huasofoundries / phppgadmin6 Goto Github PK

Hello,

I am using you version of phpPgAdmin, and after the creation of the .htaccess rule, I am testing it.

I am using php 5.8 with wampserver (on windows) and the refresh button, that is using a call on /tree/browser will replace the left menu with a page not found error.

Since version beta.17, loading a view in the detail iframe doesn't reload the contents of the browser iframe.

This happens because Misc::printFooter method was moved to HelperTrait::printFooter, in which browser reloading is conditioned to a private member variable $_reload_browser of class Misc.

I want to export a table, use SQL fromat, but the result is empty. The CSV is ok。

Since most (if not every) controller calls $misc->printHeader with its translated title, every controller should declare said title as an instance property, so every call to printHeader looks the same across the App.

Same goes for table place for $misc->printTable and other attributes that should be declared on top of every controller.

This would also result in less code repetition.

Order of methods of controller classes should be:

1. __construct
2. render
3. doDefault
4. 'doTree`
5. doSubTree

(obviously, of one or more of these are not declared in the class, they are skipped)

Then every other method present in the class.

The main phppgadmin repository appears long-abandoned:

phppgadmin/phppgadmin#35

Would the maintainers of this fork be interested in rebranding into a new product?

This speaks for itself. PG 9.5 has support for more features than its predecessors. We should update the help files.

Instead of displaying a main view containing two iframes (browser and details), the main view should be the one printed by the controlled, whereas browser iframe should be appended to it.

The request lifecycle should either return a PSR7 compliant response, or throw an exception.

Echoing and exit makes it impossible to trace some requests.

Currently, index creation only offers

• BTREE
• RTREE
• GIN
• GIST
• HASH

BRIN indexes are supported since PG 9.5. Version detection should be used to offer this kind of index.

When issuing certain SELECT queries through phpPgAdmin that contain COALESCE, NULL results are displayed instead of the value(s) that COALESCE actually returned. I suspect that phpPgAdmin is wrapping client queries in some way behind the scenes even though "Paginate results" is not checked. Proof-of-concept examples are below. Both of these return 0 when using the psql client, but NULL is displayed in phpPgAdmin. The PostgreSQL developers confirmed this is not a problem with the database server nor client.

WITH test_cte AS (SELECT 1 AS id, 2 AS qty)
SELECT COALESCE(SUM(qty), 0) FROM test_cte WHERE id=2;

WITH test_cte AS (SELECT 1 AS id, 2 AS qty)
SELECT COALESCE((SELECT SUM(qty) FROM test_cte WHERE id=2), 0);

Instead we should discriminate $_GET and $_POST variables between themselves, and retrieve their values from the container $request object.

Slim already provides a sanitized $request object so you don't need to expose yourself to superglobals.

After editing one row from display->subject->table the user is presented with a non-highlighted textarea
Also the submit button should be also presented on top to avoid making the user scroll to the end of the page

Some methods (most of them) echo their own html, regardless of what's happening with the request lifecycle.

Instead they should return the html or, better yet, the view parameters needed to render the proper twig template. They should leave the job of printing html to the $app container.

Currently, including an endpoint would probably result in it printing its header and body without asking.

Every call to HTML printing methods should be called from a controller method, which in turn should be called from inside a route.

A WIP of materialized views endpoint has been added in v6.0.0-alpha3, but it still treats them as regular views.

At the very least we need to be able to call refresh. I'm sure there's a lot more to add to its controller.

I tried some few links (schema, databse, views and M views) they all want to open a .html help file in the src folder.

For the database help link it wants to open the src/views/ddl-schemas.html file, but in the src/views folder there are only .php files, and no ddl* file either.

When using extension postgres_fdw you can mount a table from another database on a table on your own database.

You can also mount a schema from another database into a schema of your own.

However, phppgadmin doesn't display these tables. Perhaps there should be an extra tab displaying foreign tables when extension postgres_fdw is present on the system?

Right now the configuration file is using php with nested array, this makes it hard to do automated installation / vm provisionning:

cp /usr/share/php-pg-admin-6/{config.inc.php-dist,config.inc.php}
sed -r -i "s/\\\$conf\['servers'\]\[0\]\['defaultdb'\] = 'template1';/\\\$conf\['servers'\]\[0\]\['defaultdb'\] = '${DB_NAME}';/g" /usr/share/php-pg-admin-6/config.inc.php

Would you consider using a format that is easier to manage like yml?

Comboboxes don't need to be rendered in PHP, there are several libraries that can do it in the browser, thus simplifiying the app backend code.

Same goes for most nested HTML rendering.

When emptying a table using the phpPgAdmin 6 UI, a DELETE query is sent to the server. This can be very slow since each record is evaluated and deleted individually. I suggest replacing this with a TRUNCATE query instead.

Instead of declaring global scoped functions just to use them as a callback, (calling their name as a string), we can declare a variable containing a closure and pass that variable as the callback parameter.

This leads to less global functions to debug, if need arises.

Currently, being logged into a server will prevent login to any other server unless you logout from the current one first.

Since serverinfo is managed separately for each server, this should be honored to be able to log into multiple servers.

Instead we should discriminate $_GET and $_POST variables between themselves, and retrieve their values from the container $request object.

Besides the initial bootstrapping sequence, which knows beforehand what scripts it will include, there shoulnd't be any conditional include {file.php} inside rendering methods of the app.

It's very hard to follow the request lifecycle when there are things like:

include 'display.php';
exit;

Because whatever happens inside the included script could depend on the $_REQUEST superglobal, which in turn can be manipulated before the inclusion.

We're already using Twig for some templates, but most of printed html is entangled in between PHP.

Yeah, I know, PHP is a templating engine, but this, for example:

echo "\t<option value=\"COLUMN\"", ($_REQUEST['filter'] == 'COLUMN') ? ' selected="selected"' : '', ">{$lang['strcolumns']}</option>\n";
        echo "\t<option value=\"RULE\"", ($_REQUEST['filter'] == 'RULE') ? ' selected="selected"' : '', ">{$lang['strrules']}</option>\n";

could be much more intuitive if we took the time to transform it to a twig template.

Or this

echo "<table>\n";
        echo "\t<tr>\n\t\t<th class=\"data left required\" style=\"width: 130px\">{$lang['strname']}</th>\n";
        echo "\t\t<td class=\"data1\"><input size=\"15\" maxlength=\"{$data->_maxNameLen}\" name=\"formRolename\" value=\"", htmlspecialchars($_POST['formRolename']), "\" /></td>\n\t</tr>\n";
        echo "\t<tr>\n\t\t<th class=\"data left\">{$lang['strpassword']}</th>\n";
        echo "\t\t<td class=\"data1\"><input size=\"15\" type=\"password\" name=\"formPassword\" value=\"", htmlspecialchars($_POST['formPassword']), "\" /></td>\n\t</tr>\n";
        echo "\t<tr>\n\t\t<th class=\"data left\">{$lang['strconfirm']}</th>\n";
        echo "\t\t<td class=\"data1\"><input size=\"15\" type=\"password\" name=\"formConfirm\" value=\"", htmlspecialchars($_POST['formConfirm']), "\" /></td>\n\t</tr>\n";
        echo "\t<tr>\n\t\t<th class=\"data left\"><label for=\"formSuper\">{$lang['strsuper']}</label></th>\n";
        echo "\t\t<td class=\"data1\"><input type=\"checkbox\" id=\"formSuper\" name=\"formSuper\"",
        (isset($_POST['formSuper'])) ? ' checked="checked"' : '', " /></td>\n\t</tr>\n";

it looks like pasting unsanitized request vars right in the HTML might break something, someday.

we could send SQL queries (such as the queries we write in the popup dialog) through ajax, obtain the transaction id, and be able to cancel if it turns to freeze the DB.

(however, there's still the limitation regarding the way that PHP will try to use the same connection to kill a deadlock, which is useless).

Ajax queries, receiving ajax json responses could in turn open the door to actions that do not need you to reload the frame.

I am getting this warning when I run composer update after downloading the zipball:

package raveren/kint is abandoned, you should avoid using it. Use kint-php/kint instead.

Shouldn't we update? Are there any issues?

There are several html string in the controllers using double quotes.
Some of them begin or end with "\n". This newline character must use double quotes, so the solution would be to transform

$html = "This is a sentence \n";

to

$html = 'This is a sentence ' . "\n";

Eventually, this would help to get rid of unnecesary double quotes.

hello

using PHP 7 or 7.1 I am getting errors such as the one below, I guess it is not normal and unexpected to call the given class. Any suggestions on this perhaps?

thank you

Slim Application Error

The application could not run because of the following error:
Details
Type: Error
Message: Class '\PHPPgAdmin\Database-3' not found
File: /www/phppgadmin/src/classes/Misc.php
Line: 146
Trace

#0 /www/phppgadmin/index.php(36): PHPPgAdmin\Misc->getDatabaseAccessor()
#1 [internal function]: Closure->{closure}(Object(Slim\Http\Request), Object(Slim\Http\Response), Array)
#2 /www/phppgadmin/vendor/slim/slim/Slim/Handlers/Strategies/RequestResponse.php(41): call_user_func(Object(Closure), Object(Slim\Http\Request), Object(Slim\Http\Response), Array)
#3 /www/phppgadmin/vendor/slim/slim/Slim/Route.php(344): Slim\Handlers\Strategies\RequestResponse->__invoke(Object(Closure), Object(Slim\Http\Request), Object(Slim\Http\Response), Array)
#4 /www/phppgadmin/vendor/slim/slim/Slim/MiddlewareAwareTrait.php(116): Slim\Route->__invoke(Object(Slim\Http\Request), Object(Slim\Http\Response))
#5 /www/phppgadmin/vendor/slim/slim/Slim/Route.php(316): Slim\Route->callMiddlewareStack(Object(Slim\Http\Request), Object(Slim\Http\Response))
#6 /www/phppgadmin/vendor/slim/slim/Slim/App.php(438): Slim\Route->run(Object(Slim\Http\Request), Object(Slim\Http\Response))
#7 /www/phppgadmin/vendor/slim/slim/Slim/MiddlewareAwareTrait.php(116): Slim\App->__invoke(Object(Slim\Http\Request), Object(Slim\Http\Response))
#8 /www/phppgadmin/vendor/slim/slim/Slim/App.php(332): Slim\App->callMiddlewareStack(Object(Slim\Http\Request), Object(Slim\Http\Response))
#9 /www/phppgadmin/vendor/slim/slim/Slim/App.php(293): Slim\App->process(Object(Slim\Http\Request), Object(Slim\Http\Response))
#10 /www/phppgadmin/index.php(137): Slim\App->run()
#11 {main}

The Misc class has several methods whose purpose is to iterate, traverse and render html components.

Some of these methods should be grouped in separate classes, in which it's clear what's its responsibility. A class for tables, another for tabs, another for trees, etc.

Also this allows to declare most of the middle-methods as private, exposing just what you are meant to interact with from the outside.

Example: c35810cd97142c3078527bed2f8728dec3ea3c45/src/controllers/HTMLTableController.php

Liking what you're doing with phppgadmin, considering how dead upstream is

However, it appears that in your changes you've made it so that you can no longer use phppgadmin in a subdirectory, e.g. example.com/phppgadmin . This appears to be because of hardcoded / at the beginning of all filepaths.

Would be excellent if you could restore this ability :)

Beta 34 and 35 do not work at all for me. The navigation and primary frames appear empty. There is a 500 server error returned when attempting to load intro.php, which does not appear to be coming from apache. Issue #122 was never resolved and beta 35 made it worse. beta 33 still works normally.

The tree displayed on the browser template uses xloadtree2 and xtree2, which dates from 2005.

More modern approaches do exist in the js ecosystem. However, they are mostly json based. This means that, besides replacing the library itself, we'd need to change the way TreeController parses and delivers the information of each other controller to XloadTree.

The latter shouldn't be that hard, really. After all, there is only one method that parses each entity recordset and traverses it transforming its properties to XML. Most of this is done manually via concatenation of strings plus an xml header. It should be trivial to change this to a JSON representation with json headers.

Perhaps JMSSerializer (already present in the project) should be used for this.

After upgrading from beta 30 to 33, no "leaf" nodes are shown in the navigation sidebar. When expanding any menu (ie. Tables), only a single entry called "Tree Item" is listed. Furthermore, when clicking on any branch header (ie. public schema), phpPgAdmin attempts to display the "template1" database, which contains no objects. Navigation using the sidebar tree is not usable in its present state.

We should use Slim to render the proper result for requests, specially because at this point the controller methods are exposed to all verbs.

This would allow proper isolation of destructive methods vs read_only methods.

Views are assuming default theme or no theme at all, due to the fact that $container->conf is a frozen service and you cannot override its keys. Therefore, overwriting $conf['theme'] has no effect whatsoever.

Usage of php closing tags is optional and, for some people, just a style choice. However, we have a few files with closing tags that do have blank spaces or line breaks after the closing tag, which leads to undesired echoing, which in turn may prevent headers, cookies and session vars to work as expected.

You can use PSR4 autoloader to call the static method of a class without needing to include its script beforehand, whereas, if you use procedural, global functions, you need to specifically include the needed file.

It is not evident for the reader where a global function might have been declared.

Currently, you can see and operate on existing indexes, but not create new ones as fields do not display on the selector.

Hello,

I found your fork from the official phpPgAdmin github, and wanted to try your fork as I need a version compatible with PG 9.6.

But I can't make it works, as the /tree/* or /redirect/* urls don't work. I found that the index.php have function that will process these 'virtual' path.

But to make the url forwarded to index.php, the web server need to have instructions on how to do so.
For apache, the .htaccess file must be created with the good content.

As you don't seems to provide any .htaccess file, and that file like install are not up to date, I think you could provide a basic rewrite url .htaccess file.

Thanks.

Congrats on the hard fork - the right thing to do..

I use the excellent PHP inspections plugin for phpstorm (https://plugins.jetbrains.com/plugin/7622-php-inspections-ea-extended-) which runs a large number of coding standards / code quality tests. It is throwing up a large number of issues - many of which I think I can fix. For example, PHPDoc definitions would be good throughout the project.

Shall I just fix those I think would be useful and submit PR - or do you want an issue ticket for each?

Instead of returning just the status of the executed query, the user should be presented with
a message containing the executed sentence.

An example of this can be seen in Postgres::alterColumn

In ColPropertyController::doAlter, this is the actual behavior.

Before:

column altered

After

ALTER COLUMN "my_column" TYPE bigint
column altered

It should be replicated for the rest of the database executed sentences.

When attempting to browse any table that does not use OIDs, the following error prevents results from being displayed. The auto-generated select query attempts to retrieve column "oid", which does not exist. This did not happen with older betas.

ERROR: column "oid" does not exist

Hello,

I am trying to use your phpPgAdmin with wampserver (php v5.8) and after using the .htaccess file for Slim server, the login button will leave me with a blank page and this error log trace :

[Mon Jan 30 06:29:12 2017] PHP Fatal error: Call to a member function getContainer() on null in C:\rdd\programs\phppgadmin\htdocs\src\classes\Misc.php on line 197

I can help for testing if you need.

In this beta release I've sidestepped everything related to plugin hooks. We should be enabling them and testing them before RC1.

Every global variable should be provided by the container or misc.

Instead of manually including help scripts into the classes under the namespace PHPPgAdmin\Database using method getHelpPages() this should be refactored to make help pages a collection of classes, each one inheriting from the former version.

Method getHelpPages() should instance the matching class corresponding to the version number, and get its help_page member variable using a getter of that instance.