/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* Main loader script
*
* @package PhpMyAdmin
*/
use PhpMyAdmin\Charsets;
use PhpMyAdmin\Config;
use PhpMyAdmin\Core;
use PhpMyAdmin\Display\GitRevision;
use PhpMyAdmin\LanguageManager;
use PhpMyAdmin\Message;
use PhpMyAdmin\RecentFavoriteTable;
use PhpMyAdmin\Relation;
use PhpMyAdmin\Response;
use PhpMyAdmin\Sanitize;
use PhpMyAdmin\Server\Select;
use PhpMyAdmin\ThemeManager;
use PhpMyAdmin\Url;
use PhpMyAdmin\Util;
use PhpMyAdmin\UserPreferences;
/**
* Gets some core libraries and displays a top message if required
*/
require_once 'libraries/common.inc.php';
/**
* pass variables to child pages
*/
$drops = array(
'lang',
'server',
'collation_connection',
'db',
'table'
);
foreach ($drops as $each_drop) {
if (array_key_exists($each_drop, $_GET)) {
unset($_GET[$each_drop]);
}
}
unset($drops, $each_drop);
/*
* Black list of all scripts to which front-end must submit data.
* Such scripts must not be loaded on home page.
*
*/
$target_blacklist = array (
'import.php', 'export.php'
);
// If we have a valid target, let's load that script instead
if (! empty($_REQUEST['target'])
&& is_string($_REQUEST['target'])
&& ! preg_match('/^index/', $_REQUEST['target'])
&& ! in_array($_REQUEST['target'], $target_blacklist)
&& Core::checkPageValidity($_REQUEST['target'], [], true)
) {
include $_REQUEST['target'];
exit;
}
if (isset($_REQUEST['ajax_request']) && ! empty($_REQUEST['access_time'])) {
exit;
}
// user selected font size
if (isset($_POST['set_fontsize']) && preg_match('/^[0-9.]+(px|em|pt|\%)$/', $_POST['set_fontsize'])) {
$GLOBALS['PMA_Config']->setUserValue(
null,
'FontSize',
$_POST['set_fontsize'],
'82%'
);
header('Location: index.php' . Url::getCommonRaw());
exit();
}
// if user selected a theme
if (isset($_POST['set_theme'])) {
$tmanager = ThemeManager::getInstance();
$tmanager->setActiveTheme($_POST['set_theme']);
$tmanager->setThemeCookie();
$userPreferences = new UserPreferences();
$prefs = $userPreferences->load();
$prefs["config_data"]["ThemeDefault"] = $_POST['set_theme'];
$userPreferences->save($prefs["config_data"]);
header('Location: index.php' . Url::getCommonRaw());
exit();
}
// Change collation connection
if (isset($_POST['collation_connection'])) {
$GLOBALS['PMA_Config']->setUserValue(
null,
'DefaultConnectionCollation',
$_POST['collation_connection'],
'utf8mb4_unicode_ci'
);
header('Location: index.php' . Url::getCommonRaw());
exit();
}
// See FAQ 1.34
if (! empty($_REQUEST['db'])) {
$page = null;
if (! empty($_REQUEST['table'])) {
$page = Util::getScriptNameForOption(
$GLOBALS['cfg']['DefaultTabTable'], 'table'
);
} else {
$page = Util::getScriptNameForOption(
$GLOBALS['cfg']['DefaultTabDatabase'], 'database'
);
}
include $page;
exit;
}
$response = Response::getInstance();
/**
* Check if it is an ajax request to reload the recent tables list.
*/
if ($response->isAjax() && ! empty($_REQUEST['recent_table'])) {
$response->addJSON(
'list',
RecentFavoriteTable::getInstance('recent')->getHtmlList()
);
exit;
}
if ($GLOBALS['PMA_Config']->isGitRevision()) {
// If ajax request to get revision
if (isset($_REQUEST['git_revision']) && $response->isAjax()) {
GitRevision::display();
exit;
}
// Else show empty html
echo '
' , "\n";
// Anchor for favorite tables synchronization.
echo RecentFavoriteTable::getInstance('favorite')->getHtmlSyncFavoriteTables();
echo '
';
if ($server > 0 || count($cfg['Servers']) > 1
) {
if ($cfg['DBG']['demo']) {
echo '
';
echo '
' , __('phpMyAdmin Demo Server') , '
';
echo '
';
printf(
__(
'You are using the demo server. You can do anything here, but '
. 'please do not change root, debian-sys-maint and pma users. '
. 'More information is available at %s.'
),
'demo.phpmyadmin.net'
);
echo '
';
echo '
';
}
echo '
';
echo '
' , __('General settings') , '
';
echo '
';
/**
* Displays the MySQL servers choice form
*/
if ($cfg['ServerDefault'] == 0
|| (! $cfg['NavigationDisplayServers']
&& (count($cfg['Servers']) > 1
|| ($server == 0 && count($cfg['Servers']) == 1)))
) {
echo '- ';
echo Util::getImage('s_host') , " "
, Select::render(true, true);
echo '
';
}
/**
* Displays the mysql server related links
*/
if ($server > 0) {
include_once 'libraries/check_user_privileges.inc.php';
// Logout for advanced authentication
if ($cfg['Server']['auth_type'] != 'config') {
if ($cfg['ShowChgPassword']) {
$conditional_class = 'ajax';
Core::printListItem(
Util::getImage('s_passwd') . " " . __(
'Change password'
),
'li_change_password',
'user_password.php' . $common_url_query,
null,
null,
'change_password_anchor',
"no_bullets",
$conditional_class
);
}
} // end if
echo ' - ';
echo ' ' . "\n"
. '
' . "\n";
} // end of if ($server > 0)
echo '
';
echo '
';
}
echo '
';
echo '
' , __('Appearance settings') , '
';
echo '
';
// Displays language selection combo
$language_manager = LanguageManager::getInstance();
if (empty($cfg['Lang']) && $language_manager->hasChoice()) {
echo '- ';
echo Util::getImage('s_lang') , " "
, $language_manager->getSelectorDisplay();
echo '
';
}
// ThemeManager if available
if ($GLOBALS['cfg']['ThemeManager']) {
echo '- ';
echo Util::getImage('s_theme') , " "
, ThemeManager::getInstance()->getHtmlSelectBox();
echo '
';
}
echo '- ';
echo Config::getFontsizeForm();
echo '
';
echo '
';
// User preferences
if ($server > 0) {
echo '
';
Core::printListItem(
Util::getImage('b_tblops') . " " . __(
'More settings'
),
'li_user_preferences',
'prefs_manage.php' . $common_url_query,
null,
null,
null,
"no_bullets"
);
echo '
';
}
echo '
';
echo '
';
echo '
';
if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
echo '
';
echo '
' , __('Database server') , '
';
echo '
' , "\n";
Core::printListItem(
__('Server:') . ' ' . $server_info,
'li_server_info'
);
Core::printListItem(
__('Server type:') . ' ' . Util::getServerType(),
'li_server_type'
);
Core::printListItem(
__('Server connection:') . ' ' . Util::getServerSSL(),
'li_server_type'
);
Core::printListItem(
__('Server version:')
. ' '
. $GLOBALS['dbi']->getVersionString() . ' - ' . $GLOBALS['dbi']->getVersionComment(),
'li_server_version'
);
Core::printListItem(
__('Protocol version:') . ' ' . $GLOBALS['dbi']->getProtoInfo(),
'li_mysql_proto'
);
Core::printListItem(
__('User:') . ' ' . htmlspecialchars($mysql_cur_user_and_host),
'li_user_info'
);
echo ' - ';
echo ' ' , __('Server charset:') , ' '
. ' ';
$charset = Charsets::getServerCharset($GLOBALS['dbi']);
$charsets = Charsets::getMySQLCharsetsDescriptions(
$GLOBALS['dbi'],
$GLOBALS['cfg']['Server']['DisableIS']
);
echo ' ' , $charsets[$charset], ' (' . $charset, ')';
echo ' '
. '
'
. '
'
. '
';
}
if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
echo '
';
echo '
' , __('Web server') , '
';
echo '
';
if ($GLOBALS['cfg']['ShowServerInfo']) {
Core::printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
if ($server > 0) {
$client_version_str = $GLOBALS['dbi']->getClientInfo();
if (preg_match('#\d+\.\d+\.\d+#', $client_version_str)) {
$client_version_str = 'libmysql - ' . $client_version_str;
}
Core::printListItem(
__('Database client version:') . ' ' . $client_version_str,
'li_mysql_client_version'
);
$php_ext_string = __('PHP extension:') . ' ';
$extensions = Util::listPHPExtensions();
foreach ($extensions as $extension) {
$php_ext_string .= ' ' . $extension
. Util::showPHPDocu('book.' . $extension . '.php');
}
Core::printListItem(
$php_ext_string,
'li_used_php_extension'
);
$php_version_string = __('PHP version:') . ' ' . phpversion();
Core::printListItem(
$php_version_string,
'li_used_php_version'
);
}
}
if ($cfg['ShowPhpInfo']) {
Core::printListItem(
__('Show PHP information'),
'li_phpinfo',
'phpinfo.php' . $common_url_query,
null,
'_blank'
);
}
echo '
';
echo '
';
}
echo '
';
echo '
phpMyAdmin
';
echo '
';
$class = null;
if ($GLOBALS['cfg']['VersionCheck']) {
$class = 'jsversioncheck';
}
Core::printListItem(
__('Version information:') . ' ' . PMA_VERSION . '',
'li_pma_version',
null,
null,
null,
null,
$class
);
Core::printListItem(
__('Documentation'),
'li_pma_docs',
Util::getDocuLink('index'),
null,
'_blank'
);
// does not work if no target specified, don't know why
Core::printListItem(
__('Official Homepage'),
'li_pma_homepage',
Core::linkURL('https://www.phpmyadmin.net/'),
null,
'_blank'
);
Core::printListItem(
__('Contribute'),
'li_pma_contribute',
Core::linkURL('https://www.phpmyadmin.net/contribute/'),
null,
'_blank'
);
Core::printListItem(
__('Get support'),
'li_pma_support',
Core::linkURL('https://www.phpmyadmin.net/support/'),
null,
'_blank'
);
Core::printListItem(
__('List of changes'),
'li_pma_changes',
'changelog.php' . Url::getCommon(),
null,
'_blank'
);
Core::printListItem(
__('License'),
'li_pma_license',
'license.php' . Url::getCommon(),
null,
'_blank'
);
echo '
';
echo '
';
echo '
';
echo '
';
/**
* mbstring is used for handling multibytes inside parser, so it is good
* to tell user something might be broken without it, see bug #1063149.
*/
if (! extension_loaded('mbstring')) {
trigger_error(
__(
'The mbstring PHP extension was not found and you seem to be using'
. ' a multibyte charset. Without the mbstring extension phpMyAdmin'
. ' is unable to split strings correctly and it may result in'
. ' unexpected results.'
),
E_USER_WARNING
);
}
/**
* Missing functionality
*/
if (! extension_loaded('curl') && ! ini_get('allow_url_fopen')) {
trigger_error(
__(
'The curl extension was not found and allow_url_fopen is '
. 'disabled. Due to this some features such as error reporting '
. 'or version check are disabled.'
)
);
}
if ($cfg['LoginCookieValidityDisableWarning'] == false) {
/**
* Check whether session.gc_maxlifetime limits session validity.
*/
$gc_time = (int)ini_get('session.gc_maxlifetime');
if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
trigger_error(
__(
'Your PHP parameter [a@https://secure.php.net/manual/en/session.' .
'configuration.php#ini.session.gc-maxlifetime@_blank]session.' .
'gc_maxlifetime[/a] is lower than cookie validity configured ' .
'in phpMyAdmin, because of this, your login might expire sooner ' .
'than configured in phpMyAdmin.'
),
E_USER_WARNING
);
}
}
/**
* Check whether LoginCookieValidity is limited by LoginCookieStore.
*/
if ($GLOBALS['cfg']['LoginCookieStore'] != 0
&& $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']
) {
trigger_error(
__(
'Login cookie store is lower than cookie validity configured in ' .
'phpMyAdmin, because of this, your login will expire sooner than ' .
'configured in phpMyAdmin.'
),
E_USER_WARNING
);
}
/**
* Check if user does not have defined blowfish secret and it is being used.
*/
if (! empty($_SESSION['encryption_key'])) {
if (empty($GLOBALS['cfg']['blowfish_secret'])) {
trigger_error(
__(
'The configuration file now needs a secret passphrase (blowfish_secret).'
),
E_USER_WARNING
);
} elseif (strlen($GLOBALS['cfg']['blowfish_secret']) < 32) {
trigger_error(
__(
'The secret passphrase in configuration (blowfish_secret) is too short.'
),
E_USER_WARNING
);
}
}
/**
* Check for existence of config directory which should not exist in
* production environment.
*/
if (@file_exists('config')) {
trigger_error(
__(
'Directory [code]config[/code], which is used by the setup script, ' .
'still exists in your phpMyAdmin directory. It is strongly ' .
'recommended to remove it once phpMyAdmin has been configured. ' .
'Otherwise the security of your server may be compromised by ' .
'unauthorized people downloading your configuration.'
),
E_USER_WARNING
);
}
$relation = new Relation();
if ($server > 0) {
$cfgRelation = $relation->getRelationsParam();
if (! $cfgRelation['allworks']
&& $cfg['PmaNoRelation_DisableWarning'] == false
) {
$msg_text = __(
'The phpMyAdmin configuration storage is not completely '
. 'configured, some extended features have been deactivated. '
. '%sFind out why%s. '
);
if ($cfg['ZeroConf'] == true) {
$msg_text .= '