* @uses version_compare()
* @uses PHP_VERSION
*/
// verify if PHP supports session, die if it does not
if (!@function_exists('session_name')) {
$cfg = array('DefaultLang' => 'en-iso-8859-1', 'AllowAnywhereRecoding' => false);
// Loads the language file
require_once './libraries/select_lang.lib.php';
// Displays the error message
// (do not use & for parameters sent by header)
header('Location: ' . (defined('PMA_SETUP') ? '../' : '') . 'error.php' . '?lang=' . urlencode($available_languages[$lang][2]) . '&dir=' . urlencode($text_dir) . '&type=' . urlencode($strError) . '&error=' . urlencode(sprintf($strCantLoad, 'session')));
exit;
} elseif (ini_get('session.auto_start') == true && session_name() != 'phpMyAdmin') {
$_SESSION = array();
if (isset($_COOKIE[session_name()])) {
PMA_removeCookie(session_name());
}
session_unset();
@session_destroy();
}
// disable starting of sessions before all settings are done
// does not work, besides how it is written in php manual
//ini_set('session.auto_start', 0);
// session cookie settings
session_set_cookie_params(0, PMA_Config::getCookiePath() . '; HttpOnly', '', PMA_Config::isHttps());
// cookies are safer
ini_set('session.use_cookies', true);
// but not all user allow cookies
ini_set('session.use_only_cookies', false);
ini_set('session.use_trans_sid', true);
ini_set('url_rewriter.tags', 'a=href,frame=src,input=src,form=fakeentry,fieldset=');
$message = isset($submit_move) ? $strMoveTableSameNames : $strCopyTableSameNames;
} else {
PMA_Table::moveCopy($db, $table, $target_db, $new_name, $what, isset($submit_move), 'one_table');
$js_to_run = 'functions.js';
$message = isset($submit_move) ? $strMoveTableOK : $strCopyTableOK;
$message = sprintf($message, htmlspecialchars($table), htmlspecialchars($new_name));
$reload = 1;
/* Check: Work on new table or on old table? */
if (isset($submit_move)) {
$db = $target_db;
$table = $new_name;
} else {
$pma_uri_parts = parse_url($cfg['PmaAbsoluteUri']);
if (isset($switch_to_new) && $switch_to_new == 'true') {
PMA_setCookie('pma_switch_to_new', 'true');
$db = $target_db;
$table = $new_name;
} else {
PMA_removeCookie('pma_switch_to_new');
}
}
}
require_once './libs/header.inc.php';
} else {
require_once './libs/header.inc.php';
PMA_mysqlDie($strTableEmpty, '', '', $err_url);
}
/**
* Back to the calling script
*/
require './tbl_sql.php';
/**
* sets cookie if value is different from current cokkie value,
* or removes if value is equal to default
*
* @uses PMA_Config::isHttps()
* @uses PMA_Config::getCookiePath()
* @uses $_COOKIE
* @uses PMA_removeCookie()
* @uses setcookie()
* @uses time()
* @param string $cookie name of cookie to remove
* @param mixed $value new cookie value
* @param string $default default value
* @param int $validity validity of cookie in seconds (default is one month)
* @param bool $httponlt whether cookie is only for HTTP (and not for scripts)
* @return boolean result of setcookie()
*/
function PMA_setCookie($cookie, $value, $default = null, $validity = null, $httponly = true)
{
if ($validity == null) {
$validity = 2592000;
}
if (strlen($value) && null !== $default && $value === $default && isset($_COOKIE[$cookie])) {
// remove cookie, default value is used
return PMA_removeCookie($cookie);
}
if (!strlen($value) && isset($_COOKIE[$cookie])) {
// remove cookie, value is empty
return PMA_removeCookie($cookie);
}
if (!isset($_COOKIE[$cookie]) || $_COOKIE[$cookie] !== $value) {
// set cookie with new value
/* Calculate cookie validity */
if ($validity == 0) {
$v = 0;
} else {
$v = time() + $validity;
}
return setcookie($cookie, $value, $v, PMA_Config::getCookiePath(), '', PMA_Config::isHttps(), $httponly);
}
// cookie has already $value as value
return true;
}
// to be able to test with 5.3.0-dev)
if (function_exists('get_magic_quotes_gpc') && -1 == version_compare(PHP_VERSION, '5.2.99') && get_magic_quotes_gpc()) {
PMA_arrayWalkRecursive($_GET, 'stripslashes', true);
PMA_arrayWalkRecursive($_POST, 'stripslashes', true);
PMA_arrayWalkRecursive($_COOKIE, 'stripslashes', true);
PMA_arrayWalkRecursive($_REQUEST, 'stripslashes', true);
}
/**
* clean cookies on new install or upgrade
* when changing something with increment the cookie version
*/
$pma_cookie_version = 4;
if (isset($_COOKIE) && (!isset($_COOKIE['pmaCookieVer']) || $_COOKIE['pmaCookieVer'] < $pma_cookie_version)) {
// delete all cookies
foreach ($_COOKIE as $cookie_name => $tmp) {
PMA_removeCookie($cookie_name);
}
$_COOKIE = array();
PMA_setCookie('pmaCookieVer', $pma_cookie_version);
}
/**
* include deprecated grab_globals only if required
*/
if (empty($__redirect) && !defined('PMA_NO_VARIABLES_IMPORT')) {
require './libraries/grab_globals.lib.php';
}
/**
* include session handling after the globals, to prevent overwriting
*/
require_once './libraries/session.inc.php';
/**
/**
* sets cookie if value is different from current cokkie value,
* or removes if value is equal to default
*
* @uses PMA_Config::isHttps()
* @uses PMA_Config::getCookiePath()
* @uses $_COOKIE
* @uses PMA_removeCookie()
* @uses setcookie()
* @uses time()
* @param string $cookie name of cookie to remove
* @param mixed $value new cookie value
* @param string $default default value
* @return boolean result of setcookie()
*/
function PMA_setCookie($cookie, $value, $default = null)
{
if (strlen($value) && null !== $default && $value === $default && isset($_COOKIE[$cookie])) {
// remove cookie, default value is used
return PMA_removeCookie($cookie);
}
if (!strlen($value) && isset($_COOKIE[$cookie])) {
// remove cookie, value is empty
return PMA_removeCookie($cookie);
}
if (!isset($_COOKIE[$cookie]) || $_COOKIE[$cookie] !== $value) {
// set cookie with new value
return setcookie($cookie, $value, time() + 60 * 60 * 24 * 30, PMA_Config::getCookiePath(), '', PMA_Config::isHttps());
}
// cookie has already $value as value
return true;
}
$_SESSION['PMA_Config'] = new PMA_Config('./config.inc.php');
if (!defined('PMA_MINIMUM_COMMON')) {
$_SESSION['PMA_Config']->checkPmaAbsoluteUri();
}
/**
* BC - enable backward compatibility
* exports all configuration settings into $GLOBALS ($GLOBALS['cfg'])
*/
$_SESSION['PMA_Config']->enableBc();
/**
* check HTTPS connection
*/
if ($_SESSION['PMA_Config']->get('ForceSSL') && !$_SESSION['PMA_Config']->get('is_https')) {
PMA_sendHeaderLocation(preg_replace('/^http/', 'https', $_SESSION['PMA_Config']->get('PmaAbsoluteUri')) . PMA_generate_common_url($_GET, 'text'));
// delete the current session, otherwise we get problems (see bug #2397877)
PMA_removeCookie($GLOBALS['session_name']);
exit;
}
/******************************************************************************/
/* loading language file LABEL_loading_language_file */
/**
* Added messages while developing:
*/
if (file_exists('./lang/added_messages.php')) {
include './lang/added_messages.php';
}
/**
* lang detection is done here
*/
require_once './libraries/select_lang.lib.php';
/**
/**
* sets cookie if value is different from current cokkie value,
* or removes if value is equal to default
*
* @uses PMA_Config::isHttps()
* @uses PMA_Config::getCookiePath()
* @uses $_COOKIE
* @uses PMA_removeCookie()
* @uses setcookie()
* @uses time()
* @param string $cookie name of cookie to remove
* @param mixed $value new cookie value
* @param string $default default value
* @param int $validity validity of cookie in seconds (default is one month)
* @param bool $httponlt whether cookie is only for HTTP (and not for scripts)
* @return boolean result of setcookie()
*/
function PMA_setCookie($cookie, $value, $default = null, $validity = null, $httponly = true)
{
if ($validity == null) {
$validity = 2592000;
}
if (strlen($value) && null !== $default && $value === $default && isset($_COOKIE[$cookie])) {
// remove cookie, default value is used
return PMA_removeCookie($cookie);
}
if (!strlen($value) && isset($_COOKIE[$cookie])) {
// remove cookie, value is empty
return PMA_removeCookie($cookie);
}
if (!isset($_COOKIE[$cookie]) || $_COOKIE[$cookie] !== $value) {
// set cookie with new value
/* Calculate cookie validity */
if ($validity == 0) {
$v = 0;
} else {
$v = time() + $validity;
}
/* Use native support for httponly cookies if available */
if (version_compare(PHP_VERSION, '5.2.0', 'ge')) {
return setcookie($cookie, $value, $v, PMA_Config::getCookiePath(), '', PMA_Config::isHttps(), $httponly);
} else {
return setcookie($cookie, $value, $v, PMA_Config::getCookiePath() . ($httponly ? '; HttpOnly' : ''), '', PMA_Config::isHttps());
}
}
// cookie has already $value as value
return true;
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* @return boolean always true (no return indeed)
*
* @access public
*/
function PMA_auth_fails()
{
global $conn_error, $server;
// Deletes password cookie and displays the login form
PMA_removeCookie('pma_cookie_password-' . $server);
if (isset($GLOBALS['allowDeny_forbidden']) && $GLOBALS['allowDeny_forbidden']) {
$conn_error = $GLOBALS['strAccessDenied'];
} elseif (isset($GLOBALS['no_activity']) && $GLOBALS['no_activity']) {
$conn_error = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']);
// Remember where we got timeout to return on same place
if (PMA_getenv('SCRIPT_NAME')) {
$GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME'));
}
} elseif (PMA_DBI_getError()) {
$conn_error = PMA_sanitize(PMA_DBI_getError());
} elseif (isset($php_errormsg)) {
$conn_error = $php_errormsg;
} else {
$conn_error = $GLOBALS['strCannotLogin'];
}
PMA_auth();
return true;
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* prepares error message and switches to PMA_auth() which display the error
* and the login form
*
* this function MUST exit/quit the application,
* currently doen by call to PMA_auth()
*
* @uses $GLOBALS['server']
* @uses $GLOBALS['allowDeny_forbidden']
* @uses $GLOBALS['strAccessDenied']
* @uses $GLOBALS['strNoActivity']
* @uses $GLOBALS['strCannotLogin']
* @uses $GLOBALS['no_activity']
* @uses $cfg['LoginCookieValidity']
* @uses PMA_removeCookie()
* @uses PMA_getenv()
* @uses PMA_DBI_getError()
* @uses PMA_sanitize()
* @uses PMA_auth()
* @uses sprintf()
* @uses basename()
* @access public
*/
function PMA_auth_fails()
{
global $conn_error;
// Deletes password cookie and displays the login form
PMA_removeCookie('pmaPass-' . $GLOBALS['server']);
if (!empty($GLOBALS['login_without_password_is_forbidden'])) {
$conn_error = $GLOBALS['strLoginWithoutPassword'];
} elseif (!empty($GLOBALS['allowDeny_forbidden'])) {
$conn_error = $GLOBALS['strAccessDenied'];
} elseif (!empty($GLOBALS['no_activity'])) {
$conn_error = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']);
// Remember where we got timeout to return on same place
if (PMA_getenv('SCRIPT_NAME')) {
$GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME'));
// avoid "missing parameter: field" on re-entry
if ('tbl_alter.php' == $GLOBALS['target']) {
$GLOBALS['target'] = 'tbl_structure.php';
}
}
} elseif (PMA_DBI_getError()) {
$conn_error = '#' . $GLOBALS['errno'] . ' ' . $GLOBALS['strCannotLogin'];
} else {
$conn_error = $GLOBALS['strCannotLogin'];
}
// needed for PHP-CGI (not need for FastCGI or mod-php)
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Pragma: no-cache');
PMA_auth();
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* prepares error message and switches to PMA_auth() which display the error
* and the login form
*
* this function MUST exit/quit the application,
* currently doen by call to PMA_auth()
*
* @todo $php_errormsg is invalid here!? it will never be set in this scope
* @uses $GLOBALS['server']
* @uses $GLOBALS['allowDeny_forbidden']
* @uses $GLOBALS['strAccessDenied']
* @uses $GLOBALS['strNoActivity']
* @uses $GLOBALS['strCannotLogin']
* @uses $GLOBALS['no_activity']
* @uses $cfg['LoginCookieValidity']
* @uses PMA_removeCookie()
* @uses PMA_getenv()
* @uses PMA_DBI_getError()
* @uses PMA_sanitize()
* @uses PMA_auth()
* @uses sprintf()
* @uses basename()
* @access public
*/
function PMA_auth_fails()
{
global $conn_error;
// Deletes password cookie and displays the login form
PMA_removeCookie('pmaPass-' . $GLOBALS['server']);
if (!empty($GLOBALS['allowDeny_forbidden'])) {
$conn_error = $GLOBALS['strAccessDenied'];
} elseif (!empty($GLOBALS['no_activity'])) {
$conn_error = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']);
// Remember where we got timeout to return on same place
if (PMA_getenv('SCRIPT_NAME')) {
$GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME'));
// avoid "missing parameter: field" on re-entry
if ('tbl_alter.php' == $GLOBALS['target']) {
$GLOBALS['target'] = 'tbl_structure.php';
}
}
} elseif (PMA_DBI_getError()) {
$conn_error = PMA_sanitize(PMA_DBI_getError());
} elseif (isset($php_errormsg)) {
$conn_error = $php_errormsg;
} else {
$conn_error = $GLOBALS['strCannotLogin'];
}
PMA_auth();
}
/**
* sets cookie if value is different from current cokkie value,
* or removes if value is equal to default
*
* @uses $GLOBALS['cookie_path']
* @uses $GLOBALS['is_https']
* @uses $_COOKIE
* @uses PMA_removeCookie()
* @uses setcookie()
* @uses time()
* @param string $cookie name of cookie to remove
* @param mixed $value new cookie value
* @param string $default default value
* @return boolean result of setcookie()
*/
function PMA_setCookie($cookie, $value, $default = null)
{
if (strlen($value) && null !== $default && $value === $default) {
// remove cookie, default value is used
return PMA_removeCookie($cookie);
}
if (!strlen($value) && isset($_COOKIE[$cookie])) {
// remove cookie, value is empty
return PMA_removeCookie($cookie);
}
if (!isset($_COOKIE[$cookie]) || $_COOKIE[$cookie] !== $value) {
// set cookie with new value
return setcookie($cookie, $value, time() + 60 * 60 * 24 * 30, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']);
}
// cookie has already $value as value
return true;
}
