index.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * Main loader script
   5  *
   6  * @package PhpMyAdmin
   7  */
   8 declare(strict_types=1);
   9
  10 use PhpMyAdmin\Controllers\HomeController;
  11 use PhpMyAdmin\Core;
  12 use PhpMyAdmin\DatabaseInterface;
  13 use PhpMyAdmin\Di\Container;
  14 use PhpMyAdmin\Response;
  15 use PhpMyAdmin\Url;
  16 use PhpMyAdmin\Util;
  17
  18 if (! defined('ROOT_PATH')) {
  19     define('ROOT_PATH', __DIR__ . DIRECTORY_SEPARATOR);
  20 }
  21
  22 require_once ROOT_PATH . 'libraries/common.inc.php';
  23
  24 /**
  25  * pass variables to child pages
  26  */
  27 $drops = [
  28     'lang',
  29     'server',
  30     'collation_connection',
  31     'db',
  32     'table',
  33 ];
  34 foreach ($drops as $each_drop) {
  35     if (array_key_exists($each_drop, $_GET)) {
  36         unset($_GET[$each_drop]);
  37     }
  38 }
  39 unset($drops, $each_drop);
  40
  41 /**
  42  * Black list of all scripts to which front-end must submit data.
  43  * Such scripts must not be loaded on home page.
  44  */
  45 $target_blacklist =  [
  46     'import.php',
  47     'export.php',
  48 ];
  49
  50 // If we have a valid target, let's load that script instead
  51 if (! empty($_REQUEST['target'])
  52     && is_string($_REQUEST['target'])
  53     && 0 !== strpos($_REQUEST['target'], "index")
  54     && ! in_array($_REQUEST['target'], $target_blacklist)
  55     && Core::checkPageValidity($_REQUEST['target'], [], true)
  56 ) {
  57     include ROOT_PATH . $_REQUEST['target'];
  58     exit;
  59 }
  60
  61 $container = Container::getDefaultContainer();
  62 $container->set(Response::class, Response::getInstance());
  63
  64 /** @var Response $response */
  65 $response = $container->get(Response::class);
  66
  67 /** @var DatabaseInterface $dbi */
  68 $dbi = $container->get(DatabaseInterface::class);
  69
  70 $controller = new HomeController(
  71     $response,
  72     $dbi,
  73     $GLOBALS['PMA_Config']
  74 );
  75
  76 if (isset($_REQUEST['ajax_request']) && ! empty($_REQUEST['access_time'])) {
  77     exit;
  78 }
  79
  80 if (isset($_POST['set_theme'])) {
  81     $controller->setTheme([
  82         'set_theme' => $_POST['set_theme'],
  83     ]);
  84
  85     header('Location: index.php' . Url::getCommonRaw());
  86 } elseif (isset($_POST['collation_connection'])) {
  87     $controller->setCollationConnection([
  88         'collation_connection' => $_POST['collation_connection'],
  89     ]);
  90
  91     header('Location: index.php' . Url::getCommonRaw());
  92 } elseif (! empty($_REQUEST['db'])) {
  93     // See FAQ 1.34
  94     $page = null;
  95     if (! empty($_REQUEST['table'])) {
  96         $page = Util::getScriptNameForOption(
  97             $GLOBALS['cfg']['DefaultTabTable'],
  98             'table'
  99         );
 100     } else {
 101         $page = Util::getScriptNameForOption(
 102             $GLOBALS['cfg']['DefaultTabDatabase'],
 103             'database'
 104         );
 105     }
 106     include ROOT_PATH . $page;
 107 } elseif ($response->isAjax() && ! empty($_REQUEST['recent_table'])) {
 108     $response->addJSON($controller->reloadRecentTablesList());
 109 } elseif ($GLOBALS['PMA_Config']->isGitRevision()
 110     && isset($_REQUEST['git_revision'])
 111     && $response->isAjax()
 112 ) {
 113     $response->addHTML($controller->gitRevision());
 114 } else {
 115     // Handles some variables that may have been sent by the calling script
 116     $GLOBALS['db'] = '';
 117     $GLOBALS['table'] = '';
 118     $show_query = '1';
 119
 120     if ($server > 0) {
 121         include ROOT_PATH . 'libraries/server_common.inc.php';
 122     }
 123
 124     $response->addHTML($controller->index());
 125 }