index.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * Main loader script
   5  *
   6  * @package PhpMyAdmin
   7  */
   8 declare(strict_types=1);
   9
  10 use PhpMyAdmin\Controllers\HomeController;
  11 use PhpMyAdmin\Core;
  12 use PhpMyAdmin\DatabaseInterface;
  13 use PhpMyAdmin\Response;
  14 use PhpMyAdmin\Url;
  15 use PhpMyAdmin\Util;
  16
  17 if (! defined('ROOT_PATH')) {
  18     define('ROOT_PATH', __DIR__ . DIRECTORY_SEPARATOR);
  19 }
  20
  21 global $server;
  22
  23 require_once ROOT_PATH . 'libraries/common.inc.php';
  24
  25 /**
  26  * pass variables to child pages
  27  */
  28 $drops = [
  29     'lang',
  30     'server',
  31     'collation_connection',
  32     'db',
  33     'table',
  34 ];
  35 foreach ($drops as $each_drop) {
  36     if (array_key_exists($each_drop, $_GET)) {
  37         unset($_GET[$each_drop]);
  38     }
  39 }
  40 unset($drops, $each_drop);
  41
  42 /**
  43  * Black list of all scripts to which front-end must submit data.
  44  * Such scripts must not be loaded on home page.
  45  */
  46 $target_blacklist =  [
  47     'import.php',
  48     'export.php',
  49 ];
  50
  51 // If we have a valid target, let's load that script instead
  52 if (! empty($_REQUEST['target'])
  53     && is_string($_REQUEST['target'])
  54     && 0 !== strpos($_REQUEST['target'], "index")
  55     && ! in_array($_REQUEST['target'], $target_blacklist)
  56     && Core::checkPageValidity($_REQUEST['target'], [], true)
  57 ) {
  58     include ROOT_PATH . $_REQUEST['target'];
  59     exit;
  60 }
  61
  62 /** @var Response $response */
  63 $response = $containerBuilder->get(Response::class);
  64
  65 /** @var DatabaseInterface $dbi */
  66 $dbi = $containerBuilder->get(DatabaseInterface::class);
  67
  68 /** @var HomeController $controller */
  69 $controller = $containerBuilder->get(HomeController::class);
  70
  71 if (isset($_REQUEST['ajax_request']) && ! empty($_REQUEST['access_time'])) {
  72     exit;
  73 }
  74
  75 if (isset($_POST['set_theme'])) {
  76     $controller->setTheme([
  77         'set_theme' => $_POST['set_theme'],
  78     ]);
  79
  80     header('Location: index.php' . Url::getCommonRaw());
  81 } elseif (isset($_POST['collation_connection'])) {
  82     $controller->setCollationConnection([
  83         'collation_connection' => $_POST['collation_connection'],
  84     ]);
  85
  86     header('Location: index.php' . Url::getCommonRaw());
  87 } elseif (! empty($_REQUEST['db'])) {
  88     // See FAQ 1.34
  89     $page = null;
  90     if (! empty($_REQUEST['table'])) {
  91         $page = Util::getScriptNameForOption(
  92             $GLOBALS['cfg']['DefaultTabTable'],
  93             'table'
  94         );
  95     } else {
  96         $page = Util::getScriptNameForOption(
  97             $GLOBALS['cfg']['DefaultTabDatabase'],
  98             'database'
  99         );
 100     }
 101     include ROOT_PATH . $page;
 102 } elseif ($response->isAjax() && ! empty($_REQUEST['recent_table'])) {
 103     $response->addJSON($controller->reloadRecentTablesList());
 104 } elseif ($GLOBALS['PMA_Config']->isGitRevision()
 105     && isset($_REQUEST['git_revision'])
 106     && $response->isAjax()
 107 ) {
 108     $response->addHTML($controller->gitRevision());
 109 } else {
 110     // Handles some variables that may have been sent by the calling script
 111     $GLOBALS['db'] = '';
 112     $GLOBALS['table'] = '';
 113     $show_query = '1';
 114
 115     if ($server > 0) {
 116         include ROOT_PATH . 'libraries/server_common.inc.php';
 117     }
 118
 119     $response->addHTML($controller->index());
 120 }