예제 #1
// $sql_query come from the query textarea, if it's a reposted query gets its
// 'true' value
if (!empty($prev_sql_query)) {
    $prev_sql_query = urldecode($prev_sql_query);
    if ($sql_query == trim(htmlspecialchars($prev_sql_query))) {
        $sql_query = $prev_sql_query;
// Drop database is not allowed -> ensure the query can be run
if (!$cfg['AllowUserDropDatabase'] && preg_match('@DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE @i', $sql_query)) {
    // Checks if the user is a Superuser
    // TODO: set a global variable with this information
    // loic1: optimized query
    $result = @PMA_mysql_query('USE mysql');
    if (PMA_mysql_error()) {
        require_once './header.inc.php';
        PMA_mysqlDie($strNoDropDatabases, '', '', $err_url);
define('PMA_CHK_DROP', 1);
 * Store a query as a bookmark before executing it?
if (isset($SQLbookmark) && $sql_query != '') {
    require_once './libraries/bookmark.lib.php';
    $bfields = array('dbase' => $db, 'user' => $cfg['Bookmark']['user'], 'query' => urlencode($sql_query), 'label' => $bkm_label);
    PMA_addBookmarks($bfields, $cfg['Bookmark'], isset($bkm_all_users) && $bkm_all_users == 'true' ? true : false);
 * Executes the query
예제 #2
 * Displays the sub-page heading
echo '<h2>' . "\n" . '    ' . $strServerStatus . "\n" . '</h2>' . "\n";
 * Checks if the user is allowed to do what he tries to...
if (!$is_superuser && !$cfg['ShowMysqlInfo']) {
    echo $strNoPrivileges;
    require_once './footer.inc.php';
 * Sends the query and buffers the result
$res = @PMA_mysql_query('SHOW STATUS;', $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), 'SHOW STATUS;');
while ($row = PMA_mysql_fetch_row($res)) {
    $serverStatus[$row[0]] = $row[1];
 * Displays the page
//Uptime calculation
$res = @PMA_mysql_query('SELECT UNIX_TIMESTAMP() - ' . $serverStatus['Uptime'] . ';');
$row = PMA_mysql_fetch_row($res);
echo sprintf($strServerStatusUptime, PMA_timespanFormat($serverStatus['Uptime']), PMA_localisedDate($row[0])) . "\n";
예제 #3
 * Sends the queries and buffers the results
if (PMA_MYSQL_INT_VERSION >= 40003) {
    $res = @PMA_mysql_query('SHOW SESSION VARIABLES;', $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), 'SHOW SESSION VARIABLES;');
    while ($row = PMA_mysql_fetch_row($res)) {
        $serverVars[$row[0]] = $row[1];
    $res = @PMA_mysql_query('SHOW GLOBAL VARIABLES;', $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), 'SHOW GLOBAL VARIABLES;');
    while ($row = PMA_mysql_fetch_row($res)) {
        $serverVarsGlobal[$row[0]] = $row[1];
} else {
    $res = @PMA_mysql_query('SHOW VARIABLES;', $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), 'SHOW VARIABLES;');
    while ($row = PMA_mysql_fetch_row($res)) {
        $serverVars[$row[0]] = $row[1];
 * Displays the page
<table border="0">
echo $strVar;
예제 #4
 function PMA_getDbCollation($db)
     global $userlink;
     if (PMA_MYSQL_INT_VERSION >= 40101) {
         // MySQL 4.1.0 does not support seperate charset settings
         // for databases.
         $sql_query = 'SHOW CREATE DATABASE ' . PMA_backquote($db) . ';';
         $res = PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query);
         $row = PMA_mysql_fetch_row($res);
         $tokenized = explode(' ', $row[1]);
         unset($row, $res, $sql_query);
         for ($i = 1; $i + 3 < count($tokenized); $i++) {
             if ($tokenized[$i] == 'DEFAULT' && $tokenized[$i + 1] == 'CHARACTER' && $tokenized[$i + 2] == 'SET') {
                 // We've found the character set!
                 if (isset($tokenized[$i + 5]) && $tokenized[$i + 4] == 'COLLATE') {
                     return $tokenized[$i + 5];
                     // We found the collation!
                 } else {
                     // We did not find the collation, so let's return the
                     // default collation for the charset we've found.
                     return $GLOBALS['mysql_default_collations'][$tokenized[$i + 3]];
     return '';
예제 #5
 * User is not allowed to login to MySQL -> authentication failed
 * @return  boolean   always true (no return indeed)
 * @access  public
function PMA_auth_fails()
    global $conn_error;
    // Deletes password cookie and displays the login form
    setcookie('pma_cookie_password', base64_encode(''), 0, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']);
    if (PMA_mysql_error()) {
        $conn_error = PMA_mysql_error();
    } else {
        if (isset($php_errormsg)) {
            $conn_error = $php_errormsg;
        } else {
            $conn_error = $GLOBALS['strCannotLogin'];
    return TRUE;
예제 #6
 * Displays the privileges form table
 * @param   string     the database
 * @param   string     the table
 * @param   boolean    wheather to display the submit button or not
 * @param   int        the indenting level of the code
 * @global  array      the phpMyAdmin configuration
 * @global  ressource  the database connection
 * @return  void
function PMA_displayPrivTable($db = '*', $table = '*', $submit = TRUE, $indent = 0)
    global $cfg, $userlink;
    if ($db == '*') {
        $table = '*';
    $spaces = '';
    for ($i = 0; $i < $indent; $i++) {
        $spaces .= '    ';
    if (isset($GLOBALS['username'])) {
        $username = $GLOBALS['username'];
        $hostname = $GLOBALS['hostname'];
        if ($db == '*') {
            $sql_query = 'SELECT * FROM `user` WHERE `User` = "' . PMA_sqlAddslashes($username) . '" AND `Host` = "' . $hostname . '";';
        } else {
            if ($table == '*') {
                $sql_query = 'SELECT * FROM `db` WHERE `User` = "' . PMA_sqlAddslashes($username) . '" AND `Host` = "' . $hostname . '" AND `Db` = "' . $db . '";';
            } else {
                $sql_query = 'SELECT `Table_priv` FROM `tables_priv` WHERE `User` = "' . PMA_sqlAddslashes($username) . '" AND `Host` = "' . $hostname . '" AND `Db` = "' . $db . '" AND `Table_name` = "' . $table . '";';
        $res = PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query);
        if ($res) {
            $row = PMA_mysql_fetch_array($res, MYSQL_ASSOC);
    if (empty($row)) {
        if ($table == '*') {
            if ($db == '*') {
                $sql_query = 'SHOW COLUMNS FROM `mysql`.`user`;';
            } else {
                if ($table == '*') {
                    $sql_query = 'SHOW COLUMNS FROM `mysql`.`db`;';
            $res = PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query);
            while ($row1 = PMA_mysql_fetch_row($res)) {
                if (substr($row1[0], 0, 4) == 'max_') {
                    $row[$row1[0]] = 0;
                } else {
                    $row[$row1[0]] = 'N';
        } else {
            $row = array('Table_priv' => '');
    if (isset($row['Table_priv'])) {
        $sql_query = 'SHOW COLUMNS FROM `tables_priv` LIKE "Table_priv";';
        $res = PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query);
        $row1 = PMA_mysql_fetch_array($res, MYSQL_ASSOC);
        $av_grants = explode('\',\'', substr($row1['Type'], strpos($row1['Type'], '(') + 2, strpos($row1['Type'], ')') - strpos($row1['Type'], '(') - 3));
        $users_grants = explode(',', $row['Table_priv']);
        foreach ($av_grants as $current_grant) {
            $row[$current_grant . '_priv'] = in_array($current_grant, $users_grants) ? 'Y' : 'N';
        if ($res = PMA_mysql_query('SHOW COLUMNS FROM `' . $db . '`.`' . $table . '`;', $userlink)) {
            $columns = array();
            while ($row1 = PMA_mysql_fetch_row($res)) {
                $columns[$row1[0]] = array('Select' => FALSE, 'Insert' => FALSE, 'Update' => FALSE, 'References' => FALSE);
    if (!empty($columns)) {
        $sql_query = 'SELECT `Column_name`, `Column_priv` FROM `columns_priv` WHERE `User` = "' . PMA_sqlAddslashes($username) . '" AND `Host` = "' . $hostname . '" AND `Db` = "' . $db . '" AND `Table_name` = "' . $table . '";';
        $res = PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query);
        while ($row1 = PMA_mysql_fetch_row($res)) {
            $row1[1] = explode(',', $row1[1]);
            foreach ($row1[1] as $current) {
                $columns[$row1[0]][$current] = TRUE;
        echo $spaces . '<input type="hidden" name="grant_count" value="' . count($row) . '" />' . "\n" . $spaces . '<input type="hidden" name="column_count" value="' . count($columns) . '" />' . "\n" . $spaces . '<table border="0">' . "\n" . $spaces . '    <tr>' . "\n" . $spaces . '        <th colspan="6">&nbsp;' . $GLOBALS['strTblPrivileges'] . '&nbsp;</th>' . "\n" . $spaces . '    </tr>' . "\n" . $spaces . '    <tr>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" colspan="6"><small><i>' . $GLOBALS['strEnglishPrivileges'] . '</i></small></td>' . "\n" . $spaces . '    </tr>' . "\n" . $spaces . '    <tr>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '">&nbsp;<tt><dfn title="' . $GLOBALS['strPrivDescSelect'] . '">SELECT</dfn></tt>&nbsp;</td>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '">&nbsp;<tt><dfn title="' . $GLOBALS['strPrivDescInsert'] . '">INSERT</dfn></tt>&nbsp;</td>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '">&nbsp;<tt><dfn title="' . $GLOBALS['strPrivDescUpdate'] . '">UPDATE</dfn></tt>&nbsp;</td>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '">&nbsp;<tt><dfn title="' . $GLOBALS['strPrivDescReferences'] . '">REFERENCES</dfn></tt>&nbsp;</td>' . "\n";
        list($current_grant, $current_grant_value) = each($row);
        while (in_array(substr($current_grant, 0, strlen($current_grant) - 5), array('Select', 'Insert', 'Update', 'References'))) {
            list($current_grant, $current_grant_value) = each($row);
        echo $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="checkbox" name="' . $current_grant . '" id="checkbox_' . $current_grant . '" value="Y" ' . ($current_grant_value == 'Y' ? 'checked="checked" ' : '') . 'title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5) . 'Tbl']) . '"/></td>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="checkbox_' . $current_grant . '"><tt><dfn title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5) . 'Tbl']) . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label></td>' . "\n" . $spaces . '    </tr>' . "\n" . $spaces . '    <tr>' . "\n";
        $rowspan = count($row) - 5;
        echo $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" rowspan="' . $rowspan . '" valign="top">' . "\n" . $spaces . '            <select name="Select_priv[]" multiple="multiple">' . "\n";
        foreach ($columns as $current_column => $current_column_privileges) {
            echo $spaces . '                <option value="' . htmlspecialchars($current_column) . '"';
            if ($row['Select_priv'] == 'Y' || $current_column_privileges['Select']) {
                echo ' selected="selected"';
            echo '>' . htmlspecialchars($current_column) . '</option>' . "\n";
        echo $spaces . '            </select><br />' . "\n" . $spaces . '            <i>' . $GLOBALS['strOr'] . '</i><br />' . "\n" . $spaces . '            <input type="checkbox" name="Select_priv_none" id="checkbox_Select_priv_none" title="' . $GLOBALS['strNone'] . '" />' . "\n" . $spaces . '            <label for="checkbox_Select_priv_none">' . $GLOBALS['strNone'] . '</label>' . "\n" . $spaces . '        </td>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" rowspan="' . $rowspan . '" valign="top">' . "\n" . $spaces . '            <select name="Insert_priv[]" multiple="multiple">' . "\n";
        foreach ($columns as $current_column => $current_column_privileges) {
            echo $spaces . '                <option value="' . htmlspecialchars($current_column) . '"';
            if ($row['Insert_priv'] == 'Y' || $current_column_privileges['Insert']) {
                echo ' selected="selected"';
            echo '>' . htmlspecialchars($current_column) . '</option>' . "\n";
        echo $spaces . '            </select><br />' . "\n" . $spaces . '            <i>' . $GLOBALS['strOr'] . '</i><br />' . "\n" . $spaces . '            <input type="checkbox" name="Insert_priv_none" id="checkbox_Insert_priv_none" title="' . $GLOBALS['strNone'] . '" />' . "\n" . $spaces . '            <label for="checkbox_Insert_priv_none">' . $GLOBALS['strNone'] . '</label>' . "\n" . $spaces . '        </td>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" rowspan="' . $rowspan . '" valign="top">' . "\n" . $spaces . '            <select name="Update_priv[]" multiple="multiple">' . "\n";
        foreach ($columns as $current_column => $current_column_privileges) {
            echo $spaces . '                <option value="' . htmlspecialchars($current_column) . '"';
            if ($row['Update_priv'] == 'Y' || $current_column_privileges['Update']) {
                echo ' selected="selected"';
            echo '>' . htmlspecialchars($current_column) . '</option>' . "\n";
        echo $spaces . '            </select><br />' . "\n" . $spaces . '            <i>' . $GLOBALS['strOr'] . '</i><br />' . "\n" . $spaces . '            <input type="checkbox" name="Update_priv_none" id="checkbox_Update_priv_none" title="' . $GLOBALS['strNone'] . '" />' . "\n" . $spaces . '            <label for="checkbox_Update_priv_none">' . $GLOBALS['strNone'] . '</label>' . "\n" . $spaces . '        </td>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" rowspan="' . $rowspan . '" valign="top">' . "\n" . $spaces . '            <select name="References_priv[]" multiple="multiple">' . "\n";
        foreach ($columns as $current_column => $current_column_privileges) {
            echo $spaces . '                <option value="' . htmlspecialchars($current_column) . '"';
            if ($row['References_priv'] == 'Y' || $current_column_privileges['References']) {
                echo ' selected="selected"';
            echo '>' . htmlspecialchars($current_column) . '</option>' . "\n";
        echo $spaces . '            </select><br />' . "\n" . $spaces . '            <i>' . $GLOBALS['strOr'] . '</i><br />' . "\n" . $spaces . '            <input type="checkbox" name="References_priv_none" id="checkbox_References_priv_none" title="' . $GLOBALS['strNone'] . '" />' . "\n" . $spaces . '            <label for="checkbox_References_priv_none">' . $GLOBALS['strNone'] . '</label>' . "\n" . $spaces . '        </td>' . "\n";
        list($current_grant, $current_grant_value) = each($row);
        while (in_array(substr($current_grant, 0, strlen($current_grant) - 5), array('Select', 'Insert', 'Update', 'References'))) {
            list($current_grant, $current_grant_value) = each($row);
        echo $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="checkbox" name="' . $current_grant . '" id="checkbox_' . $current_grant . '" value="Y" ' . ($current_grant_value == 'Y' ? 'checked="checked" ' : '') . 'title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5) . 'Tbl']) . '"/></td>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="checkbox_' . $current_grant . '"><tt><dfn title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5) . 'Tbl']) . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label></td>' . "\n" . $spaces . '    </tr>' . "\n";
        while (list($current_grant, $current_grant_value) = each($row)) {
            if (in_array(substr($current_grant, 0, strlen($current_grant) - 5), array('Select', 'Insert', 'Update', 'References'))) {
            echo $spaces . '    <tr>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="checkbox" name="' . $current_grant . '" id="checkbox_' . $current_grant . '" value="Y" ' . ($current_grant_value == 'Y' ? 'checked="checked" ' : '') . 'title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5) . 'Tbl']) . '"/></td>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="checkbox_' . $current_grant . '"><tt><dfn title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, strlen($current_grant) - 5) . 'Tbl']) . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label></td>' . "\n" . $spaces . '    </tr>' . "\n";
    } else {
        $privTable[0] = array(array('Select', 'SELECT', $GLOBALS['strPrivDescSelect']), array('Insert', 'INSERT', $GLOBALS['strPrivDescInsert']), array('Update', 'UPDATE', $GLOBALS['strPrivDescUpdate']), array('Delete', 'DELETE', $GLOBALS['strPrivDescDelete']));
        if ($db == '*') {
            $privTable[0][] = array('File', 'FILE', $GLOBALS['strPrivDescFile']);
        $privTable[1] = array(array('Create', 'CREATE', $table == '*' ? $GLOBALS['strPrivDescCreateDb'] : $GLOBALS['strPrivDescCreateTbl']), array('Alter', 'ALTER', $GLOBALS['strPrivDescAlter']), array('Index', 'INDEX', $GLOBALS['strPrivDescIndex']), array('Drop', 'DROP', $table == '*' ? $GLOBALS['strPrivDescDropDb'] : $GLOBALS['strPrivDescDropTbl']));
        if (isset($row['Create_tmp_table_priv'])) {
            $privTable[1][] = array('Create_tmp_table', 'CREATE&nbsp;TEMPORARY&nbsp;TABLES', $GLOBALS['strPrivDescCreateTmpTable']);
        $privTable[2] = array();
        if (isset($row['Grant_priv'])) {
            $privTable[2][] = array('Grant', 'GRANT', $GLOBALS['strPrivDescGrant']);
        if ($db == '*') {
            if (isset($row['Super_priv'])) {
                $privTable[2][] = array('Super', 'SUPER', $GLOBALS['strPrivDescSuper']);
                $privTable[2][] = array('Process', 'PROCESS', $GLOBALS['strPrivDescProcess4']);
            } else {
                $privTable[2][] = array('Process', 'PROCESS', $GLOBALS['strPrivDescProcess3']);
            $privTable[2][] = array('Reload', 'RELOAD', $GLOBALS['strPrivDescReload']);
            $privTable[2][] = array('Shutdown', 'SHUTDOWN', $GLOBALS['strPrivDescShutdown']);
            if (isset($row['Show_db_priv'])) {
                $privTable[2][] = array('Show_db', 'SHOW&nbsp;DATABASES', $GLOBALS['strPrivDescShowDb']);
        if (isset($row['Lock_tables_priv'])) {
            $privTable[2][] = array('Lock_tables', 'LOCK&nbsp;TABLES', $GLOBALS['strPrivDescLockTables']);
        $privTable[2][] = array('References', 'REFERENCES', $GLOBALS['strPrivDescReferences']);
        if ($db == '*') {
            if (isset($row['Execute_priv'])) {
                $privTable[2][] = array('Execute', 'EXECUTE', $GLOBALS['strPrivDescExecute']);
            if (isset($row['Repl_client_priv'])) {
                $privTable[2][] = array('Repl_client', 'REPLICATION&nbsp;CLIENT', $GLOBALS['strPrivDescReplClient']);
            if (isset($row['Repl_slave_priv'])) {
                $privTable[2][] = array('Repl_slave', 'REPLICATION&nbsp;SLAVE', $GLOBALS['strPrivDescReplSlave']);
        echo $spaces . '<input type="hidden" name="grant_count" value="' . (count($privTable[0]) + count($privTable[1]) + count($privTable[2]) - (isset($row['Grant_priv']) ? 1 : 0)) . '" />' . "\n" . $spaces . '<table border="0">' . "\n" . $spaces . '    <tr>' . "\n" . $spaces . '        <th colspan="6">&nbsp;' . ($db == '*' ? $GLOBALS['strGlobalPrivileges'] : ($table == '*' ? $GLOBALS['strDbPrivileges'] : $GLOBALS['strTblPrivileges'])) . '&nbsp;</th>' . "\n" . $spaces . '    </tr>' . "\n" . $spaces . '    <tr>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" colspan="6"><small><i>' . $GLOBALS['strEnglishPrivileges'] . '</i></small></td>' . "\n" . $spaces . '    </tr>' . "\n" . $spaces . '    <tr>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="2">&nbsp;<b><i>' . $GLOBALS['strData'] . '</i></b>&nbsp;</td>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="2">&nbsp;<b><i>' . $GLOBALS['strStructure'] . '</i></b>&nbsp;</td>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="2">&nbsp;<b><i>' . $GLOBALS['strAdministration'] . '</i></b>&nbsp;</td>' . "\n" . $spaces . '    </tr>' . "\n";
        $limitTable = FALSE;
        for ($i = 0; isset($privTable[0][$i]) || isset($privTable[1][$i]) || isset($privTable[2][$i]); $i++) {
            echo $spaces . '    <tr>' . "\n";
            for ($j = 0; $j < 3; $j++) {
                if (isset($privTable[$j][$i])) {
                    echo $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="checkbox" name="' . $privTable[$j][$i][0] . '_priv" id="checkbox_' . $privTable[$j][$i][0] . '_priv" value="Y" ' . ($row[$privTable[$j][$i][0] . '_priv'] == 'Y' ? 'checked="checked" ' : '') . 'title="' . $privTable[$j][$i][2] . '"/></td>' . "\n" . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="checkbox_' . $privTable[$j][$i][0] . '_priv"><tt><dfn title="' . $privTable[$j][$i][2] . '">' . $privTable[$j][$i][1] . '</dfn></tt></label></td>' . "\n";
                } else {
                    if ($db == '*' && !isset($privTable[0][$i]) && !isset($privTable[1][$i]) && isset($row['max_questions']) && isset($row['max_updates']) && isset($row['max_connections']) && !$limitTable) {
                        echo $spaces . '        <td colspan="4" rowspan="' . (count($privTable[2]) - $i) . '">' . "\n" . $spaces . '            <table border="0">' . "\n" . $spaces . '                <tr>' . "\n" . $spaces . '                    <th colspan="2">&nbsp;' . $GLOBALS['strResourceLimits'] . '&nbsp;</th>' . "\n" . $spaces . '                </tr>' . "\n" . $spaces . '                <tr>' . "\n" . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '" colspan="2"><small><i>' . $GLOBALS['strZeroRemovesTheLimit'] . '</i></small></td>' . "\n" . $spaces . '                </tr>' . "\n" . $spaces . '                <tr>' . "\n" . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="text_max_questions"><tt><dfn title="' . $GLOBALS['strPrivDescMaxQuestions'] . '">MAX&nbsp;QUERIES&nbsp;PER&nbsp;HOUR</dfn></tt></label></td>' . "\n" . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="text" class="textfield" name="max_questions" id="text_max_questions" value="' . $row['max_questions'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxQuestions'] . '" /></td>' . "\n" . $spaces . '                </tr>' . "\n" . $spaces . '                <tr>' . "\n" . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="text_max_updates"><tt><dfn title="' . $GLOBALS['strPrivDescMaxUpdates'] . '">MAX&nbsp;UPDATES&nbsp;PER&nbsp;HOUR</dfn></tt></label></td>' . "\n" . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="text" class="textfield" name="max_updates" id="text_max_updates" value="' . $row['max_updates'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxUpdates'] . '" /></td>' . "\n" . $spaces . '                </tr>' . "\n" . $spaces . '                <tr>' . "\n" . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="text_max_connections"><tt><dfn title="' . $GLOBALS['strPrivDescMaxConnections'] . '">MAX&nbsp;CONNECTIONS&nbsp;PER&nbsp;HOUR</dfn></tt></label></td>' . "\n" . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="text" class="textfield" name="max_connections" id="text_max_connections" value="' . $row['max_connections'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxConnections'] . '" /></td>' . "\n" . $spaces . '                </tr>' . "\n" . $spaces . '            </table>' . "\n" . $spaces . '        </td>' . "\n";
                        $limitTable = TRUE;
                    } else {
                        if (!$limitTable) {
                            echo $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" colspan="2">&nbsp;</td>' . "\n";
        echo $spaces . '    </tr>' . "\n";
    if ($submit) {
        echo $spaces . '    <tr>' . "\n" . $spaces . '        <td colspan="6" align="center">' . "\n" . $spaces . '            <input type="submit" name="update_privs" value="' . $GLOBALS['strGo'] . '" />' . "\n" . $spaces . '        </td>' . "\n" . $spaces . '    </tr>' . "\n";
    echo $spaces . '</table>' . "\n";
예제 #7
 * Adds a bookmark
 * @param   array    the properties of the bookmark to add
 * @param   array    the bookmark parameters for the current user
 * @param   boolean  whether to make the bookmark available for all users
 * @return  boolean  whether the INSERT succeeds or not
 * @access  public
function PMA_addBookmarks($fields, $cfgBookmark, $all_users = false)
    $query = 'INSERT INTO ' . PMA_backquote($cfgBookmark['db']) . '.' . PMA_backquote($cfgBookmark['table']) . ' (id, dbase, user, query, label) VALUES (\'\', \'' . PMA_sqlAddslashes($fields['dbase']) . '\', \'' . ($all_users ? '' : PMA_sqlAddslashes($fields['user'])) . '\', \'' . PMA_sqlAddslashes(urldecode($fields['query'])) . '\', \'' . PMA_sqlAddslashes($fields['label']) . '\')';
    if (isset($GLOBALS['dbh'])) {
        $result = PMA_mysql_query($query, $GLOBALS['dbh']);
        if (PMA_mysql_error($GLOBALS['dbh'])) {
            $error = PMA_mysql_error($GLOBALS['dbh']);
            require_once './header.inc.php';
    } else {
        $result = PMA_mysql_query($query);
        if (PMA_mysql_error()) {
            $error = PMA_mysql_error();
            require_once './header.inc.php';
    return TRUE;
예제 #8
// end row insertion
 * Executes the sql query and get the result, then move back to the calling
 * page
$sql_query = implode(';', $query) . ';';
$total_affected_rows = 0;
$last_message = '';
foreach ($query as $query_index => $single_query) {
    $result = PMA_mysql_query($single_query);
    if (!$result) {
        if ($cfg['IgnoreMultiSubmitErrors']) {
            $message .= PMA_mysql_error();
        } else {
            $error = PMA_mysql_error();
            require_once './header.inc.php';
            PMA_mysqlDie($error, '', '', $err_url);
    } else {
        if (@mysql_affected_rows()) {
            $total_affected_rows += @mysql_affected_rows();
        $insert_id = mysql_insert_id();
        if ($insert_id != 0) {
            $last_message .= '<br />' . $strInsertedRowId . '&nbsp;' . $insert_id;
    // end if
if ($total_affected_rows != 0) {
예제 #9
echo '<h2>' . "\n" . '    ' . (empty($dbstats) ? $strDatabases : $strDatabasesStats) . "\n" . '</h2>' . "\n";
 * Checks if the user is allowed to do what he tries to...
if (!empty($dbstats) && !$is_superuser) {
    echo $strNoPrivileges . "\n";
    require_once './footer.inc.php';
 * Prepares the statistics
$statistics = array();
foreach ($dblist as $current_db) {
    $tmp_array = array('db_name' => $current_db, 'tbl_cnt' => 0, 'data_sz' => 0, 'idx_sz' => 0, 'tot_sz' => 0);
    if (!empty($dbstats)) {
        $res = PMA_mysql_query('SHOW TABLE STATUS FROM ' . PMA_backquote($current_db) . ';', $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), 'SHOW TABLE STATUS FROM ' . PMA_backquote($current_db) . ';');
        while ($row = PMA_mysql_fetch_array($res, MYSQL_ASSOC)) {
            $tmp_array['data_sz'] += $row['Data_length'];
            $tmp_array['idx_sz'] += $row['Index_length'];
    $tmp_array['tot_sz'] = $tmp_array['data_sz'] + $tmp_array['idx_sz'];
    $statistics[] = $tmp_array;
// avoids 'undefined index' errors
if (empty($sort_by)) {
    $sort_by = 'db_name';
if (empty($sort_order)) {
    if ($sort_by == 'db_name') {
예제 #10
  * Finds all related tables
  * @param   string   wether to go from master to foreign or vice versa
  * @return  boolean  always TRUE
  * @global  array    the list of tables that we still couldn't connect
  * @global  array    the list of allready connected tables
  * @global  string   the current databse name
  * @global  string   the super user connection id
  * @global  array    the list of relation settings
  * @access  private
 function PMA_getRelatives($from)
     global $tab_left, $tab_know, $fromclause;
     global $dbh, $db, $cfgRelation;
     if ($from == 'master') {
         $to = 'foreign';
     } else {
         $to = 'master';
     $in_know = '(\'' . implode('\', \'', $tab_know) . '\')';
     $in_left = '(\'' . implode('\', \'', $tab_left) . '\')';
     $rel_query = 'SELECT *' . ' FROM ' . PMA_backquote($cfgRelation['relation']) . ' WHERE ' . $from . '_db   = \'' . PMA_sqlAddslashes($db) . '\'' . ' AND ' . $to . '_db   = \'' . PMA_sqlAddslashes($db) . '\'' . ' AND ' . $from . '_table IN ' . $in_know . ' AND ' . $to . '_table IN ' . $in_left;
     if (isset($dbh)) {
         PMA_mysql_select_db($cfgRelation['db'], $dbh);
         $relations = @PMA_mysql_query($rel_query, $dbh) or PMA_mysqlDie(PMA_mysql_error($dbh), $rel_query, '', $err_url_0);
         PMA_mysql_select_db($db, $dbh);
     } else {
         $relations = @PMA_mysql_query($rel_query) or PMA_mysqlDie('', $rel_query, '', $err_url_0);
     while ($row = PMA_mysql_fetch_array($relations)) {
         $found_table = $row[$to . '_table'];
         if (isset($tab_left[$found_table])) {
             $fromclause .= "\n" . ' LEFT JOIN ' . PMA_backquote($row[$to . '_table']) . ' ON ' . PMA_backquote($row[$from . '_table']) . '.' . PMA_backquote($row[$from . '_field']) . ' = ' . PMA_backquote($row[$to . '_table']) . '.' . PMA_backquote($row[$to . '_field']) . ' ';
             $tab_know[$found_table] = $found_table;
             $tab_left = PMA_arrayShort($tab_left, $found_table);
     // end while
     return TRUE;
예제 #11
  * Displays a MySQL error message in the right frame.
  * @param   string   the error mesage
  * @param   string   the sql query that failed
  * @param   boolean  whether to show a "modify" link or not
  * @param   string   the "back" link url (full path is not required)
  * @param   boolean  EXIT the page?
  * @global  array    the configuration array
  * @access  public
 function PMA_mysqlDie($error_message = '', $the_query = '', $is_modify_link = TRUE, $back_url = '', $exit = TRUE)
     global $cfg, $table, $db, $sql_query;
     require_once './header.inc.php';
     if (!$error_message) {
         $error_message = PMA_mysql_error();
     if (!$the_query && !empty($GLOBALS['sql_query'])) {
         $the_query = $GLOBALS['sql_query'];
     // --- Added to solve bug #641765
     // Robbat2 - 12 January 2003, 9:46PM
     // Revised, Robbat2 - 13 Janurary 2003, 2:59PM
     if (!function_exists('PMA_SQP_isError') || PMA_SQP_isError()) {
         $formatted_sql = htmlspecialchars($the_query);
     } else {
         $formatted_sql = PMA_formatSql(PMA_SQP_parse($the_query), $the_query);
     // ---
     echo '<p><b>' . $GLOBALS['strError'] . '</b></p>' . "\n";
     // if the config password is wrong, or the MySQL server does not
     // respond, do not show the query that would reveal the
     // username/password
     if (!empty($the_query) && !strstr($the_query, 'connect')) {
         // --- Added to solve bug #641765
         // Robbat2 - 12 January 2003, 9:46PM
         // Revised, Robbat2 - 13 Janurary 2003, 2:59PM
         if (function_exists('PMA_SQP_isError') && PMA_SQP_isError()) {
             echo PMA_SQP_getErrorString();
         // ---
         echo '<p>' . "\n";
         echo '    ' . $GLOBALS['strSQLQuery'] . '&nbsp;:&nbsp;' . "\n";
         if ($is_modify_link && isset($db)) {
             echo '    [' . '<a href="db_details.php?' . PMA_generate_common_url($GLOBALS['db']) . '&amp;sql_query=' . urlencode($the_query) . '&amp;show_query=1">' . $GLOBALS['strEdit'] . '</a>' . ']' . "\n";
         // end if
         echo '</p>' . "\n" . '<p>' . "\n" . '    ' . $formatted_sql . "\n" . '</p>' . "\n";
     // end if
     if (!empty($error_message)) {
         $error_message = htmlspecialchars($error_message);
         $error_message = preg_replace("@((\r\n)|(\r)|(\n)){3,}@", "\n\n", $error_message);
     echo '<p>' . "\n" . '    ' . $GLOBALS['strMySQLSaid'] . '<br />' . "\n" . '</p>' . "\n";
     // The error message will be displayed within a CODE segment.
     // To preserve original formatting, but allow wordwrapping, we do a couple of replacements
     // Replace all non-single blanks with their HTML-counterpart
     $error_message = str_replace('  ', '&nbsp;&nbsp;', $error_message);
     // Replace TAB-characters with their HTML-counterpart
     $error_message = str_replace("\t", '&nbsp;&nbsp;&nbsp;&nbsp;', $error_message);
     // Replace linebreaks
     $error_message = nl2br($error_message);
     echo '<code>' . "\n" . $error_message . "\n" . '</code><br /><br />' . "\n";
     echo PMA_showMySQLDocu('Error-returns', 'Error-returns');
     if (!empty($back_url) && $exit) {
         echo '&nbsp;&middot;&nbsp;[<a href="' . (strstr($back_url, '?') ? $back_url . '&amp;no_history=true' : $back_url . '?no_history=true') . '">' . $GLOBALS['strBack'] . '</a>]';
     echo "\n";
     if ($exit) {
         require_once './footer.inc.php';
예제 #12
 * User is not allowed to login to MySQL -> authentication failed
 * @global  string    the MySQL error message PHP returns
 * @global  string    the connection type (persistent or not)
 * @global  string    the MySQL server port to use
 * @global  string    the MySQL socket port to use
 * @global  array     the current server settings
 * @global  string    the font face to use in case of failure
 * @global  string    the default font size to use in case of failure
 * @global  string    the big font size to use in case of failure
 * @global  boolean   tell the "PMA_mysqlDie()" function headers have been
 *                    sent
 * @return  boolean   always true (no return indeed)
 * @access  public
function PMA_auth_fails()
    global $php_errormsg;
    global $connect_func, $server_port, $server_socket, $cfg;
    global $right_font_family, $font_size, $font_bigger;
    global $is_header_sent;
    if (PMA_mysql_error()) {
        $conn_error = PMA_mysql_error();
    } else {
        if (isset($php_errormsg)) {
            $conn_error = $php_errormsg;
        } else {
            $conn_error = 'Cannot connect: invalid settings.';
    /* Commented out by Nijel: This causes displaying login and password from
     * config when connection to MySQL server can't be established. (SQL parser
     * fails on this and then displays it as wrong SQL.
    /*      $local_query    = $connect_func . '('
            . $cfg['Server']['host'] . $server_port . $server_socket . ', '
            . $cfg['Server']['user'] . ', '
            . $cfg['Server']['password'] . ')';*/
    $local_query = '';
    // Defines the charset to be used
    header('Content-Type: text/html; charset=' . $GLOBALS['charset']);
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php 
    echo $GLOBALS['available_languages'][$GLOBALS['lang']][2];
" lang="<?php 
    echo $GLOBALS['available_languages'][$GLOBALS['lang']][2];
" dir="<?php 
    echo $GLOBALS['text_dir'];

    echo $GLOBALS['strAccessDenied'];
<meta http-equiv="Content-Type" content="text/html; charset=<?php 
    echo $GLOBALS['charset'];
" />
<style type="text/css">
body     {font-family: <?php 
    echo $right_font_family;
; font-size: <?php 
    echo $font_size;
; color: #000000}
h1       {font-family: <?php 
    echo $right_font_family;
; font-size: <?php 
    echo $font_bigger;
; font-weight: bold}

<body bgcolor="<?php 
    echo $cfg['RightBgColor'];
<br /><br />
    echo sprintf($GLOBALS['strWelcome'], ' phpMyAdmin ' . PMA_VERSION);
<br />
    echo "\n";
    $is_header_sent = TRUE;
    echo '<p>' . $GLOBALS['strAccessDeniedExplanation'] . '</p>' . "\n";
    PMA_mysqlDie($conn_error, $local_query, FALSE);
    return TRUE;
예제 #13
 * Displays the links
require './server_links.inc.php';
 * Displays the sub-page heading
echo '<h2>' . "\n" . '    ' . $strProcesslist . "\n" . '</h2>' . "\n";
 * Sends the query and buffers the result
$serverProcesses = array();
$sql_query = 'SHOW' . (empty($full) ? '' : ' FULL') . ' PROCESSLIST;';
$res = @PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query);
while ($row = PMA_mysql_fetch_array($res, MYSQL_ASSOC)) {
    $serverProcesses[] = $row;
 * Displays the page
<table border="0">
        <th><a href="./server_processlist.php?<?php 
echo $url_query . (empty($full) ? '&amp;full=1' : '');
예제 #14
                            $upd_query .= ' ON UPDATE ' . $options_array[${$master_field . '_on_update'}];
                // end if... else....
            } else {
                if (isset($existrel_innodb[$master_field])) {
                    if (PMA_MYSQL_INT_VERSION >= 40013) {
                        $upd_query = 'ALTER TABLE ' . $table . ' DROP FOREIGN KEY ' . PMA_backquote($existrel_innodb[$master_field]['constraint']);
            // end if... else....
            if (isset($upd_query)) {
                $upd_rs = PMA_mysql_query($upd_query);
                if (PMA_mysql_error() && mysql_errno() == 1005) {
                    echo '<p class="warning">' . $strNoIndex . ' (' . $master_field . ')</p>' . PMA_showMySQLDocu('manual_Table_types', 'InnoDB_foreign_key_constraints') . "\n";
        // end while
    // end if isset($destination_innodb)
// end if
// U p d a t e s   f o r   d i s p l a y   f i e l d
if ($cfgRelation['displaywork'] && isset($submit_show) && $submit_show == 'true') {
    if ($disp) {
        if ($display_field != '') {
            $upd_query = 'UPDATE ' . PMA_backquote($cfgRelation['table_info']) . ' SET display_field = \'' . PMA_sqlAddslashes($display_field) . '\'' . ' WHERE db_name  = \'' . PMA_sqlAddslashes($db) . '\'' . ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\'';
예제 #15
    // Not a valid db name -> back to the welcome page
    if (!empty($db)) {
        $is_db = @PMA_mysql_select_db($db);
    if (empty($db) || !$is_db) {
        header('Location: ' . $cfg['PmaAbsoluteUri'] . 'main.php?' . PMA_generate_common_url('', '', '&') . (isset($message) ? '&message=' . urlencode($message) : '') . '&reload=1');
// end if (ensures db exists)
 * Changes database charset if requested by the user
if (isset($submitcharset) && PMA_MYSQL_INT_VERSION >= 40101) {
    $sql_query = 'ALTER DATABASE ' . PMA_backquote($db) . ' DEFAULT CHARACTER SET ' . $db_charset;
    $result = PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query, '', $err_url);
    $message = $strSuccess;
// Displays headers
if (!isset($message)) {
    $js_to_run = 'functions.js';
    require_once './header.inc.php';
    // Reloads the navigation frame via JavaScript if required
    if (isset($reload) && $reload) {
        echo "\n";
<script type="text/javascript" language="javascript1.2">
        echo PMA_generate_common_url($db, '', '&');
예제 #16
if ($num_tables > 0) {
    $lnk3 = 'db_details_export.php';
    $arg3 = $url_query;
    $lnk4 = 'db_search.php';
    $arg4 = $url_query;
} else {
    $lnk3 = '';
    $arg3 = '';
    $lnk4 = '';
    $arg4 = '';
// Drop link if allowed
if (!$cfg['AllowUserDropDatabase']) {
    // Check if the user is a Superuser
    $links_result = @PMA_mysql_query('USE mysql');
    $cfg['AllowUserDropDatabase'] = !PMA_mysql_error();
if ($cfg['AllowUserDropDatabase']) {
    $lnk5 = 'sql.php';
    $arg5 = $url_query . '&amp;sql_query=' . urlencode('DROP DATABASE ' . PMA_backquote($db)) . '&amp;zero_rows=' . urlencode(sprintf($strDatabaseHasBeenDropped, htmlspecialchars(PMA_backquote($db)))) . '&amp;goto=main.php&amp;back=db_details' . $sub_part . '.php&amp;reload=1&amp;purge=1';
    $att5 = 'class="drop" ' . 'onclick="return confirmLink(this, \'DROP DATABASE ' . PMA_jsFormat($db) . '\')"';
} else {
    $lnk5 = '';
 * Displays tab links
if ($cfg['LightTabs']) {
    echo '&nbsp;';
} else {
    echo '<table border="0" cellspacing="0" cellpadding="3" width="100%" class="tabs">