search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge remote-tracking branch 'origin/master' into drizzle
[phpmyadmin/crack.git] / main.php
blob1d14c6119dd1074e692f512b1587483e5ddb561c
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 *
5 * @package phpMyAdmin
6 */
7
8 /**
9 * Gets some core libraries and displays a top message if required
10 */
11 require_once './libraries/common.inc.php';
12
13 $GLOBALS['js_include'][] = 'jquery/jquery-ui-1.8.custom.js';
14 $GLOBALS['js_include'][] = 'jquery/jquery.sprintf.js';
15
16 // Handles some variables that may have been sent by the calling script
17 $GLOBALS['db'] = '';
18 $GLOBALS['table'] = '';
19 $show_query = '1';
20 require_once './libraries/header.inc.php';
21
22 // Any message to display?
23 if (! empty($message)) {
24 PMA_showMessage($message);
25 unset($message);
26 }
27
28 $common_url_query = PMA_generate_common_url('', '');
29
30 // when $server > 0, a server has been chosen so we can display
31 // all MySQL-related information
32 if ($server > 0) {
33 require './libraries/server_common.inc.php';
34 require './libraries/StorageEngine.class.php';
35 require './libraries/server_links.inc.php';
36
37 // Use the verbose name of the server instead of the hostname
38 // if a value is set
39 $server_info = '';
40 if (! empty($cfg['Server']['verbose'])) {
41 $server_info .= htmlspecialchars($cfg['Server']['verbose']);
42 if ($GLOBALS['cfg']['ShowServerInfo']) {
43 $server_info .= ' (';
44 }
45 }
46 if ($GLOBALS['cfg']['ShowServerInfo'] || empty($cfg['Server']['verbose'])) {
47 $server_info .= PMA_DBI_get_host_info();
48 }
49 if (! empty($cfg['Server']['verbose']) && $GLOBALS['cfg']['ShowServerInfo']) {
50 $server_info .= ')';
51 }
52 $mysql_cur_user_and_host = PMA_DBI_fetch_value('SELECT USER();');
53
54 // should we add the port info here?
55 $short_server_info = (!empty($GLOBALS['cfg']['Server']['verbose'])
56 ? $GLOBALS['cfg']['Server']['verbose']
57 : $GLOBALS['cfg']['Server']['host']);
58 }
59
60 echo '<div id="maincontainer">' . "\n";
61 echo '<div id="main_pane_left">';
62 if ($server > 0
63 || (! $cfg['LeftDisplayServers'] && count($cfg['Servers']) > 1)) {
64 echo '<div class="group">';
65 echo '<h2>' . __('General Settings') . '</h2>';
66 echo '<ul>';
67
68 /**
69 * Displays the MySQL servers choice form
70 */
71 if (! $cfg['LeftDisplayServers']
72 && (count($cfg['Servers']) > 1 || $server == 0 && count($cfg['Servers']) == 1)) {
73 echo '<li id="li_select_server">';
74 require_once './libraries/select_server.lib.php';
75 PMA_select_server(true, true);
76 echo '</li>';
77 }
78
79 /**
80 * Displays the mysql server related links
81 */
82 if ($server > 0) {
83 require_once './libraries/check_user_privileges.lib.php';
84
85 if (!PMA_DRIZZLE) {
86 // Logout for advanced authentication
87 if ($cfg['Server']['auth_type'] != 'config') {
88 if ($cfg['ShowChgPassword']) {
89 if ($GLOBALS['cfg']['AjaxEnable']) {
90 $conditional_class = 'ajax';
91 } else {
92 $conditional_class = null;
93 }
94 PMA_printListItem(__('Change password'), 'li_change_password',
95 './user_password.php?' . $common_url_query, null, null, 'change_password_anchor', null, $conditional_class);
96 }
97 } // end if
98 } // not Drizzle
99 echo ' <li id="li_select_mysql_collation">';
100 echo ' <form method="post" action="index.php" target="_parent">' . "\n"
101 . PMA_generate_common_hidden_inputs(null, null, 4, 'collation_connection')
102 . ' <label for="select_collation_connection">' . "\n"
103 . ' ' . __('MySQL connection collation') . "\n"
104 // put the doc link in the form so that it appears on the same line
105 . PMA_showMySQLDocu('MySQL_Database_Administration', 'Charset-connection') . ': ' . "\n"
106 . ' </label>' . "\n"
107
108 . PMA_generateCharsetDropdownBox(PMA_CSDROPDOWN_COLLATION, 'collation_connection', 'select_collation_connection', $collation_connection, true, 4, true)
109 . ' <noscript><input type="submit" value="' . __('Go') . '" /></noscript>' . "\n"
110 . ' </form>' . "\n"
111 . ' </li>' . "\n";
112 } // end of if ($server > 0)
113 echo '</ul>';
114 echo '</div>';
115 }
116
117 echo '<div class="group">';
118 echo '<h2>' . __('Appearance Settings') . '</h2>';
119 echo ' <ul>';
120
121 // Displays language selection combo
122 if (empty($cfg['Lang'])) {
123 echo '<li id="li_select_lang">';
124 require_once './libraries/display_select_lang.lib.php';
125 PMA_select_language();
126 echo '</li>';
127 }
128
129 // ThemeManager if available
130
131 if ($GLOBALS['cfg']['ThemeManager']) {
132 echo '<li id="li_select_theme">';
133 echo $_SESSION['PMA_Theme_Manager']->getHtmlSelectBox();
134 echo '</li>';
135 }
136 echo '<li id="li_select_fontsize">';
137 echo PMA_Config::getFontsizeForm();
138 echo '</li>';
139
140 echo '</ul>';
141
142 // User preferences
143
144 echo '<ul>';
145 echo PMA_printListItem(__('More settings'), 'li_user_preferences',
146 './prefs_manage.php?' . $common_url_query);
147 echo '</ul>';
148
149 echo '</div>';
150
151
152 echo '</div>';
153 echo '<div id="main_pane_right">';
154
155
156 if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
157 echo '<div class="group">';
158 echo '<h2>MySQL</h2>';
159 echo '<ul>' . "\n";
160 PMA_printListItem(__('Server') . ': ' . $server_info, 'li_server_info');
161 PMA_printListItem(__('Server version') . ': ' . PMA_MYSQL_STR_VERSION, 'li_server_version');
162 PMA_printListItem(__('Protocol version') . ': ' . PMA_DBI_get_proto_info(),
163 'li_mysql_proto');
164 PMA_printListItem(__('User') . ': ' . htmlspecialchars($mysql_cur_user_and_host),
165 'li_user_info');
166
167 echo ' <li id="li_select_mysql_charset">';
168 echo ' ' . __('MySQL charset') . ': '
169 . ' <span xml:lang="en" dir="ltr">'
170 . ' ' . $mysql_charsets_descriptions[$mysql_charset_map[strtolower($charset)]] . "\n"
171 . ' (' . $mysql_charset_map[strtolower($charset)] . ')' . "\n"
172 . ' </span>' . "\n"
173 . ' </li>' . "\n";
174 echo ' </ul>';
175 echo ' </div>';
176 }
177
178 if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
179 echo '<div class="group">';
180 echo '<h2>' . __('Web server') . '</h2>';
181 echo '<ul>';
182 if ($GLOBALS['cfg']['ShowServerInfo']) {
183 PMA_printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
184
185 if ($server > 0) {
186 PMA_printListItem(__('MySQL client version') . ': ' . PMA_DBI_get_client_info(),
187 'li_mysql_client_version');
188 PMA_printListItem(__('PHP extension') . ': ' . $GLOBALS['cfg']['Server']['extension'] . ' ' . PMA_showPHPDocu('book.' . $GLOBALS['cfg']['Server']['extension'] . '.php'),
189 'li_used_php_extension');
190 }
191 }
192
193 if ($cfg['ShowPhpInfo']) {
194 PMA_printListItem(__('Show PHP information'), 'li_phpinfo', './phpinfo.php?' . $common_url_query);
195 }
196 echo ' </ul>';
197 echo ' </div>';
198 }
199
200 echo '<div class="group pmagroup">';
201 echo '<h2>phpMyAdmin</h2>';
202 echo '<ul>';
203 $class = null;
204 // workaround for bug 3302733; some browsers don't like the situation
205 // where phpMyAdmin is called on a secure page but a part of the page
206 // (the version check) refers to a non-secure page
207 if ($GLOBALS['cfg']['VersionCheck'] && ! $GLOBALS['PMA_Config']->get('is_https')) {
208 $class = 'jsversioncheck';
209 }
210 PMA_printListItem(__('Version information') . ': ' . PMA_VERSION, 'li_pma_version', null, null, null, null, $class);
211 PMA_printListItem(__('Documentation'), 'li_pma_docs', 'Documentation.html', null, '_blank');
212 PMA_printListItem(__('Wiki'), 'li_pma_wiki', PMA_linkURL('http://wiki.phpmyadmin.net/'), null, '_blank');
213
214 // does not work if no target specified, don't know why
215 PMA_printListItem(__('Official Homepage'), 'li_pma_homepage', PMA_linkURL('http://www.phpMyAdmin.net/'), null, '_blank');
216 PMA_printListItem(__('Contribute'), 'li_pma_contribute', PMA_linkURL('http://www.phpmyadmin.net/home_page/improve.php'), null, '_blank');
217 PMA_printListItem(__('Get support'), 'li_pma_support', PMA_linkURL('http://www.phpmyadmin.net/home_page/support.php'), null, '_blank');
218 PMA_printListItem(__('List of changes'), 'li_pma_changes', PMA_linkURL('changelog.php'), null, '_blank');
219 ?>
220 </ul>
221 </div>
222
223 </div>
224
225 <?php
226 /**
227 * BUG: MSIE needs two <br /> here, otherwise it will not extend the outer div to the
228 * full height of the inner divs
229 */
230 ?>
231 <br class="clearfloat" />
232 <br class="clearfloat" />
233 </div>
234
235 <?php
236 /**
237 * Warning if using the default MySQL privileged account
238 */
239 if ($server != 0
240 && $cfg['Server']['user'] == 'root'
241 && $cfg['Server']['password'] == '') {
242 trigger_error(__('Your configuration file contains settings (root with no password) that correspond to the default MySQL privileged account. Your MySQL server is running with this default, is open to intrusion, and you really should fix this security hole by setting a password for user \'root\'.'), E_USER_WARNING);
243 }
244
245 /**
246 * Nijel: As we try to handle charsets by ourself, mbstring overloads just
247 * break it, see bug 1063821.
248 */
249 if (@extension_loaded('mbstring') && @ini_get('mbstring.func_overload') > 1) {
250 trigger_error(__('You have enabled mbstring.func_overload in your PHP configuration. This option is incompatible with phpMyAdmin and might cause some data to be corrupted!'), E_USER_WARNING);
251 }
252
253 /**
254 * Nijel: mbstring is used for handling multibyte inside parser, so it is good
255 * to tell user something might be broken without it, see bug #1063149.
256 */
257 if (! @extension_loaded('mbstring')) {
258 trigger_error(__('The mbstring PHP extension was not found and you seem to be using a multibyte charset. Without the mbstring extension phpMyAdmin is unable to split strings correctly and it may result in unexpected results.'), E_USER_WARNING);
259 }
260
261 /**
262 * Check whether session.gc_maxlifetime limits session validity.
263 */
264 $gc_time = (int)@ini_get('session.gc_maxlifetime');
265 if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
266 trigger_error(PMA_Message::decodeBB(__('Your PHP parameter [a@http://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime@]session.gc_maxlifetime[/a] is lower that cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.')), E_USER_WARNING);
267 }
268
269 /**
270 * Check whether LoginCookieValidity is limited by LoginCookieStore.
271 */
272 if ($GLOBALS['cfg']['LoginCookieStore'] != 0 && $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']) {
273 trigger_error(PMA_Message::decodeBB(__('Login cookie store is lower than cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.')), E_USER_WARNING);
274 }
275
276 /**
277 * Check if user does not have defined blowfish secret and it is being used.
278 */
279 if (!empty($_SESSION['auto_blowfish_secret']) &&
280 empty($GLOBALS['cfg']['blowfish_secret'])) {
281 trigger_error(__('The configuration file now needs a secret passphrase (blowfish_secret).'), E_USER_WARNING);
282 }
283
284 /**
285 * Check for existence of config directory which should not exist in
286 * production environment.
287 */
288 if (file_exists('./config')) {
289 trigger_error(__('Directory [code]config[/code], which is used by the setup script, still exists in your phpMyAdmin directory. You should remove it once phpMyAdmin has been configured.'), E_USER_WARNING);
290 }
291
292 if ($server > 0) {
293 $cfgRelation = PMA_getRelationsParam();
294 if(! $cfgRelation['allworks'] && $cfg['PmaNoRelation_DisableWarning'] == false) {
295 $message = PMA_Message::notice(__('The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why click %shere%s.'));
296 $message->addParam('<a href="' . $cfg['PmaAbsoluteUri'] . 'chk_rel.php?' . $common_url_query . '">', false);
297 $message->addParam('</a>', false);
298 /* Show error if user has configured something, notice elsewhere */
299 if (!empty($cfg['Servers'][$server]['pmadb'])) {
300 $message->isError(true);
301 }
302 $message->display();
303 } // end if
304 }
305
306 /**
307 * Show notice when javascript support is missing.
308 */
309 echo '<noscript>';
310 $message = PMA_Message::notice(__('Javascript support is missing or disabled in your browser, some phpMyAdmin functionality will be missing. For example navigation frame will not refresh automatically.'));
311 $message->isError(true);
312 $message->display();
313 echo '</noscript>';
314
315 /**
316 * Warning about different MySQL library and server version
317 * (a difference on the third digit does not count).
318 * If someday there is a constant that we can check about mysqlnd, we can use it instead
319 * of strpos().
320 * If no default server is set, PMA_DBI_get_client_info() is not defined yet.
321 */
322 if (function_exists('PMA_DBI_get_client_info')) {
323 $_client_info = PMA_DBI_get_client_info();
324 if ($server > 0 && strpos($_client_info, 'mysqlnd') === false && substr(PMA_MYSQL_CLIENT_API, 0, 3) != substr(PMA_MYSQL_INT_VERSION, 0, 3)) {
325 trigger_error(PMA_sanitize(sprintf(__('Your PHP MySQL library version %s differs from your MySQL server version %s. This may cause unpredictable behavior.'),
326 $_client_info,
327 substr(PMA_MYSQL_STR_VERSION, 0, strpos(PMA_MYSQL_STR_VERSION . '-', '-')))),
328 E_USER_NOTICE);
329 }
330 unset($_client_info);
331 }
332
333 /**
334 * Warning about Suhosin
335 */
336 if ($cfg['SuhosinDisableWarning'] == false && @ini_get('suhosin.request.max_value_length')) {
337 trigger_error(PMA_sanitize(sprintf(__('Server running with Suhosin. Please refer to %sdocumentation%s for possible issues.'), '[a@./Documentation.html#faq1_38@_blank]', '[/a]')), E_USER_WARNING);
338 }
339
340 /**
341 * Warning about incomplete translations.
342 *
343 * The data file is created while creating release by ./scripts/remove-incomplete-mo
344 */
345 if (file_exists('./libraries/language_stats.inc.php')) {
346 include('./libraries/language_stats.inc.php');
347 /*
348 * This message is intentionally not translated, because we're
349 * handling incomplete translations here and focus on english
350 * speaking users.
351 */
352 if (isset($GLOBALS['language_stats'][$lang]) && $GLOBALS['language_stats'][$lang] < $cfg['TranslationWarningThreshold']) {
353 trigger_error('You are using an incomplete translation, please help to make it better by <a href="http://www.phpmyadmin.net/home_page/improve.php#translate" target="_blank">contributing</a>.', E_USER_NOTICE);
354 }
355 }
356
357 /**
358 * prints list item for main page
359 *
360 * @param string $name displayed text
361 * @param string $id id, used for css styles
362 * @param string $url make item as link with $url as target
363 * @param string $mysql_help_page display a link to MySQL's manual
364 * @param string $target special target for $url
365 * @param string $a_id id for the anchor, used for jQuery to hook in functions
366 * @param string $class class for the li element
367 * @param string $a_class class for the anchor element
368 */
369 function PMA_printListItem($name, $id = null, $url = null, $mysql_help_page = null, $target = null, $a_id = null, $class = null, $a_class = null)
370 {
371 echo '<li id="' . $id . '"';
372 if (null !== $class) {
373 echo ' class="' . $class . '"';
374 }
375 echo '>';
376 if (null !== $url) {
377 echo '<a href="' . $url . '"';
378 if (null !== $target) {
379 echo ' target="' . $target . '"';
380 }
381 if (null != $a_id) {
382 echo ' id="' . $a_id .'"';
383 }
384 if (null != $a_class) {
385 echo ' class="' . $a_class .'"';
386 }
387 echo '>';
388 }
389
390 echo $name;
391
392 if (null !== $url) {
393 echo '</a>' . "\n";
394 }
395 if (null !== $mysql_help_page) {
396 echo PMA_showMySQLDocu('', $mysql_help_page);
397 }
398 echo '</li>';
399 }
400
401 /**
402 * Displays the footer
403 */
404 require './libraries/footer.inc.php';
405 ?>
Drizzle / GSOC 2011