2 /* vim: set expandtab sw=4 ts=4 sts=4: */
10 * Gets some core libraries and displays a top message if required
12 require_once 'libraries/common.inc.php';
15 * display Git revision if requested
17 require_once 'libraries/display_git_revision.lib.php';
20 * pass variables to child pages
25 'collation_connection',
29 foreach ($drops as $each_drop) {
30 if (array_key_exists($each_drop, $_GET)) {
31 unset($_GET[$each_drop]);
34 unset($drops, $each_drop);
37 * Black list of all scripts to which front-end must submit data.
38 * Such scripts must not be loaded on home page.
41 $target_blacklist = array (
42 'import.php', 'export.php'
45 // If we have a valid target, let's load that script instead
46 if (! empty($_REQUEST['target'])
47 && is_string($_REQUEST['target'])
48 && ! preg_match('/^index/', $_REQUEST['target'])
49 && ! in_array($_REQUEST['target'], $target_blacklist)
50 && in_array($_REQUEST['target'], $goto_whitelist)
52 include $_REQUEST['target'];
56 if (isset($_REQUEST['ajax_request']) && ! empty($_REQUEST['access_time'])) {
61 if (! empty($_REQUEST['db'])) {
63 if (! empty($_REQUEST['table'])) {
64 $page = PMA_Util
::getScriptNameForOption(
65 $GLOBALS['cfg']['DefaultTabTable'], 'table'
68 $page = PMA_Util
::getScriptNameForOption(
69 $GLOBALS['cfg']['DefaultTabDatabase'], 'database'
77 * Check if it is an ajax request to reload the recent tables list.
79 require_once 'libraries/RecentFavoriteTable.class.php';
80 if ($GLOBALS['is_ajax_request'] && ! empty($_REQUEST['recent_table'])) {
81 $response = PMA_Response
::getInstance();
84 PMA_RecentFavoriteTable
::getInstance('recent')->getHtmlList()
89 if ($GLOBALS['PMA_Config']->isGitRevision()) {
90 if (isset($_REQUEST['git_revision']) && $GLOBALS['is_ajax_request'] == true) {
91 PMA_printGitRevision();
94 echo '<div id="is_git_revision"></div>';
97 // Handles some variables that may have been sent by the calling script
99 $GLOBALS['table'] = '';
102 // Any message to display?
103 if (! empty($message)) {
104 echo PMA_Util
::getMessage($message);
108 $common_url_query = PMA_URL_getCommon();
109 $mysql_cur_user_and_host = '';
111 // when $server > 0, a server has been chosen so we can display
112 // all MySQL-related information
114 include 'libraries/server_common.inc.php';
115 include 'libraries/StorageEngine.class.php';
117 // Use the verbose name of the server instead of the hostname
120 if (! empty($cfg['Server']['verbose'])) {
121 $server_info .= htmlspecialchars($cfg['Server']['verbose']);
122 if ($GLOBALS['cfg']['ShowServerInfo']) {
123 $server_info .= ' (';
126 if ($GLOBALS['cfg']['ShowServerInfo'] ||
empty($cfg['Server']['verbose'])) {
127 $server_info .= $GLOBALS['dbi']->getHostInfo();
129 if (! empty($cfg['Server']['verbose']) && $GLOBALS['cfg']['ShowServerInfo']) {
132 $mysql_cur_user_and_host = $GLOBALS['dbi']->fetchValue('SELECT USER();');
134 // should we add the port info here?
135 $short_server_info = (!empty($GLOBALS['cfg']['Server']['verbose'])
136 ?
$GLOBALS['cfg']['Server']['verbose']
137 : $GLOBALS['cfg']['Server']['host']);
140 echo '<div id="maincontainer">' . "\n";
141 // Anchor for favorite tables synchronization.
142 echo PMA_RecentFavoriteTable
::getInstance('favorite')->getHtmlSyncFavoriteTables();
143 echo '<div id="main_pane_left">';
144 if ($server > 0 ||
count($cfg['Servers']) > 1
146 if ($cfg['DBG']['demo']) {
147 echo '<div class="group">';
148 echo '<h2>' . __('phpMyAdmin Demo Server') . '</h2>';
149 echo '<p style="margin: 0.5em 1em 0.5em 1em">';
152 'You are using the demo server. You can do anything here, but '
153 . 'please do not change root, debian-sys-maint and pma users. '
154 . 'More information is available at %s.'
156 '<a href="http://demo.phpmyadmin.net/">demo.phpmyadmin.net</a>'
161 echo '<div class="group">';
162 echo '<h2>' . __('General Settings') . '</h2>';
166 * Displays the MySQL servers choice form
168 if ($cfg['ServerDefault'] == 0
169 ||
(! $cfg['NavigationDisplayServers']
170 && (count($cfg['Servers']) > 1
171 ||
($server == 0 && count($cfg['Servers']) == 1)))
173 echo '<li id="li_select_server" class="no_bullets" >';
174 include_once 'libraries/select_server.lib.php';
175 echo PMA_Util
::getImage('s_host.png') . " " . PMA_selectServer(true, true);
180 * Displays the mysql server related links
182 if ($server > 0 && ! PMA_DRIZZLE
) {
183 include_once 'libraries/check_user_privileges.lib.php';
185 // Logout for advanced authentication
186 if ($cfg['Server']['auth_type'] != 'config') {
187 if ($cfg['ShowChgPassword']) {
188 $conditional_class = 'ajax';
190 PMA_Util
::getImage('s_passwd.png') . " " . __('Change password'),
191 'li_change_password',
192 'user_password.php' . $common_url_query,
195 'change_password_anchor',
201 echo ' <li id="li_select_mysql_collation" class="no_bullets" >';
202 echo ' <form method="post" action="index.php">' . "\n"
203 . PMA_URL_getHiddenInputs(null, null, 4, 'collation_connection')
204 . ' <label for="select_collation_connection">' . "\n"
205 . ' ' . PMA_Util
::getImage('s_asci.png') . " "
206 . __('Server connection collation') . "\n"
207 // put the doc link in the form so that it appears on the same line
208 . PMA_Util
::showMySQLDocu('Charset-connection')
212 . PMA_generateCharsetDropdownBox(
213 PMA_CSDROPDOWN_COLLATION
,
214 'collation_connection',
215 'select_collation_connection',
216 $collation_connection,
222 } // end of if ($server > 0 && !PMA_DRIZZLE)
227 echo '<div class="group">';
228 echo '<h2>' . __('Appearance Settings') . '</h2>';
231 // Displays language selection combo
232 if (empty($cfg['Lang']) && count($GLOBALS['available_languages']) > 1) {
233 echo '<li id="li_select_lang" class="no_bullets">';
234 include_once 'libraries/display_select_lang.lib.php';
235 echo PMA_Util
::getImage('s_lang.png') . " " . PMA_getLanguageSelectorHtml();
239 // ThemeManager if available
241 if ($GLOBALS['cfg']['ThemeManager']) {
242 echo '<li id="li_select_theme" class="no_bullets">';
243 echo PMA_Util
::getImage('s_theme.png') . " "
244 . $_SESSION['PMA_Theme_Manager']->getHtmlSelectBox();
247 echo '<li id="li_select_fontsize">';
248 echo PMA_Config
::getFontsizeForm();
258 PMA_Util
::getImage('b_tblops.png') . " " . __('More settings'),
259 'li_user_preferences',
260 'prefs_manage.php' . $common_url_query,
273 echo '<div id="main_pane_right">';
276 if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
278 echo '<div class="group">';
279 echo '<h2>' . __('Database server') . '</h2>';
282 __('Server:') . ' ' . $server_info,
286 __('Server type:') . ' ' . PMA_Util
::getServerType(),
290 __('Server version:')
292 . PMA_MYSQL_STR_VERSION
. ' - ' . PMA_MYSQL_VERSION_COMMENT
,
296 __('Protocol version:') . ' ' . $GLOBALS['dbi']->getProtoInfo(),
300 __('User:') . ' ' . htmlspecialchars($mysql_cur_user_and_host),
304 echo ' <li id="li_select_mysql_charset">';
305 echo ' ' . __('Server charset:') . ' '
306 . ' <span lang="en" dir="ltr">';
309 . $mysql_charsets_descriptions[$mysql_charset_map['utf-8']];
311 echo ' (' . $mysql_charset_map['utf-8'] . ')'
318 if ($GLOBALS['cfg']['ShowServerInfo'] ||
$GLOBALS['cfg']['ShowPhpInfo']) {
319 echo '<div class="group">';
320 echo '<h2>' . __('Web server') . '</h2>';
322 if ($GLOBALS['cfg']['ShowServerInfo']) {
323 PMA_printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
326 $client_version_str = $GLOBALS['dbi']->getClientInfo();
327 if (preg_match('#\d+\.\d+\.\d+#', $client_version_str)) {
328 $client_version_str = 'libmysql - ' . $client_version_str;
331 __('Database client version:') . ' ' . $client_version_str,
332 'li_mysql_client_version'
335 $php_ext_string = __('PHP extension:') . ' ';
336 if (PMA_DatabaseInterface
::checkDbExtension('mysqli')) {
337 $extension = 'mysqli';
339 $extension = 'mysql';
341 $php_ext_string .= $extension . ' '
342 . PMA_Util
::showPHPDocu('book.' . $extension . '.php');
346 'li_used_php_extension'
349 $php_version_string = __('PHP version:') . ' ' . phpversion();
353 'li_used_php_version'
358 if ($cfg['ShowPhpInfo']) {
360 __('Show PHP information'),
362 'phpinfo.php' . $common_url_query,
371 echo '<div class="group pmagroup">';
372 echo '<h2>phpMyAdmin</h2>';
375 // We rely on CSP to allow access to http://www.phpmyadmin.net, but IE lacks
376 // support here and does not allow request to http once using https.
377 if ($GLOBALS['cfg']['VersionCheck']
378 && (! $GLOBALS['PMA_Config']->get('is_https') || PMA_USR_BROWSER_AGENT
!= 'IE')
380 $class = 'jsversioncheck';
383 __('Version information:') . ' <span class="version">' . PMA_VERSION
. '</span>',
394 PMA_Util
::getDocuLink('index'),
401 PMA_linkURL('http://wiki.phpmyadmin.net/'),
406 // does not work if no target specified, don't know why
408 __('Official Homepage'),
410 PMA_linkURL('http://www.phpMyAdmin.net/'),
417 PMA_linkURL('https://www.phpmyadmin.net/contribute/'),
424 PMA_linkURL('https://www.phpmyadmin.net/support/'),
429 __('List of changes'),
431 'changelog.php' . PMA_URL_getCommon(),
443 * Warning if using the default MySQL privileged account
446 && $cfg['Server']['user'] == 'root'
447 && $cfg['Server']['password'] == ''
451 'You are connected as \'root\' with no password, which'
452 . ' corresponds to the default MySQL privileged account.'
453 . ' Your MySQL server is running with this default, is open to'
454 . ' intrusion, and you really should fix this security hole by'
455 . ' setting a password for user \'root\'.'
462 * As we try to handle charsets by ourself, mbstring overloads just
463 * break it, see bug 1063821.
465 if (@extension_loaded
('mbstring') && @ini_get
('mbstring.func_overload') > 1) {
468 'You have enabled mbstring.func_overload in your PHP '
469 . 'configuration. This option is incompatible with phpMyAdmin '
470 . 'and might cause some data to be corrupted!'
477 * mbstring is used for handling multibytes inside parser, so it is good
478 * to tell user something might be broken without it, see bug #1063149.
480 if (! @extension_loaded
('mbstring')) {
483 'The mbstring PHP extension was not found and you seem to be using'
484 . ' a multibyte charset. Without the mbstring extension phpMyAdmin'
485 . ' is unable to split strings correctly and it may result in'
486 . ' unexpected results.'
492 if ($cfg['LoginCookieValidityDisableWarning'] == false) {
494 * Check whether session.gc_maxlifetime limits session validity.
496 $gc_time = (int)@ini_get
('session.gc_maxlifetime');
497 if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
500 'Your PHP parameter [a@http://php.net/manual/en/session.' .
501 'configuration.php#ini.session.gc-maxlifetime@_blank]session.' .
502 'gc_maxlifetime[/a] is lower than cookie validity configured ' .
503 'in phpMyAdmin, because of this, your login might expire sooner ' .
504 'than configured in phpMyAdmin.'
512 * Check whether LoginCookieValidity is limited by LoginCookieStore.
514 if ($GLOBALS['cfg']['LoginCookieStore'] != 0
515 && $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']
519 'Login cookie store is lower than cookie validity configured in ' .
520 'phpMyAdmin, because of this, your login will expire sooner than ' .
521 'configured in phpMyAdmin.'
528 * Check if user does not have defined blowfish secret and it is being used.
530 if (! empty($_SESSION['encryption_key'])
531 && empty($GLOBALS['cfg']['blowfish_secret'])
535 'The configuration file now needs a secret passphrase (blowfish_secret).'
542 * Check for existence of config directory which should not exist in
543 * production environment.
545 if (file_exists('config')) {
548 'Directory [code]config[/code], which is used by the setup script, ' .
549 'still exists in your phpMyAdmin directory. It is strongly ' .
550 'recommended to remove it once phpMyAdmin has been configured. ' .
551 'Otherwise the security of your server may be compromised by ' .
552 'unauthorized people downloading your configuration.'
559 $cfgRelation = PMA_getRelationsParam();
560 if (! $cfgRelation['allworks']
561 && $cfg['PmaNoRelation_DisableWarning'] == false
564 'The phpMyAdmin configuration storage is not completely '
565 . 'configured, some extended features have been deactivated. '
566 . '%sFind out why%s. '
568 if ($cfg['ZeroConf'] == true) {
569 $msg_text .= '<br> ' .
571 'Or alternately go to \'Operations\' tab of any database '
572 . 'to set it up there.'
575 $msg = PMA_Message
::notice($msg_text);
577 '<a href="' . $cfg['PmaAbsoluteUri'] . 'chk_rel.php'
578 . $common_url_query . '">',
581 $msg->addParam('</a>', false);
582 /* Show error if user has configured something, notice elsewhere */
583 if (!empty($cfg['Servers'][$server]['pmadb'])) {
591 * Warning about different MySQL library and server version
592 * (a difference on the third digit does not count).
593 * If someday there is a constant that we can check about mysqlnd,
594 * we can use it instead of strpos().
595 * If no default server is set, $GLOBALS['dbi'] is not defined yet.
596 * Drizzle can speak MySQL protocol, so don't warn about version mismatch for
598 * We also do not warn if MariaDB is detected, as it has its own version
601 if (isset($GLOBALS['dbi'])
603 && $cfg['ServerLibraryDifference_DisableWarning'] == false
605 /** @var PMA_String $pmaString */
606 $pmaString = $GLOBALS['PMA_String'];
608 $_client_info = $GLOBALS['dbi']->getClientInfo();
610 && /*overload*/mb_strpos($_client_info, 'mysqlnd') === false
611 && /*overload*/mb_strpos(PMA_MYSQL_STR_VERSION
, 'MariaDB') === false
612 && substr(PMA_MYSQL_CLIENT_API
, 0, 3) != substr(
613 PMA_MYSQL_INT_VERSION
, 0, 3
620 'Your PHP MySQL library version %s differs from your ' .
621 'MySQL server version %s. This may cause unpredictable ' .
626 PMA_MYSQL_STR_VERSION
,
628 strpos(PMA_MYSQL_STR_VERSION
. '-', '-')
635 unset($_client_info);
639 * Warning about Suhosin only if its simulation mode is not enabled
641 if ($cfg['SuhosinDisableWarning'] == false
642 && @ini_get
('suhosin.request.max_value_length')
643 && @ini_get
('suhosin.simulation') == '0'
648 'Server running with Suhosin. Please refer to %sdocumentation%s ' .
649 'for possible issues.'
659 * Warning about incomplete translations.
661 * The data file is created while creating release by ./scripts/remove-incomplete-mo
663 if (file_exists('libraries/language_stats.inc.php')) {
664 include 'libraries/language_stats.inc.php';
666 * This message is intentionally not translated, because we're
667 * handling incomplete translations here and focus on english
670 if (isset($GLOBALS['language_stats'][$lang])
671 && $GLOBALS['language_stats'][$lang] < $cfg['TranslationWarningThreshold']
674 'You are using an incomplete translation, please help to make it '
675 . 'better by [a@https://www.phpmyadmin.net/translate/'
676 . '@_blank]contributing[/a].',
683 * prints list item for main page
685 * @param string $name displayed text
686 * @param string $listId id, used for css styles
687 * @param string $url make item as link with $url as target
688 * @param string $mysql_help_page display a link to MySQL's manual
689 * @param string $target special target for $url
690 * @param string $a_id id for the anchor,
691 * used for jQuery to hook in functions
692 * @param string $class class for the li element
693 * @param string $a_class class for the anchor element
697 function PMA_printListItem($name, $listId = null, $url = null,
698 $mysql_help_page = null, $target = null, $a_id = null, $class = null,
701 echo '<li id="' . $listId . '"';
702 if (null !== $class) {
703 echo ' class="' . $class . '"';
707 echo '<a href="' . $url . '"';
708 if (null !== $target) {
709 echo ' target="' . $target . '"';
711 if (null !== $a_id) {
712 echo ' id="' . $a_id . '"';
714 if (null !== $a_class) {
715 echo ' class="' . $a_class . '"';
725 if (null !== $mysql_help_page) {
726 echo PMA_Util
::showMySQLDocu($mysql_help_page);