/** * Returns HTML code to include javascript file. * * @param array $files The list of js file to include * * @return string HTML code for javascript inclusion. */ private function _includeFiles($files) { $first_dynamic_scripts = ""; $dynamic_scripts = ""; $scripts = array(); $separator = URL::getArgSeparator(); foreach ($files as $value) { if (mb_strpos($value['filename'], "?") !== false) { $file_name = $value['filename'] . $separator . Header::getVersionParameter(); if ($value['before_statics'] === true) { $first_dynamic_scripts .= "<script data-cfasync='false' type='text/javascript' " . "src='js/" . $file_name . "'></script>"; } else { $dynamic_scripts .= "<script data-cfasync='false' " . "type='text/javascript' src='js/" . $file_name . "'></script>"; } continue; } $include = true; if ($include) { $scripts[] = "scripts%5B%5D=" . $value['filename']; } } $separator = URL::getArgSeparator(); $static_scripts = ''; // Using chunks of 20 files to avoid too long URLs $script_chunks = array_chunk($scripts, 20); foreach ($script_chunks as $script_chunk) { $url = 'js/get_scripts.js.php?' . implode($separator, $script_chunk) . $separator . Header::getVersionParameter(); $static_scripts .= sprintf('<script data-cfasync="false" type="text/javascript" src="%s">' . '</script>', htmlspecialchars($url)); } return $first_dynamic_scripts . $static_scripts . $dynamic_scripts; }
/** * Tests getHtmlForControlButtons() method * * @return void * @test */ public function testGetHtmlForControlButtons() { $parent = NodeFactory::getInstance('NodeDatabase', 'parent'); $parent->addChild($this->object); $this->object->expects($this->once())->method('getItemType')->will($this->returnValue('itemType')); $html = $this->object->getHtmlForControlButtons(); $this->assertStringStartsWith('<span class="navItemControls">', $html); $this->assertStringEndsWith('</span>', $html); $this->assertContains('<a href="navigation.php' . URL::getCommon() . '&hideNavItem=true&itemType=itemType&itemName=child' . '&dbName=parent" class="hideNavItem ajax">', $html); }
/** * Returns the html for the list filter * * @param ServerStatusData $ServerStatusData Server status data * * @return string */ function PMA_getHtmlForFilter($ServerStatusData) { $filterAlert = ''; if (!empty($_REQUEST['filterAlert'])) { $filterAlert = ' checked="checked"'; } $filterText = ''; if (!empty($_REQUEST['filterText'])) { $filterText = htmlspecialchars($_REQUEST['filterText']); } $dontFormat = ''; if (!empty($_REQUEST['dontFormat'])) { $dontFormat = ' checked="checked"'; } $retval = ''; $retval .= '<fieldset id="tableFilter">'; $retval .= '<legend>' . __('Filters') . '</legend>'; $retval .= '<form action="server_status_variables.php' . URL::getCommon() . '">'; $retval .= '<input type="submit" value="' . __('Refresh') . '" />'; $retval .= '<div class="formelement">'; $retval .= '<label for="filterText">' . __('Containing the word:') . '</label>'; $retval .= '<input name="filterText" type="text" id="filterText" ' . 'value="' . $filterText . '" />'; $retval .= '</div>'; $retval .= '<div class="formelement">'; $retval .= '<input' . $filterAlert . ' type="checkbox" ' . 'name="filterAlert" id="filterAlert" />'; $retval .= '<label for="filterAlert">'; $retval .= __('Show only alert values'); $retval .= '</label>'; $retval .= '</div>'; $retval .= '<div class="formelement">'; $retval .= '<select id="filterCategory" name="filterCategory">'; $retval .= '<option value="">' . __('Filter by category…') . '</option>'; foreach ($ServerStatusData->sections as $section_id => $section_name) { if (isset($ServerStatusData->sectionUsed[$section_id])) { if (!empty($_REQUEST['filterCategory']) && $_REQUEST['filterCategory'] == $section_id) { $selected = ' selected="selected"'; } else { $selected = ''; } $retval .= '<option' . $selected . ' value="' . $section_id . '">'; $retval .= htmlspecialchars($section_name) . '</option>'; } } $retval .= '</select>'; $retval .= '</div>'; $retval .= '<div class="formelement">'; $retval .= '<input' . $dontFormat . ' type="checkbox" ' . 'name="dontFormat" id="dontFormat" />'; $retval .= '<label for="dontFormat">'; $retval .= __('Show unformatted values'); $retval .= '</label>'; $retval .= '</div>'; $retval .= '</form>'; $retval .= '</fieldset>'; return $retval; }
/** * Returns HTML for control buttons displayed infront of a node * * @return String HTML for control buttons */ public function getHtmlForControlButtons() { $ret = ''; $cfgRelation = PMA_getRelationsParam(); if ($cfgRelation['navwork']) { $db = $this->realParent()->real_name; $item = $this->real_name; $ret = '<span class="navItemControls">' . '<a href="navigation.php' . URL::getCommon() . '&hideNavItem=true' . '&itemType=' . urlencode($this->getItemType()) . '&itemName=' . urlencode($item) . '&dbName=' . urlencode($db) . '"' . ' class="hideNavItem ajax">' . PMA\libraries\Util::getImage('hide.png', __('Hide')) . '</a></span>'; } return $ret; }
/** * Get HTML for display indexes * * @return string $html_output */ function PMA_getHtmlForDisplayIndexes() { $html_output = '<div id="index_div" class="ajax" >'; $html_output .= PMA\libraries\Index::getHtmlForIndexes($GLOBALS['table'], $GLOBALS['db']); $html_output .= '<fieldset class="tblFooters print_ignore" style="text-align: ' . 'left;"><form action="tbl_indexes.php" method="post">'; $html_output .= URL::getHiddenInputs($GLOBALS['db'], $GLOBALS['table']); $html_output .= sprintf(__('Create an index on %s columns'), '<input type="number" name="added_fields" value="1" ' . 'min="1" required="required" />'); $html_output .= '<input type="hidden" name="create_index" value="1" />' . '<input class="add_index ajax"' . ' type="submit" value="' . __('Go') . '" />'; $html_output .= '</form>' . '</fieldset>' . '</div>'; return $html_output; }
/** * Returns HTML for control buttons displayed infront of a node * * @return String HTML for control buttons */ public function getHtmlForControlButtons() { $ret = ''; $cfgRelation = PMA_getRelationsParam(); if ($cfgRelation['navwork']) { $db = $this->realParent()->real_name; $item = $this->real_name; $params = array('hideNavItem' => true, 'itemType' => $this->getItemType(), 'itemName' => $item, 'dbName' => $db); $ret = '<span class="navItemControls">' . '<a href="navigation.php' . URL::getCommon($params) . '"' . ' class="hideNavItem ajax">' . PMA\libraries\Util::getImage('hide.png', __('Hide')) . '</a></span>'; } return $ret; }
/** * Test for PMA_getHtmlForCreateTable * * @return void */ public function testPMAGetHtmlForCreateTable() { $db = "pma_db"; //Call the test function $html = PMA_getHtmlForCreateTable($db); //getImage $this->assertContains(PMA\libraries\Util::getImage('b_table_add.png'), $html); //__('Create table') $this->assertContains(__('Create table'), $html); //URL::getHiddenInputs $this->assertContains(URL::getHiddenInputs($db), $html); //label $this->assertContains(__('Name'), $html); $this->assertContains(__('Number of columns'), $html); //button $this->assertContains(__('Go'), $html); }
/** * Function to get html for relational field selection * * @param string $db current database * @param string $table current table * @param string $field field * @param array $foreignData foreign column data * @param string $fieldkey field key * @param string $current_value current columns's value * * @return string */ function PMA_getHtmlForRelationalFieldSelection($db, $table, $field, $foreignData, $fieldkey, $current_value) { $gotopage = PMA_getHtmlForGotoPage($foreignData); $showall = PMA_getHtmlForShowAll($foreignData); $output = '<form class="ajax" ' . 'id="browse_foreign_form" name="browse_foreign_from" ' . 'action="browse_foreigners.php" method="post">' . '<fieldset>' . URL::getHiddenInputs($db, $table) . '<input type="hidden" name="field" value="' . htmlspecialchars($field) . '" />' . '<input type="hidden" name="fieldkey" value="' . (isset($fieldkey) ? htmlspecialchars($fieldkey) : '') . '" />'; if (isset($_REQUEST['rownumber'])) { $output .= '<input type="hidden" name="rownumber" value="' . htmlspecialchars($_REQUEST['rownumber']) . '" />'; } $filter_value = isset($_REQUEST['foreign_filter']) ? htmlspecialchars($_REQUEST['foreign_filter']) : ''; $output .= '<span class="formelement">' . '<label for="input_foreign_filter">' . __('Search:') . '</label>' . '<input type="text" name="foreign_filter" ' . 'id="input_foreign_filter" ' . 'value="' . $filter_value . '" data-old="' . $filter_value . '" ' . '/>' . '<input type="submit" name="submit_foreign_filter" value="' . __('Go') . '" />' . '</span>' . '<span class="formelement">' . $gotopage . '</span>' . '<span class="formelement">' . $showall . '</span>' . '</fieldset>' . '</form>'; $output .= '<table width="100%" id="browse_foreign_table">'; if (!is_array($foreignData['disp_row'])) { $output .= '</tbody>' . '</table>'; return $output; } $header = '<tr> <th>' . __('Keyname') . '</th> <th>' . __('Description') . '</th> <td width="20%"></td> <th>' . __('Description') . '</th> <th>' . __('Keyname') . '</th> </tr>'; $output .= '<thead>' . $header . '</thead>' . "\n" . '<tfoot>' . $header . '</tfoot>' . "\n" . '<tbody>' . "\n"; $descriptions = array(); $keys = array(); foreach ($foreignData['disp_row'] as $relrow) { if ($foreignData['foreign_display'] != false) { $descriptions[] = $relrow[$foreignData['foreign_display']]; } else { $descriptions[] = ''; } $keys[] = $relrow[$foreignData['foreign_field']]; } asort($keys); $horizontal_count = 0; $odd_row = true; $indexByDescription = 0; foreach ($keys as $indexByKeyname => $value) { list($html, $horizontal_count, $odd_row, $indexByDescription) = PMA_getHtmlForOneKey($horizontal_count, $header, $odd_row, $keys, $indexByKeyname, $descriptions, $indexByDescription, $current_value); $output .= $html; } $output .= '</tbody>' . '</table>'; return $output; }
/** * Tests PMA_getHtmlForUserGroupsTable() function when there are user groups * * @return void */ public function testGetHtmlForUserGroupsTableWithUserGroups() { $expectedQuery = "SELECT * FROM `pmadb`.`usergroups`" . " ORDER BY `usergroup` ASC"; $dbi = $this->getMockBuilder('PMA\\libraries\\DatabaseInterface')->disableOriginalConstructor()->getMock(); $dbi->expects($this->once())->method('tryQuery')->with($expectedQuery)->will($this->returnValue(true)); $dbi->expects($this->once())->method('numRows')->withAnyParameters()->will($this->returnValue(1)); $dbi->expects($this->at(2))->method('fetchAssoc')->withAnyParameters()->will($this->returnValue(array('usergroup' => 'usergroup', 'tab' => 'server_sql', 'allowed' => 'Y'))); $dbi->expects($this->at(3))->method('fetchAssoc')->withAnyParameters()->will($this->returnValue(false)); $dbi->expects($this->once())->method('freeResult'); $GLOBALS['dbi'] = $dbi; $html = PMA_getHtmlForUserGroupsTable(); $this->assertContains('<td>usergroup</td>', $html); $url_tag = '<a class="" href="server_user_groups.php' . URL::getCommon(array('viewUsers' => 1, 'userGroup' => htmlspecialchars('usergroup'))); $this->assertContains($url_tag, $html); $url_tag = '<a class="" href="server_user_groups.php' . URL::getCommon(array('editUserGroup' => 1, 'userGroup' => htmlspecialchars('usergroup'))); $this->assertContains($url_tag, $html); $url_tag = '<a class="deleteUserGroup ajax" href="server_user_groups.php' . URL::getCommon(array('deleteUserGroup' => 1, 'userGroup' => htmlspecialchars('usergroup'))); $this->assertContains($url_tag, $html); }
/** * Test for PMA_getHtmlForChangePassword * * @return void */ public function testPMAGetHtmlForChangePassword() { $username = "******"; $hostname = "pma_hostname"; //Call the test function $html = PMA_getHtmlForChangePassword('change_pw', $username, $hostname); //PMA_PHP_SELF $this->assertContains($GLOBALS['PMA_PHP_SELF'], $html); //URL::getHiddenInputs $this->assertContains(URL::getHiddenInputs(), $html); //$username & $hostname $this->assertContains(htmlspecialchars($username), $html); $this->assertContains(htmlspecialchars($hostname), $html); //labels $this->assertContains(__('Change password'), $html); $this->assertContains(__('No Password'), $html); $this->assertContains(__('Password:'******'Password:'), $html); }
/** * Returns HTML code for the language selector * * @param boolean $use_fieldset whether to use fieldset for selection * @param boolean $show_doc whether to show documentation links * * @return string * * @access public */ function PMA_getLanguageSelectorHtml($use_fieldset = false, $show_doc = true) { $retval = ''; $available_languages = LanguageManager::getInstance()->sortedLanguages(); // Display language selection only if there // is more than one language to choose from if (count($available_languages) > 1) { $retval .= '<form method="get" action="index.php" class="disableAjax">'; $_form_params = array('db' => $GLOBALS['db'], 'table' => $GLOBALS['table']); $retval .= URL::getHiddenInputs($_form_params); // For non-English, display "Language" with emphasis because it's // not a proper word in the current language; we show it to help // people recognize the dialog $language_title = __('Language') . (__('Language') != 'Language' ? ' - <em>Language</em>' : ''); if ($show_doc) { $language_title .= PMA\libraries\Util::showDocu('faq', 'faq7-2'); } if ($use_fieldset) { $retval .= '<fieldset><legend lang="en" dir="ltr">' . $language_title . '</legend>'; } else { $retval .= '<bdo lang="en" dir="ltr"><label for="sel-lang">' . $language_title . ': </label></bdo>'; } $retval .= '<select name="lang" class="autosubmit" lang="en"' . ' dir="ltr" id="sel-lang">'; foreach ($available_languages as $language) { //Is current one active? if ($language->isActive()) { $selected = ' selected="selected"'; } else { $selected = ''; } $retval .= '<option value="' . $language->getCode() . '"' . $selected . '>'; $retval .= $language->getName(); $retval .= '</option>'; } $retval .= '</select>'; if ($use_fieldset) { $retval .= '</fieldset>'; } $retval .= '</form>'; } return $retval; }
/** * Displays top part of the form * * @param string $action default: $_SERVER['REQUEST_URI'] * @param string $method 'post' or 'get' * @param array $hidden_fields array of form hidden fields (key: field name) * * @return string */ function PMA_displayFormTop($action = null, $method = 'post', $hidden_fields = null) { static $has_check_page_refresh = false; if ($action === null) { $action = $_SERVER['REQUEST_URI']; } if ($method != 'post') { $method = 'get'; } $htmlOutput = '<form method="' . $method . '" action="' . htmlspecialchars($action) . '" class="config-form disableAjax">'; $htmlOutput .= '<input type="hidden" name="tab_hash" value="" />'; // we do validation on page refresh when browser remembers field values, // add a field with known value which will be used for checks if (!$has_check_page_refresh) { $has_check_page_refresh = true; $htmlOutput .= '<input type="hidden" name="check_page_refresh" ' . ' id="check_page_refresh" value="" />' . "\n"; } $htmlOutput .= URL::getHiddenInputs('', '', 0, 'server') . "\n"; $htmlOutput .= URL::getHiddenFields((array) $hidden_fields); return $htmlOutput; }
/** * Get HTML for the Change password dialog * * @param string $mode where is the function being called? * values : 'change_pw' or 'edit_other' * @param string $username username * @param string $hostname hostname * * @return string html snippet */ function PMA_getHtmlForChangePassword($mode, $username, $hostname) { /** * autocomplete feature of IE kills the "onchange" event handler and it * must be replaced by the "onpropertychange" one in this case */ $chg_evt_handler = 'onchange'; $is_privileges = basename($_SERVER['SCRIPT_NAME']) === 'server_privileges.php'; $html = '<form method="post" id="change_password_form" ' . 'action="' . basename($GLOBALS['PMA_PHP_SELF']) . '" ' . 'name="chgPassword" ' . 'class="' . ($is_privileges ? 'submenu-item' : '') . '">'; $html .= URL::getHiddenInputs(); if (strpos($GLOBALS['PMA_PHP_SELF'], 'server_privileges') !== false) { $html .= '<input type="hidden" name="username" ' . 'value="' . htmlspecialchars($username) . '" />' . '<input type="hidden" name="hostname" ' . 'value="' . htmlspecialchars($hostname) . '" />'; } $html .= '<fieldset id="fieldset_change_password">' . '<legend' . ($is_privileges ? ' data-submenu-label="' . __('Change password') . '"' : '') . '>' . __('Change password') . '</legend>' . '<table class="data noclick">' . '<tr class="odd">' . '<td colspan="2">' . '<input type="radio" name="nopass" value="1" id="nopass_1" ' . 'onclick="pma_pw.value = \'\'; pma_pw2.value = \'\'; ' . 'this.checked = true" />' . '<label for="nopass_1">' . __('No Password') . '</label>' . '</td>' . '</tr>' . '<tr class="even vmiddle">' . '<td>' . '<input type="radio" name="nopass" value="0" id="nopass_0" ' . 'onclick="document.getElementById(\'text_pma_pw\').focus();" ' . 'checked="checked" />' . '<label for="nopass_0">' . __('Password:'******' </label>' . '</td>' . '<td>' . '<input type="password" name="pma_pw" id="text_pma_pw" size="10" ' . 'class="textfield"' . $chg_evt_handler . '="nopass[1].checked = true" />' . ' ' . __('Re-type:') . ' ' . '<input type="password" name="pma_pw2" id="text_pma_pw2" size="10" ' . 'class="textfield"' . $chg_evt_handler . '="nopass[1].checked = true" />' . '</td>' . '</tr>'; $serverType = PMA\libraries\Util::getServerType(); $orig_auth_plugin = PMA_getCurrentAuthenticationPlugin('change', $username, $hostname); $is_superuser = $GLOBALS['dbi']->isSuperuser(); if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50507 || $serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200) { // Provide this option only for 5.7.6+ // OR for privileged users in 5.5.7+ if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706 || $is_superuser && $mode == 'edit_other') { $auth_plugin_dropdown = PMA_getHtmlForAuthPluginsDropdown($orig_auth_plugin, 'change_pw', 'new'); $html .= '<tr class="vmiddle">' . '<td>' . __('Password Hashing:') . '</td><td>'; $html .= $auth_plugin_dropdown; $html .= '</td></tr>' . '<tr id="tr_element_before_generate_password"></tr>' . '</table>'; $html .= '<div ' . ($orig_auth_plugin != 'sha256_password' ? 'style="display:none"' : '') . ' id="ssl_reqd_warning_cp">' . Message::notice(__('This method requires using an \'<i>SSL connection</i>\' ' . 'or an \'<i>unencrypted connection that encrypts the ' . 'password using RSA</i>\'; while connecting to the server.') . PMA\libraries\Util::showMySQLDocu('sha256-authentication-plugin'))->getDisplay() . '</div>'; } else { $html .= '<tr id="tr_element_before_generate_password"></tr>' . '</table>'; } } else { $auth_plugin_dropdown = PMA_getHtmlForAuthPluginsDropdown($orig_auth_plugin, 'change_pw', 'old'); $html .= '<tr class="vmiddle">' . '<td>' . __('Password Hashing:') . '</td><td>'; $html .= $auth_plugin_dropdown . '</td></tr>' . '<tr id="tr_element_before_generate_password"></tr>' . '</table>'; } $html .= '</fieldset>' . '<fieldset id="fieldset_change_password_footer" class="tblFooters">' . '<input type="hidden" name="change_pw" value="1" />' . '<input type="submit" value="' . __('Go') . '" />' . '</fieldset>' . '</form>'; return $html; }
/** * Get HTML for secondary level menu tabs on 'Users' page * * @param string $selfUrl Url of the file * * @return string HTML for secondary level menu tabs on 'Users' page */ function PMA_getHtmlForSubMenusOnUsersPage($selfUrl) { $url_params = URL::getCommon(); $items = array(array('name' => __('User accounts overview'), 'url' => 'server_privileges.php', 'specific_params' => '&viewing_mode=server')); if ($GLOBALS['is_superuser']) { $items[] = array('name' => __('User groups'), 'url' => 'server_user_groups.php', 'specific_params' => ''); } $retval = '<ul id="topmenu2">'; foreach ($items as $item) { $class = ''; if ($item['url'] === $selfUrl) { $class = ' class="tabactive"'; } $retval .= '<li>'; $retval .= '<a' . $class; $retval .= ' href="' . $item['url'] . $url_params . $item['specific_params'] . '">'; $retval .= $item['name']; $retval .= '</a>'; $retval .= '</li>'; } $retval .= '</ul>'; $retval .= '<div class="clearfloat"></div>'; return $retval; }
/** * Tests getItemUnhideDialog() method. * * @return void * @test */ public function testGetItemUnhideDialog() { $expectedQuery = "SELECT `item_name`, `item_type`" . " FROM `pmadb`.`navigationhiding`" . " WHERE `username`='user' AND `db_name`='db' AND `table_name`=''"; $dbi = $this->getMockBuilder('PMA\\libraries\\DatabaseInterface')->disableOriginalConstructor()->getMock(); $dbi->expects($this->once())->method('tryQuery')->with($expectedQuery)->will($this->returnValue(true)); $dbi->expects($this->at(1))->method('fetchArray')->will($this->returnValue(array('item_name' => 'tableName', 'item_type' => 'table'))); $dbi->expects($this->at(2))->method('fetchArray')->will($this->returnValue(array('item_name' => 'viewName', 'item_type' => 'view'))); $dbi->expects($this->at(3))->method('fetchArray')->will($this->returnValue(false)); $dbi->expects($this->once())->method('freeResult'); $GLOBALS['dbi'] = $dbi; $html = $this->object->getItemUnhideDialog('db'); $this->assertContains('<td>tableName</td>', $html); $this->assertContains('<a href="navigation.php' . URL::getCommon() . '&unhideNavItem=true&itemType=table&itemName=tableName&dbName=db"' . ' class="unhideNavItem ajax">', $html); }
/** * Test for _getHtmlForLinkTemplates() * * @return void */ public function testGetHtmlForLinkTemplates() { $class = new ReflectionClass('\\PMA\\libraries\\controllers\\server\\ServerVariablesController'); $method = $class->getMethod('_getHtmlForLinkTemplates'); $method->setAccessible(true); $container = Container::getDefaultContainer(); $container->factory('PMA\\libraries\\controllers\\server\\ServerVariablesController'); $container->alias('ServerVariablesController', 'PMA\\libraries\\controllers\\server\\ServerVariablesController'); $ctrl = $container->get('ServerVariablesController'); //Call the test function $html = $method->invoke($ctrl); $url = 'server_variables.php' . URL::getCommon(array()); //validate 1: URL $this->assertContains($url, $html); //validate 2: images $this->assertContains(PMA\libraries\Util::getIcon('b_save.png', __('Save')), $html); $this->assertContains(PMA\libraries\Util::getIcon('b_close.png', __('Cancel')), $html); }
/** * Creates the code for displaying the links * at the top of the navigation panel * * @return string HTML code for the links */ private function _links() { // always iconic $showIcon = true; $showText = false; $retval = '<!-- LINKS START -->'; $retval .= '<div id="navipanellinks">'; $retval .= PMA\libraries\Util::getNavigationLink('index.php' . URL::getCommon(), $showText, __('Home'), $showIcon, 'b_home.png'); // if we have chosen server if ($GLOBALS['server'] != 0) { // Logout for advanced authentication if ($GLOBALS['cfg']['Server']['auth_type'] != 'config') { $text = __('Log out'); } else { $text = __('Empty session data'); } $link = 'logout.php' . $GLOBALS['url_query']; $retval .= PMA\libraries\Util::getNavigationLink($link, $showText, $text, $showIcon, 's_loggoff.png', '', true, '', array('logout')); } $retval .= PMA\libraries\Util::getNavigationLink(PMA\libraries\Util::getDocuLink('index'), $showText, __('phpMyAdmin documentation'), $showIcon, 'b_docs.png', '', false, 'documentation'); $retval .= PMA\libraries\Util::getNavigationLink(PMA\libraries\Util::getMySQLDocuURL('', ''), $showText, __('Documentation'), $showIcon, 'b_sqlhelp.png', '', false, 'mysql_doc'); $retval .= PMA\libraries\Util::getNavigationLink('#', $showText, __('Navigation panel settings'), $showIcon, 's_cog.png', 'pma_navigation_settings_icon', false, '', defined('PMA_DISABLE_NAVI_SETTINGS') ? array('hide') : array()); $retval .= PMA\libraries\Util::getNavigationLink('#', $showText, __('Reload navigation panel'), $showIcon, 's_reload.png', 'pma_navigation_reload'); $retval .= '</div>'; $retval .= '<!-- LINKS ENDS -->'; return $retval; }
/** * Prints link templates * * @return string */ private function _getHtmlForLinkTemplates() { $url = 'server_variables.php' . URL::getCommon(); return Template::get('server/variables/link_template')->render(array('url' => $url)); }
/** * Returns link to (possibly) external site using defined redirector. * * @param string $url URL where to go. * * @return string URL for a link. */ function PMA_linkURL($url) { if (!preg_match('#^https?://#', $url)) { return $url; } $params = array(); $params['url'] = $url; $url = URL::getCommon($params); //strip off token and such sensitive information. Just keep url. $arr = parse_url($url); parse_str($arr["query"], $vars); $query = http_build_query(array("url" => $vars["url"])); if (defined('PMA_SETUP')) { $url = '../url.php?' . $query; } else { $url = './url.php?' . $query; } return $url; }
/** * Test for PMA_getHtmlForServerProcessItem * * @return void */ public function testPMAGetHtmlForServerProcessItem() { //parameters $process = array("user" => "User1", "host" => "Host1", "id" => "Id1", "db" => "db1", "command" => "Command1", "info" => "Info1", "state" => "State1", "time" => "Time1"); $show_full_sql = true; $_REQUEST['sort_order'] = "desc"; $_REQUEST['order_by_field'] = "process"; $GLOBALS['cfg']['MaxCharactersInDisplayedSQL'] = 12; //Call the test function $html = PMA_getHtmlForServerProcessItem($process, $show_full_sql); //validate 1: $kill_process $url_params = array('kill' => $process['id'], 'ajax_request' => true); $kill_process = 'server_status_processes.php' . URL::getCommon($url_params); $this->assertContains($kill_process, $html); $this->assertContains('ajax kill_process', $html); $this->assertContains(__('Kill'), $html); //validate 2: $process['User'] $this->assertContains(htmlspecialchars($process['user']), $html); //validate 3: $process['Host'] $this->assertContains(htmlspecialchars($process['host']), $html); //validate 4: $process['db'] $this->assertContains(__('None'), $html); //validate 5: $process['Command'] $this->assertContains(htmlspecialchars($process['command']), $html); //validate 6: $process['Time'] $this->assertContains($process['time'], $html); //validate 7: $process['state'] $this->assertContains($process['state'], $html); //validate 8: $process['info'] $this->assertContains($process['info'], $html); unset($process['info']); $html = PMA_getHtmlForServerProcessItem($process, $show_full_sql); $this->assertContains('---', $html); }
$currentSearchId = $savedSearch->getId(); } /** * A query has been submitted -> (maybe) execute it */ $message_to_display = false; if (isset($_REQUEST['submit_sql']) && !empty($sql_query)) { if (!preg_match('@^SELECT@i', $sql_query)) { $message_to_display = true; } else { $goto = 'db_sql.php'; PMA_executeQueryAndSendQueryResponse(null, false, $_REQUEST['db'], null, false, null, null, null, null, null, $goto, $pmaThemeImage, null, null, null, $sql_query, null, null); } } $sub_part = '_qbe'; require 'libraries/db_common.inc.php'; $url_query .= '&goto=db_qbe.php'; $url_params['goto'] = 'db_qbe.php'; list($tables, $num_tables, $total_num_tables, $sub_part, $is_show_stats, $db_is_system_schema, $tooltip_truename, $tooltip_aliasname, $pos) = PMA\libraries\Util::getDbInfo($db, isset($sub_part) ? $sub_part : ''); if ($message_to_display) { PMA\libraries\Message::error(__('You have to choose at least one column to display!'))->display(); } unset($message_to_display); // create new qbe search instance $db_qbe = new PMA\libraries\DbQbe($GLOBALS['db'], $savedSearchList, $savedSearch); $url = 'db_designer.php' . URL::getCommon(array_merge($url_params, array('query' => 1))); $response->addHTML(PMA\libraries\Message::notice(sprintf(__('Switch to %svisual builder%s'), '<a href="' . $url . '">', '</a>'))); /** * Displays the Query by example form */ $response->addHTML($db_qbe->getSelectionForm());
/** * Returns HTML for control buttons displayed infront of a node * * @return String HTML for control buttons */ public function getHtmlForControlButtons() { $ret = ''; $cfgRelation = PMA_getRelationsParam(); if ($cfgRelation['navwork']) { if ($this->hiddenCount > 0) { $ret = '<span class="dbItemControls">' . '<a href="navigation.php' . URL::getCommon() . '&showUnhideDialog=true' . '&dbName=' . urldecode($this->real_name) . '"' . ' class="showUnhide ajax">' . Util::getImage('show.png', __('Show hidden items')) . '</a></span>'; } } return $ret; }
/** * Handles actions related to multiple tables * * @return void */ public function multiSubmitAction() { $action = 'db_structure.php'; $err_url = 'db_structure.php' . URL::getCommon(array('db' => $this->db)); // see bug #2794840; in this case, code path is: // db_structure.php -> libraries/mult_submits.inc.php -> sql.php // -> db_structure.php and if we got an error on the multi submit, // we must display it here and not call again mult_submits.inc.php if (!isset($_POST['error']) || false === $_POST['error']) { include 'libraries/mult_submits.inc.php'; } if (empty($_POST['message'])) { $_POST['message'] = Message::success(); } }
* This test may be bypassed if $is_js_confirmed = 1 (already checked with js) * but since a malicious user may pass this variable by url/form, we don't take * into account this case. */ if (PMA_hasNoRightsToDropDatabase($analyzed_sql_results, $cfg['AllowUserDropDatabase'], $is_superuser)) { Util::mysqlDie(__('"DROP DATABASE" statements are disabled.'), '', false, $err_url); } // end if /** * Need to find the real end of rows? */ if (isset($find_real_end) && $find_real_end) { $unlim_num_rows = PMA_findRealEndOfRows($db, $table); } /** * Bookmark add */ if (isset($_POST['store_bkm'])) { PMA_addBookmark($goto); // script has exited at this point } // end if /** * Sets or modifies the $goto variable if required */ if ($goto == 'sql.php') { $is_gotofile = false; $goto = 'sql.php' . URL::getCommon(array('db' => $db, 'table' => $table, 'sql_query' => $sql_query)); } // end if PMA_executeQueryAndSendQueryResponse($analyzed_sql_results, $is_gotofile, $db, $table, isset($find_real_end) ? $find_real_end : null, isset($import_text) ? $import_text : null, isset($extra_data) ? $extra_data : null, isset($message_to_show) ? $message_to_show : null, isset($message) ? $message : null, isset($sql_data) ? $sql_data : null, $goto, $pmaThemeImage, isset($disp_query) ? $display_query : null, isset($disp_message) ? $disp_message : null, isset($query_type) ? $query_type : null, $sql_query, isset($selected) ? $selected : null, isset($complete_query) ? $complete_query : null);
$o_rows = 0; $biggest_max_file_size = 0; $url_params['db'] = $db; $url_params['table'] = $table; $url_params = PMA_urlParamsInEditMode($url_params, $where_clause_array, $where_clause); $has_blob_field = false; foreach ($table_columns as $column) { if (PMA_isColumn($column, array('blob', 'tinyblob', 'mediumblob', 'longblob'))) { $has_blob_field = true; break; } } //Insert/Edit form //If table has blob fields we have to disable ajax. $html_output .= PMA_getHtmlForInsertEditFormHeader($has_blob_field, $is_upload); $html_output .= URL::getHiddenInputs($_form_params); $titles['Browse'] = Util::getIcon('b_browse.png', __('Browse foreign values')); // user can toggle the display of Function column and column types // (currently does not work for multi-edits) if (!$cfg['ShowFunctionFields'] || !$cfg['ShowFieldTypesInDataEditView']) { $html_output .= __('Show'); } if (!$cfg['ShowFunctionFields']) { $html_output .= PMA_showTypeOrFunction('function', $url_params, false); } if (!$cfg['ShowFieldTypesInDataEditView']) { $html_output .= PMA_showTypeOrFunction('type', $url_params, false); } $GLOBALS['plugin_scripts'] = array(); foreach ($rows as $row_id => $current_row) { if (empty($current_row)) {
/** * returns html code for db link to default db page * * @param string $database database * * @return string html link to default db page */ public static function getDbLink($database = null) { if (strlen($database) === 0) { if (strlen($GLOBALS['db']) === 0) { return ''; } $database = $GLOBALS['db']; } else { $database = self::unescapeMysqlWildcards($database); } return '<a href="' . Util::getScriptNameForOption( $GLOBALS['cfg']['DefaultTabDatabase'], 'database' ) . URL::getCommon(array('db' => $database)) . '" title="' . htmlspecialchars( sprintf( __('Jump to database "%s".'), $database ) ) . '">' . htmlspecialchars($database) . '</a>'; }
/** * Prints Every Item of Server Process * * @param array $process data of Every Item of Server Process * @param bool $show_full_sql show full sql or not * * @return string */ function PMA_getHtmlForServerProcessItem($process, $show_full_sql) { // Array keys need to modify due to the way it has used // to display column values if (!empty($_REQUEST['order_by_field']) && !empty($_REQUEST['sort_order']) || !empty($_REQUEST['showExecuting'])) { foreach (array_keys($process) as $key) { $new_key = ucfirst(mb_strtolower($key)); if ($new_key !== $key) { $process[$new_key] = $process[$key]; unset($process[$key]); } } } $url_params = array('kill' => $process['Id'], 'ajax_request' => true); $kill_process = 'server_status_processes.php' . URL::getCommon($url_params); $retval = '<tr>'; $retval .= '<td><a class="ajax kill_process" href="' . $kill_process . '">' . __('Kill') . '</a></td>'; $retval .= '<td class="value">' . $process['Id'] . '</td>'; $retval .= '<td>' . htmlspecialchars($process['User']) . '</td>'; $retval .= '<td>' . htmlspecialchars($process['Host']) . '</td>'; $retval .= '<td>' . (!isset($process['db']) || strlen($process['db']) === 0 ? '<i>' . __('None') . '</i>' : htmlspecialchars($process['db'])) . '</td>'; $retval .= '<td>' . htmlspecialchars($process['Command']) . '</td>'; $retval .= '<td class="value">' . $process['Time'] . '</td>'; $processStatusStr = empty($process['State']) ? '---' : $process['State']; $retval .= '<td>' . $processStatusStr . '</td>'; $processProgress = empty($process['Progress']) ? '---' : $process['Progress']; $retval .= '<td>' . $processProgress . '</td>'; $retval .= '<td>'; if (empty($process['Info'])) { $retval .= '---'; } else { $retval .= Util::formatSql($process['Info'], !$show_full_sql); } $retval .= '</td>'; $retval .= '</tr>'; return $retval; }
/** * Prints Html For Export Hidden Input * * @param String $export_type Selected Export Type * @param String $db Selected DB * @param String $table Selected Table * @param String $single_table Single Table * @param String $sql_query Sql Query * * @return string */ function PMA_getHtmlForHiddenInput($export_type, $db, $table, $single_table, $sql_query) { global $cfg; $html = ""; if ($export_type == 'server') { $html .= URL::getHiddenInputs('', '', 1); } elseif ($export_type == 'database') { $html .= URL::getHiddenInputs($db, '', 1); } else { $html .= URL::getHiddenInputs($db, $table, 1); } // just to keep this value for possible next display of this form after saving // on server if (!empty($single_table)) { $html .= '<input type="hidden" name="single_table" value="TRUE" />' . "\n"; } $html .= '<input type="hidden" name="export_type" value="' . $export_type . '" />'; $html .= "\n"; // If the export method was not set, the default is quick if (isset($_GET['export_method'])) { $cfg['Export']['method'] = $_GET['export_method']; } elseif (!isset($cfg['Export']['method'])) { $cfg['Export']['method'] = 'quick'; } // The export method (quick, custom or custom-no-form) $html .= '<input type="hidden" name="export_method" value="' . htmlspecialchars($cfg['Export']['method']) . '" />'; if (!empty($sql_query)) { $html .= '<input type="hidden" name="sql_query" value="' . htmlspecialchars($sql_query) . '" />' . "\n"; } elseif (isset($_GET['sql_query'])) { $html .= '<input type="hidden" name="sql_query" value="' . htmlspecialchars($_GET['sql_query']) . '" />' . "\n"; } $html .= '<input type="hidden" name="template_id"' . ' value="' . (isset($_GET['template_id']) ? htmlspecialchars($_GET['template_id']) : '') . '" />'; return $html; }
/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) */ public function authFails() { $conn_error = $GLOBALS['dbi']->getError(); if (!$conn_error) { $conn_error = __('Cannot connect: invalid settings.'); } /* HTML header */ $response = PMA\libraries\Response::getInstance(); $response->getFooter()->setMinimal(); $header = $response->getHeader(); $header->setBodyId('loginform'); $header->setTitle(__('Access denied!')); $header->disableMenuAndConsole(); echo '<br /><br /> <center> <h1>'; echo sprintf(__('Welcome to %s'), ' phpMyAdmin '); echo '</h1> </center> <br /> <table cellpadding="0" cellspacing="3" style="margin: 0 auto" width="80%"> <tr> <td>'; if (isset($GLOBALS['allowDeny_forbidden']) && $GLOBALS['allowDeny_forbidden']) { trigger_error(__('Access denied!'), E_USER_NOTICE); } else { // Check whether user has configured something if ($GLOBALS['PMA_Config']->source_mtime == 0) { echo '<p>', sprintf(__('You probably did not create a configuration file.' . ' You might want to use the %1$ssetup script%2$s to' . ' create one.'), '<a href="setup/">', '</a>'), '</p>', "\n"; } elseif (!isset($GLOBALS['errno']) || isset($GLOBALS['errno']) && $GLOBALS['errno'] != 2002 && $GLOBALS['errno'] != 2003) { // if we display the "Server not responding" error, do not confuse // users by telling them they have a settings problem // (note: it's true that they could have a badly typed host name, // but anyway the current message tells that the server // rejected the connection, which is not really what happened) // 2002 is the error given by mysqli // 2003 is the error given by mysql trigger_error(__('phpMyAdmin tried to connect to the MySQL server, and the' . ' server rejected the connection. You should check the' . ' host, username and password in your configuration and' . ' make sure that they correspond to the information given' . ' by the administrator of the MySQL server.'), E_USER_WARNING); } echo PMA\libraries\Util::mysqlDie($conn_error, '', true, '', false); } $GLOBALS['error_handler']->dispUserErrors(); echo '</td> </tr> <tr> <td>', "\n"; echo '<a href="', PMA\libraries\Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabServer'], 'server'), URL::getCommon(), '" class="button disableAjax">', __('Retry to connect'), '</a>', "\n"; echo '</td> </tr>', "\n"; if (count($GLOBALS['cfg']['Servers']) > 1) { // offer a chance to login to other servers if the current one failed include_once './libraries/select_server.lib.php'; echo '<tr>', "\n"; echo ' <td>', "\n"; echo PMA_selectServer(true, true); echo ' </td>', "\n"; echo '</tr>', "\n"; } echo '</table>', "\n"; if (!defined('TESTSUITE')) { exit; } return true; }
} exit; } } // end if (ensures db exists) /** * Changes database charset if requested by the user */ if (isset($_REQUEST['submitcollation']) && isset($_REQUEST['db_collation']) && !empty($_REQUEST['db_collation'])) { list($db_charset) = explode('_', $_REQUEST['db_collation']); $sql_query = 'ALTER DATABASE ' . PMA\libraries\Util::backquote($db) . ' DEFAULT' . Util::getCharsetQueryPart($_REQUEST['db_collation']); $result = $GLOBALS['dbi']->query($sql_query); $message = Message::success(); unset($db_charset); /** * If we are in an Ajax request, let us stop the execution here. Necessary for * db charset change action on db_operations.php. If this causes a bug on * other pages, we might have to move this to a different location. */ if ($GLOBALS['is_ajax_request'] == true) { $response = PMA\libraries\Response::getInstance(); $response->setRequestStatus($message->isSuccess()); $response->addJSON('message', $message); exit; } } /** * Set parameters for links */ $url_query = URL::getCommon(array('db' => $db));