API tools faq
paste
Advertisement
Guest User

phpmyadmin

a guest
Sep 21st, 2014
1,646
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.10 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /* vim: set expandtab sw=4 ts=4 sts=4: */
  3. /**
  4. *
  5. * @package PhpMyAdmin
  6. */
  7.  
  8. /**
  9. * Gets some core libraries and displays a top message if required
  10. */
  11. require_once 'libraries/common.inc.php';
  12.  
  13. /**
  14. * display Git revision if requested
  15. */
  16. require_once 'libraries/display_git_revision.lib.php';
  17.  
  18. /**
  19. * pass variables to child pages
  20. */
  21. $drops = array(
  22. 'lang',
  23. 'server',
  24. 'collation_connection',
  25. 'db',
  26. 'table'
  27. );
  28. foreach ($drops as $each_drop) {
  29. if (array_key_exists($each_drop, $_GET)) {
  30. unset($_GET[$each_drop]);
  31. }
  32. }
  33. unset($drops, $each_drop);
  34.  
  35. // If we have a valid target, let's load that script instead
  36. if (! empty($_REQUEST['target'])
  37. && is_string($_REQUEST['target'])
  38. && ! preg_match('/^index/', $_REQUEST['target'])
  39. && in_array($_REQUEST['target'], $goto_whitelist)
  40. ) {
  41. include $_REQUEST['target'];
  42. exit;
  43. }
  44.  
  45. /**
  46. * Check if it is an ajax request to reload the recent tables list.
  47. */
  48. require_once 'libraries/RecentTable.class.php';
  49. if ($GLOBALS['is_ajax_request'] && ! empty($_REQUEST['recent_table'])) {
  50. $response = PMA_Response::getInstance();
  51. $response->addJSON(
  52. 'options',
  53. PMA_RecentTable::getInstance()->getHtmlSelectOption()
  54. );
  55. exit;
  56. }
  57.  
  58. if ($GLOBALS['PMA_Config']->isGitRevision()) {
  59. if (isset($_REQUEST['git_revision']) && $GLOBALS['is_ajax_request'] == true) {
  60. PMA_printGitRevision();
  61. exit;
  62. }
  63. echo '<div id="is_git_revision"></div>';
  64. }
  65.  
  66. // Handles some variables that may have been sent by the calling script
  67. $GLOBALS['db'] = '';
  68. $GLOBALS['table'] = '';
  69. $show_query = '1';
  70.  
  71. // Any message to display?
  72. if (! empty($message)) {
  73. echo PMA_Util::getMessage($message);
  74. unset($message);
  75. }
  76.  
  77. $common_url_query = PMA_generate_common_url('', '');
  78.  
  79. // when $server > 0, a server has been chosen so we can display
  80. // all MySQL-related information
  81. if ($server > 0) {
  82. include 'libraries/server_common.inc.php';
  83. include 'libraries/StorageEngine.class.php';
  84.  
  85. // Use the verbose name of the server instead of the hostname
  86. // if a value is set
  87. $server_info = '';
  88. if (! empty($cfg['Server']['verbose'])) {
  89. $server_info .= htmlspecialchars($cfg['Server']['verbose']);
  90. if ($GLOBALS['cfg']['ShowServerInfo']) {
  91. $server_info .= ' (';
  92. }
  93. }
  94. if ($GLOBALS['cfg']['ShowServerInfo'] || empty($cfg['Server']['verbose'])) {
  95. $server_info .= PMA_DBI_get_host_info();
  96. }
  97. if (! empty($cfg['Server']['verbose']) && $GLOBALS['cfg']['ShowServerInfo']) {
  98. $server_info .= ')';
  99. }
  100. $mysql_cur_user_and_host = PMA_DBI_fetch_value('SELECT USER();');
  101.  
  102. // should we add the port info here?
  103. $short_server_info = (!empty($GLOBALS['cfg']['Server']['verbose'])
  104. ? $GLOBALS['cfg']['Server']['verbose']
  105. : $GLOBALS['cfg']['Server']['host']);
  106. }
  107.  
  108. echo '<div id="maincontainer">' . "\n";
  109. echo '<div id="main_pane_left">';
  110. if ($server > 0 || count($cfg['Servers']) > 1
  111. ) {
  112. echo '<div class="group">';
  113. echo '<h2>' . __('General Settings') . '</h2>';
  114. echo '<ul>';
  115.  
  116. /**
  117. * Displays the MySQL servers choice form
  118. */
  119. if ($cfg['ServerDefault'] == 0
  120. || (! $cfg['NavigationDisplayServers']
  121. && (count($cfg['Servers']) > 1
  122. || ($server == 0 && count($cfg['Servers']) == 1)
  123. )
  124. )
  125. ) {
  126. echo '<li id="li_select_server" class="no_bullets" >';
  127. include_once 'libraries/select_server.lib.php';
  128. echo PMA_Util::getImage('s_host.png') . " " . PMA_selectServer(true, true);
  129. echo '</li>';
  130. }
  131.  
  132. /**
  133. * Displays the mysql server related links
  134. */
  135. if ($server > 0 && ! PMA_DRIZZLE) {
  136. include_once 'libraries/check_user_privileges.lib.php';
  137.  
  138. // Logout for advanced authentication
  139. if ($cfg['Server']['auth_type'] != 'config') {
  140. if ($cfg['ShowChgPassword']) {
  141. $conditional_class = 'ajax';
  142. PMA_printListItem(
  143. PMA_Util::getImage('s_passwd.png') . " " . __('Change password'),
  144. 'li_change_password',
  145. 'user_password.php?' . $common_url_query,
  146. null,
  147. null,
  148. 'change_password_anchor',
  149. "no_bullets",
  150. $conditional_class
  151. );
  152. }
  153. } // end if
  154. echo ' <li id="li_select_mysql_collation" class="no_bullets" >';
  155. echo ' <form method="post" action="index.php">' . "\n"
  156. . PMA_generate_common_hidden_inputs(null, null, 4, 'collation_connection')
  157. . ' <label for="select_collation_connection">' . "\n"
  158. . ' '. PMA_Util::getImage('s_asci.png') . " "
  159. . __('Server connection collation') . "\n"
  160. // put the doc link in the form so that it appears on the same line
  161. . PMA_Util::showMySQLDocu(
  162. 'MySQL_Database_Administration',
  163. 'Charset-connection'
  164. )
  165. . ': ' . "\n"
  166. . ' </label>' . "\n"
  167.  
  168. . PMA_generateCharsetDropdownBox(
  169. PMA_CSDROPDOWN_COLLATION,
  170. 'collation_connection',
  171. 'select_collation_connection',
  172. $collation_connection,
  173. true,
  174. 4,
  175. true
  176. )
  177. . ' </form>' . "\n"
  178. . ' </li>' . "\n";
  179. } // end of if ($server > 0 && !PMA_DRIZZLE)
  180. echo '</ul>';
  181. echo '</div>';
  182. }
  183.  
  184. echo '<div class="group">';
  185. echo '<h2>' . __('Appearance Settings') . '</h2>';
  186. echo ' <ul>';
  187.  
  188. // Displays language selection combo
  189. if (empty($cfg['Lang']) && count($GLOBALS['available_languages']) > 1) {
  190. echo '<li id="li_select_lang" class="no_bullets">';
  191. include_once 'libraries/display_select_lang.lib.php';
  192. echo PMA_Util::getImage('s_lang.png') . " " . PMA_getLanguageSelectorHtml();
  193. echo '</li>';
  194. }
  195.  
  196. // ThemeManager if available
  197.  
  198. if ($GLOBALS['cfg']['ThemeManager']) {
  199. echo '<li id="li_select_theme" class="no_bullets">';
  200. echo PMA_Util::getImage('s_theme.png') . " "
  201. . $_SESSION['PMA_Theme_Manager']->getHtmlSelectBox();
  202. echo '</li>';
  203. }
  204. echo '<li id="li_select_fontsize">';
  205. echo PMA_Config::getFontsizeForm();
  206. echo '</li>';
  207.  
  208. echo '</ul>';
  209.  
  210. // User preferences
  211.  
  212. if ($server > 0) {
  213. echo '<ul>';
  214. PMA_printListItem(
  215. PMA_Util::getImage('b_tblops.png')." " .__('More settings'),
  216. 'li_user_preferences',
  217. 'prefs_manage.php?' . $common_url_query,
  218. null,
  219. null,
  220. null,
  221. "no_bullets"
  222. );
  223. echo '</ul>';
  224. }
  225.  
  226. echo '</div>';
  227.  
  228.  
  229. echo '</div>';
  230. echo '<div id="main_pane_right">';
  231.  
  232.  
  233. if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
  234.  
  235. echo '<div class="group">';
  236. echo '<h2>' . __('Database server') . '</h2>';
  237. echo '<ul>' . "\n";
  238. PMA_printListItem(
  239. __('Server') . ': ' . $server_info,
  240. 'li_server_info'
  241. );
  242. PMA_printListItem(
  243. __('Server type') . ': ' . PMA_Util::getServerType(),
  244. 'li_server_type'
  245. );
  246. PMA_printListItem(
  247. __('Server version') . ': ' . PMA_MYSQL_STR_VERSION . ' - ' . PMA_MYSQL_VERSION_COMMENT,
  248. 'li_server_version'
  249. );
  250. PMA_printListItem(
  251. __('Protocol version') . ': ' . PMA_DBI_get_proto_info(),
  252. 'li_mysql_proto'
  253. );
  254. PMA_printListItem(
  255. __('User') . ': ' . htmlspecialchars($mysql_cur_user_and_host),
  256. 'li_user_info'
  257. );
  258.  
  259. echo ' <li id="li_select_mysql_charset">';
  260. echo ' ' . __('Server charset') . ': '
  261. . ' <span lang="en" dir="ltr">';
  262. if (! PMA_DRIZZLE) {
  263. echo ' ' . $mysql_charsets_descriptions[$mysql_charset_map['utf-8']] . "\n";
  264. }
  265. echo ' (' . $mysql_charset_map['utf-8'] . ')' . "\n"
  266. . ' </span>' . "\n"
  267. . ' </li>' . "\n";
  268. echo ' </ul>';
  269. echo ' </div>';
  270. }
  271.  
  272. if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
  273. echo '<div class="group">';
  274. echo '<h2>' . __('Web server') . '</h2>';
  275. echo '<ul>';
  276. if ($GLOBALS['cfg']['ShowServerInfo']) {
  277. PMA_printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
  278.  
  279. if ($server > 0) {
  280. $client_version_str = PMA_DBI_get_client_info();
  281. if (preg_match('#\d+\.\d+\.\d+#', $client_version_str)
  282. && in_array($GLOBALS['cfg']['Server']['extension'], array('mysql', 'mysqli'))
  283. ) {
  284. $client_version_str = 'libmysql - ' . $client_version_str;
  285. }
  286. PMA_printListItem(
  287. __('Database client version') . ': ' . $client_version_str,
  288. 'li_mysql_client_version'
  289. );
  290.  
  291. $php_ext_string = __('PHP extension') . ': '
  292. . $GLOBALS['cfg']['Server']['extension'] . ' '
  293. . PMA_Util::showPHPDocu(
  294. 'book.' . $GLOBALS['cfg']['Server']['extension'] . '.php'
  295. );
  296. PMA_printListItem(
  297. $php_ext_string,
  298. 'li_used_php_extension'
  299. );
  300. }
  301. }
  302.  
  303. if ($cfg['ShowPhpInfo']) {
  304. PMA_printListItem(
  305. __('Show PHP information'),
  306. 'li_phpinfo',
  307. 'phpinfo.php?' . $common_url_query,
  308. null,
  309. '_blank'
  310. );
  311. }
  312. echo ' </ul>';
  313. echo ' </div>';
  314. }
  315.  
  316. echo '<div class="group pmagroup">';
  317. echo '<h2>phpMyAdmin</h2>';
  318. echo '<ul>';
  319. $class = null;
  320. // We rely on CSP to allow access to http://www.phpmyadmin.net, but IE lacks
  321. // support here and does not allow request to http once using https.
  322. if ($GLOBALS['cfg']['VersionCheck']
  323. && (! $GLOBALS['PMA_Config']->get('is_https') || PMA_USR_BROWSER_AGENT != 'IE')
  324. ) {
  325. $class = 'jsversioncheck';
  326. }
  327. PMA_printListItem(
  328. __('Version information') . ': ' . PMA_VERSION,
  329. 'li_pma_version',
  330. null,
  331. null,
  332. null,
  333. null,
  334. $class
  335. );
  336. PMA_printListItem(
  337. __('Documentation'),
  338. 'li_pma_docs',
  339. PMA_Util::getDocuLink('index'),
  340. null,
  341. '_blank'
  342. );
  343. PMA_printListItem(
  344. __('Wiki'),
  345. 'li_pma_wiki',
  346. PMA_linkURL('http://wiki.phpmyadmin.net/'),
  347. null,
  348. '_blank'
  349. );
  350.  
  351. // does not work if no target specified, don't know why
  352. PMA_printListItem(
  353. __('Official Homepage'),
  354. 'li_pma_homepage',
  355. PMA_linkURL('http://www.phpMyAdmin.net/'),
  356. null,
  357. '_blank'
  358. );
  359. PMA_printListItem(
  360. __('Contribute'),
  361. 'li_pma_contribute',
  362. PMA_linkURL('http://www.phpmyadmin.net/home_page/improve.php'),
  363. null,
  364. '_blank'
  365. );
  366. PMA_printListItem(
  367. __('Get support'),
  368. 'li_pma_support',
  369. PMA_linkURL('http://www.phpmyadmin.net/home_page/support.php'),
  370. null,
  371. '_blank'
  372. );
  373. PMA_printListItem(
  374. __('List of changes'),
  375. 'li_pma_changes',
  376. PMA_linkURL('changelog.php'),
  377. null,
  378. '_blank'
  379. );
  380. ?>
  381. </ul>
  382. </div>
  383.  
  384. </div>
  385.  
  386. </div>
  387.  
  388. <?php
  389. /**
  390. * Warning if using the default MySQL privileged account
  391. */
  392. if ($server != 0
  393. && $cfg['Server']['user'] == 'root'
  394. && $cfg['Server']['password'] == ''
  395. ) {
  396. trigger_error(
  397. __('Your configuration file contains settings (root with no password) that correspond to the default MySQL privileged account. Your MySQL server is running with this default, is open to intrusion, and you really should fix this security hole by setting a password for user \'root\'.'),
  398. E_USER_WARNING
  399. );
  400. }
  401.  
  402. /**
  403. * Nijel: As we try to handle charsets by ourself, mbstring overloads just
  404. * break it, see bug 1063821.
  405. */
  406. if (@extension_loaded('mbstring') && @ini_get('mbstring.func_overload') > 1) {
  407. trigger_error(
  408. __('You have enabled mbstring.func_overload in your PHP configuration. This option is incompatible with phpMyAdmin and might cause some data to be corrupted!'),
  409. E_USER_WARNING
  410. );
  411. }
  412.  
  413. /**
  414. * Nijel: mbstring is used for handling multibyte inside parser, so it is good
  415. * to tell user something might be broken without it, see bug #1063149.
  416. */
  417. if (! @extension_loaded('mbstring')) {
  418. trigger_error(
  419. __('The mbstring PHP extension was not found and you seem to be using a multibyte charset. Without the mbstring extension phpMyAdmin is unable to split strings correctly and it may result in unexpected results.'),
  420. E_USER_WARNING
  421. );
  422. }
  423.  
  424. /**
  425. * Check whether session.gc_maxlifetime limits session validity.
  426. */
  427. $gc_time = (int)@ini_get('session.gc_maxlifetime');
  428. if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
  429. trigger_error(
  430. __('Your PHP parameter [a@http://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime@_blank]session.gc_maxlifetime[/a] is lower than cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.'),
  431. E_USER_WARNING
  432. );
  433. }
  434.  
  435. /**
  436. * Check whether LoginCookieValidity is limited by LoginCookieStore.
  437. */
  438. if ($GLOBALS['cfg']['LoginCookieStore'] != 0
  439. && $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']
  440. ) {
  441. trigger_error(
  442. __('Login cookie store is lower than cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.'),
  443. E_USER_WARNING
  444. );
  445. }
  446.  
  447. /**
  448. * Check if user does not have defined blowfish secret and it is being used.
  449. */
  450. if (! empty($_SESSION['auto_blowfish_secret'])
  451. && empty($GLOBALS['cfg']['blowfish_secret'])
  452. ) {
  453. trigger_error(
  454. __('The configuration file now needs a secret passphrase (blowfish_secret).'),
  455. E_USER_WARNING
  456. );
  457. }
  458.  
  459. /**
  460. * Check for existence of config directory which should not exist in
  461. * production environment.
  462. */
  463. if (file_exists('config')) {
  464. trigger_error(
  465. __('Directory [code]config[/code], which is used by the setup script, still exists in your phpMyAdmin directory. You should remove it once phpMyAdmin has been configured.'),
  466. E_USER_WARNING
  467. );
  468. }
  469.  
  470. if ($server > 0) {
  471. $cfgRelation = PMA_getRelationsParam();
  472. if (! $cfgRelation['allworks']
  473. && $cfg['PmaNoRelation_DisableWarning'] == false
  474. ) {
  475. $msg = PMA_Message::notice(__('The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why click %shere%s.'));
  476. $msg->addParam(
  477. '<a href="' . $cfg['PmaAbsoluteUri'] . 'chk_rel.php?' . $common_url_query . '">',
  478. false
  479. );
  480. $msg->addParam('</a>', false);
  481. /* Show error if user has configured something, notice elsewhere */
  482. if (!empty($cfg['Servers'][$server]['pmadb'])) {
  483. $msg->isError(true);
  484. }
  485. $msg->display();
  486. } // end if
  487. }
  488.  
  489. /**
  490. * Warning about different MySQL library and server version
  491. * (a difference on the third digit does not count).
  492. * If someday there is a constant that we can check about mysqlnd,
  493. * we can use it instead of strpos().
  494. * If no default server is set, PMA_DBI_get_client_info() is not defined yet.
  495. * Drizzle can speak MySQL protocol, so don't warn about version mismatch for
  496. * Drizzle servers.
  497. */
  498. if (function_exists('PMA_DBI_get_client_info')
  499. && !PMA_DRIZZLE
  500. && $cfg['ServerLibraryDifference_DisableWarning'] == false
  501. ) {
  502. $_client_info = PMA_DBI_get_client_info();
  503. if ($server > 0
  504. && strpos($_client_info, 'mysqlnd') === false
  505. && substr(PMA_MYSQL_CLIENT_API, 0, 3) != substr(PMA_MYSQL_INT_VERSION, 0, 3)
  506. ) {
  507. trigger_error(
  508. PMA_sanitize(
  509. sprintf(
  510. __('Your PHP MySQL library version %s differs from your MySQL server version %s. This may cause unpredictable behavior.'),
  511. $_client_info,
  512. substr(
  513. PMA_MYSQL_STR_VERSION,
  514. 0,
  515. strpos(PMA_MYSQL_STR_VERSION . '-', '-')
  516. )
  517. )
  518. ),
  519. E_USER_NOTICE
  520. );
  521. }
  522. unset($_client_info);
  523. }
  524.  
  525. /**
  526. * Warning about Suhosin
  527. */
  528. if ($cfg['SuhosinDisableWarning'] == false
  529. && @ini_get('suhosin.request.max_value_length')
  530. // warn about Suhosin only if its simulation mode is not enabled
  531. && @ini_get('suhosin.simulation') == '0'
  532. ) {
  533. trigger_error(
  534. sprintf(
  535. __('Server running with Suhosin. Please refer to %sdocumentation%s for possible issues.'),
  536. '[doc@faq1-38]',
  537. '[/doc]'
  538. ),
  539. E_USER_WARNING
  540. );
  541. }
  542.  
  543. /**
  544. * Warning about mcrypt.
  545. */
  546. if (! function_exists('mcrypt_encrypt')
  547. && ! $GLOBALS['cfg']['McryptDisableWarning']
  548. ) {
  549. PMA_warnMissingExtension('mcrypt');
  550. }
  551.  
  552. /**
  553. * Warning about incomplete translations.
  554. *
  555. * The data file is created while creating release by ./scripts/remove-incomplete-mo
  556. */
  557. if (file_exists('libraries/language_stats.inc.php')) {
  558. include 'libraries/language_stats.inc.php';
  559. /*
  560. * This message is intentionally not translated, because we're
  561. * handling incomplete translations here and focus on english
  562. * speaking users.
  563. */
  564. if (isset($GLOBALS['language_stats'][$lang])
  565. && $GLOBALS['language_stats'][$lang] < $cfg['TranslationWarningThreshold']
  566. ) {
  567. trigger_error(
  568. 'You are using an incomplete translation, please help to make it better by [a@http://www.phpmyadmin.net/home_page/improve.php#translate@_blank]contributing[/a].',
  569. E_USER_NOTICE
  570. );
  571. }
  572. }
  573.  
  574. /**
  575. * prints list item for main page
  576. *
  577. * @param string $name displayed text
  578. * @param string $id id, used for css styles
  579. * @param string $url make item as link with $url as target
  580. * @param string $mysql_help_page display a link to MySQL's manual
  581. * @param string $target special target for $url
  582. * @param string $a_id id for the anchor,
  583. * used for jQuery to hook in functions
  584. * @param string $class class for the li element
  585. * @param string $a_class class for the anchor element
  586. *
  587. * @return void
  588. */
  589. function PMA_printListItem($name, $id = null, $url = null, $mysql_help_page = null,
  590. $target = null, $a_id = null, $class = null, $a_class = null
  591. ) {
  592. echo '<li id="' . $id . '"';
  593. if (null !== $class) {
  594. echo ' class="' . $class . '"';
  595. }
  596. echo '>';
  597. if (null !== $url) {
  598. echo '<a href="' . $url . '"';
  599. if (null !== $target) {
  600. echo ' target="' . $target . '"';
  601. }
  602. if (null != $a_id) {
  603. echo ' id="' . $a_id .'"';
  604. }
  605. if (null != $a_class) {
  606. echo ' class="' . $a_class .'"';
  607. }
  608. echo '>';
  609. }
  610.  
  611. echo $name;
  612.  
  613. if (null !== $url) {
  614. echo '</a>' . "\n";
  615. }
  616. if (null !== $mysql_help_page) {
  617. echo PMA_Util::showMySQLDocu('', $mysql_help_page);
  618. }
  619. echo '</li>';
  620. }
  621. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!