index.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * Main loader script
   5  *
   6  * @package PhpMyAdmin
   7  */
   8 declare(strict_types=1);
   9
  10 use FastRoute\Dispatcher;
  11 use FastRoute\RouteCollector;
  12 use PhpMyAdmin\Core;
  13 use PhpMyAdmin\Message;
  14
  15 use function FastRoute\simpleDispatcher;
  16
  17 if (! defined('ROOT_PATH')) {
  18     define('ROOT_PATH', __DIR__ . DIRECTORY_SEPARATOR);
  19 }
  20
  21 require_once ROOT_PATH . 'libraries/common.inc.php';
  22
  23 if (isset($_GET['route']) || isset($_POST['route'])) {
  24     $dispatcher = simpleDispatcher(function (RouteCollector $routes) {
  25         $routes->addRoute(['GET', 'POST'], '[/]', function () {
  26             require_once ROOT_PATH . 'libraries/entry_points/home.php';
  27         });
  28         $routes->addGroup('/database', function (RouteCollector $routes) {
  29             $routes->addRoute(['GET', 'POST'], '/operations', function () {
  30                 require_once ROOT_PATH . 'libraries/entry_points/database/operations.php';
  31             });
  32             $routes->addRoute(['GET', 'POST'], '/search', function () {
  33                 require_once ROOT_PATH . 'libraries/entry_points/database/search.php';
  34             });
  35             $routes->addRoute(['GET', 'POST'], '/structure', function () {
  36                 require_once ROOT_PATH . 'libraries/entry_points/database/structure.php';
  37             });
  38             $routes->addRoute(['GET', 'POST'], '/tracking', function () {
  39                 require_once ROOT_PATH . 'libraries/entry_points/database/tracking.php';
  40             });
  41         });
  42         $routes->addGroup('/server', function (RouteCollector $routes) {
  43             $routes->addRoute('GET', '/collations', function () {
  44                 require_once ROOT_PATH . 'libraries/entry_points/server/collations.php';
  45             });
  46             $routes->addRoute(['GET', 'POST'], '/databases', function () {
  47                 require_once ROOT_PATH . 'libraries/entry_points/server/databases.php';
  48             });
  49             $routes->addRoute('GET', '/engines', function () {
  50                 require_once ROOT_PATH . 'libraries/entry_points/server/engines.php';
  51             });
  52             $routes->addRoute('GET', '/plugins', function () {
  53                 require_once ROOT_PATH . 'libraries/entry_points/server/plugins.php';
  54             });
  55             $routes->addRoute(['GET', 'POST'], '/privileges', function () {
  56                 require_once ROOT_PATH . 'libraries/entry_points/server/privileges.php';
  57             });
  58             $routes->addGroup('/status', function (RouteCollector $routes) {
  59                 $routes->addRoute('GET', '', function () {
  60                     require_once ROOT_PATH . 'libraries/entry_points/server/status.php';
  61                 });
  62                 $routes->addRoute('GET', '/queries', function () {
  63                     require_once ROOT_PATH . 'libraries/entry_points/server/status/queries.php';
  64                 });
  65             });
  66             $routes->addRoute(['GET', 'POST'], '/variables', function () {
  67                 require_once ROOT_PATH . 'libraries/entry_points/server/variables.php';
  68             });
  69         });
  70         $routes->addGroup('/table', function (RouteCollector $routes) {
  71             $routes->addRoute(['GET', 'POST'], '/change', function () {
  72                 require_once ROOT_PATH . 'libraries/entry_points/table/change.php';
  73             });
  74             $routes->addRoute(['GET', 'POST'], '/search', function () {
  75                 require_once ROOT_PATH . 'libraries/entry_points/table/select.php';
  76             });
  77             $routes->addRoute(['GET', 'POST'], '/structure', function () {
  78                 require_once ROOT_PATH . 'libraries/entry_points/table/structure.php';
  79             });
  80             $routes->addRoute(['GET', 'POST'], '/tracking', function () {
  81                 require_once ROOT_PATH . 'libraries/entry_points/table/tracking.php';
  82             });
  83         });
  84     });
  85     $routeInfo = $dispatcher->dispatch(
  86         $_SERVER['REQUEST_METHOD'],
  87         rawurldecode($_GET['route'] ?? $_POST['route'])
  88     );
  89     if ($routeInfo[0] === Dispatcher::NOT_FOUND) {
  90         Message::error(sprintf(
  91             __('Error 404! The page %s was not found.'),
  92             '<code>' . ($_GET['route'] ?? $_POST['route']) . '</code>'
  93         ))->display();
  94         exit;
  95     } elseif ($routeInfo[0] === Dispatcher::METHOD_NOT_ALLOWED) {
  96         Message::error(__('Error 405! Request method not allowed.'))->display();
  97         exit;
  98     } elseif ($routeInfo[0] === Dispatcher::FOUND) {
  99         $handler = $routeInfo[1];
 100         $handler($routeInfo[2]);
 101         exit;
 102     }
 103 }
 104
 105 /**
 106  * pass variables to child pages
 107  */
 108 $drops = [
 109     'lang',
 110     'server',
 111     'collation_connection',
 112     'db',
 113     'table',
 114 ];
 115 foreach ($drops as $each_drop) {
 116     if (array_key_exists($each_drop, $_GET)) {
 117         unset($_GET[$each_drop]);
 118     }
 119 }
 120 unset($drops, $each_drop);
 121
 122 /**
 123  * Black list of all scripts to which front-end must submit data.
 124  * Such scripts must not be loaded on home page.
 125  */
 126 $target_blacklist =  [
 127     'import.php',
 128     'export.php',
 129 ];
 130
 131 // If we have a valid target, let's load that script instead
 132 if (! empty($_REQUEST['target'])
 133     && is_string($_REQUEST['target'])
 134     && 0 !== strpos($_REQUEST['target'], "index")
 135     && ! in_array($_REQUEST['target'], $target_blacklist)
 136     && Core::checkPageValidity($_REQUEST['target'], [], true)
 137 ) {
 138     include ROOT_PATH . $_REQUEST['target'];
 139     exit;
 140 }
 141
 142 require_once ROOT_PATH . 'libraries/entry_points/home.php';