The branch, master has been updated
via d84d51c77552bd166c03dcb6a1623f93952ad058 (commit)
via 667cf67954c44facf978660f5fa7b9ed5c2b1b89 (commit)
via 09e74a94150d84ba0014f7455446383311c6d190 (commit)
from f57faf6b58702ad09e6c333fd927778fb6af1e41 (commit)
- Log -----------------------------------------------------------------
commit d84d51c77552bd166c03dcb6a1623f93952ad058
Author: Piotr Przybylski <[email protected]>
Date: Thu Jul 14 00:05:58 2011 +0200
Fix XML export so it actually can export table structure
More escaping fixes
commit 667cf67954c44facf978660f5fa7b9ed5c2b1b89
Author: Piotr Przybylski <[email protected]>
Date: Wed Jul 13 23:42:29 2011 +0200
Better escaping in XML export
Note: it's still incorrect
commit 09e74a94150d84ba0014f7455446383311c6d190
Author: Piotr Przybylski <[email protected]>
Date: Wed Jul 13 23:40:58 2011 +0200
Improve readability of XML export code
-----------------------------------------------------------------------
Summary of changes:
libraries/export/xml.php | 42 ++++++++++++++++++++----------------------
1 files changed, 20 insertions(+), 22 deletions(-)
diff --git a/libraries/export/xml.php b/libraries/export/xml.php
index 2665051..85bab5f 100644
--- a/libraries/export/xml.php
+++ b/libraries/export/xml.php
@@ -71,13 +71,14 @@ function PMA_exportFooter() {
function PMA_exportHeader() {
global $crlf;
global $cfg;
- global $what;
global $db;
global $table;
global $tables;
- $export_struct = isset($GLOBALS[$what . '_export_struc']) ? true : false;
- $export_data = isset($GLOBALS[$what . '_export_contents']) ? true : false;
+ $export_struct = isset($GLOBALS['xml_export_functions']) ||
isset($GLOBALS['xml_export_procedures'])
+ || isset($GLOBALS['xml_export_tables']) ||
isset($GLOBALS['xml_export_triggers'])
+ || isset($GLOBALS['xml_export_views']);
+ $export_data = isset($GLOBALS['xml_export_contents']) ? true : false;
if ($GLOBALS['output_charset_conversion']) {
$charset = $GLOBALS['charset_of_file'];
@@ -112,7 +113,7 @@ function PMA_exportHeader() {
$head .= ' - Structure schemas' . $crlf;
$head .= ' -->' . $crlf;
$head .= ' <pma:structure_schemas>' . $crlf;
- $head .= ' <pma:database name="' . $db . '" collation="' .
$db_collation . '" charset="' . $db_charset . '">' . $crlf;
+ $head .= ' <pma:database name="' . htmlspecialchars($db) . '"
collation="' . $db_collation . '" charset="' . $db_charset . '">' . $crlf;
if (count($tables) == 0) {
$tables[] = $table;
@@ -131,23 +132,23 @@ function PMA_exportHeader() {
$type = 'table';
}
- if ($is_view && ! isset($GLOBALS[$what . '_export_views'])) {
+ if ($is_view && ! isset($GLOBALS['xml_export_views'])) {
continue;
}
- if (! $is_view && ! isset($GLOBALS[$what . '_export_tables'])) {
+ if (! $is_view && ! isset($GLOBALS['xml_export_tables'])) {
continue;
}
$head .= ' <pma:' . $type . ' name="' . $table . '">' .
$crlf;
- $tbl = " " . $tbl;
+ $tbl = " " . htmlspecialchars($tbl);
$tbl = str_replace("\n", "\n ", $tbl);
$head .= $tbl . ';' . $crlf;
$head .= ' </pma:' . $type . '>' . $crlf;
- if (isset($GLOBALS[$what . '_export_triggers']) && $GLOBALS[$what
. '_export_triggers']) {
+ if (isset($GLOBALS['xml_export_triggers']) &&
$GLOBALS['xml_export_triggers']) {
// Export triggers
$triggers = PMA_DBI_get_triggers($db, $table);
if ($triggers) {
@@ -157,7 +158,7 @@ function PMA_exportHeader() {
// Do some formatting
$code = substr(rtrim($code), 0, -3);
- $code = " " . $code;
+ $code = " " . htmlspecialchars($code);
$code = str_replace("\n", "\n ", $code);
$head .= $code . $crlf;
@@ -170,7 +171,7 @@ function PMA_exportHeader() {
}
}
- if (isset($GLOBALS[$what . '_export_functions']) && $GLOBALS[$what .
'_export_functions']) {
+ if (isset($GLOBALS['xml_export_functions']) &&
$GLOBALS['xml_export_functions']) {
// Export functions
$functions = PMA_DBI_get_procedures_or_functions($db, 'FUNCTION');
if ($functions) {
@@ -180,7 +181,7 @@ function PMA_exportHeader() {
// Do some formatting
$sql = PMA_DBI_get_definition($db, 'FUNCTION', $function);
$sql = rtrim($sql);
- $sql = " " . $sql;
+ $sql = " " . htmlspecialchars($sql);
$sql = str_replace("\n", "\n ", $sql);
$head .= $sql . $crlf;
@@ -193,7 +194,7 @@ function PMA_exportHeader() {
}
}
- if (isset($GLOBALS[$what . '_export_procedures']) && $GLOBALS[$what .
'_export_procedures']) {
+ if (isset($GLOBALS['xml_export_procedures']) &&
$GLOBALS['xml_export_procedures']) {
// Export procedures
$procedures = PMA_DBI_get_procedures_or_functions($db,
'PROCEDURE');
if ($procedures) {
@@ -203,7 +204,7 @@ function PMA_exportHeader() {
// Do some formatting
$sql = PMA_DBI_get_definition($db, 'PROCEDURE',
$procedure);
$sql = rtrim($sql);
- $sql = " " . $sql;
+ $sql = " " . htmlspecialchars($sql);
$sql = str_replace("\n", "\n ", $sql);
$head .= $sql . $crlf;
@@ -239,13 +240,12 @@ function PMA_exportHeader() {
*/
function PMA_exportDBHeader($db) {
global $crlf;
- global $what;
- if (isset($GLOBALS[$what . '_export_contents']) && $GLOBALS[$what .
'_export_contents']) {
+ if (isset($GLOBALS['xml_export_contents']) &&
$GLOBALS['xml_export_contents']) {
$head = ' <!--' . $crlf
. ' - ' . __('Database') . ': ' .
(isset($GLOBALS['use_backquotes']) ? PMA_backquote($db) : '\'' . $db . '\'').
$crlf
. ' -->' . $crlf
- . ' <database name="' . $db . '">' . $crlf;
+ . ' <database name="' . htmlspecialchars($db) . '">' . $crlf;
return PMA_exportOutputHandler($head);
}
@@ -265,9 +265,8 @@ function PMA_exportDBHeader($db) {
*/
function PMA_exportDBFooter($db) {
global $crlf;
- global $what;
- if (isset($GLOBALS[$what . '_export_contents']) && $GLOBALS[$what .
'_export_contents']) {
+ if (isset($GLOBALS['xml_export_contents']) &&
$GLOBALS['xml_export_contents']) {
return PMA_exportOutputHandler(' </database>' . $crlf);
}
else
@@ -301,12 +300,11 @@ function PMA_exportDBCreate($db) {
* @access public
*/
function PMA_exportData($db, $table, $crlf, $error_url, $sql_query) {
- global $what;
-
- if (isset($GLOBALS[$what . '_export_contents']) && $GLOBALS[$what .
'_export_contents']) {
+ if (isset($GLOBALS['xml_export_contents']) &&
$GLOBALS['xml_export_contents']) {
$result = PMA_DBI_query($sql_query, null,
PMA_DBI_QUERY_UNBUFFERED);
$columns_cnt = PMA_DBI_num_fields($result);
+ $columns = array();
for ($i = 0; $i < $columns_cnt; $i++) {
$columns[$i] = stripslashes(str_replace(' ', '_',
PMA_DBI_field_name($result, $i)));
}
@@ -324,7 +322,7 @@ function PMA_exportData($db, $table, $crlf, $error_url,
$sql_query) {
if (!isset($record[$i]) || is_null($record[$i])) {
$record[$i] = 'NULL';
}
- $buffer .= ' <column name="' . $columns[$i] . '">'
. htmlspecialchars((string)$record[$i])
+ $buffer .= ' <column name="' .
htmlspecialchars($columns[$i]) . '">' . htmlspecialchars((string)$record[$i])
. '</column>' . $crlf;
}
$buffer .= ' </table>' . $crlf;
hooks/post-receive
--
phpMyAdmin
------------------------------------------------------------------------------
AppSumo Presents a FREE Video for the SourceForge Community by Eric
Ries, the creator of the Lean Startup Methodology on "Lean Startup
Secrets Revealed." This video shows you how to validate your ideas,
optimize your ideas and identify your business strategy.
http://p.sf.net/sfu/appsumosfdev2dev
_______________________________________________
Phpmyadmin-git mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-git
