$params['myparam'] = 'myvalue';
$params['db'] = 'mysql';
$params['table'] = 'rights';
note the missing ?
echo 'script.php' . URL::getCommon($params);
produces with cookies enabled:
script.php?myparam=myvalue&db=mysql&table=rights
with cookies disabled:
script.php?server=1&lang=en&myparam=myvalue&db=mysql
&table=rights
note the missing ?
echo 'script.php' . URL::getCommon();
produces with cookies enabled:
script.php
with cookies disabled:
script.php?server=1&lang=en
/**
* Tests getHtmlForControlButtons() method
*
* @return void
* @test
*/
public function testGetHtmlForControlButtons()
{
$parent = NodeFactory::getInstance('NodeDatabase', 'parent');
$parent->addChild($this->object);
$this->object->expects($this->once())->method('getItemType')->will($this->returnValue('itemType'));
$html = $this->object->getHtmlForControlButtons();
$this->assertStringStartsWith('<span class="navItemControls">', $html);
$this->assertStringEndsWith('</span>', $html);
$this->assertContains('<a href="navigation.php' . URL::getCommon() . '&hideNavItem=true&itemType=itemType&itemName=child' . '&dbName=parent" class="hideNavItem ajax">', $html);
}
/**
* Returns the html for the list filter
*
* @param ServerStatusData $ServerStatusData Server status data
*
* @return string
*/
function PMA_getHtmlForFilter($ServerStatusData)
{
$filterAlert = '';
if (!empty($_REQUEST['filterAlert'])) {
$filterAlert = ' checked="checked"';
}
$filterText = '';
if (!empty($_REQUEST['filterText'])) {
$filterText = htmlspecialchars($_REQUEST['filterText']);
}
$dontFormat = '';
if (!empty($_REQUEST['dontFormat'])) {
$dontFormat = ' checked="checked"';
}
$retval = '';
$retval .= '<fieldset id="tableFilter">';
$retval .= '<legend>' . __('Filters') . '</legend>';
$retval .= '<form action="server_status_variables.php' . URL::getCommon() . '">';
$retval .= '<input type="submit" value="' . __('Refresh') . '" />';
$retval .= '<div class="formelement">';
$retval .= '<label for="filterText">' . __('Containing the word:') . '</label>';
$retval .= '<input name="filterText" type="text" id="filterText" ' . 'value="' . $filterText . '" />';
$retval .= '</div>';
$retval .= '<div class="formelement">';
$retval .= '<input' . $filterAlert . ' type="checkbox" ' . 'name="filterAlert" id="filterAlert" />';
$retval .= '<label for="filterAlert">';
$retval .= __('Show only alert values');
$retval .= '</label>';
$retval .= '</div>';
$retval .= '<div class="formelement">';
$retval .= '<select id="filterCategory" name="filterCategory">';
$retval .= '<option value="">' . __('Filter by category…') . '</option>';
foreach ($ServerStatusData->sections as $section_id => $section_name) {
if (isset($ServerStatusData->sectionUsed[$section_id])) {
if (!empty($_REQUEST['filterCategory']) && $_REQUEST['filterCategory'] == $section_id) {
$selected = ' selected="selected"';
} else {
$selected = '';
}
$retval .= '<option' . $selected . ' value="' . $section_id . '">';
$retval .= htmlspecialchars($section_name) . '</option>';
}
}
$retval .= '</select>';
$retval .= '</div>';
$retval .= '<div class="formelement">';
$retval .= '<input' . $dontFormat . ' type="checkbox" ' . 'name="dontFormat" id="dontFormat" />';
$retval .= '<label for="dontFormat">';
$retval .= __('Show unformatted values');
$retval .= '</label>';
$retval .= '</div>';
$retval .= '</form>';
$retval .= '</fieldset>';
return $retval;
}
/**
* Returns HTML for control buttons displayed infront of a node
*
* @return String HTML for control buttons
*/
public function getHtmlForControlButtons()
{
$ret = '';
$cfgRelation = PMA_getRelationsParam();
if ($cfgRelation['navwork']) {
$db = $this->realParent()->real_name;
$item = $this->real_name;
$ret = '<span class="navItemControls">' . '<a href="navigation.php' . URL::getCommon() . '&hideNavItem=true' . '&itemType=' . urlencode($this->getItemType()) . '&itemName=' . urlencode($item) . '&dbName=' . urlencode($db) . '"' . ' class="hideNavItem ajax">' . PMA\libraries\Util::getImage('hide.png', __('Hide')) . '</a></span>';
}
return $ret;
}
/**
* Returns HTML for control buttons displayed infront of a node
*
* @return String HTML for control buttons
*/
public function getHtmlForControlButtons()
{
$ret = '';
$cfgRelation = PMA_getRelationsParam();
if ($cfgRelation['navwork']) {
$db = $this->realParent()->real_name;
$item = $this->real_name;
$params = array('hideNavItem' => true, 'itemType' => $this->getItemType(), 'itemName' => $item, 'dbName' => $db);
$ret = '<span class="navItemControls">' . '<a href="navigation.php' . URL::getCommon($params) . '"' . ' class="hideNavItem ajax">' . PMA\libraries\Util::getImage('hide.png', __('Hide')) . '</a></span>';
}
return $ret;
}
/**
* Tests PMA_getHtmlForUserGroupsTable() function when there are user groups
*
* @return void
*/
public function testGetHtmlForUserGroupsTableWithUserGroups()
{
$expectedQuery = "SELECT * FROM `pmadb`.`usergroups`" . " ORDER BY `usergroup` ASC";
$dbi = $this->getMockBuilder('PMA\\libraries\\DatabaseInterface')->disableOriginalConstructor()->getMock();
$dbi->expects($this->once())->method('tryQuery')->with($expectedQuery)->will($this->returnValue(true));
$dbi->expects($this->once())->method('numRows')->withAnyParameters()->will($this->returnValue(1));
$dbi->expects($this->at(2))->method('fetchAssoc')->withAnyParameters()->will($this->returnValue(array('usergroup' => 'usergroup', 'tab' => 'server_sql', 'allowed' => 'Y')));
$dbi->expects($this->at(3))->method('fetchAssoc')->withAnyParameters()->will($this->returnValue(false));
$dbi->expects($this->once())->method('freeResult');
$GLOBALS['dbi'] = $dbi;
$html = PMA_getHtmlForUserGroupsTable();
$this->assertContains('<td>usergroup</td>', $html);
$url_tag = '<a class="" href="server_user_groups.php' . URL::getCommon(array('viewUsers' => 1, 'userGroup' => htmlspecialchars('usergroup')));
$this->assertContains($url_tag, $html);
$url_tag = '<a class="" href="server_user_groups.php' . URL::getCommon(array('editUserGroup' => 1, 'userGroup' => htmlspecialchars('usergroup')));
$this->assertContains($url_tag, $html);
$url_tag = '<a class="deleteUserGroup ajax" href="server_user_groups.php' . URL::getCommon(array('deleteUserGroup' => 1, 'userGroup' => htmlspecialchars('usergroup')));
$this->assertContains($url_tag, $html);
}
/**
* Get HTML for secondary level menu tabs on 'Users' page
*
* @param string $selfUrl Url of the file
*
* @return string HTML for secondary level menu tabs on 'Users' page
*/
function PMA_getHtmlForSubMenusOnUsersPage($selfUrl)
{
$url_params = URL::getCommon();
$items = array(array('name' => __('User accounts overview'), 'url' => 'server_privileges.php', 'specific_params' => '&viewing_mode=server'));
if ($GLOBALS['is_superuser']) {
$items[] = array('name' => __('User groups'), 'url' => 'server_user_groups.php', 'specific_params' => '');
}
$retval = '<ul id="topmenu2">';
foreach ($items as $item) {
$class = '';
if ($item['url'] === $selfUrl) {
$class = ' class="tabactive"';
}
$retval .= '<li>';
$retval .= '<a' . $class;
$retval .= ' href="' . $item['url'] . $url_params . $item['specific_params'] . '">';
$retval .= $item['name'];
$retval .= '</a>';
$retval .= '</li>';
}
$retval .= '</ul>';
$retval .= '<div class="clearfloat"></div>';
return $retval;
}
/**
* Tests for _getHtmlForServerEngine() method
*
* @return void
*/
public function testGetHtmlForServerEngine()
{
$_REQUEST['engine'] = "Pbxt";
$_REQUEST['page'] = "page";
//Mock DBI
$dbi = $this->getMockBuilder('PMA\\libraries\\DatabaseInterface')->disableOriginalConstructor()->getMock();
$GLOBALS['dbi'] = $dbi;
$class = new ReflectionClass('\\PMA\\libraries\\controllers\\server\\ServerEnginesController');
$method = $class->getMethod('_getHtmlForServerEngine');
$method->setAccessible(true);
$engine_plugin = StorageEngine::getEngine("Pbxt");
$ctrl = new ServerEnginesController();
$html = $method->invoke($ctrl, $engine_plugin);
//validate 1: Engine title
$this->assertContains(htmlspecialchars($engine_plugin->getTitle()), $html);
//validate 2: Engine Mysql Help Page
$this->assertContains(PMA\libraries\Util::showMySQLDocu($engine_plugin->getMysqlHelpPage()), $html);
//validate 3: Engine Comment
$this->assertContains(htmlspecialchars($engine_plugin->getComment()), $html);
//validate 4: Engine Info Pages
$this->assertContains(__('Variables'), $html);
$this->assertContains(URL::getCommon(array('engine' => $_REQUEST['engine'], 'page' => "Documentation")), $html);
//validate 5: other items
$this->assertContains(URL::getCommon(array('engine' => $_REQUEST['engine'])), $html);
$this->assertContains($engine_plugin->getSupportInformationMessage(), $html);
$this->assertContains('There is no detailed status information available for this ' . 'storage engine.', $html);
}
* This test may be bypassed if $is_js_confirmed = 1 (already checked with js)
* but since a malicious user may pass this variable by url/form, we don't take
* into account this case.
*/
if (PMA_hasNoRightsToDropDatabase($analyzed_sql_results, $cfg['AllowUserDropDatabase'], $is_superuser)) {
Util::mysqlDie(__('"DROP DATABASE" statements are disabled.'), '', false, $err_url);
}
// end if
/**
* Need to find the real end of rows?
*/
if (isset($find_real_end) && $find_real_end) {
$unlim_num_rows = PMA_findRealEndOfRows($db, $table);
}
/**
* Bookmark add
*/
if (isset($_POST['store_bkm'])) {
PMA_addBookmark($goto);
// script has exited at this point
}
// end if
/**
* Sets or modifies the $goto variable if required
*/
if ($goto == 'sql.php') {
$is_gotofile = false;
$goto = 'sql.php' . URL::getCommon(array('db' => $db, 'table' => $table, 'sql_query' => $sql_query));
}
// end if
PMA_executeQueryAndSendQueryResponse($analyzed_sql_results, $is_gotofile, $db, $table, isset($find_real_end) ? $find_real_end : null, isset($import_text) ? $import_text : null, isset($extra_data) ? $extra_data : null, isset($message_to_show) ? $message_to_show : null, isset($message) ? $message : null, isset($sql_data) ? $sql_data : null, $goto, $pmaThemeImage, isset($disp_query) ? $display_query : null, isset($disp_message) ? $disp_message : null, isset($query_type) ? $query_type : null, $sql_query, isset($selected) ? $selected : null, isset($complete_query) ? $complete_query : null);
*/
require_once 'libraries/file_listing.lib.php';
/**
* Defines the url to return to in case of error in a sql statement
* (at this point, $GLOBALS['goto'] will be set but could be empty)
*/
if (empty($GLOBALS['goto'])) {
if (mb_strlen($table)) {
// avoid a problem (see bug #2202709)
$GLOBALS['goto'] = 'tbl_sql.php';
} else {
$GLOBALS['goto'] = 'db_sql.php';
}
}
$_url_params = PMA_getUrlParameters($db, $table);
$err_url = $GLOBALS['goto'] . URL::getCommon($_url_params);
unset($_url_params);
$comments_map = PMA_getCommentsMap($db, $table);
/**
* START REGULAR OUTPUT
*/
/**
* Load JavaScript files
*/
$response = Response::getInstance();
$header = $response->getHeader();
$scripts = $header->getScripts();
$scripts->addFile('sql.js');
$scripts->addFile('tbl_change.js');
$scripts->addFile('big_ints.js');
$scripts->addFile('jquery/jquery-ui-timepicker-addon.js');
/**
* Creates the code for displaying the links
* at the top of the navigation panel
*
* @return string HTML code for the links
*/
private function _links()
{
// always iconic
$showIcon = true;
$showText = false;
$retval = '<!-- LINKS START -->';
$retval .= '<div id="navipanellinks">';
$retval .= PMA\libraries\Util::getNavigationLink('index.php' . URL::getCommon(), $showText, __('Home'), $showIcon, 'b_home.png');
// if we have chosen server
if ($GLOBALS['server'] != 0) {
// Logout for advanced authentication
if ($GLOBALS['cfg']['Server']['auth_type'] != 'config') {
$text = __('Log out');
} else {
$text = __('Empty session data');
}
$link = 'logout.php' . $GLOBALS['url_query'];
$retval .= PMA\libraries\Util::getNavigationLink($link, $showText, $text, $showIcon, 's_loggoff.png', '', true, '', array('logout'));
}
$retval .= PMA\libraries\Util::getNavigationLink(PMA\libraries\Util::getDocuLink('index'), $showText, __('phpMyAdmin documentation'), $showIcon, 'b_docs.png', '', false, 'documentation');
$retval .= PMA\libraries\Util::getNavigationLink(PMA\libraries\Util::getMySQLDocuURL('', ''), $showText, __('Documentation'), $showIcon, 'b_sqlhelp.png', '', false, 'mysql_doc');
$retval .= PMA\libraries\Util::getNavigationLink('#', $showText, __('Navigation panel settings'), $showIcon, 's_cog.png', 'pma_navigation_settings_icon', false, '', defined('PMA_DISABLE_NAVI_SETTINGS') ? array('hide') : array());
$retval .= PMA\libraries\Util::getNavigationLink('#', $showText, __('Reload navigation panel'), $showIcon, 's_reload.png', 'pma_navigation_reload');
$retval .= '</div>';
$retval .= '<!-- LINKS ENDS -->';
return $retval;
}
/**
* Renders the preview for this theme
*
* @return string
* @access public
*/
public function getPrintPreview()
{
$url_params = array('set_theme' => $this->getId());
$url = 'index.php' . URL::getCommon($url_params);
$retval = '<div class="theme_preview">';
$retval .= '<h2>';
$retval .= htmlspecialchars($this->getName());
$retval .= ' (' . htmlspecialchars($this->getVersion()) . ') ';
$retval .= '</h2>';
$retval .= '<p>';
$retval .= '<a class="take_theme" ';
$retval .= 'name="' . htmlspecialchars($this->getId()) . '" ';
$retval .= 'href="' . $url . '">';
if (@file_exists($this->getPath() . '/screen.png')) {
// if screen exists then output
$retval .= '<img src="' . $this->getPath() . '/screen.png" border="1"';
$retval .= ' alt="' . htmlspecialchars($this->getName()) . '"';
$retval .= ' title="' . htmlspecialchars($this->getName()) . '" />';
$retval .= '<br />';
} else {
$retval .= __('No preview available.');
}
$retval .= '[ <strong>' . __('take it') . '</strong> ]';
$retval .= '</a>';
$retval .= '</p>';
$retval .= '</div>';
return $retval;
}
$currentSearchId = $savedSearch->getId();
}
/**
* A query has been submitted -> (maybe) execute it
*/
$message_to_display = false;
if (isset($_REQUEST['submit_sql']) && !empty($sql_query)) {
if (!preg_match('@^SELECT@i', $sql_query)) {
$message_to_display = true;
} else {
$goto = 'db_sql.php';
PMA_executeQueryAndSendQueryResponse(null, false, $_REQUEST['db'], null, false, null, null, null, null, null, $goto, $pmaThemeImage, null, null, null, $sql_query, null, null);
}
}
$sub_part = '_qbe';
require 'libraries/db_common.inc.php';
$url_query .= '&goto=db_qbe.php';
$url_params['goto'] = 'db_qbe.php';
list($tables, $num_tables, $total_num_tables, $sub_part, $is_show_stats, $db_is_system_schema, $tooltip_truename, $tooltip_aliasname, $pos) = PMA\libraries\Util::getDbInfo($db, isset($sub_part) ? $sub_part : '');
if ($message_to_display) {
PMA\libraries\Message::error(__('You have to choose at least one column to display!'))->display();
}
unset($message_to_display);
// create new qbe search instance
$db_qbe = new PMA\libraries\DbQbe($GLOBALS['db'], $savedSearchList, $savedSearch);
$url = 'db_designer.php' . URL::getCommon(array_merge($url_params, array('query' => 1)));
$response->addHTML(PMA\libraries\Message::notice(sprintf(__('Switch to %svisual builder%s'), '<a href="' . $url . '">', '</a>')));
/**
* Displays the Query by example form
*/
$response->addHTML($db_qbe->getSelectionForm());
/**
* Returns link to (possibly) external site using defined redirector.
*
* @param string $url URL where to go.
*
* @return string URL for a link.
*/
function PMA_linkURL($url)
{
if (!preg_match('#^https?://#', $url)) {
return $url;
}
$params = array();
$params['url'] = $url;
$url = URL::getCommon($params);
//strip off token and such sensitive information. Just keep url.
$arr = parse_url($url);
parse_str($arr["query"], $vars);
$query = http_build_query(array("url" => $vars["url"]));
if (defined('PMA_SETUP')) {
$url = '../url.php?' . $query;
} else {
$url = './url.php?' . $query;
}
return $url;
}
/**
* Returns HTML for control buttons displayed infront of a node
*
* @return String HTML for control buttons
*/
public function getHtmlForControlButtons()
{
$ret = '';
$cfgRelation = PMA_getRelationsParam();
if ($cfgRelation['navwork']) {
if ($this->hiddenCount > 0) {
$ret = '<span class="dbItemControls">' . '<a href="navigation.php' . URL::getCommon() . '&showUnhideDialog=true' . '&dbName=' . urldecode($this->real_name) . '"' . ' class="showUnhide ajax">' . Util::getImage('show.png', __('Show hidden items')) . '</a></span>';
}
}
return $ret;
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* @return boolean always true (no return indeed)
*/
public function authFails()
{
$conn_error = $GLOBALS['dbi']->getError();
if (!$conn_error) {
$conn_error = __('Cannot connect: invalid settings.');
}
/* HTML header */
$response = PMA\libraries\Response::getInstance();
$response->getFooter()->setMinimal();
$header = $response->getHeader();
$header->setBodyId('loginform');
$header->setTitle(__('Access denied!'));
$header->disableMenuAndConsole();
echo '<br /><br />
<center>
<h1>';
echo sprintf(__('Welcome to %s'), ' phpMyAdmin ');
echo '</h1>
</center>
<br />
<table cellpadding="0" cellspacing="3" style="margin: 0 auto" width="80%">
<tr>
<td>';
if (isset($GLOBALS['allowDeny_forbidden']) && $GLOBALS['allowDeny_forbidden']) {
trigger_error(__('Access denied!'), E_USER_NOTICE);
} else {
// Check whether user has configured something
if ($GLOBALS['PMA_Config']->source_mtime == 0) {
echo '<p>', sprintf(__('You probably did not create a configuration file.' . ' You might want to use the %1$ssetup script%2$s to' . ' create one.'), '<a href="setup/">', '</a>'), '</p>', "\n";
} elseif (!isset($GLOBALS['errno']) || isset($GLOBALS['errno']) && $GLOBALS['errno'] != 2002 && $GLOBALS['errno'] != 2003) {
// if we display the "Server not responding" error, do not confuse
// users by telling them they have a settings problem
// (note: it's true that they could have a badly typed host name,
// but anyway the current message tells that the server
// rejected the connection, which is not really what happened)
// 2002 is the error given by mysqli
// 2003 is the error given by mysql
trigger_error(__('phpMyAdmin tried to connect to the MySQL server, and the' . ' server rejected the connection. You should check the' . ' host, username and password in your configuration and' . ' make sure that they correspond to the information given' . ' by the administrator of the MySQL server.'), E_USER_WARNING);
}
echo PMA\libraries\Util::mysqlDie($conn_error, '', true, '', false);
}
$GLOBALS['error_handler']->dispUserErrors();
echo '</td>
</tr>
<tr>
<td>', "\n";
echo '<a href="', PMA\libraries\Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabServer'], 'server'), URL::getCommon(), '" class="button disableAjax">', __('Retry to connect'), '</a>', "\n";
echo '</td>
</tr>', "\n";
if (count($GLOBALS['cfg']['Servers']) > 1) {
// offer a chance to login to other servers if the current one failed
include_once './libraries/select_server.lib.php';
echo '<tr>', "\n";
echo ' <td>', "\n";
echo PMA_selectServer(true, true);
echo ' </td>', "\n";
echo '</tr>', "\n";
}
echo '</table>', "\n";
if (!defined('TESTSUITE')) {
exit;
}
return true;
}
} else {
if (empty($goto) || !preg_match('@^(server|db|tbl)(_[a-z]*)*\\.php$@i', $goto)) {
if (mb_strlen($table) && mb_strlen($db)) {
$goto = 'tbl_structure.php';
} elseif (mb_strlen($db)) {
$goto = 'db_structure.php';
} else {
$goto = 'server_sql.php';
}
}
if (mb_strlen($table) && mb_strlen($db)) {
$common = URL::getCommon(array('db' => $db, 'table' => $table));
} elseif (mb_strlen($db)) {
$common = URL::getCommon(array('db' => $db));
} else {
$common = URL::getCommon();
}
$err_url = $goto . $common . (preg_match('@^tbl_[a-z]*\\.php$@', $goto) ? '&table=' . htmlspecialchars($table) : '');
$_SESSION['Import_message']['go_back_url'] = $err_url;
}
// Avoid setting selflink to 'import.php'
// problem similar to bug 4276
if (basename($_SERVER['SCRIPT_NAME']) === 'import.php') {
$_SERVER['SCRIPT_NAME'] = $goto;
}
if (mb_strlen($db)) {
$GLOBALS['dbi']->selectDb($db);
}
@set_time_limit($cfg['ExecTimeLimit']);
if (!empty($cfg['MemoryLimit'])) {
@ini_set('memory_limit', $cfg['MemoryLimit']);
/**
* Test for PMA_getHtmlHeaderForUserProperties
*
* @return void
*/
public function testPMAGetHtmlHeaderForUserProperties()
{
$dbname_is_wildcard = true;
$url_dbname = "url_dbname";
$dbname = "dbname";
$username = "******";
$hostname = "hostname";
$tablename = "tablename";
$_REQUEST['tablename'] = "tablename";
$html = PMA_getHtmlHeaderForUserProperties(
$dbname_is_wildcard, $url_dbname, $dbname,
$username, $hostname, $tablename, 'table'
);
//title
$this->assertContains(
__('Edit privileges:'),
$html
);
$this->assertContains(
__('User account'),
$html
);
//URL::getCommon
$item = URL::getCommon(
array(
'username' => $username,
'hostname' => $hostname,
'dbname' => '',
'tablename' => '',
)
);
$this->assertContains(
$item,
$html
);
//$username & $hostname
$this->assertContains(
htmlspecialchars($username),
$html
);
$this->assertContains(
htmlspecialchars($hostname),
$html
);
//$dbname_is_wildcard = true
$this->assertContains(
__('Databases'),
$html
);
//$dbname_is_wildcard = true
$this->assertContains(
__('Databases'),
$html
);
//URL::getCommon
$item = URL::getCommon(
array(
'username' => $username,
'hostname' => $hostname,
'dbname' => $url_dbname,
'tablename' => '',
)
);
$this->assertContains(
$item,
$html
);
$this->assertContains(
$dbname,
$html
);
}
include_once './libraries/tbl_common.inc.php';
} else {
$table = '';
include_once './libraries/db_common.inc.php';
list($tables, $num_tables, $total_num_tables, $sub_part, $is_show_stats, $db_is_system_schema, $tooltip_truename, $tooltip_aliasname, $pos) = PMA\libraries\Util::getDbInfo($db, isset($sub_part) ? $sub_part : '');
}
} else {
/**
* Since we did not include some libraries, we need
* to manually select the required database and
* create the missing $url_query variable
*/
if (strlen($db) > 0) {
$GLOBALS['dbi']->selectDb($db);
if (!isset($url_query)) {
$url_query = URL::getCommon(array('db' => $db, 'table' => $table));
}
}
}
/**
* Generate the conditional classes that will
* be used to attach jQuery events to links
*/
$ajax_class = array('add' => 'class="ajax add_anchor"', 'edit' => 'class="ajax edit_anchor"', 'exec' => 'class="ajax exec_anchor"', 'drop' => 'class="ajax drop_anchor"', 'export' => 'class="ajax export_anchor"');
/**
* Create labels for the list
*/
$titles = PMA\libraries\Util::buildActionTitles();
/**
* Keep a list of errors that occurred while
* processing an 'Add' or 'Edit' operation.
/**
* Loads common scripts
*
* @return void
*/
private function _addDefaultScripts()
{
// Localised strings
$params = array('lang' => $GLOBALS['lang']);
if (isset($GLOBALS['db'])) {
$params['db'] = $GLOBALS['db'];
}
$this->_scripts->addFile('jquery/jquery-2.1.4.min.js');
$this->_scripts->addFile('whitelist.php' . URL::getCommon($params), false, true);
$this->_scripts->addFile('sprintf.js');
$this->_scripts->addFile('ajax.js');
$this->_scripts->addFile('keyhandler.js');
$this->_scripts->addFile('jquery/jquery-ui-1.11.4.min.js');
$this->_scripts->addFile('jquery/jquery.cookie.js');
$this->_scripts->addFile('jquery/jquery.mousewheel.js');
$this->_scripts->addFile('jquery/jquery.event.drag-2.2.js');
$this->_scripts->addFile('jquery/jquery-ui-timepicker-addon.js');
$this->_scripts->addFile('jquery/jquery.ba-hashchange-1.3.js');
$this->_scripts->addFile('jquery/jquery.debounce-1.0.5.js');
$this->_scripts->addFile('menu-resizer.js');
// Cross-framing protection
if ($GLOBALS['cfg']['AllowThirdPartyFraming'] === false) {
$this->_scripts->addFile('cross_framing_protection.js');
}
$this->_scripts->addFile('rte.js');
if ($GLOBALS['cfg']['SendErrorReports'] !== 'never') {
$this->_scripts->addFile('tracekit/tracekit.js');
$this->_scripts->addFile('error_report.js');
}
// Here would not be a good place to add CodeMirror because
// the user preferences have not been merged at this point
$this->_scripts->addFile('messages.php' . URL::getCommon($params));
// Append the theme id to this url to invalidate
// the cache on a theme change. Though this might be
// unavailable for fatal errors.
if (isset($_SESSION['PMA_Theme'])) {
$theme_id = urlencode($_SESSION['PMA_Theme']->getId());
} else {
$theme_id = 'default';
}
$this->_scripts->addFile('get_image.js.php?theme=' . $theme_id);
$this->_scripts->addFile('config.js');
$this->_scripts->addFile('doclinks.js');
$this->_scripts->addFile('functions.js');
$this->_scripts->addFile('navigation.js');
$this->_scripts->addFile('indexes.js');
$this->_scripts->addFile('common.js');
$this->_scripts->addFile('page_settings.js');
if (!$GLOBALS['cfg']['DisableShortcutKeys']) {
$this->_scripts->addFile('shortcuts_handler.js');
}
$this->_scripts->addCode($this->getJsParamsCode());
}
/**
* Function to get html for one data manipulation statement
*
* @param array $entry entry
* @param array $filter_users filter users
* @param int $filter_ts_from filter time stamp from
* @param int $filter_ts_to filter time stamp to
* @param string $style style
* @param int $line_number line number
* @param array $url_params url parameters
* @param int $offset line number offset
* @param string $drop_image_or_text drop image or text
* @param string $delete_param parameter for delete
*
* @return string
*/
function PMA_getHtmlForOneStatement($entry, $filter_users, $filter_ts_from, $filter_ts_to, $style, $line_number, $url_params, $offset, $drop_image_or_text, $delete_param)
{
$statement = PMA\libraries\Util::formatSql($entry['statement'], true);
$timestamp = strtotime($entry['date']);
$filtered_user = in_array($entry['username'], $filter_users);
$html = null;
if ($timestamp >= $filter_ts_from && $timestamp <= $filter_ts_to && (in_array('*', $filter_users) || $filtered_user)) {
$html = '<tr class="noclick ' . $style . '">';
$html .= '<td class="right"><small>' . $line_number . '</small></td>';
$html .= '<td><small>' . htmlspecialchars($entry['date']) . '</small></td>';
$html .= '<td><small>' . htmlspecialchars($entry['username']) . '</small></td>';
$html .= '<td>' . $statement . '</td>';
$html .= '<td class="nowrap"><a class="delete_entry_anchor ajax"' . ' href="tbl_tracking.php' . URL::getCommon($url_params + array('report' => 'true', 'version' => $_REQUEST['version'], $delete_param => $line_number - $offset)) . '">' . $drop_image_or_text . '</a></td>';
$html .= '</tr>';
}
return $html;
}
/**
* Handles actions related to multiple tables
*
* @return void
*/
public function multiSubmitAction()
{
$action = 'db_structure.php';
$err_url = 'db_structure.php' . URL::getCommon(array('db' => $this->db));
// see bug #2794840; in this case, code path is:
// db_structure.php -> libraries/mult_submits.inc.php -> sql.php
// -> db_structure.php and if we got an error on the multi submit,
// we must display it here and not call again mult_submits.inc.php
if (!isset($_POST['error']) || false === $_POST['error']) {
include 'libraries/mult_submits.inc.php';
}
if (empty($_POST['message'])) {
$_POST['message'] = Message::success();
}
}
/**
* Returns the breadcrumbs as HTML
*
* @return string HTML formatted breadcrumbs
*/
private function _getBreadcrumbs()
{
$retval = '';
$tbl_is_view = $GLOBALS['dbi']->getTable($this->_db, $this->_table)->isView();
if (empty($GLOBALS['cfg']['Server']['host'])) {
$GLOBALS['cfg']['Server']['host'] = '';
}
$server_info = !empty($GLOBALS['cfg']['Server']['verbose']) ? $GLOBALS['cfg']['Server']['verbose'] : $GLOBALS['cfg']['Server']['host'];
$server_info .= empty($GLOBALS['cfg']['Server']['port']) ? '' : ':' . $GLOBALS['cfg']['Server']['port'];
$separator = "<span class='separator item'> »</span>";
$item = '<a href="%1$s%2$s" class="item">';
if (Util::showText('TabsMode')) {
$item .= '%4$s: ';
}
$item .= '%3$s</a>';
$retval .= "<div id='floating_menubar'></div>";
$retval .= "<div id='serverinfo'>";
if (Util::showIcons('TabsMode')) {
$retval .= Util::getImage('s_host.png', '', array('class' => 'item'));
}
$retval .= sprintf($item, Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabServer'], 'server'), URL::getCommon(), htmlspecialchars($server_info), __('Server'));
if (strlen($this->_db) > 0) {
$retval .= $separator;
if (Util::showIcons('TabsMode')) {
$retval .= Util::getImage('s_db.png', '', array('class' => 'item'));
}
$retval .= sprintf($item, Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabDatabase'], 'database'), URL::getCommon(array('db' => $this->_db)), htmlspecialchars($this->_db), __('Database'));
// if the table is being dropped, $_REQUEST['purge'] is set to '1'
// so do not display the table name in upper div
if (strlen($this->_table) > 0 && !(isset($_REQUEST['purge']) && $_REQUEST['purge'] == '1')) {
include './libraries/tbl_info.inc.php';
$retval .= $separator;
if (Util::showIcons('TabsMode')) {
$icon = $tbl_is_view ? 'b_views.png' : 's_tbl.png';
$retval .= Util::getImage($icon, '', array('class' => 'item'));
}
$retval .= sprintf($item, Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabTable'], 'table'), URL::getCommon(array('db' => $this->_db, 'table' => $this->_table)), str_replace(' ', ' ', htmlspecialchars($this->_table)), $tbl_is_view ? __('View') : __('Table'));
/**
* Displays table comment
*/
if (!empty($show_comment) && !isset($GLOBALS['avoid_show_comment'])) {
if (mb_strstr($show_comment, '; InnoDB free')) {
$show_comment = preg_replace('@; InnoDB free:.*?$@', '', $show_comment);
}
$retval .= '<span class="table_comment"';
$retval .= ' id="span_table_comment">"';
$retval .= htmlspecialchars($show_comment);
$retval .= '"</span>';
}
// end if
} else {
// no table selected, display database comment if present
$cfgRelation = PMA_getRelationsParam();
// Get additional information about tables for tooltip is done
// in Util::getDbInfo() only once
if ($cfgRelation['commwork']) {
$comment = PMA_getDbComment($this->_db);
/**
* Displays table comment
*/
if (!empty($comment)) {
$retval .= '<span class="table_comment"' . ' id="span_table_comment">"' . htmlspecialchars($comment) . '"</span>';
}
// end if
}
}
}
$retval .= '<div class="clearfloat"></div>';
$retval .= '</div>';
return $retval;
}
/**
* Test for PMA_getHtmlForServerProcessItem
*
* @return void
*/
public function testPMAGetHtmlForServerProcessItem()
{
//parameters
$process = array("user" => "User1", "host" => "Host1", "id" => "Id1", "db" => "db1", "command" => "Command1", "info" => "Info1", "state" => "State1", "time" => "Time1");
$show_full_sql = true;
$_REQUEST['sort_order'] = "desc";
$_REQUEST['order_by_field'] = "process";
$GLOBALS['cfg']['MaxCharactersInDisplayedSQL'] = 12;
//Call the test function
$html = PMA_getHtmlForServerProcessItem($process, $show_full_sql);
//validate 1: $kill_process
$url_params = array('kill' => $process['id'], 'ajax_request' => true);
$kill_process = 'server_status_processes.php' . URL::getCommon($url_params);
$this->assertContains($kill_process, $html);
$this->assertContains('ajax kill_process', $html);
$this->assertContains(__('Kill'), $html);
//validate 2: $process['User']
$this->assertContains(htmlspecialchars($process['user']), $html);
//validate 3: $process['Host']
$this->assertContains(htmlspecialchars($process['host']), $html);
//validate 4: $process['db']
$this->assertContains(__('None'), $html);
//validate 5: $process['Command']
$this->assertContains(htmlspecialchars($process['command']), $html);
//validate 6: $process['Time']
$this->assertContains($process['time'], $html);
//validate 7: $process['state']
$this->assertContains($process['state'], $html);
//validate 8: $process['info']
$this->assertContains($process['info'], $html);
unset($process['info']);
$html = PMA_getHtmlForServerProcessItem($process, $show_full_sql);
$this->assertContains('---', $html);
}
/**
* Tests getItemUnhideDialog() method.
*
* @return void
* @test
*/
public function testGetItemUnhideDialog()
{
$expectedQuery = "SELECT `item_name`, `item_type`" . " FROM `pmadb`.`navigationhiding`" . " WHERE `username`='user' AND `db_name`='db' AND `table_name`=''";
$dbi = $this->getMockBuilder('PMA\\libraries\\DatabaseInterface')->disableOriginalConstructor()->getMock();
$dbi->expects($this->once())->method('tryQuery')->with($expectedQuery)->will($this->returnValue(true));
$dbi->expects($this->at(1))->method('fetchArray')->will($this->returnValue(array('item_name' => 'tableName', 'item_type' => 'table')));
$dbi->expects($this->at(2))->method('fetchArray')->will($this->returnValue(array('item_name' => 'viewName', 'item_type' => 'view')));
$dbi->expects($this->at(3))->method('fetchArray')->will($this->returnValue(false));
$dbi->expects($this->once())->method('freeResult');
$GLOBALS['dbi'] = $dbi;
$html = $this->object->getItemUnhideDialog('db');
$this->assertContains('<td>tableName</td>', $html);
$this->assertContains('<a href="navigation.php' . URL::getCommon() . '&unhideNavItem=true&itemType=table&itemName=tableName&dbName=db"' . ' class="unhideNavItem ajax">', $html);
}
/**
* Prints link templates
*
* @return string
*/
private function _getHtmlForLinkTemplates()
{
$url = 'server_variables.php' . URL::getCommon();
return Template::get('server/variables/link_template')->render(array('url' => $url));
}
/**
* Prints Every Item of Server Process
*
* @param array $process data of Every Item of Server Process
* @param bool $show_full_sql show full sql or not
*
* @return string
*/
function PMA_getHtmlForServerProcessItem($process, $show_full_sql)
{
// Array keys need to modify due to the way it has used
// to display column values
if (!empty($_REQUEST['order_by_field']) && !empty($_REQUEST['sort_order']) || !empty($_REQUEST['showExecuting'])) {
foreach (array_keys($process) as $key) {
$new_key = ucfirst(mb_strtolower($key));
if ($new_key !== $key) {
$process[$new_key] = $process[$key];
unset($process[$key]);
}
}
}
$url_params = array('kill' => $process['Id'], 'ajax_request' => true);
$kill_process = 'server_status_processes.php' . URL::getCommon($url_params);
$retval = '<tr>';
$retval .= '<td><a class="ajax kill_process" href="' . $kill_process . '">' . __('Kill') . '</a></td>';
$retval .= '<td class="value">' . $process['Id'] . '</td>';
$retval .= '<td>' . htmlspecialchars($process['User']) . '</td>';
$retval .= '<td>' . htmlspecialchars($process['Host']) . '</td>';
$retval .= '<td>' . (!isset($process['db']) || strlen($process['db']) === 0 ? '<i>' . __('None') . '</i>' : htmlspecialchars($process['db'])) . '</td>';
$retval .= '<td>' . htmlspecialchars($process['Command']) . '</td>';
$retval .= '<td class="value">' . $process['Time'] . '</td>';
$processStatusStr = empty($process['State']) ? '---' : $process['State'];
$retval .= '<td>' . $processStatusStr . '</td>';
$processProgress = empty($process['Progress']) ? '---' : $process['Progress'];
$retval .= '<td>' . $processProgress . '</td>';
$retval .= '<td>';
if (empty($process['Info'])) {
$retval .= '---';
} else {
$retval .= Util::formatSql($process['Info'], !$show_full_sql);
}
$retval .= '</td>';
$retval .= '</tr>';
return $retval;
}
/**
* Test for _getHtmlForLinkTemplates()
*
* @return void
*/
public function testGetHtmlForLinkTemplates()
{
$class = new ReflectionClass('\\PMA\\libraries\\controllers\\server\\ServerVariablesController');
$method = $class->getMethod('_getHtmlForLinkTemplates');
$method->setAccessible(true);
$container = Container::getDefaultContainer();
$container->factory('PMA\\libraries\\controllers\\server\\ServerVariablesController');
$container->alias('ServerVariablesController', 'PMA\\libraries\\controllers\\server\\ServerVariablesController');
$ctrl = $container->get('ServerVariablesController');
//Call the test function
$html = $method->invoke($ctrl);
$url = 'server_variables.php' . URL::getCommon(array());
//validate 1: URL
$this->assertContains($url, $html);
//validate 2: images
$this->assertContains(PMA\libraries\Util::getIcon('b_save.png', __('Save')), $html);
$this->assertContains(PMA\libraries\Util::getIcon('b_close.png', __('Cancel')), $html);
}
/**
* returns html code for db link to default db page
*
* @param string $database database
*
* @return string html link to default db page
*/
public static function getDbLink($database = null)
{
if (strlen($database) === 0) {
if (strlen($GLOBALS['db']) === 0) {
return '';
}
$database = $GLOBALS['db'];
} else {
$database = self::unescapeMysqlWildcards($database);
}
return '<a href="'
. Util::getScriptNameForOption(
$GLOBALS['cfg']['DefaultTabDatabase'], 'database'
)
. URL::getCommon(array('db' => $database)) . '" title="'
. htmlspecialchars(
sprintf(
__('Jump to database "%s".'),
$database
)
)
. '">' . htmlspecialchars($database) . '</a>';
}
}
exit;
}
}
// end if (ensures db exists)
/**
* Changes database charset if requested by the user
*/
if (isset($_REQUEST['submitcollation']) && isset($_REQUEST['db_collation']) && !empty($_REQUEST['db_collation'])) {
list($db_charset) = explode('_', $_REQUEST['db_collation']);
$sql_query = 'ALTER DATABASE ' . PMA\libraries\Util::backquote($db) . ' DEFAULT' . Util::getCharsetQueryPart($_REQUEST['db_collation']);
$result = $GLOBALS['dbi']->query($sql_query);
$message = Message::success();
unset($db_charset);
/**
* If we are in an Ajax request, let us stop the execution here. Necessary for
* db charset change action on db_operations.php. If this causes a bug on
* other pages, we might have to move this to a different location.
*/
if ($GLOBALS['is_ajax_request'] == true) {
$response = PMA\libraries\Response::getInstance();
$response->setRequestStatus($message->isSuccess());
$response->addJSON('message', $message);
exit;
}
}
/**
* Set parameters for links
*/
$url_query = URL::getCommon(array('db' => $db));
/**
* Get the HTML for Referential Integrity check
*
* @param array $foreign all Relations to foreign tables for a given table
* or optionally a given column in a table
* @param array $url_params array of url parameters
*
* @return string $html_output
*/
function PMA_getHtmlForReferentialIntegrityCheck($foreign, $url_params)
{
$html_output = '<div class="operations_half_width">' . '<fieldset>' . '<legend>' . __('Check referential integrity:') . '</legend>';
$html_output .= '<ul>';
foreach ($foreign as $master => $arr) {
$join_query = 'SELECT ' . Util::backquote($GLOBALS['table']) . '.*' . ' FROM ' . Util::backquote($GLOBALS['table']) . ' LEFT JOIN ' . Util::backquote($arr['foreign_db']) . '.' . Util::backquote($arr['foreign_table']);
if ($arr['foreign_table'] == $GLOBALS['table']) {
$foreign_table = $GLOBALS['table'] . '1';
$join_query .= ' AS ' . Util::backquote($foreign_table);
} else {
$foreign_table = $arr['foreign_table'];
}
$join_query .= ' ON ' . Util::backquote($GLOBALS['table']) . '.' . Util::backquote($master) . ' = ' . Util::backquote($arr['foreign_db']) . '.' . Util::backquote($foreign_table) . '.' . Util::backquote($arr['foreign_field']) . ' WHERE ' . Util::backquote($arr['foreign_db']) . '.' . Util::backquote($foreign_table) . '.' . Util::backquote($arr['foreign_field']) . ' IS NULL AND ' . Util::backquote($GLOBALS['table']) . '.' . Util::backquote($master) . ' IS NOT NULL';
$this_url_params = array_merge($url_params, array('sql_query' => $join_query));
$html_output .= '<li>' . '<a href="sql.php' . URL::getCommon($this_url_params) . '">' . $master . ' -> ' . $arr['foreign_db'] . '.' . $arr['foreign_table'] . '.' . $arr['foreign_field'] . '</a></li>' . "\n";
}
// foreach $foreign
$html_output .= '</ul></fieldset></div>';
return $html_output;
}
