search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Translated using Weblate (Ukrainian)
[phpmyadmin.git] / index.php
blob6ab209e1a8f0d870d341942345e2c709923e9df3
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * Main loader script
5 *
6 * @package PhpMyAdmin
7 */
8 declare(strict_types=1);
9
10 use PhpMyAdmin\Charsets;
11 use PhpMyAdmin\Config;
12 use PhpMyAdmin\Core;
13 use PhpMyAdmin\Display\GitRevision;
14 use PhpMyAdmin\LanguageManager;
15 use PhpMyAdmin\Message;
16 use PhpMyAdmin\RecentFavoriteTable;
17 use PhpMyAdmin\Relation;
18 use PhpMyAdmin\Response;
19 use PhpMyAdmin\Sanitize;
20 use PhpMyAdmin\Server\Select;
21 use PhpMyAdmin\ThemeManager;
22 use PhpMyAdmin\Url;
23 use PhpMyAdmin\Util;
24 use PhpMyAdmin\UserPreferences;
25
26 /**
27 * Gets some core libraries and displays a top message if required
28 */
29 require_once 'libraries/common.inc.php';
30
31 /**
32 * pass variables to child pages
33 */
34 $drops = [
35 'lang',
36 'server',
37 'collation_connection',
38 'db',
39 'table'
40 ];
41 foreach ($drops as $each_drop) {
42 if (array_key_exists($each_drop, $_GET)) {
43 unset($_GET[$each_drop]);
44 }
45 }
46 unset($drops, $each_drop);
47
48 /*
49 * Black list of all scripts to which front-end must submit data.
50 * Such scripts must not be loaded on home page.
51 *
52 */
53 $target_blacklist = [
54 'import.php', 'export.php'
55 ];
56
57 // If we have a valid target, let's load that script instead
58 if (! empty($_REQUEST['target'])
59 && is_string($_REQUEST['target'])
60 && ! preg_match('/^index/', $_REQUEST['target'])
61 && ! in_array($_REQUEST['target'], $target_blacklist)
62 && Core::checkPageValidity($_REQUEST['target'], [], true)
63 ) {
64 include $_REQUEST['target'];
65 exit;
66 }
67
68 if (isset($_REQUEST['ajax_request']) && ! empty($_REQUEST['access_time'])) {
69 exit;
70 }
71
72 // if user selected a theme
73 if (isset($_POST['set_theme'])) {
74 $tmanager = ThemeManager::getInstance();
75 $tmanager->setActiveTheme($_POST['set_theme']);
76 $tmanager->setThemeCookie();
77
78 $userPreferences = new UserPreferences();
79 $prefs = $userPreferences->load();
80 $prefs["config_data"]["ThemeDefault"] = $_POST['set_theme'];
81 $userPreferences->save($prefs["config_data"]);
82
83 header('Location: index.php' . Url::getCommonRaw());
84 exit();
85 }
86 // Change collation connection
87 if (isset($_POST['collation_connection'])) {
88 $GLOBALS['PMA_Config']->setUserValue(
89 null,
90 'DefaultConnectionCollation',
91 $_POST['collation_connection'],
92 'utf8mb4_unicode_ci'
93 );
94 header('Location: index.php' . Url::getCommonRaw());
95 exit();
96 }
97
98
99 // See FAQ 1.34
100 if (! empty($_REQUEST['db'])) {
101 $page = null;
102 if (! empty($_REQUEST['table'])) {
103 $page = Util::getScriptNameForOption(
104 $GLOBALS['cfg']['DefaultTabTable'],
105 'table'
106 );
107 } else {
108 $page = Util::getScriptNameForOption(
109 $GLOBALS['cfg']['DefaultTabDatabase'],
110 'database'
111 );
112 }
113 include $page;
114 exit;
115 }
116
117 $response = Response::getInstance();
118 /**
119 * Check if it is an ajax request to reload the recent tables list.
120 */
121 if ($response->isAjax() && ! empty($_REQUEST['recent_table'])) {
122 $response->addJSON(
123 'list',
124 RecentFavoriteTable::getInstance('recent')->getHtmlList()
125 );
126 exit;
127 }
128
129 if ($GLOBALS['PMA_Config']->isGitRevision()) {
130 if (isset($_REQUEST['git_revision']) && $response->isAjax()) {
131 GitRevision::display();
132 exit;
133 }
134 echo '<div id="is_git_revision"></div>';
135 }
136
137 // Handles some variables that may have been sent by the calling script
138 $GLOBALS['db'] = '';
139 $GLOBALS['table'] = '';
140 $show_query = '1';
141
142 // Any message to display?
143 if (! empty($message)) {
144 echo Util::getMessage($message);
145 unset($message);
146 }
147 if (isset($_SESSION['partial_logout'])) {
148 Message::success(
149 __('You were logged out from one server, to logout completely from phpMyAdmin, you need to logout from all servers.')
150 )->display();
151 unset($_SESSION['partial_logout']);
152 }
153
154 $common_url_query = Url::getCommon();
155 $mysql_cur_user_and_host = '';
156
157 // when $server > 0, a server has been chosen so we can display
158 // all MySQL-related information
159 if ($server > 0) {
160 include 'libraries/server_common.inc.php';
161
162 // Use the verbose name of the server instead of the hostname
163 // if a value is set
164 $server_info = '';
165 if (! empty($cfg['Server']['verbose'])) {
166 $server_info .= htmlspecialchars($cfg['Server']['verbose']);
167 if ($GLOBALS['cfg']['ShowServerInfo']) {
168 $server_info .= ' (';
169 }
170 }
171 if ($GLOBALS['cfg']['ShowServerInfo'] || empty($cfg['Server']['verbose'])) {
172 $server_info .= $GLOBALS['dbi']->getHostInfo();
173 }
174 if (! empty($cfg['Server']['verbose']) && $GLOBALS['cfg']['ShowServerInfo']) {
175 $server_info .= ')';
176 }
177 $mysql_cur_user_and_host = $GLOBALS['dbi']->fetchValue('SELECT USER();');
178
179 // should we add the port info here?
180 $short_server_info = (!empty($GLOBALS['cfg']['Server']['verbose'])
181 ? $GLOBALS['cfg']['Server']['verbose']
182 : $GLOBALS['cfg']['Server']['host']);
183 }
184
185 echo '<div id="maincontainer">' , "\n";
186 // Anchor for favorite tables synchronization.
187 echo RecentFavoriteTable::getInstance('favorite')->getHtmlSyncFavoriteTables();
188 echo '<div id="main_pane_left">';
189 if ($server > 0 || count($cfg['Servers']) > 1
190 ) {
191 if ($cfg['DBG']['demo']) {
192 echo '<div class="group">';
193 echo '<h2>' , __('phpMyAdmin Demo Server') , '</h2>';
194 echo '<p class="cfg_dbg_demo">';
195 printf(
196 __(
197 'You are using the demo server. You can do anything here, but '
198 . 'please do not change root, debian-sys-maint and pma users. '
199 . 'More information is available at %s.'
200 ),
201 '<a href="url.php?url=https://demo.phpmyadmin.net/" target="_blank" rel="noopener noreferrer">demo.phpmyadmin.net</a>'
202 );
203 echo '</p>';
204 echo '</div>';
205 }
206 echo '<div class="group">';
207 echo '<h2>' , __('General settings') , '</h2>';
208 echo '<ul>';
209
210 /**
211 * Displays the MySQL servers choice form
212 */
213 if ($cfg['ServerDefault'] == 0
214 || (! $cfg['NavigationDisplayServers']
215 && (count($cfg['Servers']) > 1
216 || ($server == 0 && count($cfg['Servers']) == 1)))
217 ) {
218 echo '<li id="li_select_server" class="no_bullets" >';
219 echo Util::getImage('s_host') , " "
220 , Select::render(true, true);
221 echo '</li>';
222 }
223
224 /**
225 * Displays the mysql server related links
226 */
227 if ($server > 0) {
228 include_once 'libraries/check_user_privileges.inc.php';
229
230 // Logout for advanced authentication
231 if ($cfg['Server']['auth_type'] != 'config') {
232 if ($cfg['ShowChgPassword']) {
233 $conditional_class = 'ajax';
234 Core::printListItem(
235 Util::getImage('s_passwd') . "&nbsp;" . __(
236 'Change password'
237 ),
238 'li_change_password',
239 'user_password.php' . $common_url_query,
240 null,
241 null,
242 'change_password_anchor',
243 "no_bullets",
244 $conditional_class
245 );
246 }
247 } // end if
248 echo ' <li id="li_select_mysql_collation" class="no_bullets" >';
249 echo ' <form class="disableAjax" method="post" action="index.php">' , "\n"
250 . Url::getHiddenInputs(null, null, 4, 'collation_connection')
251 . ' <label for="select_collation_connection">' . "\n"
252 . ' ' . Util::getImage('s_asci')
253 . "&nbsp;" . __('Server connection collation') . "\n"
254 // put the doc link in the form so that it appears on the same line
255 . Util::showMySQLDocu('Charset-connection')
256 . ': ' . "\n"
257 . ' </label>' . "\n"
258
259 . Charsets::getCollationDropdownBox(
260 $GLOBALS['dbi'],
261 $GLOBALS['cfg']['Server']['DisableIS'],
262 'collation_connection',
263 'select_collation_connection',
264 $collation_connection,
265 true,
266 true
267 )
268 . ' </form>' . "\n"
269 . ' </li>' . "\n";
270 } // end of if ($server > 0)
271 echo '</ul>';
272 echo '</div>';
273 }
274
275 echo '<div class="group">';
276 echo '<h2>' , __('Appearance settings') , '</h2>';
277 echo ' <ul>';
278
279 // Displays language selection combo
280 $language_manager = LanguageManager::getInstance();
281 if (empty($cfg['Lang']) && $language_manager->hasChoice()) {
282 echo '<li id="li_select_lang" class="no_bullets">';
283
284 echo Util::getImage('s_lang') , " "
285 , $language_manager->getSelectorDisplay();
286 echo '</li>';
287 }
288
289 // ThemeManager if available
290
291 if ($GLOBALS['cfg']['ThemeManager']) {
292 echo '<li id="li_select_theme" class="no_bullets">';
293 echo Util::getImage('s_theme') , " "
294 , ThemeManager::getInstance()->getHtmlSelectBox();
295 echo '</li>';
296 }
297
298 echo '</ul>';
299
300 // User preferences
301
302 if ($server > 0) {
303 echo '<ul>';
304 Core::printListItem(
305 Util::getImage('b_tblops') . "&nbsp;" . __(
306 'More settings'
307 ),
308 'li_user_preferences',
309 'prefs_manage.php' . $common_url_query,
310 null,
311 null,
312 null,
313 "no_bullets"
314 );
315 echo '</ul>';
316 }
317
318 echo '</div>';
319
320
321 echo '</div>';
322 echo '<div id="main_pane_right">';
323
324
325 if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
326 echo '<div class="group">';
327 echo '<h2>' , __('Database server') , '</h2>';
328 echo '<ul>' , "\n";
329 Core::printListItem(
330 __('Server:') . ' ' . $server_info,
331 'li_server_info'
332 );
333 Core::printListItem(
334 __('Server type:') . ' ' . Util::getServerType(),
335 'li_server_type'
336 );
337 Core::printListItem(
338 __('Server connection:') . ' ' . Util::getServerSSL(),
339 'li_server_type'
340 );
341 Core::printListItem(
342 __('Server version:')
343 . ' '
344 . $GLOBALS['dbi']->getVersionString() . ' - ' . $GLOBALS['dbi']->getVersionComment(),
345 'li_server_version'
346 );
347 Core::printListItem(
348 __('Protocol version:') . ' ' . $GLOBALS['dbi']->getProtoInfo(),
349 'li_mysql_proto'
350 );
351 Core::printListItem(
352 __('User:') . ' ' . htmlspecialchars($mysql_cur_user_and_host),
353 'li_user_info'
354 );
355
356 echo ' <li id="li_select_mysql_charset">';
357 echo ' ' , __('Server charset:') , ' '
358 . ' <span lang="en" dir="ltr">';
359 $unicode = Charsets::$mysql_charset_map['utf-8'];
360 $charsets = Charsets::getMySQLCharsetsDescriptions(
361 $GLOBALS['dbi'],
362 $GLOBALS['cfg']['Server']['DisableIS']
363 );
364 echo ' ' , $charsets[$unicode], ' (' . $unicode, ')';
365 echo ' </span>'
366 . ' </li>'
367 . ' </ul>'
368 . ' </div>';
369 }
370
371 if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
372 echo '<div class="group">';
373 echo '<h2>' , __('Web server') , '</h2>';
374 echo '<ul>';
375 if ($GLOBALS['cfg']['ShowServerInfo']) {
376 Core::printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
377
378 if ($server > 0) {
379 $client_version_str = $GLOBALS['dbi']->getClientInfo();
380 if (preg_match('#\d+\.\d+\.\d+#', $client_version_str)) {
381 $client_version_str = 'libmysql - ' . $client_version_str;
382 }
383 Core::printListItem(
384 __('Database client version:') . ' ' . $client_version_str,
385 'li_mysql_client_version'
386 );
387
388 $php_ext_string = __('PHP extension:') . ' ';
389
390 $extensions = Util::listPHPExtensions();
391
392 foreach ($extensions as $extension) {
393 $php_ext_string .= ' ' . $extension
394 . Util::showPHPDocu('book.' . $extension . '.php');
395 }
396
397 Core::printListItem(
398 $php_ext_string,
399 'li_used_php_extension'
400 );
401
402 $php_version_string = __('PHP version:') . ' ' . phpversion();
403
404 Core::printListItem(
405 $php_version_string,
406 'li_used_php_version'
407 );
408 }
409 }
410
411 if ($cfg['ShowPhpInfo']) {
412 Core::printListItem(
413 __('Show PHP information'),
414 'li_phpinfo',
415 'phpinfo.php' . $common_url_query,
416 null,
417 '_blank'
418 );
419 }
420 echo ' </ul>';
421 echo ' </div>';
422 }
423
424 echo '<div class="group pmagroup">';
425 echo '<h2>phpMyAdmin</h2>';
426 echo '<ul>';
427 $class = null;
428 if ($GLOBALS['cfg']['VersionCheck']) {
429 $class = 'jsversioncheck';
430 }
431 Core::printListItem(
432 __('Version information:') . ' <span class="version">' . PMA_VERSION . '</span>',
433 'li_pma_version',
434 null,
435 null,
436 null,
437 null,
438 $class
439 );
440 Core::printListItem(
441 __('Documentation'),
442 'li_pma_docs',
443 Util::getDocuLink('index'),
444 null,
445 '_blank'
446 );
447
448 // does not work if no target specified, don't know why
449 Core::printListItem(
450 __('Official Homepage'),
451 'li_pma_homepage',
452 Core::linkURL('https://www.phpmyadmin.net/'),
453 null,
454 '_blank'
455 );
456 Core::printListItem(
457 __('Contribute'),
458 'li_pma_contribute',
459 Core::linkURL('https://www.phpmyadmin.net/contribute/'),
460 null,
461 '_blank'
462 );
463 Core::printListItem(
464 __('Get support'),
465 'li_pma_support',
466 Core::linkURL('https://www.phpmyadmin.net/support/'),
467 null,
468 '_blank'
469 );
470 Core::printListItem(
471 __('List of changes'),
472 'li_pma_changes',
473 'changelog.php' . Url::getCommon(),
474 null,
475 '_blank'
476 );
477 Core::printListItem(
478 __('License'),
479 'li_pma_license',
480 'license.php' . Url::getCommon(),
481 null,
482 '_blank'
483 );
484 echo ' </ul>';
485 echo ' </div>';
486
487 echo '</div>';
488
489 echo '</div>';
490
491 /**
492 * mbstring is used for handling multibytes inside parser, so it is good
493 * to tell user something might be broken without it, see bug #1063149.
494 */
495 if (! extension_loaded('mbstring')) {
496 trigger_error(
497 __(
498 'The mbstring PHP extension was not found and you seem to be using'
499 . ' a multibyte charset. Without the mbstring extension phpMyAdmin'
500 . ' is unable to split strings correctly and it may result in'
501 . ' unexpected results.'
502 ),
503 E_USER_WARNING
504 );
505 }
506
507 /**
508 * Missing functionality
509 */
510 if (! extension_loaded('curl') && ! ini_get('allow_url_fopen')) {
511 trigger_error(
512 __(
513 'The curl extension was not found and allow_url_fopen is '
514 . 'disabled. Due to this some features such as error reporting '
515 . 'or version check are disabled.'
516 )
517 );
518 }
519
520 if ($cfg['LoginCookieValidityDisableWarning'] == false) {
521 /**
522 * Check whether session.gc_maxlifetime limits session validity.
523 */
524 $gc_time = (int)ini_get('session.gc_maxlifetime');
525 if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity']) {
526 trigger_error(
527 __(
528 'Your PHP parameter [a@https://secure.php.net/manual/en/session.' .
529 'configuration.php#ini.session.gc-maxlifetime@_blank]session.' .
530 'gc_maxlifetime[/a] is lower than cookie validity configured ' .
531 'in phpMyAdmin, because of this, your login might expire sooner ' .
532 'than configured in phpMyAdmin.'
533 ),
534 E_USER_WARNING
535 );
536 }
537 }
538
539 /**
540 * Check whether LoginCookieValidity is limited by LoginCookieStore.
541 */
542 if ($GLOBALS['cfg']['LoginCookieStore'] != 0
543 && $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']
544 ) {
545 trigger_error(
546 __(
547 'Login cookie store is lower than cookie validity configured in ' .
548 'phpMyAdmin, because of this, your login will expire sooner than ' .
549 'configured in phpMyAdmin.'
550 ),
551 E_USER_WARNING
552 );
553 }
554
555 /**
556 * Warning if using the default MySQL controluser account
557 */
558 if ($server != 0
559 && isset($GLOBALS['cfg']['Server']['controluser']) && $GLOBALS['cfg']['Server']['controluser'] == 'pma'
560 && isset($GLOBALS['cfg']['Server']['controlpass']) && $GLOBALS['cfg']['Server']['controlpass'] == 'pmapass'
561 ) {
562 trigger_error(
563 __('Your server is running with default values for the controluser and password (controlpass) and is open to intrusion; you really should fix this security weakness by changing the password for controluser \'pma\'.'),
564 E_USER_WARNING
565 );
566 }
567
568
569 /**
570 * Check if user does not have defined blowfish secret and it is being used.
571 */
572 if (! empty($_SESSION['encryption_key'])) {
573 if (empty($GLOBALS['cfg']['blowfish_secret'])) {
574 trigger_error(
575 __(
576 'The configuration file now needs a secret passphrase (blowfish_secret).'
577 ),
578 E_USER_WARNING
579 );
580 } elseif (strlen($GLOBALS['cfg']['blowfish_secret']) < 32) {
581 trigger_error(
582 __(
583 'The secret passphrase in configuration (blowfish_secret) is too short.'
584 ),
585 E_USER_WARNING
586 );
587 }
588 }
589
590 /**
591 * Check for existence of config directory which should not exist in
592 * production environment.
593 */
594 if (@file_exists('config')) {
595 trigger_error(
596 __(
597 'Directory [code]config[/code], which is used by the setup script, ' .
598 'still exists in your phpMyAdmin directory. It is strongly ' .
599 'recommended to remove it once phpMyAdmin has been configured. ' .
600 'Otherwise the security of your server may be compromised by ' .
601 'unauthorized people downloading your configuration.'
602 ),
603 E_USER_WARNING
604 );
605 }
606
607 $relation = new Relation($GLOBALS['dbi']);
608
609 if ($server > 0) {
610 $cfgRelation = $relation->getRelationsParam();
611 if (! $cfgRelation['allworks']
612 && $cfg['PmaNoRelation_DisableWarning'] == false
613 ) {
614 $msg_text = __(
615 'The phpMyAdmin configuration storage is not completely '
616 . 'configured, some extended features have been deactivated. '
617 . '%sFind out why%s. '
618 );
619 if ($cfg['ZeroConf'] == true) {
620 $msg_text .= '<br>' .
621 __(
622 'Or alternately go to \'Operations\' tab of any database '
623 . 'to set it up there.'
624 );
625 }
626 $msg = Message::notice($msg_text);
627 $msg->addParamHtml('<a href="./chk_rel.php' . $common_url_query . '">');
628 $msg->addParamHtml('</a>');
629 /* Show error if user has configured something, notice elsewhere */
630 if (!empty($cfg['Servers'][$server]['pmadb'])) {
631 $msg->isError(true);
632 }
633 $msg->display();
634 } // end if
635 }
636
637 /**
638 * Warning about Suhosin only if its simulation mode is not enabled
639 */
640 if ($cfg['SuhosinDisableWarning'] == false
641 && ini_get('suhosin.request.max_value_length')
642 && ini_get('suhosin.simulation') == '0'
643 ) {
644 trigger_error(
645 sprintf(
646 __(
647 'Server running with Suhosin. Please refer to %sdocumentation%s ' .
648 'for possible issues.'
649 ),
650 '[doc@faq1-38]',
651 '[/doc]'
652 ),
653 E_USER_WARNING
654 );
655 }
656
657 /* Missing template cache */
658 if (is_null($GLOBALS['PMA_Config']->getTempDir('twig'))) {
659 trigger_error(
660 sprintf(
661 __('The $cfg[\'TempDir\'] (%s) is not accessible. phpMyAdmin is not able to cache templates and will be slow because of this.'),
662 $GLOBALS['PMA_Config']->get('TempDir')
663 ),
664 E_USER_WARNING
665 );
666 }
667
668 /**
669 * Warning about incomplete translations.
670 *
671 * The data file is created while creating release by ./scripts/remove-incomplete-mo
672 */
673 if (@file_exists('libraries/language_stats.inc.php')) {
674 include 'libraries/language_stats.inc.php';
675 /*
676 * This message is intentionally not translated, because we're
677 * handling incomplete translations here and focus on english
678 * speaking users.
679 */
680 if (isset($GLOBALS['language_stats'][$lang])
681 && $GLOBALS['language_stats'][$lang] < $cfg['TranslationWarningThreshold']
682 ) {
683 trigger_error(
684 'You are using an incomplete translation, please help to make it '
685 . 'better by [a@https://www.phpmyadmin.net/translate/'
686 . '@_blank]contributing[/a].',
687 E_USER_NOTICE
688 );
689 }
690 }
phpMyAdmin