libraries/user_preferences.lib.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * Functions for displaying user preferences pages
   5  *
   6  * @package PhpMyAdmin
   7  */
   8 if (! defined('PHPMYADMIN')) {
   9     exit;
  10 }
  11
  12 require_once './libraries/Template.class.php';
  13
  14 /**
  15  * Common initialization for user preferences modification pages
  16  *
  17  * @param ConfigFile $cf Config file instance
  18  *
  19  * @return void
  20  */
  21 function PMA_userprefsPageInit(ConfigFile $cf)
  22 {
  23     $forms_all_keys = PMA_readUserprefsFieldNames($GLOBALS['forms']);
  24     $cf->resetConfigData(); // start with a clean instance
  25     $cf->setAllowedKeys($forms_all_keys);
  26     $cf->setCfgUpdateReadMapping(
  27         array(
  28             'Server/hide_db' => 'Servers/1/hide_db',
  29             'Server/only_db' => 'Servers/1/only_db'
  30         )
  31     );
  32     $cf->updateWithGlobalConfig($GLOBALS['cfg']);
  33 }
  34
  35 /**
  36  * Loads user preferences
  37  *
  38  * Returns an array:
  39  * * config_data - path => value pairs
  40  * * mtime - last modification time
  41  * * type - 'db' (config read from pmadb) or 'session' (read from user session)
  42  *
  43  * @return array
  44  */
  45 function PMA_loadUserprefs()
  46 {
  47     $cfgRelation = PMA_getRelationsParam();
  48     if (! $cfgRelation['userconfigwork']) {
  49         // no pmadb table, use session storage
  50         if (! isset($_SESSION['userconfig'])) {
  51             $_SESSION['userconfig'] = array(
  52                 'db' => array(),
  53                 'ts' => time());
  54         }
  55         return array(
  56             'config_data' => $_SESSION['userconfig']['db'],
  57             'mtime' => $_SESSION['userconfig']['ts'],
  58             'type' => 'session');
  59     }
  60     // load configuration from pmadb
  61     $query_table = PMA_Util::backquote($cfgRelation['db']) . '.'
  62         . PMA_Util::backquote($cfgRelation['userconfig']);
  63     $query = 'SELECT `config_data`, UNIX_TIMESTAMP(`timevalue`) ts'
  64         . ' FROM ' . $query_table
  65         . ' WHERE `username` = \''
  66         . PMA_Util::sqlAddSlashes($cfgRelation['user'])
  67         . '\'';
  68     $row = $GLOBALS['dbi']->fetchSingleRow($query, 'ASSOC', $GLOBALS['controllink']);
  69
  70     return array(
  71         'config_data' => $row ? (array)json_decode($row['config_data']) : array(),
  72         'mtime' => $row ? $row['ts'] : time(),
  73         'type' => 'db');
  74 }
  75
  76 /**
  77  * Saves user preferences
  78  *
  79  * @param array $config_array configuration array
  80  *
  81  * @return true|PMA_Message
  82  */
  83 function PMA_saveUserprefs(array $config_array)
  84 {
  85     $cfgRelation = PMA_getRelationsParam();
  86     $server = isset($GLOBALS['server'])
  87         ? $GLOBALS['server']
  88         : $GLOBALS['cfg']['ServerDefault'];
  89     $cache_key = 'server_' . $server;
  90     if (! $cfgRelation['userconfigwork']) {
  91         // no pmadb table, use session storage
  92         $_SESSION['userconfig'] = array(
  93             'db' => $config_array,
  94             'ts' => time());
  95         if (isset($_SESSION['cache'][$cache_key]['userprefs'])) {
  96             unset($_SESSION['cache'][$cache_key]['userprefs']);
  97         }
  98         return true;
  99     }
 100
 101     // save configuration to pmadb
 102     $query_table = PMA_Util::backquote($cfgRelation['db']) . '.'
 103         . PMA_Util::backquote($cfgRelation['userconfig']);
 104     $query = 'SELECT `username` FROM ' . $query_table
 105         . ' WHERE `username` = \''
 106         . PMA_Util::sqlAddSlashes($cfgRelation['user'])
 107         . '\'';
 108
 109     $has_config = $GLOBALS['dbi']->fetchValue(
 110         $query, 0, 0, $GLOBALS['controllink']
 111     );
 112     $config_data = json_encode($config_array);
 113     if ($has_config) {
 114         $query = 'UPDATE ' . $query_table
 115             . ' SET `timevalue` = NOW(), `config_data` = \''
 116             . PMA_Util::sqlAddSlashes($config_data)
 117             . '\''
 118             . ' WHERE `username` = \''
 119             . PMA_Util::sqlAddSlashes($cfgRelation['user'])
 120             . '\'';
 121     } else {
 122         $query = 'INSERT INTO ' . $query_table
 123             . ' (`username`, `timevalue`,`config_data`) '
 124             . 'VALUES (\''
 125             . PMA_Util::sqlAddSlashes($cfgRelation['user']) . '\', NOW(), '
 126             . '\'' . PMA_Util::sqlAddSlashes($config_data) . '\')';
 127     }
 128     if (isset($_SESSION['cache'][$cache_key]['userprefs'])) {
 129         unset($_SESSION['cache'][$cache_key]['userprefs']);
 130     }
 131     if (!$GLOBALS['dbi']->tryQuery($query, $GLOBALS['controllink'])) {
 132         $message = PMA_Message::error(__('Could not save configuration'));
 133         $message->addMessage('<br /><br />');
 134         $message->addMessage(
 135             PMA_Message::rawError(
 136                 $GLOBALS['dbi']->getError($GLOBALS['controllink'])
 137             )
 138         );
 139         return $message;
 140     }
 141     return true;
 142 }
 143
 144 /**
 145  * Returns a user preferences array filtered by $cfg['UserprefsDisallow']
 146  * (blacklist) and keys from user preferences form (whitelist)
 147  *
 148  * @param array $config_data path => value pairs
 149  *
 150  * @return array
 151  */
 152 function PMA_applyUserprefs(array $config_data)
 153 {
 154     $cfg = array();
 155     $blacklist = array_flip($GLOBALS['cfg']['UserprefsDisallow']);
 156     if (!$GLOBALS['cfg']['UserprefsDeveloperTab']) {
 157         // disallow everything in the Developers tab
 158         $blacklist['DBG/sql'] = true;
 159     }
 160     $whitelist = array_flip(PMA_readUserprefsFieldNames());
 161     // whitelist some additional fields which are custom handled
 162     $whitelist['ThemeDefault'] = true;
 163     $whitelist['fontsize'] = true;
 164     $whitelist['lang'] = true;
 165     $whitelist['collation_connection'] = true;
 166     $whitelist['Server/hide_db'] = true;
 167     $whitelist['Server/only_db'] = true;
 168     foreach ($config_data as $path => $value) {
 169         if (! isset($whitelist[$path]) || isset($blacklist[$path])) {
 170             continue;
 171         }
 172         PMA_arrayWrite($path, $cfg, $value);
 173     }
 174     return $cfg;
 175 }
 176
 177 /**
 178  * Reads user preferences field names
 179  *
 180  * @param array|null $forms Forms
 181  *
 182  * @return array
 183  */
 184 function PMA_readUserprefsFieldNames(array $forms = null)
 185 {
 186     static $names;
 187
 188     if (defined('TESTSUITE')) {
 189         $names = null;
 190     }
 191
 192     // return cached results
 193     if ($names !== null) {
 194         return $names;
 195     }
 196     if (is_null($forms)) {
 197         $forms = array();
 198         include 'libraries/config/user_preferences.forms.php';
 199     }
 200     $names = array();
 201     foreach ($forms as $formset) {
 202         foreach ($formset as $form) {
 203             foreach ($form as $k => $v) {
 204                 $names[] = is_int($k) ? $v : $k;
 205             }
 206         }
 207     }
 208     return $names;
 209 }
 210
 211 /**
 212  * Updates one user preferences option (loads and saves to database).
 213  *
 214  * No validation is done!
 215  *
 216  * @param string $path          configuration
 217  * @param mixed  $value         value
 218  * @param mixed  $default_value default value
 219  *
 220  * @return void
 221  */
 222 function PMA_persistOption($path, $value, $default_value)
 223 {
 224     $prefs = PMA_loadUserprefs();
 225     if ($value === $default_value) {
 226         if (isset($prefs['config_data'][$path])) {
 227             unset($prefs['config_data'][$path]);
 228         } else {
 229             return;
 230         }
 231     } else {
 232         $prefs['config_data'][$path] = $value;
 233     }
 234     PMA_saveUserprefs($prefs['config_data']);
 235 }
 236
 237 /**
 238  * Redirects after saving new user preferences
 239  *
 240  * @param string $file_name Filename
 241  * @param array  $params    URL parameters
 242  * @param string $hash      Hash value
 243  *
 244  * @return void
 245  */
 246 function PMA_userprefsRedirect($file_name,
 247     $params = null, $hash = null
 248 ) {
 249     // redirect
 250     $url_params = array('saved' => 1);
 251     if (is_array($params)) {
 252         $url_params = array_merge($params, $url_params);
 253     }
 254     if ($hash) {
 255         $hash = '#' . urlencode($hash);
 256     }
 257     PMA_sendHeaderLocation(
 258         $GLOBALS['cfg']['PmaAbsoluteUri'] . $file_name
 259         . PMA_URL_getCommon($url_params, '&') . $hash
 260     );
 261 }
 262
 263 /**
 264  * Shows form which allows to quickly load
 265  * settings stored in browser's local storage
 266  *
 267  * @return string
 268  */
 269 function PMA_userprefsAutoloadGetHeader()
 270 {
 271     if (isset($_REQUEST['prefs_autoload'])
 272         && $_REQUEST['prefs_autoload'] == 'hide'
 273     ) {
 274         $_SESSION['userprefs_autoload'] = true;
 275         return '';
 276     }
 277
 278     $script_name = basename(basename($GLOBALS['PMA_PHP_SELF']));
 279     $return_url = htmlspecialchars(
 280         $script_name . '?' . http_build_query($_GET, '', '&')
 281     );
 282
 283     return PMA\Template::get('prefs_autoload')
 284         ->render(
 285             array(
 286                 'hiddenInputs' => PMA_URL_getHiddenInputs(),
 287                 'return_url' => $return_url,
 288             )
 289         );
 290 }