If you want to include result in element attribute, you should escape it.
Examples:
bar
/**
* Returns sanitized language string, taking into account our special codes
* for formatting. Takes variable number of arguments.
* Based on Sanitize::sanitize from sanitize.lib.php.
*
* @param string $lang_key key in $GLOBALS WITHOUT 'strSetup' prefix
*
* @return string
*/
function PMA_lang($lang_key)
{
$message = isset($GLOBALS["strConfig{$lang_key}"]) ? $GLOBALS["strConfig{$lang_key}"] : $lang_key;
$message = Sanitize::sanitize($message);
if (func_num_args() == 1) {
return $message;
} else {
$args = func_get_args();
array_shift($args);
return vsprintf($message, $args);
}
}
/**
* Returns error message for failed authentication.
*
* @return string
*/
public function getErrorMessage()
{
if (!empty($GLOBALS['login_without_password_is_forbidden'])) {
return __('Login without a password is forbidden by configuration' . ' (see AllowNoPassword)');
} elseif (!empty($GLOBALS['allowDeny_forbidden'])) {
return __('Access denied!');
} elseif (!empty($GLOBALS['no_activity'])) {
return sprintf(__('No activity within %s seconds; please log in again.'), $GLOBALS['cfg']['LoginCookieValidity']);
} else {
$dbi_error = $GLOBALS['dbi']->getError();
if (!empty($dbi_error)) {
return Sanitize::sanitize($dbi_error);
} elseif (isset($GLOBALS['errno'])) {
return '#' . $GLOBALS['errno'] . ' ' . __('Cannot log in to the MySQL server');
} else {
return __('Cannot log in to the MySQL server');
}
}
}
/**
* Returns whether the row count is approximated
*
* @param array $current_table array containing details about the table
* @param boolean $table_is_view whether the table is a view
*
* @return array
*/
protected function isRowCountApproximated($current_table, $table_is_view)
{
$approx_rows = false;
$show_superscript = '';
// there is a null value in the ENGINE
// - when the table needs to be repaired, or
// - when it's a view
// so ensure that we'll display "in use" below for a table
// that needs to be repaired
if (isset($current_table['TABLE_ROWS']) && ($current_table['ENGINE'] != null || $table_is_view)) {
// InnoDB table: we did not get an accurate row count
$approx_rows = !$table_is_view && $current_table['ENGINE'] == 'InnoDB' && !$current_table['COUNTED'];
if ($table_is_view && $current_table['TABLE_ROWS'] >= $GLOBALS['cfg']['MaxExactCountViews']) {
$approx_rows = true;
$show_superscript = Util::showHint(Sanitize::sanitize(sprintf(__('This view has at least this number of ' . 'rows. Please refer to %sdocumentation%s.'), '[doc@cfg_MaxExactCountViews]', '[/doc]')));
}
}
return array($approx_rows, $show_superscript);
}
/**
* decode $message, taking into account our special codes
* for formatting
*
* @param string $message the message
*
* @return string the decoded message
* @access public
* @static
*/
public static function decodeBB($message)
{
return Sanitize::sanitize($message, false, true);
}
/**
* Prepare the message and the query
* usually the message is the result of the query executed
*
* @param Message|string $message the message to display
* @param string $sql_query the query to display
* @param string $type the type (level) of the message
*
* @return string
*
* @access public
*/
public static function getMessage(
$message,
$sql_query = null,
$type = 'notice'
) {
global $cfg;
$retval = '';
if (null === $sql_query) {
if (! empty($GLOBALS['display_query'])) {
$sql_query = $GLOBALS['display_query'];
} elseif (! empty($GLOBALS['unparsed_sql'])) {
$sql_query = $GLOBALS['unparsed_sql'];
} elseif (! empty($GLOBALS['sql_query'])) {
$sql_query = $GLOBALS['sql_query'];
} else {
$sql_query = '';
}
}
$render_sql = $cfg['ShowSQL'] == true && ! empty($sql_query) && $sql_query !== ';';
if (isset($GLOBALS['using_bookmark_message'])) {
$retval .= $GLOBALS['using_bookmark_message']->getDisplay();
unset($GLOBALS['using_bookmark_message']);
}
if ($render_sql) {
$retval .= '<div class="result_query"'
. ' style="text-align: ' . $GLOBALS['cell_align_left'] . '"'
. '>' . "\n";
}
if ($message instanceof Message) {
if (isset($GLOBALS['special_message'])) {
$message->addText($GLOBALS['special_message']);
unset($GLOBALS['special_message']);
}
$retval .= $message->getDisplay();
} else {
$retval .= '<div class="' . $type . '">';
$retval .= Sanitize::sanitize($message);
if (isset($GLOBALS['special_message'])) {
$retval .= Sanitize::sanitize($GLOBALS['special_message']);
unset($GLOBALS['special_message']);
}
$retval .= '</div>';
}
if ($render_sql) {
$query_too_big = false;
$queryLength = mb_strlen($sql_query);
if ($queryLength > $cfg['MaxCharactersInDisplayedSQL']) {
// when the query is large (for example an INSERT of binary
// data), the parser chokes; so avoid parsing the query
$query_too_big = true;
$query_base = mb_substr(
$sql_query,
0,
$cfg['MaxCharactersInDisplayedSQL']
) . '[...]';
} else {
$query_base = $sql_query;
}
// Html format the query to be displayed
// If we want to show some sql code it is easiest to create it here
/* SQL-Parser-Analyzer */
if (! empty($GLOBALS['show_as_php'])) {
$new_line = '\\n"<br />' . "\n" . ' . "';
$query_base = '$sql = \'' . $query_base;
$query_base = '<code class="php"><pre>' . "\n"
. htmlspecialchars(addslashes($query_base));
$query_base = preg_replace(
'/((\015\012)|(\015)|(\012))/',
$new_line,
$query_base
);
$query_base = '$sql = \'' . $query_base . '"';
} elseif ($query_too_big) {
$query_base = htmlspecialchars($query_base);
} else {
$query_base = self::formatSql($query_base);
}
// Prepares links that may be displayed to edit/explain the query
// (don't go to default pages, we must go to the page
// where the query box is available)
// Basic url query part
$url_params = array();
if (! isset($GLOBALS['db'])) {
$GLOBALS['db'] = '';
}
if (strlen($GLOBALS['db']) > 0) {
$url_params['db'] = $GLOBALS['db'];
if (strlen($GLOBALS['table']) > 0) {
$url_params['table'] = $GLOBALS['table'];
$edit_link = 'tbl_sql.php';
} else {
$edit_link = 'db_sql.php';
}
} else {
$edit_link = 'server_sql.php';
}
// Want to have the query explained
// but only explain a SELECT (that has not been explained)
/* SQL-Parser-Analyzer */
$explain_link = '';
$is_select = preg_match('@^SELECT[[:space:]]+@i', $sql_query);
if (! empty($cfg['SQLQuery']['Explain']) && ! $query_too_big) {
$explain_params = $url_params;
if ($is_select) {
$explain_params['sql_query'] = 'EXPLAIN ' . $sql_query;
$explain_link = ' ['
. self::linkOrButton(
'import.php' . URL::getCommon($explain_params),
__('Explain SQL')
) . ']';
} elseif (preg_match(
'@^EXPLAIN[[:space:]]+SELECT[[:space:]]+@i',
$sql_query
)) {
$explain_params['sql_query']
= mb_substr($sql_query, 8);
$explain_link = ' ['
. self::linkOrButton(
'import.php' . URL::getCommon($explain_params),
__('Skip Explain SQL')
) . ']';
$url = 'https://mariadb.org/explain_analyzer/analyze/'
. '?client=phpMyAdmin&raw_explain='
. urlencode(self::_generateRowQueryOutput($sql_query));
$explain_link .= ' ['
. self::linkOrButton(
htmlspecialchars('url.php?url=' . urlencode($url)),
sprintf(__('Analyze Explain at %s'), 'mariadb.org'),
array(),
true,
false,
'_blank'
) . ']';
}
} //show explain
$url_params['sql_query'] = $sql_query;
$url_params['show_query'] = 1;
// even if the query is big and was truncated, offer the chance
// to edit it (unless it's enormous, see linkOrButton() )
if (! empty($cfg['SQLQuery']['Edit'])
&& empty($GLOBALS['show_as_php'])
) {
$edit_link .= URL::getCommon($url_params) . '#querybox';
$edit_link = ' ['
. self::linkOrButton($edit_link, __('Edit'))
. ']';
} else {
$edit_link = '';
}
// Also we would like to get the SQL formed in some nice
// php-code
if (! empty($cfg['SQLQuery']['ShowAsPHP']) && ! $query_too_big) {
if (! empty($GLOBALS['show_as_php'])) {
$php_link = ' ['
. self::linkOrButton(
'import.php' . URL::getCommon($url_params),
__('Without PHP code'),
array(),
true,
false,
'',
true
)
. ']';
$php_link .= ' ['
. self::linkOrButton(
'import.php' . URL::getCommon($url_params),
__('Submit query'),
array(),
true,
false,
'',
true
)
. ']';
} else {
$php_params = $url_params;
$php_params['show_as_php'] = 1;
$_message = __('Create PHP code');
$php_link = ' ['
. self::linkOrButton(
'import.php' . URL::getCommon($php_params),
$_message
)
. ']';
}
} else {
$php_link = '';
} //show as php
// Refresh query
if (! empty($cfg['SQLQuery']['Refresh'])
&& ! isset($GLOBALS['show_as_php']) // 'Submit query' does the same
&& preg_match('@^(SELECT|SHOW)[[:space:]]+@i', $sql_query)
) {
$refresh_link = 'import.php' . URL::getCommon($url_params);
$refresh_link = ' ['
. self::linkOrButton($refresh_link, __('Refresh')) . ']';
} else {
$refresh_link = '';
} //refresh
$retval .= '<div class="sqlOuter">';
$retval .= $query_base;
//Clean up the end of the PHP
if (! empty($GLOBALS['show_as_php'])) {
$retval .= '\';' . "\n"
. '</pre></code>';
}
$retval .= '</div>';
$retval .= '<div class="tools print_ignore">';
$retval .= '<form action="sql.php" method="post">';
$retval .= URL::getHiddenInputs($GLOBALS['db'], $GLOBALS['table']);
$retval .= '<input type="hidden" name="sql_query" value="'
. htmlspecialchars($sql_query) . '" />';
// avoid displaying a Profiling checkbox that could
// be checked, which would reexecute an INSERT, for example
if (! empty($refresh_link) && self::profilingSupported()) {
$retval .= '<input type="hidden" name="profiling_form" value="1" />';
$retval .= Template::get('checkbox')
->render(
array(
'html_field_name' => 'profiling',
'label' => __('Profiling'),
'checked' => isset($_SESSION['profiling']),
'onclick' => true,
'html_field_id' => '',
)
);
}
$retval .= '</form>';
/**
* TODO: Should we have $cfg['SQLQuery']['InlineEdit']?
*/
if (! empty($cfg['SQLQuery']['Edit'])
&& ! $query_too_big
&& empty($GLOBALS['show_as_php'])
) {
$inline_edit_link = ' ['
. self::linkOrButton(
'#',
_pgettext('Inline edit query', 'Edit inline'),
array('class' => 'inline_edit_sql')
)
. ']';
} else {
$inline_edit_link = '';
}
$retval .= $inline_edit_link . $edit_link . $explain_link . $php_link
. $refresh_link;
$retval .= '</div>';
$retval .= '</div>';
}
return $retval;
} // end of the 'getMessage()' function
foreach ($all_languages as $each_lang) {
//Is current one active?
$selected = $each_lang->isActive() ? ' selected="selected"' : '';
echo '<option value="', $each_lang->getCode(), '"', $selected, '>', $each_lang->getName(), '</option>', "\n";
}
echo '</select>';
echo '</form>';
// Check for done action info and set notice message if present
switch ($action_done) {
case 'config_saved':
/* Use uniqid to display this message every time configuration is saved */
PMA_messagesSet('notice', uniqid('config_saved'), __('Configuration saved.'), Sanitize::sanitize(__('Configuration saved to file config/config.inc.php in phpMyAdmin ' . 'top level directory, copy it to top level one and delete ' . 'directory config to use it.')));
break;
case 'config_not_saved':
/* Use uniqid to display this message every time configuration is saved */
PMA_messagesSet('notice', uniqid('config_not_saved'), __('Configuration not saved!'), Sanitize::sanitize(__('Please create web server writable folder [em]config[/em] in ' . 'phpMyAdmin top level directory as described in ' . '[doc@setup_script]documentation[/doc]. Otherwise you will be ' . 'only able to download or display it.')));
break;
default:
break;
}
echo '<h2>', __('Overview'), '</h2>';
// message handling
PMA_messagesEnd();
PMA_messagesShowHtml();
echo '<a href="#" id="show_hidden_messages" style="display:none">';
echo __('Show hidden messages (#MSG_COUNT)');
echo '</a>';
echo '<fieldset class="simple"><legend>';
echo __('Servers');
echo '</legend>';
//
}
// end if
}
/**
* Warning about different MySQL library and server version
* (a difference on the third digit does not count).
* If someday there is a constant that we can check about mysqlnd,
* we can use it instead of strpos().
* If no default server is set, $GLOBALS['dbi'] is not defined yet.
* We also do not warn if MariaDB is detected, as it has its own version
* numbering.
*/
if (isset($GLOBALS['dbi']) && $cfg['ServerLibraryDifference_DisableWarning'] == false) {
$_client_info = $GLOBALS['dbi']->getClientInfo();
if ($server > 0 && mb_strpos($_client_info, 'mysqlnd') === false && mb_strpos(PMA_MYSQL_STR_VERSION, 'MariaDB') === false && substr(PMA_MYSQL_CLIENT_API, 0, 3) != substr(PMA_MYSQL_INT_VERSION, 0, 3)) {
trigger_error(Sanitize::sanitize(sprintf(__('Your PHP MySQL library version %s differs from your ' . 'MySQL server version %s. This may cause unpredictable ' . 'behavior.'), $_client_info, substr(PMA_MYSQL_STR_VERSION, 0, strpos(PMA_MYSQL_STR_VERSION . '-', '-')))), E_USER_NOTICE);
}
unset($_client_info);
}
/**
* Warning about Suhosin only if its simulation mode is not enabled
*/
if ($cfg['SuhosinDisableWarning'] == false && @ini_get('suhosin.request.max_value_length') && @ini_get('suhosin.simulation') == '0') {
trigger_error(sprintf(__('Server running with Suhosin. Please refer to %sdocumentation%s ' . 'for possible issues.'), '[doc@faq1-38]', '[/doc]'), E_USER_WARNING);
}
/**
* Warning about incomplete translations.
*
* The data file is created while creating release by ./scripts/remove-incomplete-mo
*/
if (@file_exists('libraries/language_stats.inc.php')) {
/**
* Tests output escaping.
*
* @return void
*/
public function testEscape()
{
$this->assertEquals('<strong>strong</strong>', Sanitize::sanitize('[strong]strong[/strong]', true));
}
/**
* Prepare a table of results returned by a SQL query.
*
* @param integer &$dt_result the link id associated to the query
* which results have to be displayed
* @param array &$displayParts the parts to display
* @param array $analyzed_sql_results analyzed sql results
* @param boolean $is_limited_display With limited operations or not
*
* @return string $table_html Generated HTML content for resulted table
*
* @access public
*
* @see sql.php file
*/
public function getTable(&$dt_result, &$displayParts, $analyzed_sql_results, $is_limited_display = false)
{
/**
* The statement this table is built for.
* @var \SqlParser\Statements\SelectStatement
*/
$statement = $analyzed_sql_results['statement'];
$table_html = '';
// Following variable are needed for use in isset/empty or
// use with array indexes/safe use in foreach
$fields_meta = $this->__get('fields_meta');
$showtable = $this->__get('showtable');
$printview = $this->__get('printview');
// why was this called here? (already called from sql.php)
//$this->setConfigParamsForDisplayTable();
/**
* @todo move this to a central place
* @todo for other future table types
*/
$is_innodb = isset($showtable['Type']) && $showtable['Type'] == self::TABLE_TYPE_INNO_DB;
if ($is_innodb && PMA_isJustBrowsing($analyzed_sql_results, true)) {
// "j u s t b r o w s i n g"
$pre_count = '~';
$after_count = Util::showHint(Sanitize::sanitize(__('May be approximate. See [doc@faq3-11]FAQ 3.11[/doc].')));
} else {
$pre_count = '';
$after_count = '';
}
// 1. ----- Prepares the work -----
// 1.1 Gets the information about which functionalities should be
// displayed
list($displayParts, $total) = $this->_setDisplayPartsAndTotal($displayParts);
// 1.2 Defines offsets for the next and previous pages
if ($displayParts['nav_bar'] == '1') {
list($pos_next, $pos_prev) = $this->_getOffsets();
}
// end if
// 1.3 Extract sorting expressions.
// we need $sort_expression and $sort_expression_nodirection
// even if there are many table references
$sort_expression = array();
$sort_expression_nodirection = array();
$sort_direction = array();
if (!empty($statement->order)) {
foreach ($statement->order as $o) {
$sort_expression[] = $o->expr->expr . ' ' . $o->type;
$sort_expression_nodirection[] = $o->expr->expr;
$sort_direction[] = $o->type;
}
} else {
$sort_expression[] = '';
$sort_expression_nodirection[] = '';
$sort_direction[] = '';
}
$number_of_columns = count($sort_expression_nodirection);
// 1.4 Prepares display of first and last value of the sorted column
$sorted_column_message = '';
for ($i = 0; $i < $number_of_columns; $i++) {
$sorted_column_message .= $this->_getSortedColumnMessage($dt_result, $sort_expression_nodirection[$i]);
}
// 2. ----- Prepare to display the top of the page -----
// 2.1 Prepares a messages with position information
if ($displayParts['nav_bar'] == '1' && isset($pos_next)) {
$message = $this->_setMessageInformation($sorted_column_message, $analyzed_sql_results, $total, $pos_next, $pre_count, $after_count);
$table_html .= Util::getMessage($message, $this->__get('sql_query'), 'success');
} elseif ((!isset($printview) || $printview != '1') && !$is_limited_display) {
$table_html .= Util::getMessage(__('Your SQL query has been executed successfully.'), $this->__get('sql_query'), 'success');
}
// 2.3 Prepare the navigation bars
if (!mb_strlen($this->__get('table'))) {
if ($analyzed_sql_results['querytype'] == 'SELECT') {
// table does not always contain a real table name,
// for example in MySQL 5.0.x, the query SHOW STATUS
// returns STATUS as a table name
$this->__set('table', $fields_meta[0]->table);
} else {
$this->__set('table', '');
}
}
// can the result be sorted?
if ($displayParts['sort_lnk'] == '1') {
// At this point, $sort_expression is an array but we only verify
// the first element in case we could find that the table is
// sorted by one of the choices listed in the
// "Sort by key" drop-down
list($unsorted_sql_query, $sort_by_key_html) = $this->_getUnsortedSqlAndSortByKeyDropDown($analyzed_sql_results, $sort_expression[0]);
} else {
$sort_by_key_html = $unsorted_sql_query = '';
}
if ($displayParts['nav_bar'] == '1' && empty($statement->limit)) {
$table_html .= $this->_getPlacedTableNavigations($pos_next, $pos_prev, self::PLACE_TOP_DIRECTION_DROPDOWN, $is_innodb, $sort_by_key_html);
}
// 2b ----- Get field references from Database -----
// (see the 'relation' configuration variable)
// initialize map
$map = array();
$target = array();
if (!empty($statement->from)) {
foreach ($statement->from as $field) {
if (!empty($field->table)) {
$target[] = $field->table;
}
}
}
if (mb_strlen($this->__get('table'))) {
// This method set the values for $map array
$this->_setParamForLinkForeignKeyRelatedTables($map);
// Coming from 'Distinct values' action of structure page
// We manipulate relations mechanism to show a link to related rows.
if ($this->__get('is_browse_distinct')) {
$map[$fields_meta[1]->name] = array($this->__get('table'), $fields_meta[1]->name, '', $this->__get('db'));
}
}
// end if
// end 2b
// 3. ----- Prepare the results table -----
if ($is_limited_display) {
$table_html .= "<br>";
}
$table_html .= $this->_getTableHeaders($displayParts, $analyzed_sql_results, $unsorted_sql_query, $sort_expression, $sort_expression_nodirection, $sort_direction, $is_limited_display);
$table_html .= '<tbody>' . "\n";
$table_html .= $this->_getTableBody($dt_result, $displayParts, $map, $analyzed_sql_results, $is_limited_display);
$this->__set('display_params', null);
$table_html .= '</tbody>' . "\n" . '</table>';
// 4. ----- Prepares the link for multi-fields edit and delete
if ($displayParts['del_lnk'] == self::DELETE_ROW && $displayParts['del_lnk'] != self::KILL_PROCESS) {
$table_html .= $this->_getMultiRowOperationLinks($dt_result, $analyzed_sql_results, $displayParts['del_lnk']);
}
// 5. ----- Get the navigation bar at the bottom if required -----
if ($displayParts['nav_bar'] == '1' && empty($statement->limit)) {
$table_html .= $this->_getPlacedTableNavigations($pos_next, $pos_prev, self::PLACE_BOTTOM_DIRECTION_DROPDOWN, $is_innodb, $sort_by_key_html);
} elseif (!isset($printview) || $printview != '1') {
$table_html .= "\n" . '<br /><br />' . "\n";
}
// 6. ----- Prepare "Query results operations"
if ((!isset($printview) || $printview != '1') && !$is_limited_display) {
$table_html .= $this->_getResultsOperations($displayParts, $analyzed_sql_results);
}
return $table_html;
}
/**
* Checks for newest phpMyAdmin version and sets result as a new notice
*
* @return void
*/
function PMA_versionCheck()
{
// version check messages should always be visible so let's make
// a unique message id each time we run it
$message_id = uniqid('version_check');
// Fetch data
$versionInformation = new VersionInformation();
$version_data = $versionInformation->getLatestVersion();
if (empty($version_data)) {
PMA_messagesSet('error', $message_id, __('Version check'), __('Reading of version failed. ' . 'Maybe you\'re offline or the upgrade server does not respond.'));
return;
}
$releases = $version_data->releases;
$latestCompatible = $versionInformation->getLatestCompatibleVersion($releases);
if ($latestCompatible != null) {
$version = $latestCompatible['version'];
$date = $latestCompatible['date'];
} else {
return;
}
$version_upstream = $versionInformation->versionToInt($version);
if ($version_upstream === false) {
PMA_messagesSet('error', $message_id, __('Version check'), __('Got invalid version string from server'));
return;
}
$version_local = $versionInformation->versionToInt($GLOBALS['PMA_Config']->get('PMA_VERSION'));
if ($version_local === false) {
PMA_messagesSet('error', $message_id, __('Version check'), __('Unparsable version string'));
return;
}
if ($version_upstream > $version_local) {
$version = htmlspecialchars($version);
$date = htmlspecialchars($date);
PMA_messagesSet('notice', $message_id, __('Version check'), sprintf(__('A newer version of phpMyAdmin is available and you should consider upgrading. The newest version is %s, released on %s.'), $version, $date));
} else {
if ($version_local % 100 == 0) {
PMA_messagesSet('notice', $message_id, __('Version check'), Sanitize::sanitize(sprintf(__('You are using Git version, run [kbd]git pull[/kbd] :-)[br]The latest stable version is %s, released on %s.'), $version, $date)));
} else {
PMA_messagesSet('notice', $message_id, __('Version check'), __('No newer stable version is available'));
}
}
}
margin: 1em;
}
h1 {
margin: 0;
padding: 0.3em;
font-size: 1.4em;
font-weight: bold;
color: #ffffff;
background-color: #ff0000;
}
p {
margin: 0;
padding: 0.5em;
border: 0.1em solid red;
background-color: #ffeeee;
}
//-->
</style>
</head>
<body>
<h1>phpMyAdmin - <?php
echo $error_header;
?>
</h1>
<p><?php
echo Sanitize::sanitize($error_message);
?>
</p>
</body>
</html>
echo '</label></bdo><br />';
echo '<select id="lang" name="lang" class="autosubmit" lang="en" dir="ltr">';
// create language list
$lang_list = array();
foreach ($all_languages as $each_lang) {
//Is current one active?
$selected = $each_lang->isActive() ? ' selected="selected"' : '';
echo '<option value="', $each_lang->getCode(), '"', $selected, '>', $each_lang->getName(), '</option>', "\n";
}
echo '</select>';
echo '</form>';
// Check for done action info and set notice message if present
switch ($action_done) {
case 'config_saved':
/* Use uniqid to display this message every time configuration is saved */
PMA_messagesSet('notice', uniqid('config_saved'), __('Configuration saved.'), Sanitize::sanitize(__('Configuration saved to file config/config.inc.php in phpMyAdmin ' . 'top level directory, copy it to top level one and delete ' . 'directory config to use it.')));
break;
default:
break;
}
echo '<h2>', __('Overview'), '</h2>';
// message handling
PMA_messagesEnd();
PMA_messagesShowHtml();
echo '<a href="#" id="show_hidden_messages" style="display:none">';
echo __('Show hidden messages (#MSG_COUNT)');
echo '</a>';
echo '<fieldset class="simple"><legend>';
echo __('Servers');
echo '</legend>';
//
$script_name = basename($GLOBALS['PMA_PHP_SELF']);
foreach (array_keys($forms) as $formset) {
$tab = array('link' => 'prefs_forms.php', 'text' => PMA_lang('Form_' . $formset), 'icon' => $tabs_icons[$formset], 'active' => $script_name == 'prefs_forms.php' && $formset == $form_param);
$content .= PMA\libraries\Util::getHtmlTab($tab, array('form' => $formset)) . "\n";
}
echo PMA\libraries\Template::get('list/unordered')->render(array('id' => 'topmenu2', 'class' => 'user_prefs_tabs', 'content' => $content));
echo '<div class="clearfloat"></div>';
// show "configuration saved" message and reload navigation panel if needed
if (!empty($_GET['saved'])) {
Message::rawSuccess(__('Configuration has been saved.'))->display();
}
/* debug code
$arr = $cf->getConfigArray();
$arr2 = array();
foreach ($arr as $k => $v) {
$arr2[] = "<b>$k</b> " . var_export($v, true);
}
$arr2 = implode(', ', $arr2);
$arr2 .= '<br />Blacklist: ' . (empty($cfg['UserprefsDisallow'])
? '<i>empty</i>'
: implode(', ', $cfg['UserprefsDisallow']));
$msg = Message::notice('Settings: ' . $arr2);
$msg->display();
//*/
// warn about using session storage for settings
$cfgRelation = PMA_getRelationsParam();
if (!$cfgRelation['userconfigwork']) {
$msg = __('Your preferences will be saved for current session only. Storing them ' . 'permanently requires %sphpMyAdmin configuration storage%s.');
$msg = Sanitize::sanitize(sprintf($msg, '[doc@linked-tables]', '[/doc]'));
Message::notice($msg)->display();
}