search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add table alias in PMA_DBI_get_tables_full to avoid ambiguous field names in filtered...
[phpmyadmin/crack.git] / main.php
blobdfb22c2315019b720f2d41cb369252fa7fcef4aa
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 *
5 * @package phpMyAdmin
6 */
7
8 /**
9 * Gets some core libraries and displays a top message if required
10 */
11 require_once './libraries/common.inc.php';
12
13 $GLOBALS['js_include'][] = 'jquery/jquery-ui-1.8.custom.js';
14 $GLOBALS['js_include'][] = 'jquery/jquery.sprintf.js';
15
16 // Handles some variables that may have been sent by the calling script
17 $GLOBALS['db'] = '';
18 $GLOBALS['table'] = '';
19 $show_query = '1';
20 require_once './libraries/header.inc.php';
21
22 // Any message to display?
23 if (! empty($message)) {
24 PMA_showMessage($message);
25 unset($message);
26 }
27
28 $common_url_query = PMA_generate_common_url('', '');
29
30 // when $server > 0, a server has been chosen so we can display
31 // all MySQL-related information
32 if ($server > 0) {
33 require './libraries/server_common.inc.php';
34 require './libraries/StorageEngine.class.php';
35 require './libraries/server_links.inc.php';
36
37 // Use the verbose name of the server instead of the hostname
38 // if a value is set
39 $server_info = '';
40 if (! empty($cfg['Server']['verbose'])) {
41 $server_info .= htmlspecialchars($cfg['Server']['verbose']);
42 if ($GLOBALS['cfg']['ShowServerInfo']) {
43 $server_info .= ' (';
44 }
45 }
46 if ($GLOBALS['cfg']['ShowServerInfo'] || empty($cfg['Server']['verbose'])) {
47 $server_info .= PMA_DBI_get_host_info();
48 }
49 if (! empty($cfg['Server']['verbose']) && $GLOBALS['cfg']['ShowServerInfo']) {
50 $server_info .= ')';
51 }
52 $mysql_cur_user_and_host = PMA_DBI_fetch_value('SELECT USER();');
53
54 // should we add the port info here?
55 $short_server_info = (!empty($GLOBALS['cfg']['Server']['verbose'])
56 ? $GLOBALS['cfg']['Server']['verbose']
57 : $GLOBALS['cfg']['Server']['host']);
58 }
59
60 echo '<div id="maincontainer">' . "\n";
61 echo '<div id="main_pane_left">';
62 if ($server > 0
63 || (! $cfg['LeftDisplayServers'] && count($cfg['Servers']) > 1)) {
64 echo '<div class="group">';
65 echo '<h2>' . __('General Settings') . '</h2>';
66 echo '<ul>';
67
68 /**
69 * Displays the MySQL servers choice form
70 */
71 if (! $cfg['LeftDisplayServers']
72 && (count($cfg['Servers']) > 1 || $server == 0 && count($cfg['Servers']) == 1)) {
73 echo '<li id="li_select_server">';
74 require_once './libraries/select_server.lib.php';
75 PMA_select_server(true, true);
76 echo '</li>';
77 }
78
79 /**
80 * Displays the mysql server related links
81 */
82 if ($server > 0) {
83 require_once './libraries/check_user_privileges.lib.php';
84
85 if (!PMA_DRIZZLE) {
86 // Logout for advanced authentication
87 if ($cfg['Server']['auth_type'] != 'config') {
88 if ($cfg['ShowChgPassword']) {
89 if ($GLOBALS['cfg']['AjaxEnable']) {
90 $conditional_class = 'ajax';
91 } else {
92 $conditional_class = null;
93 }
94 PMA_printListItem(__('Change password'), 'li_change_password',
95 './user_password.php?' . $common_url_query, null, null, 'change_password_anchor', null, $conditional_class);
96 }
97 } // end if
98 } // not Drizzle
99 echo ' <li id="li_select_mysql_collation">';
100 echo ' <form method="post" action="index.php" target="_parent">' . "\n"
101 . PMA_generate_common_hidden_inputs(null, null, 4, 'collation_connection')
102 . ' <label for="select_collation_connection">' . "\n"
103 . ' ' . __('MySQL connection collation') . "\n"
104 // put the doc link in the form so that it appears on the same line
105 . PMA_showMySQLDocu('MySQL_Database_Administration', 'Charset-connection') . ': ' . "\n"
106 . ' </label>' . "\n"
107
108 . PMA_generateCharsetDropdownBox(PMA_CSDROPDOWN_COLLATION, 'collation_connection', 'select_collation_connection', $collation_connection, true, 4, true)
109 . ' <noscript><input type="submit" value="' . __('Go') . '" /></noscript>' . "\n"
110 . ' </form>' . "\n"
111 . ' </li>' . "\n";
112 } // end of if ($server > 0)
113 echo '</ul>';
114 echo '</div>';
115 }
116
117 echo '<div class="group">';
118 echo '<h2>' . __('Appearance Settings') . '</h2>';
119 echo ' <ul>';
120
121 // Displays language selection combo
122 if (empty($cfg['Lang'])) {
123 echo '<li id="li_select_lang">';
124 require_once './libraries/display_select_lang.lib.php';
125 PMA_select_language();
126 echo '</li>';
127 }
128
129 // ThemeManager if available
130
131 if ($GLOBALS['cfg']['ThemeManager']) {
132 echo '<li id="li_select_theme">';
133 echo $_SESSION['PMA_Theme_Manager']->getHtmlSelectBox();
134 echo '</li>';
135 }
136 echo '<li id="li_select_fontsize">';
137 echo PMA_Config::getFontsizeForm();
138 echo '</li>';
139
140 echo '</ul>';
141
142 // User preferences
143
144 echo '<ul>';
145 echo PMA_printListItem(__('More settings'), 'li_user_preferences',
146 './prefs_manage.php?' . $common_url_query);
147 echo '</ul>';
148
149 echo '</div>';
150
151
152 echo '</div>';
153 echo '<div id="main_pane_right">';
154
155
156 if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
157 echo '<div class="group">';
158 echo '<h2>MySQL</h2>';
159 echo '<ul>' . "\n";
160 PMA_printListItem(__('Server') . ': ' . $server_info, 'li_server_info');
161 PMA_printListItem(__('Server version') . ': ' . PMA_MYSQL_STR_VERSION, 'li_server_version');
162 PMA_printListItem(__('Protocol version') . ': ' . PMA_DBI_get_proto_info(),
163 'li_mysql_proto');
164 PMA_printListItem(__('User') . ': ' . htmlspecialchars($mysql_cur_user_and_host),
165 'li_user_info');
166
167 echo ' <li id="li_select_mysql_charset">';
168 echo ' ' . __('MySQL charset') . ': '
169 . ' <span xml:lang="en" dir="ltr">'
170 . ' ' . $mysql_charsets_descriptions[$mysql_charset_map[strtolower($charset)]] . "\n"
171 . ' (' . $mysql_charset_map[strtolower($charset)] . ')' . "\n"
172 . ' </span>' . "\n"
173 . ' </li>' . "\n";
174 echo ' </ul>';
175 echo ' </div>';
176 }
177
178 if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
179 echo '<div class="group">';
180 echo '<h2>' . __('Web server') . '</h2>';
181 echo '<ul>';
182 if ($GLOBALS['cfg']['ShowServerInfo']) {
183 PMA_printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
184
185 if ($server > 0) {
186 PMA_printListItem(__('MySQL client version') . ': ' . PMA_DBI_get_client_info(),
187 'li_mysql_client_version');
188 PMA_printListItem(__('PHP extension') . ': ' . $GLOBALS['cfg']['Server']['extension'] . ' ' . PMA_showPHPDocu('book.' . $GLOBALS['cfg']['Server']['extension'] . '.php'),
189 'li_used_php_extension');
190 }
191 }
192
193 if ($cfg['ShowPhpInfo']) {
194 PMA_printListItem(__('Show PHP information'), 'li_phpinfo', './phpinfo.php?' . $common_url_query);
195 }
196 echo ' </ul>';
197 echo ' </div>';
198 }
199
200 echo '<div class="group pmagroup">';
201 echo '<h2>phpMyAdmin</h2>';
202 echo '<ul>';
203 $class = null;
204 if ($GLOBALS['cfg']['VersionCheck']) {
205 $class = 'jsversioncheck';
206 }
207 PMA_printListItem(__('Version information') . ': ' . PMA_VERSION, 'li_pma_version', null, null, null, null, $class);
208 PMA_printListItem(__('Documentation'), 'li_pma_docs', 'Documentation.html', null, '_blank');
209 PMA_printListItem(__('Wiki'), 'li_pma_wiki', PMA_linkURL('http://wiki.phpmyadmin.net/'), null, '_blank');
210
211 // does not work if no target specified, don't know why
212 PMA_printListItem(__('Official Homepage'), 'li_pma_homepage', PMA_linkURL('http://www.phpMyAdmin.net/'), null, '_blank');
213 PMA_printListItem(__('Contribute'), 'li_pma_contribute', PMA_linkURL('http://www.phpmyadmin.net/home_page/improve.php'), null, '_blank');
214 PMA_printListItem(__('Get support'), 'li_pma_support', PMA_linkURL('http://www.phpmyadmin.net/home_page/support.php'), null, '_blank');
215 PMA_printListItem(__('List of changes'), 'li_pma_changes', PMA_linkURL('changelog.php'), null, '_blank');
216 ?>
217 </ul>
218 </div>
219
220 </div>
221
222 <?php
223 /**
224 * BUG: MSIE needs two <br /> here, otherwise it will not extend the outer div to the
225 * full height of the inner divs
226 */
227 ?>
228 <br class="clearfloat" />
229 <br class="clearfloat" />
230 </div>
231
232 <?php
233 /**
234 * Warning if using the default MySQL privileged account
235 */
236 if ($server != 0
237 && $cfg['Server']['user'] == 'root'
238 && $cfg['Server']['password'] == '') {
239 trigger_error(__('Your configuration file contains settings (root with no password) that correspond to the default MySQL privileged account. Your MySQL server is running with this default, is open to intrusion, and you really should fix this security hole by setting a password for user \'root\'.'), E_USER_WARNING);
240 }
241
242 /**
243 * Nijel: As we try to handle charsets by ourself, mbstring overloads just
244 * break it, see bug 1063821.
245 */
246 if (@extension_loaded('mbstring') && @ini_get('mbstring.func_overload') > 1) {
247 trigger_error(__('You have enabled mbstring.func_overload in your PHP configuration. This option is incompatible with phpMyAdmin and might cause some data to be corrupted!'), E_USER_WARNING);
248 }
249
250 /**
251 * Nijel: mbstring is used for handling multibyte inside parser, so it is good
252 * to tell user something might be broken without it, see bug #1063149.
253 */
254 if (! @extension_loaded('mbstring')) {
255 trigger_error(__('The mbstring PHP extension was not found and you seem to be using a multibyte charset. Without the mbstring extension phpMyAdmin is unable to split strings correctly and it may result in unexpected results.'), E_USER_WARNING);
256 }
257
258 /**
259 * Check whether session.gc_maxlifetime limits session validity.
260 */
261 $gc_time = (int)@ini_get('session.gc_maxlifetime');
262 if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
263 trigger_error(PMA_Message::decodeBB(__('Your PHP parameter [a@http://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime@]session.gc_maxlifetime[/a] is lower that cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.')), E_USER_WARNING);
264 }
265
266 /**
267 * Check whether LoginCookieValidity is limited by LoginCookieStore.
268 */
269 if ($GLOBALS['cfg']['LoginCookieStore'] != 0 && $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']) {
270 trigger_error(PMA_Message::decodeBB(__('Login cookie store is lower than cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.')), E_USER_WARNING);
271 }
272
273 /**
274 * Check if user does not have defined blowfish secret and it is being used.
275 */
276 if (!empty($_SESSION['auto_blowfish_secret']) &&
277 empty($GLOBALS['cfg']['blowfish_secret'])) {
278 trigger_error(__('The configuration file now needs a secret passphrase (blowfish_secret).'), E_USER_WARNING);
279 }
280
281 /**
282 * Check for existence of config directory which should not exist in
283 * production environment.
284 */
285 if (file_exists('./config')) {
286 trigger_error(__('Directory [code]config[/code], which is used by the setup script, still exists in your phpMyAdmin directory. You should remove it once phpMyAdmin has been configured.'), E_USER_WARNING);
287 }
288
289 if ($server > 0) {
290 $cfgRelation = PMA_getRelationsParam();
291 if(! $cfgRelation['allworks'] && $cfg['PmaNoRelation_DisableWarning'] == false) {
292 $message = PMA_Message::notice(__('The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why click %shere%s.'));
293 $message->addParam('<a href="' . $cfg['PmaAbsoluteUri'] . 'chk_rel.php?' . $common_url_query . '">', false);
294 $message->addParam('</a>', false);
295 /* Show error if user has configured something, notice elsewhere */
296 if (!empty($cfg['Servers'][$server]['pmadb'])) {
297 $message->isError(true);
298 }
299 $message->display();
300 } // end if
301 }
302
303 /**
304 * Show notice when javascript support is missing.
305 */
306 echo '<noscript>';
307 $message = PMA_Message::notice(__('Javascript support is missing or disabled in your browser, some phpMyAdmin functionality will be missing. For example navigation frame will not refresh automatically.'));
308 $message->isError(true);
309 $message->display();
310 echo '</noscript>';
311
312 /**
313 * Warning about different MySQL library and server version
314 * (a difference on the third digit does not count).
315 * If someday there is a constant that we can check about mysqlnd, we can use it instead
316 * of strpos().
317 * If no default server is set, PMA_DBI_get_client_info() is not defined yet.
318 */
319 if (function_exists('PMA_DBI_get_client_info')) {
320 $_client_info = PMA_DBI_get_client_info();
321 if ($server > 0 && strpos($_client_info, 'mysqlnd') === false && substr(PMA_MYSQL_CLIENT_API, 0, 3) != substr(PMA_MYSQL_INT_VERSION, 0, 3)) {
322 trigger_error(PMA_sanitize(sprintf(__('Your PHP MySQL library version %s differs from your MySQL server version %s. This may cause unpredictable behavior.'),
323 $_client_info,
324 substr(PMA_MYSQL_STR_VERSION, 0, strpos(PMA_MYSQL_STR_VERSION . '-', '-')))),
325 E_USER_NOTICE);
326 }
327 unset($_client_info);
328 }
329
330 /**
331 * Warning about Suhosin
332 */
333 if ($cfg['SuhosinDisableWarning'] == false && @ini_get('suhosin.request.max_value_length')) {
334 trigger_error(PMA_sanitize(sprintf(__('Server running with Suhosin. Please refer to %sdocumentation%s for possible issues.'), '[a@./Documentation.html#faq1_38@_blank]', '[/a]')), E_USER_WARNING);
335 }
336
337 /**
338 * Warning about incomplete translations.
339 *
340 * The data file is created while creating release by ./scripts/remove-incomplete-mo
341 */
342 if (file_exists('./libraries/language_stats.inc.php')) {
343 include('./libraries/language_stats.inc.php');
344 /*
345 * This message is intentionally not translated, because we're
346 * handling incomplete translations here and focus on english
347 * speaking users.
348 */
349 if (isset($GLOBALS['language_stats'][$lang]) && $GLOBALS['language_stats'][$lang] < $cfg['TranslationWarningThreshold']) {
350 trigger_error('You are using an incomplete translation, please help to make it better by <a href="http://www.phpmyadmin.net/home_page/improve.php#translate" target="_blank">contributing</a>.', E_USER_NOTICE);
351 }
352 }
353
354 /**
355 * prints list item for main page
356 *
357 * @param string $name displayed text
358 * @param string $id id, used for css styles
359 * @param string $url make item as link with $url as target
360 * @param string $mysql_help_page display a link to MySQL's manual
361 * @param string $target special target for $url
362 * @param string $a_id id for the anchor, used for jQuery to hook in functions
363 * @param string $class class for the li element
364 * @param string $a_class class for the anchor element
365 */
366 function PMA_printListItem($name, $id = null, $url = null, $mysql_help_page = null, $target = null, $a_id = null, $class = null, $a_class = null)
367 {
368 echo '<li id="' . $id . '"';
369 if (null !== $class) {
370 echo ' class="' . $class . '"';
371 }
372 echo '>';
373 if (null !== $url) {
374 echo '<a href="' . $url . '"';
375 if (null !== $target) {
376 echo ' target="' . $target . '"';
377 }
378 if (null != $a_id) {
379 echo ' id="' . $a_id .'"';
380 }
381 if (null != $a_class) {
382 echo ' class="' . $a_class .'"';
383 }
384 echo '>';
385 }
386
387 echo $name;
388
389 if (null !== $url) {
390 echo '</a>' . "\n";
391 }
392 if (null !== $mysql_help_page) {
393 echo PMA_showMySQLDocu('', $mysql_help_page);
394 }
395 echo '</li>';
396 }
397
398 /**
399 * Displays the footer
400 */
401 require './libraries/footer.inc.php';
402 ?>
Drizzle / GSOC 2011