<?php if (!$error && $_POST["export"]) { dump_headers("sql"); $adminer->dumpTable("", ""); $adminer->dumpData("", "table", $_POST["query"]); exit; } restart_session(); $history_all =& get_session("queries"); $history =& $history_all[DB]; if (!$error && $_POST["clear"]) { $history = array(); adminer_redirect(remove_from_uri("history")); } page_header(isset($_GET["import"]) ? lang('Import') : lang('SQL command'), $error); if (!$error && $_POST) { $fp = false; if (!isset($_GET["import"])) { $query = $_POST["query"]; } elseif ($_POST["webfile"]) { $fp = @fopen(file_exists("adminer.sql") ? "adminer.sql" : "compress.zlib://adminer.sql.gz", "rb"); $query = $fp ? fread($fp, 1000000.0) : false; } else { $query = get_file("sql_file", true); } if (is_string($query)) { // get_file() returns error as number, fread() as false if (function_exists('memory_get_usage')) { @ini_set("memory_limit", max(ini_bytes("memory_limit"), 2 * strlen($query) + memory_get_usage() + 8000000.0)); // @ - may be disabled, 2 - substr and trim, 8e6 - other variables
global $LANG, $langs; echo "<form action='' method='post'>\n<div id='lang'>"; echo lang('Language') . ": " . html_select("lang", $langs, $LANG, "this.form.submit();"); echo " <input type='submit' value='" . lang('Use') . "' class='hidden'>\n"; echo "<input type='hidden' name='token' value='" . get_token() . "'>\n"; // $token may be empty in auth.inc.php echo "</div>\n</form>\n"; } if (isset($_POST["lang"]) && verify_token()) { // $error not yet available cookie("adminer_lang", $_POST["lang"]); $_SESSION["lang"] = $_POST["lang"]; // cookies may be disabled $_SESSION["translations"] = array(); // used in compiled version adminer_redirect(remove_from_uri()); } $LANG = "en"; if (isset($langs[$_COOKIE["adminer_lang"]])) { cookie("adminer_lang", $_COOKIE["adminer_lang"]); $LANG = $_COOKIE["adminer_lang"]; } elseif (isset($langs[$_SESSION["lang"]])) { $LANG = $_SESSION["lang"]; } else { $accept_language = array(); preg_match_all('~([-a-z]+)(;q=([0-9.]+))?~', str_replace("_", "-", strtolower($_SERVER["HTTP_ACCEPT_LANGUAGE"])), $matches, PREG_SET_ORDER); foreach ($matches as $match) { $accept_language[$match[1]] = isset($match[3]) ? $match[3] : 1; } arsort($accept_language); foreach ($accept_language as $key => $q) {
/** Execute query and redirect if successful * @param string * @param string * @param string * @param bool * @param bool * @param bool * @return bool */ function query_adminer_redirect($query, $location, $message, $redirect = true, $execute = true, $failed = false, $time = "") { global $connection, $error, $adminer; if ($execute) { $start = microtime(true); $failed = !$connection->query($query); $time = format_time($start); } $sql = ""; if ($query) { // filter query via plugin fct. $query = AdminerForWP::array_map_recursive('stripslashes', $query); $sql = $adminer->messageQuery($query, $time); } if ($failed) { $error = error() . $sql; return false; } if ($redirect) { adminer_redirect($location, $message . $sql); } return true; }
$last = ""; foreach ($databases as $db) { if (count($databases) == 1 || $db != "") { // ignore empty lines but always try to create single database if (!create_database($db, $row["collation"])) { $success = false; } $last = $db; } } queries_adminer_redirect(ME . "db=" . urlencode($last), lang('Database has been created.'), $success); } } else { // alter database if (!$row["collation"]) { adminer_redirect(substr(ME, 0, -1)); } query_adminer_redirect("ALTER DATABASE " . idf_escape($name) . (preg_match('~^[a-z0-9_]+$~i', $row["collation"]) ? " COLLATE {$row['collation']}" : ""), substr(ME, 0, -1), lang('Database has been altered.')); } } page_header(DB != "" ? lang('Alter database') : lang('Create database'), $error, array(), h(DB)); $collations = collations(); $name = DB; if ($_POST) { $name = $row["name"]; } elseif (DB != "") { $row["collation"] = db_collation(DB, $collations); } elseif ($jush == "sql") { // propose database name with limited privileges foreach (get_vals("SHOW GRANTS") as $grant) { if (preg_match('~ ON (`(([^\\\\`]|``|\\\\.)*)%`\\.\\*)?~', $grant, $match) && $match[1]) {
$row = $_POST; if ($_POST && !$error) { $link = preg_replace('~ns=[^&]*&~', '', ME) . "ns="; if ($_POST["drop"]) { query_adminer_redirect("DROP SCHEMA " . idf_escape($_GET["ns"]), $link, lang('Schema has been dropped.')); } else { $name = trim($row["name"]); $link .= urlencode($name); if ($_GET["ns"] == "") { query_adminer_redirect("CREATE SCHEMA " . idf_escape($name), $link, lang('Schema has been created.')); } elseif ($_GET["ns"] != $name) { query_adminer_redirect("ALTER SCHEMA " . idf_escape($_GET["ns"]) . " RENAME TO " . idf_escape($name), $link, lang('Schema has been altered.')); //! sp_rename in MS SQL } else { adminer_redirect($link); } } } page_header($_GET["ns"] != "" ? lang('Alter schema') : lang('Create schema'), $error); if (!$row) { $row["name"] = $_GET["ns"]; } ?> <form action="" method="post"> <p><input name="name" id="name" value="<?php echo h($row["name"]); ?> " autocapitalize="off"> <script type='text/javascript'>focus(document.getElementById('name'));</script>
$indexes = indexes($TABLE); $unique_array = unique_array($_GET["where"], $indexes); $query_where = "\nWHERE {$where}"; if (isset($_POST["delete"])) { queries_adminer_redirect($location, lang('Item has been deleted.'), $driver->delete($TABLE, $query_where, !$unique_array)); } else { $set = array(); foreach ($fields as $name => $field) { $val = process_input($field); if ($val !== false && $val !== null) { $set[idf_escape($name)] = $val; } } if ($update) { if (!$set) { adminer_redirect($location); } queries_adminer_redirect($location, lang('Item has been updated.'), $driver->update($TABLE, $set, $query_where, !$unique_array)); if (is_adminer_ajax()) { page_headers(); page_messages($error); exit; } } else { $result = $driver->insert($TABLE, $set); $last_id = $result ? last_id() : 0; queries_adminer_redirect($location, lang('Item%s has been inserted.', $last_id ? " {$last_id}" : ""), $result); //! link } } }
if ($index["type"] == $existing["type"] && array_values($existing["columns"]) === $columns && (!$existing["lengths"] || array_values($existing["lengths"]) === $lengths) && array_values($existing["descs"]) === $descs) { // skip existing index unset($indexes[$name]); continue; } } $alter[] = array($index["type"], $name, $set); } } } // drop removed indexes foreach ($indexes as $name => $existing) { $alter[] = array($existing["type"], $name, "DROP"); } if (!$alter) { adminer_redirect(ME . "table=" . urlencode($TABLE)); } queries_adminer_redirect(ME . "table=" . urlencode($TABLE), lang('Indexes have been altered.'), alter_indexes($TABLE, $alter)); } page_header(lang('Indexes'), $error, array("table" => $TABLE), h($TABLE)); $fields = array_keys(fields($TABLE)); if ($_POST["add"]) { foreach ($row["indexes"] as $key => $index) { if ($index["columns"][count($index["columns"])] != "") { $row["indexes"][$key]["columns"][] = ""; } } $index = end($row["indexes"]); if ($index["type"] || array_filter($index["columns"], 'strlen')) { $row["indexes"][] = array("columns" => array(1 => "")); }
echo "</form>\n"; } } page_footer("db"); } if (isset($_GET["status"])) { $_GET["variables"] = $_GET["status"]; } if (isset($_GET["import"])) { $_GET["sql"] = $_GET["import"]; } if (!(DB != "" ? $connection->select_db(DB) : isset($_GET["sql"]) || isset($_GET["dump"]) || isset($_GET["database"]) || isset($_GET["processlist"]) || isset($_GET["privileges"]) || isset($_GET["user"]) || isset($_GET["variables"]) || $_GET["script"] == "connect" || $_GET["script"] == "kill")) { if (DB != "" || $_GET["refresh"]) { restart_session(); set_session("dbs", null); } connect_error(); // separate function to catch SQLite error exit; } if (support("scheme") && DB != "" && $_GET["ns"] !== "") { if (!isset($_GET["ns"])) { adminer_redirect(preg_replace('~ns=[^&]*&~', '', ME) . "ns=" . get_schema()); } if (!set_schema($_GET["ns"])) { header("HTTP/1.1 404 Not Found"); page_header(lang('Schema') . ": " . h($_GET["ns"]), lang('Invalid schema.'), true); page_footer("ns"); exit; } }
cookie("adminer_permanent", implode(" ", $permanent)); } if (count($_POST) == 1 || DRIVER != $vendor || SERVER != $server || $_GET["username"] !== $username || DB != $db) { adminer_redirect(auth_url($vendor, $server, $username, $db)); } } elseif ($_POST["logout"]) { if ($has_token && !verify_token()) { page_header(lang('Logout'), lang('Invalid CSRF token. Send the form again.')); page_footer("db"); exit; } else { foreach (array("pwds", "db", "dbs", "queries") as $key) { set_session($key, null); } unset_permanent(); adminer_redirect(substr(preg_replace('~\\b(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.')); } } elseif ($permanent && !$_SESSION["pwds"]) { session_regenerate_id(); $private = $adminer->permanentLogin(); foreach ($permanent as $key => $val) { list(, $cipher) = explode(":", $val); list($vendor, $server, $username, $db) = array_map('base64_decode', explode("-", $key)); set_password($vendor, $server, $username, decrypt_string(base64_decode($cipher), $private)); $_SESSION["db"][$vendor][$server][$username][$db] = true; } } function unset_permanent() { global $permanent; foreach ($permanent as $key => $val) {