\"#name#\" sql-type=\"#type#\" not-null=\"#notNull#\" #indexName#/>\n </property>");
}
PMA_DBI_free_result($result);
}
diff --git a/libraries/export/xml.php b/libraries/export/xml.php
index 9bafb09..83b51ee 100644
--- a/libraries/export/xml.php
+++ b/libraries/export/xml.php
@@ -82,13 +82,14 @@ function PMA_exportFooter() {
function PMA_exportHeader() {
global $crlf;
global $cfg;
- global $what;
global $db;
global $table;
global $tables;
- $export_struct = isset($GLOBALS[$what . '_export_struc']) ? true : false;
- $export_data = isset($GLOBALS[$what . '_export_contents']) ? true : false;
+ $export_struct = isset($GLOBALS['xml_export_functions']) || isset($GLOBALS['xml_export_procedures'])
+ || isset($GLOBALS['xml_export_tables']) || isset($GLOBALS['xml_export_triggers'])
+ || isset($GLOBALS['xml_export_views']);
+ $export_data = isset($GLOBALS['xml_export_contents']) ? true : false;
if ($GLOBALS['output_charset_conversion']) {
$charset = $GLOBALS['charset_of_file'];
@@ -123,7 +124,7 @@ function PMA_exportHeader() {
$head .= ' - Structure schemas' . $crlf;
$head .= ' -->' . $crlf;
$head .= ' <pma:structure_schemas>' . $crlf;
- $head .= ' <pma:database name="' . $db . '" collation="' . $db_collation . '" charset="' . $db_charset . '">' . $crlf;
+ $head .= ' <pma:database name="' . htmlspecialchars($db) . '" collation="' . $db_collation . '" charset="' . $db_charset . '">' . $crlf;
if (count($tables) == 0) {
$tables[] = $table;
@@ -142,23 +143,23 @@ function PMA_exportHeader() {
$type = 'table';
}
- if ($is_view && ! isset($GLOBALS[$what . '_export_views'])) {
+ if ($is_view && ! isset($GLOBALS['xml_export_views'])) {
continue;
}
- if (! $is_view && ! isset($GLOBALS[$what . '_export_tables'])) {
+ if (! $is_view && ! isset($GLOBALS['xml_export_tables'])) {
continue;
}
$head .= ' <pma:' . $type . ' name="' . $table . '">' . $crlf;
- $tbl = " " . $tbl;
+ $tbl = " " . htmlspecialchars($tbl);
$tbl = str_replace("\n", "\n ", $tbl);
$head .= $tbl . ';' . $crlf;
$head .= ' </pma:' . $type . '>' . $crlf;
- if (isset($GLOBALS[$what . '_export_triggers']) && $GLOBALS[$what . '_export_triggers']) {
+ if (isset($GLOBALS['xml_export_triggers']) && $GLOBALS['xml_export_triggers']) {
// Export triggers
$triggers = PMA_DBI_get_triggers($db, $table);
if ($triggers) {
@@ -168,7 +169,7 @@ function PMA_exportHeader() {
// Do some formatting
$code = substr(rtrim($code), 0, -3);
- $code = " " . $code;
+ $code = " " . htmlspecialchars($code);
$code = str_replace("\n", "\n ", $code);
$head .= $code . $crlf;
@@ -181,7 +182,7 @@ function PMA_exportHeader() {
}
}
- if (isset($GLOBALS[$what . '_export_functions']) && $GLOBALS[$what . '_export_functions']) {
+ if (isset($GLOBALS['xml_export_functions']) && $GLOBALS['xml_export_functions']) {
// Export functions
$functions = PMA_DBI_get_procedures_or_functions($db, 'FUNCTION');
if ($functions) {
@@ -191,7 +192,7 @@ function PMA_exportHeader() {
// Do some formatting
$sql = PMA_DBI_get_definition($db, 'FUNCTION', $function);
$sql = rtrim($sql);
- $sql = " " . $sql;
+ $sql = " " . htmlspecialchars($sql);
$sql = str_replace("\n", "\n ", $sql);
$head .= $sql . $crlf;
@@ -204,7 +205,7 @@ function PMA_exportHeader() {
}
}
- if (isset($GLOBALS[$what . '_export_procedures']) && $GLOBALS[$what . '_export_procedures']) {
+ if (isset($GLOBALS['xml_export_procedures']) && $GLOBALS['xml_export_procedures']) {
// Export procedures
$procedures = PMA_DBI_get_procedures_or_functions($db, 'PROCEDURE');
if ($procedures) {
@@ -214,7 +215,7 @@ function PMA_exportHeader() {
// Do some formatting
$sql = PMA_DBI_get_definition($db, 'PROCEDURE', $procedure);
$sql = rtrim($sql);
- $sql = " " . $sql;
+ $sql = " " . htmlspecialchars($sql);
$sql = str_replace("\n", "\n ", $sql);
$head .= $sql . $crlf;
@@ -251,13 +252,12 @@ function PMA_exportHeader() {
*/
function PMA_exportDBHeader($db) {
global $crlf;
- global $what;
- if (isset($GLOBALS[$what . '_export_contents']) && $GLOBALS[$what . '_export_contents']) {
+ if (isset($GLOBALS['xml_export_contents']) && $GLOBALS['xml_export_contents']) {
$head = ' <!--' . $crlf
. ' - ' . __('Database') . ': ' . (isset($GLOBALS['use_backquotes']) ? PMA_backquote($db) : '\'' . $db . '\''). $crlf
. ' -->' . $crlf
- . ' <database name="' . $db . '">' . $crlf;
+ . ' <database name="' . htmlspecialchars($db) . '">' . $crlf;
return PMA_exportOutputHandler($head);
}
@@ -278,9 +278,8 @@ function PMA_exportDBHeader($db) {
*/
function PMA_exportDBFooter($db) {
global $crlf;
- global $what;
- if (isset($GLOBALS[$what . '_export_contents']) && $GLOBALS[$what . '_export_contents']) {
+ if (isset($GLOBALS['xml_export_contents']) && $GLOBALS['xml_export_contents']) {
return PMA_exportOutputHandler(' </database>' . $crlf);
}
else
@@ -317,12 +316,12 @@ function PMA_exportDBCreate($db) {
* @access public
*/
function PMA_exportData($db, $table, $crlf, $error_url, $sql_query) {
- global $what;
-
- if (isset($GLOBALS[$what . '_export_contents']) && $GLOBALS[$what . '_export_contents']) {
+
+ if (isset($GLOBALS['xml_export_contents']) && $GLOBALS['xml_export_contents']) {
$result = PMA_DBI_query($sql_query, null, PMA_DBI_QUERY_UNBUFFERED);
$columns_cnt = PMA_DBI_num_fields($result);
+ $columns = array();
for ($i = 0; $i < $columns_cnt; $i++) {
$columns[$i] = stripslashes(str_replace(' ', '_', PMA_DBI_field_name($result, $i)));
}
@@ -340,7 +339,7 @@ function PMA_exportData($db, $table, $crlf, $error_url, $sql_query) {
if (!isset($record[$i]) || is_null($record[$i])) {
$record[$i] = 'NULL';
}
- $buffer .= ' <column name="' . $columns[$i] . '">' . htmlspecialchars((string)$record[$i])
+ $buffer .= ' <column name="' . htmlspecialchars($columns[$i]) . '">' . htmlspecialchars((string)$record[$i])
. '</column>' . $crlf;
}
$buffer .= ' </table>' . $crlf;
hooks/post-receive
--
phpMyAdmin
More information about the Git
mailing list