} // $sql_query come from the query textarea, if it's a reposted query gets its // 'true' value if (!empty($prev_sql_query)) { $prev_sql_query = urldecode($prev_sql_query); if ($sql_query == trim(htmlspecialchars($prev_sql_query))) { $sql_query = $prev_sql_query; } } // Drop database is not allowed -> ensure the query can be run if (!$cfg['AllowUserDropDatabase'] && preg_match('@DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE @i', $sql_query)) { // Checks if the user is a Superuser // TODO: set a global variable with this information // loic1: optimized query $result = @PMA_mysql_query('USE mysql'); if (PMA_mysql_error()) { require_once './header.inc.php'; PMA_mysqlDie($strNoDropDatabases, '', '', $err_url); } } define('PMA_CHK_DROP', 1); /** * Store a query as a bookmark before executing it? */ if (isset($SQLbookmark) && $sql_query != '') { require_once './libraries/bookmark.lib.php'; $bfields = array('dbase' => $db, 'user' => $cfg['Bookmark']['user'], 'query' => urlencode($sql_query), 'label' => $bkm_label); PMA_addBookmarks($bfields, $cfg['Bookmark'], isset($bkm_all_users) && $bkm_all_users == 'true' ? true : false); } /** * Executes the query
} /** * Displays the sub-page heading */ echo '<h2>' . "\n" . ' ' . $strServerStatus . "\n" . '</h2>' . "\n"; /** * Checks if the user is allowed to do what he tries to... */ if (!$is_superuser && !$cfg['ShowMysqlInfo']) { echo $strNoPrivileges; require_once './footer.inc.php'; } /** * Sends the query and buffers the result */ $res = @PMA_mysql_query('SHOW STATUS;', $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), 'SHOW STATUS;'); while ($row = PMA_mysql_fetch_row($res)) { $serverStatus[$row[0]] = $row[1]; } @mysql_free_result($res); unset($res); unset($row); /** * Displays the page */ //Uptime calculation $res = @PMA_mysql_query('SELECT UNIX_TIMESTAMP() - ' . $serverStatus['Uptime'] . ';'); $row = PMA_mysql_fetch_row($res); echo sprintf($strServerStatusUptime, PMA_timespanFormat($serverStatus['Uptime']), PMA_localisedDate($row[0])) . "\n"; mysql_free_result($res); unset($res);
/** * Sends the queries and buffers the results */ if (PMA_MYSQL_INT_VERSION >= 40003) { $res = @PMA_mysql_query('SHOW SESSION VARIABLES;', $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), 'SHOW SESSION VARIABLES;'); while ($row = PMA_mysql_fetch_row($res)) { $serverVars[$row[0]] = $row[1]; } @mysql_free_result($res); $res = @PMA_mysql_query('SHOW GLOBAL VARIABLES;', $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), 'SHOW GLOBAL VARIABLES;'); while ($row = PMA_mysql_fetch_row($res)) { $serverVarsGlobal[$row[0]] = $row[1]; } @mysql_free_result($res); } else { $res = @PMA_mysql_query('SHOW VARIABLES;', $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), 'SHOW VARIABLES;'); while ($row = PMA_mysql_fetch_row($res)) { $serverVars[$row[0]] = $row[1]; } @mysql_free_result($res); } unset($res); unset($row); /** * Displays the page */ ?> <table border="0"> <tr> <th> <?php echo $strVar;
function PMA_getDbCollation($db) { global $userlink; if (PMA_MYSQL_INT_VERSION >= 40101) { // MySQL 4.1.0 does not support seperate charset settings // for databases. $sql_query = 'SHOW CREATE DATABASE ' . PMA_backquote($db) . ';'; $res = PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query); $row = PMA_mysql_fetch_row($res); mysql_free_result($res); $tokenized = explode(' ', $row[1]); unset($row, $res, $sql_query); for ($i = 1; $i + 3 < count($tokenized); $i++) { if ($tokenized[$i] == 'DEFAULT' && $tokenized[$i + 1] == 'CHARACTER' && $tokenized[$i + 2] == 'SET') { // We've found the character set! if (isset($tokenized[$i + 5]) && $tokenized[$i + 4] == 'COLLATE') { return $tokenized[$i + 5]; // We found the collation! } else { // We did not find the collation, so let's return the // default collation for the charset we've found. return $GLOBALS['mysql_default_collations'][$tokenized[$i + 3]]; } } } } return ''; }
/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth_fails() { global $conn_error; // Deletes password cookie and displays the login form setcookie('pma_cookie_password', base64_encode(''), 0, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']); if (PMA_mysql_error()) { $conn_error = PMA_mysql_error(); } else { if (isset($php_errormsg)) { $conn_error = $php_errormsg; } else { $conn_error = $GLOBALS['strCannotLogin']; } } PMA_auth(); return TRUE; }
/** * Displays the privileges form table * * @param string the database * @param string the table * @param boolean wheather to display the submit button or not * @param int the indenting level of the code * * @global array the phpMyAdmin configuration * @global ressource the database connection * * @return void */ function PMA_displayPrivTable($db = '*', $table = '*', $submit = TRUE, $indent = 0) { global $cfg, $userlink; if ($db == '*') { $table = '*'; } $spaces = ''; for ($i = 0; $i < $indent; $i++) { $spaces .= ' '; } if (isset($GLOBALS['username'])) { $username = $GLOBALS['username']; $hostname = $GLOBALS['hostname']; if ($db == '*') { $sql_query = 'SELECT * FROM `user` WHERE `User` = "' . PMA_sqlAddslashes($username) . '" AND `Host` = "' . $hostname . '";'; } else { if ($table == '*') { $sql_query = 'SELECT * FROM `db` WHERE `User` = "' . PMA_sqlAddslashes($username) . '" AND `Host` = "' . $hostname . '" AND `Db` = "' . $db . '";'; } else { $sql_query = 'SELECT `Table_priv` FROM `tables_priv` WHERE `User` = "' . PMA_sqlAddslashes($username) . '" AND `Host` = "' . $hostname . '" AND `Db` = "' . $db . '" AND `Table_name` = "' . $table . '";'; } } $res = PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query); if ($res) { $row = PMA_mysql_fetch_array($res, MYSQL_ASSOC); } @mysql_free_result($res); } if (empty($row)) { if ($table == '*') { if ($db == '*') { $sql_query = 'SHOW COLUMNS FROM `mysql`.`user`;'; } else { if ($table == '*') { $sql_query = 'SHOW COLUMNS FROM `mysql`.`db`;'; } } $res = PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query); while ($row1 = PMA_mysql_fetch_row($res)) { if (substr($row1[0], 0, 4) == 'max_') { $row[$row1[0]] = 0; } else { $row[$row1[0]] = 'N'; } } mysql_free_result($res); } else { $row = array('Table_priv' => ''); } } if (isset($row['Table_priv'])) { $sql_query = 'SHOW COLUMNS FROM `tables_priv` LIKE "Table_priv";'; $res = PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query); unset($sql_query); $row1 = PMA_mysql_fetch_array($res, MYSQL_ASSOC); mysql_free_result($res); $av_grants = explode('\',\'', substr($row1['Type'], strpos($row1['Type'], '(') + 2, strpos($row1['Type'], ')') - strpos($row1['Type'], '(') - 3)); unset($row1); $users_grants = explode(',', $row['Table_priv']); foreach ($av_grants as $current_grant) { $row[$current_grant . '_priv'] = in_array($current_grant, $users_grants) ? 'Y' : 'N'; } unset($row['Table_priv']); unset($current_grant); unset($av_grants); unset($users_grants); if ($res = PMA_mysql_query('SHOW COLUMNS FROM `' . $db . '`.`' . $table . '`;', $userlink)) { $columns = array(); while ($row1 = PMA_mysql_fetch_row($res)) { $columns[$row1[0]] = array('Select' => FALSE, 'Insert' => FALSE, 'Update' => FALSE, 'References' => FALSE); } mysql_free_result($res); unset($res); unset($row1); } } if (!empty($columns)) { $sql_query = 'SELECT `Column_name`, `Column_priv` FROM `columns_priv` WHERE `User` = "' . PMA_sqlAddslashes($username) . '" AND `Host` = "' . $hostname . '" AND `Db` = "' . $db . '" AND `Table_name` = "' . $table . '";'; $res = PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query); while ($row1 = PMA_mysql_fetch_row($res)) { $row1[1] = explode(',', $row1[1]); foreach ($row1[1] as $current) { $columns[$row1[0]][$current] = TRUE; } } mysql_free_result($res); unset($res); unset($row1); unset($current); echo $spaces . '<input type="hidden" name="grant_count" value="' . count($row) . '" />' . "\n" . $spaces . '<input type="hidden" name="column_count" value="' . count($columns) . '" />' . "\n" . $spaces . '<table border="0">' . "\n" . $spaces . ' <tr>' . "\n" . $spaces . ' <th colspan="6"> ' . $GLOBALS['strTblPrivileges'] . ' </th>' . "\n" . $spaces . ' </tr>' . "\n" . $spaces . ' <tr>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '" colspan="6"><small><i>' . $GLOBALS['strEnglishPrivileges'] . '</i></small></td>' . "\n" . $spaces . ' </tr>' . "\n" . $spaces . ' <tr>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorOne'] . '"> <tt><dfn title="' . $GLOBALS['strPrivDescSelect'] . '">SELECT</dfn></tt> </td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorOne'] . '"> <tt><dfn title="' . $GLOBALS['strPrivDescInsert'] . '">INSERT</dfn></tt> </td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorOne'] . '"> <tt><dfn title="' . $GLOBALS['strPrivDescUpdate'] . '">UPDATE</dfn></tt> </td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorOne'] . '"> <tt><dfn title="' . $GLOBALS['strPrivDescReferences'] . '">REFERENCES</dfn></tt> </td>' . "\n"; list($current_grant, $current_grant_value) = each($row); while (in_array(substr($current_grant, 0, strlen($current_grant) - 5), array('Select', 'Insert', 'Update', 'References'))) { list($current_grant, $current_grant_value) = each($row); } echo $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="checkbox" name="' . $current_grant . '" id="checkbox_' . $current_grant . '" value="Y" ' . ($current_grant_value == 'Y' ? 'checked="checked" ' : '') . 'title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5) . 'Tbl']) . '"/></td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="checkbox_' . $current_grant . '"><tt><dfn title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5) . 'Tbl']) . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label></td>' . "\n" . $spaces . ' </tr>' . "\n" . $spaces . ' <tr>' . "\n"; $rowspan = count($row) - 5; echo $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '" rowspan="' . $rowspan . '" valign="top">' . "\n" . $spaces . ' <select name="Select_priv[]" multiple="multiple">' . "\n"; foreach ($columns as $current_column => $current_column_privileges) { echo $spaces . ' <option value="' . htmlspecialchars($current_column) . '"'; if ($row['Select_priv'] == 'Y' || $current_column_privileges['Select']) { echo ' selected="selected"'; } echo '>' . htmlspecialchars($current_column) . '</option>' . "\n"; } echo $spaces . ' </select><br />' . "\n" . $spaces . ' <i>' . $GLOBALS['strOr'] . '</i><br />' . "\n" . $spaces . ' <input type="checkbox" name="Select_priv_none" id="checkbox_Select_priv_none" title="' . $GLOBALS['strNone'] . '" />' . "\n" . $spaces . ' <label for="checkbox_Select_priv_none">' . $GLOBALS['strNone'] . '</label>' . "\n" . $spaces . ' </td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '" rowspan="' . $rowspan . '" valign="top">' . "\n" . $spaces . ' <select name="Insert_priv[]" multiple="multiple">' . "\n"; foreach ($columns as $current_column => $current_column_privileges) { echo $spaces . ' <option value="' . htmlspecialchars($current_column) . '"'; if ($row['Insert_priv'] == 'Y' || $current_column_privileges['Insert']) { echo ' selected="selected"'; } echo '>' . htmlspecialchars($current_column) . '</option>' . "\n"; } echo $spaces . ' </select><br />' . "\n" . $spaces . ' <i>' . $GLOBALS['strOr'] . '</i><br />' . "\n" . $spaces . ' <input type="checkbox" name="Insert_priv_none" id="checkbox_Insert_priv_none" title="' . $GLOBALS['strNone'] . '" />' . "\n" . $spaces . ' <label for="checkbox_Insert_priv_none">' . $GLOBALS['strNone'] . '</label>' . "\n" . $spaces . ' </td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '" rowspan="' . $rowspan . '" valign="top">' . "\n" . $spaces . ' <select name="Update_priv[]" multiple="multiple">' . "\n"; foreach ($columns as $current_column => $current_column_privileges) { echo $spaces . ' <option value="' . htmlspecialchars($current_column) . '"'; if ($row['Update_priv'] == 'Y' || $current_column_privileges['Update']) { echo ' selected="selected"'; } echo '>' . htmlspecialchars($current_column) . '</option>' . "\n"; } echo $spaces . ' </select><br />' . "\n" . $spaces . ' <i>' . $GLOBALS['strOr'] . '</i><br />' . "\n" . $spaces . ' <input type="checkbox" name="Update_priv_none" id="checkbox_Update_priv_none" title="' . $GLOBALS['strNone'] . '" />' . "\n" . $spaces . ' <label for="checkbox_Update_priv_none">' . $GLOBALS['strNone'] . '</label>' . "\n" . $spaces . ' </td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '" rowspan="' . $rowspan . '" valign="top">' . "\n" . $spaces . ' <select name="References_priv[]" multiple="multiple">' . "\n"; foreach ($columns as $current_column => $current_column_privileges) { echo $spaces . ' <option value="' . htmlspecialchars($current_column) . '"'; if ($row['References_priv'] == 'Y' || $current_column_privileges['References']) { echo ' selected="selected"'; } echo '>' . htmlspecialchars($current_column) . '</option>' . "\n"; } echo $spaces . ' </select><br />' . "\n" . $spaces . ' <i>' . $GLOBALS['strOr'] . '</i><br />' . "\n" . $spaces . ' <input type="checkbox" name="References_priv_none" id="checkbox_References_priv_none" title="' . $GLOBALS['strNone'] . '" />' . "\n" . $spaces . ' <label for="checkbox_References_priv_none">' . $GLOBALS['strNone'] . '</label>' . "\n" . $spaces . ' </td>' . "\n"; unset($rowspan); list($current_grant, $current_grant_value) = each($row); while (in_array(substr($current_grant, 0, strlen($current_grant) - 5), array('Select', 'Insert', 'Update', 'References'))) { list($current_grant, $current_grant_value) = each($row); } echo $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="checkbox" name="' . $current_grant . '" id="checkbox_' . $current_grant . '" value="Y" ' . ($current_grant_value == 'Y' ? 'checked="checked" ' : '') . 'title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5) . 'Tbl']) . '"/></td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="checkbox_' . $current_grant . '"><tt><dfn title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5) . 'Tbl']) . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label></td>' . "\n" . $spaces . ' </tr>' . "\n"; while (list($current_grant, $current_grant_value) = each($row)) { if (in_array(substr($current_grant, 0, strlen($current_grant) - 5), array('Select', 'Insert', 'Update', 'References'))) { continue; } echo $spaces . ' <tr>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="checkbox" name="' . $current_grant . '" id="checkbox_' . $current_grant . '" value="Y" ' . ($current_grant_value == 'Y' ? 'checked="checked" ' : '') . 'title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5) . 'Tbl']) . '"/></td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="checkbox_' . $current_grant . '"><tt><dfn title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5) . 'Tbl']) . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label></td>' . "\n" . $spaces . ' </tr>' . "\n"; } } else { $privTable[0] = array(array('Select', 'SELECT', $GLOBALS['strPrivDescSelect']), array('Insert', 'INSERT', $GLOBALS['strPrivDescInsert']), array('Update', 'UPDATE', $GLOBALS['strPrivDescUpdate']), array('Delete', 'DELETE', $GLOBALS['strPrivDescDelete'])); if ($db == '*') { $privTable[0][] = array('File', 'FILE', $GLOBALS['strPrivDescFile']); } $privTable[1] = array(array('Create', 'CREATE', $table == '*' ? $GLOBALS['strPrivDescCreateDb'] : $GLOBALS['strPrivDescCreateTbl']), array('Alter', 'ALTER', $GLOBALS['strPrivDescAlter']), array('Index', 'INDEX', $GLOBALS['strPrivDescIndex']), array('Drop', 'DROP', $table == '*' ? $GLOBALS['strPrivDescDropDb'] : $GLOBALS['strPrivDescDropTbl'])); if (isset($row['Create_tmp_table_priv'])) { $privTable[1][] = array('Create_tmp_table', 'CREATE TEMPORARY TABLES', $GLOBALS['strPrivDescCreateTmpTable']); } $privTable[2] = array(); if (isset($row['Grant_priv'])) { $privTable[2][] = array('Grant', 'GRANT', $GLOBALS['strPrivDescGrant']); } if ($db == '*') { if (isset($row['Super_priv'])) { $privTable[2][] = array('Super', 'SUPER', $GLOBALS['strPrivDescSuper']); $privTable[2][] = array('Process', 'PROCESS', $GLOBALS['strPrivDescProcess4']); } else { $privTable[2][] = array('Process', 'PROCESS', $GLOBALS['strPrivDescProcess3']); } $privTable[2][] = array('Reload', 'RELOAD', $GLOBALS['strPrivDescReload']); $privTable[2][] = array('Shutdown', 'SHUTDOWN', $GLOBALS['strPrivDescShutdown']); if (isset($row['Show_db_priv'])) { $privTable[2][] = array('Show_db', 'SHOW DATABASES', $GLOBALS['strPrivDescShowDb']); } } if (isset($row['Lock_tables_priv'])) { $privTable[2][] = array('Lock_tables', 'LOCK TABLES', $GLOBALS['strPrivDescLockTables']); } $privTable[2][] = array('References', 'REFERENCES', $GLOBALS['strPrivDescReferences']); if ($db == '*') { if (isset($row['Execute_priv'])) { $privTable[2][] = array('Execute', 'EXECUTE', $GLOBALS['strPrivDescExecute']); } if (isset($row['Repl_client_priv'])) { $privTable[2][] = array('Repl_client', 'REPLICATION CLIENT', $GLOBALS['strPrivDescReplClient']); } if (isset($row['Repl_slave_priv'])) { $privTable[2][] = array('Repl_slave', 'REPLICATION SLAVE', $GLOBALS['strPrivDescReplSlave']); } } echo $spaces . '<input type="hidden" name="grant_count" value="' . (count($privTable[0]) + count($privTable[1]) + count($privTable[2]) - (isset($row['Grant_priv']) ? 1 : 0)) . '" />' . "\n" . $spaces . '<table border="0">' . "\n" . $spaces . ' <tr>' . "\n" . $spaces . ' <th colspan="6"> ' . ($db == '*' ? $GLOBALS['strGlobalPrivileges'] : ($table == '*' ? $GLOBALS['strDbPrivileges'] : $GLOBALS['strTblPrivileges'])) . ' </th>' . "\n" . $spaces . ' </tr>' . "\n" . $spaces . ' <tr>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '" colspan="6"><small><i>' . $GLOBALS['strEnglishPrivileges'] . '</i></small></td>' . "\n" . $spaces . ' </tr>' . "\n" . $spaces . ' <tr>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="2"> <b><i>' . $GLOBALS['strData'] . '</i></b> </td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="2"> <b><i>' . $GLOBALS['strStructure'] . '</i></b> </td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="2"> <b><i>' . $GLOBALS['strAdministration'] . '</i></b> </td>' . "\n" . $spaces . ' </tr>' . "\n"; $limitTable = FALSE; for ($i = 0; isset($privTable[0][$i]) || isset($privTable[1][$i]) || isset($privTable[2][$i]); $i++) { echo $spaces . ' <tr>' . "\n"; for ($j = 0; $j < 3; $j++) { if (isset($privTable[$j][$i])) { echo $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="checkbox" name="' . $privTable[$j][$i][0] . '_priv" id="checkbox_' . $privTable[$j][$i][0] . '_priv" value="Y" ' . ($row[$privTable[$j][$i][0] . '_priv'] == 'Y' ? 'checked="checked" ' : '') . 'title="' . $privTable[$j][$i][2] . '"/></td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="checkbox_' . $privTable[$j][$i][0] . '_priv"><tt><dfn title="' . $privTable[$j][$i][2] . '">' . $privTable[$j][$i][1] . '</dfn></tt></label></td>' . "\n"; } else { if ($db == '*' && !isset($privTable[0][$i]) && !isset($privTable[1][$i]) && isset($row['max_questions']) && isset($row['max_updates']) && isset($row['max_connections']) && !$limitTable) { echo $spaces . ' <td colspan="4" rowspan="' . (count($privTable[2]) - $i) . '">' . "\n" . $spaces . ' <table border="0">' . "\n" . $spaces . ' <tr>' . "\n" . $spaces . ' <th colspan="2"> ' . $GLOBALS['strResourceLimits'] . ' </th>' . "\n" . $spaces . ' </tr>' . "\n" . $spaces . ' <tr>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '" colspan="2"><small><i>' . $GLOBALS['strZeroRemovesTheLimit'] . '</i></small></td>' . "\n" . $spaces . ' </tr>' . "\n" . $spaces . ' <tr>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="text_max_questions"><tt><dfn title="' . $GLOBALS['strPrivDescMaxQuestions'] . '">MAX QUERIES PER HOUR</dfn></tt></label></td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="text" class="textfield" name="max_questions" id="text_max_questions" value="' . $row['max_questions'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxQuestions'] . '" /></td>' . "\n" . $spaces . ' </tr>' . "\n" . $spaces . ' <tr>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="text_max_updates"><tt><dfn title="' . $GLOBALS['strPrivDescMaxUpdates'] . '">MAX UPDATES PER HOUR</dfn></tt></label></td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="text" class="textfield" name="max_updates" id="text_max_updates" value="' . $row['max_updates'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxUpdates'] . '" /></td>' . "\n" . $spaces . ' </tr>' . "\n" . $spaces . ' <tr>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="text_max_connections"><tt><dfn title="' . $GLOBALS['strPrivDescMaxConnections'] . '">MAX CONNECTIONS PER HOUR</dfn></tt></label></td>' . "\n" . $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="text" class="textfield" name="max_connections" id="text_max_connections" value="' . $row['max_connections'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxConnections'] . '" /></td>' . "\n" . $spaces . ' </tr>' . "\n" . $spaces . ' </table>' . "\n" . $spaces . ' </td>' . "\n"; $limitTable = TRUE; } else { if (!$limitTable) { echo $spaces . ' <td bgcolor="' . $cfg['BgcolorTwo'] . '" colspan="2"> </td>' . "\n"; } } } } } echo $spaces . ' </tr>' . "\n"; } if ($submit) { echo $spaces . ' <tr>' . "\n" . $spaces . ' <td colspan="6" align="center">' . "\n" . $spaces . ' <input type="submit" name="update_privs" value="' . $GLOBALS['strGo'] . '" />' . "\n" . $spaces . ' </td>' . "\n" . $spaces . ' </tr>' . "\n"; } echo $spaces . '</table>' . "\n"; }
/** * Adds a bookmark * * @param array the properties of the bookmark to add * @param array the bookmark parameters for the current user * @param boolean whether to make the bookmark available for all users * * @return boolean whether the INSERT succeeds or not * * @access public */ function PMA_addBookmarks($fields, $cfgBookmark, $all_users = false) { $query = 'INSERT INTO ' . PMA_backquote($cfgBookmark['db']) . '.' . PMA_backquote($cfgBookmark['table']) . ' (id, dbase, user, query, label) VALUES (\'\', \'' . PMA_sqlAddslashes($fields['dbase']) . '\', \'' . ($all_users ? '' : PMA_sqlAddslashes($fields['user'])) . '\', \'' . PMA_sqlAddslashes(urldecode($fields['query'])) . '\', \'' . PMA_sqlAddslashes($fields['label']) . '\')'; if (isset($GLOBALS['dbh'])) { $result = PMA_mysql_query($query, $GLOBALS['dbh']); if (PMA_mysql_error($GLOBALS['dbh'])) { $error = PMA_mysql_error($GLOBALS['dbh']); require_once './header.inc.php'; PMA_mysqlDie($error); } } else { $result = PMA_mysql_query($query); if (PMA_mysql_error()) { $error = PMA_mysql_error(); require_once './header.inc.php'; PMA_mysqlDie($error); } } return TRUE; }
} // end row insertion /** * Executes the sql query and get the result, then move back to the calling * page */ $sql_query = implode(';', $query) . ';'; $total_affected_rows = 0; $last_message = ''; foreach ($query as $query_index => $single_query) { $result = PMA_mysql_query($single_query); if (!$result) { if ($cfg['IgnoreMultiSubmitErrors']) { $message .= PMA_mysql_error(); } else { $error = PMA_mysql_error(); require_once './header.inc.php'; PMA_mysqlDie($error, '', '', $err_url); } } else { if (@mysql_affected_rows()) { $total_affected_rows += @mysql_affected_rows(); } $insert_id = mysql_insert_id(); if ($insert_id != 0) { $last_message .= '<br />' . $strInsertedRowId . ' ' . $insert_id; } } // end if } if ($total_affected_rows != 0) {
echo '<h2>' . "\n" . ' ' . (empty($dbstats) ? $strDatabases : $strDatabasesStats) . "\n" . '</h2>' . "\n"; /** * Checks if the user is allowed to do what he tries to... */ if (!empty($dbstats) && !$is_superuser) { echo $strNoPrivileges . "\n"; require_once './footer.inc.php'; } /** * Prepares the statistics */ $statistics = array(); foreach ($dblist as $current_db) { $tmp_array = array('db_name' => $current_db, 'tbl_cnt' => 0, 'data_sz' => 0, 'idx_sz' => 0, 'tot_sz' => 0); if (!empty($dbstats)) { $res = PMA_mysql_query('SHOW TABLE STATUS FROM ' . PMA_backquote($current_db) . ';', $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), 'SHOW TABLE STATUS FROM ' . PMA_backquote($current_db) . ';'); while ($row = PMA_mysql_fetch_array($res, MYSQL_ASSOC)) { $tmp_array['tbl_cnt']++; $tmp_array['data_sz'] += $row['Data_length']; $tmp_array['idx_sz'] += $row['Index_length']; } } $tmp_array['tot_sz'] = $tmp_array['data_sz'] + $tmp_array['idx_sz']; $statistics[] = $tmp_array; } // avoids 'undefined index' errors if (empty($sort_by)) { $sort_by = 'db_name'; } if (empty($sort_order)) { if ($sort_by == 'db_name') {
/** * Finds all related tables * * @param string wether to go from master to foreign or vice versa * * @return boolean always TRUE * * @global array the list of tables that we still couldn't connect * @global array the list of allready connected tables * @global string the current databse name * @global string the super user connection id * @global array the list of relation settings * * @access private */ function PMA_getRelatives($from) { global $tab_left, $tab_know, $fromclause; global $dbh, $db, $cfgRelation; if ($from == 'master') { $to = 'foreign'; } else { $to = 'master'; } $in_know = '(\'' . implode('\', \'', $tab_know) . '\')'; $in_left = '(\'' . implode('\', \'', $tab_left) . '\')'; $rel_query = 'SELECT *' . ' FROM ' . PMA_backquote($cfgRelation['relation']) . ' WHERE ' . $from . '_db = \'' . PMA_sqlAddslashes($db) . '\'' . ' AND ' . $to . '_db = \'' . PMA_sqlAddslashes($db) . '\'' . ' AND ' . $from . '_table IN ' . $in_know . ' AND ' . $to . '_table IN ' . $in_left; if (isset($dbh)) { PMA_mysql_select_db($cfgRelation['db'], $dbh); $relations = @PMA_mysql_query($rel_query, $dbh) or PMA_mysqlDie(PMA_mysql_error($dbh), $rel_query, '', $err_url_0); PMA_mysql_select_db($db, $dbh); } else { PMA_mysql_select_db($cfgRelation['db']); $relations = @PMA_mysql_query($rel_query) or PMA_mysqlDie('', $rel_query, '', $err_url_0); PMA_mysql_select_db($db); } while ($row = PMA_mysql_fetch_array($relations)) { $found_table = $row[$to . '_table']; if (isset($tab_left[$found_table])) { $fromclause .= "\n" . ' LEFT JOIN ' . PMA_backquote($row[$to . '_table']) . ' ON ' . PMA_backquote($row[$from . '_table']) . '.' . PMA_backquote($row[$from . '_field']) . ' = ' . PMA_backquote($row[$to . '_table']) . '.' . PMA_backquote($row[$to . '_field']) . ' '; $tab_know[$found_table] = $found_table; $tab_left = PMA_arrayShort($tab_left, $found_table); } } // end while return TRUE; }
/** * Displays a MySQL error message in the right frame. * * @param string the error mesage * @param string the sql query that failed * @param boolean whether to show a "modify" link or not * @param string the "back" link url (full path is not required) * @param boolean EXIT the page? * * @global array the configuration array * * @access public */ function PMA_mysqlDie($error_message = '', $the_query = '', $is_modify_link = TRUE, $back_url = '', $exit = TRUE) { global $cfg, $table, $db, $sql_query; require_once './header.inc.php'; if (!$error_message) { $error_message = PMA_mysql_error(); } if (!$the_query && !empty($GLOBALS['sql_query'])) { $the_query = $GLOBALS['sql_query']; } // --- Added to solve bug #641765 // Robbat2 - 12 January 2003, 9:46PM // Revised, Robbat2 - 13 Janurary 2003, 2:59PM if (!function_exists('PMA_SQP_isError') || PMA_SQP_isError()) { $formatted_sql = htmlspecialchars($the_query); } else { $formatted_sql = PMA_formatSql(PMA_SQP_parse($the_query), $the_query); } // --- echo '<p><b>' . $GLOBALS['strError'] . '</b></p>' . "\n"; // if the config password is wrong, or the MySQL server does not // respond, do not show the query that would reveal the // username/password if (!empty($the_query) && !strstr($the_query, 'connect')) { // --- Added to solve bug #641765 // Robbat2 - 12 January 2003, 9:46PM // Revised, Robbat2 - 13 Janurary 2003, 2:59PM if (function_exists('PMA_SQP_isError') && PMA_SQP_isError()) { echo PMA_SQP_getErrorString(); } // --- echo '<p>' . "\n"; echo ' ' . $GLOBALS['strSQLQuery'] . ' : ' . "\n"; if ($is_modify_link && isset($db)) { echo ' [' . '<a href="db_details.php?' . PMA_generate_common_url($GLOBALS['db']) . '&sql_query=' . urlencode($the_query) . '&show_query=1">' . $GLOBALS['strEdit'] . '</a>' . ']' . "\n"; } // end if echo '</p>' . "\n" . '<p>' . "\n" . ' ' . $formatted_sql . "\n" . '</p>' . "\n"; } // end if if (!empty($error_message)) { $error_message = htmlspecialchars($error_message); $error_message = preg_replace("@((\r\n)|(\r)|(\n)){3,}@", "\n\n", $error_message); } echo '<p>' . "\n" . ' ' . $GLOBALS['strMySQLSaid'] . '<br />' . "\n" . '</p>' . "\n"; // The error message will be displayed within a CODE segment. // To preserve original formatting, but allow wordwrapping, we do a couple of replacements // Replace all non-single blanks with their HTML-counterpart $error_message = str_replace(' ', ' ', $error_message); // Replace TAB-characters with their HTML-counterpart $error_message = str_replace("\t", ' ', $error_message); // Replace linebreaks $error_message = nl2br($error_message); echo '<code>' . "\n" . $error_message . "\n" . '</code><br /><br />' . "\n"; echo PMA_showMySQLDocu('Error-returns', 'Error-returns'); if (!empty($back_url) && $exit) { echo ' · [<a href="' . (strstr($back_url, '?') ? $back_url . '&no_history=true' : $back_url . '?no_history=true') . '">' . $GLOBALS['strBack'] . '</a>]'; } echo "\n"; if ($exit) { require_once './footer.inc.php'; } }
/** * User is not allowed to login to MySQL -> authentication failed * * @global string the MySQL error message PHP returns * @global string the connection type (persistent or not) * @global string the MySQL server port to use * @global string the MySQL socket port to use * @global array the current server settings * @global string the font face to use in case of failure * @global string the default font size to use in case of failure * @global string the big font size to use in case of failure * @global boolean tell the "PMA_mysqlDie()" function headers have been * sent * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth_fails() { global $php_errormsg; global $connect_func, $server_port, $server_socket, $cfg; global $right_font_family, $font_size, $font_bigger; global $is_header_sent; if (PMA_mysql_error()) { $conn_error = PMA_mysql_error(); } else { if (isset($php_errormsg)) { $conn_error = $php_errormsg; } else { $conn_error = 'Cannot connect: invalid settings.'; } } /* Commented out by Nijel: This causes displaying login and password from * config when connection to MySQL server can't be established. (SQL parser * fails on this and then displays it as wrong SQL. */ /* $local_query = $connect_func . '(' . $cfg['Server']['host'] . $server_port . $server_socket . ', ' . $cfg['Server']['user'] . ', ' . $cfg['Server']['password'] . ')';*/ $local_query = ''; // Defines the charset to be used header('Content-Type: text/html; charset=' . $GLOBALS['charset']); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?> " lang="<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?> " dir="<?php echo $GLOBALS['text_dir']; ?> "> <head> <title><?php echo $GLOBALS['strAccessDenied']; ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $GLOBALS['charset']; ?> " /> <style type="text/css"> <!-- body {font-family: <?php echo $right_font_family; ?> ; font-size: <?php echo $font_size; ?> ; color: #000000} h1 {font-family: <?php echo $right_font_family; ?> ; font-size: <?php echo $font_bigger; ?> ; font-weight: bold} //--> </style> </head> <body bgcolor="<?php echo $cfg['RightBgColor']; ?> "> <br /><br /> <center> <h1><?php echo sprintf($GLOBALS['strWelcome'], ' phpMyAdmin ' . PMA_VERSION); ?> </h1> </center> <br /> <?php echo "\n"; $is_header_sent = TRUE; echo '<p>' . $GLOBALS['strAccessDeniedExplanation'] . '</p>' . "\n"; PMA_mysqlDie($conn_error, $local_query, FALSE); return TRUE; }
} } /** * Displays the links */ require './server_links.inc.php'; /** * Displays the sub-page heading */ echo '<h2>' . "\n" . ' ' . $strProcesslist . "\n" . '</h2>' . "\n"; /** * Sends the query and buffers the result */ $serverProcesses = array(); $sql_query = 'SHOW' . (empty($full) ? '' : ' FULL') . ' PROCESSLIST;'; $res = @PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query); while ($row = PMA_mysql_fetch_array($res, MYSQL_ASSOC)) { $serverProcesses[] = $row; } @mysql_free_result($res); unset($res); unset($row); /** * Displays the page */ ?> <table border="0"> <tr> <th><a href="./server_processlist.php?<?php echo $url_query . (empty($full) ? '&full=1' : ''); ?>
$upd_query .= ' ON UPDATE ' . $options_array[${$master_field . '_on_update'}]; } } } // end if... else.... } else { if (isset($existrel_innodb[$master_field])) { if (PMA_MYSQL_INT_VERSION >= 40013) { $upd_query = 'ALTER TABLE ' . $table . ' DROP FOREIGN KEY ' . PMA_backquote($existrel_innodb[$master_field]['constraint']); } } } // end if... else.... if (isset($upd_query)) { $upd_rs = PMA_mysql_query($upd_query); if (PMA_mysql_error() && mysql_errno() == 1005) { echo '<p class="warning">' . $strNoIndex . ' (' . $master_field . ')</p>' . PMA_showMySQLDocu('manual_Table_types', 'InnoDB_foreign_key_constraints') . "\n"; } unset($upd_query); } } // end while } // end if isset($destination_innodb) } // end if // U p d a t e s f o r d i s p l a y f i e l d if ($cfgRelation['displaywork'] && isset($submit_show) && $submit_show == 'true') { if ($disp) { if ($display_field != '') { $upd_query = 'UPDATE ' . PMA_backquote($cfgRelation['table_info']) . ' SET display_field = \'' . PMA_sqlAddslashes($display_field) . '\'' . ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\'' . ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\'';
// Not a valid db name -> back to the welcome page if (!empty($db)) { $is_db = @PMA_mysql_select_db($db); } if (empty($db) || !$is_db) { header('Location: ' . $cfg['PmaAbsoluteUri'] . 'main.php?' . PMA_generate_common_url('', '', '&') . (isset($message) ? '&message=' . urlencode($message) : '') . '&reload=1'); exit; } } // end if (ensures db exists) /** * Changes database charset if requested by the user */ if (isset($submitcharset) && PMA_MYSQL_INT_VERSION >= 40101) { $sql_query = 'ALTER DATABASE ' . PMA_backquote($db) . ' DEFAULT CHARACTER SET ' . $db_charset; $result = PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query, '', $err_url); $message = $strSuccess; } // Displays headers if (!isset($message)) { $js_to_run = 'functions.js'; require_once './header.inc.php'; // Reloads the navigation frame via JavaScript if required if (isset($reload) && $reload) { echo "\n"; ?> <script type="text/javascript" language="javascript1.2"> <!-- window.parent.frames['nav'].location.replace('./left.php?<?php echo PMA_generate_common_url($db, '', '&'); ?>
if ($num_tables > 0) { $lnk3 = 'db_details_export.php'; $arg3 = $url_query; $lnk4 = 'db_search.php'; $arg4 = $url_query; } else { $lnk3 = ''; $arg3 = ''; $lnk4 = ''; $arg4 = ''; } // Drop link if allowed if (!$cfg['AllowUserDropDatabase']) { // Check if the user is a Superuser $links_result = @PMA_mysql_query('USE mysql'); $cfg['AllowUserDropDatabase'] = !PMA_mysql_error(); } if ($cfg['AllowUserDropDatabase']) { $lnk5 = 'sql.php'; $arg5 = $url_query . '&sql_query=' . urlencode('DROP DATABASE ' . PMA_backquote($db)) . '&zero_rows=' . urlencode(sprintf($strDatabaseHasBeenDropped, htmlspecialchars(PMA_backquote($db)))) . '&goto=main.php&back=db_details' . $sub_part . '.php&reload=1&purge=1'; $att5 = 'class="drop" ' . 'onclick="return confirmLink(this, \'DROP DATABASE ' . PMA_jsFormat($db) . '\')"'; } else { $lnk5 = ''; } /** * Displays tab links */ if ($cfg['LightTabs']) { echo ' '; } else { echo '<table border="0" cellspacing="0" cellpadding="3" width="100%" class="tabs">