/**
* Displays authentication form
*
* this function MUST exit/quit the application
*
* @uses $GLOBALS['server']
* @uses $GLOBALS['PHP_AUTH_USER']
* @uses $GLOBALS['pma_auth_server']
* @uses $GLOBALS['text_dir']
* @uses $GLOBALS['pmaThemeImage']
* @uses $GLOBALS['charset']
* @uses $GLOBALS['target']
* @uses $GLOBALS['db']
* @uses $GLOBALS['table']
* @uses $GLOBALS['strWelcome']
* @uses $GLOBALS['strSecretRequired']
* @uses $GLOBALS['strError']
* @uses $GLOBALS['strLogin']
* @uses $GLOBALS['strLogServer']
* @uses $GLOBALS['strLogUsername']
* @uses $GLOBALS['strLogPassword']
* @uses $GLOBALS['strServerChoice']
* @uses $GLOBALS['strGo']
* @uses $GLOBALS['strCookiesRequired']
* @uses $GLOBALS['strPmaDocumentation']
* @uses $GLOBALS['pmaThemeImage']
* @uses $cfg['Servers']
* @uses $cfg['LoginCookieRecall']
* @uses $cfg['Lang']
* @uses $cfg['Server']
* @uses $cfg['ReplaceHelpImg']
* @uses $cfg['blowfish_secret']
* @uses $cfg['AllowArbitraryServer']
* @uses $_COOKIE
* @uses $_REQUEST['old_usr']
* @uses PMA_sendHeaderLocation()
* @uses PMA_select_language()
* @uses PMA_select_server()
* @uses file_exists()
* @uses sprintf()
* @uses count()
* @uses htmlspecialchars()
* @uses is_array()
* @global string the last connection error
*
* @access public
*/
function PMA_auth()
{
global $conn_error;
/* Perform logout to custom URL */
if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
exit;
}
/* No recall if blowfish secret is not configured as it would produce garbage */
if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) {
$default_user = $GLOBALS['PHP_AUTH_USER'];
$default_server = $GLOBALS['pma_auth_server'];
$autocomplete = '';
} else {
$default_user = '';
$default_server = '';
// skip the IE autocomplete feature.
$autocomplete = ' autocomplete="off"';
}
$cell_align = $GLOBALS['text_dir'] == 'ltr' ? 'left' : 'right';
// Defines the charset to be used
header('Content-Type: text/html; charset=' . $GLOBALS['charset']);
// Defines the "item" image depending on text direction
$item_img = $GLOBALS['pmaThemeImage'] . 'item_' . $GLOBALS['text_dir'] . '.png';
/* HTML header; do not show here the PMA version to improve security */
$page_title = 'phpMyAdmin ';
require './libraries/header_meta_style.inc.php';
?>
<script type="text/javascript">
//<![CDATA[
// show login form in top frame
if (top != self) {
//window.top.location.href=location;
}
//]]>
</script>
</head>
<body class="loginform">
<?php
if (file_exists('./config.header.inc.php')) {
require './config.header.inc.php';
}
?>
<div class="container">
<a href="http://www.phpmyadmin.net" target="_blank" class="logo"><?php
$logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png';
if (@file_exists($logo_image)) {
echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />';
} else {
echo '<img name="imLogo" id="imLogo" src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo.png' . '" ' . 'border="0" width="88" height="31" alt="phpMyAdmin" />';
}
?>
</a>
<h1>
<?php
echo sprintf($GLOBALS['strWelcome'], '<bdo dir="ltr" xml:lang="en">' . $page_title . '</bdo>');
?>
</h1>
<?php
// Show error message
if (!empty($conn_error)) {
PMA_Message::rawError($conn_error)->display();
}
// Displays the languages form
if (empty($GLOBALS['cfg']['Lang'])) {
require_once './libraries/display_select_lang.lib.php';
// use fieldset, don't show doc link
PMA_select_language(true, false);
}
?>
<br />
<!-- Login form -->
<form method="post" action="index.php" name="login_form"<?php
echo $autocomplete;
?>
target="_top" class="login">
<fieldset>
<legend>
<?php
echo $GLOBALS['strLogin'];
echo '<a href="./Documentation.html" target="documentation" ' . 'title="' . $GLOBALS['strPmaDocumentation'] . '">';
if ($GLOBALS['cfg']['ReplaceHelpImg']) {
echo '<img class="icon" src="' . $GLOBALS['pmaThemeImage'] . 'b_help.png" width="11" height="11" alt="' . $GLOBALS['strPmaDocumentation'] . '" />';
} else {
echo '(*)';
}
echo '</a>';
?>
</legend>
<?php
if ($GLOBALS['cfg']['AllowArbitraryServer']) {
?>
<div class="item">
<label for="input_servername" title="<?php
echo $GLOBALS['strLogServerHelp'];
?>
"><?php
echo $GLOBALS['strLogServer'];
?>
</label>
<input type="text" name="pma_servername" id="input_servername" value="<?php
echo htmlspecialchars($default_server);
?>
" size="24" class="textfield" title="<?php
echo $GLOBALS['strLogServerHelp'];
?>
" />
</div>
<?php
}
?>
<div class="item">
<label for="input_username"><?php
echo $GLOBALS['strLogUsername'];
?>
</label>
<input type="text" name="pma_username" id="input_username" value="<?php
echo htmlspecialchars($default_user);
?>
" size="24" class="textfield"/>
</div>
<div class="item">
<label for="input_password"><?php
echo $GLOBALS['strLogPassword'];
?>
</label>
<input type="password" name="pma_password" id="input_password" value="" size="24" class="textfield" />
</div>
<?php
if (count($GLOBALS['cfg']['Servers']) > 1) {
?>
<div class="item">
<label for="select_server"><?php
echo $GLOBALS['strServerChoice'];
?>
:</label>
<select name="server" id="select_server"
<?php
if ($GLOBALS['cfg']['AllowArbitraryServer']) {
echo ' onchange="document.forms[\'login_form\'].elements[\'pma_servername\'].value = \'\'" ';
}
?>
>
<?php
require_once './libraries/select_server.lib.php';
PMA_select_server(false, false);
echo '</select></div>';
} else {
echo ' <input type="hidden" name="server" value="' . $GLOBALS['server'] . '" />';
}
// end if (server choice)
?>
</fieldset>
<fieldset class="tblFooters">
<input value="<?php
echo $GLOBALS['strGo'];
?>
" type="submit" id="input_go" />
<?php
$_form_params = array();
if (!empty($GLOBALS['target'])) {
$_form_params['target'] = $GLOBALS['target'];
}
if (!empty($GLOBALS['db'])) {
$_form_params['db'] = $GLOBALS['db'];
}
if (!empty($GLOBALS['table'])) {
$_form_params['table'] = $GLOBALS['table'];
}
// do not generate a "server" hidden field as we want the "server"
// drop-down to have priority
echo PMA_generate_common_hidden_inputs($_form_params, '', 0, 'server');
?>
</fieldset>
</form>
<?php
// BEGIN Swekey Integration
Swekey_login('input_username', 'input_go');
// END Swekey Integration
// show the "Cookies required" message only if cookies are disabled
// (we previously tried to set some cookies)
if (empty($_COOKIE)) {
trigger_error($GLOBALS['strCookiesRequired'], E_USER_NOTICE);
}
if ($GLOBALS['error_handler']->hasDisplayErrors()) {
echo '<div>';
$GLOBALS['error_handler']->dispErrors();
echo '</div>';
}
?>
</div>
<script type="text/javascript">
// <![CDATA[
function PMA_focusInput()
{
var input_username = document.getElementById('input_username');
var input_password = document.getElementById('input_password');
if (input_username.value == '') {
input_username.focus();
} else {
input_password.focus();
}
}
window.setTimeout('PMA_focusInput()', 500);
// ]]>
</script>
<?php
if (file_exists('./config.footer.inc.php')) {
require './config.footer.inc.php';
}
?>
</body>
</html>
<?php
exit;
}
/**
* Responds an error when an error happens when executing the query
*
* @param boolean $is_gotofile whether goto file or not
* @param String $error error after executing the query
* @param String $full_sql_query full sql query
*
* @return void
*/
function PMA_handleQueryExecuteError($is_gotofile, $error, $full_sql_query)
{
if ($is_gotofile) {
$message = PMA_Message::rawError($error);
$response = PMA_Response::getInstance();
$response->isSuccess(false);
$response->addJSON('message', $message);
} else {
PMA_Util::mysqlDie($error, $full_sql_query, '', '');
}
exit;
}
/**
* Prepares queries for adding users and
* also create database and return query and message
*
* @param boolean $_error whether user create or not
* @param string $real_sql_query SQL query for add a user
* @param string $sql_query SQL query to be displayed
* @param string $username username
* @param string $hostname host name
* @param string $dbname database name
*
* @return array $sql_query, $message
*/
function PMA_addUserAndCreateDatabase($_error, $real_sql_query, $sql_query, $username, $hostname, $dbname)
{
if ($_error || !empty($real_sql_query) && !$GLOBALS['dbi']->tryQuery($real_sql_query)) {
$_REQUEST['createdb-1'] = $_REQUEST['createdb-2'] = $_REQUEST['createdb-3'] = null;
$message = PMA_Message::rawError($GLOBALS['dbi']->getError());
} else {
$message = PMA_Message::success(__('You have added a new user.'));
}
if (isset($_REQUEST['createdb-1'])) {
// Create database with same name and grant all privileges
$q = 'CREATE DATABASE IF NOT EXISTS ' . PMA_Util::backquote(PMA_Util::sqlAddSlashes($username)) . ';';
$sql_query .= $q;
if (!$GLOBALS['dbi']->tryQuery($q)) {
$message = PMA_Message::rawError($GLOBALS['dbi']->getError());
}
/**
* Reload the navigation
*/
$GLOBALS['reload'] = true;
$GLOBALS['db'] = $username;
$q = 'GRANT ALL PRIVILEGES ON ' . PMA_Util::backquote(PMA_Util::escapeMysqlWildcards(PMA_Util::sqlAddSlashes($username))) . '.* TO \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\';';
$sql_query .= $q;
if (!$GLOBALS['dbi']->tryQuery($q)) {
$message = PMA_Message::rawError($GLOBALS['dbi']->getError());
}
}
if (isset($_REQUEST['createdb-2'])) {
// Grant all privileges on wildcard name (username\_%)
$q = 'GRANT ALL PRIVILEGES ON ' . PMA_Util::backquote(PMA_Util::sqlAddSlashes($username) . '\\_%') . '.* TO \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\';';
$sql_query .= $q;
if (!$GLOBALS['dbi']->tryQuery($q)) {
$message = PMA_Message::rawError($GLOBALS['dbi']->getError());
}
}
if (isset($_REQUEST['createdb-3'])) {
// Grant all privileges on the specified database to the new user
$q = 'GRANT ALL PRIVILEGES ON ' . PMA_Util::backquote(PMA_Util::sqlAddSlashes($dbname)) . '.* TO \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\';';
$sql_query .= $q;
if (!$GLOBALS['dbi']->tryQuery($q)) {
$message = PMA_Message::rawError($GLOBALS['dbi']->getError());
}
}
return array($sql_query, $message);
}
/**
* Function to delete from a tracking report log
*
* @param array &$data tracked data
* @param string $which_log ddlog|dmlog
* @param string $type DDL|DML
* @param string $message success message
*
* @return string HTML for the message
*/
function PMA_deleteFromTrackingReportLog(&$data, $which_log, $type, $message)
{
$html = '';
$delete_id = $_REQUEST['delete_' . $which_log];
// Only in case of valid id
if ($delete_id == (int) $delete_id) {
unset($data[$which_log][$delete_id]);
$successfullyDeleted = PMA_Tracker::changeTrackingData($_REQUEST['db'], $_REQUEST['table'], $_REQUEST['version'], $type, $data[$which_log]);
if ($successfullyDeleted) {
$msg = PMA_Message::success($message);
} else {
$msg = PMA_Message::rawError(__('Query error'));
}
$html .= $msg->getDisplay();
}
return $html;
}
/**
* Save this table's UI preferences into phpMyAdmin database.
*
* @return true|PMA_Message
*/
protected function saveUiPrefsToDb()
{
$pma_table = PMA_backquote($GLOBALS['cfg']['Server']['pmadb']) . "." . PMA_backquote($GLOBALS['cfg']['Server']['table_uiprefs']);
$username = $GLOBALS['cfg']['Server']['user'];
$sql_query = " REPLACE INTO " . $pma_table . " VALUES ('" . $username . "', '" . PMA_sqlAddSlashes($this->db_name) . "', '" . PMA_sqlAddSlashes($this->name) . "', '" . PMA_sqlAddSlashes(json_encode($this->uiprefs)) . "', NULL)";
$success = PMA_DBI_try_query($sql_query, $GLOBALS['controllink']);
if (!$success) {
$message = PMA_Message::error(__('Could not save table UI preferences'));
$message->addMessage('<br /><br />');
$message->addMessage(PMA_Message::rawError(PMA_DBI_getError($GLOBALS['controllink'])));
return $message;
}
// Remove some old rows in table_uiprefs if it exceeds the configured maximum rows
$sql_query = 'SELECT COUNT(*) FROM ' . $pma_table;
$rows_count = PMA_DBI_fetch_value($sql_query);
$max_rows = $GLOBALS['cfg']['Server']['MaxTableUiprefs'];
if ($rows_count > $max_rows) {
$num_rows_to_delete = $rows_count - $max_rows;
$sql_query = ' DELETE FROM ' . $pma_table . ' ORDER BY last_update ASC' . ' LIMIT ' . $num_rows_to_delete;
$success = PMA_DBI_try_query($sql_query, $GLOBALS['controllink']);
if (!$success) {
$message = PMA_Message::error(sprintf(__('Failed to cleanup table UI preferences (see $cfg[\'Servers\'][$i][\'MaxTableUiprefs\'] %s)'), PMA_showDocu('cfg_Servers_MaxTableUiprefs')));
$message->addMessage('<br /><br />');
$message->addMessage(PMA_Message::rawError(PMA_DBI_getError($GLOBALS['controllink'])));
print_r($message);
return $message;
}
}
return true;
}
/**
* Update the table's structure based on $_REQUEST
*
* @param string $db database name
* @param string $table table name
*
* @return boolean $regenerate true if error occurred
*
*/
function PMA_updateColumns($db, $table)
{
$err_url = 'tbl_structure.php?' . PMA_URL_getCommon($db, $table);
$regenerate = false;
$field_cnt = count($_REQUEST['field_name']);
$key_fields = array();
$changes = array();
for ($i = 0; $i < $field_cnt; $i++) {
if (PMA_columnNeedsAlterTable($i)) {
$changes[] = 'CHANGE ' . PMA_Table::generateAlter(isset($_REQUEST['field_orig'][$i]) ? $_REQUEST['field_orig'][$i] : '', $_REQUEST['field_name'][$i], $_REQUEST['field_type'][$i], $_REQUEST['field_length'][$i], $_REQUEST['field_attribute'][$i], isset($_REQUEST['field_collation'][$i]) ? $_REQUEST['field_collation'][$i] : '', isset($_REQUEST['field_null'][$i]) ? $_REQUEST['field_null'][$i] : 'NOT NULL', $_REQUEST['field_default_type'][$i], $_REQUEST['field_default_value'][$i], isset($_REQUEST['field_extra'][$i]) ? $_REQUEST['field_extra'][$i] : false, isset($_REQUEST['field_comments'][$i]) ? $_REQUEST['field_comments'][$i] : '', $key_fields, $i, isset($_REQUEST['field_move_to'][$i]) ? $_REQUEST['field_move_to'][$i] : '');
}
}
// end for
$response = PMA_Response::getInstance();
if (count($changes) > 0) {
// Builds the primary keys statements and updates the table
$key_query = '';
/**
* this is a little bit more complex
*
* @todo if someone selects A_I when altering a column we need to check:
* - no other column with A_I
* - the column has an index, if not create one
*
*/
// To allow replication, we first select the db to use
// and then run queries on this db.
if (!$GLOBALS['dbi']->selectDb($db)) {
PMA_Util::mysqlDie($GLOBALS['dbi']->getError(), 'USE ' . PMA_Util::backquote($db) . ';', '', $err_url);
}
$sql_query = 'ALTER TABLE ' . PMA_Util::backquote($table) . ' ';
$sql_query .= implode(', ', $changes) . $key_query;
$sql_query .= ';';
$result = $GLOBALS['dbi']->tryQuery($sql_query);
if ($result !== false) {
$message = PMA_Message::success(__('Table %1$s has been altered successfully.'));
$message->addParam($table);
$response->addHTML(PMA_Util::getMessage($message, $sql_query, 'success'));
} else {
// An error happened while inserting/updating a table definition
$response->isSuccess(false);
$response->addJSON('message', PMA_Message::rawError(__('Query error') . ':<br />' . $GLOBALS['dbi']->getError()));
$regenerate = true;
}
}
include_once 'libraries/transformations.lib.php';
// update field names in relation
if (isset($_REQUEST['field_orig']) && is_array($_REQUEST['field_orig'])) {
foreach ($_REQUEST['field_orig'] as $fieldindex => $fieldcontent) {
if ($_REQUEST['field_name'][$fieldindex] != $fieldcontent) {
PMA_REL_renameField($db, $table, $fieldcontent, $_REQUEST['field_name'][$fieldindex]);
}
}
}
// update mime types
if (isset($_REQUEST['field_mimetype']) && is_array($_REQUEST['field_mimetype']) && $GLOBALS['cfg']['BrowseMIME']) {
foreach ($_REQUEST['field_mimetype'] as $fieldindex => $mimetype) {
if (isset($_REQUEST['field_name'][$fieldindex]) && strlen($_REQUEST['field_name'][$fieldindex])) {
PMA_setMIME($db, $table, $_REQUEST['field_name'][$fieldindex], $mimetype, $_REQUEST['field_transformation'][$fieldindex], $_REQUEST['field_transformation_options'][$fieldindex]);
}
}
}
return $regenerate;
}
if (!empty($_REQUEST['view']['column_names'])) {
$sql_query .= $sep . ' (' . $_REQUEST['view']['column_names'] . ')';
}
$sql_query .= $sep . ' AS ' . $_REQUEST['view']['as'];
if (isset($_REQUEST['view']['with'])) {
$options = array_intersect($_REQUEST['view']['with'], $view_with_options);
if (count($options)) {
$sql_query .= $sep . ' WITH ' . implode(' ', $options);
}
}
if (PMA_DBI_try_query($sql_query)) {
$message = PMA_Message::success();
require './' . $cfg['DefaultTabDatabase'];
exit;
} else {
$message = PMA_Message::rawError(PMA_DBI_getError());
}
}
// prefill values if not already filled from former submission
$view = array('or_replace' => '', 'algorithm' => '', 'name' => '', 'column_names' => '', 'as' => $sql_query, 'with' => array());
if (PMA_isValid($_REQUEST['view'], 'array')) {
$view = array_merge($view, $_REQUEST['view']);
}
/**
* Displays top menu links
* We use db links because a VIEW is not necessarily on a single table
*/
$num_tables = 0;
require_once './libraries/db_links.inc.php';
$url_params['db'] = $GLOBALS['db'];
$url_params['reload'] = 1;
/**
*
*/
function open()
{
if (!$this->_decompress) {
$this->_handle = @fopen($this->getName(), 'r');
}
switch ($this->getCompression()) {
case false:
return false;
case 'application/bzip2':
if ($GLOBALS['cfg']['BZipDump'] && @function_exists('bzopen')) {
$this->_handle = @bzopen($this->getName(), 'r');
} else {
$this->_error_message = sprintf(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.'), $this->getCompression());
return false;
}
break;
case 'application/gzip':
if ($GLOBALS['cfg']['GZipDump'] && @function_exists('gzopen')) {
$this->_handle = @gzopen($this->getName(), 'r');
} else {
$this->_error_message = sprintf(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.'), $this->getCompression());
return false;
}
break;
case 'application/zip':
if ($GLOBALS['cfg']['ZipDump'] && @function_exists('zip_open')) {
include_once './libraries/zip_extension.lib.php';
$result = PMA_getZipContents($this->getName());
if (!empty($result['error'])) {
$this->_error_message = PMA_Message::rawError($result['error']);
return false;
} else {
$this->content_uncompressed = $result['data'];
}
unset($result);
} else {
$this->_error_message = sprintf(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.'), $this->getCompression());
return false;
}
break;
case 'none':
$this->_handle = @fopen($this->getName(), 'r');
break;
default:
$this->_error_message = sprintf(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.'), $this->getCompression());
return false;
break;
}
}
/**
* Saves user preferences
*
* @uses $_SESSION['cache'][...]['userprefs']
* @uses $_SESSION['userconfig']
* @uses $GLOBALS['cfg']['ServerDefault']
* @uses $GLOBALS['controllink']
* @uses $GLOBALS['server']
* @uses ConfigFile::getConfigArray()
* @uses ConfigFile::getInstance()
* @uses PMA_backquote()
* @uses PMA_DBI_fetch_value
* @uses PMA_DBI_getError()
* @uses PMA_DBI_try_query()
* @uses PMA_Message::addMessage()
* @uses PMA_Message::error()
* @uses PMA_Message::rawError()
* @uses PMA_sqlAddslashes()
* @uses PMA_getRelationsParam()
* @param array $config_data
* @return true|PMA_Message
*/
function PMA_save_userprefs(array $config_array)
{
$cfgRelation = PMA_getRelationsParam();
$server = isset($GLOBALS['server']) ? $GLOBALS['server'] : $GLOBALS['cfg']['ServerDefault'];
$cache_key = 'server_' . $server;
if (!$cfgRelation['userconfigwork']) {
// no pmadb table, use session storage
$_SESSION['userconfig'] = array('db' => $config_array, 'ts' => time());
if (isset($_SESSION['cache'][$cache_key]['userprefs'])) {
unset($_SESSION['cache'][$cache_key]['userprefs']);
}
return true;
}
// save configuration to pmadb
$query_table = PMA_backquote($cfgRelation['db']) . '.' . PMA_backquote($cfgRelation['userconfig']);
$query = '
SELECT `username`
FROM ' . $query_table . '
WHERE `username` = \'' . PMA_sqlAddslashes($cfgRelation['user']) . '\'';
$has_config = PMA_DBI_fetch_value($query, 0, 0, $GLOBALS['controllink']);
$config_data = json_encode($config_array);
if ($has_config) {
$query = '
UPDATE ' . $query_table . '
SET `config_data` = \'' . PMA_sqlAddslashes($config_data) . '\'
WHERE `username` = \'' . PMA_sqlAddslashes($cfgRelation['user']) . '\'';
} else {
$query = '
INSERT INTO ' . $query_table . ' (`username`, `config_data`)
VALUES (\'' . PMA_sqlAddslashes($cfgRelation['user']) . '\',
\'' . PMA_sqlAddslashes($config_data) . '\')';
}
if (isset($_SESSION['cache'][$cache_key]['userprefs'])) {
unset($_SESSION['cache'][$cache_key]['userprefs']);
}
if (!PMA_DBI_try_query($query, $GLOBALS['controllink'])) {
$message = PMA_Message::error(__('Could not save configuration'));
$message->addMessage('<br /><br />');
$message->addMessage(PMA_Message::rawError(PMA_DBI_getError($GLOBALS['controllink'])));
return $message;
}
return true;
}
/**
* test rawError method
*
* @return void
*/
public function testRawError()
{
$this->object = new PMA_Message('', PMA_Message::ERROR);
$this->object->setMessage('test<&>');
$this->assertEquals($this->object, PMA_Message::rawError('test<&>'));
}
$delete_id = $_REQUEST['delete_dmlog'];
// Only in case of valable id
if ($delete_id == (int)$delete_id) {
unset($data['dmlog'][$delete_id]);
$successfullyDeleted = PMA_Tracker::changeTrackingData(
$_REQUEST['db'], $_REQUEST['table'],
$_REQUEST['version'], 'DML', $data['dmlog']
);
if ($successfullyDeleted) {
$msg = PMA_Message::success(
__('Tracking data manipulation successfully deleted')
);
} else {
$msg = PMA_Message::rawError(__('Query error'));
}
$msg->display();
}
}
}
if (isset($_REQUEST['report']) || isset($_REQUEST['report_export'])) {
echo '<h3>' . __('Tracking report')
. ' [<a href="tbl_tracking.php?' . $url_query . '">' . __('Close')
. '</a>]</h3>';
echo '<small>' . __('Tracking statements') . ' '
. htmlspecialchars($data['tracking']) . '</small><br/>';
echo '<br/>';
/**
* move the repeating group of columns to a new table
*
* @param string $repeatingColumns comma separated list of repeating group columns
* @param string $primary_columns comma separated list of column in primary key
* of $table
* @param string $newTable name of the new table to be created
* @param string $newColumn name of the new column in the new table
* @param string $table current table
* @param string $db current database
*
* @return array
*/
function PMA_moveRepeatingGroup($repeatingColumns, $primary_columns, $newTable, $newColumn, $table, $db)
{
$repeatingColumnsArr = (array) PMA_Util::backquote(explode(', ', $repeatingColumns));
$primary_columns = implode(',', PMA_Util::backquote(explode(',', $primary_columns)));
$query1 = 'CREATE TABLE ' . PMA_Util::backquote($newTable);
$query2 = 'ALTER TABLE ' . PMA_Util::backquote($table);
$message = PMA_Message::success(sprintf(__('Selected repeating group has been moved to the table \'%s\''), htmlspecialchars($table)));
$first = true;
$error = false;
foreach ($repeatingColumnsArr as $repeatingColumn) {
if (!$first) {
$query1 .= ' UNION ';
}
$first = false;
$query1 .= ' SELECT ' . $primary_columns . ',' . $repeatingColumn . ' as ' . PMA_Util::backquote($newColumn) . ' FROM ' . PMA_Util::backquote($table);
$query2 .= ' DROP ' . $repeatingColumn . ',';
}
$query2 = trim($query2, ',');
$queries = array($query1, $query2);
$GLOBALS['dbi']->selectDb($db, $GLOBALS['userlink']);
foreach ($queries as $query) {
if (!$GLOBALS['dbi']->tryQuery($query, $GLOBALS['userlink'])) {
$message = PMA_Message::error(__('Error in processing!'));
$message->addMessage('<br /><br />');
$message->addMessage(PMA_Message::rawError($GLOBALS['dbi']->getError($GLOBALS['userlink'])));
$error = true;
break;
}
}
return array('queryError' => $error, 'message' => $message);
}
/**
* Save this table's UI preferences into phpMyAdmin database.
*
* @return true|PMA_Message
*/
protected function saveUiPrefsToDb()
{
$cfgRelation = PMA_getRelationsParam();
$pma_table = PMA_Util::backquote($cfgRelation['db']) . "." . PMA_Util::backquote($cfgRelation['table_uiprefs']);
$secureDbName = PMA_Util::sqlAddSlashes($this->_db_name);
$username = $GLOBALS['cfg']['Server']['user'];
$sql_query = " REPLACE INTO " . $pma_table . " (username, db_name, table_name, prefs) VALUES ('" . $username . "', '" . $secureDbName . "', '" . PMA_Util::sqlAddSlashes($this->_name) . "', '" . PMA_Util::sqlAddSlashes(json_encode($this->uiprefs)) . "')";
$success = $this->_dbi->tryQuery($sql_query, $GLOBALS['controllink']);
if (!$success) {
$message = PMA_Message::error(__('Could not save table UI preferences!'));
$message->addMessage('<br /><br />');
$message->addMessage(PMA_Message::rawError($this->_dbi->getError($GLOBALS['controllink'])));
return $message;
}
// Remove some old rows in table_uiprefs if it exceeds the configured
// maximum rows
$sql_query = 'SELECT COUNT(*) FROM ' . $pma_table;
$rows_count = $this->_dbi->fetchValue($sql_query);
$max_rows = $GLOBALS['cfg']['Server']['MaxTableUiprefs'];
if ($rows_count > $max_rows) {
$num_rows_to_delete = $rows_count - $max_rows;
$sql_query = ' DELETE FROM ' . $pma_table . ' ORDER BY last_update ASC' . ' LIMIT ' . $num_rows_to_delete;
$success = $this->_dbi->tryQuery($sql_query, $GLOBALS['controllink']);
if (!$success) {
$message = PMA_Message::error(sprintf(__('Failed to cleanup table UI preferences (see ' . '$cfg[\'Servers\'][$i][\'MaxTableUiprefs\'] %s)'), PMA_Util::showDocu('config', 'cfg_Servers_MaxTableUiprefs')));
$message->addMessage('<br /><br />');
$message->addMessage(PMA_Message::rawError($this->_dbi->getError($GLOBALS['controllink'])));
return $message;
}
}
return true;
}
/**
* Prepares queries for adding users and also create database and return query and message
*
* @param boolean $_error whether user create or not
* @param string $real_sql_query SQL query for add a user
* @param string $sql_query SQL query to be displayed
* @param string $username username
* @param string $hostname host name
*
* @return array $sql_query, $message
*/
function PMA_addUserAndCreateDatabase($_error, $real_sql_query, $sql_query, $username, $hostname)
{
$common_functions = PMA_CommonFunctions::getInstance();
if ($_error || !PMA_DBI_try_query($real_sql_query)) {
$_REQUEST['createdb-1'] = $_REQUEST['createdb-2'] = $_REQUEST['createdb-3'] = false;
$message = PMA_Message::rawError(PMA_DBI_getError());
} else {
$message = PMA_Message::success(__('You have added a new user.'));
}
if (isset($_REQUEST['createdb-1'])) {
// Create database with same name and grant all privileges
$q = 'CREATE DATABASE IF NOT EXISTS ' . $common_functions->backquote($common_functions->sqlAddSlashes($username)) . ';';
$sql_query .= $q;
if (!PMA_DBI_try_query($q)) {
$message = PMA_Message::rawError(PMA_DBI_getError());
}
/**
* If we are not in an Ajax request, we can't reload navigation now
*/
if ($GLOBALS['is_ajax_request'] != true) {
// this is needed in case tracking is on:
$GLOBALS['db'] = $username;
$GLOBALS['reload'] = true;
echo $common_functions->getReloadNavigationScript();
}
$q = 'GRANT ALL PRIVILEGES ON ' . $common_functions->backquote($common_functions->escapeMysqlWildcards($common_functions->sqlAddSlashes($username))) . '.* TO \'' . $common_functions->sqlAddSlashes($username) . '\'@\'' . $common_functions->sqlAddSlashes($hostname) . '\';';
$sql_query .= $q;
if (!PMA_DBI_try_query($q)) {
$message = PMA_Message::rawError(PMA_DBI_getError());
}
}
if (isset($_REQUEST['createdb-2'])) {
// Grant all privileges on wildcard name (username\_%)
$q = 'GRANT ALL PRIVILEGES ON ' . $common_functions->backquote($common_functions->sqlAddSlashes($username) . '\\_%') . '.* TO \'' . $common_functions->sqlAddSlashes($username) . '\'@\'' . $common_functions->sqlAddSlashes($hostname) . '\';';
$sql_query .= $q;
if (!PMA_DBI_try_query($q)) {
$message = PMA_Message::rawError(PMA_DBI_getError());
}
}
if (isset($_REQUEST['createdb-3'])) {
// Grant all privileges on the specified database to the new user
$q = 'GRANT ALL PRIVILEGES ON ' . $common_functions->backquote($common_functions->sqlAddSlashes($dbname)) . '.* TO \'' . $common_functions->sqlAddSlashes($username) . '\'@\'' . $common_functions->sqlAddSlashes($hostname) . '\';';
$sql_query .= $q;
if (!PMA_DBI_try_query($q)) {
$message = PMA_Message::rawError(PMA_DBI_getError());
}
}
return array($sql_query, $message);
}
/**
* Displays authentication form
*
* this function MUST exit/quit the application
*
* @global string the last connection error
*
* @access public
*/
function PMA_auth()
{
global $conn_error;
/* Perform logout to custom URL */
if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
exit;
}
/* No recall if blowfish secret is not configured as it would produce garbage */
if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) {
$default_user = $GLOBALS['PHP_AUTH_USER'];
$default_server = $GLOBALS['pma_auth_server'];
$autocomplete = '';
} else {
$default_user = '';
$default_server = '';
// skip the IE autocomplete feature.
$autocomplete = ' autocomplete="off"';
}
$cell_align = $GLOBALS['text_dir'] == 'ltr' ? 'left' : 'right';
// Defines the charset to be used
header('Content-Type: text/html; charset=utf-8');
/* HTML header; do not show here the PMA version to improve security */
$page_title = 'phpMyAdmin ';
include './libraries/header_meta_style.inc.php';
// if $page_title is set, this script uses it as the title:
include './libraries/header_scripts.inc.php';
?>
</head>
<body class="loginform">
<?php
if (file_exists(CUSTOM_HEADER_FILE)) {
include CUSTOM_HEADER_FILE;
}
?>
<div class="container">
<a href="<?php
echo PMA_linkURL('http://www.phpmyadmin.net/');
?>
" target="_blank" class="logo"><?php
$logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png';
if (@file_exists($logo_image)) {
echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />';
} else {
echo '<img name="imLogo" id="imLogo" src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo.png' . '" ' . 'border="0" width="88" height="31" alt="phpMyAdmin" />';
}
?>
</a>
<h1>
<?php
echo sprintf(__('Welcome to %s'), '<bdo dir="ltr" lang="en">' . $page_title . '</bdo>');
?>
</h1>
<?php
// Show error message
if (!empty($conn_error)) {
PMA_Message::rawError($conn_error)->display();
}
echo "<noscript>\n";
PMA_message::error(__("Javascript must be enabled past this point"))->display();
echo "</noscript>\n";
echo "<div class='hide js-show'>";
// Displays the languages form
if (empty($GLOBALS['cfg']['Lang'])) {
include_once './libraries/display_select_lang.lib.php';
// use fieldset, don't show doc link
PMA_select_language(true, false);
}
echo "</div>";
?>
<br />
<!-- Login form -->
<form method="post" action="index.php" name="login_form"<?php
echo $autocomplete;
?>
target="_top" class="login hide js-show">
<fieldset>
<legend>
<?php
echo __('Log in');
echo PMA_showDocu('');
?>
</legend>
<?php
if ($GLOBALS['cfg']['AllowArbitraryServer']) {
?>
<div class="item">
<label for="input_servername" title="<?php
echo __('You can enter hostname/IP address and port separated by space.');
?>
"><?php
echo __('Server:');
?>
</label>
<input type="text" name="pma_servername" id="input_servername" value="<?php
echo htmlspecialchars($default_server);
?>
" size="24" class="textfield" title="<?php
echo __('You can enter hostname/IP address and port separated by space.');
?>
" />
</div>
<?php
}
?>
<div class="item">
<label for="input_username"><?php
echo __('Username:'******'Password:'******'cfg']['Servers']) > 1) {
?>
<div class="item">
<label for="select_server"><?php
echo __('Server Choice');
?>
:</label>
<select name="server" id="select_server"
<?php
if ($GLOBALS['cfg']['AllowArbitraryServer']) {
echo ' onchange="document.forms[\'login_form\'].elements[\'pma_servername\'].value = \'\'" ';
}
echo '>';
include_once './libraries/select_server.lib.php';
PMA_select_server(false, false);
echo '</select></div>';
} else {
echo ' <input type="hidden" name="server" value="' . $GLOBALS['server'] . '" />';
}
// end if (server choice)
?>
</fieldset>
<fieldset class="tblFooters">
<input value="<?php
echo __('Go');
?>
" type="submit" id="input_go" />
<?php
$_form_params = array();
if (!empty($GLOBALS['target'])) {
$_form_params['target'] = $GLOBALS['target'];
}
if (!empty($GLOBALS['db'])) {
$_form_params['db'] = $GLOBALS['db'];
}
if (!empty($GLOBALS['table'])) {
$_form_params['table'] = $GLOBALS['table'];
}
// do not generate a "server" hidden field as we want the "server"
// drop-down to have priority
echo PMA_generate_common_hidden_inputs($_form_params, '', 0, 'server');
?>
</fieldset>
</form>
<?php
// BEGIN Swekey Integration
Swekey_login('input_username', 'input_go');
// END Swekey Integration
// show the "Cookies required" message only if cookies are disabled
// (we previously tried to set some cookies)
if (empty($_COOKIE)) {
trigger_error(__('Cookies must be enabled past this point.'), E_USER_NOTICE);
}
if ($GLOBALS['error_handler']->hasDisplayErrors()) {
echo '<div>';
$GLOBALS['error_handler']->dispErrors();
echo '</div>';
}
?>
</div>
<?php
if (file_exists(CUSTOM_FOOTER_FILE)) {
include CUSTOM_FOOTER_FILE;
}
?>
<script type="text/javascript">
//<![CDATA[
// show login form in top frame.
if (top != self || document.body.className != 'loginform') {
window.top.location.href=location;
}
//]]>
</script>
</body>
</html>
<?php
exit;
}
/**
* Handles request for ROLLBACK.
*
* @param string $sql_query SQL query(s)
*
* @return void
*/
function PMA_handleRollbackRequest($sql_query)
{
$sql_delimiter = $_REQUEST['sql_delimiter'];
$queries = explode($sql_delimiter, $sql_query);
$error = false;
$error_msg = __('Only INSERT, UPDATE, DELETE and REPLACE ' . 'SQL queries containing transactional engine tables can be rolled back.');
foreach ($queries as $sql_query) {
if (empty($sql_query)) {
continue;
}
// Check each query for ROLLBACK support.
if (!PMA_checkIfRollbackPossible($sql_query)) {
$global_error = $GLOBALS['dbi']->getError();
if ($global_error) {
$error = $global_error;
} else {
$error = $error_msg;
}
break;
}
}
if ($error) {
unset($_REQUEST['rollback_query']);
$response = PMA_Response::getInstance();
$message = PMA_Message::rawError($error);
$response->addJSON('message', $message);
exit;
} else {
// If everything fine, START a transaction.
$GLOBALS['dbi']->query('START TRANSACTION');
}
}
}
PMA_DBI_next_result();
}
$querytime_after = array_sum(explode(' ', microtime()));
$GLOBALS['querytime'] = $querytime_after - $querytime_before;
// Displays an error message if required and stop parsing the script
if ($error = PMA_DBI_getError()) {
if ($is_gotofile) {
if (strpos($goto, 'db_') === 0 && strlen($table)) {
$table = '';
}
$active_page = $goto;
$message = PMA_Message::rawError($error);
if ($GLOBALS['is_ajax_request'] == true) {
PMA_ajaxResponse($message, false);
}
/**
* Go to target path.
*/
include '' . PMA_securePath($goto);
} else {
$full_err_url = (preg_match('@^(db|tbl)_@', $err_url))
? $err_url . '&show_query=1&sql_query=' . urlencode($sql_query)
: $err_url;
PMA_mysqlDie($error, $full_sql_query, '', $full_err_url);
}
/**
* if $isTable is true it removes all columns of given tables as $field_select from
* central columns list otherwise $field_select is columns list and it removes
* given columns if present in central list
*
* @param array $field_select if $isTable selected list of tables otherwise
* selected list of columns to remove from central list
* @param bool $isTable if passed array is of tables or columns
*
* @return true|PMA_Message
*/
function PMA_deleteColumnsFromList($field_select, $isTable = true)
{
$cfgCentralColumns = PMA_centralColumnsGetParams();
if (empty($cfgCentralColumns)) {
return PMA_configErrorMessage();
}
$db = $_REQUEST['db'];
$pmadb = $cfgCentralColumns['db'];
$central_list_table = $cfgCentralColumns['table'];
$GLOBALS['dbi']->selectDb($db, $GLOBALS['userlink']);
$message = true;
$colNotExist = array();
$fields = array();
if ($isTable) {
$cols = '';
foreach ($field_select as $table) {
$fields[$table] = (array) $GLOBALS['dbi']->getColumnNames($db, $table, $GLOBALS['userlink']);
foreach ($fields[$table] as $col_select) {
$cols .= '\'' . PMA_Util::sqlAddSlashes($col_select) . '\',';
}
}
$cols = trim($cols, ',');
$has_list = PMA_findExistingColNames($db, $cols);
foreach ($field_select as $table) {
foreach ($fields[$table] as $column) {
if (!in_array($column, $has_list)) {
$colNotExist[] = "'" . $column . "'";
}
}
}
} else {
$cols = '';
foreach ($field_select as $col_select) {
$cols .= '\'' . PMA_Util::sqlAddSlashes($col_select) . '\',';
}
$cols = trim($cols, ',');
$has_list = PMA_findExistingColNames($db, $cols);
foreach ($field_select as $column) {
if (!in_array($column, $has_list)) {
$colNotExist[] = "'" . $column . "'";
}
}
}
if (!empty($colNotExist)) {
$colNotExist = implode(",", array_unique($colNotExist));
$message = PMA_Message::notice(sprintf(__('Couldn\'t remove Column(s) %1$s ' . 'as they don\'t exist in central columns list!'), htmlspecialchars($colNotExist)));
}
$GLOBALS['dbi']->selectDb($pmadb, $GLOBALS['controllink']);
$query = 'DELETE FROM ' . PMA_Util::backquote($central_list_table) . ' ' . 'WHERE db_name = \'' . $db . '\' AND col_name IN (' . $cols . ');';
if (!$GLOBALS['dbi']->tryQuery($query, $GLOBALS['controllink'])) {
$message = PMA_Message::error(__('Could not remove columns!'));
$message->addMessage('<br />' . htmlspecialchars($cols) . '<br />');
$message->addMessage(PMA_Message::rawError($GLOBALS['dbi']->getError($GLOBALS['controllink'])));
}
return $message;
}
/**
* Attempts to open the file.
*
* @return bool
*/
public function open()
{
if (!$this->_decompress) {
$this->_handle = @fopen($this->getName(), 'r');
}
switch ($this->getCompression()) {
case false:
return false;
case 'application/bzip2':
if ($GLOBALS['cfg']['BZipDump'] && @function_exists('bzopen')) {
$this->_handle = @bzopen($this->getName(), 'r');
} else {
$this->errorUnsupported();
return false;
}
break;
case 'application/gzip':
if ($GLOBALS['cfg']['GZipDump'] && @function_exists('gzopen')) {
$this->_handle = @gzopen($this->getName(), 'r');
} else {
$this->errorUnsupported();
return false;
}
break;
case 'application/zip':
if ($GLOBALS['cfg']['ZipDump'] && @function_exists('zip_open')) {
include_once './libraries/zip_extension.lib.php';
$result = PMA_getZipContents($this->getName());
if (!empty($result['error'])) {
$this->_error_message = (string) PMA_Message::rawError($result['error']);
return false;
} else {
$this->content_uncompressed = $result['data'];
}
unset($result);
} else {
$this->errorUnsupported();
return false;
}
break;
case 'none':
$this->_handle = @fopen($this->getName(), 'r');
break;
default:
$this->errorUnsupported();
return false;
break;
}
return true;
}
/**
* Update the table's structure based on $_REQUEST
*
* @param string $db database name
* @param string $table table name
*
* @return boolean $regenerate true if error occurred
*
*/
function PMA_updateColumns($db, $table)
{
$err_url = 'tbl_structure.php' . PMA_URL_getCommon(array('db' => $db, 'table' => $table));
$regenerate = false;
$field_cnt = count($_REQUEST['field_name']);
$changes = array();
$pmatable = new PMA_Table($table, $db);
$adjust_privileges = array();
for ($i = 0; $i < $field_cnt; $i++) {
if (PMA_columnNeedsAlterTable($i)) {
$changes[] = 'CHANGE ' . PMA_Table::generateAlter(isset($_REQUEST['field_orig'][$i]) ? $_REQUEST['field_orig'][$i] : '', $_REQUEST['field_name'][$i], $_REQUEST['field_type'][$i], $_REQUEST['field_length'][$i], $_REQUEST['field_attribute'][$i], isset($_REQUEST['field_collation'][$i]) ? $_REQUEST['field_collation'][$i] : '', isset($_REQUEST['field_null'][$i]) ? $_REQUEST['field_null'][$i] : 'NOT NULL', $_REQUEST['field_default_type'][$i], $_REQUEST['field_default_value'][$i], isset($_REQUEST['field_extra'][$i]) ? $_REQUEST['field_extra'][$i] : false, isset($_REQUEST['field_comments'][$i]) ? $_REQUEST['field_comments'][$i] : '', isset($_REQUEST['field_virtuality'][$i]) ? $_REQUEST['field_virtuality'][$i] : '', isset($_REQUEST['field_expression'][$i]) ? $_REQUEST['field_expression'][$i] : '', isset($_REQUEST['field_move_to'][$i]) ? $_REQUEST['field_move_to'][$i] : '');
// find the remembered sort expression
$sorted_col = $pmatable->getUiProp(PMA_Table::PROP_SORTED_COLUMN);
// if the old column name is part of the remembered sort expression
if (mb_strpos($sorted_col, PMA_Util::backquote($_REQUEST['field_orig'][$i])) !== false) {
// delete the whole remembered sort expression
$pmatable->removeUiProp(PMA_Table::PROP_SORTED_COLUMN);
}
if (isset($_REQUEST['field_adjust_privileges'][$i]) && !empty($_REQUEST['field_adjust_privileges'][$i]) && $_REQUEST['field_orig'][$i] != $_REQUEST['field_name'][$i]) {
$adjust_privileges[$_REQUEST['field_orig'][$i]] = $_REQUEST['field_name'][$i];
}
}
}
// end for
$response = PMA_Response::getInstance();
if (count($changes) > 0 || isset($_REQUEST['preview_sql'])) {
// Builds the primary keys statements and updates the table
$key_query = '';
/**
* this is a little bit more complex
*
* @todo if someone selects A_I when altering a column we need to check:
* - no other column with A_I
* - the column has an index, if not create one
*
*/
// To allow replication, we first select the db to use
// and then run queries on this db.
if (!$GLOBALS['dbi']->selectDb($db)) {
PMA_Util::mysqlDie($GLOBALS['dbi']->getError(), 'USE ' . PMA_Util::backquote($db) . ';', false, $err_url);
}
$sql_query = 'ALTER TABLE ' . PMA_Util::backquote($table) . ' ';
$sql_query .= implode(', ', $changes) . $key_query;
$sql_query .= ';';
// If there is a request for SQL previewing.
if (isset($_REQUEST['preview_sql'])) {
PMA_previewSQL(count($changes) > 0 ? $sql_query : '');
}
$changedToBlob = array();
// While changing the Column Collation
// First change to BLOB
for ($i = 0; $i < $field_cnt; $i++) {
if (isset($_REQUEST['field_collation'][$i]) && isset($_REQUEST['field_collation_orig'][$i]) && $_REQUEST['field_collation'][$i] !== $_REQUEST['field_collation_orig'][$i]) {
$secondary_query = 'ALTER TABLE ' . PMA_Util::backquote($table) . ' CHANGE ' . PMA_Util::backquote($_REQUEST['field_orig'][$i]) . ' ' . PMA_Util::backquote($_REQUEST['field_orig'][$i]) . ' BLOB;';
$GLOBALS['dbi']->query($secondary_query);
$changedToBlob[$i] = true;
} else {
$changedToBlob[$i] = false;
}
}
// Then make the requested changes
$result = $GLOBALS['dbi']->tryQuery($sql_query);
if ($result !== false) {
$changed_privileges = PMA_adjustColumnPrivileges($db, $table, $adjust_privileges);
if ($changed_privileges) {
$message = PMA_Message::success(__('Table %1$s has been altered successfully. Privileges ' . 'have been adjusted.'));
} else {
$message = PMA_Message::success(__('Table %1$s has been altered successfully.'));
}
$message->addParam($table);
$response->addHTML(PMA_Util::getMessage($message, $sql_query, 'success'));
} else {
// An error happened while inserting/updating a table definition
// Save the Original Error
$orig_error = $GLOBALS['dbi']->getError();
$changes_revert = array();
// Change back to Orignal Collation and data type
for ($i = 0; $i < $field_cnt; $i++) {
if ($changedToBlob[$i]) {
$changes_revert[] = 'CHANGE ' . PMA_Table::generateAlter(isset($_REQUEST['field_orig'][$i]) ? $_REQUEST['field_orig'][$i] : '', $_REQUEST['field_name'][$i], $_REQUEST['field_type_orig'][$i], $_REQUEST['field_length_orig'][$i], $_REQUEST['field_attribute_orig'][$i], isset($_REQUEST['field_collation_orig'][$i]) ? $_REQUEST['field_collation_orig'][$i] : '', isset($_REQUEST['field_null_orig'][$i]) ? $_REQUEST['field_null_orig'][$i] : 'NOT NULL', $_REQUEST['field_default_type_orig'][$i], $_REQUEST['field_default_value_orig'][$i], isset($_REQUEST['field_extra_orig'][$i]) ? $_REQUEST['field_extra_orig'][$i] : false, isset($_REQUEST['field_comments_orig'][$i]) ? $_REQUEST['field_comments_orig'][$i] : '', isset($_REQUEST['field_move_to_orig'][$i]) ? $_REQUEST['field_move_to_orig'][$i] : '');
}
}
$revert_query = 'ALTER TABLE ' . PMA_Util::backquote($table) . ' ';
$revert_query .= implode(', ', $changes_revert) . '';
$revert_query .= ';';
// Column reverted back to original
$GLOBALS['dbi']->query($revert_query);
$response->isSuccess(false);
$response->addJSON('message', PMA_Message::rawError(__('Query error') . ':<br />' . $orig_error));
$regenerate = true;
}
}
include_once 'libraries/transformations.lib.php';
// update field names in relation
if (isset($_REQUEST['field_orig']) && is_array($_REQUEST['field_orig'])) {
foreach ($_REQUEST['field_orig'] as $fieldindex => $fieldcontent) {
if ($_REQUEST['field_name'][$fieldindex] != $fieldcontent) {
PMA_REL_renameField($db, $table, $fieldcontent, $_REQUEST['field_name'][$fieldindex]);
}
}
}
// update mime types
if (isset($_REQUEST['field_mimetype']) && is_array($_REQUEST['field_mimetype']) && $GLOBALS['cfg']['BrowseMIME']) {
foreach ($_REQUEST['field_mimetype'] as $fieldindex => $mimetype) {
if (isset($_REQUEST['field_name'][$fieldindex]) && mb_strlen($_REQUEST['field_name'][$fieldindex])) {
PMA_setMIME($db, $table, $_REQUEST['field_name'][$fieldindex], $mimetype, $_REQUEST['field_transformation'][$fieldindex], $_REQUEST['field_transformation_options'][$fieldindex], $_REQUEST['field_input_transformation'][$fieldindex], $_REQUEST['field_input_transformation_options'][$fieldindex]);
}
}
}
return $regenerate;
}
/**
* Displays authentication form
*
* this function MUST exit/quit the application
*
* @global string $conn_error the last connection error
*
* @return boolean|void
*/
public function auth()
{
global $conn_error;
$response = PMA_Response::getInstance();
if ($response->isAjax()) {
$response->setRequestStatus(false);
// redirect_flag redirects to the login page
$response->addJSON('redirect_flag', '1');
if (defined('TESTSUITE')) {
return true;
} else {
exit;
}
}
/* Perform logout to custom URL */
if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
if (defined('TESTSUITE')) {
return true;
} else {
exit;
}
}
// No recall if blowfish secret is not configured as it would produce
// garbage
if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) {
$default_user = $GLOBALS['PHP_AUTH_USER'];
$default_server = $GLOBALS['pma_auth_server'];
$autocomplete = '';
} else {
$default_user = '';
$default_server = '';
// skip the IE autocomplete feature.
$autocomplete = ' autocomplete="off"';
}
$response->getFooter()->setMinimal();
$header = $response->getHeader();
$header->setBodyId('loginform');
$header->setTitle('phpMyAdmin');
$header->disableMenuAndConsole();
$header->disableWarnings();
if (file_exists(CUSTOM_HEADER_FILE)) {
include CUSTOM_HEADER_FILE;
}
echo '
<div class="container">
<a href="';
echo PMA_linkURL('https://www.phpmyadmin.net/');
echo '" target="_blank" class="logo">';
$logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png';
if (@file_exists($logo_image)) {
echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />';
} else {
echo '<img name="imLogo" id="imLogo" src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo.png' . '" ' . 'border="0" width="88" height="31" alt="phpMyAdmin" />';
}
echo '</a>
<h1>';
echo sprintf(__('Welcome to %s'), '<bdo dir="ltr" lang="en">phpMyAdmin</bdo>');
echo "</h1>";
// Show error message
if (!empty($conn_error)) {
PMA_Message::rawError($conn_error)->display();
} elseif (isset($_GET['session_expired']) && intval($_GET['session_expired']) == 1) {
PMA_Message::rawError(__('Your session has expired. Please log in again.'))->display();
}
echo "<noscript>\n";
PMA_message::error(__("Javascript must be enabled past this point!"))->display();
echo "</noscript>\n";
echo "<div class='hide js-show'>";
// Displays the languages form
if (empty($GLOBALS['cfg']['Lang'])) {
include_once './libraries/display_select_lang.lib.php';
// use fieldset, don't show doc link
echo PMA_getLanguageSelectorHtml(true, false);
}
echo '</div>
<br />
<!-- Login form -->
<form method="post" action="index.php" name="login_form"' . $autocomplete . ' class="disableAjax login hide js-show">
<fieldset>
<legend>';
echo __('Log in');
echo PMA_Util::showDocu('index');
echo '</legend>';
if ($GLOBALS['cfg']['AllowArbitraryServer']) {
echo '
<div class="item">
<label for="input_servername" title="';
echo __('You can enter hostname/IP address and port separated by space.');
echo '">';
echo __('Server:');
echo '</label>
<input type="text" name="pma_servername" id="input_servername"';
echo ' value="';
echo htmlspecialchars($default_server);
echo '" size="24" class="textfield" title="';
echo __('You can enter hostname/IP address and port separated by space.');
echo '" />
</div>';
}
echo '<div class="item">
<label for="input_username">' . __('Username:'******'</label>
<input type="text" name="pma_username" id="input_username" ' . 'value="' . htmlspecialchars($default_user) . '" size="24"' . ' class="textfield"/>
</div>
<div class="item">
<label for="input_password">' . __('Password:'******'</label>
<input type="password" name="pma_password" id="input_password"' . ' value="" size="24" class="textfield" />
</div>';
if (count($GLOBALS['cfg']['Servers']) > 1) {
echo '<div class="item">
<label for="select_server">' . __('Server Choice:') . '</label>
<select name="server" id="select_server"';
if ($GLOBALS['cfg']['AllowArbitraryServer']) {
echo ' onchange="document.forms[\'login_form\'].' . 'elements[\'pma_servername\'].value = \'\'" ';
}
echo '>';
include_once './libraries/select_server.lib.php';
echo PMA_selectServer(false, false);
echo '</select></div>';
} else {
echo ' <input type="hidden" name="server" value="' . $GLOBALS['server'] . '" />';
}
// end if (server choice)
// Add captcha input field if reCaptcha is enabled
if (!empty($GLOBALS['cfg']['CaptchaLoginPrivateKey']) && !empty($GLOBALS['cfg']['CaptchaLoginPublicKey'])) {
// If enabled show captcha to the user on the login screen.
echo '<script src="https://www.google.com/recaptcha/api.js?hl=' . $GLOBALS['lang'] . '" async defer></script>';
echo '<div class="g-recaptcha" data-sitekey="' . $GLOBALS['cfg']['CaptchaLoginPublicKey'] . '"></div>';
}
echo '</fieldset>
<fieldset class="tblFooters">
<input value="' . __('Go') . '" type="submit" id="input_go" />';
$_form_params = array();
if (!empty($GLOBALS['target'])) {
$_form_params['target'] = $GLOBALS['target'];
}
if (!empty($GLOBALS['db'])) {
$_form_params['db'] = $GLOBALS['db'];
}
if (!empty($GLOBALS['table'])) {
$_form_params['table'] = $GLOBALS['table'];
}
// do not generate a "server" hidden field as we want the "server"
// drop-down to have priority
echo PMA_URL_getHiddenInputs($_form_params, '', 0, 'server');
echo '</fieldset>
</form>';
// BEGIN Swekey Integration
Swekey_login('input_username', 'input_go');
// END Swekey Integration
if ($GLOBALS['error_handler']->hasDisplayErrors()) {
echo '<div id="pma_errors">';
$GLOBALS['error_handler']->dispErrors();
echo '</div>';
}
echo '</div>';
if (file_exists(CUSTOM_FOOTER_FILE)) {
include CUSTOM_FOOTER_FILE;
}
if (!defined('TESTSUITE')) {
exit;
} else {
return true;
}
}
/**
* Builds and executes the db creation sql query
*/
$sql_query = 'CREATE DATABASE ' . PMA_Util::backquote($_POST['new_db']);
if (!empty($_POST['db_collation'])) {
list($db_charset) = explode('_', $_POST['db_collation']);
if (in_array($db_charset, $mysql_charsets) && in_array($_POST['db_collation'], $mysql_collations[$db_charset])) {
$sql_query .= ' DEFAULT' . PMA_generateCharsetQueryPart($_POST['db_collation']);
}
$db_collation_for_ajax = $_POST['db_collation'];
unset($db_charset);
}
$sql_query .= ';';
$result = $GLOBALS['dbi']->tryQuery($sql_query);
if (!$result) {
$message = PMA_Message::rawError($GLOBALS['dbi']->getError());
// avoid displaying the not-created db name in header or navi panel
$GLOBALS['db'] = '';
$GLOBALS['table'] = '';
/**
* If in an Ajax request, just display the message with {@link PMA_Response}
*/
if ($GLOBALS['is_ajax_request'] == true) {
$response = PMA_Response::getInstance();
$response->isSuccess(false);
$response->addJSON('message', $message);
} else {
include_once 'index.php';
}
} else {
$message = PMA_Message::success(__('Database %1$s has been created.'));
$import_handle = @gzopen($import_file, 'r');
} else {
$message = PMA_Message::error(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.'));
$message->addParam($compression);
$error = TRUE;
}
break;
case 'application/zip':
if ($cfg['ZipDump'] && @function_exists('zip_open')) {
/**
* Load interface for zip extension.
*/
include_once './libraries/zip_extension.lib.php';
$result = PMA_getZipContents($import_file);
if (!empty($result['error'])) {
$message = PMA_Message::rawError($result['error']);
$error = TRUE;
} else {
$import_text = $result['data'];
}
} else {
$message = PMA_Message::error(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.'));
$message->addParam($compression);
$error = TRUE;
}
break;
case 'none':
$import_handle = @fopen($import_file, 'r');
break;
default:
$message = PMA_Message::error(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.'));
/**
* Function to handle the delete of fmlog rows
*
* @param array &$data tracked data
*
* @return void
*/
function PMA_handleDeleteDataManipulationLog(&$data)
{
$delete_id = $_REQUEST['delete_dmlog'];
// Only in case of valable id
if ($delete_id == (int) $delete_id) {
unset($data['dmlog'][$delete_id]);
$successfullyDeleted = PMA_Tracker::changeTrackingData($_REQUEST['db'], $_REQUEST['table'], $_REQUEST['version'], 'DML', $data['dmlog']);
if ($successfullyDeleted) {
$msg = PMA_Message::success(__('Tracking data manipulation successfully deleted'));
} else {
$msg = PMA_Message::rawError(__('Query error'));
}
$msg->display();
}
}
/**
* Copies or renames table
* @todo use RENAME for move operations
* - would work only if the databases are on the same filesystem,
* how can we check that? try the operation and
* catch an error?
* - for views, only if MYSQL > 50013
* - still have to handle pmadb synch.
*
* @author Michal Cihar <*****@*****.**>
*/
public static function moveCopy($source_db, $source_table, $target_db, $target_table, $what, $move, $mode)
{
global $err_url;
// set export settings we need
$GLOBALS['sql_backquotes'] = 1;
$GLOBALS['asfile'] = 1;
// Ensure the target is valid
if (!$GLOBALS['pma']->databases->exists($source_db, $target_db)) {
if (!$GLOBALS['pma']->databases->exists($source_db)) {
$GLOBALS['message'] = PMA_Message::rawError('source database `' . htmlspecialchars($source_db) . '` not found');
}
if (!$GLOBALS['pma']->databases->exists($target_db)) {
$GLOBALS['message'] = PMA_Message::rawError('target database `' . htmlspecialchars($target_db) . '` not found');
}
return false;
}
$source = PMA_backquote($source_db) . '.' . PMA_backquote($source_table);
if (!isset($target_db) || !strlen($target_db)) {
$target_db = $source_db;
}
// Doing a select_db could avoid some problems with replicated databases,
// when moving table from replicated one to not replicated one
PMA_DBI_select_db($target_db);
$target = PMA_backquote($target_db) . '.' . PMA_backquote($target_table);
// do not create the table if dataonly
if ($what != 'dataonly') {
require_once './libraries/export/sql.php';
$no_constraints_comments = true;
$GLOBALS['sql_constraints_query'] = '';
$sql_structure = PMA_getTableDef($source_db, $source_table, "\n", $err_url, false, false);
unset($no_constraints_comments);
$parsed_sql = PMA_SQP_parse($sql_structure);
$analyzed_sql = PMA_SQP_analyze($parsed_sql);
$i = 0;
if (empty($analyzed_sql[0]['create_table_fields'])) {
// this is not a CREATE TABLE, so find the first VIEW
$target_for_view = PMA_backquote($target_db);
while (true) {
if ($parsed_sql[$i]['type'] == 'alpha_reservedWord' && $parsed_sql[$i]['data'] == 'VIEW') {
break;
}
$i++;
}
}
unset($analyzed_sql);
$server_sql_mode = PMA_DBI_fetch_value("SHOW VARIABLES LIKE 'sql_mode'", 0, 1);
// ANSI_QUOTES might be a subset of sql_mode, for example
// REAL_AS_FLOAT,PIPES_AS_CONCAT,ANSI_QUOTES,IGNORE_SPACE,ANSI
if (false !== strpos($server_sql_mode, 'ANSI_QUOTES')) {
$table_delimiter = 'quote_double';
} else {
$table_delimiter = 'quote_backtick';
}
unset($server_sql_mode);
/* nijel: Find table name in query and replace it */
while ($parsed_sql[$i]['type'] != $table_delimiter) {
$i++;
}
/* no need to PMA_backquote() */
if (isset($target_for_view)) {
// this a view definition; we just found the first db name
// that follows DEFINER VIEW
// so change it for the new db name
$parsed_sql[$i]['data'] = $target_for_view;
// then we have to find all references to the source db
// and change them to the target db, ensuring we stay into
// the $parsed_sql limits
$last = $parsed_sql['len'] - 1;
$backquoted_source_db = PMA_backquote($source_db);
for (++$i; $i <= $last; $i++) {
if ($parsed_sql[$i]['type'] == $table_delimiter && $parsed_sql[$i]['data'] == $backquoted_source_db) {
$parsed_sql[$i]['data'] = $target_for_view;
}
}
unset($last, $backquoted_source_db);
} else {
$parsed_sql[$i]['data'] = $target;
}
/* Generate query back */
$sql_structure = PMA_SQP_formatHtml($parsed_sql, 'query_only');
// If table exists, and 'add drop table' is selected: Drop it!
$drop_query = '';
if (isset($GLOBALS['drop_if_exists']) && $GLOBALS['drop_if_exists'] == 'true') {
if (PMA_Table::_isView($target_db, $target_table)) {
$drop_query = 'DROP VIEW';
} else {
$drop_query = 'DROP TABLE';
}
$drop_query .= ' IF EXISTS ' . PMA_backquote($target_db) . '.' . PMA_backquote($target_table);
PMA_DBI_query($drop_query);
$GLOBALS['sql_query'] .= "\n" . $drop_query . ';';
// garvin: If an existing table gets deleted, maintain any
// entries for the PMA_* tables
$maintain_relations = true;
}
@PMA_DBI_query($sql_structure);
$GLOBALS['sql_query'] .= "\n" . $sql_structure . ';';
if (($move || isset($GLOBALS['add_constraints'])) && !empty($GLOBALS['sql_constraints_query'])) {
$parsed_sql = PMA_SQP_parse($GLOBALS['sql_constraints_query']);
$i = 0;
// find the first $table_delimiter, it must be the source table name
while ($parsed_sql[$i]['type'] != $table_delimiter) {
$i++;
// maybe someday we should guard against going over limit
//if ($i == $parsed_sql['len']) {
// break;
//}
}
// replace it by the target table name, no need to PMA_backquote()
$parsed_sql[$i]['data'] = $target;
// now we must remove all $table_delimiter that follow a CONSTRAINT
// keyword, because a constraint name must be unique in a db
$cnt = $parsed_sql['len'] - 1;
for ($j = $i; $j < $cnt; $j++) {
if ($parsed_sql[$j]['type'] == 'alpha_reservedWord' && strtoupper($parsed_sql[$j]['data']) == 'CONSTRAINT') {
if ($parsed_sql[$j + 1]['type'] == $table_delimiter) {
$parsed_sql[$j + 1]['data'] = '';
}
}
}
// Generate query back
$GLOBALS['sql_constraints_query'] = PMA_SQP_formatHtml($parsed_sql, 'query_only');
if ($mode == 'one_table') {
PMA_DBI_query($GLOBALS['sql_constraints_query']);
}
$GLOBALS['sql_query'] .= "\n" . $GLOBALS['sql_constraints_query'];
if ($mode == 'one_table') {
unset($GLOBALS['sql_constraints_query']);
}
}
} else {
$GLOBALS['sql_query'] = '';
}
// Copy the data unless this is a VIEW
if (($what == 'data' || $what == 'dataonly') && !PMA_Table::_isView($target_db, $target_table)) {
$sql_insert_data = 'INSERT INTO ' . $target . ' SELECT * FROM ' . $source;
PMA_DBI_query($sql_insert_data);
$GLOBALS['sql_query'] .= "\n\n" . $sql_insert_data . ';';
}
require_once './libraries/relation.lib.php';
$GLOBALS['cfgRelation'] = PMA_getRelationsParam();
// Drops old table if the user has requested to move it
if ($move) {
// This could avoid some problems with replicated databases, when
// moving table from replicated one to not replicated one
PMA_DBI_select_db($source_db);
if (PMA_Table::_isView($source_db, $source_table)) {
$sql_drop_query = 'DROP VIEW';
} else {
$sql_drop_query = 'DROP TABLE';
}
$sql_drop_query .= ' ' . $source;
PMA_DBI_query($sql_drop_query);
// garvin: Move old entries from PMA-DBs to new table
if ($GLOBALS['cfgRelation']['commwork']) {
$remove_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['column_info']) . ' SET table_name = \'' . PMA_sqlAddslashes($target_table) . '\', ' . ' db_name = \'' . PMA_sqlAddslashes($target_db) . '\'' . ' WHERE db_name = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND table_name = \'' . PMA_sqlAddslashes($source_table) . '\'';
PMA_query_as_controluser($remove_query);
unset($remove_query);
}
// garvin: updating bookmarks is not possible since only a single table is moved,
// and not the whole DB.
if ($GLOBALS['cfgRelation']['displaywork']) {
$table_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['table_info']) . ' SET db_name = \'' . PMA_sqlAddslashes($target_db) . '\', ' . ' table_name = \'' . PMA_sqlAddslashes($target_table) . '\'' . ' WHERE db_name = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND table_name = \'' . PMA_sqlAddslashes($source_table) . '\'';
PMA_query_as_controluser($table_query);
unset($table_query);
}
if ($GLOBALS['cfgRelation']['relwork']) {
$table_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['relation']) . ' SET foreign_table = \'' . PMA_sqlAddslashes($target_table) . '\',' . ' foreign_db = \'' . PMA_sqlAddslashes($target_db) . '\'' . ' WHERE foreign_db = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND foreign_table = \'' . PMA_sqlAddslashes($source_table) . '\'';
PMA_query_as_controluser($table_query);
unset($table_query);
$table_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['relation']) . ' SET master_table = \'' . PMA_sqlAddslashes($target_table) . '\',' . ' master_db = \'' . PMA_sqlAddslashes($target_db) . '\'' . ' WHERE master_db = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND master_table = \'' . PMA_sqlAddslashes($source_table) . '\'';
PMA_query_as_controluser($table_query);
unset($table_query);
}
/**
* @todo garvin: Can't get moving PDFs the right way. The page numbers
* always get screwed up independently from duplication because the
* numbers do not seem to be stored on a per-database basis. Would
* the author of pdf support please have a look at it?
*/
if ($GLOBALS['cfgRelation']['pdfwork']) {
$table_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['table_coords']) . ' SET table_name = \'' . PMA_sqlAddslashes($target_table) . '\',' . ' db_name = \'' . PMA_sqlAddslashes($target_db) . '\'' . ' WHERE db_name = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND table_name = \'' . PMA_sqlAddslashes($source_table) . '\'';
PMA_query_as_controluser($table_query);
unset($table_query);
/*
$pdf_query = 'SELECT pdf_page_number '
. ' FROM ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['table_coords'])
. ' WHERE db_name = \'' . PMA_sqlAddslashes($target_db) . '\''
. ' AND table_name = \'' . PMA_sqlAddslashes($target_table) . '\'';
$pdf_rs = PMA_query_as_controluser($pdf_query);
while ($pdf_copy_row = PMA_DBI_fetch_assoc($pdf_rs)) {
$table_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['pdf_pages'])
. ' SET db_name = \'' . PMA_sqlAddslashes($target_db) . '\''
. ' WHERE db_name = \'' . PMA_sqlAddslashes($source_db) . '\''
. ' AND page_nr = \'' . PMA_sqlAddslashes($pdf_copy_row['pdf_page_number']) . '\'';
$tb_rs = PMA_query_as_controluser($table_query);
unset($table_query);
unset($tb_rs);
}
*/
}
if ($GLOBALS['cfgRelation']['designerwork']) {
$table_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['designer_coords']) . ' SET table_name = \'' . PMA_sqlAddslashes($target_table) . '\',' . ' db_name = \'' . PMA_sqlAddslashes($target_db) . '\'' . ' WHERE db_name = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND table_name = \'' . PMA_sqlAddslashes($source_table) . '\'';
PMA_query_as_controluser($table_query);
unset($table_query);
}
$GLOBALS['sql_query'] .= "\n\n" . $sql_drop_query . ';';
// end if ($move)
} else {
// we are copying
// garvin: Create new entries as duplicates from old PMA DBs
if ($what != 'dataonly' && !isset($maintain_relations)) {
if ($GLOBALS['cfgRelation']['commwork']) {
// Get all comments and MIME-Types for current table
$comments_copy_query = 'SELECT
column_name, ' . PMA_backquote('comment') . ($GLOBALS['cfgRelation']['mimework'] ? ', mimetype, transformation, transformation_options' : '') . '
FROM ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['column_info']) . '
WHERE
db_name = \'' . PMA_sqlAddslashes($source_db) . '\' AND
table_name = \'' . PMA_sqlAddslashes($source_table) . '\'';
$comments_copy_rs = PMA_query_as_controluser($comments_copy_query);
// Write every comment as new copied entry. [MIME]
while ($comments_copy_row = PMA_DBI_fetch_assoc($comments_copy_rs)) {
$new_comment_query = 'REPLACE INTO ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['column_info']) . ' (db_name, table_name, column_name, ' . PMA_backquote('comment') . ($GLOBALS['cfgRelation']['mimework'] ? ', mimetype, transformation, transformation_options' : '') . ') ' . ' VALUES(' . '\'' . PMA_sqlAddslashes($target_db) . '\',' . '\'' . PMA_sqlAddslashes($target_table) . '\',' . '\'' . PMA_sqlAddslashes($comments_copy_row['column_name']) . '\'' . ($GLOBALS['cfgRelation']['mimework'] ? ',\'' . PMA_sqlAddslashes($comments_copy_row['comment']) . '\',' . '\'' . PMA_sqlAddslashes($comments_copy_row['mimetype']) . '\',' . '\'' . PMA_sqlAddslashes($comments_copy_row['transformation']) . '\',' . '\'' . PMA_sqlAddslashes($comments_copy_row['transformation_options']) . '\'' : '') . ')';
PMA_query_as_controluser($new_comment_query);
}
// end while
PMA_DBI_free_result($comments_copy_rs);
unset($comments_copy_rs);
}
// duplicating the bookmarks must not be done here, but
// just once per db
$get_fields = array('display_field');
$where_fields = array('db_name' => $source_db, 'table_name' => $source_table);
$new_fields = array('db_name' => $target_db, 'table_name' => $target_table);
PMA_Table::duplicateInfo('displaywork', 'table_info', $get_fields, $where_fields, $new_fields);
/**
* @todo revise this code when we support cross-db relations
*/
$get_fields = array('master_field', 'foreign_table', 'foreign_field');
$where_fields = array('master_db' => $source_db, 'master_table' => $source_table);
$new_fields = array('master_db' => $target_db, 'foreign_db' => $target_db, 'master_table' => $target_table);
PMA_Table::duplicateInfo('relwork', 'relation', $get_fields, $where_fields, $new_fields);
$get_fields = array('foreign_field', 'master_table', 'master_field');
$where_fields = array('foreign_db' => $source_db, 'foreign_table' => $source_table);
$new_fields = array('master_db' => $target_db, 'foreign_db' => $target_db, 'foreign_table' => $target_table);
PMA_Table::duplicateInfo('relwork', 'relation', $get_fields, $where_fields, $new_fields);
$get_fields = array('x', 'y', 'v', 'h');
$where_fields = array('db_name' => $source_db, 'table_name' => $source_table);
$new_fields = array('db_name' => $target_db, 'table_name' => $target_table);
PMA_Table::duplicateInfo('designerwork', 'designer_coords', $get_fields, $where_fields, $new_fields);
/**
* @todo garvin: Can't get duplicating PDFs the right way. The
* page numbers always get screwed up independently from
* duplication because the numbers do not seem to be stored on a
* per-database basis. Would the author of pdf support please
* have a look at it?
*
$get_fields = array('page_descr');
$where_fields = array('db_name' => $source_db);
$new_fields = array('db_name' => $target_db);
$last_id = PMA_Table::duplicateInfo('pdfwork', 'pdf_pages', $get_fields, $where_fields, $new_fields);
if (isset($last_id) && $last_id >= 0) {
$get_fields = array('x', 'y');
$where_fields = array('db_name' => $source_db, 'table_name' => $source_table);
$new_fields = array('db_name' => $target_db, 'table_name' => $target_table, 'pdf_page_number' => $last_id);
PMA_Table::duplicateInfo('pdfwork', 'table_coords', $get_fields, $where_fields, $new_fields);
}
*/
}
}
return true;
}
PMA_DBI_query('SET PROFILING=1;');
}
// garvin: Measure query time.
// TODO-Item http://sourceforge.net/tracker/index.php?func=detail&aid=571934&group_id=23067&atid=377411
$querytime_before = array_sum(explode(' ', microtime()));
$result = @PMA_DBI_try_query($full_sql_query, null, PMA_DBI_QUERY_STORE);
$querytime_after = array_sum(explode(' ', microtime()));
$GLOBALS['querytime'] = $querytime_after - $querytime_before;
// Displays an error message if required and stop parsing the script
if ($error = PMA_DBI_getError()) {
if ($is_gotofile) {
if (strpos($goto, 'db_') === 0 && strlen($table)) {
$table = '';
}
$active_page = $goto;
$message = htmlspecialchars(PMA_Message::rawError($error));
/**
* Go to target path.
*/
require './' . PMA_securePath($goto);
} else {
/**
* HTML header.
*/
require_once './libraries/header.inc.php';
$full_err_url = preg_match('@^(db|tbl)_@', $err_url) ? $err_url . '&show_query=1&sql_query=' . urlencode($sql_query) : $err_url;
PMA_mysqlDie($error, $full_sql_query, '', $full_err_url);
}
exit;
}
unset($error);
$res = PMA_DBI_try_query($sql_query, null, PMA_DBI_QUERY_STORE);
if (! $res) {
PMA_Message::error(__('No Privileges'))->display();
PMA_DBI_free_result($res);
unset($res);
} else {
// This message is hardcoded because I will replace it by
// a automatic repair feature soon.
$raw = 'Your privilege table structure seems to be older than'
. ' this MySQL version!<br />'
. 'Please run the <code>mysql_upgrade</code> command'
. '(<code>mysql_fix_privilege_tables</code> on older systems)'
. ' that should be included in your MySQL server distribution'
. ' to solve this problem!';
PMA_Message::rawError($raw)->display();
}
} else {
// we also want users not in table `user` but in other table
$tables = PMA_DBI_fetch_result('SHOW TABLES FROM `mysql`;');
$tables_to_search_for_users = array(
'user', 'db', 'tables_priv', 'columns_priv', 'procs_priv',
);
$db_rights_sqls = array();
foreach ($tables_to_search_for_users as $table_search_in) {
if (in_array($table_search_in, $tables)) {
$db_rights_sqls[] = 'SELECT DISTINCT `User`, `Host` FROM `mysql`.`' . $table_search_in . '` ' . (isset($initial) ? PMA_rangeOfUsers($initial) : '');
}
/**
* Save recent tables into phpMyAdmin database.
*
* @return true|PMA_Message
*/
public function saveToDb()
{
$username = $GLOBALS['cfg']['Server']['user'];
$sql_query = " REPLACE INTO " . $this->pma_table . " (`username`, `tables`)" . " VALUES ('" . $username . "', '" . PMA_sqlAddSlashes(json_encode($this->tables)) . "')";
$success = PMA_DBI_try_query($sql_query, $GLOBALS['controllink']);
if (!$success) {
$message = PMA_Message::error(__('Could not save recent table'));
$message->addMessage('<br /><br />');
$message->addMessage(PMA_Message::rawError(PMA_DBI_getError($GLOBALS['controllink'])));
return $message;
}
return true;
}
/**
* Save recent/favorite tables into phpMyAdmin database.
*
* @return true|PMA_Message
*/
public function saveToDb()
{
$username = $GLOBALS['cfg']['Server']['user'];
$sql_query = " REPLACE INTO " . $this->_pmaTable . " (`username`, `tables`)" . " VALUES ('" . $username . "', '" . PMA_Util::sqlAddSlashes(json_encode($this->_tables)) . "')";
$success = $GLOBALS['dbi']->tryQuery($sql_query, $GLOBALS['controllink']);
if (!$success) {
$error_msg = '';
switch ($this->_tableType) {
case 'recent':
$error_msg = __('Could not save recent table!');
break;
case 'favorite':
$error_msg = __('Could not save favorite table!');
break;
}
$message = PMA_Message::error($error_msg);
$message->addMessage('<br /><br />');
$message->addMessage(PMA_Message::rawError($GLOBALS['dbi']->getError($GLOBALS['controllink'])));
return $message;
}
return true;
}
/**
* Displays authentication form
*
* this function MUST exit/quit the application
*
* @global string the last connection error
*
* @return void
*/
public function auth()
{
global $conn_error;
$response = PMA_Response::getInstance();
if ($response->isAjax()) {
$response->isSuccess(false);
if (!empty($conn_error)) {
$response->addJSON('message', PMA_Message::error($conn_error));
} else {
$response->addJSON('message', PMA_Message::error(__('Your session has expired. Please login again.')));
}
exit;
}
/* Perform logout to custom URL */
if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
exit;
}
// No recall if blowfish secret is not configured as it would produce
// garbage
if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) {
$default_user = $GLOBALS['PHP_AUTH_USER'];
$default_server = $GLOBALS['pma_auth_server'];
$autocomplete = '';
} else {
$default_user = '';
$default_server = '';
// skip the IE autocomplete feature.
$autocomplete = ' autocomplete="off"';
}
$cell_align = $GLOBALS['text_dir'] == 'ltr' ? 'left' : 'right';
$response->getFooter()->setMinimal();
$header = $response->getHeader();
$header->setBodyId('loginform');
$header->setTitle('phpMyAdmin');
$header->disableMenu();
$header->disableWarnings();
if (file_exists(CUSTOM_HEADER_FILE)) {
include CUSTOM_HEADER_FILE;
}
echo '
<div class="container">
<a href="';
echo PMA_linkURL('http://www.phpmyadmin.net/');
echo '" target="_blank" class="logo">';
$logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png';
if (@file_exists($logo_image)) {
echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />';
} else {
echo '<img name="imLogo" id="imLogo" src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo.png' . '" ' . 'border="0" width="88" height="31" alt="phpMyAdmin" />';
}
echo '</a>
<h1>';
echo sprintf(__('Welcome to %s'), '<bdo dir="ltr" lang="en">phpMyAdmin</bdo>');
echo "</h1>";
// Show error message
if (!empty($conn_error)) {
PMA_Message::rawError($conn_error)->display();
}
echo "<noscript>\n";
PMA_message::error(__("Javascript must be enabled past this point"))->display();
echo "</noscript>\n";
echo "<div class='hide js-show'>";
// Displays the languages form
if (empty($GLOBALS['cfg']['Lang'])) {
include_once './libraries/display_select_lang.lib.php';
// use fieldset, don't show doc link
PMA_Language_select(true, false);
}
echo '</div>
<br />
<!-- Login form -->
<form method="post" action="index.php" name="login_form"' . $autocomplete . ' target="_top" class="login hide js-show">
<fieldset>
<legend>';
echo __('Log in');
echo PMA_Util::showDocu('');
echo '</legend>';
if ($GLOBALS['cfg']['AllowArbitraryServer']) {
echo '
<div class="item">
<label for="input_servername" title="';
echo __('You can enter hostname/IP address and port separated by space.');
echo '">';
echo __('Server:');
echo '</label>
<input type="text" name="pma_servername" id="input_servername"';
echo ' value="';
echo htmlspecialchars($default_server);
echo '" size="24" class="textfield" title="';
echo __('You can enter hostname/IP address and port separated by space.');
echo '" />
</div>';
}
echo '<div class="item">
<label for="input_username">' . __('Username:'******'</label>
<input type="text" name="pma_username" id="input_username" ' . 'value="' . htmlspecialchars($default_user) . '" size="24"' . ' class="textfield"/>
</div>
<div class="item">
<label for="input_password">' . __('Password:'******'</label>
<input type="password" name="pma_password" id="input_password"' . ' value="" size="24" class="textfield" />
</div>';
if (count($GLOBALS['cfg']['Servers']) > 1) {
echo '<div class="item">
<label for="select_server">' . __('Server Choice') . ':</label>
<select name="server" id="select_server"';
if ($GLOBALS['cfg']['AllowArbitraryServer']) {
echo ' onchange="document.forms[\'login_form\'].' . 'elements[\'pma_servername\'].value = \'\'" ';
}
echo '>';
include_once './libraries/select_server.lib.php';
PMA_selectServer(false, false);
echo '</select></div>';
} else {
echo ' <input type="hidden" name="server" value="' . $GLOBALS['server'] . '" />';
}
// end if (server choice)
echo '</fieldset>
<fieldset class="tblFooters">
<input value="' . __('Go') . '" type="submit" id="input_go" />';
$_form_params = array();
if (!empty($GLOBALS['target'])) {
$_form_params['target'] = $GLOBALS['target'];
}
if (!empty($GLOBALS['db'])) {
$_form_params['db'] = $GLOBALS['db'];
}
if (!empty($GLOBALS['table'])) {
$_form_params['table'] = $GLOBALS['table'];
}
// do not generate a "server" hidden field as we want the "server"
// drop-down to have priority
echo PMA_generate_common_hidden_inputs($_form_params, '', 0, 'server');
echo '</fieldset>
</form>';
// BEGIN Swekey Integration
Swekey_login('input_username', 'input_go');
// END Swekey Integration
// show the "Cookies required" message only if cookies are disabled
// (we previously tried to set some cookies)
if (empty($_COOKIE)) {
trigger_error(__('Cookies must be enabled past this point.'), E_USER_NOTICE);
}
if ($GLOBALS['error_handler']->hasDisplayErrors()) {
echo '<div>';
$GLOBALS['error_handler']->dispErrors();
echo '</div>';
}
echo '</div>';
if (file_exists(CUSTOM_FOOTER_FILE)) {
include CUSTOM_FOOTER_FILE;
}
echo '
<script type="text/javascript">
//<![CDATA[
// show login form in top frame.
if (top != self || ! $(\'body#loginform\').length) {
window.top.location.href=location;
}
//]]>
</script>';
exit;
}
