function auth_error($exception = null)
{
global $connection, $adminer, $token;
$session_name = session_name();
$error = "";
if (!$_COOKIE[$session_name] && $_GET[$session_name] && ini_bool("session.use_only_cookies")) {
$error = lang('Session support must be enabled.');
} elseif (isset($_GET["username"])) {
if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$token) {
$error = lang('Session expired, please login again.');
} else {
$password =& get_session("pwds");
if (isset($password)) {
$error = h($exception ? $exception->getMessage() : (is_string($connection) ? $connection : lang('Invalid credentials.')));
$password = null;
}
}
}
page_header(lang('Login'), $error, null);
echo "<form action='' method='post' onclick='eventStop(event);'>\n";
$adminer->loginForm();
echo "<div>";
hidden_fields($_POST, array("driver", "server", "username", "password", "permanent"));
// expired session
echo "</div>\n";
echo "</form>\n";
page_footer("auth");
}
function switch_lang()
{
global $LANG, $langs;
echo "<form action=''>\n<div id='lang'>";
hidden_fields($_GET, array('lang'));
echo lang('Language') . ": " . html_select("lang", $langs, $LANG, "var loc = location.search.replace(/[?&]lang=[^&]*/, ''); location.search = loc + (loc ? '&' : '') + 'lang=' + this.value;");
echo " <input type='submit' value='" . lang('Use') . "' class='hidden'>\n";
echo "</div>\n</form>\n";
}
}
input($field, $value, $function);
echo "\n";
}
echo "</table>\n";
}
?>
<p>
<?php
if ($fields) {
echo "<input type='submit' value='" . lang('Save') . "'>\n";
if (!isset($_GET["select"])) {
echo "<input type='submit' name='insert' value='" . ($update ? lang('Save and continue edit') : lang('Save and insert next')) . "' title='Ctrl+Shift+Enter'>\n";
}
}
echo $update ? "<input type='submit' name='delete' value='" . lang('Delete') . "' onclick=\"return confirm('" . lang('Are you sure?') . "');\">\n" : ($_POST || !$fields ? "" : "<script type='text/javascript'>document.getElementById('form').getElementsByTagName('td')[1].firstChild.focus();</script>\n");
if (isset($_GET["select"])) {
hidden_fields(array("check" => (array) $_POST["check"], "clone" => $_POST["clone"], "all" => $_POST["all"]));
}
?>
<input type="hidden" name="referer" value="<?php
echo h(isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]);
?>
">
<input type="hidden" name="save" value="1">
<input type="hidden" name="token" value="<?php
echo $token;
?>
">
</form>
/** Print edit data form
* @param string
* @param array
* @param mixed
* @param bool
* @return null
*/
function edit_form($TABLE, $fields, $row, $update)
{
global $adminer, $jush, $token, $error;
$table_name = $adminer->tableName(table_status1($TABLE, true));
page_header($update ? lang('Edit') : lang('Insert'), $error, array("select" => array($TABLE, $table_name)), $table_name);
if ($row === false) {
echo "<p class='error'>" . lang('No rows.') . "\n";
}
?>
<form action="" method="post" enctype="multipart/form-data" id="form">
<?php
if (!$fields) {
echo "<p class='error'>" . lang('You have no privileges to update this table.') . "\n";
} else {
echo "<table cellspacing='0' onkeydown='return editingKeydown(event);'>\n";
foreach ($fields as $name => $field) {
echo "<tr><th>" . $adminer->fieldName($field);
$default = $_GET["set"][bracket_escape($name)];
if ($default === null) {
$default = $field["default"];
if ($field["type"] == "bit" && preg_match("~^b'([01]*)'\$~", $default, $regs)) {
$default = $regs[1];
}
}
$value = $row !== null ? $row[$name] != "" && $jush == "sql" && preg_match("~enum|set~", $field["type"]) ? is_array($row[$name]) ? array_sum($row[$name]) : +$row[$name] : $row[$name] : (!$update && $field["auto_increment"] ? "" : (isset($_GET["select"]) ? false : $default));
if (!$_POST["save"] && is_string($value)) {
$value = $adminer->editVal($value, $field);
}
$function = $_POST["save"] ? (string) $_POST["function"][$name] : ($update && $field["on_update"] == "CURRENT_TIMESTAMP" ? "now" : ($value === false ? null : ($value !== null ? '' : 'NULL')));
if (preg_match("~time~", $field["type"]) && $value == "CURRENT_TIMESTAMP") {
$value = "";
$function = "now";
}
input($field, $value, $function);
echo "\n";
}
if (!support("table")) {
echo "<tr>" . "<th><input name='field_keys[]' onkeyup='keyupChange.call(this);' onchange='fieldChange(this);' value=''>" . "<td class='function'>" . html_select("field_funs[]", $adminer->editFunctions(array("null" => isset($_GET["select"])))) . "<td><input name='field_vals[]'>" . "\n";
}
echo "</table>\n";
}
echo "<p>\n";
if ($fields) {
echo "<input type='submit' value='" . lang('Save') . "'>\n";
if (!isset($_GET["select"])) {
echo "<input type='submit' name='insert' value='" . ($update ? lang('Save and continue edit') . "' onclick='return !ajaxForm(this.form, \"" . lang('Saving') . '...", this)' : lang('Save and insert next')) . "' title='Ctrl+Shift+Enter'>\n";
}
}
echo $update ? "<input type='submit' name='delete' value='" . lang('Delete') . "'" . confirm() . ">\n" : ($_POST || !$fields ? "" : "<script type='text/javascript'>focus(document.getElementById('form').getElementsByTagName('td')[1].firstChild);</script>\n");
if (isset($_GET["select"])) {
hidden_fields(array("check" => (array) $_POST["check"], "clone" => $_POST["clone"], "all" => $_POST["all"]));
}
?>
<input type="hidden" name="referer" value="<?php
echo h(isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]);
?>
">
<input type="hidden" name="save" value="1">
<input type="hidden" name="token" value="<?php
echo $token;
?>
">
</form>
<?php
}
/** Renders an error message and a login form
* @param string plain text
* @return null exits
*/
function auth_error($error)
{
global $adminer, $has_token;
$error = h($error);
$session_name = session_name();
if (isset($_GET["username"])) {
header("HTTP/1.1 403 Forbidden");
// 401 requires sending WWW-Authenticate header
if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$has_token) {
$error = lang('Session expired, please login again.');
} else {
add_invalid_login();
$password = get_password();
if ($password !== null) {
if ($password === false) {
$error .= '<br>' . lang('Master password expired. <a href="https://www.adminer.org/en/extension/" target="_blank">Implement</a> %s method to make it permanent.', '<code>permanentLogin()</code>');
}
set_password(DRIVER, SERVER, $_GET["username"], null);
}
unset_permanent();
}
}
if (!$_COOKIE[$session_name] && $_GET[$session_name] && ini_bool("session.use_only_cookies")) {
$error = lang('Session support must be enabled.');
}
$params = session_get_cookie_params();
cookie("adminer_key", $_COOKIE["adminer_key"] ? $_COOKIE["adminer_key"] : rand_string(), $params["lifetime"]);
page_header(lang('Login'), $error, null);
echo "<form action='' method='post'>\n";
$adminer->loginForm();
echo "<div>";
hidden_fields($_POST, array("auth"));
// expired session
echo "</div>\n";
echo "</form>\n";
page_footer("auth");
exit;
}
