function auth_error($exception = null) { global $connection, $adminer, $token; $session_name = session_name(); $error = ""; if (!$_COOKIE[$session_name] && $_GET[$session_name] && ini_bool("session.use_only_cookies")) { $error = lang('Session support must be enabled.'); } elseif (isset($_GET["username"])) { if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$token) { $error = lang('Session expired, please login again.'); } else { $password =& get_session("pwds"); if (isset($password)) { $error = h($exception ? $exception->getMessage() : (is_string($connection) ? $connection : lang('Invalid credentials.'))); $password = null; } } } page_header(lang('Login'), $error, null); echo "<form action='' method='post' onclick='eventStop(event);'>\n"; $adminer->loginForm(); echo "<div>"; hidden_fields($_POST, array("driver", "server", "username", "password", "permanent")); // expired session echo "</div>\n"; echo "</form>\n"; page_footer("auth"); }
function auth_error($exception = null) { global $connection, $adminer, $has_token; $session_name = session_name(); $error = ""; if (!$_COOKIE[$session_name] && $_GET[$session_name] && ini_bool("session.use_only_cookies")) { $error = lang('Session support must be enabled.'); } elseif (isset($_GET["username"])) { if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$has_token) { $error = lang('Session expired, please login again.'); } else { $password = get_password(); if ($password !== null) { $error = h($exception ? $exception->getMessage() : (is_string($connection) ? $connection : lang('Invalid credentials.'))); if ($password === false) { $error .= '<br>' . lang('Master password expired. <a href="http://www.adminer.org/en/extension/" target="_blank">Implement</a> %s method to make it permanent.', '<code>permanentLogin()</code>'); } set_password(DRIVER, SERVER, $_GET["username"], null); } unset_permanent(); } } $params = session_get_cookie_params(); cookie("adminer_key", $_COOKIE["adminer_key"] ? $_COOKIE["adminer_key"] : rand_string(), $params["lifetime"]); page_header(lang('Login'), $error, null); echo "<form action='' method='post'>\n"; $adminer->loginForm(); echo "<div>"; hidden_fields($_POST, array("auth")); // expired session echo "</div>\n"; echo "</form>\n"; page_footer("auth"); }
$q = $_GET["sql"]; // overwrite $q from if ($_POST) to save memory if ($_POST) { $q = $_POST["query"]; } elseif ($_GET["history"] == "all") { $q = $history; } elseif ($_GET["history"] != "") { $q = $history[$_GET["history"]][0]; } echo "<p>"; textarea("query", $q, 20); echo $_POST ? "" : "<script type='text/javascript'>focus(document.getElementsByTagName('textarea')[0]);</script>\n"; echo "<p>{$execute}\n"; } else { echo "<fieldset><legend>" . lang('File upload') . "</legend><div>"; echo ini_bool("file_uploads") ? '<input type="file" name="sql_file[]" multiple> (< ' . ini_get("upload_max_filesize") . 'B)' : lang('File uploads are disabled.'); echo "\n{$execute}"; echo "</div></fieldset>\n"; echo "<fieldset><legend>" . lang('From server') . "</legend><div>"; echo lang('Webserver file %s', "<code>adminer.sql" . (extension_loaded("zlib") ? "[.gz]" : "") . "</code>"); echo ' <input type="submit" name="webfile" value="' . lang('Run file') . '">'; echo "</div></fieldset>\n"; echo "<p>"; } echo adminer_checkbox("error_stops", 1, $_POST ? $_POST["error_stops"] : isset($_GET["import"]), lang('Stop on error')) . "\n"; echo adminer_checkbox("only_errors", 1, $_POST ? $_POST["only_errors"] : isset($_GET["import"]), lang('Show only errors')) . "\n"; echo "<input type='hidden' name='token' value='{$token}'>\n"; if (!isset($_GET["import"]) && $history) { print_fieldset("history", lang('History'), $_GET["history"] != ""); for ($val = end($history); $val; $val = prev($history)) { // not array_reverse() to save memory
// overwrite $q from if ($_POST) to save memory if ($_POST) { $q = $_POST["query"]; } elseif ($_GET["history"] == "all") { $q = $history; } elseif ($_GET["history"] != "") { $q = $history[$_GET["history"]][0]; } echo "<p>"; textarea("query", $q, 20); echo $_POST ? "" : "<script type='text/javascript'>focus(document.getElementsByTagName('textarea')[0]);</script>\n"; echo "<p>{$execute}\n"; echo lang('Limit rows') . ": <input type='number' name='limit' class='size' value='" . h($_POST ? $_POST["limit"] : $_GET["limit"]) . "'>\n"; } else { echo "<fieldset><legend>" . lang('File upload') . "</legend><div>"; echo ini_bool("file_uploads") ? "SQL (< " . ini_get("upload_max_filesize") . "B): <input type='file' name='sql_file[]' multiple>\n{$execute}" : lang('File uploads are disabled.'); echo "</div></fieldset>\n"; echo "<fieldset><legend>" . lang('From server') . "</legend><div>"; echo lang('Webserver file %s', "<code>adminer.sql" . (extension_loaded("zlib") ? "[.gz]" : "") . "</code>"); echo ' <input type="submit" name="webfile" value="' . lang('Run file') . '">'; echo "</div></fieldset>\n"; echo "<p>"; } echo checkbox("error_stops", 1, $_POST ? $_POST["error_stops"] : isset($_GET["import"]), lang('Stop on error')) . "\n"; echo checkbox("only_errors", 1, $_POST ? $_POST["only_errors"] : isset($_GET["import"]), lang('Show only errors')) . "\n"; echo "<input type='hidden' name='token' value='{$token}'>\n"; if (!isset($_GET["import"]) && $history) { print_fieldset("history", lang('History'), $_GET["history"] != ""); for ($val = end($history); $val; $val = prev($history)) { // not array_reverse() to save memory $key = key($history);
/** Process edit input field * @param one field from fields() * @return string or false to leave the original value */ function process_input($field) { global $adminer; $idf = bracket_escape($field["field"]); $function = $_POST["function"][$idf]; $value = $_POST["fields"][$idf]; if ($field["type"] == "enum") { if ($value == -1) { return false; } if ($value == "") { return "NULL"; } return +$value; } if ($field["auto_increment"] && $value == "") { return null; } if ($function == "orig") { return $field["on_update"] == "CURRENT_TIMESTAMP" ? idf_escape($field["field"]) : false; } if ($function == "NULL") { return "NULL"; } if ($field["type"] == "set") { return array_sum((array) $value); } if ($function == "json") { $function = ""; $value = json_decode($value, true); if (!is_array($value)) { return false; //! report errors } return $value; } if (preg_match('~blob|bytea|raw|file~', $field["type"]) && ini_bool("file_uploads")) { $file = get_file("fields-{$idf}"); if (!is_string($file)) { return false; //! report errors } return q($file); } return $adminer->processInput($field, $value, $function); }
include "../adminer/lang/{$LANG}.inc.php"; include "../adminer/include/pdo.inc.php"; include "../adminer/include/driver.inc.php"; include "../adminer/drivers/sqlite.inc.php"; include "../adminer/drivers/pgsql.inc.php"; include "../adminer/drivers/oracle.inc.php"; include "../adminer/drivers/mssql.inc.php"; include "../adminer/drivers/simpledb.inc.php"; include "../adminer/drivers/mongo.inc.php"; include "../adminer/drivers/elastic.inc.php"; include "../adminer/drivers/mysql.inc.php"; // must be included as last driver define("SERVER", $_GET[DRIVER]); // read from pgsql=localhost define("DB", $_GET["db"]); // for the sake of speed and size define("ME", preg_replace('~^[^?]*/([^?]*).*~', '\\1', $_SERVER["REQUEST_URI"]) . '?' . (sid() ? SID . '&' : '') . (SERVER !== null ? DRIVER . "=" . urlencode(SERVER) . '&' : '') . (isset($_GET["username"]) ? "username="******"username"]) . '&' : '') . (DB != "" ? 'db=' . urlencode(DB) . '&' . (isset($_GET["ns"]) ? "ns=" . urlencode($_GET["ns"]) . "&" : "") : '')); include "../adminer/include/version.inc.php"; include "./include/adminer.inc.php"; include "../adminer/include/design.inc.php"; include "../adminer/include/xxtea.inc.php"; include "../adminer/include/auth.inc.php"; if (!ini_bool("session.use_cookies") || @ini_set("session.use_cookies", false) !== false) { // @ - may be disabled session_write_close(); // improves concurrency if a user opens several pages at once, may be restarted later } include "./include/connect.inc.php"; include "./include/editing.inc.php"; $on_actions = "RESTRICT|NO ACTION|CASCADE|SET NULL|SET DEFAULT"; ///< @var string used in foreign_keys()
?> <form action="" method="post" enctype="multipart/form-data" id="form"> <p><?php $q = $_GET["sql"]; // overwrite $q from if ($_POST) to save memory if ($_POST) { $q = $_POST["query"]; } elseif ($_GET["history"] == "all") { $q = $history; } elseif ($_GET["history"] != "") { $q = $history[$_GET["history"]][0]; } textarea("query", $q, 20); echo $_POST ? "" : "<script type='text/javascript'>document.getElementsByTagName('textarea')[0].focus();</script>\n"; echo "<p>" . (ini_bool("file_uploads") ? lang('File upload') . ': <input type="file" name="sql_file"' . ($_FILES && $_FILES["sql_file"]["error"] != 4 ? '' : ' onchange="this.form[\'only_errors\'].checked = true;"') . '> (< ' . ini_get("upload_max_filesize") . 'B)' : lang('File uploads are disabled.')); ?> <p> <input type="submit" value="<?php echo lang('Execute'); ?> " title="Ctrl+Enter"> <input type="hidden" name="token" value="<?php echo $token; ?> "> <?php echo checkbox("error_stops", 1, $_POST["error_stops"], lang('Stop on error')) . "\n"; echo checkbox("only_errors", 1, $_POST["only_errors"], lang('Show only errors')) . "\n"; print_fieldset("webfile", lang('From server'), $_POST["webfile"], "document.getElementById('form')['only_errors'].checked = true; "); $compress = array();