You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
604 lines
21 KiB
604 lines
21 KiB
<?php |
|
|
|
declare(strict_types=1); |
|
|
|
namespace PhpMyAdmin\Database; |
|
|
|
use PhpMyAdmin\DatabaseInterface; |
|
use PhpMyAdmin\Html\Generator; |
|
use PhpMyAdmin\Message; |
|
use PhpMyAdmin\ResponseRenderer; |
|
use PhpMyAdmin\Template; |
|
use PhpMyAdmin\Util; |
|
|
|
use function __; |
|
use function count; |
|
use function explode; |
|
use function htmlspecialchars; |
|
use function in_array; |
|
use function intval; |
|
use function mb_strtoupper; |
|
use function sprintf; |
|
use function str_contains; |
|
use function strtoupper; |
|
use function trim; |
|
|
|
/** |
|
* Functions for event management. |
|
*/ |
|
class Events |
|
{ |
|
/** @var array<string, array<int, string>> */ |
|
private $status = [ |
|
'query' => ['ENABLE', 'DISABLE', 'DISABLE ON SLAVE'], |
|
'display' => ['ENABLED', 'DISABLED', 'SLAVESIDE_DISABLED'], |
|
]; |
|
|
|
/** @var array<int, string> */ |
|
private $type = ['RECURRING', 'ONE TIME']; |
|
|
|
/** @var array<int, string> */ |
|
private $interval = [ |
|
'YEAR', |
|
'QUARTER', |
|
'MONTH', |
|
'DAY', |
|
'HOUR', |
|
'MINUTE', |
|
'WEEK', |
|
'SECOND', |
|
'YEAR_MONTH', |
|
'DAY_HOUR', |
|
'DAY_MINUTE', |
|
'DAY_SECOND', |
|
'HOUR_MINUTE', |
|
'HOUR_SECOND', |
|
'MINUTE_SECOND', |
|
]; |
|
|
|
/** @var DatabaseInterface */ |
|
private $dbi; |
|
|
|
/** @var Template */ |
|
private $template; |
|
|
|
/** @var ResponseRenderer */ |
|
private $response; |
|
|
|
/** |
|
* @param DatabaseInterface $dbi DatabaseInterface instance. |
|
* @param Template $template Template instance. |
|
* @param ResponseRenderer $response Response instance. |
|
*/ |
|
public function __construct(DatabaseInterface $dbi, Template $template, $response) |
|
{ |
|
$this->dbi = $dbi; |
|
$this->template = $template; |
|
$this->response = $response; |
|
} |
|
|
|
/** |
|
* Handles editor requests for adding or editing an item |
|
*/ |
|
public function handleEditor(): void |
|
{ |
|
global $db, $table, $errors, $message; |
|
|
|
if (! empty($_POST['editor_process_add']) || ! empty($_POST['editor_process_edit'])) { |
|
$sql_query = ''; |
|
|
|
$item_query = $this->getQueryFromRequest(); |
|
|
|
// set by getQueryFromRequest() |
|
if (! count($errors)) { |
|
// Execute the created query |
|
if (! empty($_POST['editor_process_edit'])) { |
|
// Backup the old trigger, in case something goes wrong |
|
$create_item = $this->dbi->getDefinition($db, 'EVENT', $_POST['item_original_name']); |
|
$drop_item = 'DROP EVENT IF EXISTS ' |
|
. Util::backquote($_POST['item_original_name']) |
|
. ";\n"; |
|
$result = $this->dbi->tryQuery($drop_item); |
|
if (! $result) { |
|
$errors[] = sprintf( |
|
__('The following query has failed: "%s"'), |
|
htmlspecialchars($drop_item) |
|
) |
|
. '<br>' |
|
. __('MySQL said: ') . $this->dbi->getError(); |
|
} else { |
|
$result = $this->dbi->tryQuery($item_query); |
|
if (! $result) { |
|
$errors[] = sprintf( |
|
__('The following query has failed: "%s"'), |
|
htmlspecialchars($item_query) |
|
) |
|
. '<br>' |
|
. __('MySQL said: ') . $this->dbi->getError(); |
|
// We dropped the old item, but were unable to create |
|
// the new one. Try to restore the backup query |
|
$result = $this->dbi->tryQuery($create_item); |
|
if (! $result) { |
|
$errors = $this->checkResult($create_item, $errors); |
|
} |
|
} else { |
|
$message = Message::success( |
|
__('Event %1$s has been modified.') |
|
); |
|
$message->addParam( |
|
Util::backquote($_POST['item_name']) |
|
); |
|
$sql_query = $drop_item . $item_query; |
|
} |
|
} |
|
} else { |
|
// 'Add a new item' mode |
|
$result = $this->dbi->tryQuery($item_query); |
|
if (! $result) { |
|
$errors[] = sprintf( |
|
__('The following query has failed: "%s"'), |
|
htmlspecialchars($item_query) |
|
) |
|
. '<br><br>' |
|
. __('MySQL said: ') . $this->dbi->getError(); |
|
} else { |
|
$message = Message::success( |
|
__('Event %1$s has been created.') |
|
); |
|
$message->addParam( |
|
Util::backquote($_POST['item_name']) |
|
); |
|
$sql_query = $item_query; |
|
} |
|
} |
|
} |
|
|
|
if (count($errors)) { |
|
$message = Message::error( |
|
'<b>' |
|
. __( |
|
'One or more errors have occurred while processing your request:' |
|
) |
|
. '</b>' |
|
); |
|
$message->addHtml('<ul>'); |
|
foreach ($errors as $string) { |
|
$message->addHtml('<li>' . $string . '</li>'); |
|
} |
|
|
|
$message->addHtml('</ul>'); |
|
} |
|
|
|
$output = Generator::getMessage($message, $sql_query); |
|
|
|
if ($this->response->isAjax()) { |
|
if ($message->isSuccess()) { |
|
$events = $this->dbi->getEvents($db, $_POST['item_name']); |
|
$event = $events[0]; |
|
$this->response->addJSON( |
|
'name', |
|
htmlspecialchars( |
|
mb_strtoupper($_POST['item_name']) |
|
) |
|
); |
|
if (! empty($event)) { |
|
$sqlDrop = sprintf( |
|
'DROP EVENT IF EXISTS %s', |
|
Util::backquote($event['name']) |
|
); |
|
$this->response->addJSON( |
|
'new_row', |
|
$this->template->render('database/events/row', [ |
|
'db' => $db, |
|
'table' => $table, |
|
'event' => $event, |
|
'has_privilege' => Util::currentUserHasPrivilege('EVENT', $db), |
|
'sql_drop' => $sqlDrop, |
|
'row_class' => '', |
|
]) |
|
); |
|
} |
|
|
|
$this->response->addJSON('insert', ! empty($event)); |
|
$this->response->addJSON('message', $output); |
|
} else { |
|
$this->response->setRequestStatus(false); |
|
$this->response->addJSON('message', $message); |
|
} |
|
|
|
$this->response->addJSON('tableType', 'events'); |
|
exit; |
|
} |
|
} |
|
|
|
/** |
|
* Display a form used to add/edit a trigger, if necessary |
|
*/ |
|
if ( |
|
! count($errors) |
|
&& (! empty($_POST['editor_process_add']) |
|
|| ! empty($_POST['editor_process_edit']) |
|
|| (empty($_REQUEST['add_item']) |
|
&& empty($_REQUEST['edit_item']) |
|
&& empty($_POST['item_changetype']))) |
|
) { |
|
return; |
|
} |
|
|
|
// FIXME: this must be simpler than that |
|
$operation = ''; |
|
$title = ''; |
|
$item = null; |
|
$mode = ''; |
|
if (! empty($_POST['item_changetype'])) { |
|
$operation = 'change'; |
|
} |
|
|
|
// Get the data for the form (if any) |
|
if (! empty($_REQUEST['add_item'])) { |
|
$title = __('Add event'); |
|
$item = $this->getDataFromRequest(); |
|
$mode = 'add'; |
|
} elseif (! empty($_REQUEST['edit_item'])) { |
|
$title = __('Edit event'); |
|
if ( |
|
! empty($_REQUEST['item_name']) |
|
&& empty($_POST['editor_process_edit']) |
|
&& empty($_POST['item_changetype']) |
|
) { |
|
$item = $this->getDataFromName($_REQUEST['item_name']); |
|
if ($item !== null) { |
|
$item['item_original_name'] = $item['item_name']; |
|
} |
|
} else { |
|
$item = $this->getDataFromRequest(); |
|
} |
|
|
|
$mode = 'edit'; |
|
} |
|
|
|
$this->sendEditor($mode, $item, $title, $db, $operation); |
|
} |
|
|
|
/** |
|
* This function will generate the values that are required to for the editor |
|
* |
|
* @return array Data necessary to create the editor. |
|
*/ |
|
public function getDataFromRequest() |
|
{ |
|
$retval = []; |
|
$indices = [ |
|
'item_name', |
|
'item_original_name', |
|
'item_status', |
|
'item_execute_at', |
|
'item_interval_value', |
|
'item_interval_field', |
|
'item_starts', |
|
'item_ends', |
|
'item_definition', |
|
'item_preserve', |
|
'item_comment', |
|
'item_definer', |
|
]; |
|
foreach ($indices as $index) { |
|
$retval[$index] = $_POST[$index] ?? ''; |
|
} |
|
|
|
$retval['item_type'] = 'ONE TIME'; |
|
$retval['item_type_toggle'] = 'RECURRING'; |
|
if (isset($_POST['item_type']) && $_POST['item_type'] === 'RECURRING') { |
|
$retval['item_type'] = 'RECURRING'; |
|
$retval['item_type_toggle'] = 'ONE TIME'; |
|
} |
|
|
|
return $retval; |
|
} |
|
|
|
/** |
|
* This function will generate the values that are required to complete |
|
* the "Edit event" form given the name of a event. |
|
* |
|
* @param string $name The name of the event. |
|
* |
|
* @return array|null Data necessary to create the editor. |
|
*/ |
|
public function getDataFromName($name): ?array |
|
{ |
|
global $db; |
|
|
|
$retval = []; |
|
$columns = '`EVENT_NAME`, `STATUS`, `EVENT_TYPE`, `EXECUTE_AT`, ' |
|
. '`INTERVAL_VALUE`, `INTERVAL_FIELD`, `STARTS`, `ENDS`, ' |
|
. '`EVENT_DEFINITION`, `ON_COMPLETION`, `DEFINER`, `EVENT_COMMENT`'; |
|
$where = 'EVENT_SCHEMA ' . Util::getCollateForIS() . '=' |
|
. "'" . $this->dbi->escapeString($db) . "' " |
|
. "AND EVENT_NAME='" . $this->dbi->escapeString($name) . "'"; |
|
$query = 'SELECT ' . $columns . ' FROM `INFORMATION_SCHEMA`.`EVENTS` WHERE ' . $where . ';'; |
|
$item = $this->dbi->fetchSingleRow($query); |
|
if (! $item) { |
|
return null; |
|
} |
|
|
|
$retval['item_name'] = $item['EVENT_NAME']; |
|
$retval['item_status'] = $item['STATUS']; |
|
$retval['item_type'] = $item['EVENT_TYPE']; |
|
if ($retval['item_type'] === 'RECURRING') { |
|
$retval['item_type_toggle'] = 'ONE TIME'; |
|
} else { |
|
$retval['item_type_toggle'] = 'RECURRING'; |
|
} |
|
|
|
$retval['item_execute_at'] = $item['EXECUTE_AT']; |
|
$retval['item_interval_value'] = $item['INTERVAL_VALUE']; |
|
$retval['item_interval_field'] = $item['INTERVAL_FIELD']; |
|
$retval['item_starts'] = $item['STARTS']; |
|
$retval['item_ends'] = $item['ENDS']; |
|
$retval['item_preserve'] = ''; |
|
if ($item['ON_COMPLETION'] === 'PRESERVE') { |
|
$retval['item_preserve'] = " checked='checked'"; |
|
} |
|
|
|
$retval['item_definition'] = $item['EVENT_DEFINITION']; |
|
$retval['item_definer'] = $item['DEFINER']; |
|
$retval['item_comment'] = $item['EVENT_COMMENT']; |
|
|
|
return $retval; |
|
} |
|
|
|
/** |
|
* Displays a form used to add/edit an event |
|
* |
|
* @param string $mode If the editor will be used to edit an event |
|
* or add a new one: 'edit' or 'add'. |
|
* @param string $operation If the editor was previously invoked with |
|
* JS turned off, this will hold the name of |
|
* the current operation |
|
* @param array $item Data for the event returned by |
|
* getDataFromRequest() or getDataFromName() |
|
* |
|
* @return string HTML code for the editor. |
|
*/ |
|
public function getEditorForm($mode, $operation, array $item) |
|
{ |
|
global $db; |
|
|
|
if ($operation === 'change') { |
|
if ($item['item_type'] === 'RECURRING') { |
|
$item['item_type'] = 'ONE TIME'; |
|
$item['item_type_toggle'] = 'RECURRING'; |
|
} else { |
|
$item['item_type'] = 'RECURRING'; |
|
$item['item_type_toggle'] = 'ONE TIME'; |
|
} |
|
} |
|
|
|
return $this->template->render('database/events/editor_form', [ |
|
'db' => $db, |
|
'event' => $item, |
|
'mode' => $mode, |
|
'is_ajax' => $this->response->isAjax(), |
|
'status_display' => $this->status['display'], |
|
'event_type' => $this->type, |
|
'event_interval' => $this->interval, |
|
]); |
|
} |
|
|
|
/** |
|
* Composes the query necessary to create an event from an HTTP request. |
|
* |
|
* @return string The CREATE EVENT query. |
|
*/ |
|
public function getQueryFromRequest() |
|
{ |
|
global $errors; |
|
|
|
$query = 'CREATE '; |
|
if (! empty($_POST['item_definer'])) { |
|
if (str_contains($_POST['item_definer'], '@')) { |
|
$arr = explode('@', $_POST['item_definer']); |
|
$query .= 'DEFINER=' . Util::backquote($arr[0]); |
|
$query .= '@' . Util::backquote($arr[1]) . ' '; |
|
} else { |
|
$errors[] = __('The definer must be in the "username@hostname" format!'); |
|
} |
|
} |
|
|
|
$query .= 'EVENT '; |
|
if (! empty($_POST['item_name'])) { |
|
$query .= Util::backquote($_POST['item_name']) . ' '; |
|
} else { |
|
$errors[] = __('You must provide an event name!'); |
|
} |
|
|
|
$query .= 'ON SCHEDULE '; |
|
if (! empty($_POST['item_type']) && in_array($_POST['item_type'], $this->type)) { |
|
if ($_POST['item_type'] === 'RECURRING') { |
|
if ( |
|
! empty($_POST['item_interval_value']) |
|
&& ! empty($_POST['item_interval_field']) |
|
&& in_array($_POST['item_interval_field'], $this->interval) |
|
) { |
|
$query .= 'EVERY ' . intval($_POST['item_interval_value']) . ' '; |
|
$query .= $_POST['item_interval_field'] . ' '; |
|
} else { |
|
$errors[] = __('You must provide a valid interval value for the event.'); |
|
} |
|
|
|
if (! empty($_POST['item_starts'])) { |
|
$query .= "STARTS '" |
|
. $this->dbi->escapeString($_POST['item_starts']) |
|
. "' "; |
|
} |
|
|
|
if (! empty($_POST['item_ends'])) { |
|
$query .= "ENDS '" |
|
. $this->dbi->escapeString($_POST['item_ends']) |
|
. "' "; |
|
} |
|
} else { |
|
if (! empty($_POST['item_execute_at'])) { |
|
$query .= "AT '" |
|
. $this->dbi->escapeString($_POST['item_execute_at']) |
|
. "' "; |
|
} else { |
|
$errors[] = __('You must provide a valid execution time for the event.'); |
|
} |
|
} |
|
} else { |
|
$errors[] = __('You must provide a valid type for the event.'); |
|
} |
|
|
|
$query .= 'ON COMPLETION '; |
|
if (empty($_POST['item_preserve'])) { |
|
$query .= 'NOT '; |
|
} |
|
|
|
$query .= 'PRESERVE '; |
|
if (! empty($_POST['item_status'])) { |
|
foreach ($this->status['display'] as $key => $value) { |
|
if ($value == $_POST['item_status']) { |
|
$query .= $this->status['query'][$key] . ' '; |
|
break; |
|
} |
|
} |
|
} |
|
|
|
if (! empty($_POST['item_comment'])) { |
|
$query .= "COMMENT '" . $this->dbi->escapeString($_POST['item_comment']) . "' "; |
|
} |
|
|
|
$query .= 'DO '; |
|
if (! empty($_POST['item_definition'])) { |
|
$query .= $_POST['item_definition']; |
|
} else { |
|
$errors[] = __('You must provide an event definition.'); |
|
} |
|
|
|
return $query; |
|
} |
|
|
|
public function getEventSchedulerStatus(): bool |
|
{ |
|
$state = (string) $this->dbi->fetchValue('SHOW GLOBAL VARIABLES LIKE \'event_scheduler\'', 1); |
|
|
|
return strtoupper($state) === 'ON' || $state === '1'; |
|
} |
|
|
|
/** |
|
* @param string|null $createStatement Query |
|
* @param array $errors Errors |
|
* |
|
* @return array |
|
*/ |
|
private function checkResult($createStatement, array $errors) |
|
{ |
|
// OMG, this is really bad! We dropped the query, |
|
// failed to create a new one |
|
// and now even the backup query does not execute! |
|
// This should not happen, but we better handle |
|
// this just in case. |
|
$errors[] = __('Sorry, we failed to restore the dropped event.') . '<br>' |
|
. __('The backed up query was:') |
|
. '"' . htmlspecialchars((string) $createStatement) . '"<br>' |
|
. __('MySQL said: ') . $this->dbi->getError(); |
|
|
|
return $errors; |
|
} |
|
|
|
/** |
|
* Send editor via ajax or by echoing. |
|
* |
|
* @param string $mode Editor mode 'add' or 'edit' |
|
* @param array|null $item Data necessary to create the editor |
|
* @param string $title Title of the editor |
|
* @param string $db Database |
|
* @param string $operation Operation 'change' or '' |
|
*/ |
|
private function sendEditor($mode, ?array $item, $title, $db, $operation): void |
|
{ |
|
if ($item !== null) { |
|
$editor = $this->getEditorForm($mode, $operation, $item); |
|
if ($this->response->isAjax()) { |
|
$this->response->addJSON('message', $editor); |
|
$this->response->addJSON('title', $title); |
|
} else { |
|
echo "\n\n<h2>" . $title . "</h2>\n\n" . $editor; |
|
unset($_POST); |
|
} |
|
|
|
exit; |
|
} |
|
|
|
$message = __('Error in processing request:') . ' '; |
|
$message .= sprintf( |
|
__('No event with name %1$s found in database %2$s.'), |
|
htmlspecialchars(Util::backquote($_REQUEST['item_name'])), |
|
htmlspecialchars(Util::backquote($db)) |
|
); |
|
$message = Message::error($message); |
|
if ($this->response->isAjax()) { |
|
$this->response->setRequestStatus(false); |
|
$this->response->addJSON('message', $message); |
|
exit; |
|
} |
|
|
|
echo $message->getDisplay(); |
|
} |
|
|
|
public function export(): void |
|
{ |
|
global $db; |
|
|
|
if (empty($_GET['export_item']) || empty($_GET['item_name'])) { |
|
return; |
|
} |
|
|
|
$itemName = $_GET['item_name']; |
|
$exportData = $this->dbi->getDefinition($db, 'EVENT', $itemName); |
|
|
|
if (! $exportData) { |
|
$exportData = false; |
|
} |
|
|
|
$itemName = htmlspecialchars(Util::backquote($itemName)); |
|
if ($exportData !== false) { |
|
$exportData = htmlspecialchars(trim($exportData)); |
|
$title = sprintf(__('Export of event %s'), $itemName); |
|
|
|
if ($this->response->isAjax()) { |
|
$this->response->addJSON('message', $exportData); |
|
$this->response->addJSON('title', $title); |
|
|
|
exit; |
|
} |
|
|
|
$output = '<div class="container">'; |
|
$output .= '<h2>' . $title . '</h2>'; |
|
$output .= '<div class="card"><div class="card-body">'; |
|
$output .= '<textarea rows="15" class="form-control">' . $exportData . '</textarea>'; |
|
$output .= '</div></div></div>'; |
|
|
|
$this->response->addHTML($output); |
|
|
|
return; |
|
} |
|
|
|
$message = sprintf( |
|
__('Error in processing request: No event with name %1$s found in database %2$s.'), |
|
$itemName, |
|
htmlspecialchars(Util::backquote($db)) |
|
); |
|
$message = Message::error($message); |
|
|
|
if ($this->response->isAjax()) { |
|
$this->response->setRequestStatus(false); |
|
$this->response->addJSON('message', $message); |
|
|
|
exit; |
|
} |
|
|
|
$this->response->addHTML($message->getDisplay()); |
|
} |
|
}
|
|
|