list($key) = explode(":", $val);
$permanent[$key] = $val;
}
}
if (isset($_POST["server"])) {
session_regenerate_id();
// defense against session fixation
$_SESSION["pwds"][$_POST["driver"]][$_POST["server"]][$_POST["username"]] = $_POST["password"];
if ($_POST["permanent"]) {
$key = base64_encode($_POST["driver"]) . "-" . base64_encode($_POST["server"]) . "-" . base64_encode($_POST["username"]);
$private = $adminer->permanentLogin();
$permanent[$key] = "{$key}:" . base64_encode($private ? encrypt_string($_POST["password"], $private) : "");
cookie("adminer_permanent", implode(" ", $permanent));
}
if (count($_POST) == ($_POST["permanent"] ? 5 : 4) || DRIVER != $_POST["driver"] || SERVER != $_POST["server"] || $_GET["username"] !== $_POST["username"]) {
redirect(auth_url($_POST["driver"], $_POST["server"], $_POST["username"]));
}
} elseif ($_POST["logout"]) {
if ($token && $_POST["token"] != $token) {
page_header(lang('Logout'), lang('Invalid CSRF token. Send the form again.'));
page_footer("db");
exit;
} else {
foreach (array("pwds", "dbs", "queries") as $key) {
set_session($key, null);
}
$key = base64_encode(DRIVER) . "-" . base64_encode(SERVER) . "-" . base64_encode($_GET["username"]);
if ($permanent[$key]) {
unset($permanent[$key]);
cookie("adminer_permanent", implode(" ", $permanent));
}
/** Prints navigation after Adminer title
* @param string can be "auth" if there is no database connection, "db" if there is no database selected, "ns" with invalid schema
* @return null
*/
function navigation($missing)
{
global $VERSION, $jush, $drivers, $connection;
?>
<h1>
<?php
echo $this->name();
?>
<span class="version"><?php
echo $VERSION;
?>
</span>
<a href="http://www.adminer.org/#download" target="_blank" id="version"><?php
echo version_compare($VERSION, $_COOKIE["adminer_version"]) < 0 ? h($_COOKIE["adminer_version"]) : "";
?>
</a>
</h1>
<?php
if ($missing == "auth") {
$first = true;
foreach ((array) $_SESSION["pwds"] as $vendor => $servers) {
foreach ($servers as $server => $usernames) {
foreach ($usernames as $username => $password) {
if ($password !== null) {
if ($first) {
echo "<p id='logins' onmouseover='menuOver(this, event);' onmouseout='menuOut(this);'>\n";
$first = false;
}
$dbs = $_SESSION["db"][$vendor][$server][$username];
foreach ($dbs ? array_keys($dbs) : array("") as $db) {
echo "<a href='" . h(auth_url($vendor, $server, $username, $db)) . "'>({$drivers[$vendor]}) " . h($username . ($server != "" ? "@{$server}" : "") . ($db != "" ? " - {$db}" : "")) . "</a><br>\n";
}
}
}
}
}
} else {
if ($_GET["ns"] !== "" && !$missing && DB != "") {
$connection->select_db(DB);
$tables = table_status('', true);
}
if (support("sql")) {
?>
<script type="text/javascript" src="../externals/jush/modules/jush.js"></script>
<script type="text/javascript" src="../externals/jush/modules/jush-textarea.js"></script>
<script type="text/javascript" src="../externals/jush/modules/jush-txt.js"></script>
<script type="text/javascript" src="../externals/jush/modules/jush-<?php
echo $jush;
?>
.js"></script>
<script type="text/javascript">
<?php
if ($tables) {
$links = array();
foreach ($tables as $table => $type) {
$links[] = preg_quote($table, '/');
}
echo "var jushLinks = { {$jush}: [ '" . js_escape(ME) . (support("table") ? "table=" : "select=") . "\$&', /\\b(" . implode("|", $links) . ")\\b/g ] };\n";
foreach (array("bac", "bra", "sqlite_quo", "mssql_bra") as $val) {
echo "jushLinks.{$val} = jushLinks.{$jush};\n";
}
}
?>
bodyLoad('<?php
echo is_object($connection) ? substr($connection->server_info, 0, 3) : "";
?>
');
</script>
<?php
}
$this->databasesPrint($missing);
if (DB == "" || !$missing) {
echo "<p class='links'>" . (support("sql") ? "<a href='" . h(ME) . "sql='" . bold(isset($_GET["sql"]) && !isset($_GET["import"])) . ">" . lang('SQL command') . "</a>\n<a href='" . h(ME) . "import='" . bold(isset($_GET["import"])) . ">" . lang('Import') . "</a>\n" : "") . "";
if (support("dump")) {
echo "<a href='" . h(ME) . "dump=" . urlencode(isset($_GET["table"]) ? $_GET["table"] : $_GET["select"]) . "' id='dump'" . bold(isset($_GET["dump"])) . ">" . lang('Export') . "</a>\n";
}
}
if ($_GET["ns"] !== "" && !$missing && DB != "") {
echo '<a href="' . h(ME) . 'create="' . bold($_GET["create"] === "") . ">" . lang('Create table') . "</a>\n";
if (!$tables) {
echo "<p class='message'>" . lang('No tables.') . "\n";
} else {
$this->tablesPrint($tables);
}
}
}
}
// defense against session fixation
$vendor = $auth["driver"];
$server = $auth["server"];
$username = $auth["username"];
$password = (string) $auth["password"];
$db = $auth["db"];
set_password($vendor, $server, $username, $password);
$_SESSION["db"][$vendor][$server][$username][$db] = true;
if ($auth["permanent"]) {
$key = base64_encode($vendor) . "-" . base64_encode($server) . "-" . base64_encode($username) . "-" . base64_encode($db);
$private = $adminer->permanentLogin(true);
$permanent[$key] = "{$key}:" . base64_encode($private ? encrypt_string($password, $private) : "");
cookie("adminer_permanent", implode(" ", $permanent));
}
if (count($_POST) == 1 || DRIVER != $vendor || SERVER != $server || $_GET["username"] !== $username || DB != $db) {
redirect(auth_url($vendor, $server, $username, $db));
}
} elseif ($_POST["logout"]) {
if ($has_token && !verify_token()) {
page_header(lang('Logout'), lang('Invalid CSRF token. Send the form again.'));
page_footer("db");
exit;
} else {
foreach (array("pwds", "db", "dbs", "queries") as $key) {
set_session($key, null);
}
unset_permanent();
redirect(substr(preg_replace('~\\b(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
}
} elseif ($permanent && !$_SESSION["pwds"]) {
session_regenerate_id();
/** Prints navigation after Adminer title
* @param string can be "auth" if there is no database connection, "db" if there is no database selected, "ns" with invalid schema
* @return null
*/
function navigation($missing)
{
global $VERSION, $jush, $drivers, $connection;
?>
<!-- ACERCA DE -->
<div class='well well-sm well-info' align=center>
<?php
echo $this->name();
?>
<span class="version"><?php
echo $VERSION;
?>
</span>
<?php
switch_lang();
?>
</div>
<?php
if ($missing == "auth") {
$first = true;
foreach ((array) $_SESSION["pwds"] as $vendor => $servers) {
foreach ($servers as $server => $usernames) {
foreach ($usernames as $username => $password) {
if ($password !== null) {
if ($first) {
echo "<p id='logins' onmouseover='menuOver(this, event);' onmouseout='menuOut(this);'>\n";
$first = false;
}
$dbs = $_SESSION["db"][$vendor][$server][$username];
foreach ($dbs ? array_keys($dbs) : array("") as $db) {
echo "<a href='" . h(auth_url($vendor, $server, $username, $db)) . "'>({$drivers[$vendor]}) " . h($username . ($server != "" ? "@{$server}" : "") . ($db != "" ? " - {$db}" : "")) . "</a><br>\n";
}
}
}
}
}
} else {
if ($_GET["ns"] !== "" && !$missing && DB != "") {
$connection->select_db(DB);
$tables = table_status('', true);
}
if (support("sql")) {
?>
<script type="text/javascript" src="../externals/jush/modules/jush.js"></script>
<script type="text/javascript" src="../externals/jush/modules/jush-textarea.js"></script>
<script type="text/javascript" src="../externals/jush/modules/jush-txt.js"></script>
<script type="text/javascript" src="../externals/jush/modules/jush-<?php
echo $jush;
?>
.js"></script>
<script type="text/javascript">
<?php
if ($tables) {
$links = array();
foreach ($tables as $table => $type) {
$links[] = preg_quote($table, '/');
}
echo "var jushLinks = { {$jush}: [ '" . js_escape(ME) . (support("table") ? "table=" : "select=") . "\$&', /\\b(" . implode("|", $links) . ")\\b/g ] };\n";
foreach (array("bac", "bra", "sqlite_quo", "mssql_bra") as $val) {
echo "jushLinks.{$val} = jushLinks.{$jush};\n";
}
}
?>
bodyLoad('<?php
echo is_object($connection) ? substr($connection->server_info, 0, 3) : "";
?>
');
</script>
<?php
}
echo "<div align=center>";
$this->databasesPrint($missing);
echo "<br>";
if (DB == "" || !$missing) {
echo (support("sql") ? "\n\t\t\t\t\t\t\t<a href='" . h(ME) . "sql='" . bold(isset($_GET["sql"]) && !isset($_GET["import"])) . " class='btn btn-info btn-xs'><i class='fa fa-terminal fa-fw'></i> " . lang('SQL command') . "</a>\n\n\t\t\t\t\t\t\t<a href='" . h(ME) . "import='" . bold(isset($_GET["import"])) . " class='btn btn-warning btn-xs'><i class='fa fa-download fa-fw'></i> " . lang('Import') . "</a>\n" : "") . "";
if (support("dump")) {
echo "<a href='" . h(ME) . "dump=" . urlencode(isset($_GET["table"]) ? $_GET["table"] : $_GET["select"]) . "' id='dump'" . bold(isset($_GET["dump"])) . " class='btn btn-danger btn-xs'><i class='fa fa-floppy-o fa-fw'></i> " . lang('Export') . "</a>\n";
}
}
if ($_GET["ns"] !== "" && !$missing && DB != "") {
echo '<a href="' . h(ME) . 'create="' . bold($_GET["create"] === "") . " class='btn btn-success btn-xs'><i class='fa fa-plus fa-fw'></i> " . lang('Create table') . "</a>\n";
if (!$tables) {
//Imprime mensaje indicando que no hay tablas
echo "<br><br><div class='alert alert-warning' role='alert'>" . lang('No tables.') . "</div>\n";
} else {
//Imprime la lista de tablas cuando hay al menos una en la BD
echo "<div align=left>";
$this->tablesPrint($tables);
echo "</div>";
}
}
echo "</div>";
}
}
// defense against session fixation
$driver = $auth["driver"];
$server = $auth["server"];
$username = $auth["username"];
$password = $auth["password"];
$db = $auth["db"];
set_password($driver, $server, $username, $password);
$_SESSION["db"][$driver][$server][$username][$db] = true;
if ($auth["permanent"]) {
$key = base64_encode($driver) . "-" . base64_encode($server) . "-" . base64_encode($username) . "-" . base64_encode($db);
$private = $adminer->permanentLogin(true);
$permanent[$key] = "{$key}:" . base64_encode($private ? encrypt_string($password, $private) : "");
cookie("adminer_permanent", implode(" ", $permanent));
}
if (count($_POST) == 1 || DRIVER != $driver || SERVER != $server || $_GET["username"] !== $username || DB != $db) {
redirect(auth_url($driver, $server, $username, $db));
}
} elseif ($_POST["logout"]) {
if ($has_token && !verify_token()) {
page_header(lang('Logout'), lang('Invalid CSRF token. Send the form again.'));
page_footer("db");
exit;
} else {
foreach (array("pwds", "db", "dbs", "queries") as $key) {
set_session($key, null);
}
unset_permanent();
redirect(substr(preg_replace('~\\b(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
}
} elseif ($permanent && !$_SESSION["pwds"]) {
session_regenerate_id();
}
}
$auth = $_POST["auth"];
if ($auth) {
session_regenerate_id();
// defense against session fixation
$_SESSION["pwds"][$auth["driver"]][$auth["server"]][$auth["username"]] = $auth["password"];
$_SESSION["db"][$auth["driver"]][$auth["server"]][$auth["username"]][$auth["db"]] = true;
if ($auth["permanent"]) {
$key = base64_encode($auth["driver"]) . "-" . base64_encode($auth["server"]) . "-" . base64_encode($auth["username"]) . "-" . base64_encode($auth["db"]);
$private = $adminer->permanentLogin();
$permanent[$key] = "{$key}:" . base64_encode($private ? encrypt_string($auth["password"], $private) : "");
cookie("adminer_permanent", implode(" ", $permanent));
}
if (count($_POST) == 1 || DRIVER != $auth["driver"] || SERVER != $auth["server"] || $_GET["username"] !== $auth["username"] || DB != $auth["db"]) {
redirect(auth_url($auth["driver"], $auth["server"], $auth["username"], $auth["db"]));
}
} elseif ($_POST["logout"]) {
if ($token && $_POST["token"] != $token) {
page_header(lang('Logout'), lang('Invalid CSRF token. Send the form again.'));
page_footer("db");
exit;
} else {
foreach (array("pwds", "db", "dbs", "queries") as $key) {
set_session($key, null);
}
unset_permanent();
redirect(substr(preg_replace('~(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
}
} elseif ($permanent && !$_SESSION["pwds"]) {
session_regenerate_id();
/** Prints navigation after Adminer title
* @param string can be "auth" if there is no database connection, "db" if there is no database selected, "ns" with invalid schema
* @return null
*/
function navigation($missing)
{
global $VERSION, $connection, $token, $jush, $drivers;
?>
<h1>
<?php
echo $this->name();
?>
<span class="version"><?php
echo $VERSION;
?>
</span>
<a href="http://www.adminer.org/#download" id="version"><?php
echo version_compare($VERSION, $_COOKIE["adminer_version"]) < 0 ? h($_COOKIE["adminer_version"]) : "";
?>
</a>
</h1>
<?php
if ($missing == "auth") {
$first = true;
foreach ((array) $_SESSION["pwds"] as $driver => $servers) {
foreach ($servers as $server => $usernames) {
foreach ($usernames as $username => $password) {
if (isset($password)) {
if ($first) {
echo "<p onclick='eventStop(event);'>\n";
$first = false;
}
echo "<a href='" . h(auth_url($driver, $server, $username)) . "'>({$drivers[$driver]}) " . h($username . ($server != "" ? "@{$server}" : "")) . "</a><br>\n";
}
}
}
}
} else {
$databases = get_databases();
?>
<form action="" method="post">
<p class="logout">
<?php
if (DB == "" || !$missing) {
echo "<a href='" . h(ME) . "sql='" . bold(isset($_GET["sql"])) . ">" . lang('SQL command') . "</a>\n";
if (support("dump")) {
echo "<a href='" . h(ME) . "dump=" . urlencode(isset($_GET["table"]) ? $_GET["table"] : $_GET["select"]) . "' id='dump'" . bold(isset($_GET["dump"])) . ">" . lang('Dump') . "</a>\n";
}
}
?>
<input type="submit" name="logout" value="<?php
echo lang('Logout');
?>
" onclick="eventStop(event);">
<input type="hidden" name="token" value="<?php
echo $token;
?>
">
</p>
</form>
<form action="">
<p>
<?php
hidden_fields_get();
echo $databases ? html_select("db", array("" => "(" . lang('database') . ")") + $databases, DB, "this.form.submit();") : '<input name="db" value="' . h(DB) . '">';
?>
<input type="submit" value="<?php
echo lang('Use');
?>
"<?php
echo $databases ? " class='hidden'" : "";
?>
onclick="eventStop(event);">
<?php
if ($missing != "db" && DB != "" && $connection->select_db(DB)) {
if (support("scheme")) {
echo "<br>" . html_select("ns", array("" => "(" . lang('schema') . ")") + schemas(), $_GET["ns"], "this.form.submit();");
if ($_GET["ns"] != "") {
set_schema($_GET["ns"]);
}
}
if ($_GET["ns"] !== "" && !$missing) {
echo '<p><a href="' . h(ME) . 'create="' . bold($_GET["create"] === "") . ">" . lang('Create new table') . "</a>\n";
$tables = tables_list();
if (!$tables) {
echo "<p class='message'>" . lang('No tables.') . "\n";
} else {
$this->tablesPrint($tables);
$links = array();
foreach ($tables as $table => $type) {
$links[] = preg_quote($table, '/');
}
echo "<script type='text/javascript'>\n";
echo "var jushLinks = { {$jush}: [ '" . js_adminer_escape(ME) . "table=\$&', /\\b(" . implode("|", $links) . ")\\b/g ] };\n";
foreach (array("bac", "bra", "sqlite_quo", "mssql_bra") as $val) {
echo "jushLinks.{$val} = jushLinks.{$jush};\n";
}
echo "</script>\n";
}
}
}
echo isset($_GET["sql"]) ? '<input type="hidden" name="sql" value="">' : (isset($_GET["schema"]) ? '<input type="hidden" name="schema" value="">' : (isset($_GET["dump"]) ? '<input type="hidden" name="dump" value="">' : ""));
echo "</p></form>\n";
}
}
