Remove typehints for hhvm
[phpmyadmin.git] / index.php
blobef2764769b8899c1d2ce18f6a54bd78e16d7fd0d
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * Main loader script
6 * @package PhpMyAdmin
7 */
8 use PhpMyAdmin\Charsets;
9 use PhpMyAdmin\Config;
10 use PhpMyAdmin\Core;
11 use PhpMyAdmin\Display\GitRevision;
12 use PhpMyAdmin\LanguageManager;
13 use PhpMyAdmin\Message;
14 use PhpMyAdmin\RecentFavoriteTable;
15 use PhpMyAdmin\Relation;
16 use PhpMyAdmin\Response;
17 use PhpMyAdmin\Sanitize;
18 use PhpMyAdmin\Server\Select;
19 use PhpMyAdmin\ThemeManager;
20 use PhpMyAdmin\Url;
21 use PhpMyAdmin\Util;
22 use PhpMyAdmin\UserPreferences;
24 /**
25 * Gets some core libraries and displays a top message if required
27 require_once 'libraries/common.inc.php';
29 /**
30 * pass variables to child pages
32 $drops = array(
33 'lang',
34 'server',
35 'collation_connection',
36 'db',
37 'table'
39 foreach ($drops as $each_drop) {
40 if (array_key_exists($each_drop, $_GET)) {
41 unset($_GET[$each_drop]);
44 unset($drops, $each_drop);
47 * Black list of all scripts to which front-end must submit data.
48 * Such scripts must not be loaded on home page.
51 $target_blacklist = array (
52 'import.php', 'export.php'
55 // If we have a valid target, let's load that script instead
56 if (! empty($_REQUEST['target'])
57 && is_string($_REQUEST['target'])
58 && ! preg_match('/^index/', $_REQUEST['target'])
59 && ! in_array($_REQUEST['target'], $target_blacklist)
60 && Core::checkPageValidity($_REQUEST['target'], [], true)
61 ) {
62 include $_REQUEST['target'];
63 exit;
66 if (isset($_REQUEST['ajax_request']) && ! empty($_REQUEST['access_time'])) {
67 exit;
70 // user selected font size
71 if (isset($_POST['set_fontsize']) && preg_match('/^[0-9.]+(px|em|pt|\%)$/', $_POST['set_fontsize'])) {
72 $GLOBALS['PMA_Config']->setUserValue(
73 null,
74 'FontSize',
75 $_POST['set_fontsize'],
76 '82%'
78 header('Location: index.php' . Url::getCommonRaw());
79 exit();
81 // if user selected a theme
82 if (isset($_POST['set_theme'])) {
83 $tmanager = ThemeManager::getInstance();
84 $tmanager->setActiveTheme($_POST['set_theme']);
85 $tmanager->setThemeCookie();
87 $userPreferences = new UserPreferences();
88 $prefs = $userPreferences->load();
89 $prefs["config_data"]["ThemeDefault"] = $_POST['set_theme'];
90 $userPreferences->save($prefs["config_data"]);
92 header('Location: index.php' . Url::getCommonRaw());
93 exit();
95 // Change collation connection
96 if (isset($_POST['collation_connection'])) {
97 $GLOBALS['PMA_Config']->setUserValue(
98 null,
99 'DefaultConnectionCollation',
100 $_POST['collation_connection'],
101 'utf8mb4_unicode_ci'
103 header('Location: index.php' . Url::getCommonRaw());
104 exit();
108 // See FAQ 1.34
109 if (! empty($_REQUEST['db'])) {
110 $page = null;
111 if (! empty($_REQUEST['table'])) {
112 $page = Util::getScriptNameForOption(
113 $GLOBALS['cfg']['DefaultTabTable'], 'table'
115 } else {
116 $page = Util::getScriptNameForOption(
117 $GLOBALS['cfg']['DefaultTabDatabase'], 'database'
120 include $page;
121 exit;
124 $response = Response::getInstance();
126 * Check if it is an ajax request to reload the recent tables list.
128 if ($response->isAjax() && ! empty($_REQUEST['recent_table'])) {
129 $response->addJSON(
130 'list',
131 RecentFavoriteTable::getInstance('recent')->getHtmlList()
133 exit;
136 if ($GLOBALS['PMA_Config']->isGitRevision()) {
137 // If ajax request to get revision
138 if (isset($_REQUEST['git_revision']) && $response->isAjax()) {
139 GitRevision::display();
140 exit;
142 // Else show empty html
143 echo '<div id="is_git_revision"></div>';
146 // Handles some variables that may have been sent by the calling script
147 $GLOBALS['db'] = '';
148 $GLOBALS['table'] = '';
149 $show_query = '1';
151 // Any message to display?
152 if (! empty($message)) {
153 echo Util::getMessage($message);
154 unset($message);
156 if (isset($_SESSION['partial_logout'])) {
157 Message::success(
158 __('You were logged out from one server, to logout completely from phpMyAdmin, you need to logout from all servers.')
159 )->display();
160 unset($_SESSION['partial_logout']);
163 $common_url_query = Url::getCommon();
164 $mysql_cur_user_and_host = '';
166 // when $server > 0, a server has been chosen so we can display
167 // all MySQL-related information
168 if ($server > 0) {
169 include 'libraries/server_common.inc.php';
171 // Use the verbose name of the server instead of the hostname
172 // if a value is set
173 $server_info = '';
174 if (! empty($cfg['Server']['verbose'])) {
175 $server_info .= htmlspecialchars($cfg['Server']['verbose']);
176 if ($GLOBALS['cfg']['ShowServerInfo']) {
177 $server_info .= ' (';
180 if ($GLOBALS['cfg']['ShowServerInfo'] || empty($cfg['Server']['verbose'])) {
181 $server_info .= $GLOBALS['dbi']->getHostInfo();
183 if (! empty($cfg['Server']['verbose']) && $GLOBALS['cfg']['ShowServerInfo']) {
184 $server_info .= ')';
186 $mysql_cur_user_and_host = $GLOBALS['dbi']->fetchValue('SELECT USER();');
188 // should we add the port info here?
189 $short_server_info = (!empty($GLOBALS['cfg']['Server']['verbose'])
190 ? $GLOBALS['cfg']['Server']['verbose']
191 : $GLOBALS['cfg']['Server']['host']);
194 echo '<div id="maincontainer">' , "\n";
195 // Anchor for favorite tables synchronization.
196 echo RecentFavoriteTable::getInstance('favorite')->getHtmlSyncFavoriteTables();
197 echo '<div id="main_pane_left">';
198 if ($server > 0 || count($cfg['Servers']) > 1
200 if ($cfg['DBG']['demo']) {
201 echo '<div class="group">';
202 echo '<h2>' , __('phpMyAdmin Demo Server') , '</h2>';
203 echo '<p class="cfg_dbg_demo">';
204 printf(
206 'You are using the demo server. You can do anything here, but '
207 . 'please do not change root, debian-sys-maint and pma users. '
208 . 'More information is available at %s.'
210 '<a href="url.php?url=https://demo.phpmyadmin.net/" target="_blank" rel="noopener noreferrer">demo.phpmyadmin.net</a>'
212 echo '</p>';
213 echo '</div>';
215 echo '<div class="group">';
216 echo '<h2>' , __('General settings') , '</h2>';
217 echo '<ul>';
220 * Displays the MySQL servers choice form
222 if ($cfg['ServerDefault'] == 0
223 || (! $cfg['NavigationDisplayServers']
224 && (count($cfg['Servers']) > 1
225 || ($server == 0 && count($cfg['Servers']) == 1)))
227 echo '<li id="li_select_server" class="no_bullets" >';
228 echo Util::getImage('s_host') , " "
229 , Select::render(true, true);
230 echo '</li>';
234 * Displays the mysql server related links
236 if ($server > 0) {
237 include_once 'libraries/check_user_privileges.inc.php';
239 // Logout for advanced authentication
240 if ($cfg['Server']['auth_type'] != 'config') {
241 if ($cfg['ShowChgPassword']) {
242 $conditional_class = 'ajax';
243 Core::printListItem(
244 Util::getImage('s_passwd') . "&nbsp;" . __(
245 'Change password'
247 'li_change_password',
248 'user_password.php' . $common_url_query,
249 null,
250 null,
251 'change_password_anchor',
252 "no_bullets",
253 $conditional_class
256 } // end if
257 echo ' <li id="li_select_mysql_collation" class="no_bullets" >';
258 echo ' <form class="disableAjax" method="post" action="index.php">' , "\n"
259 . Url::getHiddenInputs(null, null, 4, 'collation_connection')
260 . ' <label for="select_collation_connection">' . "\n"
261 . ' ' . Util::getImage('s_asci')
262 . "&nbsp;" . __('Server connection collation') . "\n"
263 // put the doc link in the form so that it appears on the same line
264 . Util::showMySQLDocu('Charset-connection')
265 . ': ' . "\n"
266 . ' </label>' . "\n"
268 . Charsets::getCollationDropdownBox(
269 $GLOBALS['dbi'],
270 $GLOBALS['cfg']['Server']['DisableIS'],
271 'collation_connection',
272 'select_collation_connection',
273 $collation_connection,
274 true,
275 true
277 . ' </form>' . "\n"
278 . ' </li>' . "\n";
279 } // end of if ($server > 0)
280 echo '</ul>';
281 echo '</div>';
284 echo '<div class="group">';
285 echo '<h2>' , __('Appearance settings') , '</h2>';
286 echo ' <ul>';
288 // Displays language selection combo
289 $language_manager = LanguageManager::getInstance();
290 if (empty($cfg['Lang']) && $language_manager->hasChoice()) {
291 echo '<li id="li_select_lang" class="no_bullets">';
293 echo Util::getImage('s_lang') , " "
294 , $language_manager->getSelectorDisplay();
295 echo '</li>';
298 // ThemeManager if available
300 if ($GLOBALS['cfg']['ThemeManager']) {
301 echo '<li id="li_select_theme" class="no_bullets">';
302 echo Util::getImage('s_theme') , " "
303 , ThemeManager::getInstance()->getHtmlSelectBox();
304 echo '</li>';
306 echo '<li id="li_select_fontsize">';
307 echo Config::getFontsizeForm();
308 echo '</li>';
310 echo '</ul>';
312 // User preferences
314 if ($server > 0) {
315 echo '<ul>';
316 Core::printListItem(
317 Util::getImage('b_tblops') . "&nbsp;" . __(
318 'More settings'
320 'li_user_preferences',
321 'prefs_manage.php' . $common_url_query,
322 null,
323 null,
324 null,
325 "no_bullets"
327 echo '</ul>';
330 echo '</div>';
333 echo '</div>';
334 echo '<div id="main_pane_right">';
337 if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
339 echo '<div class="group">';
340 echo '<h2>' , __('Database server') , '</h2>';
341 echo '<ul>' , "\n";
342 Core::printListItem(
343 __('Server:') . ' ' . $server_info,
344 'li_server_info'
346 Core::printListItem(
347 __('Server type:') . ' ' . Util::getServerType(),
348 'li_server_type'
350 Core::printListItem(
351 __('Server connection:') . ' ' . Util::getServerSSL(),
352 'li_server_type'
354 Core::printListItem(
355 __('Server version:')
356 . ' '
357 . $GLOBALS['dbi']->getVersionString() . ' - ' . $GLOBALS['dbi']->getVersionComment(),
358 'li_server_version'
360 Core::printListItem(
361 __('Protocol version:') . ' ' . $GLOBALS['dbi']->getProtoInfo(),
362 'li_mysql_proto'
364 Core::printListItem(
365 __('User:') . ' ' . htmlspecialchars($mysql_cur_user_and_host),
366 'li_user_info'
369 echo ' <li id="li_select_mysql_charset">';
370 echo ' ' , __('Server charset:') , ' '
371 . ' <span lang="en" dir="ltr">';
373 $charset = Charsets::getServerCharset($GLOBALS['dbi']);
374 $charsets = Charsets::getMySQLCharsetsDescriptions(
375 $GLOBALS['dbi'],
376 $GLOBALS['cfg']['Server']['DisableIS']
379 echo ' ' , $charsets[$charset], ' (' . $charset, ')';
380 echo ' </span>'
381 . ' </li>'
382 . ' </ul>'
383 . ' </div>';
386 if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
387 echo '<div class="group">';
388 echo '<h2>' , __('Web server') , '</h2>';
389 echo '<ul>';
390 if ($GLOBALS['cfg']['ShowServerInfo']) {
391 Core::printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
393 if ($server > 0) {
394 $client_version_str = $GLOBALS['dbi']->getClientInfo();
395 if (preg_match('#\d+\.\d+\.\d+#', $client_version_str)) {
396 $client_version_str = 'libmysql - ' . $client_version_str;
398 Core::printListItem(
399 __('Database client version:') . ' ' . $client_version_str,
400 'li_mysql_client_version'
403 $php_ext_string = __('PHP extension:') . ' ';
405 $extensions = Util::listPHPExtensions();
407 foreach ($extensions as $extension) {
408 $php_ext_string .= ' ' . $extension
409 . Util::showPHPDocu('book.' . $extension . '.php');
412 Core::printListItem(
413 $php_ext_string,
414 'li_used_php_extension'
417 $php_version_string = __('PHP version:') . ' ' . phpversion();
419 Core::printListItem(
420 $php_version_string,
421 'li_used_php_version'
426 if ($cfg['ShowPhpInfo']) {
427 Core::printListItem(
428 __('Show PHP information'),
429 'li_phpinfo',
430 'phpinfo.php' . $common_url_query,
431 null,
432 '_blank'
435 echo ' </ul>';
436 echo ' </div>';
439 echo '<div class="group pmagroup">';
440 echo '<h2>phpMyAdmin</h2>';
441 echo '<ul>';
442 $class = null;
443 if ($GLOBALS['cfg']['VersionCheck']) {
444 $class = 'jsversioncheck';
446 Core::printListItem(
447 __('Version information:') . ' <span class="version">' . PMA_VERSION . '</span>',
448 'li_pma_version',
449 null,
450 null,
451 null,
452 null,
453 $class
455 Core::printListItem(
456 __('Documentation'),
457 'li_pma_docs',
458 Util::getDocuLink('index'),
459 null,
460 '_blank'
463 // does not work if no target specified, don't know why
464 Core::printListItem(
465 __('Official Homepage'),
466 'li_pma_homepage',
467 Core::linkURL('https://www.phpmyadmin.net/'),
468 null,
469 '_blank'
471 Core::printListItem(
472 __('Contribute'),
473 'li_pma_contribute',
474 Core::linkURL('https://www.phpmyadmin.net/contribute/'),
475 null,
476 '_blank'
478 Core::printListItem(
479 __('Get support'),
480 'li_pma_support',
481 Core::linkURL('https://www.phpmyadmin.net/support/'),
482 null,
483 '_blank'
485 Core::printListItem(
486 __('List of changes'),
487 'li_pma_changes',
488 'changelog.php' . Url::getCommon(),
489 null,
490 '_blank'
492 Core::printListItem(
493 __('License'),
494 'li_pma_license',
495 'license.php' . Url::getCommon(),
496 null,
497 '_blank'
499 echo ' </ul>';
500 echo ' </div>';
502 echo '</div>';
504 echo '</div>';
507 * mbstring is used for handling multibytes inside parser, so it is good
508 * to tell user something might be broken without it, see bug #1063149.
510 if (! extension_loaded('mbstring')) {
511 trigger_error(
513 'The mbstring PHP extension was not found and you seem to be using'
514 . ' a multibyte charset. Without the mbstring extension phpMyAdmin'
515 . ' is unable to split strings correctly and it may result in'
516 . ' unexpected results.'
518 E_USER_WARNING
523 * Missing functionality
525 if (! extension_loaded('curl') && ! ini_get('allow_url_fopen')) {
526 trigger_error(
528 'The curl extension was not found and allow_url_fopen is '
529 . 'disabled. Due to this some features such as error reporting '
530 . 'or version check are disabled.'
535 if ($cfg['LoginCookieValidityDisableWarning'] == false) {
537 * Check whether session.gc_maxlifetime limits session validity.
539 $gc_time = (int)ini_get('session.gc_maxlifetime');
540 if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
541 trigger_error(
543 'Your PHP parameter [a@https://secure.php.net/manual/en/session.' .
544 'configuration.php#ini.session.gc-maxlifetime@_blank]session.' .
545 'gc_maxlifetime[/a] is lower than cookie validity configured ' .
546 'in phpMyAdmin, because of this, your login might expire sooner ' .
547 'than configured in phpMyAdmin.'
549 E_USER_WARNING
555 * Check whether LoginCookieValidity is limited by LoginCookieStore.
557 if ($GLOBALS['cfg']['LoginCookieStore'] != 0
558 && $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']
560 trigger_error(
562 'Login cookie store is lower than cookie validity configured in ' .
563 'phpMyAdmin, because of this, your login will expire sooner than ' .
564 'configured in phpMyAdmin.'
566 E_USER_WARNING
571 * Check if user does not have defined blowfish secret and it is being used.
573 if (! empty($_SESSION['encryption_key'])) {
574 if (empty($GLOBALS['cfg']['blowfish_secret'])) {
575 trigger_error(
577 'The configuration file now needs a secret passphrase (blowfish_secret).'
579 E_USER_WARNING
581 } elseif (strlen($GLOBALS['cfg']['blowfish_secret']) < 32) {
582 trigger_error(
584 'The secret passphrase in configuration (blowfish_secret) is too short.'
586 E_USER_WARNING
592 * Check for existence of config directory which should not exist in
593 * production environment.
595 if (@file_exists('config')) {
596 trigger_error(
598 'Directory [code]config[/code], which is used by the setup script, ' .
599 'still exists in your phpMyAdmin directory. It is strongly ' .
600 'recommended to remove it once phpMyAdmin has been configured. ' .
601 'Otherwise the security of your server may be compromised by ' .
602 'unauthorized people downloading your configuration.'
604 E_USER_WARNING
608 $relation = new Relation();
610 if ($server > 0) {
611 $cfgRelation = $relation->getRelationsParam();
612 if (! $cfgRelation['allworks']
613 && $cfg['PmaNoRelation_DisableWarning'] == false
615 $msg_text = __(
616 'The phpMyAdmin configuration storage is not completely '
617 . 'configured, some extended features have been deactivated. '
618 . '%sFind out why%s. '
620 if ($cfg['ZeroConf'] == true) {
621 $msg_text .= '<br>' .
623 'Or alternately go to \'Operations\' tab of any database '
624 . 'to set it up there.'
627 $msg = Message::notice($msg_text);
628 $msg->addParamHtml('<a href="./chk_rel.php" data-post="' . $common_url_query . '">');
629 $msg->addParamHtml('</a>');
630 /* Show error if user has configured something, notice elsewhere */
631 if (!empty($cfg['Servers'][$server]['pmadb'])) {
632 $msg->isError(true);
634 $msg->display();
635 } // end if
639 * Warning about Suhosin only if its simulation mode is not enabled
641 if ($cfg['SuhosinDisableWarning'] == false
642 && ini_get('suhosin.request.max_value_length')
643 && ini_get('suhosin.simulation') == '0'
645 trigger_error(
646 sprintf(
648 'Server running with Suhosin. Please refer to %sdocumentation%s ' .
649 'for possible issues.'
651 '[doc@faq1-38]',
652 '[/doc]'
654 E_USER_WARNING
658 /* Missing template cache */
659 if (is_null($GLOBALS['PMA_Config']->getTempDir('twig'))) {
660 trigger_error(
661 sprintf(
662 __('The $cfg[\'TempDir\'] (%s) is not accessible. phpMyAdmin is not able to cache templates and will be slow because of this.'),
663 $GLOBALS['PMA_Config']->get('TempDir')
665 E_USER_WARNING
670 * Warning about incomplete translations.
672 * The data file is created while creating release by ./scripts/remove-incomplete-mo
674 if (@file_exists('libraries/language_stats.inc.php')) {
675 include 'libraries/language_stats.inc.php';
677 * This message is intentionally not translated, because we're
678 * handling incomplete translations here and focus on english
679 * speaking users.
681 if (isset($GLOBALS['language_stats'][$lang])
682 && $GLOBALS['language_stats'][$lang] < $cfg['TranslationWarningThreshold']
684 trigger_error(
685 'You are using an incomplete translation, please help to make it '
686 . 'better by [a@https://www.phpmyadmin.net/translate/'
687 . '@_blank]contributing[/a].',
688 E_USER_NOTICE