search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Translated using Weblate (Hebrew)
[phpmyadmin.git] / index.php
blobcc492e77ee0b70da64a91eabe66853c92cc56d91
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * Main loader script
5 *
6 * @package PhpMyAdmin
7 */
8 use PhpMyAdmin\Charsets;
9 use PhpMyAdmin\Config;
10 use PhpMyAdmin\Core;
11 use PhpMyAdmin\Display\GitRevision;
12 use PhpMyAdmin\LanguageManager;
13 use PhpMyAdmin\Message;
14 use PhpMyAdmin\RecentFavoriteTable;
15 use PhpMyAdmin\Relation;
16 use PhpMyAdmin\Response;
17 use PhpMyAdmin\Sanitize;
18 use PhpMyAdmin\Server\Select;
19 use PhpMyAdmin\ThemeManager;
20 use PhpMyAdmin\Url;
21 use PhpMyAdmin\Util;
22
23 /**
24 * Gets some core libraries and displays a top message if required
25 */
26 require_once 'libraries/common.inc.php';
27
28 /**
29 * pass variables to child pages
30 */
31 $drops = array(
32 'lang',
33 'server',
34 'collation_connection',
35 'db',
36 'table'
37 );
38 foreach ($drops as $each_drop) {
39 if (array_key_exists($each_drop, $_GET)) {
40 unset($_GET[$each_drop]);
41 }
42 }
43 unset($drops, $each_drop);
44
45 /*
46 * Black list of all scripts to which front-end must submit data.
47 * Such scripts must not be loaded on home page.
48 *
49 */
50 $target_blacklist = array (
51 'import.php', 'export.php'
52 );
53
54 // If we have a valid target, let's load that script instead
55 if (! empty($_REQUEST['target'])
56 && is_string($_REQUEST['target'])
57 && ! preg_match('/^index/', $_REQUEST['target'])
58 && ! in_array($_REQUEST['target'], $target_blacklist)
59 && Core::checkPageValidity($_REQUEST['target'])
60 ) {
61 include $_REQUEST['target'];
62 exit;
63 }
64
65 if (isset($_REQUEST['ajax_request']) && ! empty($_REQUEST['access_time'])) {
66 exit;
67 }
68
69 // user selected font size
70 if (isset($_POST['set_fontsize']) && preg_match('/^[0-9.]+(px|em|pt|\%)$/', $_POST['set_fontsize'])) {
71 $GLOBALS['PMA_Config']->setUserValue(
72 null,
73 'FontSize',
74 $_POST['set_fontsize'],
75 '82%'
76 );
77 header('Location: index.php' . Url::getCommonRaw());
78 exit();
79 }
80 // if user selected a theme
81 if (isset($_POST['set_theme'])) {
82 $tmanager = ThemeManager::getInstance();
83 $tmanager->setActiveTheme($_POST['set_theme']);
84 $tmanager->setThemeCookie();
85 header('Location: index.php' . Url::getCommonRaw());
86 exit();
87 }
88 // Change collation connection
89 if (isset($_POST['collation_connection'])) {
90 $GLOBALS['PMA_Config']->setUserValue(
91 null,
92 'DefaultConnectionCollation',
93 $_POST['collation_connection'],
94 'utf8mb4_unicode_ci'
95 );
96 header('Location: index.php' . Url::getCommonRaw());
97 exit();
98 }
99
100
101 // See FAQ 1.34
102 if (! empty($_REQUEST['db'])) {
103 $page = null;
104 if (! empty($_REQUEST['table'])) {
105 $page = Util::getScriptNameForOption(
106 $GLOBALS['cfg']['DefaultTabTable'], 'table'
107 );
108 } else {
109 $page = Util::getScriptNameForOption(
110 $GLOBALS['cfg']['DefaultTabDatabase'], 'database'
111 );
112 }
113 include $page;
114 exit;
115 }
116
117 $response = Response::getInstance();
118 /**
119 * Check if it is an ajax request to reload the recent tables list.
120 */
121 if ($response->isAjax() && ! empty($_REQUEST['recent_table'])) {
122 $response->addJSON(
123 'list',
124 RecentFavoriteTable::getInstance('recent')->getHtmlList()
125 );
126 exit;
127 }
128
129 if ($GLOBALS['PMA_Config']->isGitRevision()) {
130 if (isset($_REQUEST['git_revision']) && $response->isAjax()) {
131 GitRevision::display();
132 exit;
133 }
134 echo '<div id="is_git_revision"></div>';
135 }
136
137 // Handles some variables that may have been sent by the calling script
138 $GLOBALS['db'] = '';
139 $GLOBALS['table'] = '';
140 $show_query = '1';
141
142 // Any message to display?
143 if (! empty($message)) {
144 echo Util::getMessage($message);
145 unset($message);
146 }
147 if (isset($_SESSION['partial_logout'])) {
148 Message::success(
149 __('You were logged out from one server, to logout completely from phpMyAdmin, you need to logout from all servers.')
150 )->display();
151 unset($_SESSION['partial_logout']);
152 }
153
154 $common_url_query = Url::getCommon();
155 $mysql_cur_user_and_host = '';
156
157 // when $server > 0, a server has been chosen so we can display
158 // all MySQL-related information
159 if ($server > 0) {
160 include 'libraries/server_common.inc.php';
161
162 // Use the verbose name of the server instead of the hostname
163 // if a value is set
164 $server_info = '';
165 if (! empty($cfg['Server']['verbose'])) {
166 $server_info .= htmlspecialchars($cfg['Server']['verbose']);
167 if ($GLOBALS['cfg']['ShowServerInfo']) {
168 $server_info .= ' (';
169 }
170 }
171 if ($GLOBALS['cfg']['ShowServerInfo'] || empty($cfg['Server']['verbose'])) {
172 $server_info .= $GLOBALS['dbi']->getHostInfo();
173 }
174 if (! empty($cfg['Server']['verbose']) && $GLOBALS['cfg']['ShowServerInfo']) {
175 $server_info .= ')';
176 }
177 $mysql_cur_user_and_host = $GLOBALS['dbi']->fetchValue('SELECT USER();');
178
179 // should we add the port info here?
180 $short_server_info = (!empty($GLOBALS['cfg']['Server']['verbose'])
181 ? $GLOBALS['cfg']['Server']['verbose']
182 : $GLOBALS['cfg']['Server']['host']);
183 }
184
185 echo '<div id="maincontainer">' , "\n";
186 // Anchor for favorite tables synchronization.
187 echo RecentFavoriteTable::getInstance('favorite')->getHtmlSyncFavoriteTables();
188 echo '<div id="main_pane_left">';
189 if ($server > 0 || count($cfg['Servers']) > 1
190 ) {
191 if ($cfg['DBG']['demo']) {
192 echo '<div class="group">';
193 echo '<h2>' , __('phpMyAdmin Demo Server') , '</h2>';
194 echo '<p class="cfg_dbg_demo">';
195 printf(
196 __(
197 'You are using the demo server. You can do anything here, but '
198 . 'please do not change root, debian-sys-maint and pma users. '
199 . 'More information is available at %s.'
200 ),
201 '<a href="url.php?url=https://demo.phpmyadmin.net/" target="_blank" rel="noopener noreferrer">demo.phpmyadmin.net</a>'
202 );
203 echo '</p>';
204 echo '</div>';
205 }
206 echo '<div class="group">';
207 echo '<h2>' , __('General settings') , '</h2>';
208 echo '<ul>';
209
210 /**
211 * Displays the MySQL servers choice form
212 */
213 if ($cfg['ServerDefault'] == 0
214 || (! $cfg['NavigationDisplayServers']
215 && (count($cfg['Servers']) > 1
216 || ($server == 0 && count($cfg['Servers']) == 1)))
217 ) {
218 echo '<li id="li_select_server" class="no_bullets" >';
219 echo Util::getImage('s_host') , " "
220 , Select::render(true, true);
221 echo '</li>';
222 }
223
224 /**
225 * Displays the mysql server related links
226 */
227 if ($server > 0) {
228 include_once 'libraries/check_user_privileges.inc.php';
229
230 // Logout for advanced authentication
231 if ($cfg['Server']['auth_type'] != 'config') {
232 if ($cfg['ShowChgPassword']) {
233 $conditional_class = 'ajax';
234 Core::printListItem(
235 Util::getImage('s_passwd') . "&nbsp;" . __(
236 'Change password'
237 ),
238 'li_change_password',
239 'user_password.php' . $common_url_query,
240 null,
241 null,
242 'change_password_anchor',
243 "no_bullets",
244 $conditional_class
245 );
246 }
247 } // end if
248 echo ' <li id="li_select_mysql_collation" class="no_bullets" >';
249 echo ' <form class="disableAjax" method="post" action="index.php">' , "\n"
250 . Url::getHiddenInputs(null, null, 4, 'collation_connection')
251 . ' <label for="select_collation_connection">' . "\n"
252 . ' ' . Util::getImage('s_asci')
253 . "&nbsp;" . __('Server connection collation') . "\n"
254 // put the doc link in the form so that it appears on the same line
255 . Util::showMySQLDocu('Charset-connection')
256 . ': ' . "\n"
257 . ' </label>' . "\n"
258
259 . Charsets::getCollationDropdownBox(
260 $GLOBALS['dbi'],
261 $GLOBALS['cfg']['Server']['DisableIS'],
262 'collation_connection',
263 'select_collation_connection',
264 $collation_connection,
265 true,
266 true
267 )
268 . ' </form>' . "\n"
269 . ' </li>' . "\n";
270 } // end of if ($server > 0)
271 echo '</ul>';
272 echo '</div>';
273 }
274
275 echo '<div class="group">';
276 echo '<h2>' , __('Appearance settings') , '</h2>';
277 echo ' <ul>';
278
279 // Displays language selection combo
280 $language_manager = LanguageManager::getInstance();
281 if (empty($cfg['Lang']) && $language_manager->hasChoice()) {
282 echo '<li id="li_select_lang" class="no_bullets">';
283
284 echo Util::getImage('s_lang') , " "
285 , $language_manager->getSelectorDisplay();
286 echo '</li>';
287 }
288
289 // ThemeManager if available
290
291 if ($GLOBALS['cfg']['ThemeManager']) {
292 echo '<li id="li_select_theme" class="no_bullets">';
293 echo Util::getImage('s_theme') , " "
294 , ThemeManager::getInstance()->getHtmlSelectBox();
295 echo '</li>';
296 }
297 echo '<li id="li_select_fontsize">';
298 echo Config::getFontsizeForm();
299 echo '</li>';
300
301 echo '</ul>';
302
303 // User preferences
304
305 if ($server > 0) {
306 echo '<ul>';
307 Core::printListItem(
308 Util::getImage('b_tblops') . "&nbsp;" . __(
309 'More settings'
310 ),
311 'li_user_preferences',
312 'prefs_manage.php' . $common_url_query,
313 null,
314 null,
315 null,
316 "no_bullets"
317 );
318 echo '</ul>';
319 }
320
321 echo '</div>';
322
323
324 echo '</div>';
325 echo '<div id="main_pane_right">';
326
327
328 if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
329
330 echo '<div class="group">';
331 echo '<h2>' , __('Database server') , '</h2>';
332 echo '<ul>' , "\n";
333 Core::printListItem(
334 __('Server:') . ' ' . $server_info,
335 'li_server_info'
336 );
337 Core::printListItem(
338 __('Server type:') . ' ' . Util::getServerType(),
339 'li_server_type'
340 );
341 Core::printListItem(
342 __('Server connection:') . ' ' . Util::getServerSSL(),
343 'li_server_type'
344 );
345 Core::printListItem(
346 __('Server version:')
347 . ' '
348 . $GLOBALS['dbi']->getVersionString() . ' - ' . $GLOBALS['dbi']->getVersionComment(),
349 'li_server_version'
350 );
351 Core::printListItem(
352 __('Protocol version:') . ' ' . $GLOBALS['dbi']->getProtoInfo(),
353 'li_mysql_proto'
354 );
355 Core::printListItem(
356 __('User:') . ' ' . htmlspecialchars($mysql_cur_user_and_host),
357 'li_user_info'
358 );
359
360 echo ' <li id="li_select_mysql_charset">';
361 echo ' ' , __('Server charset:') , ' '
362 . ' <span lang="en" dir="ltr">';
363 $unicode = Charsets::$mysql_charset_map['utf-8'];
364 $charsets = Charsets::getMySQLCharsetsDescriptions(
365 $GLOBALS['dbi'],
366 $GLOBALS['cfg']['Server']['DisableIS']
367 );
368 echo ' ' , $charsets[$unicode], ' (' . $unicode, ')';
369 echo ' </span>'
370 . ' </li>'
371 . ' </ul>'
372 . ' </div>';
373 }
374
375 if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
376 echo '<div class="group">';
377 echo '<h2>' , __('Web server') , '</h2>';
378 echo '<ul>';
379 if ($GLOBALS['cfg']['ShowServerInfo']) {
380 Core::printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
381
382 if ($server > 0) {
383 $client_version_str = $GLOBALS['dbi']->getClientInfo();
384 if (preg_match('#\d+\.\d+\.\d+#', $client_version_str)) {
385 $client_version_str = 'libmysql - ' . $client_version_str;
386 }
387 Core::printListItem(
388 __('Database client version:') . ' ' . $client_version_str,
389 'li_mysql_client_version'
390 );
391
392 $php_ext_string = __('PHP extension:') . ' ';
393
394 $extensions = Util::listPHPExtensions();
395
396 foreach ($extensions as $extension) {
397 $php_ext_string .= ' ' . $extension
398 . Util::showPHPDocu('book.' . $extension . '.php');
399 }
400
401 Core::printListItem(
402 $php_ext_string,
403 'li_used_php_extension'
404 );
405
406 $php_version_string = __('PHP version:') . ' ' . phpversion();
407
408 Core::printListItem(
409 $php_version_string,
410 'li_used_php_version'
411 );
412 }
413 }
414
415 if ($cfg['ShowPhpInfo']) {
416 Core::printListItem(
417 __('Show PHP information'),
418 'li_phpinfo',
419 'phpinfo.php' . $common_url_query,
420 null,
421 '_blank'
422 );
423 }
424 echo ' </ul>';
425 echo ' </div>';
426 }
427
428 echo '<div class="group pmagroup">';
429 echo '<h2>phpMyAdmin</h2>';
430 echo '<ul>';
431 $class = null;
432 if ($GLOBALS['cfg']['VersionCheck']) {
433 $class = 'jsversioncheck';
434 }
435 Core::printListItem(
436 __('Version information:') . ' <span class="version">' . PMA_VERSION . '</span>',
437 'li_pma_version',
438 null,
439 null,
440 null,
441 null,
442 $class
443 );
444 Core::printListItem(
445 __('Documentation'),
446 'li_pma_docs',
447 Util::getDocuLink('index'),
448 null,
449 '_blank'
450 );
451
452 // does not work if no target specified, don't know why
453 Core::printListItem(
454 __('Official Homepage'),
455 'li_pma_homepage',
456 Core::linkURL('https://www.phpmyadmin.net/'),
457 null,
458 '_blank'
459 );
460 Core::printListItem(
461 __('Contribute'),
462 'li_pma_contribute',
463 Core::linkURL('https://www.phpmyadmin.net/contribute/'),
464 null,
465 '_blank'
466 );
467 Core::printListItem(
468 __('Get support'),
469 'li_pma_support',
470 Core::linkURL('https://www.phpmyadmin.net/support/'),
471 null,
472 '_blank'
473 );
474 Core::printListItem(
475 __('List of changes'),
476 'li_pma_changes',
477 'changelog.php' . Url::getCommon(),
478 null,
479 '_blank'
480 );
481 Core::printListItem(
482 __('License'),
483 'li_pma_license',
484 'license.php' . Url::getCommon(),
485 null,
486 '_blank'
487 );
488 echo ' </ul>';
489 echo ' </div>';
490
491 echo '</div>';
492
493 echo '</div>';
494
495 /**
496 * mbstring is used for handling multibytes inside parser, so it is good
497 * to tell user something might be broken without it, see bug #1063149.
498 */
499 if (! extension_loaded('mbstring')) {
500 trigger_error(
501 __(
502 'The mbstring PHP extension was not found and you seem to be using'
503 . ' a multibyte charset. Without the mbstring extension phpMyAdmin'
504 . ' is unable to split strings correctly and it may result in'
505 . ' unexpected results.'
506 ),
507 E_USER_WARNING
508 );
509 }
510
511 /**
512 * Missing functionality
513 */
514 if (! extension_loaded('curl') && ! ini_get('allow_url_fopen')) {
515 trigger_error(
516 __(
517 'The curl extension was not found and allow_url_fopen is '
518 . 'disabled. Due to this some features such as error reporting '
519 . 'or version check are disabled.'
520 )
521 );
522 }
523
524 if ($cfg['LoginCookieValidityDisableWarning'] == false) {
525 /**
526 * Check whether session.gc_maxlifetime limits session validity.
527 */
528 $gc_time = (int)ini_get('session.gc_maxlifetime');
529 if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
530 trigger_error(
531 __(
532 'Your PHP parameter [a@https://secure.php.net/manual/en/session.' .
533 'configuration.php#ini.session.gc-maxlifetime@_blank]session.' .
534 'gc_maxlifetime[/a] is lower than cookie validity configured ' .
535 'in phpMyAdmin, because of this, your login might expire sooner ' .
536 'than configured in phpMyAdmin.'
537 ),
538 E_USER_WARNING
539 );
540 }
541 }
542
543 /**
544 * Check whether LoginCookieValidity is limited by LoginCookieStore.
545 */
546 if ($GLOBALS['cfg']['LoginCookieStore'] != 0
547 && $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']
548 ) {
549 trigger_error(
550 __(
551 'Login cookie store is lower than cookie validity configured in ' .
552 'phpMyAdmin, because of this, your login will expire sooner than ' .
553 'configured in phpMyAdmin.'
554 ),
555 E_USER_WARNING
556 );
557 }
558
559 /**
560 * Check if user does not have defined blowfish secret and it is being used.
561 */
562 if (! empty($_SESSION['encryption_key'])) {
563 if (empty($GLOBALS['cfg']['blowfish_secret'])) {
564 trigger_error(
565 __(
566 'The configuration file now needs a secret passphrase (blowfish_secret).'
567 ),
568 E_USER_WARNING
569 );
570 } elseif (strlen($GLOBALS['cfg']['blowfish_secret']) < 32) {
571 trigger_error(
572 __(
573 'The secret passphrase in configuration (blowfish_secret) is too short.'
574 ),
575 E_USER_WARNING
576 );
577 }
578 }
579
580 /**
581 * Check for existence of config directory which should not exist in
582 * production environment.
583 */
584 if (@file_exists('config')) {
585 trigger_error(
586 __(
587 'Directory [code]config[/code], which is used by the setup script, ' .
588 'still exists in your phpMyAdmin directory. It is strongly ' .
589 'recommended to remove it once phpMyAdmin has been configured. ' .
590 'Otherwise the security of your server may be compromised by ' .
591 'unauthorized people downloading your configuration.'
592 ),
593 E_USER_WARNING
594 );
595 }
596
597 $relation = new Relation();
598
599 if ($server > 0) {
600 $cfgRelation = $relation->getRelationsParam();
601 if (! $cfgRelation['allworks']
602 && $cfg['PmaNoRelation_DisableWarning'] == false
603 ) {
604 $msg_text = __(
605 'The phpMyAdmin configuration storage is not completely '
606 . 'configured, some extended features have been deactivated. '
607 . '%sFind out why%s. '
608 );
609 if ($cfg['ZeroConf'] == true) {
610 $msg_text .= '<br>' .
611 __(
612 'Or alternately go to \'Operations\' tab of any database '
613 . 'to set it up there.'
614 );
615 }
616 $msg = Message::notice($msg_text);
617 $msg->addParamHtml('<a href="./chk_rel.php' . $common_url_query . '">');
618 $msg->addParamHtml('</a>');
619 /* Show error if user has configured something, notice elsewhere */
620 if (!empty($cfg['Servers'][$server]['pmadb'])) {
621 $msg->isError(true);
622 }
623 $msg->display();
624 } // end if
625 }
626
627 /**
628 * Warning about Suhosin only if its simulation mode is not enabled
629 */
630 if ($cfg['SuhosinDisableWarning'] == false
631 && ini_get('suhosin.request.max_value_length')
632 && ini_get('suhosin.simulation') == '0'
633 ) {
634 trigger_error(
635 sprintf(
636 __(
637 'Server running with Suhosin. Please refer to %sdocumentation%s ' .
638 'for possible issues.'
639 ),
640 '[doc@faq1-38]',
641 '[/doc]'
642 ),
643 E_USER_WARNING
644 );
645 }
646
647 /* Missing template cache */
648 if (is_null($GLOBALS['PMA_Config']->getTempDir('twig'))) {
649 trigger_error(
650 sprintf(
651 __('The $cfg[\'TempDir\'] (%s) is not accessible. phpMyAdmin is not able to cache templates and will be slow because of this.'),
652 $GLOBALS['PMA_Config']->get('TempDir')
653 ),
654 E_USER_WARNING
655 );
656 }
657
658 /**
659 * Warning about incomplete translations.
660 *
661 * The data file is created while creating release by ./scripts/remove-incomplete-mo
662 */
663 if (@file_exists('libraries/language_stats.inc.php')) {
664 include 'libraries/language_stats.inc.php';
665 /*
666 * This message is intentionally not translated, because we're
667 * handling incomplete translations here and focus on english
668 * speaking users.
669 */
670 if (isset($GLOBALS['language_stats'][$lang])
671 && $GLOBALS['language_stats'][$lang] < $cfg['TranslationWarningThreshold']
672 ) {
673 trigger_error(
674 'You are using an incomplete translation, please help to make it '
675 . 'better by [a@https://www.phpmyadmin.net/translate/'
676 . '@_blank]contributing[/a].',
677 E_USER_NOTICE
678 );
679 }
680 }
phpMyAdmin