search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Translated using Weblate (Slovenian)
[phpmyadmin.git] / libraries / classes / Url.php
blob0ae483e11fb37105ffb99e064a6aaa84068233fc
1 <?php
2 /**
3 * Static methods for URL/hidden inputs generating
4 */
5
6 declare(strict_types=1);
7
8 namespace PhpMyAdmin;
9
10 use function htmlentities;
11 use function htmlspecialchars;
12 use function http_build_query;
13 use function ini_get;
14 use function is_array;
15 use function mb_strpos;
16 use function strlen;
17
18 /**
19 * Static methods for URL/hidden inputs generating
20 */
21 class Url
22 {
23 /**
24 * Generates text with hidden inputs.
25 *
26 * @see Url::getCommon()
27 *
28 * @param string|array $db optional database name
29 * (can also be an array of parameters)
30 * @param string $table optional table name
31 * @param int $indent indenting level
32 * @param string|array $skip do not generate a hidden field for this parameter
33 * (can be an array of strings)
34 *
35 * @return string string with input fields
36 *
37 * @access public
38 */
39 public static function getHiddenInputs(
40 $db = '',
41 $table = '',
42 $indent = 0,
43 $skip = []
44 ) {
45 global $config;
46
47 if (is_array($db)) {
48 $params =& $db;
49 } else {
50 $params = [];
51 if (strlen((string) $db) > 0) {
52 $params['db'] = $db;
53 }
54
55 if (strlen((string) $table) > 0) {
56 $params['table'] = $table;
57 }
58 }
59
60 if (
61 ! empty($GLOBALS['server'])
62 && $GLOBALS['server'] != $GLOBALS['cfg']['ServerDefault']
63 ) {
64 $params['server'] = $GLOBALS['server'];
65 }
66
67 if (empty($config->getCookie('pma_lang')) && ! empty($GLOBALS['lang'])) {
68 $params['lang'] = $GLOBALS['lang'];
69 }
70
71 if (! is_array($skip)) {
72 if (isset($params[$skip])) {
73 unset($params[$skip]);
74 }
75 } else {
76 foreach ($skip as $skipping) {
77 if (! isset($params[$skipping])) {
78 continue;
79 }
80
81 unset($params[$skipping]);
82 }
83 }
84
85 return self::getHiddenFields($params);
86 }
87
88 /**
89 * create hidden form fields from array with name => value
90 *
91 * <code>
92 * $values = array(
93 * 'aaa' => aaa,
94 * 'bbb' => array(
95 * 'bbb_0',
96 * 'bbb_1',
97 * ),
98 * 'ccc' => array(
99 * 'a' => 'ccc_a',
100 * 'b' => 'ccc_b',
101 * ),
102 * );
103 * echo Url::getHiddenFields($values);
104 *
105 * // produces:
106 * <input type="hidden" name="aaa" Value="aaa">
107 * <input type="hidden" name="bbb[0]" Value="bbb_0">
108 * <input type="hidden" name="bbb[1]" Value="bbb_1">
109 * <input type="hidden" name="ccc[a]" Value="ccc_a">
110 * <input type="hidden" name="ccc[b]" Value="ccc_b">
111 * </code>
112 *
113 * @param array $values hidden values
114 * @param string $pre prefix
115 * @param bool $is_token if token already added in hidden input field
116 *
117 * @return string form fields of type hidden
118 */
119 public static function getHiddenFields(array $values, $pre = '', $is_token = false)
120 {
121 $fields = '';
122
123 /* Always include token in plain forms */
124 if ($is_token === false) {
125 $values['token'] = $_SESSION[' PMA_token '];
126 }
127
128 foreach ($values as $name => $value) {
129 if (! empty($pre)) {
130 $name = $pre . '[' . $name . ']';
131 }
132
133 if (is_array($value)) {
134 $fields .= self::getHiddenFields($value, $name, true);
135 } else {
136 // do not generate an ending "\n" because
137 // Url::getHiddenInputs() is sometimes called
138 // from a JS document.write()
139 $fields .= '<input type="hidden" name="' . htmlspecialchars((string) $name)
140 . '" value="' . htmlspecialchars((string) $value) . '">';
141 }
142 }
143
144 return $fields;
145 }
146
147 /**
148 * Generates text with URL parameters.
149 *
150 * <code>
151 * $params['myparam'] = 'myvalue';
152 * $params['db'] = 'mysql';
153 * $params['table'] = 'rights';
154 * // note the missing ?
155 * echo 'script.php' . Url::getCommon($params);
156 * // produces with cookies enabled:
157 * // script.php?myparam=myvalue&db=mysql&table=rights
158 * // with cookies disabled:
159 * // script.php?server=1&lang=en&myparam=myvalue&db=mysql
160 * // &table=rights
161 *
162 * // note the missing ?
163 * echo 'script.php' . Url::getCommon();
164 * // produces with cookies enabled:
165 * // script.php
166 * // with cookies disabled:
167 * // script.php?server=1&lang=en
168 * </code>
169 *
170 * @param array<string,int|string|bool> $params optional, Contains an associative array with url params
171 * @param string $divider optional character to use instead of '?'
172 *
173 * @return string string with URL parameters
174 *
175 * @access public
176 */
177 public static function getCommon(array $params = [], $divider = '?')
178 {
179 return self::getCommonRaw($params, $divider);
180 }
181
182 /**
183 * Generates text with URL parameters.
184 *
185 * <code>
186 * $params['myparam'] = 'myvalue';
187 * $params['db'] = 'mysql';
188 * $params['table'] = 'rights';
189 * // note the missing ?
190 * echo 'script.php' . Url::getCommon($params);
191 * // produces with cookies enabled:
192 * // script.php?myparam=myvalue&db=mysql&table=rights
193 * // with cookies disabled:
194 * // script.php?server=1&lang=en&myparam=myvalue&db=mysql
195 * // &table=rights
196 *
197 * // note the missing ?
198 * echo 'script.php' . Url::getCommon();
199 * // produces with cookies enabled:
200 * // script.php
201 * // with cookies disabled:
202 * // script.php?server=1&lang=en
203 * </code>
204 *
205 * @param array<string|int,int|string|bool> $params optional, Contains an associative array with url params
206 * @param string $divider optional character to use instead of '?'
207 *
208 * @return string string with URL parameters
209 *
210 * @access public
211 */
212 public static function getCommonRaw(array $params = [], $divider = '?')
213 {
214 global $config;
215
216 $separator = self::getArgSeparator();
217
218 // avoid overwriting when creating navigation panel links to servers
219 if (
220 isset($GLOBALS['server'])
221 && $GLOBALS['server'] != $GLOBALS['cfg']['ServerDefault']
222 && ! isset($params['server'])
223 && ! $config->get('is_setup')
224 ) {
225 $params['server'] = $GLOBALS['server'];
226 }
227
228 // Can be null when the user is missing an extension.
229 // See: Core::checkExtensions()
230 if ($config !== null && empty($config->getCookie('pma_lang')) && ! empty($GLOBALS['lang'])) {
231 $params['lang'] = $GLOBALS['lang'];
232 }
233
234 $query = http_build_query($params, '', $separator);
235
236 if (($divider !== '?' && $divider !== '&') || strlen($query) > 0) {
237 return $divider . $query;
238 }
239
240 return '';
241 }
242
243 /**
244 * Returns url separator
245 *
246 * extracted from arg_separator.input as set in php.ini
247 * we do not use arg_separator.output to avoid problems with & and &
248 *
249 * @param string $encode whether to encode separator or not,
250 * currently 'none' or 'html'
251 *
252 * @return string character used for separating url parts usually ; or &
253 *
254 * @access public
255 */
256 public static function getArgSeparator($encode = 'none')
257 {
258 static $separator = null;
259 static $html_separator = null;
260
261 if ($separator === null) {
262 // use separators defined by php, but prefer ';'
263 // as recommended by W3C
264 // (see https://www.w3.org/TR/1999/REC-html401-19991224/appendix
265 // /notes.html#h-B.2.2)
266 $arg_separator = (string) ini_get('arg_separator.input');
267 if (mb_strpos($arg_separator, ';') !== false) {
268 $separator = ';';
269 } elseif (strlen($arg_separator) > 0) {
270 $separator = $arg_separator[0];
271 } else {
272 $separator = '&';
273 }
274
275 $html_separator = htmlentities($separator);
276 }
277
278 switch ($encode) {
279 case 'html':
280 return $html_separator;
281
282 case 'text':
283 case 'none':
284 default:
285 return $separator;
286 }
287 }
288
289 /**
290 * @param string $route Route to use
291 * @param array $additionalParameters Additional URL parameters
292 */
293 public static function getFromRoute(string $route, array $additionalParameters = []): string
294 {
295 return 'index.php?route=' . $route . self::getCommon($additionalParameters, '&');
296 }
297 }
phpMyAdmin