/**
* Returns HTML code to include javascript file.
*
* @param array $files The list of js file to include
*
* @return string HTML code for javascript inclusion.
*/
private function _includeFiles($files)
{
$first_dynamic_scripts = "";
$dynamic_scripts = "";
$scripts = array();
$separator = URL::getArgSeparator();
foreach ($files as $value) {
if (mb_strpos($value['filename'], "?") !== false) {
$file_name = $value['filename'] . $separator . Header::getVersionParameter();
if ($value['before_statics'] === true) {
$first_dynamic_scripts .= "<script data-cfasync='false' type='text/javascript' " . "src='js/" . $file_name . "'></script>";
} else {
$dynamic_scripts .= "<script data-cfasync='false' " . "type='text/javascript' src='js/" . $file_name . "'></script>";
}
continue;
}
$include = true;
if ($include) {
$scripts[] = "scripts%5B%5D=" . $value['filename'];
}
}
$separator = URL::getArgSeparator();
$static_scripts = '';
// Using chunks of 20 files to avoid too long URLs
$script_chunks = array_chunk($scripts, 20);
foreach ($script_chunks as $script_chunk) {
$url = 'js/get_scripts.js.php?' . implode($separator, $script_chunk) . $separator . Header::getVersionParameter();
$static_scripts .= sprintf('<script data-cfasync="false" type="text/javascript" src="%s">' . '</script>', htmlspecialchars($url));
}
return $first_dynamic_scripts . $static_scripts . $dynamic_scripts;
}
/**
* Tests getHtmlForControlButtons() method
*
* @return void
* @test
*/
public function testGetHtmlForControlButtons()
{
$parent = NodeFactory::getInstance('NodeDatabase', 'parent');
$parent->addChild($this->object);
$this->object->expects($this->once())->method('getItemType')->will($this->returnValue('itemType'));
$html = $this->object->getHtmlForControlButtons();
$this->assertStringStartsWith('<span class="navItemControls">', $html);
$this->assertStringEndsWith('</span>', $html);
$this->assertContains('<a href="navigation.php' . URL::getCommon() . '&hideNavItem=true&itemType=itemType&itemName=child' . '&dbName=parent" class="hideNavItem ajax">', $html);
}
/**
* Returns the html for the list filter
*
* @param ServerStatusData $ServerStatusData Server status data
*
* @return string
*/
function PMA_getHtmlForFilter($ServerStatusData)
{
$filterAlert = '';
if (!empty($_REQUEST['filterAlert'])) {
$filterAlert = ' checked="checked"';
}
$filterText = '';
if (!empty($_REQUEST['filterText'])) {
$filterText = htmlspecialchars($_REQUEST['filterText']);
}
$dontFormat = '';
if (!empty($_REQUEST['dontFormat'])) {
$dontFormat = ' checked="checked"';
}
$retval = '';
$retval .= '<fieldset id="tableFilter">';
$retval .= '<legend>' . __('Filters') . '</legend>';
$retval .= '<form action="server_status_variables.php' . URL::getCommon() . '">';
$retval .= '<input type="submit" value="' . __('Refresh') . '" />';
$retval .= '<div class="formelement">';
$retval .= '<label for="filterText">' . __('Containing the word:') . '</label>';
$retval .= '<input name="filterText" type="text" id="filterText" ' . 'value="' . $filterText . '" />';
$retval .= '</div>';
$retval .= '<div class="formelement">';
$retval .= '<input' . $filterAlert . ' type="checkbox" ' . 'name="filterAlert" id="filterAlert" />';
$retval .= '<label for="filterAlert">';
$retval .= __('Show only alert values');
$retval .= '</label>';
$retval .= '</div>';
$retval .= '<div class="formelement">';
$retval .= '<select id="filterCategory" name="filterCategory">';
$retval .= '<option value="">' . __('Filter by category…') . '</option>';
foreach ($ServerStatusData->sections as $section_id => $section_name) {
if (isset($ServerStatusData->sectionUsed[$section_id])) {
if (!empty($_REQUEST['filterCategory']) && $_REQUEST['filterCategory'] == $section_id) {
$selected = ' selected="selected"';
} else {
$selected = '';
}
$retval .= '<option' . $selected . ' value="' . $section_id . '">';
$retval .= htmlspecialchars($section_name) . '</option>';
}
}
$retval .= '</select>';
$retval .= '</div>';
$retval .= '<div class="formelement">';
$retval .= '<input' . $dontFormat . ' type="checkbox" ' . 'name="dontFormat" id="dontFormat" />';
$retval .= '<label for="dontFormat">';
$retval .= __('Show unformatted values');
$retval .= '</label>';
$retval .= '</div>';
$retval .= '</form>';
$retval .= '</fieldset>';
return $retval;
}
/**
* Returns HTML for control buttons displayed infront of a node
*
* @return String HTML for control buttons
*/
public function getHtmlForControlButtons()
{
$ret = '';
$cfgRelation = PMA_getRelationsParam();
if ($cfgRelation['navwork']) {
$db = $this->realParent()->real_name;
$item = $this->real_name;
$ret = '<span class="navItemControls">' . '<a href="navigation.php' . URL::getCommon() . '&hideNavItem=true' . '&itemType=' . urlencode($this->getItemType()) . '&itemName=' . urlencode($item) . '&dbName=' . urlencode($db) . '"' . ' class="hideNavItem ajax">' . PMA\libraries\Util::getImage('hide.png', __('Hide')) . '</a></span>';
}
return $ret;
}
/**
* Get HTML for display indexes
*
* @return string $html_output
*/
function PMA_getHtmlForDisplayIndexes()
{
$html_output = '<div id="index_div" class="ajax" >';
$html_output .= PMA\libraries\Index::getHtmlForIndexes($GLOBALS['table'], $GLOBALS['db']);
$html_output .= '<fieldset class="tblFooters print_ignore" style="text-align: ' . 'left;"><form action="tbl_indexes.php" method="post">';
$html_output .= URL::getHiddenInputs($GLOBALS['db'], $GLOBALS['table']);
$html_output .= sprintf(__('Create an index on %s columns'), '<input type="number" name="added_fields" value="1" ' . 'min="1" required="required" />');
$html_output .= '<input type="hidden" name="create_index" value="1" />' . '<input class="add_index ajax"' . ' type="submit" value="' . __('Go') . '" />';
$html_output .= '</form>' . '</fieldset>' . '</div>';
return $html_output;
}
/**
* Returns HTML for control buttons displayed infront of a node
*
* @return String HTML for control buttons
*/
public function getHtmlForControlButtons()
{
$ret = '';
$cfgRelation = PMA_getRelationsParam();
if ($cfgRelation['navwork']) {
$db = $this->realParent()->real_name;
$item = $this->real_name;
$params = array('hideNavItem' => true, 'itemType' => $this->getItemType(), 'itemName' => $item, 'dbName' => $db);
$ret = '<span class="navItemControls">' . '<a href="navigation.php' . URL::getCommon($params) . '"' . ' class="hideNavItem ajax">' . PMA\libraries\Util::getImage('hide.png', __('Hide')) . '</a></span>';
}
return $ret;
}
/**
* Test for PMA_getHtmlForCreateTable
*
* @return void
*/
public function testPMAGetHtmlForCreateTable()
{
$db = "pma_db";
//Call the test function
$html = PMA_getHtmlForCreateTable($db);
//getImage
$this->assertContains(PMA\libraries\Util::getImage('b_table_add.png'), $html);
//__('Create table')
$this->assertContains(__('Create table'), $html);
//URL::getHiddenInputs
$this->assertContains(URL::getHiddenInputs($db), $html);
//label
$this->assertContains(__('Name'), $html);
$this->assertContains(__('Number of columns'), $html);
//button
$this->assertContains(__('Go'), $html);
}
/**
* Function to get html for relational field selection
*
* @param string $db current database
* @param string $table current table
* @param string $field field
* @param array $foreignData foreign column data
* @param string $fieldkey field key
* @param string $current_value current columns's value
*
* @return string
*/
function PMA_getHtmlForRelationalFieldSelection($db, $table, $field, $foreignData, $fieldkey, $current_value)
{
$gotopage = PMA_getHtmlForGotoPage($foreignData);
$showall = PMA_getHtmlForShowAll($foreignData);
$output = '<form class="ajax" ' . 'id="browse_foreign_form" name="browse_foreign_from" ' . 'action="browse_foreigners.php" method="post">' . '<fieldset>' . URL::getHiddenInputs($db, $table) . '<input type="hidden" name="field" value="' . htmlspecialchars($field) . '" />' . '<input type="hidden" name="fieldkey" value="' . (isset($fieldkey) ? htmlspecialchars($fieldkey) : '') . '" />';
if (isset($_REQUEST['rownumber'])) {
$output .= '<input type="hidden" name="rownumber" value="' . htmlspecialchars($_REQUEST['rownumber']) . '" />';
}
$filter_value = isset($_REQUEST['foreign_filter']) ? htmlspecialchars($_REQUEST['foreign_filter']) : '';
$output .= '<span class="formelement">' . '<label for="input_foreign_filter">' . __('Search:') . '</label>' . '<input type="text" name="foreign_filter" ' . 'id="input_foreign_filter" ' . 'value="' . $filter_value . '" data-old="' . $filter_value . '" ' . '/>' . '<input type="submit" name="submit_foreign_filter" value="' . __('Go') . '" />' . '</span>' . '<span class="formelement">' . $gotopage . '</span>' . '<span class="formelement">' . $showall . '</span>' . '</fieldset>' . '</form>';
$output .= '<table width="100%" id="browse_foreign_table">';
if (!is_array($foreignData['disp_row'])) {
$output .= '</tbody>' . '</table>';
return $output;
}
$header = '<tr>
<th>' . __('Keyname') . '</th>
<th>' . __('Description') . '</th>
<td width="20%"></td>
<th>' . __('Description') . '</th>
<th>' . __('Keyname') . '</th>
</tr>';
$output .= '<thead>' . $header . '</thead>' . "\n" . '<tfoot>' . $header . '</tfoot>' . "\n" . '<tbody>' . "\n";
$descriptions = array();
$keys = array();
foreach ($foreignData['disp_row'] as $relrow) {
if ($foreignData['foreign_display'] != false) {
$descriptions[] = $relrow[$foreignData['foreign_display']];
} else {
$descriptions[] = '';
}
$keys[] = $relrow[$foreignData['foreign_field']];
}
asort($keys);
$horizontal_count = 0;
$odd_row = true;
$indexByDescription = 0;
foreach ($keys as $indexByKeyname => $value) {
list($html, $horizontal_count, $odd_row, $indexByDescription) = PMA_getHtmlForOneKey($horizontal_count, $header, $odd_row, $keys, $indexByKeyname, $descriptions, $indexByDescription, $current_value);
$output .= $html;
}
$output .= '</tbody>' . '</table>';
return $output;
}
/**
* Tests PMA_getHtmlForUserGroupsTable() function when there are user groups
*
* @return void
*/
public function testGetHtmlForUserGroupsTableWithUserGroups()
{
$expectedQuery = "SELECT * FROM `pmadb`.`usergroups`" . " ORDER BY `usergroup` ASC";
$dbi = $this->getMockBuilder('PMA\\libraries\\DatabaseInterface')->disableOriginalConstructor()->getMock();
$dbi->expects($this->once())->method('tryQuery')->with($expectedQuery)->will($this->returnValue(true));
$dbi->expects($this->once())->method('numRows')->withAnyParameters()->will($this->returnValue(1));
$dbi->expects($this->at(2))->method('fetchAssoc')->withAnyParameters()->will($this->returnValue(array('usergroup' => 'usergroup', 'tab' => 'server_sql', 'allowed' => 'Y')));
$dbi->expects($this->at(3))->method('fetchAssoc')->withAnyParameters()->will($this->returnValue(false));
$dbi->expects($this->once())->method('freeResult');
$GLOBALS['dbi'] = $dbi;
$html = PMA_getHtmlForUserGroupsTable();
$this->assertContains('<td>usergroup</td>', $html);
$url_tag = '<a class="" href="server_user_groups.php' . URL::getCommon(array('viewUsers' => 1, 'userGroup' => htmlspecialchars('usergroup')));
$this->assertContains($url_tag, $html);
$url_tag = '<a class="" href="server_user_groups.php' . URL::getCommon(array('editUserGroup' => 1, 'userGroup' => htmlspecialchars('usergroup')));
$this->assertContains($url_tag, $html);
$url_tag = '<a class="deleteUserGroup ajax" href="server_user_groups.php' . URL::getCommon(array('deleteUserGroup' => 1, 'userGroup' => htmlspecialchars('usergroup')));
$this->assertContains($url_tag, $html);
}
/**
* Test for PMA_getHtmlForChangePassword
*
* @return void
*/
public function testPMAGetHtmlForChangePassword()
{
$username = "******";
$hostname = "pma_hostname";
//Call the test function
$html = PMA_getHtmlForChangePassword('change_pw', $username, $hostname);
//PMA_PHP_SELF
$this->assertContains($GLOBALS['PMA_PHP_SELF'], $html);
//URL::getHiddenInputs
$this->assertContains(URL::getHiddenInputs(), $html);
//$username & $hostname
$this->assertContains(htmlspecialchars($username), $html);
$this->assertContains(htmlspecialchars($hostname), $html);
//labels
$this->assertContains(__('Change password'), $html);
$this->assertContains(__('No Password'), $html);
$this->assertContains(__('Password:'******'Password:'), $html);
}
/**
* Returns HTML code for the language selector
*
* @param boolean $use_fieldset whether to use fieldset for selection
* @param boolean $show_doc whether to show documentation links
*
* @return string
*
* @access public
*/
function PMA_getLanguageSelectorHtml($use_fieldset = false, $show_doc = true)
{
$retval = '';
$available_languages = LanguageManager::getInstance()->sortedLanguages();
// Display language selection only if there
// is more than one language to choose from
if (count($available_languages) > 1) {
$retval .= '<form method="get" action="index.php" class="disableAjax">';
$_form_params = array('db' => $GLOBALS['db'], 'table' => $GLOBALS['table']);
$retval .= URL::getHiddenInputs($_form_params);
// For non-English, display "Language" with emphasis because it's
// not a proper word in the current language; we show it to help
// people recognize the dialog
$language_title = __('Language') . (__('Language') != 'Language' ? ' - <em>Language</em>' : '');
if ($show_doc) {
$language_title .= PMA\libraries\Util::showDocu('faq', 'faq7-2');
}
if ($use_fieldset) {
$retval .= '<fieldset><legend lang="en" dir="ltr">' . $language_title . '</legend>';
} else {
$retval .= '<bdo lang="en" dir="ltr"><label for="sel-lang">' . $language_title . ': </label></bdo>';
}
$retval .= '<select name="lang" class="autosubmit" lang="en"' . ' dir="ltr" id="sel-lang">';
foreach ($available_languages as $language) {
//Is current one active?
if ($language->isActive()) {
$selected = ' selected="selected"';
} else {
$selected = '';
}
$retval .= '<option value="' . $language->getCode() . '"' . $selected . '>';
$retval .= $language->getName();
$retval .= '</option>';
}
$retval .= '</select>';
if ($use_fieldset) {
$retval .= '</fieldset>';
}
$retval .= '</form>';
}
return $retval;
}
/**
* Displays top part of the form
*
* @param string $action default: $_SERVER['REQUEST_URI']
* @param string $method 'post' or 'get'
* @param array $hidden_fields array of form hidden fields (key: field name)
*
* @return string
*/
function PMA_displayFormTop($action = null, $method = 'post', $hidden_fields = null)
{
static $has_check_page_refresh = false;
if ($action === null) {
$action = $_SERVER['REQUEST_URI'];
}
if ($method != 'post') {
$method = 'get';
}
$htmlOutput = '<form method="' . $method . '" action="' . htmlspecialchars($action) . '" class="config-form disableAjax">';
$htmlOutput .= '<input type="hidden" name="tab_hash" value="" />';
// we do validation on page refresh when browser remembers field values,
// add a field with known value which will be used for checks
if (!$has_check_page_refresh) {
$has_check_page_refresh = true;
$htmlOutput .= '<input type="hidden" name="check_page_refresh" ' . ' id="check_page_refresh" value="" />' . "\n";
}
$htmlOutput .= URL::getHiddenInputs('', '', 0, 'server') . "\n";
$htmlOutput .= URL::getHiddenFields((array) $hidden_fields);
return $htmlOutput;
}
/**
* Get HTML for the Change password dialog
*
* @param string $mode where is the function being called?
* values : 'change_pw' or 'edit_other'
* @param string $username username
* @param string $hostname hostname
*
* @return string html snippet
*/
function PMA_getHtmlForChangePassword($mode, $username, $hostname)
{
/**
* autocomplete feature of IE kills the "onchange" event handler and it
* must be replaced by the "onpropertychange" one in this case
*/
$chg_evt_handler = 'onchange';
$is_privileges = basename($_SERVER['SCRIPT_NAME']) === 'server_privileges.php';
$html = '<form method="post" id="change_password_form" ' . 'action="' . basename($GLOBALS['PMA_PHP_SELF']) . '" ' . 'name="chgPassword" ' . 'class="' . ($is_privileges ? 'submenu-item' : '') . '">';
$html .= URL::getHiddenInputs();
if (strpos($GLOBALS['PMA_PHP_SELF'], 'server_privileges') !== false) {
$html .= '<input type="hidden" name="username" ' . 'value="' . htmlspecialchars($username) . '" />' . '<input type="hidden" name="hostname" ' . 'value="' . htmlspecialchars($hostname) . '" />';
}
$html .= '<fieldset id="fieldset_change_password">' . '<legend' . ($is_privileges ? ' data-submenu-label="' . __('Change password') . '"' : '') . '>' . __('Change password') . '</legend>' . '<table class="data noclick">' . '<tr class="odd">' . '<td colspan="2">' . '<input type="radio" name="nopass" value="1" id="nopass_1" ' . 'onclick="pma_pw.value = \'\'; pma_pw2.value = \'\'; ' . 'this.checked = true" />' . '<label for="nopass_1">' . __('No Password') . '</label>' . '</td>' . '</tr>' . '<tr class="even vmiddle">' . '<td>' . '<input type="radio" name="nopass" value="0" id="nopass_0" ' . 'onclick="document.getElementById(\'text_pma_pw\').focus();" ' . 'checked="checked" />' . '<label for="nopass_0">' . __('Password:'******' </label>' . '</td>' . '<td>' . '<input type="password" name="pma_pw" id="text_pma_pw" size="10" ' . 'class="textfield"' . $chg_evt_handler . '="nopass[1].checked = true" />' . ' ' . __('Re-type:') . ' ' . '<input type="password" name="pma_pw2" id="text_pma_pw2" size="10" ' . 'class="textfield"' . $chg_evt_handler . '="nopass[1].checked = true" />' . '</td>' . '</tr>';
$serverType = PMA\libraries\Util::getServerType();
$orig_auth_plugin = PMA_getCurrentAuthenticationPlugin('change', $username, $hostname);
$is_superuser = $GLOBALS['dbi']->isSuperuser();
if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50507 || $serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200) {
// Provide this option only for 5.7.6+
// OR for privileged users in 5.5.7+
if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706 || $is_superuser && $mode == 'edit_other') {
$auth_plugin_dropdown = PMA_getHtmlForAuthPluginsDropdown($orig_auth_plugin, 'change_pw', 'new');
$html .= '<tr class="vmiddle">' . '<td>' . __('Password Hashing:') . '</td><td>';
$html .= $auth_plugin_dropdown;
$html .= '</td></tr>' . '<tr id="tr_element_before_generate_password"></tr>' . '</table>';
$html .= '<div ' . ($orig_auth_plugin != 'sha256_password' ? 'style="display:none"' : '') . ' id="ssl_reqd_warning_cp">' . Message::notice(__('This method requires using an \'<i>SSL connection</i>\' ' . 'or an \'<i>unencrypted connection that encrypts the ' . 'password using RSA</i>\'; while connecting to the server.') . PMA\libraries\Util::showMySQLDocu('sha256-authentication-plugin'))->getDisplay() . '</div>';
} else {
$html .= '<tr id="tr_element_before_generate_password"></tr>' . '</table>';
}
} else {
$auth_plugin_dropdown = PMA_getHtmlForAuthPluginsDropdown($orig_auth_plugin, 'change_pw', 'old');
$html .= '<tr class="vmiddle">' . '<td>' . __('Password Hashing:') . '</td><td>';
$html .= $auth_plugin_dropdown . '</td></tr>' . '<tr id="tr_element_before_generate_password"></tr>' . '</table>';
}
$html .= '</fieldset>' . '<fieldset id="fieldset_change_password_footer" class="tblFooters">' . '<input type="hidden" name="change_pw" value="1" />' . '<input type="submit" value="' . __('Go') . '" />' . '</fieldset>' . '</form>';
return $html;
}
/**
* Get HTML for secondary level menu tabs on 'Users' page
*
* @param string $selfUrl Url of the file
*
* @return string HTML for secondary level menu tabs on 'Users' page
*/
function PMA_getHtmlForSubMenusOnUsersPage($selfUrl)
{
$url_params = URL::getCommon();
$items = array(array('name' => __('User accounts overview'), 'url' => 'server_privileges.php', 'specific_params' => '&viewing_mode=server'));
if ($GLOBALS['is_superuser']) {
$items[] = array('name' => __('User groups'), 'url' => 'server_user_groups.php', 'specific_params' => '');
}
$retval = '<ul id="topmenu2">';
foreach ($items as $item) {
$class = '';
if ($item['url'] === $selfUrl) {
$class = ' class="tabactive"';
}
$retval .= '<li>';
$retval .= '<a' . $class;
$retval .= ' href="' . $item['url'] . $url_params . $item['specific_params'] . '">';
$retval .= $item['name'];
$retval .= '</a>';
$retval .= '</li>';
}
$retval .= '</ul>';
$retval .= '<div class="clearfloat"></div>';
return $retval;
}
/**
* Tests getItemUnhideDialog() method.
*
* @return void
* @test
*/
public function testGetItemUnhideDialog()
{
$expectedQuery = "SELECT `item_name`, `item_type`" . " FROM `pmadb`.`navigationhiding`" . " WHERE `username`='user' AND `db_name`='db' AND `table_name`=''";
$dbi = $this->getMockBuilder('PMA\\libraries\\DatabaseInterface')->disableOriginalConstructor()->getMock();
$dbi->expects($this->once())->method('tryQuery')->with($expectedQuery)->will($this->returnValue(true));
$dbi->expects($this->at(1))->method('fetchArray')->will($this->returnValue(array('item_name' => 'tableName', 'item_type' => 'table')));
$dbi->expects($this->at(2))->method('fetchArray')->will($this->returnValue(array('item_name' => 'viewName', 'item_type' => 'view')));
$dbi->expects($this->at(3))->method('fetchArray')->will($this->returnValue(false));
$dbi->expects($this->once())->method('freeResult');
$GLOBALS['dbi'] = $dbi;
$html = $this->object->getItemUnhideDialog('db');
$this->assertContains('<td>tableName</td>', $html);
$this->assertContains('<a href="navigation.php' . URL::getCommon() . '&unhideNavItem=true&itemType=table&itemName=tableName&dbName=db"' . ' class="unhideNavItem ajax">', $html);
}
/**
* Test for _getHtmlForLinkTemplates()
*
* @return void
*/
public function testGetHtmlForLinkTemplates()
{
$class = new ReflectionClass('\\PMA\\libraries\\controllers\\server\\ServerVariablesController');
$method = $class->getMethod('_getHtmlForLinkTemplates');
$method->setAccessible(true);
$container = Container::getDefaultContainer();
$container->factory('PMA\\libraries\\controllers\\server\\ServerVariablesController');
$container->alias('ServerVariablesController', 'PMA\\libraries\\controllers\\server\\ServerVariablesController');
$ctrl = $container->get('ServerVariablesController');
//Call the test function
$html = $method->invoke($ctrl);
$url = 'server_variables.php' . URL::getCommon(array());
//validate 1: URL
$this->assertContains($url, $html);
//validate 2: images
$this->assertContains(PMA\libraries\Util::getIcon('b_save.png', __('Save')), $html);
$this->assertContains(PMA\libraries\Util::getIcon('b_close.png', __('Cancel')), $html);
}
/**
* Creates the code for displaying the links
* at the top of the navigation panel
*
* @return string HTML code for the links
*/
private function _links()
{
// always iconic
$showIcon = true;
$showText = false;
$retval = '<!-- LINKS START -->';
$retval .= '<div id="navipanellinks">';
$retval .= PMA\libraries\Util::getNavigationLink('index.php' . URL::getCommon(), $showText, __('Home'), $showIcon, 'b_home.png');
// if we have chosen server
if ($GLOBALS['server'] != 0) {
// Logout for advanced authentication
if ($GLOBALS['cfg']['Server']['auth_type'] != 'config') {
$text = __('Log out');
} else {
$text = __('Empty session data');
}
$link = 'logout.php' . $GLOBALS['url_query'];
$retval .= PMA\libraries\Util::getNavigationLink($link, $showText, $text, $showIcon, 's_loggoff.png', '', true, '', array('logout'));
}
$retval .= PMA\libraries\Util::getNavigationLink(PMA\libraries\Util::getDocuLink('index'), $showText, __('phpMyAdmin documentation'), $showIcon, 'b_docs.png', '', false, 'documentation');
$retval .= PMA\libraries\Util::getNavigationLink(PMA\libraries\Util::getMySQLDocuURL('', ''), $showText, __('Documentation'), $showIcon, 'b_sqlhelp.png', '', false, 'mysql_doc');
$retval .= PMA\libraries\Util::getNavigationLink('#', $showText, __('Navigation panel settings'), $showIcon, 's_cog.png', 'pma_navigation_settings_icon', false, '', defined('PMA_DISABLE_NAVI_SETTINGS') ? array('hide') : array());
$retval .= PMA\libraries\Util::getNavigationLink('#', $showText, __('Reload navigation panel'), $showIcon, 's_reload.png', 'pma_navigation_reload');
$retval .= '</div>';
$retval .= '<!-- LINKS ENDS -->';
return $retval;
}
/**
* Prints link templates
*
* @return string
*/
private function _getHtmlForLinkTemplates()
{
$url = 'server_variables.php' . URL::getCommon();
return Template::get('server/variables/link_template')->render(array('url' => $url));
}
/**
* Returns link to (possibly) external site using defined redirector.
*
* @param string $url URL where to go.
*
* @return string URL for a link.
*/
function PMA_linkURL($url)
{
if (!preg_match('#^https?://#', $url)) {
return $url;
}
$params = array();
$params['url'] = $url;
$url = URL::getCommon($params);
//strip off token and such sensitive information. Just keep url.
$arr = parse_url($url);
parse_str($arr["query"], $vars);
$query = http_build_query(array("url" => $vars["url"]));
if (defined('PMA_SETUP')) {
$url = '../url.php?' . $query;
} else {
$url = './url.php?' . $query;
}
return $url;
}
/**
* Test for PMA_getHtmlForServerProcessItem
*
* @return void
*/
public function testPMAGetHtmlForServerProcessItem()
{
//parameters
$process = array("user" => "User1", "host" => "Host1", "id" => "Id1", "db" => "db1", "command" => "Command1", "info" => "Info1", "state" => "State1", "time" => "Time1");
$show_full_sql = true;
$_REQUEST['sort_order'] = "desc";
$_REQUEST['order_by_field'] = "process";
$GLOBALS['cfg']['MaxCharactersInDisplayedSQL'] = 12;
//Call the test function
$html = PMA_getHtmlForServerProcessItem($process, $show_full_sql);
//validate 1: $kill_process
$url_params = array('kill' => $process['id'], 'ajax_request' => true);
$kill_process = 'server_status_processes.php' . URL::getCommon($url_params);
$this->assertContains($kill_process, $html);
$this->assertContains('ajax kill_process', $html);
$this->assertContains(__('Kill'), $html);
//validate 2: $process['User']
$this->assertContains(htmlspecialchars($process['user']), $html);
//validate 3: $process['Host']
$this->assertContains(htmlspecialchars($process['host']), $html);
//validate 4: $process['db']
$this->assertContains(__('None'), $html);
//validate 5: $process['Command']
$this->assertContains(htmlspecialchars($process['command']), $html);
//validate 6: $process['Time']
$this->assertContains($process['time'], $html);
//validate 7: $process['state']
$this->assertContains($process['state'], $html);
//validate 8: $process['info']
$this->assertContains($process['info'], $html);
unset($process['info']);
$html = PMA_getHtmlForServerProcessItem($process, $show_full_sql);
$this->assertContains('---', $html);
}
$currentSearchId = $savedSearch->getId();
}
/**
* A query has been submitted -> (maybe) execute it
*/
$message_to_display = false;
if (isset($_REQUEST['submit_sql']) && !empty($sql_query)) {
if (!preg_match('@^SELECT@i', $sql_query)) {
$message_to_display = true;
} else {
$goto = 'db_sql.php';
PMA_executeQueryAndSendQueryResponse(null, false, $_REQUEST['db'], null, false, null, null, null, null, null, $goto, $pmaThemeImage, null, null, null, $sql_query, null, null);
}
}
$sub_part = '_qbe';
require 'libraries/db_common.inc.php';
$url_query .= '&goto=db_qbe.php';
$url_params['goto'] = 'db_qbe.php';
list($tables, $num_tables, $total_num_tables, $sub_part, $is_show_stats, $db_is_system_schema, $tooltip_truename, $tooltip_aliasname, $pos) = PMA\libraries\Util::getDbInfo($db, isset($sub_part) ? $sub_part : '');
if ($message_to_display) {
PMA\libraries\Message::error(__('You have to choose at least one column to display!'))->display();
}
unset($message_to_display);
// create new qbe search instance
$db_qbe = new PMA\libraries\DbQbe($GLOBALS['db'], $savedSearchList, $savedSearch);
$url = 'db_designer.php' . URL::getCommon(array_merge($url_params, array('query' => 1)));
$response->addHTML(PMA\libraries\Message::notice(sprintf(__('Switch to %svisual builder%s'), '<a href="' . $url . '">', '</a>')));
/**
* Displays the Query by example form
*/
$response->addHTML($db_qbe->getSelectionForm());
/**
* Returns HTML for control buttons displayed infront of a node
*
* @return String HTML for control buttons
*/
public function getHtmlForControlButtons()
{
$ret = '';
$cfgRelation = PMA_getRelationsParam();
if ($cfgRelation['navwork']) {
if ($this->hiddenCount > 0) {
$ret = '<span class="dbItemControls">' . '<a href="navigation.php' . URL::getCommon() . '&showUnhideDialog=true' . '&dbName=' . urldecode($this->real_name) . '"' . ' class="showUnhide ajax">' . Util::getImage('show.png', __('Show hidden items')) . '</a></span>';
}
}
return $ret;
}
/**
* Handles actions related to multiple tables
*
* @return void
*/
public function multiSubmitAction()
{
$action = 'db_structure.php';
$err_url = 'db_structure.php' . URL::getCommon(array('db' => $this->db));
// see bug #2794840; in this case, code path is:
// db_structure.php -> libraries/mult_submits.inc.php -> sql.php
// -> db_structure.php and if we got an error on the multi submit,
// we must display it here and not call again mult_submits.inc.php
if (!isset($_POST['error']) || false === $_POST['error']) {
include 'libraries/mult_submits.inc.php';
}
if (empty($_POST['message'])) {
$_POST['message'] = Message::success();
}
}
* This test may be bypassed if $is_js_confirmed = 1 (already checked with js)
* but since a malicious user may pass this variable by url/form, we don't take
* into account this case.
*/
if (PMA_hasNoRightsToDropDatabase($analyzed_sql_results, $cfg['AllowUserDropDatabase'], $is_superuser)) {
Util::mysqlDie(__('"DROP DATABASE" statements are disabled.'), '', false, $err_url);
}
// end if
/**
* Need to find the real end of rows?
*/
if (isset($find_real_end) && $find_real_end) {
$unlim_num_rows = PMA_findRealEndOfRows($db, $table);
}
/**
* Bookmark add
*/
if (isset($_POST['store_bkm'])) {
PMA_addBookmark($goto);
// script has exited at this point
}
// end if
/**
* Sets or modifies the $goto variable if required
*/
if ($goto == 'sql.php') {
$is_gotofile = false;
$goto = 'sql.php' . URL::getCommon(array('db' => $db, 'table' => $table, 'sql_query' => $sql_query));
}
// end if
PMA_executeQueryAndSendQueryResponse($analyzed_sql_results, $is_gotofile, $db, $table, isset($find_real_end) ? $find_real_end : null, isset($import_text) ? $import_text : null, isset($extra_data) ? $extra_data : null, isset($message_to_show) ? $message_to_show : null, isset($message) ? $message : null, isset($sql_data) ? $sql_data : null, $goto, $pmaThemeImage, isset($disp_query) ? $display_query : null, isset($disp_message) ? $disp_message : null, isset($query_type) ? $query_type : null, $sql_query, isset($selected) ? $selected : null, isset($complete_query) ? $complete_query : null);
$o_rows = 0;
$biggest_max_file_size = 0;
$url_params['db'] = $db;
$url_params['table'] = $table;
$url_params = PMA_urlParamsInEditMode($url_params, $where_clause_array, $where_clause);
$has_blob_field = false;
foreach ($table_columns as $column) {
if (PMA_isColumn($column, array('blob', 'tinyblob', 'mediumblob', 'longblob'))) {
$has_blob_field = true;
break;
}
}
//Insert/Edit form
//If table has blob fields we have to disable ajax.
$html_output .= PMA_getHtmlForInsertEditFormHeader($has_blob_field, $is_upload);
$html_output .= URL::getHiddenInputs($_form_params);
$titles['Browse'] = Util::getIcon('b_browse.png', __('Browse foreign values'));
// user can toggle the display of Function column and column types
// (currently does not work for multi-edits)
if (!$cfg['ShowFunctionFields'] || !$cfg['ShowFieldTypesInDataEditView']) {
$html_output .= __('Show');
}
if (!$cfg['ShowFunctionFields']) {
$html_output .= PMA_showTypeOrFunction('function', $url_params, false);
}
if (!$cfg['ShowFieldTypesInDataEditView']) {
$html_output .= PMA_showTypeOrFunction('type', $url_params, false);
}
$GLOBALS['plugin_scripts'] = array();
foreach ($rows as $row_id => $current_row) {
if (empty($current_row)) {
/**
* returns html code for db link to default db page
*
* @param string $database database
*
* @return string html link to default db page
*/
public static function getDbLink($database = null)
{
if (strlen($database) === 0) {
if (strlen($GLOBALS['db']) === 0) {
return '';
}
$database = $GLOBALS['db'];
} else {
$database = self::unescapeMysqlWildcards($database);
}
return '<a href="'
. Util::getScriptNameForOption(
$GLOBALS['cfg']['DefaultTabDatabase'], 'database'
)
. URL::getCommon(array('db' => $database)) . '" title="'
. htmlspecialchars(
sprintf(
__('Jump to database "%s".'),
$database
)
)
. '">' . htmlspecialchars($database) . '</a>';
}
/**
* Prints Every Item of Server Process
*
* @param array $process data of Every Item of Server Process
* @param bool $show_full_sql show full sql or not
*
* @return string
*/
function PMA_getHtmlForServerProcessItem($process, $show_full_sql)
{
// Array keys need to modify due to the way it has used
// to display column values
if (!empty($_REQUEST['order_by_field']) && !empty($_REQUEST['sort_order']) || !empty($_REQUEST['showExecuting'])) {
foreach (array_keys($process) as $key) {
$new_key = ucfirst(mb_strtolower($key));
if ($new_key !== $key) {
$process[$new_key] = $process[$key];
unset($process[$key]);
}
}
}
$url_params = array('kill' => $process['Id'], 'ajax_request' => true);
$kill_process = 'server_status_processes.php' . URL::getCommon($url_params);
$retval = '<tr>';
$retval .= '<td><a class="ajax kill_process" href="' . $kill_process . '">' . __('Kill') . '</a></td>';
$retval .= '<td class="value">' . $process['Id'] . '</td>';
$retval .= '<td>' . htmlspecialchars($process['User']) . '</td>';
$retval .= '<td>' . htmlspecialchars($process['Host']) . '</td>';
$retval .= '<td>' . (!isset($process['db']) || strlen($process['db']) === 0 ? '<i>' . __('None') . '</i>' : htmlspecialchars($process['db'])) . '</td>';
$retval .= '<td>' . htmlspecialchars($process['Command']) . '</td>';
$retval .= '<td class="value">' . $process['Time'] . '</td>';
$processStatusStr = empty($process['State']) ? '---' : $process['State'];
$retval .= '<td>' . $processStatusStr . '</td>';
$processProgress = empty($process['Progress']) ? '---' : $process['Progress'];
$retval .= '<td>' . $processProgress . '</td>';
$retval .= '<td>';
if (empty($process['Info'])) {
$retval .= '---';
} else {
$retval .= Util::formatSql($process['Info'], !$show_full_sql);
}
$retval .= '</td>';
$retval .= '</tr>';
return $retval;
}
/**
* Prints Html For Export Hidden Input
*
* @param String $export_type Selected Export Type
* @param String $db Selected DB
* @param String $table Selected Table
* @param String $single_table Single Table
* @param String $sql_query Sql Query
*
* @return string
*/
function PMA_getHtmlForHiddenInput($export_type, $db, $table, $single_table, $sql_query)
{
global $cfg;
$html = "";
if ($export_type == 'server') {
$html .= URL::getHiddenInputs('', '', 1);
} elseif ($export_type == 'database') {
$html .= URL::getHiddenInputs($db, '', 1);
} else {
$html .= URL::getHiddenInputs($db, $table, 1);
}
// just to keep this value for possible next display of this form after saving
// on server
if (!empty($single_table)) {
$html .= '<input type="hidden" name="single_table" value="TRUE" />' . "\n";
}
$html .= '<input type="hidden" name="export_type" value="' . $export_type . '" />';
$html .= "\n";
// If the export method was not set, the default is quick
if (isset($_GET['export_method'])) {
$cfg['Export']['method'] = $_GET['export_method'];
} elseif (!isset($cfg['Export']['method'])) {
$cfg['Export']['method'] = 'quick';
}
// The export method (quick, custom or custom-no-form)
$html .= '<input type="hidden" name="export_method" value="' . htmlspecialchars($cfg['Export']['method']) . '" />';
if (!empty($sql_query)) {
$html .= '<input type="hidden" name="sql_query" value="' . htmlspecialchars($sql_query) . '" />' . "\n";
} elseif (isset($_GET['sql_query'])) {
$html .= '<input type="hidden" name="sql_query" value="' . htmlspecialchars($_GET['sql_query']) . '" />' . "\n";
}
$html .= '<input type="hidden" name="template_id"' . ' value="' . (isset($_GET['template_id']) ? htmlspecialchars($_GET['template_id']) : '') . '" />';
return $html;
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* @return boolean always true (no return indeed)
*/
public function authFails()
{
$conn_error = $GLOBALS['dbi']->getError();
if (!$conn_error) {
$conn_error = __('Cannot connect: invalid settings.');
}
/* HTML header */
$response = PMA\libraries\Response::getInstance();
$response->getFooter()->setMinimal();
$header = $response->getHeader();
$header->setBodyId('loginform');
$header->setTitle(__('Access denied!'));
$header->disableMenuAndConsole();
echo '<br /><br />
<center>
<h1>';
echo sprintf(__('Welcome to %s'), ' phpMyAdmin ');
echo '</h1>
</center>
<br />
<table cellpadding="0" cellspacing="3" style="margin: 0 auto" width="80%">
<tr>
<td>';
if (isset($GLOBALS['allowDeny_forbidden']) && $GLOBALS['allowDeny_forbidden']) {
trigger_error(__('Access denied!'), E_USER_NOTICE);
} else {
// Check whether user has configured something
if ($GLOBALS['PMA_Config']->source_mtime == 0) {
echo '<p>', sprintf(__('You probably did not create a configuration file.' . ' You might want to use the %1$ssetup script%2$s to' . ' create one.'), '<a href="setup/">', '</a>'), '</p>', "\n";
} elseif (!isset($GLOBALS['errno']) || isset($GLOBALS['errno']) && $GLOBALS['errno'] != 2002 && $GLOBALS['errno'] != 2003) {
// if we display the "Server not responding" error, do not confuse
// users by telling them they have a settings problem
// (note: it's true that they could have a badly typed host name,
// but anyway the current message tells that the server
// rejected the connection, which is not really what happened)
// 2002 is the error given by mysqli
// 2003 is the error given by mysql
trigger_error(__('phpMyAdmin tried to connect to the MySQL server, and the' . ' server rejected the connection. You should check the' . ' host, username and password in your configuration and' . ' make sure that they correspond to the information given' . ' by the administrator of the MySQL server.'), E_USER_WARNING);
}
echo PMA\libraries\Util::mysqlDie($conn_error, '', true, '', false);
}
$GLOBALS['error_handler']->dispUserErrors();
echo '</td>
</tr>
<tr>
<td>', "\n";
echo '<a href="', PMA\libraries\Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabServer'], 'server'), URL::getCommon(), '" class="button disableAjax">', __('Retry to connect'), '</a>', "\n";
echo '</td>
</tr>', "\n";
if (count($GLOBALS['cfg']['Servers']) > 1) {
// offer a chance to login to other servers if the current one failed
include_once './libraries/select_server.lib.php';
echo '<tr>', "\n";
echo ' <td>', "\n";
echo PMA_selectServer(true, true);
echo ' </td>', "\n";
echo '</tr>', "\n";
}
echo '</table>', "\n";
if (!defined('TESTSUITE')) {
exit;
}
return true;
}
}
exit;
}
}
// end if (ensures db exists)
/**
* Changes database charset if requested by the user
*/
if (isset($_REQUEST['submitcollation']) && isset($_REQUEST['db_collation']) && !empty($_REQUEST['db_collation'])) {
list($db_charset) = explode('_', $_REQUEST['db_collation']);
$sql_query = 'ALTER DATABASE ' . PMA\libraries\Util::backquote($db) . ' DEFAULT' . Util::getCharsetQueryPart($_REQUEST['db_collation']);
$result = $GLOBALS['dbi']->query($sql_query);
$message = Message::success();
unset($db_charset);
/**
* If we are in an Ajax request, let us stop the execution here. Necessary for
* db charset change action on db_operations.php. If this causes a bug on
* other pages, we might have to move this to a different location.
*/
if ($GLOBALS['is_ajax_request'] == true) {
$response = PMA\libraries\Response::getInstance();
$response->setRequestStatus($message->isSuccess());
$response->addJSON('message', $message);
exit;
}
}
/**
* Set parameters for links
*/
$url_query = URL::getCommon(array('db' => $db));
