$_POST['offset'] = 0;
$offset = " OFFSET 0";
}
- $keyspos = array_combine($_POST['fkeynames'], $_POST['keys']);
- $keysnames = array_combine($_POST['fkeynames'], $_POST['keynames']);
+
+ $keynames = array();
+ foreach ($_POST['fkeynames'] as $k => $v) {
+ $fkeynames[$k] = html_entity_decode($v, ENT_QUOTES);
+ }
+
+ $keyspos = array_combine($fkeynames, $_POST['keys']);
+
+ $f_schema = html_entity_decode($_POST['f_schema'], ENT_QUOTES);
+ $data->fieldClean($f_schema);
+ $f_table = html_entity_decode($_POST['f_table'], ENT_QUOTES);
+ $data->fieldClean($f_table);
+ $f_attname = $fkeynames[$_POST['fattpos'][0]];
+ $data->fieldClean($f_attname);
$q = "SELECT *
- FROM \"{$_POST['f_schema']}\".\"{$_POST['f_table']}\"
- WHERE \"{$_POST['fkeynames'][$_POST['fattpos']]}\"::text LIKE '{$_POST['fvalue']}%'
- ORDER BY \"{$_POST['fkeynames'][$_POST['fattpos']]}\" LIMIT 12 {$offset};";
+ FROM \"{$f_schema}\".\"{$f_table}\"
+ WHERE \"{$f_attname}\"::text LIKE '{$_POST['fvalue']}%'
+ ORDER BY \"{$f_attname}\" LIMIT 12 {$offset};";
$res = $data->selectSet($q);
foreach (array_keys($res->fields) as $h) {
echo '<th>';
- if (in_array($h,$_POST['fkeynames']))
+ if (in_array($h, $fkeynames))
echo '<img src="'. $misc->icon('ForeignKey') .'" alt="[referenced key]" />';
echo htmlentities($h), '</th>';
while ((!$res->EOF) && ($i < 11)) {
echo "<tr class=\"acline\">";
foreach ($res->fields as $n => $v) {
- if (in_array($n,$_POST['fkeynames']))
+ if (in_array($n, $fkeynames))
echo "<td><a href=\"javascript:void(0)\" class=\"fkval\" name=\"{$keyspos[$n]}\">",htmlentities($v), "</a></td>";
else
echo "<td><a href=\"javascript:void(0)\">", htmlentities($v), "</a></td>";
echo $js ."</script>";
}
else {
- printf("<p>{$lang['strnofkref']}</p>", "\"{$_POST['f_schema']}\".\"{$_POST['f_table']}\".\"{$_POST['fkeynames'][$_POST['fattpos']]}\"");
+ printf("<p>{$lang['strnofkref']}</p>", "\"{$_POST['f_schema']}\".\"{$_POST['f_table']}\".\"{$fkeynames[$_POST['fattpos']]}\"");
if ($_POST['offset'])
echo "<a href=\"javascript:void(0)\" class=\"fkprev\">Prev <<</a>";
echo "</td></tr></table>\n";
}
+ /**
+ * returns an array representing FKs definition for a table, sorted by fields
+ * or by constraint.
+ * @param $table The table to retrieve FK contraints from
+ * @returns the array of FK definition:
+ * array(
+ * 'byconstr' => array(
+ * constrain id => array(
+ * confrelid => foreign relation oid
+ * f_schema => foreign schema name
+ * f_table => foreign table name
+ * pattnums => array of parent's fields nums
+ * pattnames => array of parent's fields names
+ * fattnames => array of foreign attributes names
+ * )
+ * ),
+ * 'byfield' => array(
+ * attribute num => array (constraint id, ...)
+ * ),
+ * 'code' => HTML/js code to include in the page for auto-completion
+ * )
+ **/
function getAutocompleteFKProperties($table) {
global $data;
if (!isset($fksprops['byfield'][$constrs->fields['p_attnum']]))
$fksprops['byfield'][$constrs->fields['p_attnum']] = array();
- $fksprops['byfield'][$constrs->fields['p_attnum']] = $constrs->fields['conid'];
+ $fksprops['byfield'][$constrs->fields['p_attnum']][] = $constrs->fields['conid'];
}
$constrs->moveNext();
}
foreach ($fksprops['byconstr'] as $conid => $props) {
$fksprops['code'] .= "constrs.constr_{$conid} = {\n";
$fksprops['code'] .= 'pattnums: ['. implode(',',$props['pattnums']) ."],\n";
- $fksprops['code'] .= "f_table:\"". htmlentities($props['f_table']) ."\",\n";
- $fksprops['code'] .= "f_schema:\"". htmlentities($props['f_schema']) ."\",\n";
+ $fksprops['code'] .= "f_table:'". addslashes(htmlentities($props['f_table'], ENT_QUOTES)) ."',\n";
+ $fksprops['code'] .= "f_schema:'". addslashes(htmlentities($props['f_schema'], ENT_QUOTES)) ."',\n";
$_ = '';
foreach ($props['pattnames'] as $n) {
$_ .= ",'". htmlentities($n, ENT_QUOTES) ."'";
$fksprops['code'] .= "var attrs = {};\n";
foreach ($fksprops['byfield'] as $attnum => $cstrs ) {
- $fksprops['code'] .= "attrs.attr_{$attnum} = {$fksprops['byfield'][$attnum]};\n";
+ $fksprops['code'] .= "attrs.attr_{$attnum} = [". implode(',', $fksprops['byfield'][$attnum]) ."];\n";
}
- $fksprops['code'] .= "var table='". htmlentities($_REQUEST['table']) ."';";
+ $fksprops['code'] .= "var table='". addslashes(htmlentities($table, ENT_QUOTES)) ."';";
$fksprops['code'] .= "var server='". htmlentities($_REQUEST['server']) ."';";
- $fksprops['code'] .= "var database='". htmlentities($_REQUEST['database']) ."';";
+ $fksprops['code'] .= "var database='". addslashes(htmlentities($_REQUEST['database'], ENT_QUOTES)) ."';";
$fksprops['code'] .= "</script>\n";
$fksprops['code'] .= '<div id="fkbg"></div>';
projects / phppgadmin.git / commitdiff