php

1. <?php
2. /* vim: set expandtab sw=4 ts=4 sts=4: */
3. /**
4.  * Main loader script
5.  *
6.  * @package PhpMyAdmin
7.  */
8. declare(strict_types=1);
9.  
10. use PhpMyAdmin\Controllers\HomeController;
11. use PhpMyAdmin\Core;
12. use PhpMyAdmin\DatabaseInterface;
13. use PhpMyAdmin\Response;
14. use PhpMyAdmin\Url;
15. use PhpMyAdmin\Util;
16.  
17. if (! defined('ROOT_PATH')) {
18.     define('ROOT_PATH', __DIR__ . DIRECTORY_SEPARATOR);
19. }
20.  
21. global $server;
22.  
23. require_once ROOT_PATH . 'libraries/common.inc.php';
24.  
25. /**
26.  * pass variables to child pages
27.  */
28. $drops = [
29.     'lang',
30.     'server',
31.     'collation_connection',
32.     'db',
33.     'table',
34. ];
35. foreach ($drops as $each_drop) {
36.     if (array_key_exists($each_drop, $_GET)) {
37.         unset($_GET[$each_drop]);
38.     }
39. }
40. unset($drops, $each_drop);
41.  
42. /**
43.  * Black list of all scripts to which front-end must submit data.
44.  * Such scripts must not be loaded on home page.
45.  */
46. $target_blacklist =  [
47.     'import.php',
48.     'export.php',
49. ];
50.  
51. // If we have a valid target, let's load that script instead
52. if (! empty($_REQUEST['target'])
53.     && is_string($_REQUEST['target'])
54.     && 0 !== strpos($_REQUEST['target'], "index")
55.     && ! in_array($_REQUEST['target'], $target_blacklist)
56.     && Core::checkPageValidity($_REQUEST['target'], [], true)
57. ) {
58.     include ROOT_PATH . $_REQUEST['target'];
59.     exit;
60. }
61.  
62. /** @var Response $response */
63. $response = $containerBuilder->get(Response::class);
64.  
65. /** @var DatabaseInterface $dbi */
66. $dbi = $containerBuilder->get(DatabaseInterface::class);
67.  
68. /** @var HomeController $controller */
69. $controller = $containerBuilder->get(HomeController::class);
70.  
71. if (isset($_REQUEST['ajax_request']) && ! empty($_REQUEST['access_time'])) {
72.     exit;
73. }
74.  
75. if (isset($_POST['set_theme'])) {
76.     $controller->setTheme([
77.         'set_theme' => $_POST['set_theme'],
78.     ]);
79.  
80.     header('Location: index.php' . Url::getCommonRaw());
81. } elseif (isset($_POST['collation_connection'])) {
82.     $controller->setCollationConnection([
83.         'collation_connection' => $_POST['collation_connection'],
84.     ]);
85.  
86.     header('Location: index.php' . Url::getCommonRaw());
87. } elseif (! empty($_REQUEST['db'])) {
88.     // See FAQ 1.34
89.     $page = null;
90.     if (! empty($_REQUEST['table'])) {
91.         $page = Util::getScriptNameForOption(
92.             $GLOBALS['cfg']['DefaultTabTable'],
93.             'table'
94.         );
95.     } else {
96.         $page = Util::getScriptNameForOption(
97.             $GLOBALS['cfg']['DefaultTabDatabase'],
98.             'database'
99.         );
100.     }
101.     include ROOT_PATH . $page;
102. } elseif ($response->isAjax() && ! empty($_REQUEST['recent_table'])) {
103.     $response->addJSON($controller->reloadRecentTablesList());
104. } elseif ($GLOBALS['PMA_Config']->isGitRevision()
105.     && isset($_REQUEST['git_revision'])
106.     && $response->isAjax()
107. ) {
108.     $response->addHTML($controller->gitRevision());
109. } else {
110.     // Handles some variables that may have been sent by the calling script
111.     $GLOBALS['db'] = '';
112.     $GLOBALS['table'] = '';
113.     $show_query = '1';
114.  
115.     if ($server > 0) {
116.         include ROOT_PATH . 'libraries/server_common.inc.php';
117.     }
118.  
119.     $response->addHTML($controller->index());
120. }