Exemplo n.º 1
0
 /**
  * Loads common scripts
  *
  * @return void
  */
 private function _addDefaultScripts()
 {
     if (empty($GLOBALS['error_message'])) {
         $this->_scripts->addCode("\n                \$(function() {\n                // updates current settings\n                if (window.parent.setAll) {\n                    window.parent.setAll(\n                        '" . PMA_escapeJsString($GLOBALS['lang']) . "',\n                        '" . PMA_escapeJsString($GLOBALS['collation_connection']) . "',\n                        '" . PMA_escapeJsString($GLOBALS['server']) . "',\n                        '" . PMA_escapeJsString(PMA_ifSetOr($GLOBALS['db'], '')) . "',\n                        '" . PMA_escapeJsString(PMA_ifSetOr($GLOBALS['table'], '')) . "',\n                        '" . PMA_escapeJsString($_SESSION[' PMA_token ']) . "'\n                    );\n                }\n                });\n            ");
         if (!empty($GLOBALS['reload'])) {
             $this->_scripts->addCode("\n                    // refresh navigation frame content\n                    if (window.parent.refreshNavigation) {\n                        window.parent.refreshNavigation();\n                    }\n                ");
         } else {
             if (isset($_GET['reload_left_frame']) && $_GET['reload_left_frame'] == '1') {
                 // reload left frame (used by user preferences)
                 $this->_scripts->addCode("\n                    if (window.parent && window.parent.frame_navigation) {\n                        window.parent.frame_navigation.location.reload();\n                    }\n                ");
             }
         }
         // set current db, table and sql query in the querywindow
         $query = '';
         if (isset($GLOBALS['sql_query']) && strlen($GLOBALS['sql_query']) > $GLOBALS['cfg']['MaxCharactersInDisplayedSQL']) {
             $query = PMA_escapeJsString($GLOBALS['sql_query']);
         }
         $this->_scripts->addCode("\n                if (window.parent.reload_querywindow) {\n                    window.parent.reload_querywindow(\n                        '" . PMA_escapeJsString(PMA_ifSetOr($GLOBALS['db'], '')) . "',\n                        '" . PMA_escapeJsString(PMA_ifSetOr($GLOBALS['table'], '')) . "',\n                        '" . $query . "'\n                    );\n                }\n            ");
         if (!empty($GLOBALS['focus_querywindow'])) {
             // set focus to the querywindow
             $this->_scripts->addCode("\n                    if (parent.querywindow && !parent.querywindow.closed\n                        && parent.querywindow.location\n                    ) {\n                        self.focus();\n                    }\n                ");
         }
         $this->_scripts->addCode("\n                if (window.parent.frame_content) {\n                    // reset content frame name, as querywindow needs\n                    // to set a unique name before submitting form data,\n                    // and navigation frame needs the original name\n                    if (typeof(window.parent.frame_content.name) != 'undefined'\n                     && window.parent.frame_content.name != 'frame_content') {\n                        window.parent.frame_content.name = 'frame_content';\n                    }\n                    if (typeof(window.parent.frame_content.id) != 'undefined'\n                     && window.parent.frame_content.id != 'frame_content') {\n                        window.parent.frame_content.id = 'frame_content';\n                    }\n                    //window.parent.frame_content.setAttribute('name', 'frame_content');\n                    //window.parent.frame_content.setAttribute('id', 'frame_content');\n                }\n            ");
     }
 }
Exemplo n.º 2
0
/**
 * Format a string so it can be a string inside JavaScript code inside an
 * eventhandler (onclick, onchange, on..., ).
 * This function is used to displays a javascript confirmation box for
 * "DROP/DELETE/ALTER" queries.
 *
 * @uses    PMA_escapeJsString()
 * @uses    PMA_backquote()
 * @uses    is_string()
 * @uses    htmlspecialchars()
 * @uses    str_replace()
 * @param   string   $a_string          the string to format
 * @param   boolean  $add_backquotes    whether to add backquotes to the string or not
 *
 * @return  string   the formatted string
 *
 * @access  public
 */
function PMA_jsFormat($a_string = '', $add_backquotes = true)
{
    if (is_string($a_string)) {
        $a_string = htmlspecialchars($a_string);
        $a_string = PMA_escapeJsString($a_string);
        /**
         * @todo what is this good for?
         */
        $a_string = str_replace('#', '\\#', $a_string);
    }
    return $add_backquotes ? PMA_backquote($a_string) : $a_string;
}
Exemplo n.º 3
0
/**
 * Prints an javascript assignment with proper escaping of a value
 * and support for assigning array of strings.
 *
 * @param string $key Name of value to set
 * @param mixed $value Value to set, can be either string or array of strings
 */
function PMA_printJsValue($key, $value)
{
    echo $key . ' = ';
    if (is_array($value)) {
        echo '[';
        foreach ($value as $id => $val) {
            echo "'" . PMA_escapeJsString($val) . "',";
        }
        echo "];\n";
    } else {
        echo "'" . PMA_escapeJsString($value) . "';\n";
    }
}
/**
 * Formats a value for javascript code.
 *
 * @param string $value String to be formatted.
 *
 * @return string formatted value.
 */
function PMA_formatJsVal($value)
{
    if (is_bool($value)) {
        if ($value) {
            return 'true';
        }
        return 'false';
    }
    if (is_int($value)) {
        return (int) $value;
    }
    return '"' . PMA_escapeJsString($value) . '"';
}
Exemplo n.º 5
0
/**
 * Function to get html for each insert/edit column
 *
 * @param array  $table_columns         table columns
 * @param int    $column_number         column index in table_columns
 * @param array  $comments_map          comments map
 * @param bool   $timestamp_seen        whether timestamp seen
 * @param array  $current_result        current result
 * @param string $chg_evt_handler       javascript change event handler
 * @param string $jsvkey                javascript validation key
 * @param string $vkey                  validation key
 * @param bool   $insert_mode           whether insert mode
 * @param array  $current_row           current row
 * @param bool   $odd_row               whether odd row
 * @param int    &$o_rows               row offset
 * @param int    &$tabindex             tab index
 * @param int    $columns_cnt           columns count
 * @param bool   $is_upload             whether upload
 * @param int    $tabindex_for_function tab index offset for function
 * @param array  $foreigners            foreigners
 * @param int    $tabindex_for_null     tab index offset for null
 * @param int    $tabindex_for_value    tab index offset for value
 * @param string $table                 table
 * @param string $db                    database
 * @param int    $row_id                row id
 * @param array  $titles                titles
 * @param int    $biggest_max_file_size biggest max file size
 * @param string $default_char_editing  default char editing mode which is stored
 *                                      in the config.inc.php script
 * @param string $text_dir              text direction
 * @param array  $repopulate            the data to be repopulated
 * @param array  $column_mime           the mime information of column
 * @param string $where_clause          the where clause
 *
 * @return string
 */
function PMA_getHtmlForInsertEditFormColumn($table_columns, $column_number, $comments_map, $timestamp_seen, $current_result, $chg_evt_handler, $jsvkey, $vkey, $insert_mode, $current_row, $odd_row, &$o_rows, &$tabindex, $columns_cnt, $is_upload, $tabindex_for_function, $foreigners, $tabindex_for_null, $tabindex_for_value, $table, $db, $row_id, $titles, $biggest_max_file_size, $default_char_editing, $text_dir, $repopulate, $column_mime, $where_clause)
{
    $column = $table_columns[$column_number];
    if (!isset($column['processed'])) {
        $column = PMA_analyzeTableColumnsArray($column, $comments_map, $timestamp_seen);
    }
    $as_is = false;
    if (!empty($repopulate) && !empty($current_row)) {
        $current_row[$column['Field']] = $repopulate[$column['Field_md5']];
        $as_is = true;
    }
    $extracted_columnspec = PMA_Util::extractColumnSpec($column['Type']);
    if (-1 === $column['len']) {
        $column['len'] = $GLOBALS['dbi']->fieldLen($current_result, $column_number);
        // length is unknown for geometry fields,
        // make enough space to edit very simple WKTs
        if (-1 === $column['len']) {
            $column['len'] = 30;
        }
    }
    //Call validation when the form submitted...
    $onChangeClause = $chg_evt_handler . "=\"return verificationsAfterFieldChange('" . PMA_escapeJsString($column['Field_md5']) . "', '" . PMA_escapeJsString($jsvkey) . "','" . $column['pma_type'] . "')\"";
    // Use an MD5 as an array index to avoid having special characters
    // in the name attribute (see bug #1746964 )
    $column_name_appendix = $vkey . '[' . $column['Field_md5'] . ']';
    if ($column['Type'] === 'datetime' && !isset($column['Default']) && !is_null($column['Default']) && $insert_mode) {
        $column['Default'] = date('Y-m-d H:i:s', time());
    }
    $html_output = PMA_getHtmlForFunctionOption($odd_row, $column, $column_name_appendix);
    if ($GLOBALS['cfg']['ShowFieldTypesInDataEditView']) {
        $html_output .= PMA_getHtmlForInsertEditColumnType($column);
    }
    //End if
    // Get a list of GIS data types.
    $gis_data_types = PMA_Util::getGISDatatypes();
    // Prepares the field value
    $real_null_value = false;
    $special_chars_encoded = '';
    if (!empty($current_row)) {
        // (we are editing)
        list($real_null_value, $special_chars_encoded, $special_chars, $data, $backup_field) = PMA_getSpecialCharsAndBackupFieldForExistingRow($current_row, $column, $extracted_columnspec, $real_null_value, $gis_data_types, $column_name_appendix, $as_is);
    } else {
        // (we are inserting)
        // display default values
        $tmp = $column;
        if (isset($repopulate[$column['Field_md5']])) {
            $tmp['Default'] = $repopulate[$column['Field_md5']];
        }
        list($real_null_value, $data, $special_chars, $backup_field, $special_chars_encoded) = PMA_getSpecialCharsAndBackupFieldForInsertingMode($tmp, $real_null_value);
        unset($tmp);
    }
    $idindex = $o_rows * $columns_cnt + $column_number + 1;
    $tabindex = $idindex;
    // Get a list of data types that are not yet supported.
    $no_support_types = PMA_Util::unsupportedDatatypes();
    // The function column
    // -------------------
    if ($GLOBALS['cfg']['ShowFunctionFields']) {
        $html_output .= PMA_getFunctionColumn($column, $is_upload, $column_name_appendix, $onChangeClause, $no_support_types, $tabindex_for_function, $tabindex, $idindex, $insert_mode);
    }
    // The null column
    // ---------------
    $foreignData = PMA_getForeignData($foreigners, $column['Field'], false, '', '');
    $html_output .= PMA_getNullColumn($column, $column_name_appendix, $real_null_value, $tabindex, $tabindex_for_null, $idindex, $vkey, $foreigners, $foreignData);
    // The value column (depends on type)
    // ----------------
    // See bug #1667887 for the reason why we don't use the maxlength
    // HTML attribute
    //add data attributes "no of decimals" and "data type"
    $no_decimals = 0;
    $type = current(explode("(", $column['pma_type']));
    if (preg_match('/\\(([^()]+)\\)/', $column['pma_type'], $match)) {
        $match[0] = trim($match[0], '()');
        $no_decimals = $match[0];
    }
    $html_output .= '<td' . ' data-type="' . $type . '"' . ' data-decimals="' . $no_decimals . '">' . "\n";
    // Will be used by js/tbl_change.js to set the default value
    // for the "Continue insertion" feature
    $html_output .= '<span class="default_value hide">' . $special_chars . '</span>';
    // Check input transformation of column
    $transformed_html = '';
    if (!empty($column_mime['input_transformation'])) {
        $file = $column_mime['input_transformation'];
        $include_file = 'libraries/plugins/transformations/' . $file;
        if (is_file($include_file)) {
            include_once $include_file;
            $class_name = PMA_getTransformationClassName($file);
            $transformation_plugin = new $class_name();
            $transformation_options = PMA_Transformation_getOptions($column_mime['input_transformation_options']);
            $_url_params = array('db' => $db, 'table' => $table, 'transform_key' => $column['Field'], 'where_clause' => $where_clause);
            $transformation_options['wrapper_link'] = PMA_URL_getCommon($_url_params);
            $current_value = '';
            if (isset($current_row[$column['Field']])) {
                $current_value = $current_row[$column['Field']];
            }
            if (method_exists($transformation_plugin, 'getInputHtml')) {
                $transformed_html = $transformation_plugin->getInputHtml($column, $row_id, $column_name_appendix, $transformation_options, $current_value, $text_dir, $tabindex, $tabindex_for_value, $idindex);
            }
            if (method_exists($transformation_plugin, 'getScripts')) {
                $GLOBALS['plugin_scripts'] = array_merge($GLOBALS['plugin_scripts'], $transformation_plugin->getScripts());
            }
        }
    }
    if (!empty($transformed_html)) {
        $html_output .= $transformed_html;
    } else {
        $html_output .= PMA_getValueColumn($column, $backup_field, $column_name_appendix, $onChangeClause, $tabindex, $tabindex_for_value, $idindex, $data, $special_chars, $foreignData, $odd_row, array($table, $db), $row_id, $titles, $text_dir, $special_chars_encoded, $vkey, $is_upload, $biggest_max_file_size, $default_char_editing, $no_support_types, $gis_data_types, $extracted_columnspec);
    }
    $html_output .= '</td>' . '</tr>';
    return $html_output;
}
Exemplo n.º 6
0
/**
 * Appends JS validation code to $js_array
 *
 * @param string       $field_id   ID of field to validate
 * @param string|array $validators validators callback
 * @param array        &$js_array  will be updated with javascript code
 *
 * @return void
 */
function PMA_addJsValidate($field_id, $validators, &$js_array)
{
    foreach ((array) $validators as $validator) {
        $validator = (array) $validator;
        $v_name = array_shift($validator);
        $v_name = "PMA_" . $v_name;
        $v_args = array();
        foreach ($validator as $arg) {
            $v_args[] = PMA_escapeJsString($arg);
        }
        $v_args = $v_args ? ", ['" . implode("', '", $v_args) . "']" : '';
        $js_array[] = "validateField('{$field_id}', '{$v_name}', true{$v_args})";
    }
}
Exemplo n.º 7
0
require_once './libraries/js_escape.lib.php';
$js_messages['strClickToSelect'] = __('Click to select');
$js_messages['strClickToUnselect'] = __('Click to unselect');
$js_messages['strNoDropDatabases'] = __('"DROP DATABASE" statements are disabled.');
/* For confirmations */
$js_messages['strDoYouReally'] = __('Do you really want to ');
$js_messages['strDropDatabaseStrongWarning'] = __('You are about to DESTROY a complete database!');
$js_messages['strDroppingEvent'] = __('Dropping Event');
$js_messages['strDroppingProcedure'] = __('Dropping Procedure');
$js_messages['strDeleteTrackingData'] = __('Delete tracking data for this table');
$js_messages['strDeletingTrackingData'] = __('Deleting tracking data');
$js_messages['strDroppingPrimaryKeyIndex'] = __('Dropping Primary Key/Index');
$js_messages['strOperationTakesLongTime'] = __('This operation could take a long time. Proceed anyway?');
/* For blobstreaming */
$js_messages['strBLOBRepositoryDisableStrongWarning'] = __('You are about to DISABLE a BLOB Repository!');
$js_messages['strBLOBRepositoryDisableAreYouSure'] = sprintf(__('Are you sure you want to disable all BLOB references for database %s?'), PMA_escapeJsString($GLOBALS['db']));
/* For indexes */
$js_messages['strFormEmpty'] = __('Missing value in the form!');
$js_messages['strNotNumber'] = __('This is not a number!');
/* For server_privileges.js */
$js_messages['strHostEmpty'] = __('The host name is empty!');
$js_messages['strUserEmpty'] = __('The user name is empty!');
$js_messages['strPasswordEmpty'] = __('The password is empty!');
$js_messages['strPasswordNotSame'] = __('The passwords aren\'t the same!');
$js_messages['strAddNewUser'] = __('Add a New User');
$js_messages['strCreateUser'] = __('Create User');
$js_messages['strReloadingPrivileges'] = __('Reloading Privileges');
$js_messages['strRemovingSelectedUsers'] = __('Removing Selected Users');
$js_messages['strClose'] = __('Close');
/* For inline query editing */
$js_messages['strGo'] = __('Go');
Exemplo n.º 8
0
 /**
  * Returns, as a string, a list of parameters
  * used on the client side
  *
  * @return string
  */
 public function getJsParamsCode()
 {
     $params = $this->getJsParams();
     foreach ($params as $key => $value) {
         $params[$key] = $key . ':"' . PMA_escapeJsString($value) . '"';
     }
     return 'PMA_commonParams.setAll({' . implode(',', $params) . '});';
 }
            ?>
_3"
                value="<?php 
            echo htmlspecialchars($data);
            ?>
" />
            <script type="text/javascript">
            //<![CDATA[
                document.writeln('<a target="_blank" onclick="window.open(this.href, \'foreigners\', \'width=640,height=240,scrollbars=yes,resizable=yes\'); return false"');
                document.write(' href="browse_foreigners.php?');
                document.write('<?php 
            echo PMA_generate_common_url($db, $table);
            ?>
');
                document.writeln('&amp;field=<?php 
            echo PMA_escapeJsString(urlencode($field['Field']) . $browse_foreigners_uri);
            ?>
">');
                document.writeln('<?php 
            echo str_replace("'", "\\'", $titles['Browse']);
            ?>
</a>');
            //]]>
            </script>
            <?php 
        } elseif (is_array($foreignData['disp_row'])) {
            echo $backup_field . "\n";
            ?>
            <input type="hidden" name="fields_type<?php 
            echo $field_name_appendix;
            ?>
Exemplo n.º 10
0
 * Here we add a timestamp when loading the file, so that users who
 * upgrade phpMyAdmin are not stuck with older .js files in their
 * browser cache. This produces an HTTP 304 request for each file.
 */
// avoid loading twice a js file
$GLOBALS['js_include'] = array_unique($GLOBALS['js_include']);
foreach ($GLOBALS['js_include'] as $js_script_file) {
    echo PMA_includeJS($js_script_file);
}
?>
<script type="text/javascript">
// <![CDATA[
// Updates the title of the frameset if possible (ns4 does not allow this)
if (typeof(parent.document) != 'undefined' && typeof(parent.document) != 'unknown'
    && typeof(parent.document.title) == 'string') {
    parent.document.title = '<?php 
echo isset($title) ? PMA_sanitize(PMA_escapeJsString(htmlspecialchars($title))) : '';
?>
';
}

<?php 
foreach ($GLOBALS['js_events'] as $js_event) {
    echo "\$(window.parent).bind('" . $js_event['event'] . "', " . $js_event['function'] . ");\n";
}
?>
// ]]>
</script>
<?php 
// Reloads the navigation frame via JavaScript if required
PMA_reloadNavigation();
Exemplo n.º 11
0
/**
 * Generate HTML for export form
 *
 * @param array  $url_params Parameters
 * @param string $str1       HTML for logtype select
 * @param string $str2       HTML for "from date"
 * @param string $str3       HTML for "to date"
 * @param string $str4       HTML for user
 * @param string $str5       HTML for "list report"
 *
 * @return string HTML for form
 */
function PMA_getHtmlForTrackingReportExportForm2($url_params, $str1, $str2, $str3, $str4, $str5)
{
    $html = '<form method="post" action="tbl_tracking.php' . PMA_URL_getCommon($url_params + array('report' => 'true', 'version' => $_REQUEST['version'])) . '">';
    $html .= sprintf(__('Show %1$s with dates from %2$s to %3$s by user %4$s %5$s'), $str1, $str2, $str3, $str4, $str5);
    $html .= '</form>';
    $html .= '<form class="disableAjax" method="post" action="tbl_tracking.php' . PMA_URL_getCommon($url_params + array('report' => 'true', 'version' => $_REQUEST['version'])) . '">';
    $html .= '<input type="hidden" name="logtype" value="' . htmlspecialchars($_REQUEST['logtype']) . '" />';
    $html .= '<input type="hidden" name="date_from" value="' . htmlspecialchars($_REQUEST['date_from']) . '" />';
    $html .= '<input type="hidden" name="date_to" value="' . htmlspecialchars($_REQUEST['date_to']) . '" />';
    $html .= '<input type="hidden" name="users" value="' . htmlspecialchars($_REQUEST['users']) . '" />';
    $str_export1 = '<select name="export_type">' . '<option value="sqldumpfile">' . __('SQL dump (file download)') . '</option>' . '<option value="sqldump">' . __('SQL dump') . '</option>' . '<option value="execution" onclick="alert(\'' . PMA_escapeJsString(__('This option will replace your table and contained data.')) . '\')">' . __('SQL execution') . '</option>' . '</select>';
    $str_export2 = '<input type="hidden" name="report_export" value="1" />' . '<input type="submit" value="' . __('Go') . '" />';
    $html .= "<br/>" . sprintf(__('Export as %s'), $str_export1) . $str_export2 . "<br/>";
    $html .= '</form>';
    return $html;
}
Exemplo n.º 12
0
    var token = "' . PMA_escapeJsString($token) . '";
    var LangSelectReferencedKey = "' . PMA_escapeJsString($strSelectReferencedKey) . '";
    var LangSelectForeignKey = "' . PMA_escapeJsString($strSelectForeignKey) . '";
    var LangPleaseSelectPrimaryOrUniqueKey = "' . PMA_escapeJsString($strPleaseSelectPrimaryOrUniqueKey) . '";
    var LangIEnotSupport = "' . PMA_escapeJsString($strIEUnsupported) . '";
    var LangChangeDisplay = "' . PMA_escapeJsString($strChangeDisplay) . '";

    var strLang = Array();
    strLang["strModifications"] = "' . PMA_escapeJsString($strModifications) . '";
    strLang["strRelationDeleted"] = "' . PMA_escapeJsString($strRelationDeleted) . '";
    strLang["strForeignKeyRelationAdded"] = "' . PMA_escapeJsString($strForeignKeyRelationAdded) . '";
    strLang["strGeneralRelationFeat:strDisabled"] = "' . PMA_escapeJsString($strGeneralRelationFeat . ' : ' . $strDisabled) . '";
    strLang["strInternalRelationAdded"] = "' . PMA_escapeJsString($strInternalRelationAdded) . '";
    strLang["strErrorRelationAdded"] = "' . PMA_escapeJsString($strErrorRelationAdded) . '";
    strLang["strErrorRelationExists"] = "' . PMA_escapeJsString($strErrorRelationExists) . '";
    strLang["strErrorSaveTable"] = "' . PMA_escapeJsString($strErrorSaveTable) . '";';
?>

    // ]]>
    </script>
    <script src="pmd/scripts/ajax.js" type="text/javascript"></script>
    <script src="pmd/scripts/move.js" type="text/javascript"></script>
    <!--[if IE]>
    <script src="pmd/scripts/iecanvas.js" type="text/javascript"></script>
    <![endif]-->
<?php 
echo $script_tabs . $script_contr . $script_display_field;
?>

</head>
<body onload="Main()" class="general_body" id="pmd_body">
Exemplo n.º 13
0
<?php

/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
 * URL redirector to avoid leaking Referer with some sensitive information.
 *
 * @package PhpMyAdmin
 */
/**
 * Gets core libraries and defines some variables
 */
define('PMA_MINIMUM_COMMON', true);
require_once './libraries/common.inc.php';
/**
 * JavaScript escaping.
 */
require_once './libraries/js_escape.lib.php';
if (!PMA_isValid($_GET['url']) || !preg_match('/^https?:\\/\\/[^\\n\\r]*$/', $_GET['url']) || !PMA_isAllowedDomain($_GET['url'])) {
    header('Location: ' . $cfg['PmaAbsoluteUri']);
} else {
    // JavaScript redirection is necessary. Because if header() is used
    //  then web browser sometimes does not change the HTTP_REFERER
    //  field and so with old URL as Referer, token also goes to
    //  external site.
    echo "<script type='text/javascript'>\n            window.onload=function(){\n                window.location='" . PMA_escapeJsString($_GET['url']) . "';\n            }\n        </script>";
    // Display redirecting msg on screen.
    printf(__('Taking you to %s.'), htmlspecialchars($_GET['url']));
}
die;
Exemplo n.º 14
0
/**
 * Displays a link, or a button if the link's URL is too large, to
 * accommodate some browsers' limitations
 *
 * @param  string  the URL
 * @param  string  the link message
 * @param  mixed   $tag_params  string: js confirmation
 *                              array: additional tag params (f.e. style="")
 * @param  boolean $new_form    we set this to false when we are already in
 *                              a  form, to avoid generating nested forms
 *
 * @return string  the results to be echoed or saved in an array
 */
function PMA_linkOrButton($url, $message, $tag_params = array(), $new_form = true, $strip_img = false, $target = '')
{
    $url_length = strlen($url);
    // with this we should be able to catch case of image upload
    // into a (MEDIUM) BLOB; not worth generating even a form for these
    if ($url_length > $GLOBALS['cfg']['LinkLengthLimit'] * 100) {
        return '';
    }
    if (!is_array($tag_params)) {
        $tmp = $tag_params;
        $tag_params = array();
        if (!empty($tmp)) {
            $tag_params['onclick'] = 'return confirmLink(this, \'' . PMA_escapeJsString($tmp) . '\')';
        }
        unset($tmp);
    }
    if (!empty($target)) {
        $tag_params['target'] = htmlentities($target);
    }
    $tag_params_strings = array();
    foreach ($tag_params as $par_name => $par_value) {
        // htmlspecialchars() only on non javascript
        $par_value = substr($par_name, 0, 2) == 'on' ? $par_value : htmlspecialchars($par_value);
        $tag_params_strings[] = $par_name . '="' . $par_value . '"';
    }
    if ($url_length <= $GLOBALS['cfg']['LinkLengthLimit']) {
        // no whitespace within an <a> else Safari will make it part of the link
        $ret = "\n" . '<a href="' . $url . '" ' . implode(' ', $tag_params_strings) . '>' . $message . '</a>' . "\n";
    } else {
        // no spaces (linebreaks) at all
        // or after the hidden fields
        // IE will display them all
        // add class=link to submit button
        if (empty($tag_params['class'])) {
            $tag_params['class'] = 'link';
        }
        // decode encoded url separators
        $separator = PMA_get_arg_separator();
        // on most places separator is still hard coded ...
        if ($separator !== '&') {
            // ... so always replace & with $separator
            $url = str_replace(htmlentities('&'), $separator, $url);
            $url = str_replace('&', $separator, $url);
        }
        $url = str_replace(htmlentities($separator), $separator, $url);
        // end decode
        $url_parts = parse_url($url);
        $query_parts = explode($separator, $url_parts['query']);
        if ($new_form) {
            $ret = '<form action="' . $url_parts['path'] . '" class="link"' . ' method="post"' . $target . ' style="display: inline;">';
            $subname_open = '';
            $subname_close = '';
            $submit_name = '';
        } else {
            $query_parts[] = 'redirect=' . $url_parts['path'];
            if (empty($GLOBALS['subform_counter'])) {
                $GLOBALS['subform_counter'] = 0;
            }
            $GLOBALS['subform_counter']++;
            $ret = '';
            $subname_open = 'subform[' . $GLOBALS['subform_counter'] . '][';
            $subname_close = ']';
            $submit_name = ' name="usesubform[' . $GLOBALS['subform_counter'] . ']"';
        }
        foreach ($query_parts as $query_pair) {
            list($eachvar, $eachval) = explode('=', $query_pair);
            $ret .= '<input type="hidden" name="' . $subname_open . $eachvar . $subname_close . '" value="' . htmlspecialchars(urldecode($eachval)) . '" />';
        }
        // end while
        if (stristr($message, '<img')) {
            if ($strip_img) {
                $message = trim(strip_tags($message));
                $ret .= '<input type="submit"' . $submit_name . ' ' . implode(' ', $tag_params_strings) . ' value="' . htmlspecialchars($message) . '" />';
            } else {
                $displayed_message = htmlspecialchars(preg_replace('/^.*\\salt="([^"]*)".*$/si', '\\1', $message));
                $ret .= '<input type="image"' . $submit_name . ' ' . implode(' ', $tag_params_strings) . ' src="' . preg_replace('/^.*\\ssrc="([^"]*)".*$/si', '\\1', $message) . '"' . ' value="' . $displayed_message . '" title="' . $displayed_message . '" />';
                // Here we cannot obey PropertiesIconic completely as a
                // generated link would have a length over LinkLengthLimit
                // but we can at least show the message.
                // If PropertiesIconic is false or 'both'
                if ($GLOBALS['cfg']['PropertiesIconic'] !== true) {
                    $ret .= ' <span class="clickprevimage">' . $displayed_message . '</span>';
                }
            }
        } else {
            $message = trim(strip_tags($message));
            $ret .= '<input type="submit"' . $submit_name . ' ' . implode(' ', $tag_params_strings) . ' value="' . htmlspecialchars($message) . '" />';
        }
        if ($new_form) {
            $ret .= '</form>';
        }
    }
    // end if... else...
    return $ret;
}
Exemplo n.º 15
0
                            $('#upload_form_status_info').html('<img src="<?php 
    echo $GLOBALS['pmaThemeImage'];
    ?>
ajax_clock_small.gif" width="16" height="16" alt="ajax clock" /> <?php 
    echo PMA_jsFormat(__('The file being uploaded is probably larger than the maximum allowed size or this is a known bug in webkit based (Safari, Google Chrome, Arora etc.) browsers.'), false);
    ?>
');
                            $('#upload_form_status').css("display", "none");
                        } else {
                            var now = new Date();
                            now = Date.UTC(
                                now.getFullYear(), now.getMonth(), now.getDate(),
                                now.getHours(), now.getMinutes(), now.getSeconds())
                                + now.getMilliseconds() - 1000;
                            var statustext = $.sprintf('<?php 
    echo PMA_escapeJsString(__('%s of %s'));
    ?>
',
                                formatBytes(complete, 1, PMA_messages.strDecimalSeparator),
                                formatBytes(total, 1, PMA_messages.strDecimalSeparator)
                            );

                            if ($('#importmain').is(':visible')) {
                                // show progress UI
                                $('#importmain').hide();
                                $('#import_form_status')
                                    .html('<div class="upload_progress"><div class="upload_progress_bar_outer"><div class="percentage"></div><div id="status" class="upload_progress_bar_inner"><div class="percentage"></div></div></div><div><img src="<?php 
    echo $GLOBALS['pmaThemeImage'];
    ?>
ajax_clock_small.gif" width="16" height="16" alt="ajax clock" /> <?php 
    echo PMA_jsFormat(__('Uploading your import file...'), false);
Exemplo n.º 16
0
 /**
  * Provides search results row with browse/delete links.
  * (for a table)
  *
  * @param string  $each_table    One of the tables on which search was performed
  * @param array   $newsearchsqls Contains SQL queries
  * @param bool    $odd_row       For displaying contrasting table rows
  * @param integer $res_cnt       Number of results found
  *
  * @return string HTML row
  */
 private function _getResultsRow($each_table, $newsearchsqls, $odd_row, $res_cnt)
 {
     $this_url_params = array('db' => $GLOBALS['db'], 'table' => $each_table, 'goto' => 'db_sql.php', 'pos' => 0, 'is_js_confirmed' => 0);
     // Start forming search results row
     $html_output = '<tr class="noclick ' . ($odd_row ? 'odd' : 'even') . '">';
     // Displays results count for a table
     $html_output .= '<td>';
     $html_output .= sprintf(_ngettext('%1$s match in <strong>%2$s</strong>', '%1$s matches in <strong>%2$s</strong>', $res_cnt), $res_cnt, htmlspecialchars($each_table));
     $html_output .= '</td>';
     // Displays browse/delete link if result count > 0
     if ($res_cnt > 0) {
         $this_url_params['sql_query'] = $newsearchsqls['select_columns'];
         $browse_result_path = 'sql.php' . PMA_URL_getCommon($this_url_params);
         $html_output .= '<td><a name="browse_search" class="ajax" href="' . $browse_result_path . '" onclick="loadResult(\'' . $browse_result_path . '\',\'' . PMA_escapeJsString(htmlspecialchars($each_table)) . '\',\'' . PMA_URL_getCommon(array('db' => $GLOBALS['db'], 'table' => $each_table)) . '\'' . ');return false;" >' . __('Browse') . '</a></td>';
         $this_url_params['sql_query'] = $newsearchsqls['delete'];
         $delete_result_path = 'sql.php' . PMA_URL_getCommon($this_url_params);
         $html_output .= '<td><a name="delete_search" class="ajax" href="' . $delete_result_path . '" onclick="deleteResult(\'' . $delete_result_path . '\' , \'' . sprintf(__('Delete the matches for the %s table?'), htmlspecialchars($each_table)) . '\');return false;">' . __('Delete') . '</a></td>';
     } else {
         $html_output .= '<td>&nbsp;</td>' . '<td>&nbsp;</td>';
     }
     // end if else
     $html_output .= '</tr>';
     return $html_output;
 }
 /**
  * Test for PMA_sendHeaderLocation
  *
  * @return void
  */
 public function testSendHeaderLocationIisLongUri()
 {
     if (defined('PMA_IS_IIS') && PMA_HAS_RUNKIT) {
         runkit_constant_redefine('PMA_IS_IIS', true);
     } elseif (!defined('PMA_IS_IIS')) {
         define('PMA_IS_IIS', true);
     } else {
         $this->markTestSkipped('Cannot redefine constant/function - missing runkit extension');
     }
     // over 600 chars
     $testUri = 'http://testurl.com/test.php?testlonguri=over600chars&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test';
     $testUri_html = htmlspecialchars($testUri);
     $testUri_js = PMA_escapeJsString($testUri);
     $header = "<html><head><title>- - -</title>\n    <meta http-equiv=\"expires\" content=\"0\">" . "<meta http-equiv=\"Pragma\" content=\"no-cache\">" . "<meta http-equiv=\"Cache-Control\" content=\"no-cache\">" . "<meta http-equiv=\"Refresh\" content=\"0;url=" . $testUri_html . "\">" . "<script type=\"text/javascript\">//<![CDATA[\n        setTimeout(\"window.location = decodeURI('" . $testUri_js . "')\", 2000);\n        //]]></script></head>\n<body><script type=\"text/javascript\">//<![CDATA[\n    document.write('<p><a href=\"" . $testUri_html . "\">" . __('Go') . "</a></p>');\n    //]]></script></body></html>";
     $this->expectOutputString($header);
     PMA_sendHeaderLocation($testUri);
 }
Exemplo n.º 18
0
/**
 * Displays a link, or a button if the link's URL is too large, to
 * accommodate some browsers' limitations
 *
 * @param string  $url        the URL
 * @param string  $message    the link message
 * @param mixed   $tag_params string: js confirmation
 *                            array: additional tag params (f.e. style="")
 * @param boolean $new_form   we set this to false when we are already in
 *                            a  form, to avoid generating nested forms
 * @param boolean $strip_img  whether to strip the image
 * @param string  $target     target
 *
 * @return string  the results to be echoed or saved in an array
 */
function PMA_linkOrButton($url, $message, $tag_params = array(), $new_form = true, $strip_img = false, $target = '')
{
    $url_length = strlen($url);
    // with this we should be able to catch case of image upload
    // into a (MEDIUM) BLOB; not worth generating even a form for these
    if ($url_length > $GLOBALS['cfg']['LinkLengthLimit'] * 100) {
        return '';
    }
    if (!is_array($tag_params)) {
        $tmp = $tag_params;
        $tag_params = array();
        if (!empty($tmp)) {
            $tag_params['onclick'] = 'return confirmLink(this, \'' . PMA_escapeJsString($tmp) . '\')';
        }
        unset($tmp);
    }
    if (!empty($target)) {
        $tag_params['target'] = htmlentities($target);
    }
    $tag_params_strings = array();
    foreach ($tag_params as $par_name => $par_value) {
        // htmlspecialchars() only on non javascript
        $par_value = substr($par_name, 0, 2) == 'on' ? $par_value : htmlspecialchars($par_value);
        $tag_params_strings[] = $par_name . '="' . $par_value . '"';
    }
    $displayed_message = '';
    // Add text if not already added
    if (stristr($message, '<img') && (!$strip_img || $GLOBALS['cfg']['PropertiesIconic'] === true) && strip_tags($message) == $message) {
        $displayed_message = '<span>' . htmlspecialchars(preg_replace('/^.*\\salt="([^"]*)".*$/si', '\\1', $message)) . '</span>';
    }
    // Suhosin: Check that each query parameter is not above maximum
    $in_suhosin_limits = true;
    if ($url_length <= $GLOBALS['cfg']['LinkLengthLimit']) {
        if ($suhosin_get_MaxValueLength = ini_get('suhosin.get.max_value_length')) {
            $query_parts = PMA_splitURLQuery($url);
            foreach ($query_parts as $query_pair) {
                list($eachvar, $eachval) = explode('=', $query_pair);
                if (strlen($eachval) > $suhosin_get_MaxValueLength) {
                    $in_suhosin_limits = false;
                    break;
                }
            }
        }
    }
    if ($url_length <= $GLOBALS['cfg']['LinkLengthLimit'] && $in_suhosin_limits) {
        // no whitespace within an <a> else Safari will make it part of the link
        $ret = "\n" . '<a href="' . $url . '" ' . implode(' ', $tag_params_strings) . '>' . $message . $displayed_message . '</a>' . "\n";
    } else {
        // no spaces (linebreaks) at all
        // or after the hidden fields
        // IE will display them all
        // add class=link to submit button
        if (empty($tag_params['class'])) {
            $tag_params['class'] = 'link';
        }
        if (!isset($query_parts)) {
            $query_parts = PMA_splitURLQuery($url);
        }
        $url_parts = parse_url($url);
        if ($new_form) {
            $ret = '<form action="' . $url_parts['path'] . '" class="link"' . ' method="post"' . $target . ' style="display: inline;">';
            $subname_open = '';
            $subname_close = '';
            $submit_link = '#';
        } else {
            $query_parts[] = 'redirect=' . $url_parts['path'];
            if (empty($GLOBALS['subform_counter'])) {
                $GLOBALS['subform_counter'] = 0;
            }
            $GLOBALS['subform_counter']++;
            $ret = '';
            $subname_open = 'subform[' . $GLOBALS['subform_counter'] . '][';
            $subname_close = ']';
            $submit_link = '#usesubform[' . $GLOBALS['subform_counter'] . ']=1';
        }
        foreach ($query_parts as $query_pair) {
            list($eachvar, $eachval) = explode('=', $query_pair);
            $ret .= '<input type="hidden" name="' . $subname_open . $eachvar . $subname_close . '" value="' . htmlspecialchars(urldecode($eachval)) . '" />';
        }
        // end while
        $ret .= "\n" . '<a href="' . $submit_link . '" class="formLinkSubmit" ' . implode(' ', $tag_params_strings) . '>' . $message . ' ' . $displayed_message . '</a>' . "\n";
        if ($new_form) {
            $ret .= '</form>';
        }
    }
    // end if... else...
    return $ret;
}
Exemplo n.º 19
0
$GLOBALS['js_include'][] = 'tooltip.js';
$GLOBALS['js_events'][] = array('object' => 'window', 'event' => 'load', 'function' => 'PMA_TT_init');
foreach ($GLOBALS['js_include'] as $js_script_file) {
    echo '<script src="./js/' . $js_script_file . '" type="text/javascript"></script>' . "\n";
}
?>
<script type="text/javascript">
// <![CDATA[
// Updates the title of the frameset if possible (ns4 does not allow this)
if (typeof(parent.document) != 'undefined' && typeof(parent.document) != 'unknown'
    && typeof(parent.document.title) == 'string') {
    parent.document.title = '<?php 
echo PMA_sanitize(PMA_escapeJsString($title));
?>
';
}

var PMA_messages = new Array();
<?php 
foreach ($GLOBALS['js_messages'] as $name => $js_message) {
    echo "PMA_messages['" . $name . "'] = '" . PMA_escapeJsString($js_message) . "';\n";
}
foreach ($GLOBALS['js_events'] as $js_event) {
    echo "window.parent.addEvent(" . $js_event['object'] . ", '" . $js_event['event'] . "', " . $js_event['function'] . ");\n";
}
?>
// ]]>
</script>
<?php 
// Reloads the navigation frame via JavaScript if required
PMA_reloadNavigation();
Exemplo n.º 20
0
 /**
  * Prepares data for input field display and outputs HTML code
  *
  * @uses ConfigFile::get()
  * @uses ConfigFile::getDefault()
  * @uses ConfigFile::getInstance()
  * @uses display_group_footer()
  * @uses display_group_header()
  * @uses display_input()
  * @uses Form::getOptionType()
  * @uses Form::getOptionValueList()
  * @uses PMA_escapeJsString()
  * @uses PMA_lang_desc()
  * @uses PMA_lang_name()
  * @param Form   $form
  * @param string $field                 field name as it appears in $form
  * @param string $system_path           field path, eg. Servers/1/verbose
  * @param string $work_path             work path, eg. Servers/4/verbose
  * @param string $translated_path       work path changed so that it can be used as XHTML id
  * @param bool   $show_restore_default  whether show "restore default" button besides the input field
  * @param mixed  $userprefs_allow       whether user preferences are enabled for this field
  *                                      (null - no support, true/false - enabled/disabled)
  * @param array  &$js_default           array which stores JavaScript code to be displayed
  */
 private function _displayFieldInput(Form $form, $field, $system_path, $work_path, $translated_path, $show_restore_default, $userprefs_allow, array &$js_default)
 {
     $name = PMA_lang_name($system_path);
     $description = PMA_lang_name($system_path, 'desc', '');
     $cf = ConfigFile::getInstance();
     $value = $cf->get($work_path);
     $value_default = $cf->getDefault($system_path);
     $value_is_default = false;
     if ($value === null || $value === $value_default) {
         $value = $value_default;
         $value_is_default = true;
     }
     $opts = array('doc' => $this->getDocLink($system_path), 'wiki' => $this->getWikiLink($system_path), 'show_restore_default' => $show_restore_default, 'userprefs_allow' => $userprefs_allow, 'userprefs_comment' => PMA_lang_name($system_path, 'cmt', ''));
     if (isset($form->default[$system_path])) {
         $opts['setvalue'] = $form->default[$system_path];
     }
     if (isset($this->errors[$work_path])) {
         $opts['errors'] = $this->errors[$work_path];
     }
     switch ($form->getOptionType($field)) {
         case 'string':
             $type = 'text';
             break;
         case 'short_string':
             $type = 'short_text';
             break;
         case 'double':
         case 'integer':
             $type = 'number_text';
             break;
         case 'boolean':
             $type = 'checkbox';
             break;
         case 'select':
             $type = 'select';
             $opts['values'] = $form->getOptionValueList($form->fields[$field]);
             break;
         case 'array':
             $type = 'list';
             $value = (array) $value;
             $value_default = (array) $value_default;
             break;
         case 'group':
             if (substr($field, 7, 4) != 'end:') {
                 // :group:end is changed to :group:end:{unique id} in Form class
                 display_group_header(substr($field, 7));
             } else {
                 display_group_footer();
             }
             return;
         case 'NULL':
             trigger_error("Field {$system_path} has no type", E_USER_WARNING);
             return;
     }
     // TrustedProxies requires changes before displaying
     if ($system_path == 'TrustedProxies') {
         foreach ($value as $ip => &$v) {
             if (!preg_match('/^-\\d+$/', $ip)) {
                 $v = $ip . ': ' . $v;
             }
         }
     }
     $this->_setComments($system_path, $opts);
     // send default value to form's JS
     $js_line = '\'' . $translated_path . '\': ';
     switch ($type) {
         case 'text':
         case 'short_text':
         case 'number_text':
             $js_line .= '\'' . PMA_escapeJsString($value_default) . '\'';
             break;
         case 'checkbox':
             $js_line .= $value_default ? 'true' : 'false';
             break;
         case 'select':
             $value_default_js = is_bool($value_default) ? (int) $value_default : $value_default;
             $js_line .= '[\'' . PMA_escapeJsString($value_default_js) . '\']';
             break;
         case 'list':
             $js_line .= '\'' . PMA_escapeJsString(implode("\n", $value_default)) . '\'';
             break;
     }
     $js_default[] = $js_line;
     display_input($translated_path, $name, $description, $type, $value, $value_is_default, $opts);
 }
Exemplo n.º 21
0
/**
 * Prints javascript for upload with plugin, upload process bar
 *
 * @param int $upload_id The selected upload id
 *
 * @return string
 */
function PMA_getHtmlForImportWithPlugin($upload_id)
{
    //some variable for javascript
    $ajax_url = "import_status.php?id=" . $upload_id . "&" . PMA_URL_getCommon(array('import_status' => 1), 'text');
    $promot_str = PMA_jsFormat(__('The file being uploaded is probably larger than ' . 'the maximum allowed size or this is a known bug in webkit ' . 'based (Safari, Google Chrome, Arora etc.) browsers.'), false);
    $statustext_str = PMA_escapeJsString(__('%s of %s'));
    $upload_str = PMA_jsFormat(__('Uploading your import file…'), false);
    $second_str = PMA_jsFormat(__('%s/sec.'), false);
    $remaining_min = PMA_jsFormat(__('About %MIN min. %SEC sec. remaining.'), false);
    $remaining_second = PMA_jsFormat(__('About %SEC sec. remaining.'), false);
    $processed_str = PMA_jsFormat(__('The file is being processed, please be patient.'), false);
    $import_url = PMA_URL_getCommon(array('import_status' => 1), 'text');
    //start output
    $html = 'var finished = false; ';
    $html .= 'var percent  = 0.0; ';
    $html .= 'var total    = 0; ';
    $html .= 'var complete = 0; ';
    $html .= 'var original_title = ' . 'parent && parent.document ? parent.document.title : false; ';
    $html .= 'var import_start; ';
    $html .= 'var perform_upload = function () { ';
    $html .= 'new $.getJSON( ';
    $html .= '        "' . $ajax_url . '", ';
    $html .= '        {}, ';
    $html .= '        function(response) { ';
    $html .= '            finished = response.finished; ';
    $html .= '            percent = response.percent; ';
    $html .= '            total = response.total; ';
    $html .= '            complete = response.complete; ';
    $html .= '            if (total==0 && complete==0 && percent==0) { ';
    $img_tag = '<img src="' . $GLOBALS['pmaThemeImage'] . 'ajax_clock_small.gif"';
    $html .= '                $("#upload_form_status_info").html(\'' . $img_tag . ' width="16" height="16" alt="ajax clock" /> ' . $promot_str . '\'); ';
    $html .= '                $("#upload_form_status").css("display", "none"); ';
    $html .= '            } else { ';
    $html .= '                var now = new Date(); ';
    $html .= '                now = Date.UTC( ';
    $html .= '                    now.getFullYear(), ';
    $html .= '                    now.getMonth(), ';
    $html .= '                    now.getDate(), ';
    $html .= '                    now.getHours(), ';
    $html .= '                    now.getMinutes(), ';
    $html .= '                    now.getSeconds()) ';
    $html .= '                    + now.getMilliseconds() - 1000; ';
    $html .= '                var statustext = PMA_sprintf(';
    $html .= '                    "' . $statustext_str . '", ';
    $html .= '                    formatBytes( ';
    $html .= '                        complete, 1, PMA_messages.strDecimalSeparator';
    $html .= '                    ), ';
    $html .= '                    formatBytes(';
    $html .= '                        total, 1, PMA_messages.strDecimalSeparator';
    $html .= '                    ) ';
    $html .= '                ); ';
    $html .= '                if ($("#importmain").is(":visible")) { ';
    // show progress UI
    $html .= '                    $("#importmain").hide(); ';
    $html .= '                    $("#import_form_status") ';
    $html .= '                    .html(\'<div class="upload_progress">' . '<div class="upload_progress_bar_outer"><div class="percentage">' . '</div><div id="status" class="upload_progress_bar_inner">' . '<div class="percentage"></div></div></div><div>' . '<img src="' . $GLOBALS['pmaThemeImage'] . 'ajax_clock_small.gif" width="16" height="16" alt="ajax clock" /> ' . $upload_str . '</div><div id="statustext"></div></div>\') ';
    $html .= '                    .show(); ';
    $html .= '                    import_start = now; ';
    $html .= '                } ';
    $html .= '                else if (percent > 9 || complete > 2000000) { ';
    // calculate estimated time
    $html .= '                    var used_time = now - import_start; ';
    $html .= '                    var seconds = ' . 'parseInt(((total - complete) / complete) * used_time / 1000); ';
    $html .= '                    var speed = PMA_sprintf("' . $second_str . '"';
    $html .= '                       , formatBytes(complete / used_time * 1000, 1,' . ' PMA_messages.strDecimalSeparator)); ';
    $html .= '                    var minutes = parseInt(seconds / 60); ';
    $html .= '                    seconds %= 60; ';
    $html .= '                    var estimated_time; ';
    $html .= '                    if (minutes > 0) { ';
    $html .= '                        estimated_time = "' . $remaining_min . '"';
    $html .= '                            .replace("%MIN", minutes)';
    $html .= '                            .replace("%SEC", seconds); ';
    $html .= '                    } ';
    $html .= '                    else { ';
    $html .= '                        estimated_time = "' . $remaining_second . '"';
    $html .= '                        .replace("%SEC", seconds); ';
    $html .= '                    } ';
    $html .= '                    statustext += "<br />" + speed + "<br /><br />" ' . '+ estimated_time; ';
    $html .= '                } ';
    $html .= '                var percent_str = Math.round(percent) + "%"; ';
    $html .= '                $("#status").animate({width: percent_str}, 150); ';
    $html .= '                $(".percentage").text(percent_str); ';
    // show percent in window title
    $html .= '                if (original_title !== false) { ';
    $html .= '                    parent.document.title ';
    $html .= '                        = percent_str + " - " + original_title; ';
    $html .= '                } ';
    $html .= '                else { ';
    $html .= '                    document.title ';
    $html .= '                        = percent_str + " - " + original_title; ';
    $html .= '                } ';
    $html .= '                $("#statustext").html(statustext); ';
    $html .= '            }  ';
    $html .= '            if (finished == true) { ';
    $html .= '                if (original_title !== false) { ';
    $html .= '                    parent.document.title = original_title; ';
    $html .= '                } ';
    $html .= '                else { ';
    $html .= '                    document.title = original_title; ';
    $html .= '                } ';
    $html .= '                $("#importmain").hide(); ';
    // loads the message, either success or mysql error
    $html .= '                $("#import_form_status") ';
    $html .= '                .html(\'<img src="' . $GLOBALS['pmaThemeImage'] . 'ajax_clock_small.gif" width="16" height="16" alt="ajax clock" /> ' . $processed_str . '\')';
    $html .= '                .show(); ';
    $html .= '                $("#import_form_status").load("import_status.php?' . 'message=true&' . $import_url . '"); ';
    $html .= '                PMA_reloadNavigation(); ';
    // if finished
    $html .= '            } ';
    $html .= '            else { ';
    $html .= '              setTimeout(perform_upload, 1000); ';
    $html .= '         } ';
    $html .= '}); ';
    $html .= '}; ';
    $html .= 'setTimeout(perform_upload, 1000); ';
    return $html;
}
Exemplo n.º 22
0
/**
 * Get HTML for foreign link in insert form
 *
 * @param array   $column               description of column in given table
 * @param string  $backup_field         hidden input field
 * @param string  $column_name_appendix the name atttibute
 * @param string  $unnullify_trigger    validation string
 * @param integer $tabindex             tab index
 * @param integer $tabindex_for_value   offset for the values tabindex
 * @param integer $idindex              id index
 * @param array   $data                 data to edit
 * @param array   $paramTableDbArray    array containing $db and $table
 * @param array   $rownumber_param      &amp;rownumber=row_id
 * @param array   $titles               An HTML IMG tag for a particular icon from
 *                                      a theme, which may be an actual file or
 *                                      an icon from a sprite
 *
 * @return string                       an html snippet
 */
function PMA_getForeignLink($column, $backup_field, $column_name_appendix, $unnullify_trigger, $tabindex, $tabindex_for_value, $idindex, $data, $paramTableDbArray, $rownumber_param, $titles)
{
    list($db, $table) = $paramTableDbArray;
    $html_output = '';
    $html_output .= $backup_field . "\n";
    $html_output .= '<input type="hidden" name="fields_type' . $column_name_appendix . '" value="foreign" />';
    $html_output .= '<input type="text" name="fields' . $column_name_appendix . '" ' . 'class="textfield" ' . $unnullify_trigger . ' ' . 'tabindex="' . ($tabindex + $tabindex_for_value) . '" ' . 'id="field_' . $idindex . '_3" ' . 'value="' . htmlspecialchars($data) . '" />';
    $html_output .= '<a class="hide foreign_values_anchor" target="_blank" ' . 'onclick="window.open(this.href,\'foreigners\', \'width=640,height=240,scrollbars=yes,resizable=yes\'); return false;" ' . 'href="browse_foreigners.php?' . PMA_generate_common_url($db, $table) . '&amp;field=' . PMA_escapeJsString(urlencode($column['Field']) . $rownumber_param) . '">' . str_replace("'", "\\'", $titles['Browse']) . '</a>';
    return $html_output;
}
Exemplo n.º 23
0
 /**
  * Renders the footer
  *
  * @return string
  */
 public function getDisplay()
 {
     $retval = '';
     $this->_setHistory();
     if ($this->_isEnabled) {
         if (!$this->_isAjax) {
             $retval .= "</div>";
         }
         if (!$this->_isAjax && !$this->_isMinimal) {
             if (PMA_getenv('SCRIPT_NAME') && empty($_POST) && empty($GLOBALS['checked_special']) && !$this->_isAjax) {
                 $url = $this->getSelfUrl('unencoded');
                 $header = PMA_Response::getInstance()->getHeader();
                 $scripts = $header->getScripts()->getFiles();
                 $menuHash = $header->getMenu()->getHash();
                 // prime the client-side cache
                 $this->_scripts->addCode(sprintf('AJAX.cache.primer = {' . ' url: "%s",' . ' scripts: %s,' . ' menuHash: "%s"' . '};', PMA_escapeJsString($url), json_encode($scripts), PMA_escapeJsString($menuHash)));
                 $url = $this->getSelfUrl();
                 $retval .= $this->_getSelfLink($url);
             }
             $retval .= $this->_getDebugMessage();
             $retval .= $this->getErrorMessages();
             $retval .= $this->_scripts->getDisplay();
             if ($GLOBALS['cfg']['DBG']['demo']) {
                 $retval .= '<div id="pma_demo">';
                 $retval .= $this->_getDemoMessage();
                 $retval .= '</div>';
             }
             // Include possible custom footers
             if (file_exists(CUSTOM_FOOTER_FILE)) {
                 $retval .= '<div id="pma_footer">';
                 ob_start();
                 include CUSTOM_FOOTER_FILE;
                 $retval .= ob_get_contents();
                 ob_end_clean();
                 $retval .= '</div>';
             }
         }
         if (!$this->_isAjax) {
             $retval .= "</body></html>";
         }
     }
     return $retval;
 }
Exemplo n.º 24
0
            }
        }
        ?>
        </tbody>
        </table>
    <?php 
    }
    ?>
    </form>
    <form method="post" action="tbl_tracking.php<?php 
    echo PMA_generate_common_url($url_params + array('report' => 'true', 'version' => $_REQUEST['version']));
    ?>
">
    <?php 
    printf(__('Show %s with dates from %s to %s by user %s %s'), $str1, $str2, $str3, $str4, $str5);
    $str_export1 = '<select name="export_type">' . '<option value="sqldumpfile">' . __('SQL dump (file download)') . '</option>' . '<option value="sqldump">' . __('SQL dump') . '</option>' . '<option value="execution" onclick="alert(\'' . PMA_escapeJsString(__('This option will replace your table and contained data.')) . '\')">' . __('SQL execution') . '</option>' . '</select>';
    $str_export2 = '<input type="submit" name="report_export" value="' . __('Go') . '" />';
    ?>
    </form>
    <form method="post" action="tbl_tracking.php<?php 
    echo PMA_generate_common_url($url_params + array('report' => 'true', 'version' => $_REQUEST['version']));
    ?>
">
    <input type="hidden" name="logtype" value="<?php 
    echo htmlspecialchars($_REQUEST['logtype']);
    ?>
" />
    <input type="hidden" name="date_from" value="<?php 
    echo htmlspecialchars($_REQUEST['date_from']);
    ?>
" />
Exemplo n.º 25
0
 /**
  * Renders all the JavaScript file inclusions, code and events
  *
  * @return string
  */
 public function getDisplay()
 {
     $retval = '';
     if (count($this->_files) > 0) {
         $retval .= $this->_includeFiles($this->_files);
     }
     $code = 'AJAX.scriptHandler';
     foreach ($this->_files as $file) {
         $code .= sprintf('.add("%s",%d)', PMA_escapeJsString($file['filename']), $file['has_onload'] ? 1 : 0);
     }
     $code .= ';';
     $this->addCode($code);
     $code = '$(function() {';
     foreach ($this->_files as $file) {
         if ($file['has_onload']) {
             $code .= 'AJAX.fireOnload("';
             $code .= PMA_escapeJsString($file['filename']);
             $code .= '");';
         }
     }
     $code .= '});';
     $this->addCode($code);
     $retval .= '<script type="text/javascript">';
     $retval .= "// <![CDATA[\n";
     $retval .= $this->_code;
     foreach ($this->_events as $js_event) {
         $retval .= sprintf("\$(window).bind('%s', %s);\n", $js_event['event'], $js_event['function']);
     }
     $retval .= '// ]]>';
     $retval .= '</script>';
     return $retval;
 }
Exemplo n.º 26
0
 /**
  * Prepares data for input field display and outputs HTML code
  *
  * @param Form   $form
  * @param string $field                 field name as it appears in $form
  * @param string $system_path           field path, eg. Servers/1/verbose
  * @param string $work_path             work path, eg. Servers/4/verbose
  * @param string $translated_path       work path changed so that it can be used as XHTML id
  * @param bool   $show_restore_default  whether show "restore default" button besides the input field
  * @param array  &$js_default           array which stores JavaScript code to be displayed
  */
 private function _displayFieldInput(Form $form, $field, $system_path, $work_path, $translated_path, $show_restore_default, array &$js_default)
 {
     $name = PMA_lang_name($system_path);
     $description = PMA_lang_desc($system_path);
     $cf = ConfigFile::getInstance();
     $value = $cf->get($work_path);
     $value_default = $cf->getDefault($system_path);
     $value_is_default = false;
     if ($value === null || $value === $value_default) {
         $value = $value_default;
         $value_is_default = true;
     }
     $opts = array('doc' => $this->getDocLink($system_path), 'wiki' => $this->getWikiLink($system_path), 'show_restore_default' => $show_restore_default);
     if (isset($form->default[$system_path])) {
         $opts['setvalue'] = $form->default[$system_path];
     }
     if (isset($this->errors[$work_path])) {
         $opts['errors'] = $this->errors[$work_path];
     }
     switch ($form->getOptionType($field)) {
         case 'string':
             $type = 'text';
             break;
         case 'double':
             $type = 'text';
             break;
         case 'integer':
             $type = 'text';
             break;
         case 'boolean':
             $type = 'checkbox';
             break;
         case 'select':
             $type = 'select';
             $opts['values'] = array();
             $values = $form->getOptionValueList($form->fields[$field]);
             foreach ($values as $v) {
                 $opts['values'][$v] = $v;
             }
             break;
         case 'array':
             $type = 'list';
             $value = (array) $value;
             $value_default = (array) $value_default;
             break;
         case 'NULL':
             trigger_error("Field {$system_path} has no type", E_USER_WARNING);
             return;
     }
     // TrustedProxies requires changes before displaying
     if ($system_path == 'TrustedProxies') {
         foreach ($value as $ip => &$v) {
             if (!preg_match('/^-\\d+$/', $ip)) {
                 $v = $ip . ': ' . $v;
             }
         }
     }
     // send default value to form's JS
     $js_line = '\'' . $translated_path . '\': ';
     switch ($type) {
         case 'text':
             $js_line .= '\'' . PMA_escapeJsString($value_default) . '\'';
             break;
         case 'checkbox':
             $js_line .= $value_default ? 'true' : 'false';
             break;
         case 'select':
             $value_default_js = is_bool($value_default) ? (int) $value_default : $value_default;
             $js_line .= '[\'' . PMA_escapeJsString($value_default_js) . '\']';
             break;
         case 'list':
             $js_line .= '\'' . PMA_escapeJsString(implode("\n", $value_default)) . '\'';
             break;
     }
     $js_default[] = $js_line;
     display_input($translated_path, $name, $description, $type, $value, $value_is_default, $opts);
 }
Exemplo n.º 27
0
 /**
  * Test for PMA_sendHeaderLocation
  *
  * @return void
  */
 public function testSendHeaderLocationIisLongUri()
 {
     $GLOBALS['PMA_Config']->set('PMA_IS_IIS', true);
     // over 600 chars
     $testUri = 'http://testurl.com/test.php?testlonguri=over600chars&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test&test=test&test=test&test=test&test=test' . '&test=test&test=test';
     $testUri_html = htmlspecialchars($testUri);
     $testUri_js = PMA_escapeJsString($testUri);
     $header = "<html><head><title>- - -</title>\n    <meta http-equiv=\"expires\" content=\"0\">" . "<meta http-equiv=\"Pragma\" content=\"no-cache\">" . "<meta http-equiv=\"Cache-Control\" content=\"no-cache\">" . "<meta http-equiv=\"Refresh\" content=\"0;url=" . $testUri_html . "\">" . "<script type=\"text/javascript\">//<![CDATA[\n        setTimeout(\"window.location = decodeURI('" . $testUri_js . "')\", 2000);\n        //]]></script></head>\n<body><script type=\"text/javascript\">//<![CDATA[\n    document.write('<p><a href=\"" . $testUri_html . "\">" . __('Go') . "</a></p>');\n    //]]></script></body></html>\n";
     $this->expectOutputString($header);
     $restoreInstance = PMA\libraries\Response::getInstance();
     $mockResponse = $this->getMockBuilder('PMA\\libraries\\Response')->disableOriginalConstructor()->setMethods(array('disable', 'header', 'headersSent'))->getMock();
     $mockResponse->expects($this->once())->method('disable');
     $mockResponse->expects($this->any())->method('headersSent')->with()->will($this->returnValue(false));
     $attrInstance = new ReflectionProperty('PMA\\libraries\\Response', '_instance');
     $attrInstance->setAccessible(true);
     $attrInstance->setValue($mockResponse);
     PMA_sendHeaderLocation($testUri);
     $attrInstance->setValue($restoreInstance);
 }
Exemplo n.º 28
0
/**
 * Prints table row
 *
 * $rows contains following keys:
 * - src_table_name - source server table name
 * - dst_table_name - target server table name
 * - btn_type - 'M' or 'U'
 * - btn_structure - null or arguments for showDetails in server_synchronize.js (without img_obj and table_name):
 *                       i, update_size, insert_size, remove_size, insert_index, remove_index
 *
 * @param array $rows
 */
function PMA_syncDisplayDataCompare($rows)
{
    global $pmaThemeImage;
    $odd_row = true;
    foreach ($rows as $row) {
        echo '<tr class=" ' . ($odd_row ? 'odd' : 'even') . '">';
        echo '<td>' . htmlspecialchars($row['src_table_name']) . '</td><td style="text-align:center">';
        if (isset($row['btn_structure']) && $row['btn_structure']) {
            // parameters: i, update_size, insert_size, remove_size, insert_index, remove_index
            $p = $row['btn_structure'];
            $p[0] = $row['btn_type'] . 'S' . $p[0];
            echo '<img class="icon struct_img" src="' . $pmaThemeImage . 'new_struct.png" width="16" height="16"
                 alt="Structure" title="' . __('Click to select') . '" style="cursor:pointer" onclick="showDetails(' . "'" . implode($p, "','") . "'" . ', this, ' . "'" . PMA_escapeJsString(htmlspecialchars($row['src_table_name'])) . "'" . ')" /> ';
        }
        if (isset($row['btn_data']) && $row['btn_data']) {
            // parameters: i, update_size, insert_size, remove_size, insert_index, remove_index
            $p = $row['btn_data'];
            $p[0] = $row['btn_type'] . 'D' . $p[0];
            echo '<img class="icon data_img" src="' . $pmaThemeImage . 'new_data.png" width="16" height="16"
                alt="Data" title="' . __('Click to select') . '" style="cursor:pointer" onclick="showDetails(' . "'" . implode($p, "','") . "'" . ', this, ' . "'" . PMA_escapeJsString(htmlspecialchars($row['src_table_name'])) . "'" . ')" />';
        }
        echo '</td><td>' . htmlspecialchars($row['dst_table_name']) . '</td></tr>';
        $odd_row = !$odd_row;
    }
}
Exemplo n.º 29
0
/**
 * Send HTTP header, taking IIS limits into account (600 seems ok)
 *
 * @param string $uri         the header to send
 * @param bool   $use_refresh whether to use Refresh: header when running on IIS
 *
 * @return boolean  always true
 */
function PMA_sendHeaderLocation($uri, $use_refresh = false)
{
    if (PMA_IS_IIS && strlen($uri) > 600) {
        include_once './libraries/js_escape.lib.php';
        PMA_Response::getInstance()->disable();
        echo '<html><head><title>- - -</title>' . "\n";
        echo '<meta http-equiv="expires" content="0">' . "\n";
        echo '<meta http-equiv="Pragma" content="no-cache">' . "\n";
        echo '<meta http-equiv="Cache-Control" content="no-cache">' . "\n";
        echo '<meta http-equiv="Refresh" content="0;url=' . htmlspecialchars($uri) . '">' . "\n";
        echo '<script type="text/javascript">' . "\n";
        echo '//<![CDATA[' . "\n";
        echo 'setTimeout("window.location = unescape(\'"' . PMA_escapeJsString($uri) . '"\')", 2000);' . "\n";
        echo '//]]>' . "\n";
        echo '</script>' . "\n";
        echo '</head>' . "\n";
        echo '<body>' . "\n";
        echo '<script type="text/javascript">' . "\n";
        echo '//<![CDATA[' . "\n";
        echo 'document.write(\'<p><a href="' . htmlspecialchars($uri) . '">' . __('Go') . '</a></p>\');' . "\n";
        echo '//]]>' . "\n";
        echo '</script></body></html>' . "\n";
        return;
    }
    if (SID) {
        if (strpos($uri, '?') === false) {
            header('Location: ' . $uri . '?' . SID);
        } else {
            $separator = PMA_URL_getArgSeparator();
            header('Location: ' . $uri . $separator . SID);
        }
        return;
    }
    session_write_close();
    if (headers_sent()) {
        if (function_exists('debug_print_backtrace')) {
            echo '<pre>';
            debug_print_backtrace();
            echo '</pre>';
        }
        trigger_error('PMA_sendHeaderLocation called when headers are already sent!', E_USER_ERROR);
    }
    // bug #1523784: IE6 does not like 'Refresh: 0', it
    // results in a blank page
    // but we need it when coming from the cookie login panel)
    if (PMA_IS_IIS && $use_refresh) {
        header('Refresh: 0; ' . $uri);
    } else {
        header('Location: ' . $uri);
    }
}
 /**
  * PMA_escapeJsString tests
  *
  * @param string $target expected output
  * @param string $source string to be escaped
  *
  * @return void
  * @dataProvider escapeDataProvider
  */
 public function testEscape($target, $source)
 {
     $this->assertEquals($target, PMA_escapeJsString($source));
 }