/** * Sanitizes the file name. * * @param string $file_name file name * @param string $ext extension of the file * * @return the sanitized file name */ private function _sanitizeName($file_name, $ext) { $file_name = PMA_sanitize_filename($file_name); // Check if the user already added extension; // get the substring where the extension would be if it was included $extension_start_pos = strlen($file_name) - strlen($ext) - 1; $user_extension = substr($file_name, $extension_start_pos, strlen($file_name)); $required_extension = "." . $ext; if (strtolower($user_extension) != $required_extension) { $file_name .= $required_extension; } return $file_name; }
/** * output Svg Document * * svg document prompted to the user for download * Svg document saved in .svg extension and can be * easily changeable by using any svg IDE * * @return void * @access public * @see XMLWriter::startElement(),XMLWriter::writeAttribute() */ function showOutput($fileName) { //ob_get_clean(); $fileName = PMA_sanitize_filename($fileName); header('Content-type: image/svg+xml'); header('Content-Disposition: attachment; filename="' . $fileName . '.svg"'); $output = $this->flush(); print $output; }
$ids[$key] = $row['id']; $timestamps[$key] = $row['timestamp']; $usernames[$key] = $row['username']; $statements[$key] = $row['statement']; } array_multisort($timestamps, SORT_ASC, $ids, SORT_ASC, $usernames, SORT_ASC, $statements, SORT_ASC, $entries); } // Export as file download if (isset($_REQUEST['report_export']) && $_REQUEST['export_type'] == 'sqldumpfile') { @ini_set('url_rewriter.tags', ''); $dump = "# " . sprintf(__('Tracking report for table `%s`'), htmlspecialchars($_REQUEST['table'])) . "\n" . "# " . date('Y-m-d H:i:s') . "\n"; foreach ($entries as $entry) { $dump .= $entry['statement']; } //$filename = 'log_' . str_replace(';', '', htmlspecialchars($_REQUEST['table'])) . '.sql'; $filename = PMA_sanitize_filename('log_' . $_REQUEST['table'] . '.sql'); header('Content-Type: text/x-sql'); header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Content-Disposition: attachment; filename="' . $filename . '"'); if (PMA_USR_BROWSER_AGENT == 'IE') { header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); } else { header('Pragma: no-cache'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); } echo $dump; exit; } /** * Gets tables informations
include 'tbl_export.php'; } exit; } } /** * Send headers depending on whether the user chose to download a dump file * or not */ if (!$save_on_server) { if ($asfile) { // Download // (avoid rewriting data containing HTML with anchors and forms; // this was reported to happen under Plesk) @ini_set('url_rewriter.tags', ''); $filename = PMA_sanitize_filename($filename); PMA_download_header($filename, $mime_type); } else { // HTML if ($export_type == 'database') { $num_tables = count($tables); if ($num_tables == 0) { $message = PMA_Message::error(__('No tables found in database.')); include_once 'libraries/header.inc.php'; $active_page = 'db_export.php'; include 'db_export.php'; exit; } } $backup_cfgServer = $cfg['Server']; include_once 'libraries/header.inc.php';
if (!PMA_DBI_select_db($db)) { PMA_mysqlDie(sprintf(__('\'%s\' database does not exist.'), htmlspecialchars($db)), '', ''); } /* Check if table exists */ if (!PMA_DBI_get_columns($db, $table)) { PMA_mysqlDie(__('Invalid table name')); } /* Grab data */ $sql = 'SELECT ' . PMA_backquote($transform_key) . ' FROM ' . PMA_backquote($table) . ' WHERE ' . $where_clause . ';'; $result = PMA_DBI_fetch_value($sql); /* Check return code */ if ($result === false) { PMA_mysqlDie(__('MySQL returned an empty result set (i.e. zero rows).'), $sql); } /* Avoid corrupting data */ @ini_set('url_rewriter.tags', ''); header('Content-Type: ' . PMA_detectMIME($result)); header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT'); $filename = PMA_sanitize_filename($table . '-' . $transform_key . '.bin'); header('Content-Disposition: attachment; filename="' . $filename . '"'); if (PMA_USR_BROWSER_AGENT == 'IE') { header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); } else { header('Pragma: no-cache'); // test case: exporting a database into a .gz file with Safari // would produce files not having the current time // (added this header for Safari but should not harm other browsers) header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); } echo $result;
/** * Ouputs the PDF document to a file * or sends the output to browser * * @global object The current PDF document * @global string The current database name * @global integer The current page number (from the * $cfg['Servers'][$i]['table_coords'] table) * @access private * @see PMA_PDF */ private function _showOutput($pageNumber) { global $pdf, $db, $cfgRelation; $pdf->SetFontSize(14); $pdf->SetLineWidth(0.2); $pdf->SetDisplayMode('fullpage'); // Get the name of this pdfpage to use as filename (Mike Beck) $_name_sql = 'SELECT page_descr FROM ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($cfgRelation['pdf_pages']) . ' WHERE page_nr = ' . $pageNumber; $_name_rs = PMA_query_as_controluser($_name_sql); if ($_name_rs) { $_name_row = PMA_DBI_fetch_row($_name_rs); $filename = $_name_row[0] . '.pdf'; } if (empty($filename)) { $filename = $pageNumber . '.pdf'; } $fileName = PMA_sanitize_filename($fileName); // instead of $pdf->Output(): $pdfData = $pdf->getPDFData(); header('Content-Type: application/pdf'); header('Content-Length: ' . strlen($pdfData) . ''); header('Content-disposition: attachment; filename="' . $filename . '"'); echo $pdfData; }
} } } // For re-usability, moved http-headers and stylesheets // to a seperate file. It can now be included by libraries/header.inc.php, // querywindow.php. require_once './libraries/header_http.inc.php'; // [MIME] if (isset($ct) && !empty($ct)) { $content_type = 'Content-Type: ' . $ct; } else { $content_type = 'Content-Type: ' . (isset($mime_map[$transform_key]['mimetype']) ? str_replace('_', '/', $mime_map[$transform_key]['mimetype']) : $default_ct) . (isset($mime_options['charset']) ? $mime_options['charset'] : ''); } header($content_type); if (isset($cn) && !empty($cn)) { header('Content-Disposition: attachment; filename=' . PMA_sanitize_filename($cn)); } if (!isset($resize)) { echo $row[$transform_key]; } else { // if image_*__inline.inc.php finds that we can resize, // it sets $resize to jpeg or png $srcImage = imagecreatefromstring($row[$transform_key]); $srcWidth = ImageSX($srcImage); $srcHeight = ImageSY($srcImage); // Check to see if the width > height or if width < height // if so adjust accordingly to make sure the image // stays smaller then the $newWidth and $newHeight $ratioWidth = $srcWidth / $newWidth; $ratioHeight = $srcHeight / $newHeight; if ($ratioWidth < $ratioHeight) {
/** * Output Visio XML .VDX Document for download * * @param string fileName name of the Visio XML document * @return void * @access public * @see XMLWriter::flush() */ function showOutput($fileName) { //if(ob_get_clean()){ //ob_end_clean(); //} $fileName = PMA_sanitize_filename($fileName); header('Content-type: application/visio'); header('Content-Disposition: attachment; filename="' . $fileName . '.vdx"'); $output = $this->flush(); print $output; }
/** * Output Dia Document for download * * @param string fileName name of the dia document * @return void * @access public * @see XMLWriter::flush() */ function showOutput($fileName) { if (ob_get_clean()) { ob_end_clean(); } $fileName = PMA_sanitize_filename($fileName); header('Content-type: application/x-dia-diagram'); header('Content-Disposition: attachment; filename="' . $fileName . '.dia"'); $output = $this->flush(); print $output; }
/** * Output EPS Document for download * * @param string fileName name of the eps document * @return void * @access public */ function showOutput($fileName) { // if(ob_get_clean()){ //ob_end_clean(); //} $fileName = PMA_sanitize_filename($fileName); header('Content-type: image/x-eps'); header('Content-Disposition: attachment; filename="' . $fileName . '.eps"'); $output = $this->stringCommands; print $output; }