$params['myparam'] = 'myvalue';
$params['db'] = 'mysql';
$params['table'] = 'rights';
note the missing ?
echo 'script.php' . URL::getCommon($params);
produces with cookies enabled:
script.php?myparam=myvalue&db=mysql&table=rights
with cookies disabled:
script.php?server=1&lang=en&myparam=myvalue&db=mysql
&table=rights
note the missing ?
echo 'script.php' . URL::getCommon();
produces with cookies enabled:
script.php
with cookies disabled:
script.php?server=1&lang=en
/** * Tests getHtmlForControlButtons() method * * @return void * @test */ public function testGetHtmlForControlButtons() { $parent = NodeFactory::getInstance('NodeDatabase', 'parent'); $parent->addChild($this->object); $this->object->expects($this->once())->method('getItemType')->will($this->returnValue('itemType')); $html = $this->object->getHtmlForControlButtons(); $this->assertStringStartsWith('<span class="navItemControls">', $html); $this->assertStringEndsWith('</span>', $html); $this->assertContains('<a href="navigation.php' . URL::getCommon() . '&hideNavItem=true&itemType=itemType&itemName=child' . '&dbName=parent" class="hideNavItem ajax">', $html); }
/** * Returns the html for the list filter * * @param ServerStatusData $ServerStatusData Server status data * * @return string */ function PMA_getHtmlForFilter($ServerStatusData) { $filterAlert = ''; if (!empty($_REQUEST['filterAlert'])) { $filterAlert = ' checked="checked"'; } $filterText = ''; if (!empty($_REQUEST['filterText'])) { $filterText = htmlspecialchars($_REQUEST['filterText']); } $dontFormat = ''; if (!empty($_REQUEST['dontFormat'])) { $dontFormat = ' checked="checked"'; } $retval = ''; $retval .= '<fieldset id="tableFilter">'; $retval .= '<legend>' . __('Filters') . '</legend>'; $retval .= '<form action="server_status_variables.php' . URL::getCommon() . '">'; $retval .= '<input type="submit" value="' . __('Refresh') . '" />'; $retval .= '<div class="formelement">'; $retval .= '<label for="filterText">' . __('Containing the word:') . '</label>'; $retval .= '<input name="filterText" type="text" id="filterText" ' . 'value="' . $filterText . '" />'; $retval .= '</div>'; $retval .= '<div class="formelement">'; $retval .= '<input' . $filterAlert . ' type="checkbox" ' . 'name="filterAlert" id="filterAlert" />'; $retval .= '<label for="filterAlert">'; $retval .= __('Show only alert values'); $retval .= '</label>'; $retval .= '</div>'; $retval .= '<div class="formelement">'; $retval .= '<select id="filterCategory" name="filterCategory">'; $retval .= '<option value="">' . __('Filter by category…') . '</option>'; foreach ($ServerStatusData->sections as $section_id => $section_name) { if (isset($ServerStatusData->sectionUsed[$section_id])) { if (!empty($_REQUEST['filterCategory']) && $_REQUEST['filterCategory'] == $section_id) { $selected = ' selected="selected"'; } else { $selected = ''; } $retval .= '<option' . $selected . ' value="' . $section_id . '">'; $retval .= htmlspecialchars($section_name) . '</option>'; } } $retval .= '</select>'; $retval .= '</div>'; $retval .= '<div class="formelement">'; $retval .= '<input' . $dontFormat . ' type="checkbox" ' . 'name="dontFormat" id="dontFormat" />'; $retval .= '<label for="dontFormat">'; $retval .= __('Show unformatted values'); $retval .= '</label>'; $retval .= '</div>'; $retval .= '</form>'; $retval .= '</fieldset>'; return $retval; }
/** * Returns HTML for control buttons displayed infront of a node * * @return String HTML for control buttons */ public function getHtmlForControlButtons() { $ret = ''; $cfgRelation = PMA_getRelationsParam(); if ($cfgRelation['navwork']) { $db = $this->realParent()->real_name; $item = $this->real_name; $ret = '<span class="navItemControls">' . '<a href="navigation.php' . URL::getCommon() . '&hideNavItem=true' . '&itemType=' . urlencode($this->getItemType()) . '&itemName=' . urlencode($item) . '&dbName=' . urlencode($db) . '"' . ' class="hideNavItem ajax">' . PMA\libraries\Util::getImage('hide.png', __('Hide')) . '</a></span>'; } return $ret; }
/** * Returns HTML for control buttons displayed infront of a node * * @return String HTML for control buttons */ public function getHtmlForControlButtons() { $ret = ''; $cfgRelation = PMA_getRelationsParam(); if ($cfgRelation['navwork']) { $db = $this->realParent()->real_name; $item = $this->real_name; $params = array('hideNavItem' => true, 'itemType' => $this->getItemType(), 'itemName' => $item, 'dbName' => $db); $ret = '<span class="navItemControls">' . '<a href="navigation.php' . URL::getCommon($params) . '"' . ' class="hideNavItem ajax">' . PMA\libraries\Util::getImage('hide.png', __('Hide')) . '</a></span>'; } return $ret; }
/** * Tests PMA_getHtmlForUserGroupsTable() function when there are user groups * * @return void */ public function testGetHtmlForUserGroupsTableWithUserGroups() { $expectedQuery = "SELECT * FROM `pmadb`.`usergroups`" . " ORDER BY `usergroup` ASC"; $dbi = $this->getMockBuilder('PMA\\libraries\\DatabaseInterface')->disableOriginalConstructor()->getMock(); $dbi->expects($this->once())->method('tryQuery')->with($expectedQuery)->will($this->returnValue(true)); $dbi->expects($this->once())->method('numRows')->withAnyParameters()->will($this->returnValue(1)); $dbi->expects($this->at(2))->method('fetchAssoc')->withAnyParameters()->will($this->returnValue(array('usergroup' => 'usergroup', 'tab' => 'server_sql', 'allowed' => 'Y'))); $dbi->expects($this->at(3))->method('fetchAssoc')->withAnyParameters()->will($this->returnValue(false)); $dbi->expects($this->once())->method('freeResult'); $GLOBALS['dbi'] = $dbi; $html = PMA_getHtmlForUserGroupsTable(); $this->assertContains('<td>usergroup</td>', $html); $url_tag = '<a class="" href="server_user_groups.php' . URL::getCommon(array('viewUsers' => 1, 'userGroup' => htmlspecialchars('usergroup'))); $this->assertContains($url_tag, $html); $url_tag = '<a class="" href="server_user_groups.php' . URL::getCommon(array('editUserGroup' => 1, 'userGroup' => htmlspecialchars('usergroup'))); $this->assertContains($url_tag, $html); $url_tag = '<a class="deleteUserGroup ajax" href="server_user_groups.php' . URL::getCommon(array('deleteUserGroup' => 1, 'userGroup' => htmlspecialchars('usergroup'))); $this->assertContains($url_tag, $html); }
/** * Get HTML for secondary level menu tabs on 'Users' page * * @param string $selfUrl Url of the file * * @return string HTML for secondary level menu tabs on 'Users' page */ function PMA_getHtmlForSubMenusOnUsersPage($selfUrl) { $url_params = URL::getCommon(); $items = array(array('name' => __('User accounts overview'), 'url' => 'server_privileges.php', 'specific_params' => '&viewing_mode=server')); if ($GLOBALS['is_superuser']) { $items[] = array('name' => __('User groups'), 'url' => 'server_user_groups.php', 'specific_params' => ''); } $retval = '<ul id="topmenu2">'; foreach ($items as $item) { $class = ''; if ($item['url'] === $selfUrl) { $class = ' class="tabactive"'; } $retval .= '<li>'; $retval .= '<a' . $class; $retval .= ' href="' . $item['url'] . $url_params . $item['specific_params'] . '">'; $retval .= $item['name']; $retval .= '</a>'; $retval .= '</li>'; } $retval .= '</ul>'; $retval .= '<div class="clearfloat"></div>'; return $retval; }
/** * Tests for _getHtmlForServerEngine() method * * @return void */ public function testGetHtmlForServerEngine() { $_REQUEST['engine'] = "Pbxt"; $_REQUEST['page'] = "page"; //Mock DBI $dbi = $this->getMockBuilder('PMA\\libraries\\DatabaseInterface')->disableOriginalConstructor()->getMock(); $GLOBALS['dbi'] = $dbi; $class = new ReflectionClass('\\PMA\\libraries\\controllers\\server\\ServerEnginesController'); $method = $class->getMethod('_getHtmlForServerEngine'); $method->setAccessible(true); $engine_plugin = StorageEngine::getEngine("Pbxt"); $ctrl = new ServerEnginesController(); $html = $method->invoke($ctrl, $engine_plugin); //validate 1: Engine title $this->assertContains(htmlspecialchars($engine_plugin->getTitle()), $html); //validate 2: Engine Mysql Help Page $this->assertContains(PMA\libraries\Util::showMySQLDocu($engine_plugin->getMysqlHelpPage()), $html); //validate 3: Engine Comment $this->assertContains(htmlspecialchars($engine_plugin->getComment()), $html); //validate 4: Engine Info Pages $this->assertContains(__('Variables'), $html); $this->assertContains(URL::getCommon(array('engine' => $_REQUEST['engine'], 'page' => "Documentation")), $html); //validate 5: other items $this->assertContains(URL::getCommon(array('engine' => $_REQUEST['engine'])), $html); $this->assertContains($engine_plugin->getSupportInformationMessage(), $html); $this->assertContains('There is no detailed status information available for this ' . 'storage engine.', $html); }
* This test may be bypassed if $is_js_confirmed = 1 (already checked with js) * but since a malicious user may pass this variable by url/form, we don't take * into account this case. */ if (PMA_hasNoRightsToDropDatabase($analyzed_sql_results, $cfg['AllowUserDropDatabase'], $is_superuser)) { Util::mysqlDie(__('"DROP DATABASE" statements are disabled.'), '', false, $err_url); } // end if /** * Need to find the real end of rows? */ if (isset($find_real_end) && $find_real_end) { $unlim_num_rows = PMA_findRealEndOfRows($db, $table); } /** * Bookmark add */ if (isset($_POST['store_bkm'])) { PMA_addBookmark($goto); // script has exited at this point } // end if /** * Sets or modifies the $goto variable if required */ if ($goto == 'sql.php') { $is_gotofile = false; $goto = 'sql.php' . URL::getCommon(array('db' => $db, 'table' => $table, 'sql_query' => $sql_query)); } // end if PMA_executeQueryAndSendQueryResponse($analyzed_sql_results, $is_gotofile, $db, $table, isset($find_real_end) ? $find_real_end : null, isset($import_text) ? $import_text : null, isset($extra_data) ? $extra_data : null, isset($message_to_show) ? $message_to_show : null, isset($message) ? $message : null, isset($sql_data) ? $sql_data : null, $goto, $pmaThemeImage, isset($disp_query) ? $display_query : null, isset($disp_message) ? $disp_message : null, isset($query_type) ? $query_type : null, $sql_query, isset($selected) ? $selected : null, isset($complete_query) ? $complete_query : null);
*/ require_once 'libraries/file_listing.lib.php'; /** * Defines the url to return to in case of error in a sql statement * (at this point, $GLOBALS['goto'] will be set but could be empty) */ if (empty($GLOBALS['goto'])) { if (mb_strlen($table)) { // avoid a problem (see bug #2202709) $GLOBALS['goto'] = 'tbl_sql.php'; } else { $GLOBALS['goto'] = 'db_sql.php'; } } $_url_params = PMA_getUrlParameters($db, $table); $err_url = $GLOBALS['goto'] . URL::getCommon($_url_params); unset($_url_params); $comments_map = PMA_getCommentsMap($db, $table); /** * START REGULAR OUTPUT */ /** * Load JavaScript files */ $response = Response::getInstance(); $header = $response->getHeader(); $scripts = $header->getScripts(); $scripts->addFile('sql.js'); $scripts->addFile('tbl_change.js'); $scripts->addFile('big_ints.js'); $scripts->addFile('jquery/jquery-ui-timepicker-addon.js');
/** * Creates the code for displaying the links * at the top of the navigation panel * * @return string HTML code for the links */ private function _links() { // always iconic $showIcon = true; $showText = false; $retval = '<!-- LINKS START -->'; $retval .= '<div id="navipanellinks">'; $retval .= PMA\libraries\Util::getNavigationLink('index.php' . URL::getCommon(), $showText, __('Home'), $showIcon, 'b_home.png'); // if we have chosen server if ($GLOBALS['server'] != 0) { // Logout for advanced authentication if ($GLOBALS['cfg']['Server']['auth_type'] != 'config') { $text = __('Log out'); } else { $text = __('Empty session data'); } $link = 'logout.php' . $GLOBALS['url_query']; $retval .= PMA\libraries\Util::getNavigationLink($link, $showText, $text, $showIcon, 's_loggoff.png', '', true, '', array('logout')); } $retval .= PMA\libraries\Util::getNavigationLink(PMA\libraries\Util::getDocuLink('index'), $showText, __('phpMyAdmin documentation'), $showIcon, 'b_docs.png', '', false, 'documentation'); $retval .= PMA\libraries\Util::getNavigationLink(PMA\libraries\Util::getMySQLDocuURL('', ''), $showText, __('Documentation'), $showIcon, 'b_sqlhelp.png', '', false, 'mysql_doc'); $retval .= PMA\libraries\Util::getNavigationLink('#', $showText, __('Navigation panel settings'), $showIcon, 's_cog.png', 'pma_navigation_settings_icon', false, '', defined('PMA_DISABLE_NAVI_SETTINGS') ? array('hide') : array()); $retval .= PMA\libraries\Util::getNavigationLink('#', $showText, __('Reload navigation panel'), $showIcon, 's_reload.png', 'pma_navigation_reload'); $retval .= '</div>'; $retval .= '<!-- LINKS ENDS -->'; return $retval; }
/** * Renders the preview for this theme * * @return string * @access public */ public function getPrintPreview() { $url_params = array('set_theme' => $this->getId()); $url = 'index.php' . URL::getCommon($url_params); $retval = '<div class="theme_preview">'; $retval .= '<h2>'; $retval .= htmlspecialchars($this->getName()); $retval .= ' (' . htmlspecialchars($this->getVersion()) . ') '; $retval .= '</h2>'; $retval .= '<p>'; $retval .= '<a class="take_theme" '; $retval .= 'name="' . htmlspecialchars($this->getId()) . '" '; $retval .= 'href="' . $url . '">'; if (@file_exists($this->getPath() . '/screen.png')) { // if screen exists then output $retval .= '<img src="' . $this->getPath() . '/screen.png" border="1"'; $retval .= ' alt="' . htmlspecialchars($this->getName()) . '"'; $retval .= ' title="' . htmlspecialchars($this->getName()) . '" />'; $retval .= '<br />'; } else { $retval .= __('No preview available.'); } $retval .= '[ <strong>' . __('take it') . '</strong> ]'; $retval .= '</a>'; $retval .= '</p>'; $retval .= '</div>'; return $retval; }
$currentSearchId = $savedSearch->getId(); } /** * A query has been submitted -> (maybe) execute it */ $message_to_display = false; if (isset($_REQUEST['submit_sql']) && !empty($sql_query)) { if (!preg_match('@^SELECT@i', $sql_query)) { $message_to_display = true; } else { $goto = 'db_sql.php'; PMA_executeQueryAndSendQueryResponse(null, false, $_REQUEST['db'], null, false, null, null, null, null, null, $goto, $pmaThemeImage, null, null, null, $sql_query, null, null); } } $sub_part = '_qbe'; require 'libraries/db_common.inc.php'; $url_query .= '&goto=db_qbe.php'; $url_params['goto'] = 'db_qbe.php'; list($tables, $num_tables, $total_num_tables, $sub_part, $is_show_stats, $db_is_system_schema, $tooltip_truename, $tooltip_aliasname, $pos) = PMA\libraries\Util::getDbInfo($db, isset($sub_part) ? $sub_part : ''); if ($message_to_display) { PMA\libraries\Message::error(__('You have to choose at least one column to display!'))->display(); } unset($message_to_display); // create new qbe search instance $db_qbe = new PMA\libraries\DbQbe($GLOBALS['db'], $savedSearchList, $savedSearch); $url = 'db_designer.php' . URL::getCommon(array_merge($url_params, array('query' => 1))); $response->addHTML(PMA\libraries\Message::notice(sprintf(__('Switch to %svisual builder%s'), '<a href="' . $url . '">', '</a>'))); /** * Displays the Query by example form */ $response->addHTML($db_qbe->getSelectionForm());
/** * Returns link to (possibly) external site using defined redirector. * * @param string $url URL where to go. * * @return string URL for a link. */ function PMA_linkURL($url) { if (!preg_match('#^https?://#', $url)) { return $url; } $params = array(); $params['url'] = $url; $url = URL::getCommon($params); //strip off token and such sensitive information. Just keep url. $arr = parse_url($url); parse_str($arr["query"], $vars); $query = http_build_query(array("url" => $vars["url"])); if (defined('PMA_SETUP')) { $url = '../url.php?' . $query; } else { $url = './url.php?' . $query; } return $url; }
/** * Returns HTML for control buttons displayed infront of a node * * @return String HTML for control buttons */ public function getHtmlForControlButtons() { $ret = ''; $cfgRelation = PMA_getRelationsParam(); if ($cfgRelation['navwork']) { if ($this->hiddenCount > 0) { $ret = '<span class="dbItemControls">' . '<a href="navigation.php' . URL::getCommon() . '&showUnhideDialog=true' . '&dbName=' . urldecode($this->real_name) . '"' . ' class="showUnhide ajax">' . Util::getImage('show.png', __('Show hidden items')) . '</a></span>'; } } return $ret; }
/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) */ public function authFails() { $conn_error = $GLOBALS['dbi']->getError(); if (!$conn_error) { $conn_error = __('Cannot connect: invalid settings.'); } /* HTML header */ $response = PMA\libraries\Response::getInstance(); $response->getFooter()->setMinimal(); $header = $response->getHeader(); $header->setBodyId('loginform'); $header->setTitle(__('Access denied!')); $header->disableMenuAndConsole(); echo '<br /><br /> <center> <h1>'; echo sprintf(__('Welcome to %s'), ' phpMyAdmin '); echo '</h1> </center> <br /> <table cellpadding="0" cellspacing="3" style="margin: 0 auto" width="80%"> <tr> <td>'; if (isset($GLOBALS['allowDeny_forbidden']) && $GLOBALS['allowDeny_forbidden']) { trigger_error(__('Access denied!'), E_USER_NOTICE); } else { // Check whether user has configured something if ($GLOBALS['PMA_Config']->source_mtime == 0) { echo '<p>', sprintf(__('You probably did not create a configuration file.' . ' You might want to use the %1$ssetup script%2$s to' . ' create one.'), '<a href="setup/">', '</a>'), '</p>', "\n"; } elseif (!isset($GLOBALS['errno']) || isset($GLOBALS['errno']) && $GLOBALS['errno'] != 2002 && $GLOBALS['errno'] != 2003) { // if we display the "Server not responding" error, do not confuse // users by telling them they have a settings problem // (note: it's true that they could have a badly typed host name, // but anyway the current message tells that the server // rejected the connection, which is not really what happened) // 2002 is the error given by mysqli // 2003 is the error given by mysql trigger_error(__('phpMyAdmin tried to connect to the MySQL server, and the' . ' server rejected the connection. You should check the' . ' host, username and password in your configuration and' . ' make sure that they correspond to the information given' . ' by the administrator of the MySQL server.'), E_USER_WARNING); } echo PMA\libraries\Util::mysqlDie($conn_error, '', true, '', false); } $GLOBALS['error_handler']->dispUserErrors(); echo '</td> </tr> <tr> <td>', "\n"; echo '<a href="', PMA\libraries\Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabServer'], 'server'), URL::getCommon(), '" class="button disableAjax">', __('Retry to connect'), '</a>', "\n"; echo '</td> </tr>', "\n"; if (count($GLOBALS['cfg']['Servers']) > 1) { // offer a chance to login to other servers if the current one failed include_once './libraries/select_server.lib.php'; echo '<tr>', "\n"; echo ' <td>', "\n"; echo PMA_selectServer(true, true); echo ' </td>', "\n"; echo '</tr>', "\n"; } echo '</table>', "\n"; if (!defined('TESTSUITE')) { exit; } return true; }
} else { if (empty($goto) || !preg_match('@^(server|db|tbl)(_[a-z]*)*\\.php$@i', $goto)) { if (mb_strlen($table) && mb_strlen($db)) { $goto = 'tbl_structure.php'; } elseif (mb_strlen($db)) { $goto = 'db_structure.php'; } else { $goto = 'server_sql.php'; } } if (mb_strlen($table) && mb_strlen($db)) { $common = URL::getCommon(array('db' => $db, 'table' => $table)); } elseif (mb_strlen($db)) { $common = URL::getCommon(array('db' => $db)); } else { $common = URL::getCommon(); } $err_url = $goto . $common . (preg_match('@^tbl_[a-z]*\\.php$@', $goto) ? '&table=' . htmlspecialchars($table) : ''); $_SESSION['Import_message']['go_back_url'] = $err_url; } // Avoid setting selflink to 'import.php' // problem similar to bug 4276 if (basename($_SERVER['SCRIPT_NAME']) === 'import.php') { $_SERVER['SCRIPT_NAME'] = $goto; } if (mb_strlen($db)) { $GLOBALS['dbi']->selectDb($db); } @set_time_limit($cfg['ExecTimeLimit']); if (!empty($cfg['MemoryLimit'])) { @ini_set('memory_limit', $cfg['MemoryLimit']);
/** * Test for PMA_getHtmlHeaderForUserProperties * * @return void */ public function testPMAGetHtmlHeaderForUserProperties() { $dbname_is_wildcard = true; $url_dbname = "url_dbname"; $dbname = "dbname"; $username = "******"; $hostname = "hostname"; $tablename = "tablename"; $_REQUEST['tablename'] = "tablename"; $html = PMA_getHtmlHeaderForUserProperties( $dbname_is_wildcard, $url_dbname, $dbname, $username, $hostname, $tablename, 'table' ); //title $this->assertContains( __('Edit privileges:'), $html ); $this->assertContains( __('User account'), $html ); //URL::getCommon $item = URL::getCommon( array( 'username' => $username, 'hostname' => $hostname, 'dbname' => '', 'tablename' => '', ) ); $this->assertContains( $item, $html ); //$username & $hostname $this->assertContains( htmlspecialchars($username), $html ); $this->assertContains( htmlspecialchars($hostname), $html ); //$dbname_is_wildcard = true $this->assertContains( __('Databases'), $html ); //$dbname_is_wildcard = true $this->assertContains( __('Databases'), $html ); //URL::getCommon $item = URL::getCommon( array( 'username' => $username, 'hostname' => $hostname, 'dbname' => $url_dbname, 'tablename' => '', ) ); $this->assertContains( $item, $html ); $this->assertContains( $dbname, $html ); }
include_once './libraries/tbl_common.inc.php'; } else { $table = ''; include_once './libraries/db_common.inc.php'; list($tables, $num_tables, $total_num_tables, $sub_part, $is_show_stats, $db_is_system_schema, $tooltip_truename, $tooltip_aliasname, $pos) = PMA\libraries\Util::getDbInfo($db, isset($sub_part) ? $sub_part : ''); } } else { /** * Since we did not include some libraries, we need * to manually select the required database and * create the missing $url_query variable */ if (strlen($db) > 0) { $GLOBALS['dbi']->selectDb($db); if (!isset($url_query)) { $url_query = URL::getCommon(array('db' => $db, 'table' => $table)); } } } /** * Generate the conditional classes that will * be used to attach jQuery events to links */ $ajax_class = array('add' => 'class="ajax add_anchor"', 'edit' => 'class="ajax edit_anchor"', 'exec' => 'class="ajax exec_anchor"', 'drop' => 'class="ajax drop_anchor"', 'export' => 'class="ajax export_anchor"'); /** * Create labels for the list */ $titles = PMA\libraries\Util::buildActionTitles(); /** * Keep a list of errors that occurred while * processing an 'Add' or 'Edit' operation.
/** * Loads common scripts * * @return void */ private function _addDefaultScripts() { // Localised strings $params = array('lang' => $GLOBALS['lang']); if (isset($GLOBALS['db'])) { $params['db'] = $GLOBALS['db']; } $this->_scripts->addFile('jquery/jquery-2.1.4.min.js'); $this->_scripts->addFile('whitelist.php' . URL::getCommon($params), false, true); $this->_scripts->addFile('sprintf.js'); $this->_scripts->addFile('ajax.js'); $this->_scripts->addFile('keyhandler.js'); $this->_scripts->addFile('jquery/jquery-ui-1.11.4.min.js'); $this->_scripts->addFile('jquery/jquery.cookie.js'); $this->_scripts->addFile('jquery/jquery.mousewheel.js'); $this->_scripts->addFile('jquery/jquery.event.drag-2.2.js'); $this->_scripts->addFile('jquery/jquery-ui-timepicker-addon.js'); $this->_scripts->addFile('jquery/jquery.ba-hashchange-1.3.js'); $this->_scripts->addFile('jquery/jquery.debounce-1.0.5.js'); $this->_scripts->addFile('menu-resizer.js'); // Cross-framing protection if ($GLOBALS['cfg']['AllowThirdPartyFraming'] === false) { $this->_scripts->addFile('cross_framing_protection.js'); } $this->_scripts->addFile('rte.js'); if ($GLOBALS['cfg']['SendErrorReports'] !== 'never') { $this->_scripts->addFile('tracekit/tracekit.js'); $this->_scripts->addFile('error_report.js'); } // Here would not be a good place to add CodeMirror because // the user preferences have not been merged at this point $this->_scripts->addFile('messages.php' . URL::getCommon($params)); // Append the theme id to this url to invalidate // the cache on a theme change. Though this might be // unavailable for fatal errors. if (isset($_SESSION['PMA_Theme'])) { $theme_id = urlencode($_SESSION['PMA_Theme']->getId()); } else { $theme_id = 'default'; } $this->_scripts->addFile('get_image.js.php?theme=' . $theme_id); $this->_scripts->addFile('config.js'); $this->_scripts->addFile('doclinks.js'); $this->_scripts->addFile('functions.js'); $this->_scripts->addFile('navigation.js'); $this->_scripts->addFile('indexes.js'); $this->_scripts->addFile('common.js'); $this->_scripts->addFile('page_settings.js'); if (!$GLOBALS['cfg']['DisableShortcutKeys']) { $this->_scripts->addFile('shortcuts_handler.js'); } $this->_scripts->addCode($this->getJsParamsCode()); }
/** * Function to get html for one data manipulation statement * * @param array $entry entry * @param array $filter_users filter users * @param int $filter_ts_from filter time stamp from * @param int $filter_ts_to filter time stamp to * @param string $style style * @param int $line_number line number * @param array $url_params url parameters * @param int $offset line number offset * @param string $drop_image_or_text drop image or text * @param string $delete_param parameter for delete * * @return string */ function PMA_getHtmlForOneStatement($entry, $filter_users, $filter_ts_from, $filter_ts_to, $style, $line_number, $url_params, $offset, $drop_image_or_text, $delete_param) { $statement = PMA\libraries\Util::formatSql($entry['statement'], true); $timestamp = strtotime($entry['date']); $filtered_user = in_array($entry['username'], $filter_users); $html = null; if ($timestamp >= $filter_ts_from && $timestamp <= $filter_ts_to && (in_array('*', $filter_users) || $filtered_user)) { $html = '<tr class="noclick ' . $style . '">'; $html .= '<td class="right"><small>' . $line_number . '</small></td>'; $html .= '<td><small>' . htmlspecialchars($entry['date']) . '</small></td>'; $html .= '<td><small>' . htmlspecialchars($entry['username']) . '</small></td>'; $html .= '<td>' . $statement . '</td>'; $html .= '<td class="nowrap"><a class="delete_entry_anchor ajax"' . ' href="tbl_tracking.php' . URL::getCommon($url_params + array('report' => 'true', 'version' => $_REQUEST['version'], $delete_param => $line_number - $offset)) . '">' . $drop_image_or_text . '</a></td>'; $html .= '</tr>'; } return $html; }
/** * Handles actions related to multiple tables * * @return void */ public function multiSubmitAction() { $action = 'db_structure.php'; $err_url = 'db_structure.php' . URL::getCommon(array('db' => $this->db)); // see bug #2794840; in this case, code path is: // db_structure.php -> libraries/mult_submits.inc.php -> sql.php // -> db_structure.php and if we got an error on the multi submit, // we must display it here and not call again mult_submits.inc.php if (!isset($_POST['error']) || false === $_POST['error']) { include 'libraries/mult_submits.inc.php'; } if (empty($_POST['message'])) { $_POST['message'] = Message::success(); } }
/** * Returns the breadcrumbs as HTML * * @return string HTML formatted breadcrumbs */ private function _getBreadcrumbs() { $retval = ''; $tbl_is_view = $GLOBALS['dbi']->getTable($this->_db, $this->_table)->isView(); if (empty($GLOBALS['cfg']['Server']['host'])) { $GLOBALS['cfg']['Server']['host'] = ''; } $server_info = !empty($GLOBALS['cfg']['Server']['verbose']) ? $GLOBALS['cfg']['Server']['verbose'] : $GLOBALS['cfg']['Server']['host']; $server_info .= empty($GLOBALS['cfg']['Server']['port']) ? '' : ':' . $GLOBALS['cfg']['Server']['port']; $separator = "<span class='separator item'> »</span>"; $item = '<a href="%1$s%2$s" class="item">'; if (Util::showText('TabsMode')) { $item .= '%4$s: '; } $item .= '%3$s</a>'; $retval .= "<div id='floating_menubar'></div>"; $retval .= "<div id='serverinfo'>"; if (Util::showIcons('TabsMode')) { $retval .= Util::getImage('s_host.png', '', array('class' => 'item')); } $retval .= sprintf($item, Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabServer'], 'server'), URL::getCommon(), htmlspecialchars($server_info), __('Server')); if (strlen($this->_db) > 0) { $retval .= $separator; if (Util::showIcons('TabsMode')) { $retval .= Util::getImage('s_db.png', '', array('class' => 'item')); } $retval .= sprintf($item, Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabDatabase'], 'database'), URL::getCommon(array('db' => $this->_db)), htmlspecialchars($this->_db), __('Database')); // if the table is being dropped, $_REQUEST['purge'] is set to '1' // so do not display the table name in upper div if (strlen($this->_table) > 0 && !(isset($_REQUEST['purge']) && $_REQUEST['purge'] == '1')) { include './libraries/tbl_info.inc.php'; $retval .= $separator; if (Util::showIcons('TabsMode')) { $icon = $tbl_is_view ? 'b_views.png' : 's_tbl.png'; $retval .= Util::getImage($icon, '', array('class' => 'item')); } $retval .= sprintf($item, Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabTable'], 'table'), URL::getCommon(array('db' => $this->_db, 'table' => $this->_table)), str_replace(' ', ' ', htmlspecialchars($this->_table)), $tbl_is_view ? __('View') : __('Table')); /** * Displays table comment */ if (!empty($show_comment) && !isset($GLOBALS['avoid_show_comment'])) { if (mb_strstr($show_comment, '; InnoDB free')) { $show_comment = preg_replace('@; InnoDB free:.*?$@', '', $show_comment); } $retval .= '<span class="table_comment"'; $retval .= ' id="span_table_comment">"'; $retval .= htmlspecialchars($show_comment); $retval .= '"</span>'; } // end if } else { // no table selected, display database comment if present $cfgRelation = PMA_getRelationsParam(); // Get additional information about tables for tooltip is done // in Util::getDbInfo() only once if ($cfgRelation['commwork']) { $comment = PMA_getDbComment($this->_db); /** * Displays table comment */ if (!empty($comment)) { $retval .= '<span class="table_comment"' . ' id="span_table_comment">"' . htmlspecialchars($comment) . '"</span>'; } // end if } } } $retval .= '<div class="clearfloat"></div>'; $retval .= '</div>'; return $retval; }
/** * Test for PMA_getHtmlForServerProcessItem * * @return void */ public function testPMAGetHtmlForServerProcessItem() { //parameters $process = array("user" => "User1", "host" => "Host1", "id" => "Id1", "db" => "db1", "command" => "Command1", "info" => "Info1", "state" => "State1", "time" => "Time1"); $show_full_sql = true; $_REQUEST['sort_order'] = "desc"; $_REQUEST['order_by_field'] = "process"; $GLOBALS['cfg']['MaxCharactersInDisplayedSQL'] = 12; //Call the test function $html = PMA_getHtmlForServerProcessItem($process, $show_full_sql); //validate 1: $kill_process $url_params = array('kill' => $process['id'], 'ajax_request' => true); $kill_process = 'server_status_processes.php' . URL::getCommon($url_params); $this->assertContains($kill_process, $html); $this->assertContains('ajax kill_process', $html); $this->assertContains(__('Kill'), $html); //validate 2: $process['User'] $this->assertContains(htmlspecialchars($process['user']), $html); //validate 3: $process['Host'] $this->assertContains(htmlspecialchars($process['host']), $html); //validate 4: $process['db'] $this->assertContains(__('None'), $html); //validate 5: $process['Command'] $this->assertContains(htmlspecialchars($process['command']), $html); //validate 6: $process['Time'] $this->assertContains($process['time'], $html); //validate 7: $process['state'] $this->assertContains($process['state'], $html); //validate 8: $process['info'] $this->assertContains($process['info'], $html); unset($process['info']); $html = PMA_getHtmlForServerProcessItem($process, $show_full_sql); $this->assertContains('---', $html); }
/** * Tests getItemUnhideDialog() method. * * @return void * @test */ public function testGetItemUnhideDialog() { $expectedQuery = "SELECT `item_name`, `item_type`" . " FROM `pmadb`.`navigationhiding`" . " WHERE `username`='user' AND `db_name`='db' AND `table_name`=''"; $dbi = $this->getMockBuilder('PMA\\libraries\\DatabaseInterface')->disableOriginalConstructor()->getMock(); $dbi->expects($this->once())->method('tryQuery')->with($expectedQuery)->will($this->returnValue(true)); $dbi->expects($this->at(1))->method('fetchArray')->will($this->returnValue(array('item_name' => 'tableName', 'item_type' => 'table'))); $dbi->expects($this->at(2))->method('fetchArray')->will($this->returnValue(array('item_name' => 'viewName', 'item_type' => 'view'))); $dbi->expects($this->at(3))->method('fetchArray')->will($this->returnValue(false)); $dbi->expects($this->once())->method('freeResult'); $GLOBALS['dbi'] = $dbi; $html = $this->object->getItemUnhideDialog('db'); $this->assertContains('<td>tableName</td>', $html); $this->assertContains('<a href="navigation.php' . URL::getCommon() . '&unhideNavItem=true&itemType=table&itemName=tableName&dbName=db"' . ' class="unhideNavItem ajax">', $html); }
/** * Prints link templates * * @return string */ private function _getHtmlForLinkTemplates() { $url = 'server_variables.php' . URL::getCommon(); return Template::get('server/variables/link_template')->render(array('url' => $url)); }
/** * Prints Every Item of Server Process * * @param array $process data of Every Item of Server Process * @param bool $show_full_sql show full sql or not * * @return string */ function PMA_getHtmlForServerProcessItem($process, $show_full_sql) { // Array keys need to modify due to the way it has used // to display column values if (!empty($_REQUEST['order_by_field']) && !empty($_REQUEST['sort_order']) || !empty($_REQUEST['showExecuting'])) { foreach (array_keys($process) as $key) { $new_key = ucfirst(mb_strtolower($key)); if ($new_key !== $key) { $process[$new_key] = $process[$key]; unset($process[$key]); } } } $url_params = array('kill' => $process['Id'], 'ajax_request' => true); $kill_process = 'server_status_processes.php' . URL::getCommon($url_params); $retval = '<tr>'; $retval .= '<td><a class="ajax kill_process" href="' . $kill_process . '">' . __('Kill') . '</a></td>'; $retval .= '<td class="value">' . $process['Id'] . '</td>'; $retval .= '<td>' . htmlspecialchars($process['User']) . '</td>'; $retval .= '<td>' . htmlspecialchars($process['Host']) . '</td>'; $retval .= '<td>' . (!isset($process['db']) || strlen($process['db']) === 0 ? '<i>' . __('None') . '</i>' : htmlspecialchars($process['db'])) . '</td>'; $retval .= '<td>' . htmlspecialchars($process['Command']) . '</td>'; $retval .= '<td class="value">' . $process['Time'] . '</td>'; $processStatusStr = empty($process['State']) ? '---' : $process['State']; $retval .= '<td>' . $processStatusStr . '</td>'; $processProgress = empty($process['Progress']) ? '---' : $process['Progress']; $retval .= '<td>' . $processProgress . '</td>'; $retval .= '<td>'; if (empty($process['Info'])) { $retval .= '---'; } else { $retval .= Util::formatSql($process['Info'], !$show_full_sql); } $retval .= '</td>'; $retval .= '</tr>'; return $retval; }
/** * Test for _getHtmlForLinkTemplates() * * @return void */ public function testGetHtmlForLinkTemplates() { $class = new ReflectionClass('\\PMA\\libraries\\controllers\\server\\ServerVariablesController'); $method = $class->getMethod('_getHtmlForLinkTemplates'); $method->setAccessible(true); $container = Container::getDefaultContainer(); $container->factory('PMA\\libraries\\controllers\\server\\ServerVariablesController'); $container->alias('ServerVariablesController', 'PMA\\libraries\\controllers\\server\\ServerVariablesController'); $ctrl = $container->get('ServerVariablesController'); //Call the test function $html = $method->invoke($ctrl); $url = 'server_variables.php' . URL::getCommon(array()); //validate 1: URL $this->assertContains($url, $html); //validate 2: images $this->assertContains(PMA\libraries\Util::getIcon('b_save.png', __('Save')), $html); $this->assertContains(PMA\libraries\Util::getIcon('b_close.png', __('Cancel')), $html); }
/** * returns html code for db link to default db page * * @param string $database database * * @return string html link to default db page */ public static function getDbLink($database = null) { if (strlen($database) === 0) { if (strlen($GLOBALS['db']) === 0) { return ''; } $database = $GLOBALS['db']; } else { $database = self::unescapeMysqlWildcards($database); } return '<a href="' . Util::getScriptNameForOption( $GLOBALS['cfg']['DefaultTabDatabase'], 'database' ) . URL::getCommon(array('db' => $database)) . '" title="' . htmlspecialchars( sprintf( __('Jump to database "%s".'), $database ) ) . '">' . htmlspecialchars($database) . '</a>'; }
} exit; } } // end if (ensures db exists) /** * Changes database charset if requested by the user */ if (isset($_REQUEST['submitcollation']) && isset($_REQUEST['db_collation']) && !empty($_REQUEST['db_collation'])) { list($db_charset) = explode('_', $_REQUEST['db_collation']); $sql_query = 'ALTER DATABASE ' . PMA\libraries\Util::backquote($db) . ' DEFAULT' . Util::getCharsetQueryPart($_REQUEST['db_collation']); $result = $GLOBALS['dbi']->query($sql_query); $message = Message::success(); unset($db_charset); /** * If we are in an Ajax request, let us stop the execution here. Necessary for * db charset change action on db_operations.php. If this causes a bug on * other pages, we might have to move this to a different location. */ if ($GLOBALS['is_ajax_request'] == true) { $response = PMA\libraries\Response::getInstance(); $response->setRequestStatus($message->isSuccess()); $response->addJSON('message', $message); exit; } } /** * Set parameters for links */ $url_query = URL::getCommon(array('db' => $db));
/** * Get the HTML for Referential Integrity check * * @param array $foreign all Relations to foreign tables for a given table * or optionally a given column in a table * @param array $url_params array of url parameters * * @return string $html_output */ function PMA_getHtmlForReferentialIntegrityCheck($foreign, $url_params) { $html_output = '<div class="operations_half_width">' . '<fieldset>' . '<legend>' . __('Check referential integrity:') . '</legend>'; $html_output .= '<ul>'; foreach ($foreign as $master => $arr) { $join_query = 'SELECT ' . Util::backquote($GLOBALS['table']) . '.*' . ' FROM ' . Util::backquote($GLOBALS['table']) . ' LEFT JOIN ' . Util::backquote($arr['foreign_db']) . '.' . Util::backquote($arr['foreign_table']); if ($arr['foreign_table'] == $GLOBALS['table']) { $foreign_table = $GLOBALS['table'] . '1'; $join_query .= ' AS ' . Util::backquote($foreign_table); } else { $foreign_table = $arr['foreign_table']; } $join_query .= ' ON ' . Util::backquote($GLOBALS['table']) . '.' . Util::backquote($master) . ' = ' . Util::backquote($arr['foreign_db']) . '.' . Util::backquote($foreign_table) . '.' . Util::backquote($arr['foreign_field']) . ' WHERE ' . Util::backquote($arr['foreign_db']) . '.' . Util::backquote($foreign_table) . '.' . Util::backquote($arr['foreign_field']) . ' IS NULL AND ' . Util::backquote($GLOBALS['table']) . '.' . Util::backquote($master) . ' IS NOT NULL'; $this_url_params = array_merge($url_params, array('sql_query' => $join_query)); $html_output .= '<li>' . '<a href="sql.php' . URL::getCommon($this_url_params) . '">' . $master . ' -> ' . $arr['foreign_db'] . '.' . $arr['foreign_table'] . '.' . $arr['foreign_field'] . '</a></li>' . "\n"; } // foreach $foreign $html_output .= '</ul></fieldset></div>'; return $html_output; }