/** * Displays authentication form * * this function MUST exit/quit the application * * @uses $GLOBALS['server'] * @uses $GLOBALS['PHP_AUTH_USER'] * @uses $GLOBALS['pma_auth_server'] * @uses $GLOBALS['text_dir'] * @uses $GLOBALS['pmaThemeImage'] * @uses $GLOBALS['charset'] * @uses $GLOBALS['target'] * @uses $GLOBALS['db'] * @uses $GLOBALS['table'] * @uses $GLOBALS['strWelcome'] * @uses $GLOBALS['strSecretRequired'] * @uses $GLOBALS['strError'] * @uses $GLOBALS['strLogin'] * @uses $GLOBALS['strLogServer'] * @uses $GLOBALS['strLogUsername'] * @uses $GLOBALS['strLogPassword'] * @uses $GLOBALS['strServerChoice'] * @uses $GLOBALS['strGo'] * @uses $GLOBALS['strCookiesRequired'] * @uses $GLOBALS['strPmaDocumentation'] * @uses $GLOBALS['pmaThemeImage'] * @uses $cfg['Servers'] * @uses $cfg['LoginCookieRecall'] * @uses $cfg['Lang'] * @uses $cfg['Server'] * @uses $cfg['ReplaceHelpImg'] * @uses $cfg['blowfish_secret'] * @uses $cfg['AllowArbitraryServer'] * @uses $_COOKIE * @uses $_REQUEST['old_usr'] * @uses PMA_sendHeaderLocation() * @uses PMA_select_language() * @uses PMA_select_server() * @uses file_exists() * @uses sprintf() * @uses count() * @uses htmlspecialchars() * @uses is_array() * @global string the last connection error * * @access public */ function PMA_auth() { global $conn_error; /* Perform logout to custom URL */ if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) { PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']); exit; } /* No recall if blowfish secret is not configured as it would produce garbage */ if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) { $default_user = $GLOBALS['PHP_AUTH_USER']; $default_server = $GLOBALS['pma_auth_server']; $autocomplete = ''; } else { $default_user = ''; $default_server = ''; // skip the IE autocomplete feature. $autocomplete = ' autocomplete="off"'; } $cell_align = $GLOBALS['text_dir'] == 'ltr' ? 'left' : 'right'; // Defines the charset to be used header('Content-Type: text/html; charset=' . $GLOBALS['charset']); // Defines the "item" image depending on text direction $item_img = $GLOBALS['pmaThemeImage'] . 'item_' . $GLOBALS['text_dir'] . '.png'; /* HTML header; do not show here the PMA version to improve security */ $page_title = 'phpMyAdmin '; require './libraries/header_meta_style.inc.php'; ?> <script type="text/javascript"> //<![CDATA[ // show login form in top frame if (top != self) { //window.top.location.href=location; } //]]> </script> </head> <body class="loginform"> <?php if (file_exists('./config.header.inc.php')) { require './config.header.inc.php'; } ?> <div class="container"> <a href="http://www.phpmyadmin.net" target="_blank" class="logo"><?php $logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png'; if (@file_exists($logo_image)) { echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />'; } else { echo '<img name="imLogo" id="imLogo" src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo.png' . '" ' . 'border="0" width="88" height="31" alt="phpMyAdmin" />'; } ?> </a> <h1> <?php echo sprintf($GLOBALS['strWelcome'], '<bdo dir="ltr" xml:lang="en">' . $page_title . '</bdo>'); ?> </h1> <?php // Show error message if (!empty($conn_error)) { PMA_Message::rawError($conn_error)->display(); } // Displays the languages form if (empty($GLOBALS['cfg']['Lang'])) { require_once './libraries/display_select_lang.lib.php'; // use fieldset, don't show doc link PMA_select_language(true, false); } ?> <br /> <!-- Login form --> <form method="post" action="index.php" name="login_form"<?php echo $autocomplete; ?> target="_top" class="login"> <fieldset> <legend> <?php echo $GLOBALS['strLogin']; echo '<a href="./Documentation.html" target="documentation" ' . 'title="' . $GLOBALS['strPmaDocumentation'] . '">'; if ($GLOBALS['cfg']['ReplaceHelpImg']) { echo '<img class="icon" src="' . $GLOBALS['pmaThemeImage'] . 'b_help.png" width="11" height="11" alt="' . $GLOBALS['strPmaDocumentation'] . '" />'; } else { echo '(*)'; } echo '</a>'; ?> </legend> <?php if ($GLOBALS['cfg']['AllowArbitraryServer']) { ?> <div class="item"> <label for="input_servername" title="<?php echo $GLOBALS['strLogServerHelp']; ?> "><?php echo $GLOBALS['strLogServer']; ?> </label> <input type="text" name="pma_servername" id="input_servername" value="<?php echo htmlspecialchars($default_server); ?> " size="24" class="textfield" title="<?php echo $GLOBALS['strLogServerHelp']; ?> " /> </div> <?php } ?> <div class="item"> <label for="input_username"><?php echo $GLOBALS['strLogUsername']; ?> </label> <input type="text" name="pma_username" id="input_username" value="<?php echo htmlspecialchars($default_user); ?> " size="24" class="textfield"/> </div> <div class="item"> <label for="input_password"><?php echo $GLOBALS['strLogPassword']; ?> </label> <input type="password" name="pma_password" id="input_password" value="" size="24" class="textfield" /> </div> <?php if (count($GLOBALS['cfg']['Servers']) > 1) { ?> <div class="item"> <label for="select_server"><?php echo $GLOBALS['strServerChoice']; ?> :</label> <select name="server" id="select_server" <?php if ($GLOBALS['cfg']['AllowArbitraryServer']) { echo ' onchange="document.forms[\'login_form\'].elements[\'pma_servername\'].value = \'\'" '; } ?> > <?php require_once './libraries/select_server.lib.php'; PMA_select_server(false, false); echo '</select></div>'; } else { echo ' <input type="hidden" name="server" value="' . $GLOBALS['server'] . '" />'; } // end if (server choice) ?> </fieldset> <fieldset class="tblFooters"> <input value="<?php echo $GLOBALS['strGo']; ?> " type="submit" id="input_go" /> <?php $_form_params = array(); if (!empty($GLOBALS['target'])) { $_form_params['target'] = $GLOBALS['target']; } if (!empty($GLOBALS['db'])) { $_form_params['db'] = $GLOBALS['db']; } if (!empty($GLOBALS['table'])) { $_form_params['table'] = $GLOBALS['table']; } // do not generate a "server" hidden field as we want the "server" // drop-down to have priority echo PMA_generate_common_hidden_inputs($_form_params, '', 0, 'server'); ?> </fieldset> </form> <?php // BEGIN Swekey Integration Swekey_login('input_username', 'input_go'); // END Swekey Integration // show the "Cookies required" message only if cookies are disabled // (we previously tried to set some cookies) if (empty($_COOKIE)) { trigger_error($GLOBALS['strCookiesRequired'], E_USER_NOTICE); } if ($GLOBALS['error_handler']->hasDisplayErrors()) { echo '<div>'; $GLOBALS['error_handler']->dispErrors(); echo '</div>'; } ?> </div> <script type="text/javascript"> // <![CDATA[ function PMA_focusInput() { var input_username = document.getElementById('input_username'); var input_password = document.getElementById('input_password'); if (input_username.value == '') { input_username.focus(); } else { input_password.focus(); } } window.setTimeout('PMA_focusInput()', 500); // ]]> </script> <?php if (file_exists('./config.footer.inc.php')) { require './config.footer.inc.php'; } ?> </body> </html> <?php exit; }
/** * Responds an error when an error happens when executing the query * * @param boolean $is_gotofile whether goto file or not * @param String $error error after executing the query * @param String $full_sql_query full sql query * * @return void */ function PMA_handleQueryExecuteError($is_gotofile, $error, $full_sql_query) { if ($is_gotofile) { $message = PMA_Message::rawError($error); $response = PMA_Response::getInstance(); $response->isSuccess(false); $response->addJSON('message', $message); } else { PMA_Util::mysqlDie($error, $full_sql_query, '', ''); } exit; }
/** * Prepares queries for adding users and * also create database and return query and message * * @param boolean $_error whether user create or not * @param string $real_sql_query SQL query for add a user * @param string $sql_query SQL query to be displayed * @param string $username username * @param string $hostname host name * @param string $dbname database name * * @return array $sql_query, $message */ function PMA_addUserAndCreateDatabase($_error, $real_sql_query, $sql_query, $username, $hostname, $dbname) { if ($_error || !empty($real_sql_query) && !$GLOBALS['dbi']->tryQuery($real_sql_query)) { $_REQUEST['createdb-1'] = $_REQUEST['createdb-2'] = $_REQUEST['createdb-3'] = null; $message = PMA_Message::rawError($GLOBALS['dbi']->getError()); } else { $message = PMA_Message::success(__('You have added a new user.')); } if (isset($_REQUEST['createdb-1'])) { // Create database with same name and grant all privileges $q = 'CREATE DATABASE IF NOT EXISTS ' . PMA_Util::backquote(PMA_Util::sqlAddSlashes($username)) . ';'; $sql_query .= $q; if (!$GLOBALS['dbi']->tryQuery($q)) { $message = PMA_Message::rawError($GLOBALS['dbi']->getError()); } /** * Reload the navigation */ $GLOBALS['reload'] = true; $GLOBALS['db'] = $username; $q = 'GRANT ALL PRIVILEGES ON ' . PMA_Util::backquote(PMA_Util::escapeMysqlWildcards(PMA_Util::sqlAddSlashes($username))) . '.* TO \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\';'; $sql_query .= $q; if (!$GLOBALS['dbi']->tryQuery($q)) { $message = PMA_Message::rawError($GLOBALS['dbi']->getError()); } } if (isset($_REQUEST['createdb-2'])) { // Grant all privileges on wildcard name (username\_%) $q = 'GRANT ALL PRIVILEGES ON ' . PMA_Util::backquote(PMA_Util::sqlAddSlashes($username) . '\\_%') . '.* TO \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\';'; $sql_query .= $q; if (!$GLOBALS['dbi']->tryQuery($q)) { $message = PMA_Message::rawError($GLOBALS['dbi']->getError()); } } if (isset($_REQUEST['createdb-3'])) { // Grant all privileges on the specified database to the new user $q = 'GRANT ALL PRIVILEGES ON ' . PMA_Util::backquote(PMA_Util::sqlAddSlashes($dbname)) . '.* TO \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\';'; $sql_query .= $q; if (!$GLOBALS['dbi']->tryQuery($q)) { $message = PMA_Message::rawError($GLOBALS['dbi']->getError()); } } return array($sql_query, $message); }
/** * Function to delete from a tracking report log * * @param array &$data tracked data * @param string $which_log ddlog|dmlog * @param string $type DDL|DML * @param string $message success message * * @return string HTML for the message */ function PMA_deleteFromTrackingReportLog(&$data, $which_log, $type, $message) { $html = ''; $delete_id = $_REQUEST['delete_' . $which_log]; // Only in case of valid id if ($delete_id == (int) $delete_id) { unset($data[$which_log][$delete_id]); $successfullyDeleted = PMA_Tracker::changeTrackingData($_REQUEST['db'], $_REQUEST['table'], $_REQUEST['version'], $type, $data[$which_log]); if ($successfullyDeleted) { $msg = PMA_Message::success($message); } else { $msg = PMA_Message::rawError(__('Query error')); } $html .= $msg->getDisplay(); } return $html; }
/** * Save this table's UI preferences into phpMyAdmin database. * * @return true|PMA_Message */ protected function saveUiPrefsToDb() { $pma_table = PMA_backquote($GLOBALS['cfg']['Server']['pmadb']) . "." . PMA_backquote($GLOBALS['cfg']['Server']['table_uiprefs']); $username = $GLOBALS['cfg']['Server']['user']; $sql_query = " REPLACE INTO " . $pma_table . " VALUES ('" . $username . "', '" . PMA_sqlAddSlashes($this->db_name) . "', '" . PMA_sqlAddSlashes($this->name) . "', '" . PMA_sqlAddSlashes(json_encode($this->uiprefs)) . "', NULL)"; $success = PMA_DBI_try_query($sql_query, $GLOBALS['controllink']); if (!$success) { $message = PMA_Message::error(__('Could not save table UI preferences')); $message->addMessage('<br /><br />'); $message->addMessage(PMA_Message::rawError(PMA_DBI_getError($GLOBALS['controllink']))); return $message; } // Remove some old rows in table_uiprefs if it exceeds the configured maximum rows $sql_query = 'SELECT COUNT(*) FROM ' . $pma_table; $rows_count = PMA_DBI_fetch_value($sql_query); $max_rows = $GLOBALS['cfg']['Server']['MaxTableUiprefs']; if ($rows_count > $max_rows) { $num_rows_to_delete = $rows_count - $max_rows; $sql_query = ' DELETE FROM ' . $pma_table . ' ORDER BY last_update ASC' . ' LIMIT ' . $num_rows_to_delete; $success = PMA_DBI_try_query($sql_query, $GLOBALS['controllink']); if (!$success) { $message = PMA_Message::error(sprintf(__('Failed to cleanup table UI preferences (see $cfg[\'Servers\'][$i][\'MaxTableUiprefs\'] %s)'), PMA_showDocu('cfg_Servers_MaxTableUiprefs'))); $message->addMessage('<br /><br />'); $message->addMessage(PMA_Message::rawError(PMA_DBI_getError($GLOBALS['controllink']))); print_r($message); return $message; } } return true; }
/** * Update the table's structure based on $_REQUEST * * @param string $db database name * @param string $table table name * * @return boolean $regenerate true if error occurred * */ function PMA_updateColumns($db, $table) { $err_url = 'tbl_structure.php?' . PMA_URL_getCommon($db, $table); $regenerate = false; $field_cnt = count($_REQUEST['field_name']); $key_fields = array(); $changes = array(); for ($i = 0; $i < $field_cnt; $i++) { if (PMA_columnNeedsAlterTable($i)) { $changes[] = 'CHANGE ' . PMA_Table::generateAlter(isset($_REQUEST['field_orig'][$i]) ? $_REQUEST['field_orig'][$i] : '', $_REQUEST['field_name'][$i], $_REQUEST['field_type'][$i], $_REQUEST['field_length'][$i], $_REQUEST['field_attribute'][$i], isset($_REQUEST['field_collation'][$i]) ? $_REQUEST['field_collation'][$i] : '', isset($_REQUEST['field_null'][$i]) ? $_REQUEST['field_null'][$i] : 'NOT NULL', $_REQUEST['field_default_type'][$i], $_REQUEST['field_default_value'][$i], isset($_REQUEST['field_extra'][$i]) ? $_REQUEST['field_extra'][$i] : false, isset($_REQUEST['field_comments'][$i]) ? $_REQUEST['field_comments'][$i] : '', $key_fields, $i, isset($_REQUEST['field_move_to'][$i]) ? $_REQUEST['field_move_to'][$i] : ''); } } // end for $response = PMA_Response::getInstance(); if (count($changes) > 0) { // Builds the primary keys statements and updates the table $key_query = ''; /** * this is a little bit more complex * * @todo if someone selects A_I when altering a column we need to check: * - no other column with A_I * - the column has an index, if not create one * */ // To allow replication, we first select the db to use // and then run queries on this db. if (!$GLOBALS['dbi']->selectDb($db)) { PMA_Util::mysqlDie($GLOBALS['dbi']->getError(), 'USE ' . PMA_Util::backquote($db) . ';', '', $err_url); } $sql_query = 'ALTER TABLE ' . PMA_Util::backquote($table) . ' '; $sql_query .= implode(', ', $changes) . $key_query; $sql_query .= ';'; $result = $GLOBALS['dbi']->tryQuery($sql_query); if ($result !== false) { $message = PMA_Message::success(__('Table %1$s has been altered successfully.')); $message->addParam($table); $response->addHTML(PMA_Util::getMessage($message, $sql_query, 'success')); } else { // An error happened while inserting/updating a table definition $response->isSuccess(false); $response->addJSON('message', PMA_Message::rawError(__('Query error') . ':<br />' . $GLOBALS['dbi']->getError())); $regenerate = true; } } include_once 'libraries/transformations.lib.php'; // update field names in relation if (isset($_REQUEST['field_orig']) && is_array($_REQUEST['field_orig'])) { foreach ($_REQUEST['field_orig'] as $fieldindex => $fieldcontent) { if ($_REQUEST['field_name'][$fieldindex] != $fieldcontent) { PMA_REL_renameField($db, $table, $fieldcontent, $_REQUEST['field_name'][$fieldindex]); } } } // update mime types if (isset($_REQUEST['field_mimetype']) && is_array($_REQUEST['field_mimetype']) && $GLOBALS['cfg']['BrowseMIME']) { foreach ($_REQUEST['field_mimetype'] as $fieldindex => $mimetype) { if (isset($_REQUEST['field_name'][$fieldindex]) && strlen($_REQUEST['field_name'][$fieldindex])) { PMA_setMIME($db, $table, $_REQUEST['field_name'][$fieldindex], $mimetype, $_REQUEST['field_transformation'][$fieldindex], $_REQUEST['field_transformation_options'][$fieldindex]); } } } return $regenerate; }
if (!empty($_REQUEST['view']['column_names'])) { $sql_query .= $sep . ' (' . $_REQUEST['view']['column_names'] . ')'; } $sql_query .= $sep . ' AS ' . $_REQUEST['view']['as']; if (isset($_REQUEST['view']['with'])) { $options = array_intersect($_REQUEST['view']['with'], $view_with_options); if (count($options)) { $sql_query .= $sep . ' WITH ' . implode(' ', $options); } } if (PMA_DBI_try_query($sql_query)) { $message = PMA_Message::success(); require './' . $cfg['DefaultTabDatabase']; exit; } else { $message = PMA_Message::rawError(PMA_DBI_getError()); } } // prefill values if not already filled from former submission $view = array('or_replace' => '', 'algorithm' => '', 'name' => '', 'column_names' => '', 'as' => $sql_query, 'with' => array()); if (PMA_isValid($_REQUEST['view'], 'array')) { $view = array_merge($view, $_REQUEST['view']); } /** * Displays top menu links * We use db links because a VIEW is not necessarily on a single table */ $num_tables = 0; require_once './libraries/db_links.inc.php'; $url_params['db'] = $GLOBALS['db']; $url_params['reload'] = 1;
/** * */ function open() { if (!$this->_decompress) { $this->_handle = @fopen($this->getName(), 'r'); } switch ($this->getCompression()) { case false: return false; case 'application/bzip2': if ($GLOBALS['cfg']['BZipDump'] && @function_exists('bzopen')) { $this->_handle = @bzopen($this->getName(), 'r'); } else { $this->_error_message = sprintf(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.'), $this->getCompression()); return false; } break; case 'application/gzip': if ($GLOBALS['cfg']['GZipDump'] && @function_exists('gzopen')) { $this->_handle = @gzopen($this->getName(), 'r'); } else { $this->_error_message = sprintf(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.'), $this->getCompression()); return false; } break; case 'application/zip': if ($GLOBALS['cfg']['ZipDump'] && @function_exists('zip_open')) { include_once './libraries/zip_extension.lib.php'; $result = PMA_getZipContents($this->getName()); if (!empty($result['error'])) { $this->_error_message = PMA_Message::rawError($result['error']); return false; } else { $this->content_uncompressed = $result['data']; } unset($result); } else { $this->_error_message = sprintf(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.'), $this->getCompression()); return false; } break; case 'none': $this->_handle = @fopen($this->getName(), 'r'); break; default: $this->_error_message = sprintf(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.'), $this->getCompression()); return false; break; } }
/** * Saves user preferences * * @uses $_SESSION['cache'][...]['userprefs'] * @uses $_SESSION['userconfig'] * @uses $GLOBALS['cfg']['ServerDefault'] * @uses $GLOBALS['controllink'] * @uses $GLOBALS['server'] * @uses ConfigFile::getConfigArray() * @uses ConfigFile::getInstance() * @uses PMA_backquote() * @uses PMA_DBI_fetch_value * @uses PMA_DBI_getError() * @uses PMA_DBI_try_query() * @uses PMA_Message::addMessage() * @uses PMA_Message::error() * @uses PMA_Message::rawError() * @uses PMA_sqlAddslashes() * @uses PMA_getRelationsParam() * @param array $config_data * @return true|PMA_Message */ function PMA_save_userprefs(array $config_array) { $cfgRelation = PMA_getRelationsParam(); $server = isset($GLOBALS['server']) ? $GLOBALS['server'] : $GLOBALS['cfg']['ServerDefault']; $cache_key = 'server_' . $server; if (!$cfgRelation['userconfigwork']) { // no pmadb table, use session storage $_SESSION['userconfig'] = array('db' => $config_array, 'ts' => time()); if (isset($_SESSION['cache'][$cache_key]['userprefs'])) { unset($_SESSION['cache'][$cache_key]['userprefs']); } return true; } // save configuration to pmadb $query_table = PMA_backquote($cfgRelation['db']) . '.' . PMA_backquote($cfgRelation['userconfig']); $query = ' SELECT `username` FROM ' . $query_table . ' WHERE `username` = \'' . PMA_sqlAddslashes($cfgRelation['user']) . '\''; $has_config = PMA_DBI_fetch_value($query, 0, 0, $GLOBALS['controllink']); $config_data = json_encode($config_array); if ($has_config) { $query = ' UPDATE ' . $query_table . ' SET `config_data` = \'' . PMA_sqlAddslashes($config_data) . '\' WHERE `username` = \'' . PMA_sqlAddslashes($cfgRelation['user']) . '\''; } else { $query = ' INSERT INTO ' . $query_table . ' (`username`, `config_data`) VALUES (\'' . PMA_sqlAddslashes($cfgRelation['user']) . '\', \'' . PMA_sqlAddslashes($config_data) . '\')'; } if (isset($_SESSION['cache'][$cache_key]['userprefs'])) { unset($_SESSION['cache'][$cache_key]['userprefs']); } if (!PMA_DBI_try_query($query, $GLOBALS['controllink'])) { $message = PMA_Message::error(__('Could not save configuration')); $message->addMessage('<br /><br />'); $message->addMessage(PMA_Message::rawError(PMA_DBI_getError($GLOBALS['controllink']))); return $message; } return true; }
/** * test rawError method * * @return void */ public function testRawError() { $this->object = new PMA_Message('', PMA_Message::ERROR); $this->object->setMessage('test<&>'); $this->assertEquals($this->object, PMA_Message::rawError('test<&>')); }
$delete_id = $_REQUEST['delete_dmlog']; // Only in case of valable id if ($delete_id == (int)$delete_id) { unset($data['dmlog'][$delete_id]); $successfullyDeleted = PMA_Tracker::changeTrackingData( $_REQUEST['db'], $_REQUEST['table'], $_REQUEST['version'], 'DML', $data['dmlog'] ); if ($successfullyDeleted) { $msg = PMA_Message::success( __('Tracking data manipulation successfully deleted') ); } else { $msg = PMA_Message::rawError(__('Query error')); } $msg->display(); } } } if (isset($_REQUEST['report']) || isset($_REQUEST['report_export'])) { echo '<h3>' . __('Tracking report') . ' [<a href="tbl_tracking.php?' . $url_query . '">' . __('Close') . '</a>]</h3>'; echo '<small>' . __('Tracking statements') . ' ' . htmlspecialchars($data['tracking']) . '</small><br/>'; echo '<br/>';
/** * move the repeating group of columns to a new table * * @param string $repeatingColumns comma separated list of repeating group columns * @param string $primary_columns comma separated list of column in primary key * of $table * @param string $newTable name of the new table to be created * @param string $newColumn name of the new column in the new table * @param string $table current table * @param string $db current database * * @return array */ function PMA_moveRepeatingGroup($repeatingColumns, $primary_columns, $newTable, $newColumn, $table, $db) { $repeatingColumnsArr = (array) PMA_Util::backquote(explode(', ', $repeatingColumns)); $primary_columns = implode(',', PMA_Util::backquote(explode(',', $primary_columns))); $query1 = 'CREATE TABLE ' . PMA_Util::backquote($newTable); $query2 = 'ALTER TABLE ' . PMA_Util::backquote($table); $message = PMA_Message::success(sprintf(__('Selected repeating group has been moved to the table \'%s\''), htmlspecialchars($table))); $first = true; $error = false; foreach ($repeatingColumnsArr as $repeatingColumn) { if (!$first) { $query1 .= ' UNION '; } $first = false; $query1 .= ' SELECT ' . $primary_columns . ',' . $repeatingColumn . ' as ' . PMA_Util::backquote($newColumn) . ' FROM ' . PMA_Util::backquote($table); $query2 .= ' DROP ' . $repeatingColumn . ','; } $query2 = trim($query2, ','); $queries = array($query1, $query2); $GLOBALS['dbi']->selectDb($db, $GLOBALS['userlink']); foreach ($queries as $query) { if (!$GLOBALS['dbi']->tryQuery($query, $GLOBALS['userlink'])) { $message = PMA_Message::error(__('Error in processing!')); $message->addMessage('<br /><br />'); $message->addMessage(PMA_Message::rawError($GLOBALS['dbi']->getError($GLOBALS['userlink']))); $error = true; break; } } return array('queryError' => $error, 'message' => $message); }
/** * Save this table's UI preferences into phpMyAdmin database. * * @return true|PMA_Message */ protected function saveUiPrefsToDb() { $cfgRelation = PMA_getRelationsParam(); $pma_table = PMA_Util::backquote($cfgRelation['db']) . "." . PMA_Util::backquote($cfgRelation['table_uiprefs']); $secureDbName = PMA_Util::sqlAddSlashes($this->_db_name); $username = $GLOBALS['cfg']['Server']['user']; $sql_query = " REPLACE INTO " . $pma_table . " (username, db_name, table_name, prefs) VALUES ('" . $username . "', '" . $secureDbName . "', '" . PMA_Util::sqlAddSlashes($this->_name) . "', '" . PMA_Util::sqlAddSlashes(json_encode($this->uiprefs)) . "')"; $success = $this->_dbi->tryQuery($sql_query, $GLOBALS['controllink']); if (!$success) { $message = PMA_Message::error(__('Could not save table UI preferences!')); $message->addMessage('<br /><br />'); $message->addMessage(PMA_Message::rawError($this->_dbi->getError($GLOBALS['controllink']))); return $message; } // Remove some old rows in table_uiprefs if it exceeds the configured // maximum rows $sql_query = 'SELECT COUNT(*) FROM ' . $pma_table; $rows_count = $this->_dbi->fetchValue($sql_query); $max_rows = $GLOBALS['cfg']['Server']['MaxTableUiprefs']; if ($rows_count > $max_rows) { $num_rows_to_delete = $rows_count - $max_rows; $sql_query = ' DELETE FROM ' . $pma_table . ' ORDER BY last_update ASC' . ' LIMIT ' . $num_rows_to_delete; $success = $this->_dbi->tryQuery($sql_query, $GLOBALS['controllink']); if (!$success) { $message = PMA_Message::error(sprintf(__('Failed to cleanup table UI preferences (see ' . '$cfg[\'Servers\'][$i][\'MaxTableUiprefs\'] %s)'), PMA_Util::showDocu('config', 'cfg_Servers_MaxTableUiprefs'))); $message->addMessage('<br /><br />'); $message->addMessage(PMA_Message::rawError($this->_dbi->getError($GLOBALS['controllink']))); return $message; } } return true; }
/** * Prepares queries for adding users and also create database and return query and message * * @param boolean $_error whether user create or not * @param string $real_sql_query SQL query for add a user * @param string $sql_query SQL query to be displayed * @param string $username username * @param string $hostname host name * * @return array $sql_query, $message */ function PMA_addUserAndCreateDatabase($_error, $real_sql_query, $sql_query, $username, $hostname) { $common_functions = PMA_CommonFunctions::getInstance(); if ($_error || !PMA_DBI_try_query($real_sql_query)) { $_REQUEST['createdb-1'] = $_REQUEST['createdb-2'] = $_REQUEST['createdb-3'] = false; $message = PMA_Message::rawError(PMA_DBI_getError()); } else { $message = PMA_Message::success(__('You have added a new user.')); } if (isset($_REQUEST['createdb-1'])) { // Create database with same name and grant all privileges $q = 'CREATE DATABASE IF NOT EXISTS ' . $common_functions->backquote($common_functions->sqlAddSlashes($username)) . ';'; $sql_query .= $q; if (!PMA_DBI_try_query($q)) { $message = PMA_Message::rawError(PMA_DBI_getError()); } /** * If we are not in an Ajax request, we can't reload navigation now */ if ($GLOBALS['is_ajax_request'] != true) { // this is needed in case tracking is on: $GLOBALS['db'] = $username; $GLOBALS['reload'] = true; echo $common_functions->getReloadNavigationScript(); } $q = 'GRANT ALL PRIVILEGES ON ' . $common_functions->backquote($common_functions->escapeMysqlWildcards($common_functions->sqlAddSlashes($username))) . '.* TO \'' . $common_functions->sqlAddSlashes($username) . '\'@\'' . $common_functions->sqlAddSlashes($hostname) . '\';'; $sql_query .= $q; if (!PMA_DBI_try_query($q)) { $message = PMA_Message::rawError(PMA_DBI_getError()); } } if (isset($_REQUEST['createdb-2'])) { // Grant all privileges on wildcard name (username\_%) $q = 'GRANT ALL PRIVILEGES ON ' . $common_functions->backquote($common_functions->sqlAddSlashes($username) . '\\_%') . '.* TO \'' . $common_functions->sqlAddSlashes($username) . '\'@\'' . $common_functions->sqlAddSlashes($hostname) . '\';'; $sql_query .= $q; if (!PMA_DBI_try_query($q)) { $message = PMA_Message::rawError(PMA_DBI_getError()); } } if (isset($_REQUEST['createdb-3'])) { // Grant all privileges on the specified database to the new user $q = 'GRANT ALL PRIVILEGES ON ' . $common_functions->backquote($common_functions->sqlAddSlashes($dbname)) . '.* TO \'' . $common_functions->sqlAddSlashes($username) . '\'@\'' . $common_functions->sqlAddSlashes($hostname) . '\';'; $sql_query .= $q; if (!PMA_DBI_try_query($q)) { $message = PMA_Message::rawError(PMA_DBI_getError()); } } return array($sql_query, $message); }
/** * Displays authentication form * * this function MUST exit/quit the application * * @global string the last connection error * * @access public */ function PMA_auth() { global $conn_error; /* Perform logout to custom URL */ if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) { PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']); exit; } /* No recall if blowfish secret is not configured as it would produce garbage */ if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) { $default_user = $GLOBALS['PHP_AUTH_USER']; $default_server = $GLOBALS['pma_auth_server']; $autocomplete = ''; } else { $default_user = ''; $default_server = ''; // skip the IE autocomplete feature. $autocomplete = ' autocomplete="off"'; } $cell_align = $GLOBALS['text_dir'] == 'ltr' ? 'left' : 'right'; // Defines the charset to be used header('Content-Type: text/html; charset=utf-8'); /* HTML header; do not show here the PMA version to improve security */ $page_title = 'phpMyAdmin '; include './libraries/header_meta_style.inc.php'; // if $page_title is set, this script uses it as the title: include './libraries/header_scripts.inc.php'; ?> </head> <body class="loginform"> <?php if (file_exists(CUSTOM_HEADER_FILE)) { include CUSTOM_HEADER_FILE; } ?> <div class="container"> <a href="<?php echo PMA_linkURL('http://www.phpmyadmin.net/'); ?> " target="_blank" class="logo"><?php $logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png'; if (@file_exists($logo_image)) { echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />'; } else { echo '<img name="imLogo" id="imLogo" src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo.png' . '" ' . 'border="0" width="88" height="31" alt="phpMyAdmin" />'; } ?> </a> <h1> <?php echo sprintf(__('Welcome to %s'), '<bdo dir="ltr" lang="en">' . $page_title . '</bdo>'); ?> </h1> <?php // Show error message if (!empty($conn_error)) { PMA_Message::rawError($conn_error)->display(); } echo "<noscript>\n"; PMA_message::error(__("Javascript must be enabled past this point"))->display(); echo "</noscript>\n"; echo "<div class='hide js-show'>"; // Displays the languages form if (empty($GLOBALS['cfg']['Lang'])) { include_once './libraries/display_select_lang.lib.php'; // use fieldset, don't show doc link PMA_select_language(true, false); } echo "</div>"; ?> <br /> <!-- Login form --> <form method="post" action="index.php" name="login_form"<?php echo $autocomplete; ?> target="_top" class="login hide js-show"> <fieldset> <legend> <?php echo __('Log in'); echo PMA_showDocu(''); ?> </legend> <?php if ($GLOBALS['cfg']['AllowArbitraryServer']) { ?> <div class="item"> <label for="input_servername" title="<?php echo __('You can enter hostname/IP address and port separated by space.'); ?> "><?php echo __('Server:'); ?> </label> <input type="text" name="pma_servername" id="input_servername" value="<?php echo htmlspecialchars($default_server); ?> " size="24" class="textfield" title="<?php echo __('You can enter hostname/IP address and port separated by space.'); ?> " /> </div> <?php } ?> <div class="item"> <label for="input_username"><?php echo __('Username:'******'Password:'******'cfg']['Servers']) > 1) { ?> <div class="item"> <label for="select_server"><?php echo __('Server Choice'); ?> :</label> <select name="server" id="select_server" <?php if ($GLOBALS['cfg']['AllowArbitraryServer']) { echo ' onchange="document.forms[\'login_form\'].elements[\'pma_servername\'].value = \'\'" '; } echo '>'; include_once './libraries/select_server.lib.php'; PMA_select_server(false, false); echo '</select></div>'; } else { echo ' <input type="hidden" name="server" value="' . $GLOBALS['server'] . '" />'; } // end if (server choice) ?> </fieldset> <fieldset class="tblFooters"> <input value="<?php echo __('Go'); ?> " type="submit" id="input_go" /> <?php $_form_params = array(); if (!empty($GLOBALS['target'])) { $_form_params['target'] = $GLOBALS['target']; } if (!empty($GLOBALS['db'])) { $_form_params['db'] = $GLOBALS['db']; } if (!empty($GLOBALS['table'])) { $_form_params['table'] = $GLOBALS['table']; } // do not generate a "server" hidden field as we want the "server" // drop-down to have priority echo PMA_generate_common_hidden_inputs($_form_params, '', 0, 'server'); ?> </fieldset> </form> <?php // BEGIN Swekey Integration Swekey_login('input_username', 'input_go'); // END Swekey Integration // show the "Cookies required" message only if cookies are disabled // (we previously tried to set some cookies) if (empty($_COOKIE)) { trigger_error(__('Cookies must be enabled past this point.'), E_USER_NOTICE); } if ($GLOBALS['error_handler']->hasDisplayErrors()) { echo '<div>'; $GLOBALS['error_handler']->dispErrors(); echo '</div>'; } ?> </div> <?php if (file_exists(CUSTOM_FOOTER_FILE)) { include CUSTOM_FOOTER_FILE; } ?> <script type="text/javascript"> //<![CDATA[ // show login form in top frame. if (top != self || document.body.className != 'loginform') { window.top.location.href=location; } //]]> </script> </body> </html> <?php exit; }
/** * Handles request for ROLLBACK. * * @param string $sql_query SQL query(s) * * @return void */ function PMA_handleRollbackRequest($sql_query) { $sql_delimiter = $_REQUEST['sql_delimiter']; $queries = explode($sql_delimiter, $sql_query); $error = false; $error_msg = __('Only INSERT, UPDATE, DELETE and REPLACE ' . 'SQL queries containing transactional engine tables can be rolled back.'); foreach ($queries as $sql_query) { if (empty($sql_query)) { continue; } // Check each query for ROLLBACK support. if (!PMA_checkIfRollbackPossible($sql_query)) { $global_error = $GLOBALS['dbi']->getError(); if ($global_error) { $error = $global_error; } else { $error = $error_msg; } break; } } if ($error) { unset($_REQUEST['rollback_query']); $response = PMA_Response::getInstance(); $message = PMA_Message::rawError($error); $response->addJSON('message', $message); exit; } else { // If everything fine, START a transaction. $GLOBALS['dbi']->query('START TRANSACTION'); } }
} PMA_DBI_next_result(); } $querytime_after = array_sum(explode(' ', microtime())); $GLOBALS['querytime'] = $querytime_after - $querytime_before; // Displays an error message if required and stop parsing the script if ($error = PMA_DBI_getError()) { if ($is_gotofile) { if (strpos($goto, 'db_') === 0 && strlen($table)) { $table = ''; } $active_page = $goto; $message = PMA_Message::rawError($error); if ($GLOBALS['is_ajax_request'] == true) { PMA_ajaxResponse($message, false); } /** * Go to target path. */ include '' . PMA_securePath($goto); } else { $full_err_url = (preg_match('@^(db|tbl)_@', $err_url)) ? $err_url . '&show_query=1&sql_query=' . urlencode($sql_query) : $err_url; PMA_mysqlDie($error, $full_sql_query, '', $full_err_url); }
/** * if $isTable is true it removes all columns of given tables as $field_select from * central columns list otherwise $field_select is columns list and it removes * given columns if present in central list * * @param array $field_select if $isTable selected list of tables otherwise * selected list of columns to remove from central list * @param bool $isTable if passed array is of tables or columns * * @return true|PMA_Message */ function PMA_deleteColumnsFromList($field_select, $isTable = true) { $cfgCentralColumns = PMA_centralColumnsGetParams(); if (empty($cfgCentralColumns)) { return PMA_configErrorMessage(); } $db = $_REQUEST['db']; $pmadb = $cfgCentralColumns['db']; $central_list_table = $cfgCentralColumns['table']; $GLOBALS['dbi']->selectDb($db, $GLOBALS['userlink']); $message = true; $colNotExist = array(); $fields = array(); if ($isTable) { $cols = ''; foreach ($field_select as $table) { $fields[$table] = (array) $GLOBALS['dbi']->getColumnNames($db, $table, $GLOBALS['userlink']); foreach ($fields[$table] as $col_select) { $cols .= '\'' . PMA_Util::sqlAddSlashes($col_select) . '\','; } } $cols = trim($cols, ','); $has_list = PMA_findExistingColNames($db, $cols); foreach ($field_select as $table) { foreach ($fields[$table] as $column) { if (!in_array($column, $has_list)) { $colNotExist[] = "'" . $column . "'"; } } } } else { $cols = ''; foreach ($field_select as $col_select) { $cols .= '\'' . PMA_Util::sqlAddSlashes($col_select) . '\','; } $cols = trim($cols, ','); $has_list = PMA_findExistingColNames($db, $cols); foreach ($field_select as $column) { if (!in_array($column, $has_list)) { $colNotExist[] = "'" . $column . "'"; } } } if (!empty($colNotExist)) { $colNotExist = implode(",", array_unique($colNotExist)); $message = PMA_Message::notice(sprintf(__('Couldn\'t remove Column(s) %1$s ' . 'as they don\'t exist in central columns list!'), htmlspecialchars($colNotExist))); } $GLOBALS['dbi']->selectDb($pmadb, $GLOBALS['controllink']); $query = 'DELETE FROM ' . PMA_Util::backquote($central_list_table) . ' ' . 'WHERE db_name = \'' . $db . '\' AND col_name IN (' . $cols . ');'; if (!$GLOBALS['dbi']->tryQuery($query, $GLOBALS['controllink'])) { $message = PMA_Message::error(__('Could not remove columns!')); $message->addMessage('<br />' . htmlspecialchars($cols) . '<br />'); $message->addMessage(PMA_Message::rawError($GLOBALS['dbi']->getError($GLOBALS['controllink']))); } return $message; }
/** * Attempts to open the file. * * @return bool */ public function open() { if (!$this->_decompress) { $this->_handle = @fopen($this->getName(), 'r'); } switch ($this->getCompression()) { case false: return false; case 'application/bzip2': if ($GLOBALS['cfg']['BZipDump'] && @function_exists('bzopen')) { $this->_handle = @bzopen($this->getName(), 'r'); } else { $this->errorUnsupported(); return false; } break; case 'application/gzip': if ($GLOBALS['cfg']['GZipDump'] && @function_exists('gzopen')) { $this->_handle = @gzopen($this->getName(), 'r'); } else { $this->errorUnsupported(); return false; } break; case 'application/zip': if ($GLOBALS['cfg']['ZipDump'] && @function_exists('zip_open')) { include_once './libraries/zip_extension.lib.php'; $result = PMA_getZipContents($this->getName()); if (!empty($result['error'])) { $this->_error_message = (string) PMA_Message::rawError($result['error']); return false; } else { $this->content_uncompressed = $result['data']; } unset($result); } else { $this->errorUnsupported(); return false; } break; case 'none': $this->_handle = @fopen($this->getName(), 'r'); break; default: $this->errorUnsupported(); return false; break; } return true; }
/** * Update the table's structure based on $_REQUEST * * @param string $db database name * @param string $table table name * * @return boolean $regenerate true if error occurred * */ function PMA_updateColumns($db, $table) { $err_url = 'tbl_structure.php' . PMA_URL_getCommon(array('db' => $db, 'table' => $table)); $regenerate = false; $field_cnt = count($_REQUEST['field_name']); $changes = array(); $pmatable = new PMA_Table($table, $db); $adjust_privileges = array(); for ($i = 0; $i < $field_cnt; $i++) { if (PMA_columnNeedsAlterTable($i)) { $changes[] = 'CHANGE ' . PMA_Table::generateAlter(isset($_REQUEST['field_orig'][$i]) ? $_REQUEST['field_orig'][$i] : '', $_REQUEST['field_name'][$i], $_REQUEST['field_type'][$i], $_REQUEST['field_length'][$i], $_REQUEST['field_attribute'][$i], isset($_REQUEST['field_collation'][$i]) ? $_REQUEST['field_collation'][$i] : '', isset($_REQUEST['field_null'][$i]) ? $_REQUEST['field_null'][$i] : 'NOT NULL', $_REQUEST['field_default_type'][$i], $_REQUEST['field_default_value'][$i], isset($_REQUEST['field_extra'][$i]) ? $_REQUEST['field_extra'][$i] : false, isset($_REQUEST['field_comments'][$i]) ? $_REQUEST['field_comments'][$i] : '', isset($_REQUEST['field_virtuality'][$i]) ? $_REQUEST['field_virtuality'][$i] : '', isset($_REQUEST['field_expression'][$i]) ? $_REQUEST['field_expression'][$i] : '', isset($_REQUEST['field_move_to'][$i]) ? $_REQUEST['field_move_to'][$i] : ''); // find the remembered sort expression $sorted_col = $pmatable->getUiProp(PMA_Table::PROP_SORTED_COLUMN); // if the old column name is part of the remembered sort expression if (mb_strpos($sorted_col, PMA_Util::backquote($_REQUEST['field_orig'][$i])) !== false) { // delete the whole remembered sort expression $pmatable->removeUiProp(PMA_Table::PROP_SORTED_COLUMN); } if (isset($_REQUEST['field_adjust_privileges'][$i]) && !empty($_REQUEST['field_adjust_privileges'][$i]) && $_REQUEST['field_orig'][$i] != $_REQUEST['field_name'][$i]) { $adjust_privileges[$_REQUEST['field_orig'][$i]] = $_REQUEST['field_name'][$i]; } } } // end for $response = PMA_Response::getInstance(); if (count($changes) > 0 || isset($_REQUEST['preview_sql'])) { // Builds the primary keys statements and updates the table $key_query = ''; /** * this is a little bit more complex * * @todo if someone selects A_I when altering a column we need to check: * - no other column with A_I * - the column has an index, if not create one * */ // To allow replication, we first select the db to use // and then run queries on this db. if (!$GLOBALS['dbi']->selectDb($db)) { PMA_Util::mysqlDie($GLOBALS['dbi']->getError(), 'USE ' . PMA_Util::backquote($db) . ';', false, $err_url); } $sql_query = 'ALTER TABLE ' . PMA_Util::backquote($table) . ' '; $sql_query .= implode(', ', $changes) . $key_query; $sql_query .= ';'; // If there is a request for SQL previewing. if (isset($_REQUEST['preview_sql'])) { PMA_previewSQL(count($changes) > 0 ? $sql_query : ''); } $changedToBlob = array(); // While changing the Column Collation // First change to BLOB for ($i = 0; $i < $field_cnt; $i++) { if (isset($_REQUEST['field_collation'][$i]) && isset($_REQUEST['field_collation_orig'][$i]) && $_REQUEST['field_collation'][$i] !== $_REQUEST['field_collation_orig'][$i]) { $secondary_query = 'ALTER TABLE ' . PMA_Util::backquote($table) . ' CHANGE ' . PMA_Util::backquote($_REQUEST['field_orig'][$i]) . ' ' . PMA_Util::backquote($_REQUEST['field_orig'][$i]) . ' BLOB;'; $GLOBALS['dbi']->query($secondary_query); $changedToBlob[$i] = true; } else { $changedToBlob[$i] = false; } } // Then make the requested changes $result = $GLOBALS['dbi']->tryQuery($sql_query); if ($result !== false) { $changed_privileges = PMA_adjustColumnPrivileges($db, $table, $adjust_privileges); if ($changed_privileges) { $message = PMA_Message::success(__('Table %1$s has been altered successfully. Privileges ' . 'have been adjusted.')); } else { $message = PMA_Message::success(__('Table %1$s has been altered successfully.')); } $message->addParam($table); $response->addHTML(PMA_Util::getMessage($message, $sql_query, 'success')); } else { // An error happened while inserting/updating a table definition // Save the Original Error $orig_error = $GLOBALS['dbi']->getError(); $changes_revert = array(); // Change back to Orignal Collation and data type for ($i = 0; $i < $field_cnt; $i++) { if ($changedToBlob[$i]) { $changes_revert[] = 'CHANGE ' . PMA_Table::generateAlter(isset($_REQUEST['field_orig'][$i]) ? $_REQUEST['field_orig'][$i] : '', $_REQUEST['field_name'][$i], $_REQUEST['field_type_orig'][$i], $_REQUEST['field_length_orig'][$i], $_REQUEST['field_attribute_orig'][$i], isset($_REQUEST['field_collation_orig'][$i]) ? $_REQUEST['field_collation_orig'][$i] : '', isset($_REQUEST['field_null_orig'][$i]) ? $_REQUEST['field_null_orig'][$i] : 'NOT NULL', $_REQUEST['field_default_type_orig'][$i], $_REQUEST['field_default_value_orig'][$i], isset($_REQUEST['field_extra_orig'][$i]) ? $_REQUEST['field_extra_orig'][$i] : false, isset($_REQUEST['field_comments_orig'][$i]) ? $_REQUEST['field_comments_orig'][$i] : '', isset($_REQUEST['field_move_to_orig'][$i]) ? $_REQUEST['field_move_to_orig'][$i] : ''); } } $revert_query = 'ALTER TABLE ' . PMA_Util::backquote($table) . ' '; $revert_query .= implode(', ', $changes_revert) . ''; $revert_query .= ';'; // Column reverted back to original $GLOBALS['dbi']->query($revert_query); $response->isSuccess(false); $response->addJSON('message', PMA_Message::rawError(__('Query error') . ':<br />' . $orig_error)); $regenerate = true; } } include_once 'libraries/transformations.lib.php'; // update field names in relation if (isset($_REQUEST['field_orig']) && is_array($_REQUEST['field_orig'])) { foreach ($_REQUEST['field_orig'] as $fieldindex => $fieldcontent) { if ($_REQUEST['field_name'][$fieldindex] != $fieldcontent) { PMA_REL_renameField($db, $table, $fieldcontent, $_REQUEST['field_name'][$fieldindex]); } } } // update mime types if (isset($_REQUEST['field_mimetype']) && is_array($_REQUEST['field_mimetype']) && $GLOBALS['cfg']['BrowseMIME']) { foreach ($_REQUEST['field_mimetype'] as $fieldindex => $mimetype) { if (isset($_REQUEST['field_name'][$fieldindex]) && mb_strlen($_REQUEST['field_name'][$fieldindex])) { PMA_setMIME($db, $table, $_REQUEST['field_name'][$fieldindex], $mimetype, $_REQUEST['field_transformation'][$fieldindex], $_REQUEST['field_transformation_options'][$fieldindex], $_REQUEST['field_input_transformation'][$fieldindex], $_REQUEST['field_input_transformation_options'][$fieldindex]); } } } return $regenerate; }
/** * Displays authentication form * * this function MUST exit/quit the application * * @global string $conn_error the last connection error * * @return boolean|void */ public function auth() { global $conn_error; $response = PMA_Response::getInstance(); if ($response->isAjax()) { $response->setRequestStatus(false); // redirect_flag redirects to the login page $response->addJSON('redirect_flag', '1'); if (defined('TESTSUITE')) { return true; } else { exit; } } /* Perform logout to custom URL */ if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) { PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']); if (defined('TESTSUITE')) { return true; } else { exit; } } // No recall if blowfish secret is not configured as it would produce // garbage if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) { $default_user = $GLOBALS['PHP_AUTH_USER']; $default_server = $GLOBALS['pma_auth_server']; $autocomplete = ''; } else { $default_user = ''; $default_server = ''; // skip the IE autocomplete feature. $autocomplete = ' autocomplete="off"'; } $response->getFooter()->setMinimal(); $header = $response->getHeader(); $header->setBodyId('loginform'); $header->setTitle('phpMyAdmin'); $header->disableMenuAndConsole(); $header->disableWarnings(); if (file_exists(CUSTOM_HEADER_FILE)) { include CUSTOM_HEADER_FILE; } echo ' <div class="container"> <a href="'; echo PMA_linkURL('https://www.phpmyadmin.net/'); echo '" target="_blank" class="logo">'; $logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png'; if (@file_exists($logo_image)) { echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />'; } else { echo '<img name="imLogo" id="imLogo" src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo.png' . '" ' . 'border="0" width="88" height="31" alt="phpMyAdmin" />'; } echo '</a> <h1>'; echo sprintf(__('Welcome to %s'), '<bdo dir="ltr" lang="en">phpMyAdmin</bdo>'); echo "</h1>"; // Show error message if (!empty($conn_error)) { PMA_Message::rawError($conn_error)->display(); } elseif (isset($_GET['session_expired']) && intval($_GET['session_expired']) == 1) { PMA_Message::rawError(__('Your session has expired. Please log in again.'))->display(); } echo "<noscript>\n"; PMA_message::error(__("Javascript must be enabled past this point!"))->display(); echo "</noscript>\n"; echo "<div class='hide js-show'>"; // Displays the languages form if (empty($GLOBALS['cfg']['Lang'])) { include_once './libraries/display_select_lang.lib.php'; // use fieldset, don't show doc link echo PMA_getLanguageSelectorHtml(true, false); } echo '</div> <br /> <!-- Login form --> <form method="post" action="index.php" name="login_form"' . $autocomplete . ' class="disableAjax login hide js-show"> <fieldset> <legend>'; echo __('Log in'); echo PMA_Util::showDocu('index'); echo '</legend>'; if ($GLOBALS['cfg']['AllowArbitraryServer']) { echo ' <div class="item"> <label for="input_servername" title="'; echo __('You can enter hostname/IP address and port separated by space.'); echo '">'; echo __('Server:'); echo '</label> <input type="text" name="pma_servername" id="input_servername"'; echo ' value="'; echo htmlspecialchars($default_server); echo '" size="24" class="textfield" title="'; echo __('You can enter hostname/IP address and port separated by space.'); echo '" /> </div>'; } echo '<div class="item"> <label for="input_username">' . __('Username:'******'</label> <input type="text" name="pma_username" id="input_username" ' . 'value="' . htmlspecialchars($default_user) . '" size="24"' . ' class="textfield"/> </div> <div class="item"> <label for="input_password">' . __('Password:'******'</label> <input type="password" name="pma_password" id="input_password"' . ' value="" size="24" class="textfield" /> </div>'; if (count($GLOBALS['cfg']['Servers']) > 1) { echo '<div class="item"> <label for="select_server">' . __('Server Choice:') . '</label> <select name="server" id="select_server"'; if ($GLOBALS['cfg']['AllowArbitraryServer']) { echo ' onchange="document.forms[\'login_form\'].' . 'elements[\'pma_servername\'].value = \'\'" '; } echo '>'; include_once './libraries/select_server.lib.php'; echo PMA_selectServer(false, false); echo '</select></div>'; } else { echo ' <input type="hidden" name="server" value="' . $GLOBALS['server'] . '" />'; } // end if (server choice) // Add captcha input field if reCaptcha is enabled if (!empty($GLOBALS['cfg']['CaptchaLoginPrivateKey']) && !empty($GLOBALS['cfg']['CaptchaLoginPublicKey'])) { // If enabled show captcha to the user on the login screen. echo '<script src="https://www.google.com/recaptcha/api.js?hl=' . $GLOBALS['lang'] . '" async defer></script>'; echo '<div class="g-recaptcha" data-sitekey="' . $GLOBALS['cfg']['CaptchaLoginPublicKey'] . '"></div>'; } echo '</fieldset> <fieldset class="tblFooters"> <input value="' . __('Go') . '" type="submit" id="input_go" />'; $_form_params = array(); if (!empty($GLOBALS['target'])) { $_form_params['target'] = $GLOBALS['target']; } if (!empty($GLOBALS['db'])) { $_form_params['db'] = $GLOBALS['db']; } if (!empty($GLOBALS['table'])) { $_form_params['table'] = $GLOBALS['table']; } // do not generate a "server" hidden field as we want the "server" // drop-down to have priority echo PMA_URL_getHiddenInputs($_form_params, '', 0, 'server'); echo '</fieldset> </form>'; // BEGIN Swekey Integration Swekey_login('input_username', 'input_go'); // END Swekey Integration if ($GLOBALS['error_handler']->hasDisplayErrors()) { echo '<div id="pma_errors">'; $GLOBALS['error_handler']->dispErrors(); echo '</div>'; } echo '</div>'; if (file_exists(CUSTOM_FOOTER_FILE)) { include CUSTOM_FOOTER_FILE; } if (!defined('TESTSUITE')) { exit; } else { return true; } }
/** * Builds and executes the db creation sql query */ $sql_query = 'CREATE DATABASE ' . PMA_Util::backquote($_POST['new_db']); if (!empty($_POST['db_collation'])) { list($db_charset) = explode('_', $_POST['db_collation']); if (in_array($db_charset, $mysql_charsets) && in_array($_POST['db_collation'], $mysql_collations[$db_charset])) { $sql_query .= ' DEFAULT' . PMA_generateCharsetQueryPart($_POST['db_collation']); } $db_collation_for_ajax = $_POST['db_collation']; unset($db_charset); } $sql_query .= ';'; $result = $GLOBALS['dbi']->tryQuery($sql_query); if (!$result) { $message = PMA_Message::rawError($GLOBALS['dbi']->getError()); // avoid displaying the not-created db name in header or navi panel $GLOBALS['db'] = ''; $GLOBALS['table'] = ''; /** * If in an Ajax request, just display the message with {@link PMA_Response} */ if ($GLOBALS['is_ajax_request'] == true) { $response = PMA_Response::getInstance(); $response->isSuccess(false); $response->addJSON('message', $message); } else { include_once 'index.php'; } } else { $message = PMA_Message::success(__('Database %1$s has been created.'));
$import_handle = @gzopen($import_file, 'r'); } else { $message = PMA_Message::error(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.')); $message->addParam($compression); $error = TRUE; } break; case 'application/zip': if ($cfg['ZipDump'] && @function_exists('zip_open')) { /** * Load interface for zip extension. */ include_once './libraries/zip_extension.lib.php'; $result = PMA_getZipContents($import_file); if (!empty($result['error'])) { $message = PMA_Message::rawError($result['error']); $error = TRUE; } else { $import_text = $result['data']; } } else { $message = PMA_Message::error(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.')); $message->addParam($compression); $error = TRUE; } break; case 'none': $import_handle = @fopen($import_file, 'r'); break; default: $message = PMA_Message::error(__('You attempted to load file with unsupported compression (%s). Either support for it is not implemented or disabled by your configuration.'));
/** * Function to handle the delete of fmlog rows * * @param array &$data tracked data * * @return void */ function PMA_handleDeleteDataManipulationLog(&$data) { $delete_id = $_REQUEST['delete_dmlog']; // Only in case of valable id if ($delete_id == (int) $delete_id) { unset($data['dmlog'][$delete_id]); $successfullyDeleted = PMA_Tracker::changeTrackingData($_REQUEST['db'], $_REQUEST['table'], $_REQUEST['version'], 'DML', $data['dmlog']); if ($successfullyDeleted) { $msg = PMA_Message::success(__('Tracking data manipulation successfully deleted')); } else { $msg = PMA_Message::rawError(__('Query error')); } $msg->display(); } }
/** * Copies or renames table * @todo use RENAME for move operations * - would work only if the databases are on the same filesystem, * how can we check that? try the operation and * catch an error? * - for views, only if MYSQL > 50013 * - still have to handle pmadb synch. * * @author Michal Cihar <*****@*****.**> */ public static function moveCopy($source_db, $source_table, $target_db, $target_table, $what, $move, $mode) { global $err_url; // set export settings we need $GLOBALS['sql_backquotes'] = 1; $GLOBALS['asfile'] = 1; // Ensure the target is valid if (!$GLOBALS['pma']->databases->exists($source_db, $target_db)) { if (!$GLOBALS['pma']->databases->exists($source_db)) { $GLOBALS['message'] = PMA_Message::rawError('source database `' . htmlspecialchars($source_db) . '` not found'); } if (!$GLOBALS['pma']->databases->exists($target_db)) { $GLOBALS['message'] = PMA_Message::rawError('target database `' . htmlspecialchars($target_db) . '` not found'); } return false; } $source = PMA_backquote($source_db) . '.' . PMA_backquote($source_table); if (!isset($target_db) || !strlen($target_db)) { $target_db = $source_db; } // Doing a select_db could avoid some problems with replicated databases, // when moving table from replicated one to not replicated one PMA_DBI_select_db($target_db); $target = PMA_backquote($target_db) . '.' . PMA_backquote($target_table); // do not create the table if dataonly if ($what != 'dataonly') { require_once './libraries/export/sql.php'; $no_constraints_comments = true; $GLOBALS['sql_constraints_query'] = ''; $sql_structure = PMA_getTableDef($source_db, $source_table, "\n", $err_url, false, false); unset($no_constraints_comments); $parsed_sql = PMA_SQP_parse($sql_structure); $analyzed_sql = PMA_SQP_analyze($parsed_sql); $i = 0; if (empty($analyzed_sql[0]['create_table_fields'])) { // this is not a CREATE TABLE, so find the first VIEW $target_for_view = PMA_backquote($target_db); while (true) { if ($parsed_sql[$i]['type'] == 'alpha_reservedWord' && $parsed_sql[$i]['data'] == 'VIEW') { break; } $i++; } } unset($analyzed_sql); $server_sql_mode = PMA_DBI_fetch_value("SHOW VARIABLES LIKE 'sql_mode'", 0, 1); // ANSI_QUOTES might be a subset of sql_mode, for example // REAL_AS_FLOAT,PIPES_AS_CONCAT,ANSI_QUOTES,IGNORE_SPACE,ANSI if (false !== strpos($server_sql_mode, 'ANSI_QUOTES')) { $table_delimiter = 'quote_double'; } else { $table_delimiter = 'quote_backtick'; } unset($server_sql_mode); /* nijel: Find table name in query and replace it */ while ($parsed_sql[$i]['type'] != $table_delimiter) { $i++; } /* no need to PMA_backquote() */ if (isset($target_for_view)) { // this a view definition; we just found the first db name // that follows DEFINER VIEW // so change it for the new db name $parsed_sql[$i]['data'] = $target_for_view; // then we have to find all references to the source db // and change them to the target db, ensuring we stay into // the $parsed_sql limits $last = $parsed_sql['len'] - 1; $backquoted_source_db = PMA_backquote($source_db); for (++$i; $i <= $last; $i++) { if ($parsed_sql[$i]['type'] == $table_delimiter && $parsed_sql[$i]['data'] == $backquoted_source_db) { $parsed_sql[$i]['data'] = $target_for_view; } } unset($last, $backquoted_source_db); } else { $parsed_sql[$i]['data'] = $target; } /* Generate query back */ $sql_structure = PMA_SQP_formatHtml($parsed_sql, 'query_only'); // If table exists, and 'add drop table' is selected: Drop it! $drop_query = ''; if (isset($GLOBALS['drop_if_exists']) && $GLOBALS['drop_if_exists'] == 'true') { if (PMA_Table::_isView($target_db, $target_table)) { $drop_query = 'DROP VIEW'; } else { $drop_query = 'DROP TABLE'; } $drop_query .= ' IF EXISTS ' . PMA_backquote($target_db) . '.' . PMA_backquote($target_table); PMA_DBI_query($drop_query); $GLOBALS['sql_query'] .= "\n" . $drop_query . ';'; // garvin: If an existing table gets deleted, maintain any // entries for the PMA_* tables $maintain_relations = true; } @PMA_DBI_query($sql_structure); $GLOBALS['sql_query'] .= "\n" . $sql_structure . ';'; if (($move || isset($GLOBALS['add_constraints'])) && !empty($GLOBALS['sql_constraints_query'])) { $parsed_sql = PMA_SQP_parse($GLOBALS['sql_constraints_query']); $i = 0; // find the first $table_delimiter, it must be the source table name while ($parsed_sql[$i]['type'] != $table_delimiter) { $i++; // maybe someday we should guard against going over limit //if ($i == $parsed_sql['len']) { // break; //} } // replace it by the target table name, no need to PMA_backquote() $parsed_sql[$i]['data'] = $target; // now we must remove all $table_delimiter that follow a CONSTRAINT // keyword, because a constraint name must be unique in a db $cnt = $parsed_sql['len'] - 1; for ($j = $i; $j < $cnt; $j++) { if ($parsed_sql[$j]['type'] == 'alpha_reservedWord' && strtoupper($parsed_sql[$j]['data']) == 'CONSTRAINT') { if ($parsed_sql[$j + 1]['type'] == $table_delimiter) { $parsed_sql[$j + 1]['data'] = ''; } } } // Generate query back $GLOBALS['sql_constraints_query'] = PMA_SQP_formatHtml($parsed_sql, 'query_only'); if ($mode == 'one_table') { PMA_DBI_query($GLOBALS['sql_constraints_query']); } $GLOBALS['sql_query'] .= "\n" . $GLOBALS['sql_constraints_query']; if ($mode == 'one_table') { unset($GLOBALS['sql_constraints_query']); } } } else { $GLOBALS['sql_query'] = ''; } // Copy the data unless this is a VIEW if (($what == 'data' || $what == 'dataonly') && !PMA_Table::_isView($target_db, $target_table)) { $sql_insert_data = 'INSERT INTO ' . $target . ' SELECT * FROM ' . $source; PMA_DBI_query($sql_insert_data); $GLOBALS['sql_query'] .= "\n\n" . $sql_insert_data . ';'; } require_once './libraries/relation.lib.php'; $GLOBALS['cfgRelation'] = PMA_getRelationsParam(); // Drops old table if the user has requested to move it if ($move) { // This could avoid some problems with replicated databases, when // moving table from replicated one to not replicated one PMA_DBI_select_db($source_db); if (PMA_Table::_isView($source_db, $source_table)) { $sql_drop_query = 'DROP VIEW'; } else { $sql_drop_query = 'DROP TABLE'; } $sql_drop_query .= ' ' . $source; PMA_DBI_query($sql_drop_query); // garvin: Move old entries from PMA-DBs to new table if ($GLOBALS['cfgRelation']['commwork']) { $remove_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['column_info']) . ' SET table_name = \'' . PMA_sqlAddslashes($target_table) . '\', ' . ' db_name = \'' . PMA_sqlAddslashes($target_db) . '\'' . ' WHERE db_name = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND table_name = \'' . PMA_sqlAddslashes($source_table) . '\''; PMA_query_as_controluser($remove_query); unset($remove_query); } // garvin: updating bookmarks is not possible since only a single table is moved, // and not the whole DB. if ($GLOBALS['cfgRelation']['displaywork']) { $table_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['table_info']) . ' SET db_name = \'' . PMA_sqlAddslashes($target_db) . '\', ' . ' table_name = \'' . PMA_sqlAddslashes($target_table) . '\'' . ' WHERE db_name = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND table_name = \'' . PMA_sqlAddslashes($source_table) . '\''; PMA_query_as_controluser($table_query); unset($table_query); } if ($GLOBALS['cfgRelation']['relwork']) { $table_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['relation']) . ' SET foreign_table = \'' . PMA_sqlAddslashes($target_table) . '\',' . ' foreign_db = \'' . PMA_sqlAddslashes($target_db) . '\'' . ' WHERE foreign_db = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND foreign_table = \'' . PMA_sqlAddslashes($source_table) . '\''; PMA_query_as_controluser($table_query); unset($table_query); $table_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['relation']) . ' SET master_table = \'' . PMA_sqlAddslashes($target_table) . '\',' . ' master_db = \'' . PMA_sqlAddslashes($target_db) . '\'' . ' WHERE master_db = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND master_table = \'' . PMA_sqlAddslashes($source_table) . '\''; PMA_query_as_controluser($table_query); unset($table_query); } /** * @todo garvin: Can't get moving PDFs the right way. The page numbers * always get screwed up independently from duplication because the * numbers do not seem to be stored on a per-database basis. Would * the author of pdf support please have a look at it? */ if ($GLOBALS['cfgRelation']['pdfwork']) { $table_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['table_coords']) . ' SET table_name = \'' . PMA_sqlAddslashes($target_table) . '\',' . ' db_name = \'' . PMA_sqlAddslashes($target_db) . '\'' . ' WHERE db_name = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND table_name = \'' . PMA_sqlAddslashes($source_table) . '\''; PMA_query_as_controluser($table_query); unset($table_query); /* $pdf_query = 'SELECT pdf_page_number ' . ' FROM ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['table_coords']) . ' WHERE db_name = \'' . PMA_sqlAddslashes($target_db) . '\'' . ' AND table_name = \'' . PMA_sqlAddslashes($target_table) . '\''; $pdf_rs = PMA_query_as_controluser($pdf_query); while ($pdf_copy_row = PMA_DBI_fetch_assoc($pdf_rs)) { $table_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['pdf_pages']) . ' SET db_name = \'' . PMA_sqlAddslashes($target_db) . '\'' . ' WHERE db_name = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND page_nr = \'' . PMA_sqlAddslashes($pdf_copy_row['pdf_page_number']) . '\''; $tb_rs = PMA_query_as_controluser($table_query); unset($table_query); unset($tb_rs); } */ } if ($GLOBALS['cfgRelation']['designerwork']) { $table_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['designer_coords']) . ' SET table_name = \'' . PMA_sqlAddslashes($target_table) . '\',' . ' db_name = \'' . PMA_sqlAddslashes($target_db) . '\'' . ' WHERE db_name = \'' . PMA_sqlAddslashes($source_db) . '\'' . ' AND table_name = \'' . PMA_sqlAddslashes($source_table) . '\''; PMA_query_as_controluser($table_query); unset($table_query); } $GLOBALS['sql_query'] .= "\n\n" . $sql_drop_query . ';'; // end if ($move) } else { // we are copying // garvin: Create new entries as duplicates from old PMA DBs if ($what != 'dataonly' && !isset($maintain_relations)) { if ($GLOBALS['cfgRelation']['commwork']) { // Get all comments and MIME-Types for current table $comments_copy_query = 'SELECT column_name, ' . PMA_backquote('comment') . ($GLOBALS['cfgRelation']['mimework'] ? ', mimetype, transformation, transformation_options' : '') . ' FROM ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['column_info']) . ' WHERE db_name = \'' . PMA_sqlAddslashes($source_db) . '\' AND table_name = \'' . PMA_sqlAddslashes($source_table) . '\''; $comments_copy_rs = PMA_query_as_controluser($comments_copy_query); // Write every comment as new copied entry. [MIME] while ($comments_copy_row = PMA_DBI_fetch_assoc($comments_copy_rs)) { $new_comment_query = 'REPLACE INTO ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($GLOBALS['cfgRelation']['column_info']) . ' (db_name, table_name, column_name, ' . PMA_backquote('comment') . ($GLOBALS['cfgRelation']['mimework'] ? ', mimetype, transformation, transformation_options' : '') . ') ' . ' VALUES(' . '\'' . PMA_sqlAddslashes($target_db) . '\',' . '\'' . PMA_sqlAddslashes($target_table) . '\',' . '\'' . PMA_sqlAddslashes($comments_copy_row['column_name']) . '\'' . ($GLOBALS['cfgRelation']['mimework'] ? ',\'' . PMA_sqlAddslashes($comments_copy_row['comment']) . '\',' . '\'' . PMA_sqlAddslashes($comments_copy_row['mimetype']) . '\',' . '\'' . PMA_sqlAddslashes($comments_copy_row['transformation']) . '\',' . '\'' . PMA_sqlAddslashes($comments_copy_row['transformation_options']) . '\'' : '') . ')'; PMA_query_as_controluser($new_comment_query); } // end while PMA_DBI_free_result($comments_copy_rs); unset($comments_copy_rs); } // duplicating the bookmarks must not be done here, but // just once per db $get_fields = array('display_field'); $where_fields = array('db_name' => $source_db, 'table_name' => $source_table); $new_fields = array('db_name' => $target_db, 'table_name' => $target_table); PMA_Table::duplicateInfo('displaywork', 'table_info', $get_fields, $where_fields, $new_fields); /** * @todo revise this code when we support cross-db relations */ $get_fields = array('master_field', 'foreign_table', 'foreign_field'); $where_fields = array('master_db' => $source_db, 'master_table' => $source_table); $new_fields = array('master_db' => $target_db, 'foreign_db' => $target_db, 'master_table' => $target_table); PMA_Table::duplicateInfo('relwork', 'relation', $get_fields, $where_fields, $new_fields); $get_fields = array('foreign_field', 'master_table', 'master_field'); $where_fields = array('foreign_db' => $source_db, 'foreign_table' => $source_table); $new_fields = array('master_db' => $target_db, 'foreign_db' => $target_db, 'foreign_table' => $target_table); PMA_Table::duplicateInfo('relwork', 'relation', $get_fields, $where_fields, $new_fields); $get_fields = array('x', 'y', 'v', 'h'); $where_fields = array('db_name' => $source_db, 'table_name' => $source_table); $new_fields = array('db_name' => $target_db, 'table_name' => $target_table); PMA_Table::duplicateInfo('designerwork', 'designer_coords', $get_fields, $where_fields, $new_fields); /** * @todo garvin: Can't get duplicating PDFs the right way. The * page numbers always get screwed up independently from * duplication because the numbers do not seem to be stored on a * per-database basis. Would the author of pdf support please * have a look at it? * $get_fields = array('page_descr'); $where_fields = array('db_name' => $source_db); $new_fields = array('db_name' => $target_db); $last_id = PMA_Table::duplicateInfo('pdfwork', 'pdf_pages', $get_fields, $where_fields, $new_fields); if (isset($last_id) && $last_id >= 0) { $get_fields = array('x', 'y'); $where_fields = array('db_name' => $source_db, 'table_name' => $source_table); $new_fields = array('db_name' => $target_db, 'table_name' => $target_table, 'pdf_page_number' => $last_id); PMA_Table::duplicateInfo('pdfwork', 'table_coords', $get_fields, $where_fields, $new_fields); } */ } } return true; }
PMA_DBI_query('SET PROFILING=1;'); } // garvin: Measure query time. // TODO-Item http://sourceforge.net/tracker/index.php?func=detail&aid=571934&group_id=23067&atid=377411 $querytime_before = array_sum(explode(' ', microtime())); $result = @PMA_DBI_try_query($full_sql_query, null, PMA_DBI_QUERY_STORE); $querytime_after = array_sum(explode(' ', microtime())); $GLOBALS['querytime'] = $querytime_after - $querytime_before; // Displays an error message if required and stop parsing the script if ($error = PMA_DBI_getError()) { if ($is_gotofile) { if (strpos($goto, 'db_') === 0 && strlen($table)) { $table = ''; } $active_page = $goto; $message = htmlspecialchars(PMA_Message::rawError($error)); /** * Go to target path. */ require './' . PMA_securePath($goto); } else { /** * HTML header. */ require_once './libraries/header.inc.php'; $full_err_url = preg_match('@^(db|tbl)_@', $err_url) ? $err_url . '&show_query=1&sql_query=' . urlencode($sql_query) : $err_url; PMA_mysqlDie($error, $full_sql_query, '', $full_err_url); } exit; } unset($error);
$res = PMA_DBI_try_query($sql_query, null, PMA_DBI_QUERY_STORE); if (! $res) { PMA_Message::error(__('No Privileges'))->display(); PMA_DBI_free_result($res); unset($res); } else { // This message is hardcoded because I will replace it by // a automatic repair feature soon. $raw = 'Your privilege table structure seems to be older than' . ' this MySQL version!<br />' . 'Please run the <code>mysql_upgrade</code> command' . '(<code>mysql_fix_privilege_tables</code> on older systems)' . ' that should be included in your MySQL server distribution' . ' to solve this problem!'; PMA_Message::rawError($raw)->display(); } } else { // we also want users not in table `user` but in other table $tables = PMA_DBI_fetch_result('SHOW TABLES FROM `mysql`;'); $tables_to_search_for_users = array( 'user', 'db', 'tables_priv', 'columns_priv', 'procs_priv', ); $db_rights_sqls = array(); foreach ($tables_to_search_for_users as $table_search_in) { if (in_array($table_search_in, $tables)) { $db_rights_sqls[] = 'SELECT DISTINCT `User`, `Host` FROM `mysql`.`' . $table_search_in . '` ' . (isset($initial) ? PMA_rangeOfUsers($initial) : ''); }
/** * Save recent tables into phpMyAdmin database. * * @return true|PMA_Message */ public function saveToDb() { $username = $GLOBALS['cfg']['Server']['user']; $sql_query = " REPLACE INTO " . $this->pma_table . " (`username`, `tables`)" . " VALUES ('" . $username . "', '" . PMA_sqlAddSlashes(json_encode($this->tables)) . "')"; $success = PMA_DBI_try_query($sql_query, $GLOBALS['controllink']); if (!$success) { $message = PMA_Message::error(__('Could not save recent table')); $message->addMessage('<br /><br />'); $message->addMessage(PMA_Message::rawError(PMA_DBI_getError($GLOBALS['controllink']))); return $message; } return true; }
/** * Save recent/favorite tables into phpMyAdmin database. * * @return true|PMA_Message */ public function saveToDb() { $username = $GLOBALS['cfg']['Server']['user']; $sql_query = " REPLACE INTO " . $this->_pmaTable . " (`username`, `tables`)" . " VALUES ('" . $username . "', '" . PMA_Util::sqlAddSlashes(json_encode($this->_tables)) . "')"; $success = $GLOBALS['dbi']->tryQuery($sql_query, $GLOBALS['controllink']); if (!$success) { $error_msg = ''; switch ($this->_tableType) { case 'recent': $error_msg = __('Could not save recent table!'); break; case 'favorite': $error_msg = __('Could not save favorite table!'); break; } $message = PMA_Message::error($error_msg); $message->addMessage('<br /><br />'); $message->addMessage(PMA_Message::rawError($GLOBALS['dbi']->getError($GLOBALS['controllink']))); return $message; } return true; }
/** * Displays authentication form * * this function MUST exit/quit the application * * @global string the last connection error * * @return void */ public function auth() { global $conn_error; $response = PMA_Response::getInstance(); if ($response->isAjax()) { $response->isSuccess(false); if (!empty($conn_error)) { $response->addJSON('message', PMA_Message::error($conn_error)); } else { $response->addJSON('message', PMA_Message::error(__('Your session has expired. Please login again.'))); } exit; } /* Perform logout to custom URL */ if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) { PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']); exit; } // No recall if blowfish secret is not configured as it would produce // garbage if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) { $default_user = $GLOBALS['PHP_AUTH_USER']; $default_server = $GLOBALS['pma_auth_server']; $autocomplete = ''; } else { $default_user = ''; $default_server = ''; // skip the IE autocomplete feature. $autocomplete = ' autocomplete="off"'; } $cell_align = $GLOBALS['text_dir'] == 'ltr' ? 'left' : 'right'; $response->getFooter()->setMinimal(); $header = $response->getHeader(); $header->setBodyId('loginform'); $header->setTitle('phpMyAdmin'); $header->disableMenu(); $header->disableWarnings(); if (file_exists(CUSTOM_HEADER_FILE)) { include CUSTOM_HEADER_FILE; } echo ' <div class="container"> <a href="'; echo PMA_linkURL('http://www.phpmyadmin.net/'); echo '" target="_blank" class="logo">'; $logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png'; if (@file_exists($logo_image)) { echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />'; } else { echo '<img name="imLogo" id="imLogo" src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo.png' . '" ' . 'border="0" width="88" height="31" alt="phpMyAdmin" />'; } echo '</a> <h1>'; echo sprintf(__('Welcome to %s'), '<bdo dir="ltr" lang="en">phpMyAdmin</bdo>'); echo "</h1>"; // Show error message if (!empty($conn_error)) { PMA_Message::rawError($conn_error)->display(); } echo "<noscript>\n"; PMA_message::error(__("Javascript must be enabled past this point"))->display(); echo "</noscript>\n"; echo "<div class='hide js-show'>"; // Displays the languages form if (empty($GLOBALS['cfg']['Lang'])) { include_once './libraries/display_select_lang.lib.php'; // use fieldset, don't show doc link PMA_Language_select(true, false); } echo '</div> <br /> <!-- Login form --> <form method="post" action="index.php" name="login_form"' . $autocomplete . ' target="_top" class="login hide js-show"> <fieldset> <legend>'; echo __('Log in'); echo PMA_Util::showDocu(''); echo '</legend>'; if ($GLOBALS['cfg']['AllowArbitraryServer']) { echo ' <div class="item"> <label for="input_servername" title="'; echo __('You can enter hostname/IP address and port separated by space.'); echo '">'; echo __('Server:'); echo '</label> <input type="text" name="pma_servername" id="input_servername"'; echo ' value="'; echo htmlspecialchars($default_server); echo '" size="24" class="textfield" title="'; echo __('You can enter hostname/IP address and port separated by space.'); echo '" /> </div>'; } echo '<div class="item"> <label for="input_username">' . __('Username:'******'</label> <input type="text" name="pma_username" id="input_username" ' . 'value="' . htmlspecialchars($default_user) . '" size="24"' . ' class="textfield"/> </div> <div class="item"> <label for="input_password">' . __('Password:'******'</label> <input type="password" name="pma_password" id="input_password"' . ' value="" size="24" class="textfield" /> </div>'; if (count($GLOBALS['cfg']['Servers']) > 1) { echo '<div class="item"> <label for="select_server">' . __('Server Choice') . ':</label> <select name="server" id="select_server"'; if ($GLOBALS['cfg']['AllowArbitraryServer']) { echo ' onchange="document.forms[\'login_form\'].' . 'elements[\'pma_servername\'].value = \'\'" '; } echo '>'; include_once './libraries/select_server.lib.php'; PMA_selectServer(false, false); echo '</select></div>'; } else { echo ' <input type="hidden" name="server" value="' . $GLOBALS['server'] . '" />'; } // end if (server choice) echo '</fieldset> <fieldset class="tblFooters"> <input value="' . __('Go') . '" type="submit" id="input_go" />'; $_form_params = array(); if (!empty($GLOBALS['target'])) { $_form_params['target'] = $GLOBALS['target']; } if (!empty($GLOBALS['db'])) { $_form_params['db'] = $GLOBALS['db']; } if (!empty($GLOBALS['table'])) { $_form_params['table'] = $GLOBALS['table']; } // do not generate a "server" hidden field as we want the "server" // drop-down to have priority echo PMA_generate_common_hidden_inputs($_form_params, '', 0, 'server'); echo '</fieldset> </form>'; // BEGIN Swekey Integration Swekey_login('input_username', 'input_go'); // END Swekey Integration // show the "Cookies required" message only if cookies are disabled // (we previously tried to set some cookies) if (empty($_COOKIE)) { trigger_error(__('Cookies must be enabled past this point.'), E_USER_NOTICE); } if ($GLOBALS['error_handler']->hasDisplayErrors()) { echo '<div>'; $GLOBALS['error_handler']->dispErrors(); echo '</div>'; } echo '</div>'; if (file_exists(CUSTOM_FOOTER_FILE)) { include CUSTOM_FOOTER_FILE; } echo ' <script type="text/javascript"> //<![CDATA[ // show login form in top frame. if (top != self || ! $(\'body#loginform\').length) { window.top.location.href=location; } //]]> </script>'; exit; }