/**
* Test for PMA_lang
*
* @return void
* @test
*/
public function testPMALang()
{
$this->assertEquals("<a attr='value'>test</a>", PMA_lang("<a attr='value'>test</a>"));
$GLOBALS["strConfiglangKeyFooBar"] = "<a attr='value'>[em]test[/em]</a>";
$this->assertEquals("<a attr='value'><em>test</em></a>", PMA_lang("langKeyFooBar"));
$this->assertEquals("1988-08-01", PMA_lang("%04d-%02d-%02d", "1988", "8", "1"));
}
/**
* Outputs HTML for forms
*
* @param bool $tabbed_form if true, use a form with tabs
* @param bool $show_restore_default whether show "restore default" button
* besides the input field
* @param bool $show_buttons whether show submit and reset button
* @param string $form_action action attribute for the form
* @param array $hidden_fields array of form hidden fields (key: field
* name)
*
* @return string HTML for forms
*/
public function getDisplay($tabbed_form = false, $show_restore_default = false, $show_buttons = true, $form_action = null, $hidden_fields = null)
{
static $js_lang_sent = false;
$htmlOutput = '';
$js = array();
$js_default = array();
$htmlOutput .= PMA_displayFormTop($form_action, 'post', $hidden_fields);
if ($tabbed_form) {
$tabs = array();
foreach ($this->_forms as $form) {
$tabs[$form->name] = PMA_lang("Form_{$form->name}");
}
$htmlOutput .= PMA_displayTabsTop($tabs);
}
// validate only when we aren't displaying a "new server" form
$is_new_server = false;
foreach ($this->_forms as $form) {
/* @var $form Form */
if ($form->index === 0) {
$is_new_server = true;
break;
}
}
if (!$is_new_server) {
$this->_validate();
}
// user preferences
$this->_loadUserprefsInfo();
// display forms
$htmlOutput .= $this->_displayForms($show_restore_default, $js_default, $js, $show_buttons);
if ($tabbed_form) {
$htmlOutput .= PMA_displayTabsBottom();
}
$htmlOutput .= PMA_displayFormBottom();
// if not already done, send strings used for validation to JavaScript
if (!$js_lang_sent) {
$js_lang_sent = true;
$js_lang = array();
foreach ($this->_jsLangStrings as $strName => $strValue) {
$js_lang[] = "'{$strName}': '" . Sanitize::jsFormat($strValue, false) . '\'';
}
$js[] = "\$.extend(PMA_messages, {\n\t" . implode(",\n\t", $js_lang) . '})';
}
$js[] = "\$.extend(defaultValues, {\n\t" . implode(",\n\t", $js_default) . '})';
$htmlOutput .= PMA_displayJavascript($js);
return $htmlOutput;
}
//Is current one active?
$selected = ($GLOBALS['lang'] == $each_lang_key) ? ' selected="selected"' : '';
echo '<option value="' . $each_lang_key . '"' . $selected . '>' . $lang_name
. '</option>' . "\n";
}
?>
</select>
</form>
<?php
// Check for done action info and set notice message if present
switch ($action_done) {
case 'config_saved':
/* Use uniqid to display this message every time configuration is saved */
messages_set('notice', uniqid('config_saved'), __('Configuration saved.'),
PMA_lang(__('Configuration saved to file config/config.inc.php in phpMyAdmin top level directory, copy it to top level one and delete directory config to use it.')));
break;
default:
break;
}
?>
<h2><?php echo __('Overview') ?></h2>
<?php
// message handling
messages_end();
messages_show_html();
?>
<a href="#" id="show_hidden_messages" style="display:none"><?php echo __('Show hidden messages (#MSG_COUNT)') ?></a>
/**
* Outputs HTML for forms
*
* @uses ConfigFile::getInstance()
* @uses ConfigFile::get()
* @uses display_fieldset_bottom()
* @uses display_fieldset_top()
* @uses display_form_bottom()
* @uses display_form_top()
* @uses display_js()
* @uses display_tabs_bottom()
* @uses display_tabs_top()
* @uses js_validate()
* @uses PMA_config_get_validators()
* @uses PMA_jsFormat()
* @uses PMA_lang()
* @param bool $tabbed_form
* @param bool $show_restore_default whether show "restore default" button besides the input field
*/
public function display($tabbed_form = false, $show_restore_default = false)
{
static $js_lang_sent = false;
$js = array();
$js_default = array();
$tabbed_form = $tabbed_form && count($this->forms) > 1;
$validators = PMA_config_get_validators();
display_form_top();
if ($tabbed_form) {
$tabs = array();
foreach ($this->forms as $form) {
$tabs[$form->name] = PMA_lang("Form_{$form->name}");
}
display_tabs_top($tabs);
}
// valdiate only when we aren't displaying a "new server" form
$is_new_server = false;
foreach ($this->forms as $form) {
/* @var $form Form */
if ($form->index === 0) {
$is_new_server = true;
break;
}
}
if (!$is_new_server) {
$this->_validate();
}
// user preferences
$this->_loadUserprefsInfo();
// display forms
foreach ($this->forms as $form) {
/* @var $form Form */
$form_desc = isset($GLOBALS["strConfigForm_{$form->name}_desc"]) ? PMA_lang("Form_{$form->name}_desc") : '';
$form_errors = isset($this->errors[$form->name]) ? $this->errors[$form->name] : null;
display_fieldset_top(PMA_lang("Form_{$form->name}"), $form_desc, $form_errors, array('id' => $form->name));
foreach ($form->fields as $field => $path) {
$work_path = array_search($path, $this->system_paths);
$translated_path = $this->translated_paths[$work_path];
// always true/false for user preferences display
// otherwise null
$userprefs_allow = isset($this->userprefs_keys[$path]) ? !isset($this->userprefs_disallow[$path]) : null;
// display input
$this->_displayFieldInput($form, $field, $path, $work_path, $translated_path, $show_restore_default, $userprefs_allow, $js_default);
// register JS validators for this field
if (isset($validators[$path])) {
js_validate($translated_path, $validators[$path], $js);
}
}
display_fieldset_bottom();
}
if ($tabbed_form) {
display_tabs_bottom();
}
display_form_bottom();
// if not already done, send strings used for valdiation to JavaScript
if (!$js_lang_sent) {
$js_lang_sent = true;
$js_lang = array();
foreach ($this->js_lang_strings as $strName => $strValue) {
$js_lang[] = "'{$strName}': '" . PMA_jsFormat($strValue, false) . '\'';
}
$js[] = "\$.extend(PMA_messages, {\n\t" . implode(",\n\t", $js_lang) . '})';
}
$js[] = "\$.extend(defaultValues, {\n\t" . implode(",\n\t", $js_default) . '})';
display_js($js);
}
/**
* Returns translated field name/description or comment
*
* @param string $canonical_path path to handle
* @param string $type 'name', 'desc' or 'cmt'
* @param mixed $default default value
*
* @return string
*/
function PMA_langName($canonical_path, $type = 'name', $default = 'key')
{
$lang_key = str_replace(array('Servers/1/', '/'), array('Servers/', '_'), $canonical_path) . '_' . $type;
return isset($GLOBALS["strConfig{$lang_key}"]) ? $type == 'desc' ? PMA_lang($lang_key) : $GLOBALS["strConfig{$lang_key}"] : ($default == 'key' ? $lang_key : $default);
}
/**
* Check GZipDump configuration
*
* @param string $sGZipDumpWarn Warning for GZipDumpWarning
*
* @return void
*/
protected function performConfigChecksServerGZipdump($sGZipDumpWarn)
{
//
// $cfg['GZipDump']
// requires zlib functions
//
if ($this->cfg->getValue('GZipDump') && (@(!function_exists('gzopen')) || @(!function_exists('gzencode')))) {
PMA_messagesSet('error', 'GZipDump', PMA_lang(PMA_langName('GZipDump')), PMA_lang($sGZipDumpWarn, 'gzencode'));
}
}
/**
* Validates and saves form data to session
*
* @param array|string $forms array of form names
* @param bool $allow_partial_save allows for partial form saving on failed validation
* @return boolean true on success (no errors and all saved)
*/
public function save($forms, $allow_partial_save = true)
{
$result = true;
$cf = ConfigFile::getInstance();
$forms = (array) $forms;
$values = array();
$to_save = array();
$this->errors = array();
foreach ($forms as $form) {
/* @var $form Form */
if (isset($this->forms[$form])) {
$form = $this->forms[$form];
} else {
continue;
}
// get current server id
$change_index = $form->index === 0 ? $cf->getServerCount() + 1 : false;
// grab POST values
foreach ($form->fields as $field => $system_path) {
$work_path = array_search($system_path, $this->system_paths);
$key = $this->translated_paths[$work_path];
// ensure the value is set
if (!isset($_POST[$key])) {
// checkboxes aren't set by browsers if they're off
if ($form->getOptionType($field) == 'boolean') {
$_POST[$key] = false;
} else {
$this->errors[$form->name][] = PMA_lang('error_missing_field_data', '<i>' . PMA_lang_name($system_path) . '</i>');
$result = false;
continue;
}
}
// cast variables to correct type
$type = $form->getOptionType($field);
switch ($type) {
case 'double':
settype($_POST[$key], 'float');
break;
case 'boolean':
case 'integer':
if ($_POST[$key] !== '') {
settype($_POST[$key], $type);
}
break;
case 'select':
if (!$this->_validateSelect($_POST[$key], $form->getOptionValueList($system_path))) {
$this->errors[$work_path][] = $GLOBALS["strstrSetuperror_incorrect_value"];
$result = false;
continue;
}
break;
case 'string':
$_POST[$key] = trim($_POST[$key]);
break;
case 'array':
// eliminate empty values and ensure we have an array
$post_values = explode("\n", $_POST[$key]);
$_POST[$key] = array();
foreach ($post_values as $v) {
$v = trim($v);
if ($v !== '') {
$_POST[$key][] = $v;
}
}
break;
}
// now we have value with proper type
$values[$system_path] = $_POST[$key];
if ($change_index !== false) {
$work_path = str_replace("Servers/{$form->index}/", "Servers/{$change_index}/", $work_path);
}
$to_save[$work_path] = $system_path;
}
}
// save forms
if ($allow_partial_save || empty($this->errors)) {
foreach ($to_save as $work_path => $path) {
// TrustedProxies requires changes before saving
if ($path == 'TrustedProxies') {
$proxies = array();
$i = 0;
foreach ($values[$path] as $value) {
$matches = array();
if (preg_match("/^(.+):(?:[ ]?)(\\w+)\$/", $value, $matches)) {
// correct 'IP: HTTP header' pair
$ip = trim($matches[1]);
$proxies[$ip] = trim($matches[2]);
} else {
// save also incorrect values
$proxies["-{$i}"] = $value;
$i++;
}
}
$values[$path] = $proxies;
}
$cf->set($work_path, $values[$path], $path);
}
}
// don't look for non-critical errors
$this->_validate();
return $result;
}
/**
* Tests integer value
*
* @param string $path
* @param array $values
* @param bool $allow_neg allow negative values
* @param bool $allow_zero allow zero
* @param int $max_value max allowed value
* @param string $error_lang_key error message key: $GLOBALS["strSetup$error_lang_key"]
* @return string empty string if test is successful
*/
function test_number($path, $values, $allow_neg, $allow_zero, $max_value, $error_lang_key)
{
if ($values[$path] === '') {
return '';
}
if (intval($values[$path]) != $values[$path] || !$allow_neg && $values[$path] < 0 || !$allow_zero && $values[$path] == 0 || $values[$path] > $max_value) {
return PMA_lang($error_lang_key);
}
return '';
}
if (!defined('PHPMYADMIN')) {
exit;
}
// build user preferences menu
$form_param = isset($_GET['form']) ? $_GET['form'] : null;
if (!isset($forms[$form_param])) {
$forms_keys = array_keys($forms);
$form_param = array_shift($forms_keys);
}
$tabs_icons = array('Features' => 'b_tblops.png', 'Sql_queries' => 'b_sql.png', 'Navi_panel' => 'b_select.png', 'Main_panel' => 'b_props.png', 'Import' => 'b_import.png', 'Export' => 'b_export.png');
echo '<ul id="topmenu2" class="user_prefs_tabs">';
echo PMA_Util::getHtmlTab(array('link' => 'prefs_manage.php', 'text' => __('Manage your settings'))) . "\n";
echo '<li> </li>' . "\n";
$script_name = basename($GLOBALS['PMA_PHP_SELF']);
foreach (array_keys($forms) as $formset) {
$tab = array('link' => 'prefs_forms.php', 'text' => PMA_lang('Form_' . $formset), 'icon' => $tabs_icons[$formset], 'active' => $script_name == 'prefs_forms.php' && $formset == $form_param);
echo PMA_Util::getHtmlTab($tab, array('form' => $formset)) . "\n";
}
echo '</ul><div class="clearfloat"></div>';
// show "configuration saved" message and reload navigation panel if needed
if (!empty($_GET['saved'])) {
PMA_Message::rawSuccess(__('Configuration has been saved.'))->display();
}
/* debug code
$arr = $cf->getConfigArray();
$arr2 = array();
foreach ($arr as $k => $v) {
$arr2[] = "<b>$k</b> " . var_export($v, true);
}
$arr2 = implode(', ', $arr2);
$arr2 .= '<br />Blacklist: ' . (empty($cfg['UserprefsDisallow'])
$config_readable = false;
$config_writable = false;
$config_exists = false;
check_config_rw($config_readable, $config_writable, $config_exists);
if (!$config_writable || !$config_readable) {
messages_set('error', 'config_rw', __('Cannot load or save configuration'), PMA_lang(__('Please create web server writable folder [em]config[/em] in phpMyAdmin top level directory as described in [a@Documentation.html#setup_script]documentation[/a]. Otherwise you will be only able to download or display it.')));
}
//
// Check https connection
//
$is_https = !empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on';
if (!$is_https) {
$text = __('You are not using a secure connection; all data (including potentially sensitive information, like passwords) is transferred unencrypted!');
if (!empty($_SERVER['REQUEST_URI']) && !empty($_SERVER['HTTP_HOST'])) {
$strInsecureConnectionMsg2 = __('If your server is also configured to accept HTTPS requests follow [a@%s]this link[/a] to use a secure connection.');
$text .= ' ' . PMA_lang($strInsecureConnectionMsg2, 'https://' . htmlspecialchars($_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']));
}
messages_set('notice', 'no_https', __('Insecure connection'), $text);
}
?>
<form id="select_lang" method="post" action="<?php
echo htmlspecialchars($_SERVER['REQUEST_URI']);
?>
">
<?php
echo PMA_generate_common_hidden_inputs();
?>
<bdo xml:lang="en" dir="ltr"><label for="lang">
<?php
echo __('Language') . (__('Language') != 'Language' ? ' - Language' : '');
/**
* Performs various compatibility, security and consistency checks on current config
*
* Outputs results to message list, must be called between messages_begin()
* and messages_end()
*/
function perform_config_checks()
{
$cf = ConfigFile::getInstance();
$blowfish_secret = $cf->get('blowfish_secret');
$blowfish_secret_set = false;
$cookie_auth_used = false;
$strAllowArbitraryServerWarning = __('This %soption%s should be disabled as it allows attackers to bruteforce login to any MySQL server. If you feel this is necessary, use %strusted proxies list%s. However, IP-based protection may not be reliable if your IP belongs to an ISP where thousands of users, including you, are connected to.');
$strAllowArbitraryServerWarning = sprintf($strAllowArbitraryServerWarning, '[a@?page=form&formset=Features#tab_Security]', '[/a]', '[a@?page=form&formset=Features#tab_Security]', '[/a]');
$strBlowfishSecretMsg = __('You didn\'t have blowfish secret set and have enabled cookie authentication, so a key was automatically generated for you. It is used to encrypt cookies; you don\'t need to remember it.');
$strBZipDumpWarning = __('%sBzip2 compression and decompression%s requires functions (%s) which are unavailable on this system.');
$strBZipDumpWarning = sprintf($strBZipDumpWarning, '[a@?page=form&formset=Features#tab_Import_export]', '[/a]', '%s');
$strDirectoryNotice = __('This value should be double checked to ensure that this directory is neither world accessible nor readable or writable by other users on your server.');
$strForceSSLNotice = __('This %soption%s should be enabled if your web server supports it.');
$strForceSSLNotice = sprintf($strForceSSLNotice, '[a@?page=form&formset=Features#tab_Security]', '[/a]');
$strGZipDumpWarning = __('%sGZip compression and decompression%s requires functions (%s) which are unavailable on this system.');
$strGZipDumpWarning = sprintf($strGZipDumpWarning, '[a@?page=form&formset=Features#tab_Import_export]', '[/a]', '%s');
$strLoginCookieValidityWarning = __('%sLogin cookie validity%s greater than 1440 seconds may cause random session invalidation if %ssession.gc_maxlifetime%s is lower than its value (currently %d).');
$strLoginCookieValidityWarning = sprintf($strLoginCookieValidityWarning, '[a@?page=form&formset=Features#tab_Security]', '[/a]', '[a@' . PMA_getPHPDocLink('session.configuration.php#ini.session.gc-maxlifetime') . ']', '[/a]', ini_get('session.gc_maxlifetime'));
$strLoginCookieValidityWarning2 = __('%sLogin cookie validity%s should be set to 1800 seconds (30 minutes) at most. Values larger than 1800 may pose a security risk such as impersonation.');
$strLoginCookieValidityWarning2 = sprintf($strLoginCookieValidityWarning2, '[a@?page=form&formset=Features#tab_Security]', '[/a]');
$strLoginCookieValidityWarning3 = __('If using cookie authentication and %sLogin cookie store%s is not 0, %sLogin cookie validity%s must be set to a value less or equal to it.');
$strLoginCookieValidityWarning3 = sprintf($strLoginCookieValidityWarning3, '[a@?page=form&formset=Features#tab_Security]', '[/a]', '[a@?page=form&formset=Features#tab_Security]', '[/a]');
$strSecurityInfoMsg = __('If you feel this is necessary, use additional protection settings - %shost authentication%s settings and %strusted proxies list%s. However, IP-based protection may not be reliable if your IP belongs to an ISP where thousands of users, including you, are connected to.');
$strSecurityInfoMsg = sprintf($strSecurityInfoMsg, '[a@?page=servers&mode=edit&id=%1$d#tab_Server_config]', '[/a]', '[a@?page=form&formset=Features#tab_Security]', '[/a]');
$strServerAuthConfigMsg = __('You set the [kbd]config[/kbd] authentication type and included username and password for auto-login, which is not a desirable option for live hosts. Anyone who knows or guesses your phpMyAdmin URL can directly access your phpMyAdmin panel. Set %sauthentication type%s to [kbd]cookie[/kbd] or [kbd]http[/kbd].');
$strServerAuthConfigMsg = sprintf($strServerAuthConfigMsg, '[a@?page=servers&mode=edit&id=%1$d#tab_Server]', '[/a]');
$strZipDumpExportWarning = __('%sZip compression%s requires functions (%s) which are unavailable on this system.');
$strZipDumpExportWarning = sprintf($strZipDumpExportWarning, '[a@?page=form&formset=Features#tab_Import_export]', '[/a]', '%s');
$strZipDumpImportWarning = __('%sZip decompression%s requires functions (%s) which are unavailable on this system.');
$strZipDumpImportWarning = sprintf($strZipDumpImportWarning, '[a@?page=form&formset=Features#tab_Import_export]', '[/a]', '%s');
for ($i = 1, $server_cnt = $cf->getServerCount(); $i <= $server_cnt; $i++) {
$cookie_auth_server = ($cf->getValue("Servers/$i/auth_type") == 'cookie');
$cookie_auth_used |= $cookie_auth_server;
$server_name = $cf->getServerName($i);
if ($server_name == 'mysql.com') {
$server_name .= " [$i]";
}
$server_name = htmlspecialchars($server_name);
if ($cookie_auth_server && $blowfish_secret === null) {
$blowfish_secret = uniqid('', true);
$blowfish_secret_set = true;
$cf->set('blowfish_secret', $blowfish_secret);
}
//
// $cfg['Servers'][$i]['ssl']
// should be enabled if possible
//
if (!$cf->getValue("Servers/$i/ssl")) {
$title = PMA_lang(PMA_lang_name('Servers/1/ssl')) . " ($server_name)";
messages_set(
'notice',
"Servers/$i/ssl",
$title,
__('You should use SSL connections if your database server supports it.'));
}
//
// $cfg['Servers'][$i]['extension']
// warn about using 'mysql'
//
if ($cf->getValue("Servers/$i/extension") == 'mysql') {
$title = PMA_lang(PMA_lang_name('Servers/1/extension')) . " ($server_name)";
messages_set(
'notice',
"Servers/$i/extension",
$title,
__('You should use mysqli for performance reasons.'));
}
//
// $cfg['Servers'][$i]['auth_type']
// warn about full user credentials if 'auth_type' is 'config'
//
if ($cf->getValue("Servers/$i/auth_type") == 'config'
&& $cf->getValue("Servers/$i/user") != ''
&& $cf->getValue("Servers/$i/password") != '') {
$title = PMA_lang(PMA_lang_name('Servers/1/auth_type')) . " ($server_name)";
messages_set(
'notice',
"Servers/$i/auth_type",
$title,
PMA_lang($strServerAuthConfigMsg, $i) . ' ' .
PMA_lang($strSecurityInfoMsg, $i));
}
//
// $cfg['Servers'][$i]['AllowRoot']
// $cfg['Servers'][$i]['AllowNoPassword']
// serious security flaw
//
if ($cf->getValue("Servers/$i/AllowRoot")
&& $cf->getValue("Servers/$i/AllowNoPassword")) {
$title = PMA_lang(PMA_lang_name('Servers/1/AllowNoPassword')) . " ($server_name)";
messages_set(
'notice',
"Servers/$i/AllowNoPassword",
$title,
__('You allow for connecting to the server without a password.') . ' ' .
PMA_lang($strSecurityInfoMsg, $i));
}
}
//
// $cfg['blowfish_secret']
// it's required for 'cookie' authentication
//
if ($cookie_auth_used) {
if ($blowfish_secret_set) {
// 'cookie' auth used, blowfish_secret was generated
messages_set(
'notice',
'blowfish_secret_created',
PMA_lang(PMA_lang_name('blowfish_secret')),
$strBlowfishSecretMsg);
} else {
$blowfish_warnings = array();
// check length
if (strlen($blowfish_secret) < 8) {
// too short key
$blowfish_warnings[] = __('Key is too short, it should have at least 8 characters.');
}
// check used characters
$has_digits = (bool) preg_match('/\d/', $blowfish_secret);
$has_chars = (bool) preg_match('/\S/', $blowfish_secret);
$has_nonword = (bool) preg_match('/\W/', $blowfish_secret);
if (!$has_digits || !$has_chars || !$has_nonword) {
$blowfish_warnings[] = PMA_lang(__('Key should contain letters, numbers [em]and[/em] special characters.'));
}
if (!empty($blowfish_warnings)) {
messages_set(
'error',
'blowfish_warnings' . count($blowfish_warnings),
PMA_lang(PMA_lang_name('blowfish_secret')),
implode('<br />', $blowfish_warnings));
}
}
}
//
// $cfg['ForceSSL']
// should be enabled if possible
//
if (!$cf->getValue('ForceSSL')) {
messages_set(
'notice',
'ForceSSL',
PMA_lang(PMA_lang_name('ForceSSL')),
PMA_lang($strForceSSLNotice));
}
//
// $cfg['AllowArbitraryServer']
// should be disabled
//
if ($cf->getValue('AllowArbitraryServer')) {
messages_set(
'notice',
'AllowArbitraryServer',
PMA_lang(PMA_lang_name('AllowArbitraryServer')),
PMA_lang($strAllowArbitraryServerWarning));
}
//
// $cfg['LoginCookieValidity']
// value greater than session.gc_maxlifetime will cause random session invalidation after that time
//
if ($cf->getValue('LoginCookieValidity') > 1440
|| $cf->getValue('LoginCookieValidity') > ini_get('session.gc_maxlifetime')) {
$message_type = $cf->getValue('LoginCookieValidity') > ini_get('session.gc_maxlifetime')
? 'error'
: 'notice';
messages_set(
$message_type,
'LoginCookieValidity',
PMA_lang(PMA_lang_name('LoginCookieValidity')),
PMA_lang($strLoginCookieValidityWarning));
}
//
// $cfg['LoginCookieValidity']
// should be at most 1800 (30 min)
//
if ($cf->getValue('LoginCookieValidity') > 1800) {
messages_set(
'notice',
'LoginCookieValidity',
PMA_lang(PMA_lang_name('LoginCookieValidity')),
PMA_lang($strLoginCookieValidityWarning2));
}
//
// $cfg['LoginCookieValidity']
// $cfg['LoginCookieStore']
// LoginCookieValidity must be less or equal to LoginCookieStore
//
if ($cf->getValue('LoginCookieStore') != 0 && $cf->getValue('LoginCookieValidity') > $cf->getValue('LoginCookieStore')) {
messages_set(
'error',
'LoginCookieValidity',
PMA_lang(PMA_lang_name('LoginCookieValidity')),
PMA_lang($strLoginCookieValidityWarning3));
}
//
// $cfg['SaveDir']
// should not be world-accessible
//
if ($cf->getValue('SaveDir') != '') {
messages_set(
'notice',
'SaveDir',
PMA_lang(PMA_lang_name('SaveDir')),
PMA_lang($strDirectoryNotice));
}
//
// $cfg['TempDir']
// should not be world-accessible
//
if ($cf->getValue('TempDir') != '') {
messages_set(
'notice',
'TempDir',
PMA_lang(PMA_lang_name('TempDir')),
PMA_lang($strDirectoryNotice));
}
//
// $cfg['GZipDump']
// requires zlib functions
//
if ($cf->getValue('GZipDump')
&& (@!function_exists('gzopen') || @!function_exists('gzencode'))) {
messages_set(
'error',
'GZipDump',
PMA_lang(PMA_lang_name('GZipDump')),
PMA_lang($strGZipDumpWarning, 'gzencode'));
}
//
// $cfg['BZipDump']
// requires bzip2 functions
//
if ($cf->getValue('BZipDump')
&& (!@function_exists('bzopen') || !@function_exists('bzcompress'))) {
$functions = @function_exists('bzopen')
? '' :
'bzopen';
$functions .= @function_exists('bzcompress')
? ''
: ($functions ? ', ' : '') . 'bzcompress';
messages_set(
'error',
'BZipDump',
PMA_lang(PMA_lang_name('BZipDump')),
PMA_lang($strBZipDumpWarning, $functions));
}
//
// $cfg['ZipDump']
// requires zip_open in import
//
if ($cf->getValue('ZipDump') && !@function_exists('zip_open')) {
messages_set(
'error',
'ZipDump_import',
PMA_lang(PMA_lang_name('ZipDump')),
PMA_lang($strZipDumpImportWarning, 'zip_open'));
}
//
// $cfg['ZipDump']
// requires gzcompress in export
//
if ($cf->getValue('ZipDump') && !@function_exists('gzcompress')) {
messages_set(
'error',
'ZipDump_export',
PMA_lang(PMA_lang_name('ZipDump')),
PMA_lang($strZipDumpExportWarning, 'gzcompress'));
}
}
/**
* Processes forms registered in $form_display, handles error correction
*
* @param FormDisplay $form_display
*/
function process_formset(FormDisplay $form_display)
{
if (filter_input(INPUT_GET, 'mode') == 'revert') {
// revert erroneous fields to their default values
$form_display->fixErrors();
// drop post data
header('HTTP/1.1 303 See Other');
header('Location: index.php');
exit;
}
if (!$form_display->process(false)) {
// handle form view and failed POST
$form_display->display(true, true);
} else {
// check for form errors
if ($form_display->hasErrors()) {
// form has errors, show warning
$separator = PMA_get_arg_separator('html');
$page = filter_input(INPUT_GET, 'page');
$formset = filter_input(INPUT_GET, 'formset');
$formset = $formset ? "{$separator}formset={$formset}" : '';
$id = filter_input(INPUT_GET, 'id', FILTER_VALIDATE_INT);
if ($id === null && $page == 'servers') {
// we've just added a new server, get it's id
$id = ConfigFile::getInstance()->getServerCount();
}
$id = $id ? "{$separator}id={$id}" : '';
?>
<div class="warning">
<h4><?php
echo $GLOBALS['strSetupWarning'];
?>
</h4>
<?php
echo PMA_lang('error_form');
?>
<br />
<a href="?page=<?php
echo $page . $formset . $id . $separator;
?>
mode=revert"><?php
echo PMA_lang('RevertErroneousFields');
?>
</a>
</div>
<?php
$form_display->displayErrors();
?>
<a class="btn" href="index.php"><?php
echo PMA_lang('IgnoreErrors');
?>
</a>
<a class="btn" href="?page=<?php
echo $page . $formset . $id . $separator;
?>
mode=edit"><?php
echo PMA_lang('ShowForm');
?>
</a>
<?php
} else {
// drop post data
header('HTTP/1.1 303 See Other');
header('Location: index.php');
exit;
}
}
}
/**
* Performs various compatibility, security and consistency checks on current config
*
* Outputs results to message list, must be called between messages_begin()
* and messages_end()
*/
function perform_config_checks()
{
$cf = ConfigFile::getInstance();
$blowfish_secret = $cf->get('blowfish_secret');
$blowfish_secret_set = false;
$cookie_auth_used = false;
for ($i = 1, $server_cnt = $cf->getServerCount(); $i <= $server_cnt; $i++) {
$cookie_auth_server = $cf->getValue("Servers/{$i}/auth_type") == 'cookie';
$cookie_auth_used |= $cookie_auth_server;
$server_name = $cf->getServerName($i);
if ($server_name == 'localhost') {
$server_name .= " [{$i}]";
}
if ($cookie_auth_server && $blowfish_secret === null) {
$blowfish_secret = uniqid('', true);
$blowfish_secret_set = true;
$cf->set('blowfish_secret', $blowfish_secret);
}
//
// $cfg['Servers'][$i]['ssl']
// should be enabled if possible
//
if (!$cf->getValue("Servers/{$i}/ssl")) {
$title = PMA_lang_name('Servers/1/ssl') . " ({$server_name})";
messages_set('notice', "Servers/{$i}/ssl", $title, PMA_lang('ServerSslMsg'));
}
//
// $cfg['Servers'][$i]['extension']
// warn about using 'mysql'
//
if ($cf->getValue("Servers/{$i}/extension") == 'mysql') {
$title = PMA_lang_name('Servers/1/extension') . " ({$server_name})";
messages_set('notice', "Servers/{$i}/extension", $title, PMA_lang('ServerExtensionMsg'));
}
//
// $cfg['Servers'][$i]['auth_type']
// warn about full user credentials if 'auth_type' is 'config'
//
if ($cf->getValue("Servers/{$i}/auth_type") == 'config' && $cf->getValue("Servers/{$i}/user") != '' && $cf->getValue("Servers/{$i}/password") != '') {
$title = PMA_lang_name('Servers/1/auth_type') . " ({$server_name})";
messages_set('warning', "Servers/{$i}/auth_type", $title, PMA_lang('ServerAuthConfigMsg', $i) . ' ' . PMA_lang('ServerSecurityInfoMsg', $i));
}
//
// $cfg['Servers'][$i]['AllowRoot']
// $cfg['Servers'][$i]['AllowNoPassword']
// serious security flaw
//
if ($cf->getValue("Servers/{$i}/AllowRoot") && $cf->getValue("Servers/{$i}/AllowNoPassword")) {
$title = PMA_lang_name('Servers/1/AllowNoPassword') . " ({$server_name})";
messages_set('warning', "Servers/{$i}/AllowNoPassword", $title, PMA_lang('ServerNoPasswordMsg') . ' ' . PMA_lang('ServerSecurityInfoMsg', $i));
}
}
//
// $cfg['blowfish_secret']
// it's required for 'cookie' authentication
//
if ($cookie_auth_used) {
if ($blowfish_secret_set) {
// 'cookie' auth used, blowfish_secret was generated
messages_set('notice', 'blowfish_secret_created', 'blowfish_secret_name', PMA_lang('BlowfishSecretMsg'));
} else {
$blowfish_warnings = array();
// check length
if (strlen($blowfish_secret) < 8) {
// too short key
$blowfish_warnings[] = PMA_lang('BlowfishSecretLengthMsg');
}
// check used characters
$has_digits = (bool) preg_match('/\\d/', $blowfish_secret);
$has_chars = (bool) preg_match('/\\S/', $blowfish_secret);
$has_nonword = (bool) preg_match('/\\W/', $blowfish_secret);
if (!$has_digits || !$has_chars || !$has_nonword) {
$blowfish_warnings[] = PMA_lang('BlowfishSecretCharsMsg');
}
if (!empty($blowfish_warnings)) {
messages_set('warning', 'blowfish_warnings' . count($blowfish_warnings), 'blowfish_secret_name', implode("<br />", $blowfish_warnings));
}
}
}
//
// $cfg['ForceSSL']
// should be enabled if possible
//
if (!$cf->getValue('ForceSSL')) {
messages_set('notice', 'ForceSSL', 'ForceSSL_name', PMA_lang('ForceSSLMsg'));
}
//
// $cfg['AllowArbitraryServer']
// should be disabled
//
if ($cf->getValue('AllowArbitraryServer')) {
messages_set('warning', 'AllowArbitraryServer', 'AllowArbitraryServer_name', PMA_lang('AllowArbitraryServerMsg'));
}
//
// $cfg['LoginCookieValidity']
// should be at most 1800 (30 min)
//
if ($cf->getValue('LoginCookieValidity') > 1800) {
messages_set('warning', 'LoginCookieValidity', 'LoginCookieValidity_name', PMA_lang('LoginCookieValidityMsg'));
}
//
// $cfg['SaveDir']
// should not be world-accessible
//
if ($cf->getValue('SaveDir') != '') {
messages_set('notice', 'SaveDir', 'SaveDir_name', PMA_lang('DirectoryNotice'));
}
//
// $cfg['TempDir']
// should not be world-accessible
//
if ($cf->getValue('TempDir') != '') {
messages_set('notice', 'TempDir', 'TempDir_name', PMA_lang('DirectoryNotice'));
}
//
// $cfg['GZipDump']
// requires zlib functions
//
if ($cf->getValue('GZipDump') && (@(!function_exists('gzopen')) || @(!function_exists('gzencode')))) {
messages_set('warning', 'GZipDump', 'GZipDump_name', PMA_lang('GZipDumpWarning', 'gzencode'));
}
//
// $cfg['BZipDump']
// requires bzip2 functions
//
if ($cf->getValue('BZipDump') && (!@function_exists('bzopen') || !@function_exists('bzcompress'))) {
$functions = @function_exists('bzopen') ? '' : 'bzopen';
$functions .= @function_exists('bzcompress') ? '' : ($functions ? ', ' : '') . 'bzcompress';
messages_set('warning', 'BZipDump', 'BZipDump_name', PMA_lang('BZipDumpWarning', $functions));
}
//
// $cfg['ZipDump']
// requires zip_open in import
//
if ($cf->getValue('ZipDump') && !@function_exists('zip_open')) {
messages_set('warning', 'ZipDump_import', 'ZipDump_name', PMA_lang('ZipDumpImportWarning', 'zip_open'));
}
//
// $cfg['ZipDump']
// requires gzcompress in export
//
if ($cf->getValue('ZipDump') && !@function_exists('gzcompress')) {
messages_set('warning', 'ZipDump_export', 'ZipDump_name', PMA_lang('ZipDumpExportWarning', 'gzcompress'));
}
}
foreach ($all_languages as $each_lang_key => $each_lang) {
$lang_name = PMA_langName($each_lang);
//Is current one active?
$selected = $GLOBALS['lang'] == $each_lang_key ? ' selected="selected"' : '';
echo '<option value="' . $each_lang_key . '"' . $selected . '>' . $lang_name . '</option>' . "\n";
}
?>
</select>
</form>
<?php
// Check for done action info and set notice message if present
switch ($action_done) {
case 'config_saved':
/* Use uniqid to display this message every time configuration is saved */
messages_set('notice', uniqid('config_saved'), __('Configuration saved.'), PMA_lang(__('Configuration saved to file config/config.inc.php in phpMyAdmin top level directory, copy it to top level one and delete directory config to use it.')));
break;
default:
break;
}
?>
<h2><?php
echo __('Overview');
?>
</h2>
<?php
// message handling
messages_end();
messages_show_html();
'Main_frame' => 'b_props.png',
'Import' => 'b_import.png',
'Export' => 'b_export.png');
echo '<ul id="topmenu2">';
echo PMA_generate_html_tab(
array(
'link' => 'prefs_manage.php',
'text' => __('Manage your settings')
)
) . "\n";
echo '<li> </li>' . "\n";
$script_name = basename($GLOBALS['PMA_PHP_SELF']);
foreach (array_keys($forms) as $formset) {
$tab = array(
'link' => 'prefs_forms.php',
'text' => PMA_lang('Form_' . $formset),
'icon' => $tabs_icons[$formset],
'active' => ($script_name == 'prefs_forms.php' && $formset == $form_param));
echo PMA_generate_html_tab($tab, array('form' => $formset)) . "\n";
}
echo '</ul><div class="clearfloat"></div>';
// show "configuration saved" message and reload navigation frame if needed
if (!empty($_GET['saved'])) {
$message = PMA_Message::rawSuccess(__('Configuration has been saved'));
$message->display();
}
/* debug code
$arr = ConfigFile::getInstance()->getConfigArray();
$arr2 = array();
/**
* Returns translated field description
*
* @param string $canonical_path
* @return string
*/
function PMA_lang_desc($canonical_path)
{
$lang_key = str_replace(array('Servers/1/', '/'), array('Servers/', '_'), $canonical_path) . '_desc';
return isset($GLOBALS["strSetup{$lang_key}"]) ? PMA_lang($lang_key) : '';
}