<?php/* $Id: display_create_table.lib.php,v 1.9 2006/01/19 17:12:12 lem9 Exp $ */// vim: expandtab sw=4 ts=4 sts=4:// Displays form for creating a table (if user has privileges for that)require_once('./libraries/check_user_privileges.lib.php');// for MySQL >= 4.1.0, we should be able to detect if user has a CREATE// privilege by looking at SHOW GRANTS output;// for < 4.1.0, it could be more difficult because the logic tries to// detect the current host and it might be expressed in many ways; also// on a shared server, the user might be unable to define a controluser// that has the proper rights to the "mysql" db;// so we give up and assume that user has the right to create a table//// Note: in this case we could even skip the following "foreach" logic// Addendum, 2006-01-19: ok, I give up. We got some reports about servers// where the hostname field in mysql.user is not the same as the one// in mysql.db for a user. In this case, SHOW GRANTS does not return// the db-specific privileges. And probably, those users are on a shared// server, so can't set up a control user with rights to the "mysql" db.// We cannot reliably detect the db-specific privileges, so no more// warnings about the lack of privileges for CREATE TABLE. Tested// on MySQL 5.0.18.$is_create_table_priv = true;/*if (PMA_MYSQL_INT_VERSION >= 40100) {$is_create_table_priv = false;} else {$is_create_table_priv = true;}foreach ( $dbs_where_create_table_allowed as $allowed_db ) {// if we find the exact db name, we stop hereif ($allowed_db == $db) {$is_create_table_priv = TRUE;break;}// '*' indicates a global CREATE privif ($allowed_db == '*') {$is_create_table_priv = TRUE;break;}if (ereg('%|_', $allowed_db)) {// take care of wildcards and escaped wildcards,// transforming them into regexp patterns$max_position = strlen($allowed_db) - 1;$i = 0;$pattern = '';while ($i <= $max_position) {if ($allowed_db[$i] == '\\'){if ($i < $max_position - 1 && $allowed_db[$i+1] == '_'){$chunk = '_';$i++;} elseif ($i < $max_position - 1 && $allowed_db[$i+1] == '%'){$chunk = '%';$i++;} else {$chunk = $allowed_db[$i];}} elseif ($allowed_db[$i] == '_'){$chunk = '.';} elseif ($allowed_db[$i] == '%'){$chunk = '(.)*';} else {$chunk = $allowed_db[$i];}$pattern .= $chunk;$i++;} // end whileunset($i, $max_position, $chunk);$matches = '';if (preg_match('@' .$pattern . '@i', $db, $matches)) {if ($matches[0] == $db) {$is_create_table_priv = TRUE;break;//TODO: maybe receive in $allowed_db also the db names// on which we cannot CREATE, and check them// in this foreach, because if a user is allowed to CREATE// on db foo% but forbidden on db foobar, he should not// see the Create table dialog}}}} // end foreachunset($i, $max_position, $chunk, $pattern);*/?><form method="post" action="tbl_create.php"onsubmit="return (emptyFormElements(this, 'table') && checkFormElementInRange(this, 'num_fields', '<?php echo str_replace('\'', '\\\'', $GLOBALS['strInvalidFieldCount']); ?>', 1))"><fieldset><legend><?phpif ( $GLOBALS['cfg']['PropertiesIconic'] ) {echo '<img class="icon" src="' . $pmaThemeImage . 'b_newtbl.png" width="16" height="16" alt="" />';}echo sprintf( $strCreateNewTable, PMA_getDbLink() );?></legend><?php if ( $is_create_table_priv ) { ?><?php echo PMA_generate_common_hidden_inputs( $db ); ?><div class="formelement"><?php echo $strName; ?>:<input type="text" name="table" maxlength="64" size="30" /></div><div class="formelement"><?php echo $strNumberOfFields; ?>:<input type="text" name="num_fields" size="2" /></div><div class="clearfloat"></div></fieldset><fieldset class="tblFooters"><input type="submit" value="<?php echo $strGo; ?>" /><?php } else { ?><div class="error"><?php echo $strNoPrivileges; ?></div><?php } // end if else ?></fieldset></form>