Change "Null" to "NULL" on grid edit null popup to make the text mean the NULL value...
[phpmyadmin.git] / libraries / common.inc.php
blob75f127482217c848a03656084a6bdeaae5556951
1 <?php
2 /**
3 * Misc stuff and REQUIRED by ALL the scripts.
4 * MUST be included by every script
6 * Among other things, it contains the advanced authentication work.
8 * Order of sections for common.inc.php:
10 * the authentication libraries must be before the connection to db
12 * ... so the required order is:
14 * LABEL_variables_init
15 * - initialize some variables always needed
16 * LABEL_parsing_config_file
17 * - parsing of the configuration file
18 * LABEL_loading_language_file
19 * - loading language file
20 * LABEL_setup_servers
21 * - check and setup configured servers
22 * LABEL_theme_setup
23 * - setting up themes
25 * - load of MySQL extension (if necessary)
26 * - loading of an authentication library
27 * - db connection
28 * - authentication work
31 declare(strict_types=1);
33 use PhpMyAdmin\Config;
34 use PhpMyAdmin\Core;
35 use PhpMyAdmin\DatabaseInterface;
36 use PhpMyAdmin\ErrorHandler;
37 use PhpMyAdmin\LanguageManager;
38 use PhpMyAdmin\Logging;
39 use PhpMyAdmin\Message;
40 use PhpMyAdmin\MoTranslator\Loader;
41 use PhpMyAdmin\Plugins;
42 use PhpMyAdmin\Profiling;
43 use PhpMyAdmin\Response;
44 use PhpMyAdmin\Routing;
45 use PhpMyAdmin\Session;
46 use PhpMyAdmin\SqlParser\Lexer;
47 use PhpMyAdmin\ThemeManager;
48 use PhpMyAdmin\Tracker;
50 global $containerBuilder, $error_handler, $PMA_Config, $server, $dbi;
51 global $lang, $cfg, $isConfigLoading, $auth_plugin, $route, $PMA_Theme;
52 global $url_params, $goto, $back, $db, $table, $sql_query, $token_mismatch;
54 /**
55 * block attempts to directly run this script
57 if (getcwd() == __DIR__) {
58 die('Attack stopped');
61 /**
62 * Minimum PHP version; can't call Core::fatalError() which uses a
63 * PHP 5 function, so cannot easily localize this message.
65 if (PHP_VERSION_ID < 70103) {
66 die(
67 '<p>PHP 7.1.3+ is required.</p>'
68 . '<p>Currently installed version is: ' . PHP_VERSION . '</p>'
72 // phpcs:disable PSR1.Files.SideEffects
73 /**
74 * for verification in all procedural scripts under libraries
76 define('PHPMYADMIN', true);
77 // phpcs:enable
79 /**
80 * Load vendor configuration.
82 require_once ROOT_PATH . 'libraries/vendor_config.php';
84 /**
85 * Activate autoloader
87 if (! @is_readable(AUTOLOAD_FILE)) {
88 die(
89 '<p>File <samp>' . AUTOLOAD_FILE . '</samp> missing or not readable.</p>'
90 . '<p>Most likely you did not run Composer to '
91 . '<a href="https://docs.phpmyadmin.net/en/latest/setup.html#installing-from-git">'
92 . 'install library files</a>.</p>'
95 require_once AUTOLOAD_FILE;
97 /**
98 * (TCPDF workaround)
99 * Avoid referring to nonexistent files (causes warnings when open_basedir is used)
100 * This is defined to avoid the tcpdf code to search for a directory outside of open_basedir
101 * See: https://github.com/phpmyadmin/phpmyadmin/issues/16709
102 * This value if not used but is usefull, no header logic is used for PDF exports
104 if (! defined('K_PATH_IMAGES')) {
105 // phpcs:disable PSR1.Files.SideEffects
106 define('K_PATH_IMAGES', ROOT_PATH);
107 // phpcs:enable
110 $route = Routing::getCurrentRoute();
112 if ($route === '/import-status') {
113 // phpcs:disable PSR1.Files.SideEffects
114 define('PMA_MINIMUM_COMMON', true);
115 // phpcs:enable
118 $containerBuilder = Core::getContainerBuilder();
121 * Load gettext functions.
123 Loader::loadFunctions();
125 /** @var ErrorHandler $error_handler */
126 $error_handler = $containerBuilder->get('error_handler');
129 * Warning about missing PHP extensions.
131 Core::checkExtensions();
134 * Configure required PHP settings.
136 Core::configure();
138 /* start procedural code label_start_procedural */
140 Core::cleanupPathInfo();
142 /* parsing configuration file LABEL_parsing_config_file */
144 /** @var bool $isConfigLoading Indication for the error handler */
145 $isConfigLoading = false;
148 * Force reading of config file, because we removed sensitive values
149 * in the previous iteration.
151 * @var Config $PMA_Config
153 $PMA_Config = $containerBuilder->get('config');
155 register_shutdown_function([Config::class, 'fatalErrorHandler']);
158 * include session handling after the globals, to prevent overwriting
160 if (! defined('PMA_NO_SESSION')) {
161 Session::setUp($PMA_Config, $error_handler);
165 * init some variables LABEL_variables_init
169 * holds parameters to be passed to next page
171 * @global array $url_params
173 $url_params = [];
174 $containerBuilder->setParameter('url_params', $url_params);
176 Core::setGotoAndBackGlobals($containerBuilder, $PMA_Config);
178 Core::checkTokenRequestParam();
180 Core::setDatabaseAndTableFromRequest($containerBuilder);
183 * SQL query to be executed
185 * @global string $sql_query
187 $sql_query = '';
188 if (Core::isValid($_POST['sql_query'])) {
189 $sql_query = $_POST['sql_query'];
191 $containerBuilder->setParameter('sql_query', $sql_query);
193 //$_REQUEST['set_theme'] // checked later in this file LABEL_theme_setup
194 //$_REQUEST['server']; // checked later in this file
195 //$_REQUEST['lang']; // checked by LABEL_loading_language_file
197 /* loading language file LABEL_loading_language_file */
200 * lang detection is done here
202 $language = LanguageManager::getInstance()->selectLanguage();
203 $language->activate();
206 * check for errors occurred while loading configuration
207 * this check is done here after loading language files to present errors in locale
209 $PMA_Config->checkPermissions();
210 $PMA_Config->checkErrors();
212 /* Check server configuration */
213 Core::checkConfiguration();
215 /* Check request for possible attacks */
216 Core::checkRequest();
218 /* setup servers LABEL_setup_servers */
220 $PMA_Config->checkServers();
223 * current server
225 * @global integer $server
227 $server = $PMA_Config->selectServer();
228 $url_params['server'] = $server;
229 $containerBuilder->setParameter('server', $server);
230 $containerBuilder->setParameter('url_params', $url_params);
233 * BC - enable backward compatibility
234 * exports all configuration settings into globals ($cfg global)
236 $PMA_Config->enableBc();
238 /* setup themes LABEL_theme_setup */
240 $PMA_Theme = ThemeManager::initializeTheme();
242 /** @var DatabaseInterface $dbi */
243 $dbi = null;
245 if (! defined('PMA_MINIMUM_COMMON')) {
247 * save some settings in cookies
249 * @todo should be done in PhpMyAdmin\Config
251 $PMA_Config->setCookie('pma_lang', (string) $lang);
253 ThemeManager::getInstance()->setThemeCookie();
255 $dbi = DatabaseInterface::load();
256 $containerBuilder->set(DatabaseInterface::class, $dbi);
257 $containerBuilder->setAlias('dbi', DatabaseInterface::class);
259 if (! empty($cfg['Server'])) {
260 $PMA_Config->getLoginCookieValidityFromCache($server);
262 $auth_plugin = Plugins::getAuthPlugin();
263 $auth_plugin->authenticate();
265 Core::connectToDatabaseServer($dbi, $auth_plugin);
267 $auth_plugin->rememberCredentials();
269 $auth_plugin->checkTwoFactor();
271 /* Log success */
272 Logging::logUser($cfg['Server']['user']);
274 if ($dbi->getVersion() < $cfg['MysqlMinVersion']['internal']) {
275 Core::fatalError(
276 __('You should upgrade to %s %s or later.'),
278 'MySQL',
279 $cfg['MysqlMinVersion']['human'],
284 // Sets the default delimiter (if specified).
285 if (! empty($_REQUEST['sql_delimiter'])) {
286 Lexer::$DEFAULT_DELIMITER = $_REQUEST['sql_delimiter'];
289 // TODO: Set SQL modes too.
290 } else { // end server connecting
291 $response = Response::getInstance();
292 $response->getHeader()->disableMenuAndConsole();
293 $response->getFooter()->setMinimal();
296 $response = Response::getInstance();
298 Profiling::check($dbi, $response);
301 * There is no point in even attempting to process
302 * an ajax request if there is a token mismatch
304 if ($response->isAjax() && $_SERVER['REQUEST_METHOD'] === 'POST' && $token_mismatch) {
305 $response->setRequestStatus(false);
306 $response->addJSON(
307 'message',
308 Message::error(__('Error: Token mismatch'))
310 exit;
313 $containerBuilder->set('response', Response::getInstance());
316 // load user preferences
317 $PMA_Config->loadUserPreferences();
319 $containerBuilder->set('theme_manager', ThemeManager::getInstance());
321 /* Tell tracker that it can actually work */
322 Tracker::enable();
324 if (! defined('PMA_MINIMUM_COMMON')
325 && ! empty($server)
326 && isset($cfg['ZeroConf'])
327 && $cfg['ZeroConf'] == true
329 $dbi->postConnectControl();