function auth_error($exception = null) { global $connection, $adminer, $token; $session_name = session_name(); $error = ""; if (!$_COOKIE[$session_name] && $_GET[$session_name] && ini_bool("session.use_only_cookies")) { $error = lang('Session support must be enabled.'); } elseif (isset($_GET["username"])) { if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$token) { $error = lang('Session expired, please login again.'); } else { $password =& get_session("pwds"); if (isset($password)) { $error = h($exception ? $exception->getMessage() : (is_string($connection) ? $connection : lang('Invalid credentials.'))); $password = null; } } } page_header(lang('Login'), $error, null); echo "<form action='' method='post' onclick='eventStop(event);'>\n"; $adminer->loginForm(); echo "<div>"; hidden_fields($_POST, array("driver", "server", "username", "password", "permanent")); // expired session echo "</div>\n"; echo "</form>\n"; page_footer("auth"); }
function switch_lang() { global $LANG, $langs; echo "<form action=''>\n<div id='lang'>"; hidden_fields($_GET, array('lang')); echo lang('Language') . ": " . html_select("lang", $langs, $LANG, "var loc = location.search.replace(/[?&]lang=[^&]*/, ''); location.search = loc + (loc ? '&' : '') + 'lang=' + this.value;"); echo " <input type='submit' value='" . lang('Use') . "' class='hidden'>\n"; echo "</div>\n</form>\n"; }
} input($field, $value, $function); echo "\n"; } echo "</table>\n"; } ?> <p> <?php if ($fields) { echo "<input type='submit' value='" . lang('Save') . "'>\n"; if (!isset($_GET["select"])) { echo "<input type='submit' name='insert' value='" . ($update ? lang('Save and continue edit') : lang('Save and insert next')) . "' title='Ctrl+Shift+Enter'>\n"; } } echo $update ? "<input type='submit' name='delete' value='" . lang('Delete') . "' onclick=\"return confirm('" . lang('Are you sure?') . "');\">\n" : ($_POST || !$fields ? "" : "<script type='text/javascript'>document.getElementById('form').getElementsByTagName('td')[1].firstChild.focus();</script>\n"); if (isset($_GET["select"])) { hidden_fields(array("check" => (array) $_POST["check"], "clone" => $_POST["clone"], "all" => $_POST["all"])); } ?> <input type="hidden" name="referer" value="<?php echo h(isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]); ?> "> <input type="hidden" name="save" value="1"> <input type="hidden" name="token" value="<?php echo $token; ?> "> </form>
/** Print edit data form * @param string * @param array * @param mixed * @param bool * @return null */ function edit_form($TABLE, $fields, $row, $update) { global $adminer, $jush, $token, $error; $table_name = $adminer->tableName(table_status1($TABLE, true)); page_header($update ? lang('Edit') : lang('Insert'), $error, array("select" => array($TABLE, $table_name)), $table_name); if ($row === false) { echo "<p class='error'>" . lang('No rows.') . "\n"; } ?> <form action="" method="post" enctype="multipart/form-data" id="form"> <?php if (!$fields) { echo "<p class='error'>" . lang('You have no privileges to update this table.') . "\n"; } else { echo "<table cellspacing='0' onkeydown='return editingKeydown(event);'>\n"; foreach ($fields as $name => $field) { echo "<tr><th>" . $adminer->fieldName($field); $default = $_GET["set"][bracket_escape($name)]; if ($default === null) { $default = $field["default"]; if ($field["type"] == "bit" && preg_match("~^b'([01]*)'\$~", $default, $regs)) { $default = $regs[1]; } } $value = $row !== null ? $row[$name] != "" && $jush == "sql" && preg_match("~enum|set~", $field["type"]) ? is_array($row[$name]) ? array_sum($row[$name]) : +$row[$name] : $row[$name] : (!$update && $field["auto_increment"] ? "" : (isset($_GET["select"]) ? false : $default)); if (!$_POST["save"] && is_string($value)) { $value = $adminer->editVal($value, $field); } $function = $_POST["save"] ? (string) $_POST["function"][$name] : ($update && $field["on_update"] == "CURRENT_TIMESTAMP" ? "now" : ($value === false ? null : ($value !== null ? '' : 'NULL'))); if (preg_match("~time~", $field["type"]) && $value == "CURRENT_TIMESTAMP") { $value = ""; $function = "now"; } input($field, $value, $function); echo "\n"; } if (!support("table")) { echo "<tr>" . "<th><input name='field_keys[]' onkeyup='keyupChange.call(this);' onchange='fieldChange(this);' value=''>" . "<td class='function'>" . html_select("field_funs[]", $adminer->editFunctions(array("null" => isset($_GET["select"])))) . "<td><input name='field_vals[]'>" . "\n"; } echo "</table>\n"; } echo "<p>\n"; if ($fields) { echo "<input type='submit' value='" . lang('Save') . "'>\n"; if (!isset($_GET["select"])) { echo "<input type='submit' name='insert' value='" . ($update ? lang('Save and continue edit') . "' onclick='return !ajaxForm(this.form, \"" . lang('Saving') . '...", this)' : lang('Save and insert next')) . "' title='Ctrl+Shift+Enter'>\n"; } } echo $update ? "<input type='submit' name='delete' value='" . lang('Delete') . "'" . confirm() . ">\n" : ($_POST || !$fields ? "" : "<script type='text/javascript'>focus(document.getElementById('form').getElementsByTagName('td')[1].firstChild);</script>\n"); if (isset($_GET["select"])) { hidden_fields(array("check" => (array) $_POST["check"], "clone" => $_POST["clone"], "all" => $_POST["all"])); } ?> <input type="hidden" name="referer" value="<?php echo h(isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]); ?> "> <input type="hidden" name="save" value="1"> <input type="hidden" name="token" value="<?php echo $token; ?> "> </form> <?php }
/** Renders an error message and a login form * @param string plain text * @return null exits */ function auth_error($error) { global $adminer, $has_token; $error = h($error); $session_name = session_name(); if (isset($_GET["username"])) { header("HTTP/1.1 403 Forbidden"); // 401 requires sending WWW-Authenticate header if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$has_token) { $error = lang('Session expired, please login again.'); } else { add_invalid_login(); $password = get_password(); if ($password !== null) { if ($password === false) { $error .= '<br>' . lang('Master password expired. <a href="https://www.adminer.org/en/extension/" target="_blank">Implement</a> %s method to make it permanent.', '<code>permanentLogin()</code>'); } set_password(DRIVER, SERVER, $_GET["username"], null); } unset_permanent(); } } if (!$_COOKIE[$session_name] && $_GET[$session_name] && ini_bool("session.use_only_cookies")) { $error = lang('Session support must be enabled.'); } $params = session_get_cookie_params(); cookie("adminer_key", $_COOKIE["adminer_key"] ? $_COOKIE["adminer_key"] : rand_string(), $params["lifetime"]); page_header(lang('Login'), $error, null); echo "<form action='' method='post'>\n"; $adminer->loginForm(); echo "<div>"; hidden_fields($_POST, array("auth")); // expired session echo "</div>\n"; echo "</form>\n"; page_footer("auth"); exit; }