libraries/url_generating.lib.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * URL/hidden inputs generating.
   5  *
   6  * @package phpMyAdmin
   7  */
   8
   9 /**
  10  * Generates text with hidden inputs.
  11  *
  12  * @see     PMA_generate_common_url()
  13  * @param string   optional database name
  14  *                   (can also be an array of parameters)
  15  * @param string   optional table name
  16  * @param int      indenting level
  17  * @param string   do not generate a hidden field for this parameter
  18  *                  (can be an array of strings)
  19  *
  20  * @return  string   string with input fields
  21  *
  22  * @global  string   the current language
  23  * @global  string   the current conversion charset
  24  * @global  string   the current connection collation
  25  * @global  string   the current server
  26  * @global  array    the configuration array
  27  * @global  boolean  whether recoding is allowed or not
  28  *
  29  * @access  public
  30  *
  31  */
  32 function PMA_generate_common_hidden_inputs($db = '', $table = '', $indent = 0, $skip = array())
  33 {
  34     if (is_array($db)) {
  35         $params  =& $db;
  36         $_indent = empty($table) ? $indent : $table;
  37         $_skip   = empty($indent) ? $skip : $indent;
  38         $indent  =& $_indent;
  39         $skip    =& $_skip;
  40     } else {
  41         $params = array();
  42         if (strlen($db)) {
  43             $params['db'] = $db;
  44         }
  45         if (strlen($table)) {
  46             $params['table'] = $table;
  47         }
  48     }
  49
  50     if (! empty($GLOBALS['server'])
  51     &&  $GLOBALS['server'] != $GLOBALS['cfg']['ServerDefault']) {
  52         $params['server'] = $GLOBALS['server'];
  53     }
  54     if (empty($_COOKIE['pma_lang'])
  55     && ! empty($GLOBALS['lang'])) {
  56         $params['lang'] = $GLOBALS['lang'];
  57     }
  58     if (empty($_COOKIE['pma_collation_connection'])
  59     && ! empty($GLOBALS['collation_connection'])) {
  60         $params['collation_connection'] = $GLOBALS['collation_connection'];
  61     }
  62
  63     $params['token'] = $_SESSION[' PMA_token '];
  64
  65     if (! is_array($skip)) {
  66         if (isset($params[$skip])) {
  67             unset($params[$skip]);
  68         }
  69     } else {
  70         foreach ($skip as $skipping) {
  71             if (isset($params[$skipping])) {
  72                 unset($params[$skipping]);
  73             }
  74         }
  75     }
  76
  77     return PMA_getHiddenFields($params);
  78 }
  79
  80 /**
  81  * create hidden form fields from array with name => value
  82  *
  83  * <code>
  84  * $values = array(
  85  *     'aaa' => aaa,
  86  *     'bbb' => array(
  87  *          'bbb_0',
  88  *          'bbb_1',
  89  *     ),
  90  *     'ccc' => array(
  91  *          'a' => 'ccc_a',
  92  *          'b' => 'ccc_b',
  93  *     ),
  94  * );
  95  * echo PMA_getHiddenFields($values);
  96  *
  97  * // produces:
  98  * <input type="hidden" name="aaa" Value="aaa" />
  99  * <input type="hidden" name="bbb[0]" Value="bbb_0" />
 100  * <input type="hidden" name="bbb[1]" Value="bbb_1" />
 101  * <input type="hidden" name="ccc[a]" Value="ccc_a" />
 102  * <input type="hidden" name="ccc[b]" Value="ccc_b" />
 103  * </code>
 104  *
 105  * @param array $values
 106  * @param string $pre
 107  * @return string form fields of type hidden
 108  */
 109 function PMA_getHiddenFields($values, $pre = '')
 110 {
 111     $fields = '';
 112
 113     foreach ($values as $name => $value) {
 114         if (! empty($pre)) {
 115             $name = $pre. '[' . $name . ']';
 116         }
 117
 118         if (is_array($value)) {
 119             $fields .= PMA_getHiddenFields($value, $name);
 120         } else {
 121             // do not generate an ending "\n" because
 122             // PMA_generate_common_hidden_inputs() is sometimes called
 123             // from a JS document.write()
 124             $fields .= '<input type="hidden" name="' . htmlspecialchars($name)
 125                 . '" value="' . htmlspecialchars($value) . '" />';
 126         }
 127     }
 128
 129     return $fields;
 130 }
 131
 132 /**
 133  * Generates text with URL parameters.
 134  *
 135  * <code>
 136  * // OLD derepecated style
 137  * // note the ?
 138  * echo 'script.php?' . PMA_generate_common_url('mysql', 'rights');
 139  * // produces with cookies enabled:
 140  * // script.php?db=mysql&amp;table=rights
 141  * // with cookies disabled:
 142  * // script.php?server=1&amp;lang=en&amp;db=mysql&amp;table=rights
 143  *
 144  * // NEW style
 145  * $params['myparam'] = 'myvalue';
 146  * $params['db']      = 'mysql';
 147  * $params['table']   = 'rights';
 148  * // note the missing ?
 149  * echo 'script.php' . PMA_generate_common_url($params);
 150  * // produces with cookies enabled:
 151  * // script.php?myparam=myvalue&amp;db=mysql&amp;table=rights
 152  * // with cookies disabled:
 153  * // script.php?server=1&amp;lang=en&amp;myparam=myvalue&amp;db=mysql&amp;table=rights
 154  *
 155  * // note the missing ?
 156  * echo 'script.php' . PMA_generate_common_url();
 157  * // produces with cookies enabled:
 158  * // script.php
 159  * // with cookies disabled:
 160  * // script.php?server=1&amp;lang=en
 161  * </code>
 162  *
 163  * @param mixed    assoc. array with url params or optional string with database name
 164  *                   if first param is an array there is also an ? prefixed to the url
 165  *
 166  * @param string   - if first param is array: 'html' to use htmlspecialchars()
 167  *                   on the resulting URL (for a normal URL displayed in HTML)
 168  *                   or something else to avoid using htmlspecialchars() (for
 169  *                   a URL sent via a header); if not set,'html' is assumed
 170  *                   - if first param is not array:  optional table name
 171  *
 172  * @param string   - if first param is array: optional character to
 173  *                   use instead of '?'
 174  *                   - if first param is not array: optional character to use
 175  *                    instead of '&amp;' for dividing URL parameters
 176  * @return  string   string with URL parameters
 177  * @access  public
 178  */
 179 function PMA_generate_common_url()
 180 {
 181     $args = func_get_args();
 182
 183     if (isset($args[0]) && is_array($args[0])) {
 184         // new style
 185         $params = $args[0];
 186
 187         if (isset($args[1])) {
 188             $encode = $args[1];
 189         } else {
 190             $encode = 'html';
 191         }
 192
 193         if (isset($args[2])) {
 194             $questionmark = $args[2];
 195         } else {
 196             $questionmark = '?';
 197         }
 198     } else {
 199         // old style
 200
 201         if (PMA_isValid($args[0])) {
 202             $params['db'] = $args[0];
 203         }
 204
 205         if (PMA_isValid($args[1])) {
 206             $params['table'] = $args[1];
 207         }
 208
 209         if (isset($args[2]) && $args[2] !== '&amp;') {
 210             $encode = 'text';
 211         } else {
 212             $encode = 'html';
 213         }
 214
 215         $questionmark = '';
 216     }
 217
 218     $separator = PMA_get_arg_separator();
 219
 220     if (isset($GLOBALS['server'])
 221         && $GLOBALS['server'] != $GLOBALS['cfg']['ServerDefault']
 222             // avoid overwriting when creating navi panel links to servers
 223         && ! isset($params['server'])) {
 224         $params['server'] = $GLOBALS['server'];
 225     }
 226
 227     if (empty($_COOKIE['pma_lang'])
 228       && ! empty($GLOBALS['lang'])) {
 229         $params['lang'] = $GLOBALS['lang'];
 230     }
 231     if (empty($_COOKIE['pma_collation_connection'])
 232       && ! empty($GLOBALS['collation_connection'])) {
 233         $params['collation_connection'] = $GLOBALS['collation_connection'];
 234     }
 235
 236     if (isset($_SESSION[' PMA_token '])) {
 237         $params['token'] = $_SESSION[' PMA_token '];
 238     }
 239
 240     if (empty($params)) {
 241         return '';
 242     }
 243
 244     $query = $questionmark . http_build_query($params, null, $separator);
 245
 246     if ($encode === 'html') {
 247         $query = htmlspecialchars($query);
 248     }
 249
 250     return $query;
 251 }
 252
 253 /**
 254  * Returns url separator
 255  *
 256  * extracted from arg_separator.input as set in php.ini
 257  * we do not use arg_separator.output to avoid problems with &amp; and &
 258  *
 259  * @param string  whether to encode separator or not, currently 'none' or 'html'
 260  * @return  string  character used for separating url parts usally ; or &
 261  * @access  public
 262  */
 263 function PMA_get_arg_separator($encode = 'none')
 264 {
 265     static $separator = null;
 266
 267     if (null === $separator) {
 268         // use seperators defined by php, but prefer ';'
 269         // as recommended by W3C
 270         $php_arg_separator_input = ini_get('arg_separator.input');
 271         if (strpos($php_arg_separator_input, ';') !== false) {
 272             $separator = ';';
 273         } elseif (strlen($php_arg_separator_input) > 0) {
 274             $separator = $php_arg_separator_input{0};
 275         } else {
 276             $separator = '&';
 277         }
 278     }
 279
 280     switch ($encode) {
 281         case 'html':
 282             return htmlentities($separator);
 283             break;
 284         case 'text' :
 285         case 'none' :
 286         default :
 287             return $separator;
 288     }
 289 }
 290
 291 ?>