extracted from arg_separator.input as set in php.ini
we do not use arg_separator.output to avoid problems with & and &
public static getArgSeparator ( string $encode = 'none' ) : string | ||
$encode | string | whether to encode separator or not, currently 'none' or 'html' |
return | string | character used for separating url parts usually ; or & |
/** * Returns HTML code to include javascript file. * * @param array $files The list of js file to include * * @return string HTML code for javascript inclusion. */ private function _includeFiles($files) { $first_dynamic_scripts = ""; $dynamic_scripts = ""; $scripts = array(); $separator = URL::getArgSeparator(); foreach ($files as $value) { if (mb_strpos($value['filename'], "?") !== false) { $file_name = $value['filename'] . $separator . Header::getVersionParameter(); if ($value['before_statics'] === true) { $first_dynamic_scripts .= "<script data-cfasync='false' type='text/javascript' " . "src='js/" . $file_name . "'></script>"; } else { $dynamic_scripts .= "<script data-cfasync='false' " . "type='text/javascript' src='js/" . $file_name . "'></script>"; } continue; } $include = true; if ($include) { $scripts[] = "scripts%5B%5D=" . $value['filename']; } } $separator = URL::getArgSeparator(); $static_scripts = ''; // Using chunks of 20 files to avoid too long URLs $script_chunks = array_chunk($scripts, 20); foreach ($script_chunks as $script_chunk) { $url = 'js/get_scripts.js.php?' . implode($separator, $script_chunk) . $separator . Header::getVersionParameter(); $static_scripts .= sprintf('<script data-cfasync="false" type="text/javascript" src="%s">' . '</script>', htmlspecialchars($url)); } return $first_dynamic_scripts . $static_scripts . $dynamic_scripts; }
/** * Splits a URL string by parameter * * @param string $url the URL * * @return array the parameter/value pairs, for example [0] db=sakila */ public static function splitURLQuery($url) { // decode encoded url separators $separator = URL::getArgSeparator(); // on most places separator is still hard coded ... if ($separator !== '&') { // ... so always replace & with $separator $url = str_replace(htmlentities('&'), $separator, $url); $url = str_replace('&', $separator, $url); } $url = str_replace(htmlentities($separator), $separator, $url); // end decode $url_parts = parse_url($url); if (! empty($url_parts['query'])) { return explode($separator, $url_parts['query']); } else { return array(); } }
use PMA\libraries\LanguageManager; use PMA\libraries\URL; use PMA\libraries\Sanitize; if (!defined('PHPMYADMIN')) { exit; } /** * Core libraries. */ require_once './setup/lib/index.lib.php'; require_once './libraries/config/FormDisplay.tpl.php'; // prepare unfiltered language list $all_languages = LanguageManager::getInstance()->sortedLanguages(); /** @var ConfigFile $cf */ $cf = $GLOBALS['ConfigFile']; $separator = URL::getArgSeparator('html'); // message handling PMA_messagesBegin(); // // Check phpMyAdmin version // if (isset($_GET['version_check'])) { PMA_versionCheck(); } // // Perform various security, compatibility and consistency checks // $configChecker = new ServerConfigChecks($GLOBALS['ConfigFile']); $configChecker->performConfigChecks(); // // Check whether we can read/write configuration
/** * Send HTTP header, taking IIS limits into account (600 seems ok) * * @param string $uri the header to send * @param bool $use_refresh whether to use Refresh: header when running on IIS * * @return void */ function PMA_sendHeaderLocation($uri, $use_refresh = false) { if ($GLOBALS['PMA_Config']->get('PMA_IS_IIS') && mb_strlen($uri) > 600) { PMA\libraries\Response::getInstance()->disable(); echo PMA\libraries\Template::get('header_location')->render(array('uri' => $uri)); return; } $response = PMA\libraries\Response::getInstance(); if (SID) { if (mb_strpos($uri, '?') === false) { $response->header('Location: ' . $uri . '?' . SID); } else { $separator = URL::getArgSeparator(); $response->header('Location: ' . $uri . $separator . SID); } return; } session_write_close(); if ($response->headersSent()) { if (function_exists('debug_print_backtrace')) { echo '<pre>'; debug_print_backtrace(); echo '</pre>'; } trigger_error('PMA_sendHeaderLocation called when headers are already sent!', E_USER_ERROR); } // bug #1523784: IE6 does not like 'Refresh: 0', it // results in a blank page // but we need it when coming from the cookie login panel) if ($GLOBALS['PMA_Config']->get('PMA_IS_IIS') && $use_refresh) { $response->header('Refresh: 0; ' . $uri); } else { $response->header('Location: ' . $uri); } }
/** * Processes forms registered in $form_display, handles error correction * * @param FormDisplay $form_display Form to display * * @return void */ function PMA_Process_formset(FormDisplay $form_display) { if (isset($_GET['mode']) && $_GET['mode'] == 'revert') { // revert erroneous fields to their default values $form_display->fixErrors(); PMA_generateHeader303(); } if (!$form_display->process(false)) { // handle form view and failed POST echo $form_display->getDisplay(true, true); return; } // check for form errors if (!$form_display->hasErrors()) { PMA_generateHeader303(); return; } // form has errors, show warning $separator = URL::getArgSeparator('html'); $page = isset($_GET['page']) ? $_GET['page'] : null; $formset = isset($_GET['formset']) ? $_GET['formset'] : null; $formset = $formset ? "{$separator}formset={$formset}" : ''; $formId = PMA_isValid($_GET['id'], 'numeric') ? $_GET['id'] : null; if ($formId === null && $page == 'servers') { // we've just added a new server, get its id $formId = $form_display->getConfigFile()->getServerCount(); } $formId = $formId ? "{$separator}id={$formId}" : ''; ?> <div class="error"> <h4><?php echo __('Warning'); ?> </h4> <?php echo __('Submitted form contains errors'); ?> <br /> <a href="<?php echo URL::getCommon(), $separator; ?> page=<?php echo $page, $formset, $formId, $separator; ?> mode=revert"> <?php echo __('Try to revert erroneous fields to their default values'); ?> </a> </div> <?php echo $form_display->displayErrors(); ?> <a class="btn" href="index.php<?php echo URL::getCommon(); ?> "> <?php echo __('Ignore errors'); ?> </a> <a class="btn" href="<?php echo URL::getCommon(), $separator; ?> page=<?php echo $page, $formset, $formId, $separator; ?> mode=edit"> <?php echo __('Show form'); ?> </a> <?php }
/** * Test for PMA_sendHeaderLocation * * @return void */ public function testSendHeaderLocationWithSidUrlWithQuestionMark() { if (defined('PMA_TEST_HEADERS')) { runkit_constant_redefine('SID', md5('test_hash')); $testUri = 'http://testurl.com/test.php?test=test'; $separator = URL::getArgSeparator(); $header = array('Location: ' . $testUri . $separator . SID); /* sets $GLOBALS['header'] */ PMA_sendHeaderLocation($testUri); $this->assertEquals($header, $GLOBALS['header']); } else { $this->markTestSkipped('Cannot redefine constant/function - missing runkit extension'); } }
/** * Test for URL::getCommon * * @return void */ public function testDefault() { $GLOBALS['server'] = 'x'; $GLOBALS['collation_connection'] = 'x'; $GLOBALS['cfg']['ServerDefault'] = 'y'; $separator = URL::getArgSeparator(); $expected = '?server=x' . htmlentities($separator) . 'lang=en' . htmlentities($separator) . 'collation_connection=x' . htmlentities($separator) . 'token=token'; $this->assertEquals($expected, URL::getCommon()); }