phpmyadmin/libraries/url_generating.lib.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * URL/hidden inputs generating.
   5  *
   6  * @package PhpMyAdmin
   7  */
   8 if (! defined('PHPMYADMIN')) {
   9     exit;
  10 }
  11
  12 /**
  13  * Generates text with hidden inputs.
  14  *
  15  * @param string $db     optional database name
  16  *                       (can also be an array of parameters)
  17  * @param string $table  optional table name
  18  * @param int    $indent indenting level
  19  * @param string $skip   do not generate a hidden field for this parameter
  20  *                       (can be an array of strings)
  21  *
  22  * @see PMA_generate_common_url()
  23  *
  24  * @return string   string with input fields
  25  *
  26  * @global  string   the current language
  27  * @global  string   the current conversion charset
  28  * @global  string   the current connection collation
  29  * @global  string   the current server
  30  * @global  array    the configuration array
  31  * @global  boolean  whether recoding is allowed or not
  32  *
  33  * @access  public
  34  */
  35 function PMA_generate_common_hidden_inputs($db = '', $table = '',
  36     $indent = 0, $skip = array()
  37 ) {
  38     if (is_array($db)) {
  39         $params  =& $db;
  40         $_indent = empty($table) ? $indent : $table;
  41         $_skip   = empty($indent) ? $skip : $indent;
  42         $indent  =& $_indent;
  43         $skip    =& $_skip;
  44     } else {
  45         $params = array();
  46         if (strlen($db)) {
  47             $params['db'] = $db;
  48         }
  49         if (strlen($table)) {
  50             $params['table'] = $table;
  51         }
  52     }
  53
  54     if (! empty($GLOBALS['server'])
  55         && $GLOBALS['server'] != $GLOBALS['cfg']['ServerDefault']
  56     ) {
  57         $params['server'] = $GLOBALS['server'];
  58     }
  59     if (empty($_COOKIE['pma_lang']) && ! empty($GLOBALS['lang'])) {
  60         $params['lang'] = $GLOBALS['lang'];
  61     }
  62     if (empty($_COOKIE['pma_collation_connection'])
  63         && ! empty($GLOBALS['collation_connection'])
  64     ) {
  65         $params['collation_connection'] = $GLOBALS['collation_connection'];
  66     }
  67
  68     $params['token'] = $_SESSION[' PMA_token '];
  69
  70     if (! is_array($skip)) {
  71         if (isset($params[$skip])) {
  72             unset($params[$skip]);
  73         }
  74     } else {
  75         foreach ($skip as $skipping) {
  76             if (isset($params[$skipping])) {
  77                 unset($params[$skipping]);
  78             }
  79         }
  80     }
  81
  82     return PMA_getHiddenFields($params);
  83 }
  84
  85 /**
  86  * create hidden form fields from array with name => value
  87  *
  88  * <code>
  89  * $values = array(
  90  *     'aaa' => aaa,
  91  *     'bbb' => array(
  92  *          'bbb_0',
  93  *          'bbb_1',
  94  *     ),
  95  *     'ccc' => array(
  96  *          'a' => 'ccc_a',
  97  *          'b' => 'ccc_b',
  98  *     ),
  99  * );
 100  * echo PMA_getHiddenFields($values);
 101  *
 102  * // produces:
 103  * <input type="hidden" name="aaa" Value="aaa" />
 104  * <input type="hidden" name="bbb[0]" Value="bbb_0" />
 105  * <input type="hidden" name="bbb[1]" Value="bbb_1" />
 106  * <input type="hidden" name="ccc[a]" Value="ccc_a" />
 107  * <input type="hidden" name="ccc[b]" Value="ccc_b" />
 108  * </code>
 109  *
 110  * @param array  $values hidden values
 111  * @param string $pre    prefix
 112  *
 113  * @return string form fields of type hidden
 114  */
 115 function PMA_getHiddenFields($values, $pre = '')
 116 {
 117     $fields = '';
 118
 119     foreach ($values as $name => $value) {
 120         if (! empty($pre)) {
 121             $name = $pre. '[' . $name . ']';
 122         }
 123
 124         if (is_array($value)) {
 125             $fields .= PMA_getHiddenFields($value, $name);
 126         } else {
 127             // do not generate an ending "\n" because
 128             // PMA_generate_common_hidden_inputs() is sometimes called
 129             // from a JS document.write()
 130             $fields .= '<input type="hidden" name="' . htmlspecialchars($name)
 131                 . '" value="' . htmlspecialchars($value) . '" />';
 132         }
 133     }
 134
 135     return $fields;
 136 }
 137
 138 /**
 139  * Generates text with URL parameters.
 140  *
 141  * <code>
 142  * // OLD (deprecated) style
 143  * // note the ?
 144  * echo 'script.php?' . PMA_generate_common_url('mysql', 'rights');
 145  * // produces with cookies enabled:
 146  * // script.php?db=mysql&amp;table=rights
 147  * // with cookies disabled:
 148  * // script.php?server=1&amp;lang=en&amp;db=mysql&amp;table=rights
 149  *
 150  * // NEW style
 151  * $params['myparam'] = 'myvalue';
 152  * $params['db']      = 'mysql';
 153  * $params['table']   = 'rights';
 154  * // note the missing ?
 155  * echo 'script.php' . PMA_generate_common_url($params);
 156  * // produces with cookies enabled:
 157  * // script.php?myparam=myvalue&amp;db=mysql&amp;table=rights
 158  * // with cookies disabled:
 159  * // script.php?server=1&amp;lang=en&amp;myparam=myvalue&amp;db=mysql&amp;table=rights
 160  *
 161  * // note the missing ?
 162  * echo 'script.php' . PMA_generate_common_url();
 163  * // produces with cookies enabled:
 164  * // script.php
 165  * // with cookies disabled:
 166  * // script.php?server=1&amp;lang=en
 167  * </code>
 168  *
 169  * @param mixed  assoc. array with url params or optional string with database name
 170  *               if first param is an array there is also an ? prefixed to the url
 171  *
 172  * @param string - if first param is array: 'html' to use htmlspecialchars()
 173  *               on the resulting URL (for a normal URL displayed in HTML)
 174  *               or something else to avoid using htmlspecialchars() (for
 175  *               a URL sent via a header); if not set,'html' is assumed
 176  *               - if first param is not array:  optional table name
 177  *
 178  * @param string - if first param is array: optional character to
 179  *               use instead of '?'
 180  *               - if first param is not array: optional character to use
 181  *               instead of '&amp;' for dividing URL parameters
 182  *
 183  * @return string   string with URL parameters
 184  * @access  public
 185  */
 186 function PMA_generate_common_url()
 187 {
 188     $args = func_get_args();
 189
 190     if (isset($args[0]) && is_array($args[0])) {
 191         // new style
 192         $params = $args[0];
 193
 194         if (isset($args[1])) {
 195             $encode = $args[1];
 196         } else {
 197             $encode = 'html';
 198         }
 199
 200         if (isset($args[2])) {
 201             $questionmark = $args[2];
 202         } else {
 203             $questionmark = '?';
 204         }
 205     } else {
 206         // old style
 207
 208         if (PMA_isValid($args[0])) {
 209             $params['db'] = $args[0];
 210         }
 211
 212         if (PMA_isValid($args[1])) {
 213             $params['table'] = $args[1];
 214         }
 215
 216         if (isset($args[2]) && $args[2] !== '&amp;') {
 217             $encode = 'text';
 218         } else {
 219             $encode = 'html';
 220         }
 221
 222         $questionmark = '';
 223     }
 224
 225     $separator = PMA_get_arg_separator();
 226
 227     // avoid overwriting when creating navi panel links to servers
 228     if (isset($GLOBALS['server'])
 229         && $GLOBALS['server'] != $GLOBALS['cfg']['ServerDefault']
 230         && ! isset($params['server'])
 231     ) {
 232         $params['server'] = $GLOBALS['server'];
 233     }
 234
 235     if (empty($_COOKIE['pma_lang']) && ! empty($GLOBALS['lang'])) {
 236         $params['lang'] = $GLOBALS['lang'];
 237     }
 238     if (empty($_COOKIE['pma_collation_connection'])
 239         && ! empty($GLOBALS['collation_connection'])
 240     ) {
 241         $params['collation_connection'] = $GLOBALS['collation_connection'];
 242     }
 243
 244     if (isset($_SESSION[' PMA_token '])) {
 245         $params['token'] = $_SESSION[' PMA_token '];
 246     }
 247
 248     if (empty($params)) {
 249         return '';
 250     }
 251
 252     $query = $questionmark . http_build_query($params, null, $separator);
 253
 254     if ($encode === 'html') {
 255         $query = htmlspecialchars($query);
 256     }
 257
 258     return $query;
 259 }
 260
 261 /**
 262  * Returns url separator
 263  *
 264  * extracted from arg_separator.input as set in php.ini
 265  * we do not use arg_separator.output to avoid problems with &amp; and &
 266  *
 267  * @param string $encode whether to encode separator or not,
 268  * currently 'none' or 'html'
 269  *
 270  * @return string  character used for separating url parts usally ; or &
 271  * @access  public
 272  */
 273 function PMA_get_arg_separator($encode = 'none')
 274 {
 275     static $separator = null;
 276
 277     if (null === $separator) {
 278         // use separators defined by php, but prefer ';'
 279         // as recommended by W3C
 280         // (see http://www.w3.org/TR/1999/REC-html401-19991224/appendix/notes.html#h-B.2.2)
 281         $php_arg_separator_input = ini_get('arg_separator.input');
 282         if (strpos($php_arg_separator_input, ';') !== false) {
 283             $separator = ';';
 284         } elseif (strlen($php_arg_separator_input) > 0) {
 285             $separator = $php_arg_separator_input{0};
 286         } else {
 287             $separator = '&';
 288         }
 289     }
 290
 291     switch ($encode) {
 292     case 'html':
 293         return htmlentities($separator);
 294         break;
 295     case 'text' :
 296     case 'none' :
 297     default :
 298         return $separator;
 299     }
 300 }
 301
 302 ?>